Upgrade Your Drupal Skills

We trained 1,000+ Drupal Developers over the last decade.

See Advanced Courses NAH, I know Enough
Nov 09 2020
Nov 09

[embedded content]

Sarah Durham (00:02):

Hey everybody. Welcome to today’s webinar. I am Sarah Durham, and I am going to briefly introduce my colleagues. They will talk a little bit more in a minute and also we’d love you to introduce yourself as people start to arrive. If you are comfortable doing so, you’ll see a chat panel. And if you could chat in to us your name, the name of your organization, your pronouns, and where you are, where you are geographically, so who you are and where you are, would be great. Theresa, you want to say hi. 

Theresa Gutierrez Jacobs (00:50):

Hi, I’m Theresa Gutierrez Jacobs. I am a project manager at Advomatic. And for today, I’m going to just quickly chat my email. If you have any, I don’t know, tech issues or questions or anything like that, that is more tech related to this webinar. Feel free to reach out to me via my email. Otherwise, you can always chat or ask questions, particularly for this webinar here. And Dave, you want to say a quick hi, before we get rolling.

Dave Hansen-Lange (01:18):

Hello. I’m Dave Hansen-Lange and where I am, I’m about an hour from Toronto. I’m the director of technical strategy at Advomatic. I’ve been with Advomatic for about 13 years. And I’ve been doing work with nonprofits in the web for maybe about 15 or 17 years.

Sarah Durham (01:42):

Okay. So we’ve got a bunch of people who are already with us, a few more people who might join us in the next couple of minutes, but just to keep the ball rolling and use your time thoughtfully, we’re going to dig into our content for today. And as I said a little bit earlier, I will reintroduce myself. I’m Sarah Durham, I’m the CEO of Advomatic and also Advomatic sister agency, Big Duck. Some of you may have noticed that the Zoom we’re using today is a Big Duck/Advomatic shared Zoom. So if you’re wondering what the connection is, there’s some common leadership across both companies. For those of you who might know Big Duck, but don’t know Advomatic, Advomatic builds sturdy sites that support change. We build, and we support websites in Drupal and in WordPress. And Advomatic has been around now for, I think almost 15 years, although it’s partnership and collaboration with Big Duck and my coming into the company is relatively new.

Sarah Durham (02:43):

It’s about, I’ve been in it about two years. And so Dave is going to really take us through our topic today. And Dave, you could advance to your next slide, if you would like, which is this, what should you do with your Drupal 7 website? So Dave’s gonna talk us through why this is an issue and a few other things in a minute. What I am going to do throughout this conversation is I am going to be monitoring both the chat that you can see in the bottom of your screen, a little button that says chat. And if you click on that, you have the ability to either chat privately to the panelists. So if you want to ask a question confidentially, or you don’t want everybody who’s here to see it, just chat to the panelists and only Dave and Theresa and I will see it.

Sarah Durham (03:26):

If you want to chat to everybody and share who you are, like shout out to Rick, who’s already done that. He’s from the National Council of Nonprofits and he’s in the DC area. If you want to share your information with the panelists or to everybody, you can chat to all attendees. Also, you have the ability to specifically ask questions. There’s a Q&A feature in Zoom Webinar. And that will give me the ability to keep an eye on your questions. And some of them I can type back to you and others will be addressed verbally. So throughout the presentation, I’ll be monitoring all of that and we will address your questions perhaps as we go on, certainly at the end if it doesn’t make sense to do so in the webinar. So don’t hesitate to chat, don’t hesitate to ask questions. We are recording today’s session and Theresa will be sending out an email with a link to that recording and the transcript and the resources we’re mentioning later this week or early next week. So you will have all of this and you can share it with any colleagues if that is useful. So with that, we are going to get rolling over to you, Dave, and thanks, Theresa.

Dave Hansen-Lange (04:44):

Okay. Thank you, Sarah. All right. So to kick things off before we get into the details of all the different things that you can do with your website and what might be best for you I thought we should start with some backstory about like, why we’re at this spot and like, what does end of life even mean? Like, it’s software, how can software… and it really all comes down to security. And just to explain a little bit about how security in Drupal works, there is the Drupal security team, and that’s a team of about a dozen people all across the world. And then there’s a group of people even wider than that who contribute things to the team and say, Oh, this could be a problem. We should look into this. And people on the security team, you know, a lot of their time is paid for by their employers or their clients, but a lot of their time they’re just volunteering for free.

Dave Hansen-Lange (05:50):

And you know, there’s a lot of commitment there. Like, they have weeks on call and stuff like that, because security is very important to the Drupal community. And so we don’t want to have those people working forever for free. So the Drupal community at large has decided, okay, thank you for your time of service, people on the Drupal security team, we will let you go after this date. Some of those people work on AAA too. But people are generally committed for like Drupal 7. And so the original date for the end of Drupal 7 was going to be November, 2021. But then COVID happened and the Drupal community decided, okay, there’s this extenuating circumstance. We’ll give everybody one more year to figure out what they’re going to do. So now that the end of life date for Drupal 7 is November 2022, two years from now. 

Dave Hansen-Lange (06:56):

Drupal 8, just as an aside, it’s not really what we’re talking about today. Drupal 8, the end of life is November 2021, a year from now. That’s not what we’re talking about today. And thankfully, if you do have any AAA sites, the situation is a lot simpler. And if you want to get into that a little bit more possibly we could at the end of the presentation. Okay. So today we are going to first cover: these are the options that you have in dealing with your Drupal 7 websites. Then we’re going to look at some example scenarios. And by that, I mean like, okay, here’s an organization, they have a website like this, and because of that, they might consider scenario x. And then I’m going to pass things over to Sarah. And Sarah is going to dive into more of the organizational things, like, how do you plan for this and how do you work with this within your organization? All right. 

Sarah Durham (08:15):

Hang on one second, Dave, before we dig into this, I also just want to remind everybody feel free to chat in questions and comments as you go, and we’re going to take pauses in between each of these sections. So if you have, as Dave goes through the options, if you have a specific question about one of the options, and it seems like it’s universal to some of the other people who are participating today, I’ll probably pop in and ask that otherwise we’ll save Q&A for the end. Alright, sorry for the interruption.

Dave Hansen-Lange (08:41):

No, no, all good. I’m also going to be muting every now and then to take a sip of tea. I’ve got a sore throat. It’s not, COVID, it’s just a cold. And yeah, so I’ll be pausing too, as I go. Okay. So what are your options? So I’ve grouped these into four main options, and these are listed in terms of most expensive, to least expensive, most expensive option being start from scratch and build a new website for most people with a Drupal 7 website your main options are move to Drupal 9 or create something in WordPress. There’s some other options that you might consider, but those are the two that are applicable to most people. Option B is upgrade to Drupal 9 and immediately you’re probably thinking what is upgrading to Drupal 9? How is that different from building a website and Drupal 8? And I’ll explain that when we get there, another option is to switch to something called Backdrop. Many of you have probably never heard of Backdrop. And so I’ll start us out by what exactly that means. Or you could just stay on Drupal 7. And even though it has end of life, that there still are ways to keep going on, on your Drupal 7 website.

Dave Hansen-Lange (10:15):

So moving to a new website like I mentioned the main options for most people are Drupal 9 or WordPress. And so just by saying those two names in the same sentence, we immediately get into the topic of like what’s better Drupal or WordPress and what is right for me? I will touch on this a little bit now, and sort of back up a little bit and say that for starters, it’s really hard to make an unbiased and fair assessment of the two. But in a general sense, Drupal 9 is really great for people that, or on websites and organizations that want to do something a little bit more complicated, a little bit more ambitious, a little bit more technological, with more moving parts. And WordPress is generally more applicable to the organizations whose website, in many ways might be similar to other websites. And yeah, that is a little bit vague. I don’t want to dive too deeply into this topic right now. 

Dave Hansen-Lange (11:54):

If you want, we can come back to this in the Q&A at the end. And we also have another webinar that we did a couple months ago on this topic more generally. And if you’re just, if you can, we can send along a link to that as well. One last thing on this, though, I will say that when most people compare Drupal and WordPress, they’re not really comparing Drupal and WordPress, they’re comparing the website that someone built for them in Drupal or the website that someone built for them in WordPress. And because of that, they’re often comparing the skills of those people who built the website and not necessarily the underlying technology. And that’s part of the reason why this is such a sticky, thorny issue with a lot of people being on one side or the other there about moving to a new website. You don’t have to do the whole entire thing. You can find ways to do this in bits and pieces. I’ll show some examples of that later, but we’re at this point of rethinking what should we generally do with our Drupal website. It’s a great time to think, okay, this section, do we need it anymore? Should it be here? Is there a better way to do this then when we created this website however many years ago?

Dave Hansen-Lange (13:30):

Since many of you may not have seen modern Drupal I’m going to show you, or we’re pressed, I’m going to show you some slides here. So on the left, what we see is I am editing a page on a website and I want to add a new component which is a common term that we use these days, a new component to the page. I can browse through this library of available components and then add one.

Dave Hansen-Lange (14:00):

Or how it’s going to appear on the page. There’s many ways to do this in Drupal. Drupal is kind of known for having many ways to solve a problem. What we see in this screenshot is a tool called paragraphs. That’s a tool that we’ve been using for this problem pretty successfully on several websites. There’s other tools within Drupal 9. You may have heard the term layout builder and there was a couple of smaller ones as well on the right side. We see the administrative listing of all the content on your website for each site, it’s going to be a little bit different, what you decide to list here. But this is just one example of how it looks and comparing this to WordPress on the left. This is also how WordPress looks when you want to add a new component to the page. And so the right column there, we see, the available components that you have, again, on the right, a screenshot that’s WordPress of a list of all the content on the website.

Dave Hansen-Lange (15:20):

Looking at these two sets of screenshots, there’s a couple things that might sort of immediately come to mind. WordPress, the administrative interface generally looks a little bit more polished.

Dave Hansen-Lange (15:39):

In some ways WordPress can be a little bit all over the place in that each plugin or each new thing that you add to your website tends to design things its own way and do its thing its own way and it’s WordPress. Compared to Drupal, each new thing works in a very consistent manner. So it’s easy to move around from section to section on the website. All that to say is really either is probably a big step forward from where you are with your Drupal 7 website.

Dave Hansen-Lange (16:18):

All right, so which Drupal 7 website is this going to be most applicable to, or maybe you shouldn’t at all consider this option? If you are really frustrated with any part of your website, be that like how the content of this is organized, or just the general backend experience the design of the website, if there’s anything about it that you’d just want to just toss and start again fresh, this is a good option to consider. But like I mentioned, when I listed these four main options, creating a new website is going to be the most expensive of the options. And in the age of COVID, many of you are probably dealing with some tight budgets. So one of the other options may be the better choice. Also, this might not be a good choice for you if your existing site is very complex. And one way to think about this is like you built your website so many years ago, let’s say it was five years ago. And you put all this work into doing that initial build, but then over those five years, you’ve also put in some work, to make the website more and more better. And in this new version of the website that you’re gonna create, you want to encompass all of that. 

Dave Hansen-Lange (17:52):

It’s going to be a pretty big project. And so it’s just one way to consider looking at your options.

Okay. Option B, I don’t have a handsome, single flat you can upgrade to Drupal net. So how is this different from just creating a new websiteIn AAA? Drupal 9 has these built-in tools that can take your Drupal 7 website and take all those, all that content, all the content structure all the menus, everything that’s stored in the backend of the website and upgrade it and make it work in a new Drupal 9 website. But what you don’t get is any of the, how that content is presented to visitors, all of that stuff. If you go through this upgrade process, you still need to come up with or you still need to rebuild the way that it’s presented to visitors. Maybe, maybe you’re happy with the design of your Drupal 7 website. And so you can just redo that same design in Drupal 9 or another option since we’re here and we’re creating a new website and Drupal 9, you might want to take advantage of that and do a new design.

Dave Hansen-Lange (19:31):

And so, because of all those things, it’s going to be still a big chunk of work, not as big as just doing a clean slate and starting from scratch. But still a lot of work involved. One thing you do need to look into before you get too far down this road is like, are there any ways in which we solve the problem in Drupal 7, that just there’s no equivalent in Drupal 9. And that has sometimes happened because the Drupal 7 way of solving a problem, one example would be locations. Let’s say you got a content type in Drupal 7 called offices of your organization and they’re storing their address and location. That’s almost certainly done in a very different way in Drupal 9. And there isn’t a way to directly go from one to the other, at least not directly in the same sense of this upgrade process that I talked about before. There may be these situations like that, and you’ll have to do something custom or something else. That’s a little bit more complicated. It’s just important that, you know, these things happen upfront before you get into moving down this road.

Dave Hansen-Lange (21:00):

So who is this good for? I mentioned, you’re going to get the same stuff in the backend as you have now. So it’s, if you’re happy with that, great, consider this option. I mentioned that the visual presentation, you’ve got to redo that. So if you want a fresh design, this might be an option for you. Again, avoid if budget is tight, like I mentioned, it’s still a fairly complicated procedure. All right. A third option is to switch to Backdrop.

Dave Hansen-Lange (21:39):

So Backdrop, I said earlier that your main options are WordPress or Drupal. What’s this, what’s this new Backdrop thing? Backdrop is kind of like a different flavor of Drupal. And in the technical parlance, Backdrop is a fork of Drupal 7. And what does cutlery have to do with software? Absolutely nothing. So by fork, we mean fork in the road. You may know that Drupal and WordPress are open-source software. And that means that anybody, anybody really who has the time available to do it, can jump into the project. You got a problem with the way something works, you want to make it better, you can just do that and you can contribute something and get it rolled into the software. But what that also means is that if you don’t like how something works, you can just take it, copy it, and roll with it.

Dave Hansen-Lange (22:42):

And that’s what’s happened with, with Backdrop so well. Drupal 8 was being developed. There were many people in the community who thought, “Oh, no, like Drupal 8 is looking great and all, but it’s going to be really hard for websites that are on Drupal 7 to get to Drupal 8 and whatever it comes in the future. And they were right. That’s, that’s why we’re here. That’s why we’re having this webinar. And so what they did was they took Drupal 7, copied it, called it Backdrop and started to evolve it and evolve it in some of the same ways that AAA has evolved only keeping with the Drupal 7 way of doing things and the Drupal 7 styles. And so you have an option to take your website and sort of just take that fork in the road and start moving down the Backdrop trail.

Dave Hansen-Lange (23:42):

What this is going to look like for your website is that you’re still gonna have the existing content structure things in the backend of the website, just like that, upgrading to Drupal 9 option. It’s all going to look very similar, if not identical, but different from that upgrade to Drupal 9 option. You can still keep the visitor-facing portion of the website. If it’s going to need a little bit of tweaking to get onto that Backdrop fork in the road. But that is going to be relatively much smaller, a much lighter lift. Not to say that you must keep your existing design, you can make some changes and revisions. You might even consider doing a full redesign. But yeah, you don’t have to, as you’ve heard me describe this, you may be thinking fundamentally that the steps involved, it’s pretty similar to the upgrade to Drupal 9.

Dave Hansen-Lange (25:00):

It is, but still, it is almost certainly cheaper than upgrading to Drupal 9. And mainly the reason is because like I mentioned, it is just Drupal 7 evolved. So the changes that you have to make to your existing website are just immensely smaller, some increased risk. So what I mean by this well, like anybody who works with websites for a nonprofit is probably going to know WordPress, and probably getting to know the word Drupal, probably not going to know the word Backdrop, because it is such a much smaller community. Where there might be that there’s about half a million Drupal websites out there. There may be like a few thousand Backdrop websites out there. And because of that, there’s enough momentum in the community that we know that Backdrop will be here for two years, maybe four years, but it’s harder to sort of see deeper into the future. Whereas Drupal, you know, half a million websites. We know it’s, there’s a lot of people working on this, a lot of organizations, big and small, it’s going to be here for probably at least another 10 years, if not longer. Backdrop, much smaller community. There’s just not as much certainty about the future. 

Dave Hansen-Lange (26:44):

But with that said, Backdrop has committed to like the same sort of upgrade structure that Drupal 8 and Drupal 9 have committed to being. We’re not going to do a huge change again in the future. We’re going to make all these incremental changes that will make it much easier for you to stay up to date and evolve your website over time.

Dave Hansen-Lange (27:12):

Great. I thought it important to show some visuals about what Backdrop looks like and looking at these, you might be thinking, “Oh, this looks pretty similar to my Drupal 7 website, but the colors and fonts are more contemporary”. And you are a hundred percent correct in thinking that like I mentioned, it really is Drupal 7 evolved. But there is more to it. There are some easier things on the technical side of how to work with Backdrop compared to Drupal 7. There’s some different ways of managing page layouts. There’s other new features in Backdrop that Drupal 7 doesn’t have. But the thing is, if you take this sort of upgrade from Drupal 7 to backdrop trajectory, you’re not going to get those things all of a sudden. If you want to take advantage of Backdrop’s fancier ways of laying out content on a page then you’re going to have to have a small project to enable that feature. At first, you’re still going to be working in the same paradigms as you are with Drupal 7. So who is Backdrop great for? Anyone who has a lot of custom code. I was talking earlier about like, why you might want to avoid building a new website and Drupal 9 is if you’ve got a lot of custom stuff. Here in this option, and this would be a good option for you because all that custom stuff probably doesn’t need to change very much, probably needs to change a little. But if it’s not going to be all that significant, this is a good option for you.

Dave Hansen-Lange (29:16):

If you are happy with your existing design that’s going to need a little bit of touch-ups to move to Backdrop. I was trying to be consistent here and come up with a reason why you should avoid Backdrop. I couldn’t really come up with one. I think everyone should at least consider this option. It’s kind of like the middle of the road option. You might not choose this option if you’re wanting to do a full redesign, but if all the rest of the things line up for you, then you could do a full redesign in Backdrop. It would be fine. I guess the only reason that I can think of now is that if you are super concerned about keeping the website that you have the same fundamentally as it is now, four, five years into the future, 7 years into the future—because the future is a little less defined for Backdrop—you may want to avoid it in that case.

Dave Hansen-Lange (30:35):

All right. And the last option stay on Drupal 7. I mentioned even though Drupal 7 has reached end of life, there are ways to continue on with it. If you had any websites that were on Drupal 6 and you were in this sort of situation for Drupal 6’s website, when it reached its end of life, there was a program started called the extended support for Drupal 6. This Drupal 7 version of that program is fundamentally identical. And what this is is that I mentioned that many of the security team are volunteering their time. And so this program gets around by trying to force people to volunteer their time by saying it’s a paid program. The Drupal community has vetted several Drupal agencies to offer this extended support service. And what that means is that as security issues come up, maybe there’s a security issue that comes up in Drupal 8 that might also apply to Drupal 7 this, this team of extended support people work on fixing that problem in Drupal 7.

Dave Hansen-Lange (32:11):

And so there’s kind of two ways to take advantage of this: Number one, you sign up with one of the extended support vendors. You’ll be able to find that list through some links that we’re going to send at the end. One of the mandates of this is that they release all of their fixes publicly. It’s happened for Drupal 6 as well. And so if you are technically savvy or you’ve got someone at your disposal who’s technically savvy and can sort out the details and apply these fixes as they come up, this could be a good option for you, too.

Dave Hansen-Lange (33:08):

I think it’s important though, to like, take a step back at this point and talk about why you might think about security in different ways. And one way to think about security is kind of like two groups of websites on the internet—those who security is really important for, for whatever reason. Maybe they’re doing something that some people find controversial and they have people who are trying to hack into their website. Maybe you are processing credit cards on your website and you, you know, someone might want to try and break in and steal those credit cards. Maybe you are a news outlet and you get hundreds or hundreds of thousands of people viewing your content every day. And if someone could break in and get some sort of message out to those people, that might be an incentive as well. So that’s like one group of websites, people who have some sort of special security concern. And then there’s kind of everybody else—everybody who knows that security is fundamentally important, but it’s not more important than it is for everyone else in this group.

Dave Hansen-Lange (34:33):

It’s just the nature of how I described that most organizations are going to be in this group where security is important, but not more important than anyone else. Some are going to be in this heightened group of security. And for those people, they need to think about things more than just like, am I getting the bare necessity basics? Or am I really doing all that I’m responsible for ensuring the security is as good as it can be. And for those people, this may not be the best option in that you’re not on the most recent and currently secure thing you were on, this thing that’s on extended support. And whether that rationale is purely technical, or if it’s purely optics in that if something were to ever happen to your website and it was discovered, “Oh, they’re running this version of Drupal that was created 10 years ago”. 

Dave Hansen-Lange (35:38):

How can that be responsible? And then there’s all sorts of politics involved. I mean, it’s a situation you want to completely avoid, but for those of us who are in the group of security as important, but not more important than anyone else, this can be a very reasonable option to consider. So stay on Drupal 7, if you have a really tight budget. And I admit that budget is in the eye of the beholder. For some of you a roomy budget would be a tight budget and vice versa. Like I was talking about, if you don’t have any special security requirements avoid, if your site needs a facelift or if you’re frustrated with the backend. So like I mentioned, this is keeping the same website and keeping it the same. And so if you want to rip something out and try again, this is probably not the option for you.

Sarah Durham (36:56):

Okay. So, Dave, I’m just going to jump in here for a second before we continue with your sample scenarios. We’ve got about 20 minutes left in our time together, so we’re going to need to move pretty quickly through our sample scenarios and through the make a plan section. But we did get a really good question that I’d love you to try to answer for us before we continue on. It’s from our friend, Rita, and Rita asks, if you choose to migrate or upgrade to Backdrop, what would that mean for your future options to upgrade to Drupal 9?

Dave Hansen-Lange (37:29):

I don’t think it really changes the landscape for that at all. Whether you’re upgrading from Drupal 7 or from Backdrop, it’s fundamentally the same thing. It is technically almost identical and that’s because well, Backdrop has gone on this new trail at a foundational level. The way the content is stored, it’s fundamentally the same. And so if you want to pull that content out of either version of those websites into a new Drupal 9 website, it’s going to be the same process. That could change though, as it’s a fork in the road. So Backdrop could go further one way, while well, Drupal 7 is not moving anywhere at this point, but it could continue to move on in a way that’s more different from Drupal 7. But in my opinion, it’s unlikely to change all that much for the foreseeable year or two.

Sarah Durham (38:37):

Okay, great. So, so back over to you.

Dave Hansen-Lange (38:40):

Okay. So like I mentioned, those options, they were great in theory, but now let’s try and put some of this to practice. I’m going to show, I think, four, maybe five example websites and what is unique or different about those websites and why they might choose one option over the other. As you’re looking through this, you might think, “Oh, that’s nothing like my website”. But I’m going to try and pull some things out here that hopefully are going to apply or at least show some things that you should consider. And you also might recognize some of these websites. Don’t focus on that. We’re going to focus on what is it about these websites? I’m also not going to tell you anything about these websites that isn’t something… Sorry, everything that I’m going to tell you about these websites is something that you could just go to the website, look at and figure out for yourself.

Dave Hansen-Lange (39:45):

So there’s not going to be any sort of like private information here that I’m gonna show either. So in this first example, we’re going to look at the ACLU. On the left here, we see what their website homepage used to look like. On the right side, we’re going to see what the homepage looks like now. And the prior version of the website, that was Drupal 7. The homepage, and I say that specifically, the homepage, is now WordPress. You may remember back when I talked about the option of creating a new website that you don’t have to do the whole thing. Here’s just the homepage. And they’ve actually done the same thing with the blog section. It used to be Drupal on the left. Now it’s WordPress on the right. You don’t have to do with everything.

Dave Hansen-Lange (40:44):

So this is an example of a case on the ACLU website. And like, this is just one really long page here that is cut up into three pieces. See at the top, this is all just fairly straightforward content. But then in this section, things start to get more complicated. Like there’s all these other bits of content elsewhere on the website that are related to this case. That’s something that you can do in WordPress, but the more complicated those relationships get, the more awkward it gets to do in WordPress. Then down here at the bottom of the page, things get super complicated. Visually it doesn’t look too bad, but that’s because I think the design was done well. There’s hundreds of legal documents that relate to this case, all in these groupings and hierarchy and get super complicated. WordPress is not the best tool for this kind of job. And so this part of the website is still on Drupal. It’s still going to be on Drupal for now. It might evolve in the future, but that’s where it is for now.

Dave Hansen-Lange (42:03):

Another section of the website, there is this sort of intermediary thing where you could show an action within like an article or a blog post or something to say, “Okay, come take this action”. And during the redesign or in moving bits to WordPress, you know, if you’ve stepped back and thought, is this useful? Is this complicated? Is there a way to do this simpler? And this sort of intermediary thing was just checked and now there’s just links to actions and there’s other ways to show actions without this complicated section of the website. Please consider for your website: What should I get rid of? There’s almost always something. 

Dave Hansen-Lange (43:11):

Looking at a different organization, here is one that’s a Drupal 7 website. But you might be thinking, “Oh, this design, it looks fairly current”. And you’d be correct because this organization went through a redesign, I want to say, like, two years ago. And so because of that, looking at those four main options, they can probably throw the create-a-new-website option out because the design still looks great. As long as they’re happy with how the content works on the backend, they could really choose any of the other three options. And, yeah, so consider that.

Dave Hansen-Lange (43:47):

Next, we have a municipality. When I was talking about the option of staying on Drupal 7, that’s maybe not the best option for a municipality in the news all the time. We hear stories of like such-and-such municipality, their website has been hacked, or their computer systems have been taken over by ransomware. And so just the optics of staying on Drupal 7 might not be the best choice for them. The design looks, doesn’t look as fresh as those first two options that we showed. But let me guess a municipality kind of has different requirements in that the number one goal is not a flashy design, it’s getting information out to its residents.

Dave Hansen-Lange (44:32):

And so there may be a way for them to choose one of the non-design related options. And at the same time, maybe consider how it can do any sort of restructuring to better present the information that people need to find. Here’s another organization. In looking at the screenshot, you might be thinking the same things that this organization thinks about this website and that the design is very text-heavy, and it is not quite as engaging as they would really like it to be. And so for this organization, one of the first two options is probably the best choice: creating a new website completely or upgrading this to Drupal 9 with a new design.

Dave Hansen-Lange (45:43):

Lastly, we’re going to look here at, this is not so much a website, but a web platform. AFT has 1,300 websites on this one platform for States and Locals within a state. And the center one up top here, this is for a campaign website. And this is an example of a few things: One, it’s not their primary website, it’s not aft.org. And so if you’ve got more than one website, you don’t have to choose the same option for all of them. You can choose different options. Number two, there’s a lot of custom stuff involved here, as you might imagine. Some stuff around creating a new website, around connecting the information altogether. So because of that, you might lean more to one of the options that works better for custom stuff and doesn’t require recreating all of their custom stuff in a brand new website.

Sarah Durham (47:07):

Thank you, Dave. So a quick question, before we talk about where you go from here. Just want to confirm the ACLU, the sections of the ACLU site that are still in Drupal, or are those WordPress? 

Dave Hansen-Lange (47:22):

That is in Drupal. Yes. 

Sarah Durham (47:26):

Okay, so Dave is going to be advancing some slides for me. So I will ask you, Dave, to go onto the next slide. And basically, before we flip over to your questions and discussion, and in the remaining time we have together, what I want to get you thinking about is how to make a plan. And it’s interesting we’re doing this today because actually I had a call with somebody at a higher ed institution this morning, who’s got an old site and they are debating what their options are. They were describing a lot of feelings of being overwhelmed. I think that, you know, these days with the reality of what’s going on in the world with COVID, with elections, all that kind of stuff, tackling these kinds of big projects is feeling pretty daunting. So I wrote an article about planning and we’ll share links to that article and a bunch of other things.

Sarah Durham (48:20):

Dave has also written a really helpful post about Drupal 7’s end-of-life. At the end of this webinar and also in the follow-up email, we’ll send you one of the things I wrote. The first step is to make a plan and you don’t have to have all the answers. You’ve just got to begin by getting your team on the same page about the implications. I think that’s one of the big barriers that a lot of people are facing is that they’ve got these Drupal sites and there is a real challenge coming up, a real cliff coming up for many of you that you’ve got to begin to get your team aligned around so that you can budget and plan appropriately. Next slide please, Dave. So I recommend that you come up with a plan, which you could do in five slides or in two pages.

Sarah Durham (49:05):

And the intention of this plan is actually to give you an internal document you can use to get your team on the same page and build some buy-in. So you can see first you’d start by outlining the situation. I think we’ve given you some of the ammunition for that conversation and in today’s session or in the articles we’ll share with you, and what the risk is to your organization. You might want to outline some options if it’s clear to you and the people on your team where you should go from Drupal 7. You might go forward with outlining some options or making a recommendation, but honestly, if you’re not sure which way to go, a good partner should help you get there, too. So if you don’t have the answers already in mind, if it’s not clear to you which way to go, it might be that you map out a few options.

Sarah Durham (49:52):

But your recommendation might be more to find a partner to help you navigate that. Of course Advomatic can do that. We would love to help you make a decision about this, and we do regularly do that as part of our work. There are many people you could work with who could do that. I think one of the things that’s also really important in your plan is mapping out a timeline, not so much for the build or the upgrade that you might do, but all the things leading up to it. If you are looking ahead and thinking what you really need to do is rebuild your website or do a significant upgrade, that’s going to take time and a lot of work, and you’re going to want to get your team on the same page about when the budget needs to be approved, and when you’re going to get rolling so that you’re doing it hopefully well in advance of some of the deadlines that are going to be important within your organization and within the Drupal 7 end-of-life timeline.

Sarah Durham (50:49):

You know, in the non-profit sector, one of the key pieces that is in my experience kind of do-or-die for many big projects is building buy-in. So with that plan in mind, I would encourage you to have some conversations, share it, get it into the budgeting process and kind of keep it alive because very often you know, you mentioned these things once or twice, but there’s so many things going on that are taking up so much attention and energy for the leaders of organizations today that I think you’re going to have a little bit of work to do to keep it alive, which is the next step. My next slide. Also, keeping it alive is about not just writing this plan and sending it to people, but keep nudging and keep bringing it up. If you know what your milestones are when people are talking about budgets or budgets are getting approved, you know, those are great opportunities to research, collate your plan and go from there.

Sarah Durham (51:47):

Now, many organizations that we work with and talk to are already doing this, and they’re already talking to us and other people about what they’re doing. And a partner can also help you figure out your timeline. So there are a lot of ways to do this. You don’t have to do the heavy lifting on your own. But what you don’t want to do is you don’t want to wait until you’re, you know, a couple of months away from these deadlines if they pose significant risks or implications for your organization. So we have a few minutes left to go before the top of our hour. And I want to hear a little bit from you. So if you’ve got questions or comments, you can either use the Q&A feature, which you will see at the bottom of your screen, or you can chat them in to Dave and I, as we go. And we’re going to stop sharing our screen. Now we’ll take a few questions and while you chat those in, I also want to just remind everybody that we are going to be sending out a follow-up link to the recording here. And Theresa is also going to chat out a couple of the articles we mentioned. Dave has written a really helpful article about D7 end-of-life. He’s also written an article about D8 and there’s an article I’ve written that’s about how you, how you plan for this change. So Theresa will chat those all out.

Sarah Durham (53:17):

Okay, Dave, first question for you. Somebody is chatting in about administrators and they’re thinking, well, actually, this is sort of a double-barreled question. Let’s take it in two parts. First in option A, you talked about building a new site as option A. You specifically talked about WordPress and Drupal. Both of those are open source technologies. Why are you talking just about WordPress and Drupal and not any other systems?

Dave Hansen-Lange (53:46):

One of the things that I also talked about was like, kind of the momentum of these projects, like Drupal is large. WordPress is ginormous. And there’s lots of movement in those projects. There’s lots of momentum as soon as someone has a new idea or a new technology pops up on the internet, like things move quickly. And there’s a way to do it on your website in short order. And I also talked about the security group, that’s not the official title, but like there’s ways like that in which you’re getting the benefits of someone else volunteering their time for your website, which you just don’t get in in some of the other options that you have.

Sarah Durham (54:37):

Okay, thank you. And the second part of this question was about comparing WordPress and Drupal about administrators and the options there. This person is talking about how there’s lots of different people in their organization, who right now have different layers of access in Drupal 7. And they’re wondering if there are any recommendations you have for new platforms based on that kind of complexity.

Dave Hansen-Lange (55:01):

Yeah, so like the area of editorial permissions and controls, like that’s one of the big differentiators between Drupal and WordPress. WordPress has some basic systems around this role can do this, or this role can do that. In Drupal, we can make things a whole lot more complicated, like people who manage this section of the website, they can upload images. Other people can use those images, but only the original group of people can edit them or ways of more complicated things that you can do in Drupal.

Sarah Durham (55:38):

Okay, so there’s a question here about the difference between a Drupal new build and a Drupal upgrade in terms of cost. And actually, would you mind just bringing it up again, cause somebody chatted to me that they arrived a bit late and they didn’t see your slide. I think it’s your slide number six, which outlines all the options. Let’s just quickly go back to that slide for a second and share that. And I think that the question that just got chatted into me relates to this. So on slide six, you mapped out a bunch of different options ranging from building a new site to staying on Drupal 7. And those were ranked, as you talked about them from most expensive to least expensive. So you said building a new site is the most expensive, staying on Drupal 7 is the least expensive, and then the upgrade or the switching to Backdrop were in between. So the question is about the cost differential between building a new site in Drupal 9 and upgrading in Drupal 9. I assume that there are additional costs for design, for UX, things like that, and building a new website, but how significant is that differential? What other variables inform the cost difference there?

Dave Hansen-Lange (57:06):

Yeah, so I talked about sort of in any of these higher options… well, no, let me rephrase that. In the two middle options, you have the option of how much redesign you want to do, of course. And that’s probably the biggest thing that affects how big or small upgrading to Drupal 9, that project is going to be. But let’s say you wanted to redesign and compare upgrading to Drupal 9 versus creating a new website in Drupal 9. It’s difficult to be put on the spot, but I don’t know, 80%, 90% since you’re doing a full redesign. Upgrading to Drupal 9 and moving to a new website, they start to become more similar. The more you’re redesigning, the similar in cost.

Sarah Durham (58:01):

Okay, thank you. That sounds like what we were expecting. So I am just skimming through your questions and it looks like a couple of other questions that we have here are pretty unique to specific organizations, so I’m going to follow up directly with those organizations since we are just about out of time. I want to thank Theresa and Dave for joining us today. Dave, thank you for imparting your wisdom on this topic. And I want to thank everybody who took the time to log in and watch this. I hope this has been helpful for you. If you have specific questions or concerns or things you want to pick our brain about, you can always email us at [email protected] or [email protected]. We’d be happy to get on the phone with you, talk a little bit about your situation if that is of use to you. And again, Theresa will be sending out a link to these articles and the recording to you in just a few days. So thank you, all. And thank you all for the excellent work you do to make the world a better place. Be well, thanks.

Oct 22 2020
Oct 22

A common frustration for Drupal 8 (and 9) site builders is the inability to change text fields from plain text to filtered text through the administrative interface. This was something that was easy to do in Drupal 7 by editing the field’s settings and changing the value for Text processing.

Sometimes requirements for a field change, both during the build phase and long after a site has been in production, and it would be convenient to toggle on a rich text editor and text filtering with minimal effort.

In Drupal 8, there are five types of text fields in core:

  • Text (plain)
  • Text (plain, long)
  • Text (formatted)
  • Text (formatted, long)
  • Text (formatted, long, with summary)

The first two are actually string fields and don’t allow any formatting. If a user enters HTML tags, they are ignored and displayed as plain text.

The last three will allow HTML tags, depending on the settings for the Text Format that the user chooses when entering content. However, only the last two will show the WYSIWYG editor (if it’s associated with the selected text format).

But what happens if midway through your build process, or months after your site has launched, the requirements for that text field change? Your client or designer decides they now want to allow some formatting in a field that was originally Text (plain) or Text (plain, long). And they want their editors to be able to use a WYSIWYG, so they don’t have to deal with HTML code. What do you do?

The long way: create new field, migrate data, reconfigure

One solution is to write an update hook that will create a new field, migrate existing data to it, and delete the old field. If the field is renamed, you also have to consider reconfiguring any views, entity references, display modes, etc. that referred to the old field. Changing a field type this way is entirely possible, but more time consuming and error prone.

Wouldn’t it be nice if you could simply enable a WYSIWYG on that plain text field and be done with it? Especially if your client is on a tight budget. It’s actually possible to do this in a custom module, with a few lines of code.

The short way part 1: add a form alter

First you’ll need to add a form_alter function in your custom module, most likely in the .module file. There are many ways to add a form_alter in Drupal 8, and those are documented elsewhere. See the entry about hook_form_alter in the Drupal API.

You may also need to add some conditions so that the field is only changed on certain forms or for certain content types–this is also beyond the scope of this article.

In this example, I’m adding a general hook_form_alter() that will apply to all forms regardless of entity type. If you have a Text (formatted) field, you may want to enable a WYSIWYG on it to make it easier for editors to create the content. Because it’s already a formatted text field, the form alter is very simple.

use Drupal\Core\Form\FormStateInterface;

function mymodule_form_alter(&$form, FormStateInterface $form_state, $form_id) {
  if(isset($form['field_myformattedtextfield'])) {
    $form['field_myformattedtextfield']['widget']['0']['#base_type'] = 'textarea';
  }
}

We are only changing one value associated with the widget: we change the base_type to textarea. The editors will see a WYSIWYG, and the data will be saved and displayed as formatted text.

If you want to add a WYSIWYG widget on a Text (plain) or Text (plain, long) field, it’s a little trickier. There are a few more widget attributes to alter.

use Drupal\Core\Form\FormStateInterface;

function mymodule_form_alter(&$form, FormStateInterface $form_state, $form_id) {
  if(isset($form['field_myplaintextfield'])) {
    // Fetch the entity object.
    $entity = $form_state->getFormObject()->getEntity();
    // Get the current value stored for the field.
    $value = $entity->field_myplaintextfield->getString();
    // Change the base type for this field to a textarea.
    $form['field_myplaintextfield']['widget']['0']['#base_type'] = 'textarea';
    // Change the type of field to formatted text.
    $form['field_myplaintextfield']['widget']['0']['#type'] = 'text_format';
    // Recommended: set a default text format. When rendering
// you’ll have to manually set this to make the field use
// formatting (see next section).
    $form['field_myplaintextfield']['widget']['0']['#format'] = 'full_html';
    // Set the default value to the currently stored value.
    $form['field_myplaintextfield']['widget']['0']['#default_value'] = $value;
  }
}

This will give us the WYSIWYG where we want it, but the value is still stored and displayed as plain text. We need to add another function to transform it for output.

The short way part 2: let the fields render as formatted text

For Text (plain) or Text (plain, long) fields, we have to tell Drupal to run the stored value through one of the Text Format filters and render it as formatted text. This involves two functions and a configuration setting.

In your custom module, add a hook_field_formatter_info_alter to allow the plain text field types to use the default text formatter:

function mymodule_field_formatter_info_alter(array &$info) {
  // Let the string field types use the text formatter.
  $info['text_default']['field_types'][] = 'string';
  $info['text_default']['field_types'][] = 'string_long';
}

Then, add a template_preprocess_field function to tell Drupal which text format to use when that field is displayed as filtered text. Since this isn’t a regular formatted text field, Drupal doesn’t store that information the way it does for the standard formatted text field types. Be sure to use the same text format that you used in the hook_form_alter().

function mymodule_preprocess_field(&$variables, $hook) {
  if ($variables['field_name'] == 'field_myplaintextfield') {
    $variables['items']['0']['content']['#format'] = 'full_html';
  }
}

Lastly, we go to the “Manage display” configuration for the field in question, and tell Drupal to use the “Default” format for that field. If you are using Configuration Synchronization, you’ll notice this affects the “type” in the “Entity view display” configuration for this field.

...
  field_myplaintextfield:
    weight: 100
    label: above
    settings: {  }
    third_party_settings: {  }
    type: text_default
    region: content
...

Voila! That should be it. View your content and check that the plain text field is now being rendered with HTML formatting.

Conclusion

With just a few lines of code, we added a WYSIWYG editor to a plain text field and enabled Drupal to display its contents as formatted text. This technique will work for both Drupal 8 and Drupal 9. You can refine this approach depending on your needs to display formatted text only for certain view modes, entity types, field instances, etc.

Want to add this functionality to your site? Contact us if you’d like to hear more about our services.

Sep 30 2020
Sep 30

Our Drupal contributions history

Srijan has been part of the Drupal community for over 12 years. From very early on, we (Srijan) have been contributing to the Drupal project in multiple ways, from sponsoring nearly all DrupalCons since 2013, to regularly contributing code to core and contrib projects.

Many of our people have been mentors for new contributors at DrupalCons and local meetups. For the past 2-3 years, we even had a dedicated open-source community manager within the organization.

One of the earliest Drupal.org media case studies, published in 2009

Due to the COVID pandemic, we had a fairly large bench earlier this year. Given this, we decided to create three dedicated contribution teams to leverage this time efficiently and increase our contributions. During the same time, Drupal India Association (DIA) had set out a big-hairy-audacious-goal (BHAG) of putting DIA among the highest contributors globally.

Years of contributions and the above 2 events improved our overall ranking in the Drupal marketplace.

Where we fell short

Highly motivated by the dual goal of putting DIA on the marketplace and improving Srijan's ranking in the marketplace, some of our team members digressed from the objective and started "gathering contribution credits".

Soon we realized that out of the 25 contributors, a few were making mistakes like "assigning/unassigning issues without comments", or "submitting duplicate patches", meanwhile gathering credits intentionally or unintentionally in the process.

We acted immediately, realizing our mistake that we had not conducted a D.O "contributions code of conduct" training — as most of them were first-timer contributors.

We asked some of our seasoned contributors to organize a code of conduct training. These contributors led an internal training session to reiterate the Drupal code of conduct as well as build an internal best practices checklist for contributors at Srijan.


                        A screenshot from the training session

While this session helped in improving the quality of the contributions, we still noticed that a few people were not following all the best practices. Community members were still tagging Srijan and registering their complaints…we acted again.

This time we ‘painstakingly’ made a comprehensive report to identify the key issues and the defaulters.

The following unhealthy practices were identified and each team member was evaluated against these-

  1. Assigning/unassigning without comments
  2. Hopping/hijacking issues - i.e.,not reading the issue history and submitting incomplete patches
  3. Submitting duplicate patches
  4. Incorrect patches, or patches without comments/screenshots

Self-evaluation form filled by each team member, against each issue worked on

This detailed evaluation process took about 2 weeks to complete but helped us address the quality issues. These evaluation sheets will be maintained regularly going forward.

Conclusion

With the above steps, we eventually succeeded in putting a stop to the breach of the ‘code of conduct’ by a few overzealous (or careless) contributors.

We should have done a "code of conduct training" and set up a monitoring system so that we could have avoided these incidents. But that’s the benefit of hindsight.

On behalf of Srijan, I would like to apologize to the Drupal module maintainers and core contributors (including other Srijan contributors) who had to face unnecessary challenges due to some of our nonchalant actions.

Srijan is and will remain among the leading contributors to the Drupal community and a responsible one at that.

The purpose of this post is to address our problem of being tagged on Slack in the Drupal group, rectify them with the right practices, and share this learning experience with others to help them avoid these slip-ups.

I would like to end this post by highlighting some of the positive attention that Srijan’s contribution teams have received during the past few months.

Sep 07 2020
Sep 07

In a typical scenario of staging or production, developers seldom have the option to use the debugger so they turn to the logging functionality to resolve system issues.

One of the most underutilized tools at the developer’s disposal, ideally, logs should be the first thing that developers should look at when trying to resolve a system error or spending time tracking down a gnarly bug.

This blog will walk you through the Drupal module, Monolog, that logs the messages of the site (words, errors, notices, & warnings) in the file to fix issues swiftly without impacting the site performance. Find out how it can be installed and how it works.

The ABC of Monolog Module

In a typical scenario, a module trying to log the debug information in the database table has to connect to the database every time, making the whole process tedious. Additionally, the gradual increase in table size starts hampering the site performance.

Contrary to this, another way of logging the site messages without impacting the site performance is by saving these messages in the file. Whenever the site will be down due to fatal errors, the messages can be checked from the log file.

Monolog is one of the modules in Drupal that saves messages (words, errors, notices, warnings) in the file to save the system from the overhead of buffering logs and network errors.A laptop showcasing Drupal logo and error

 The Monolog module integrates Drupal with the Monolog library to   offer a better logging solution. It can send logs to files, sockets,   inboxes, databases, and various web services. In a nutshell, it allows   you to define a logging pipeline. 

 When it logs something, it dispatches it along that pipeline to       whichever files, services, emails, etc. you have defined.

Benefits of Monolog Module

It offers following benefits

  • Enhanced system performance

Monolog logs system messages as per the defined file system/structure, thereby enhancing the overall performance of the application and system.

  • A multitude of handlers

The multiple handlers defined in monolog can be integrated hassle-free to send log messages into an email, Slack, etc.

  • Easy to install

The Monolog module is easy to install as it does not require any external library and server for configurations

  • Complete watchdog integration

The Monolog module consists of full watchdog integration, making it easier to work with core and contributed modules out of the box.

  • Configurable logging levels

The Monolog module is PSR-3  (PHP Standards Recommendation). As a result of which, it enables interoperability to help you change the logging library for another that implements PSR-3 without too much headache.

Why is Monolog Important?

Drupal core logging offers minimal features to developers for defining a log message type, “attention level,” and then saving all the log messages to a destination, usually Syslog; even when the logging can be redirected to another destination. All the log messages, including those where critical problems are listed, are stored at the same place with trivial logged information.

Whenever the site encounters an unexpected issue, site owners try to find the cause behind it. Though all the information is written to the log system by Drupal, it quickly gets overwritten with newer log messages on an active site. Once it happens, it becomes difficult to recover because they all stay in the same log stream along with PHP errors and warnings and all the other types of system logs.

This is why the Monolog module comes handy. With it, you can send critical logs to email, HipChat, or NewRelic, normal logs to a persistent backend, and debug to a simple pre-defined log file.

The clear separation of information by concerns extensively improves access to the specific log information that is relevant and useful in any given situation. 

In fact, you can use this module to write operational logs related to the content and user actions to a particular stream so the site owner can gain access to that information instantly without going through all the unnecessary or irrelevant log messages.

At the same time, a system administrator can see all system logs on a different stream, and receive critical messages only via email.

How to Install the Monolog Module?

The monolog module can be installed by using the composer.

Black background with commands

The Monolog module does not have any configuration form in the backend, and all the configuration is done in services files. You can follow the below-mentioned steps for the same-

  1. Create a site specific services.yml (monolog.services.yml, for example) in the same folder of your settings.php and then add this line to settings.php itself:

$settings['container_yamls'][] = 'sites/default/monolog.services.yml';

 

2.   The simplest configuration that allows Monolog to log to a rotating file could be-

parameters:
monolog.channel_handlers:
default: ['rotating_file']
monolog.processors: ['message_placeholder', 'current_user', 'request_uri', 'ip', 'referer']

services:
monolog.handler.rotating_file:
class: Monolog\Handler\RotatingFileHandler
arguments: ['private://logs/debug.log', 10, 'monolog.level.debug']

3.  This configuration will log every message with a log level greater (or equal) than debug to a file called debug.log located into the logs folder in your private file system. Since data will be rotated every day, the maximum number of files that you can keep would be 10.

Role of Handlers & Processors in Monolog’s Functionality

Handlers are accountable for saving the message to the file, database, or sending it to a mail. In Drupal Monolog’s default monolog.services.yml, several handlers are defined, for instance, monolog.handler.browser_console, monolog.handler.chrome_php, monolog.handler.fire_php, etc. These are registered as services in the Drupal Service Container. You can define as many handlers as you need. Each handler has a name (that should be under the monolog.handler. namespace), an implementing class, and a list of arguments. 

Mapping among logger channels and Monolog handlers is done by defining parameters. Under the monolog.channel_handlers parameter, it is possible to determine where to send logs from a specific channel. The default mapping should exist as the fallback one. In the previous example, all logs were sent to the monolog.handler.rotating_file handler. 

Note -  Only the handler name is used instead of the full-service name.

The following example will send all PHP specific logs to a separate file:

parameters:
monolog.channel_handlers:
default: ['rotating_file']
monolog.processors: ['message_placeholder', 'current_user', 'request_uri', 'ip', 'referer']

services:
monolog.handler.rotating_file:
class: Monolog\Handler\RotatingFileHandler
arguments: ['private://logs/debug.log', 10, 'monolog.level.debug']

It method will write the corresponding message to the private://logs/php.log file.

On the other hand, a processor is a PHP callable used to process the log message-

monolog.processors: ['message_placeholder', 'current_user', 'request_uri', 'ip', 'referrer']

Monolog can alter the messages being written to a logging facility using processors. The module provides a set of already defined processors to add information like the current user, the request URI, the client IP, and so on.

Processors are defined as services under the monolog.processor. namespace. We can also use the Devel module or Drupal Console to find all of them.

'Message_placeholder': text of message

'Current_user' : logged in user

'Request_uri' : requested url

'Ip' : ip address of user

‘'Referer': url from where the user has arrived to the page.

code written in black background

How to log custom messages in a custom module using Monolog? 

To log custom messages, add below-mentioned code in your custom module-

\Drupal::logger('php')->debug('debug message');

It will successfully write the corresponding message to the private://logs/debug.log file.

E.g 

\Drupal::logger('php')->debug('Data added using cron');

code written in black background

Conclusion

The Monolog module offers complete flexibility to help you capture the right information and leverage it for troubleshooting and monitoring. Once you have configured your applications to log all the useful information, you can send these logs to a platform where it can be used for in-depth analysis and collaborative troubleshooting.

Install the module for speedy development and resolve errors hassle-free.

Aug 17 2020
Aug 17

Contributing back to the community has always been vital in Srijan’s culture. We did take a back seat for some time like everyone in the industry; however, it was just a little pause. In the early days of 2020, we set some new year goals and community contribution was one not to be missed. As you read along, you would walk through our journey so far.

Status Quo Ante

In March, Srijan was on the first page of the Drupal Marketplace when we thought to initiate the contribution process. Simply put, we were holding a rank between fifteen to the seventeenth position.

While I started working as a Community Manager in the March-end, I was made responsible for improving Srijan’s ranking in the Marketplace.

Never had I imagined then that such a massive epidemic was at our doorstep.

Financial Q1 & COVID Hit

The COVID-19 pandemic that started in March-end led to the cancelation of all the upcoming events. Further, the extended lockdown worked as a catalyst for increasing the ambiguity among the team members on what to plan in future agenda and how long will it take to end.

An enormous number of employees were put on the bench as the project engagement reduced considerably across the globe due to COVID uncertainties. That’s when it struck us that we should leverage this situation to turn it into a positive opportunity for us. An opportunity where we can learn, improve our position in the Marketplace, and most importantly, don’t let Srijanites feel demotivated due to such unprecedented times.

See what we did to give our best-

  1. In the first week of April, we started anew by creating three teams for the time being and kickstarting our efforts to chase our end goal. 
  2. These teams were accountable for running contributions as full-fledged Projects (i.e., teams working in collaboration and performing all Agile ceremonies simultaneously) apart from an additional small group that focuses on contributions as an ongoing task.
  3. As we picked up our pace in mid-April, the team discussions took place following which there were some training sessions provided, and documentation was done for the newbies as well as for others to seek reference. 
  4. Gradually, the team started picking issues, and by the end of April, we were able to contribute satisfactorily, irrespective of the improvement in our rankings. However, this beginning made us feel content.

As said, hard work pays off; eventually, May & June proved fruitful for us. These were the months when the rank improved drastically, and we were now within the top 5 contributors in the Marketplace globally and at the top position in India.

Vertical bars of different colors and lengths-graphThe graph shows the number of patches submitted in total for different Issue types in May & June.

Not only did the teams were proficient by now, but we were also ready with the recorded training sessions and startup guide for the future newcomers to join. We traveled a long way to achieve our goal, but the journey was far more adventurous and taught us things that made our future brighter.

We learned in our journey...

While the teams had gained up to the speed of working for core issues, some unhealthy practices came into the light, such as too many comments on a single issue, or to & fro of assignment and un-assignment, etc., were being followed within the community. 

As everyone learns from their own mistakes, so did we. The teams were run through the sessions by the experienced contributors, where they elucidated the best practices to adopt while working on the issues.

All's well that ends well

By the end of June, we made it to the top 4!Graph to show month-wise rankThe graph shows Srijan’s ranking on Drupal Marketplace from March to June 2020

The ultimate goal

To reach our ultimate goal, we were continually putting efforts to maintain our position in the top 5 quality contributors. Below is the graph to help you understand the scenario betterGraph with vertical bars of various lengthThe percentage of Drupal Core Credits with the Total Credits, as of July 1, 2020, for top 4 Contributors.

Our position as of August 12, 2020, i.e., in the second quarter of the year, was 2nd, and maintaining it requires some serious strategic planning and continuous implementation. 

The credits are evaluated every 90 days. You may lose the hard-earned position if the constant efforts are not dedicated. Given this, it is essential to foresee things and act accordingly.

This is all about the contribution journey of Srijan in the first quarter of 2020. As George Herbert said, “Where there is a will, there is a way,” we have now successfully achieved the second position in the marketplace. 

To know this another exciting journey of ours, where we achieved the second position, you ought to stay tuned for the next blog. 

Meanwhile, keep contributing to the community! :)

Jul 10 2020
Jul 10

Things aren’t going the way you planned. We’re now in a recession, the pandemic has caused unexpected challenges, and your budgets have been cut. Welcome to the summer of 2020. Still, your website is more important than ever. Your donors, clients, members, and advocates are expecting it to be up-to-date, easy-to-use, and bug-free.

To add insult to injury: Drupal 7 (D7) end-of-life is now looming on the horizon. Although the good folks at Drupal.org notified us in early 2019, most nonprofits haven’t had the time or budget to get rolling yet. And if you’re working on a team that’s had its resources cut it may feel like an impossible set of circumstances to navigate. 

But don’t panic. The Drupal community just announced we’ve got an extra year. As Advomatic’s Dave Hansen-Lange pointed out in an earlier article about D7 end-of-life, there are lots of options that can help you not only manage this proactively but help you come out on top looking like a tech rockstar. Here’s a guide. 


Step one: go from abstract fear to tangible plans. 

In an ideal world you would be building a new website in 2021 that’s ready to go live early in 2022. But it’s not essential that you make the move off of D7 before the November 2022 end-of-life date. What is essential is that you have a plan that you and your leadership feel works. 

To get started, make sure that you or your team have a clear understanding of the implications of keeping your site on D7 after November 2022. It may help to facilitate a conversation within your website team asap about how unique and mission-critical your website’s security is, for instance, and this article will give you a useful overview of the risks. Consider making some background reading a requirement for participation in that conversation so your team gets better informed. 

Next, get on the same page about what’s holding your organization back from leaving D7.  Is it the cost of building a brand new site? A lack of understanding or focus on D7 end-of-life and its implications with your leadership? Is it confusion about whether to stay in Drupal or consider a move to WordPress, Backdrop, or another CMS? Is it your staff’s limited capacity to manage a new website build right now? These are the common scenarios most nonprofits are facing — and they all have solutions, ranging from doing some internal educating, doubling down on support for your D7 site later, or finding a partner who can do more for you now. 

Finally, draft a pragmatic plan for your organization. Now that you’ve got a grip on what D7 means for your organization and your team’s ability to navigate it in the near term you can craft a plan. Your plan should take the folks who must support it on a journey of understanding and, ideally, keep them out of the weeds if this isn’t their job. 

We recommend crafting a plan in Google Slides, PowerPoint, or other presentation deck with just five slides: 

  • The situation: A sentence or two explaining D7’s end-of-life.
  • The risk for your organization: A sentence or two explaining what the implications are for your org.
  • The options: Bullets that outline the top 2-3 options for your organization specifically. 
  • Our recommendation: Bullets detailing your recommendation. 
  • Proposed timeline: A high-level timeline detailing when decisions must be made and actions taken to fulfill your recommendation.

Can’t say it all in a few slides? Use the notes area to add examples or detail if necessary. But try to resist creating lots of text-based slides with millions of bullets or detail. You’ll be more successful at getting support from your leadership if you can simplify the complexity of this issue for them and demonstrate you’ve already thought it through well, so they can trust your recommendation. 

Step two: educate your colleagues and get their buy-in for your plan. 

If you’ve completed Step One, odds are good your plan was crafted collaboratively with any colleagues who work on the web team at your organization– but if not, this is a good time to review it with them and make sure everyone feels good about it. You’ll want everyone aligned and on-board so there’s no confusion or mixed signals communicated downstream and so your recommendations can be integrated into your next budgeting cycle. 

The next step is to take your plan to your leadership. In most nonprofits this will involve presenting it to your Executive Director or CEO and/or COO. While you may not always present formally, I recommend you plan to do so here. Take a few minutes to practice walking through your slide deck, perhaps with family or friends first, so you can present it quickly and with confidence. The prep time you invest will not only make the meeting go smoother it might very well save you time and energy in subsequent conversations. 

If your greatest barrier is the budget and you are suggesting that your organization consider reinstating some funds for a new website, you may also need to present or share your deck with the board. 

When you present, be sure to leave time to answer questions and ask directly for feedback on your recommendations and proposed timeline. If you can leave the meeting with a clear sense of what is working for them and what isn’t, you’ll be better equipped to revise your plan if needed or put other balls into motion. If you’re presenting your plan via Zoom consider recording it. If you are able to get through it in 10 minutes or less, sharing the video with colleagues or board members may be a faster and easier way to educate and build buy-in for your plan. 

Step three: keep it top-of-mind

Experts have studied and written about the importance of repetition in reaching and getting people to remember new things. Take a page from their playbook and plan to repeat your concerns, suggestions, and timeline proactively. Consider setting reminders to follow up with colleagues at key decision-making junctures, bringing your plan up again in management meetings, asking for updates from your E.D., or whatever feels appropriate to your organization’s culture and practices. 

A key moment to keep your recommendations top-of-mind will be when you’re budgeting for your next fiscal year. The more you’ve got folks on the bus already, the more likely you will be to get this project supported during the lean year(s) ahead. 

 

Step four: sleep well at night

Regardless of whether things turned out exactly as you hoped, you’ll sleep better at night knowing that you proactively addressed Drupal 7’s end-of-life and led your organization through a thoughtful process to manage it. You might also have inspired your colleagues to see your leadership and management skills in a new light, too. 

Jun 30 2020
Jun 30

Consider a situation wherein your car indicators are placed near the glove compartment, the horn near the back seat, ignition turn on/off button near the fuel tank, and steering wheel with the button to open the side doors. How infeasible it would be!

A man sitting on chair and working on system

Of course, nobody will ever want to drive such a non-ergonomic car that can cause a threat to human life.

Likewise, for content marketers and publishers who create and publish content, their editorial experience must be seamless. It implies that they should be able to publish quality content in less time ahead of their competitors.

This blog is an attempt to interconnect the long-proven Japanese concepts of manufacturing - Kaizen and 5S’ technique with the editorial experience in the digital world to help companies implement it through Drupal and make their teams more productive for content creation and publishing.

Applying Manufacturing Concepts to Editorial Workflows in Publishing

Whether you have realized or not, you do have an editorial workflow. It is simply the way your content gets published.

However, if you have never given it much thought or attention, your team’s workflow is likely undefined, unclear, and unhelpful. It probably changes from article to article, and steps are missed or completed out of order.

See how manufacturing concepts can be applied to improve editorial workflow -

Getting into Editors’ Shoes

Engineer at the assembly line

Advancement in technology can facilitate editors to produce good   quality content and with high quantity. Though leveraging it the right   way can only ensure the productivity and quality of the work.

For an engineer on a manufacturing assembly line, carefully studying each step from pulling an electric screwdriver hanging from the ceiling and 5 screws from a bucket kept right near the waist level to eventually gripping those screws in the car.

Likewise, for editorial teams, it’s important to understand tasks that are repeated by the majority of the users and categorize them in high, medium, and low-frequency High Time tasks.

Understanding Key Pain Areas

A man stamding and operating system


Editors and publishers when working in collaboration should be able to maximize efficiency and revenue for the business. Stakeholders should emphasize the use of a specific mindset and tools to create efficiency and value. Here are some pain points that enterprises must resolve to help address those challenges-

American Society of Quality teaches a concept of FMEA (Failure Mode Effect Analysis) which can be directly applied to Editorial experience betterment
"Failure modes" means the ways, or modes, in which something might cause delays or complicate the workflow

"Effects analysis" refers to studying the consequences/results of those.

Focus on the tasks that hold the highest chances of occurrence and their consequences on the editorial experience and on business outcomes

Examples of Failure Modes and Effects

Failure Mode

Effects

Long Content Forms

Time Delays, Frustration for teams

Excessive clicks to complete a form

Time Delays for publishing, complicated workflow

Multiple Screen Navigations

Possible loss of information, time delays

One body field for all content

Difficult to manage changes, Low-richness of content

Applying Lean Manufacturing 5S’ technique for better Editorial Experience

The term 5S is taken from five Japanese words -

  • Seiri
  • Seiton
  • Seiso
  • Seiketsu
  • Shitsuke

When translated in English, these words become-

  • Sort
  • Set in Order
  • Shine
  • Standardize
  • Sustain

Here, each “S” represents one part of the five-step process that can improve the overall functioning of a business. Let’s get in detail of each “S”.

1. Sort:  This involves going through all the tools(buttons), furniture(fields), equipment(process), etc. in a work area(content management system) to find what needs to be present and what can be removed. 

  • When was this item(field) last used?
  • What is the purpose of this item(field)?
  • How frequently is it used?
  • Who uses it?
  • Does it need to be here?

Logical Grouping of Fields: When was the last time you cribbed about the monologue like marketing forms or a job application which took you years to complete?

day comLong and Verbose Content Forms vs Logical Grouped Forms with Form tips

Now think wearing editors’ hat who have to create content using those long forms 10, 20, 50, 100 times a day, these just prove as a hindrance for editors to create and innovate with their content

Logical Grouping of fields via the Field Group module makes the form short and easy for editors to only pick and add information in the fields which are concerned to them.

Form Tip is another intuitive feature to avoid long-form(black box in the screenshot on right) and give editors some info about the info that needs to be added in the field.


2. Set in Order

Once the clutter is gone, it's easier to see what's what. Now workgroups can come up with their strategies for sorting through the remaining items.

  • Collapsible Fields is another way to reduce the length of the form and collapse the fields which are not used widely in all content

a rectangular white bar with text

vehicles moving on road

  • Conditional Fields  is another way to reduce the   number of fields on the form, show/hide fields   based on condition, eg. the ‘Primary Image  Summary’ field for an image will appear only if  there is an image uploaded to an article (As seen  for ‘Primary Image’ field in Screenshot) 
  • Number of Clicks - Carefully minimize the number of clicks to achieve a task 


gif showing various rich multimedia formats

Rich Multimedia Features- Helps  creating a modular content structure with different logical fragments of content rather than just one large body field. Use this to add rich social media features like Embeds, Slideshows, Videos, Audio Podcasts.

two sections divided on white background

  • Taxonomy Manager  allows editors to manage all the master content and vocabularies in the system in an intuitive interface

8 sections divided showing people

Gives a selection view for images and videos 

text on white background

Helps listing the items together for a section of the website


3.  Shine:

The Shine stage of 5S focuses on styling and theming of the interface for the creation and publishing of content for editors. 

  • Giving editors much larger space to write and manage content contrary to the traditional content forms
  • Max Length Helps defining field limits to make sure the user doesn’t exceed the limits 
  • Colors and Font: Use clear visible font-size which are not stressful to the eye. Use solid colors for the header/footer menu of content entry screens for better visibility of text.  

two images juxtaposed on white backgroundHeader/footer menu of content entry screens for better visibility of text

4. Standardize: Use standardized field types to supplement faster creation of content.

Anubhav 4.0

Some industry-standard field types that can be used are mentioned below:

-  A long list of options: Eg. the country field can be configured using Auto-complete deluxe 

- Multiple values in a field: Eg. Keywords field can be configured using Chosen fields; it’s quick and gives a fast response if the user wants to remove an item

- Hierarchical items can be configured using SHS

There are a few more industry-standard features that should be added to the interface for standardizing editorial experience:

Auto-Save of Progress

 If the user's browser or machine   dies while editing an article; the   edits will be presented to the user the next time they return to the article

a dialog box on white background

 Content Locking 

When a user is editing an article, any other user that attempts to edit the same article will be blocked from doing so and notified that the content is already being edited. fields on white background

5. Sustain: This is the last of the 5S’. It is not only about keeping the 5S running smoothly, but also about keeping everyone in the organization involved.

video in  white backgroundTraining and Onboarding: Quick Editorial onboarding for the editors which means the teams can self-learn on creating content and publishing content without specialized training. 

Saves a lot of time and money to onboard a new publishing interface.

Summing up-

Though 5S is quite a simple concept, beginning a new program of it can feel daunting.

You can start by rolling out a plan with practical steps such as deciding the departments and individuals to be involved, what training will be needed, and what tools will be helpful in executing the process.

Determining these concrete steps would help you successfully carry out the process of 5S implementation. Besides, Drupal has the potential to enhance the editorial workflow significantly through its powerful modules and distributions.

Jun 26 2020
Jun 26

Drupal 9 was launched on June 3, 2020. Given this, it would be necessary for enterprises to upgrade to it later or sooner to acquire complete functionality and retain the ability to receive security updates within the bi-yearly cycles.

In the past, migrating from one version to another has been similar to moving from another CMS to Drupal, bringing in more time and fatigue.

However, the upgrade from D7/8 to D9 is much easier and painless. Let’s dive into more details and understand as to why moving on to Drupal 9 would be a better choice.

Why Should You Upgrade?

With the end of life approaching for Drupal 7 and 8 soon, operating the website on them securely and with complete functionality won’t be a feasible option.

At the same time, it might also be overwhelming for Drupal 7/8 site owners to know that their website will need the upgrade, especially when their site is running absolutely fine; thereby, resulting in confusion among them.

Here are 3 reasons why you should consider upgrading your site to Drupal 9:

  1. The Drupal security team will soon no longer provide support or security advisories, wavering your website’s and its users’ cybersecurity
  2. D7 and 8 releases’ on all project pages will be flagged as ‘not supported’. D7/ 8 may be flagged as insecure in 3rd party scans making the integration with other third-party tools and systems challenging
  3. Leading hosting services providers like Acquia and Pantheon will also soon withdraw their support from D7 leaving you without many options but to assume hosting responsibility for maintaining your application and server level configurations

The good news for Drupal 7/8 site owners is that even when it goes out of official support in November 2022, remaining Drupal 7/8 sites won't stop working at that point.

Should an Existing Drupal 7 Site Be Upgraded to Drupal 8 or 9?

One of the major reasons that more than seven hundred thousand Drupal 7 sites still haven’t migrated to Drupal 8, is due to the known challenges in the migration process. And with the majority of people on Drupal 7, it is quite likely that most of them did not want to upgrade their CMS twice in the span of one year.

A safe bet seems to be migrating from Drupal 7 to Drupal 9. But will the site be secure? Let’s get to know a few facts.

Since D8 and D9 are similar except for deprecated codes removed and third-party updates in D9, it would be a feasible option for enterprises to migrate to D9 instead of D8 - to save them from constantly going through the same process and investing time, money, and efforts unnecessarily.

What’s New in Drupal 9?

There are innumerable capabilities added in Drupal 9 which further will be consistently updated biannually to help enterprises stay up-to-date.

Now once you upgrade your system to D9, you won’t require to make major changes the next time you plan to update it to a newer version. 

Here are some of the new capabilities that are added to D9-

  1. Backward compatible

    Drupal 9 is backward compatible, i.e., it is compatible with its predecessor, Drupal 8. That being said, D9 will be able to use modules, configurations, and data created on D8 of the same software, unlike the case with D7 and D8.
    Additionally, preserving this functionality won’t burden Drupal with historical baggage and so the performance of the system will remain unaffected. The Drupal community has also focused on breaking code and not the data.
    This way, Drupal will remain fast, clutter-free, and yet an up-to-date technology.

  2. Faster and Better Performance

    Drupal 9 has taken it further to extend its support for responsive images, wherein mobiles can display the best-sized images and hence, consume fewer amounts of data.
    In a recent webinar by Dries, he mentioned that Drupal 9.1 onwards versions/updates will witness the innovation and pave the way for faster and better performances of the websites. Drupal 9.1 update is just six months post the release of Drupal 9. Meanwhile, here are some of the features of D9 that you can leverage for efficient workflows-

        A.  BigPipe increasing page view performance and supporting faster initial page loading

        B.  Content Workflow allowing you to define multiple workflows

        C.  Multilingual capabilities

        D.  Structure Content- Drupal 9 comes in with an array of available fields, encompassing phone, email,       data, and time.

  3. Cleaner code base

    Drupal 9 has removed the support for deprecated codes in D8. This implementation will ensure that the code marked as deprecated will no longer be supported and used in the Drupal ecosystem. 
    The motive behind this is to make D9 a cleaner version so that whenever the modules in D8 want to become compatible with D9, they need to first eliminate the deprecated code. 
    Thus, the end result is clear- to make the code more nimble and improve the website’s performance.

  4. Newer Major Versions of Symfony and Twig

    Symfony 3 will be replaced with Symfony 4 or 5 after November 2021. Also, the Drupal community can introduce an upgrade to Twig 2.0. These upgrades will only result in enhanced performance, improved developer experience, and enhanced security.

  5. Panelizer will be removed and replaced 

    What’s new in Drupal 9? Well, the panelizer will be replaced with the Layout Builder, the “star” module of the moment.

  6. Headless CMS

    Drupal 8 and 9 both come with an API-first approach. Dries also mentioned in the webinar that the Drupal community is vigorously capitalizing on Headless CMS so that it can enhance users’ experience with the powerful front-end of the website with Javascript framework like React or Angular. 

The essential features of Drupal Headless CMS are-

  • Front-End Freedom
  • Create Once, Publish Anywhere
  • API-First Approach
  • Easier Resourcing

Drupal 9 is more usable, accessible, inclusive, flexible and scalable than previous versions, with the following updated features-

  • It will be significantly easier for marketers to use D9
  • Simple than ever to maintain and upgrade for developers
  • D9 is experimenting with its headless or decoupled capabilities

Additionally, you can also learn from our previous blog where we have explained how to find and fix the deprecated code - Site Owner’s Guide to a Smooth Drupal 9 Upgrade Experience.

Why Remove Deprecated Code in Drupal 9?

To ensure that the D8 modules remain compatible with D9, it’s typically essential to remove deprecated codes- 

  1. The all-new Drupal 9 ready code gets deployed on Drupal 8 sites and issues can be tested.
  2. It is a continuation of the fully-tested and stable codebase of Drupal 8

With time, the effort is being made to make Drupal better. There are functions that have been around for a long time but will not be a good fit in the latest release. Most were deprecated in Drupal 8.7.0, which will be removed in Drupal 9.

To sum it all, the key to achieving this smooth transition to Drupal 9 is to rollout your migration plan within deadlines and save yourself from any unnecessary hassle later on.

Srijan is working with leading enterprises to help them migrate their digital web properties to Drupal 9 for better user experience. 

If you are also looking for a smooth upgrade/migration process for your enterprise’s system, we are all ears and excited to assist you. Contact Us!

Jun 03 2020
Jun 03

Drupal 9 will be launched today. After so much hard work, collaboration, anticipation and excitement, it is finally here.

Although a lot of discussion is happening around the upgrade and possibilities it brings along, the final product can only be as good as the process itself.

The good and important news is that moving from Drupal 8 to Drupal 9 should be really easy — radically easier than migrating from Drupal 7 to Drupal 8.

As a site owner, here’s what you need to know about the new release and what to take care of to make the process easier without many glitches.

The Drupal 9 Release and Timeline

The goal of Drupal 9 is to make it an easy upgrade as much as feasible from Drupal 8. Unlike most of the previous upgrades, D9 will be different in terms of:

  • Updates of dependencies to versions that stay supported.
  • Removal of our own code that we deprecated with removal before Drupal 9's release.

The new release will be a cleaned-up version of Drupal 8. Built on the same code base with deprecated code removed and third-party dependencies updated, Drupal 9 is not a reinvention of Drupal.

a horizontal table with Drupal versions

The next question is what happens to Drupal 7 and 8, then?

One of the major dependencies of Drupal 8 is on Symfony 3. Since Symfony 3 enters the end of life in November 2021, Drupal 8 support will be lifted around the same time. A long-term-support (LTS) minor release of Drupal 8 will be released alongside Drupal 9 and supported until November 2021.

No new features will be added to Drupal 8 and no new minor releases will be made available of Drupal 8. It will only receive patch releases after which.

Drupal 7 will also stop receiving community support after November 2021.

Data migration features in Drupal core to move from Drupal 7 to Drupal 9 will be active until then since they are required for a stable migration. 

The Upgrade and The Tips

The only caveat is that you need to manage is the "deprecated code". Here’s what you need to take note of, for an easiest upgrade experience to Drupal 9:

drupal 9.0 api

  1. Keep Core Up-to-Date: As mentioned above, Drupal 9 is Drupal 8.9 - deprecated parts plus dependencies updated.

    If your site doesn't use deprecated code that is scheduled for removal in Drupal 9, your upgrade to Drupal 9 will be easy. In fact, it should be as easy as a minor version upgrade (like upgrading from Drupal 8.6 to Drupal 8.7).

  2. Keep Modules Up-to-Date: Although Drupal 9 will not have new features (other than those provided by updated dependencies). While most modules will improve Drupal 9 compatibility, to ensure you don’t lose them in the upgrade, keep them updated.

    The key benefit of Drupal 9 over previous versions is that the platform will be supported with security fixes much later after support is lifted from 8. For contributed modules, the pace of Drupal 9 updates will depend on the module maintainers.

  3. Check Custom Codes for Deprecation: In case of any custom code on the site, you can use the deprecation checking and correction tools and fix issues locally. Tools you can use to check code depreciation:
    1. Drupal Check (read more her about PHP version compatibility check
    2. Rector (Read more about Rector here)

      Further, you can also use an IDE or code editor that understands deprecations (@deprecated annotations particularly) or Drupal 8’s branch of Upgrade Status for full site reporting.

What is Deprecated Code?

Deprecated code is referred to as the functions and API’s which are being replaced with new and better versions. In the journey from Drupal 8 from Drupal 9, you will experience API changes, with the new implementation is already present in core along with older one. We have to replace older code/API usage with the new.

Here is an example of the deprecated function:

* @deprecated in Drupal 8.5.0 and will be removed before Drupal 9.0.0. * Use \Drupal\Core\Messenger\MessengerInterface::addMessage() instead. */ function drupal_set_message($message = NULL, $type = 'status', $repeat = FALSE) { @trigger_error('drupal_set_message() is deprecated in Drupal 8.5.0 and will be removed before Drupal 9.0.0. Use \Drupal\Core\Messenger\MessengerInterface::addMessage() instead. See https://www.drupal.org/node/2774931', E_USER_DEPRECATED); $messenger = \Drupal::messenger(); if (isset($message)) { $messenger->addMessage($message, $type, $repeat); } return $messenger->all(); }

In above example the function drupal_set_message is deprecated and has to be replaced with:

\Drupal\Core\Messenger\MessengerInterface::addMessage()

Ways to Find and Fix Deprecated Code in your Drupal Project

As mentioned above , you can find and fix your deprecated code in the following ways:

  1. Drupal Check: It's a library developed by Matt Glaman. Check the git code here. For installation and usage, you can refer to the readme. 
    In case you want to install using Composer, prepare using composer global require mglaman/drupal-check. You can also read more about the composer check
    1. Get into your project/Drupal root directory
    2. Choose the module you want to check for deprecations
    3. Run drupal-check --help for help items. Here, I am using watchdog_prune module for demonstration.
      run : drupal-check -d watchdog_prune
      The output will be something similar to the image shared below:
      deprecated-code-1-srijan
    4. You will, now, have the report of deprecated code to fix.
    5. Let say it is giving us File src/Form/WatchdogPruneSettings.php containing issue : Call to deprecated function drupal_set_message(). In this case just navigate to the body of function as in this case drupal_set_message()

      You will notice that the the documentation under red box reads that the function is deprecated and what we need to do instead
      Ways to Find and Fix Deprecated Code in your Drupal Project
      Now replace the current code with the recommendation and you are done.

2. Drupal Upgrade Status Module: This module checks the list of projects you have installed and shows their availability for newer versions of Drupal core.
      1. Use the Upgrade Status module form
      2. Download and install module using composer: composer require drupal/upgrade_status
      3. Install the module and navigate to URL using admin user: /admin/reports/upgrade
      4. You can run a complete project/ individual module scan
      5. Fix the deprecated code in the same way as mentioned above.

Wrapping Up

Because Drupal 9 is an extended version of Drupal 8, for site owners, this means that it should be much easier to upgrade. But keeping custom codes and module updated needs to be meticulously planned.

Have questions around Drupal 9 upgrade and how it might impact your site? Experts at Srijan are all ears, connect with us to chalk out the right course to Drupal 9.

Jun 01 2020
Jun 01

Many organizations are running into the challenge of managing content on their multiple websites for gaining centralized control and ensuring its secure flow.

Taking a piece-by-piece approach and allocating teams to work on each site separately drives the higher cost of maintenance, development, results in complex infrastructures, and inefficiencies in the process.

While content cannot be shared and shipped using CMI tools unlike configurations, Drupal modules can be utilized for sharing content among different sites or different instances of the same site.

This blog sheds light on the features that enterprises should not overlook while leveraging Drupal modules and also examines the benefits & limitations of the Entity share module and the cases in which it makes the biggest difference.

A Cost-effective Solution to Manage Content Across Sites 

Entity Share module helps enterprises achieve a workflow where subsites of a multisite architecture can share a piece of content across without disrupting the workflow at their respective ends. Besides, it also keeps UI experience and cost-effectiveness in check.

The module works for a setup where each of the sites have different databases. It provides easy means to share entities like nodes, taxonomy terms, media, etc on the basis of endpoints obtained from the JSON:API module via basic authentication.

Note- The websites sharing content among each other are designated by the terms, Server, and Client. The server (site) being the one from where content is shared and the client (site) is the one that takes in shared content.

Installation and Configuration Process of Entity Share Module

Follow these steps to install and configure the module-

  1. The entity_share module of desired version might be installed either via composer using
  2. Thereafter the module needs to be enabled using the drush command “drush en entity_share”.

  3. Next step is to create channels on the server site containing exact data to be exposed from its end. Channel configuration can be done after enabling the entity_share_server v.i.a command “drush en entity_share_server” which is a submodule present within entity_share. Additional filtering and sorting rules can be set on these channels as required after navigation through

    Configuration-> Web Services-> Entity Share-> Channels.

    text fields in white backgroundThe specification of an authorized user is a must to access this channel. 
    text fields in white background
  4. The client site, on the other hand, contains remote data that comprises the remote/server URL that it needs data from and authorization details like user and password to connect to the server which is provided after enabling the submodule entity_share_client using command “drush en entity_share_client”. Note this module needs to be enabled on the site that will pull shared content.

    Navigate to Configuration-> Web Services-> Entity Share-> Remote Websites and configure the remote settings. Ensure that the username and password in the Basic Auth section is the same as the credentials of the user that has access to entity share channels on the server end configured earlier.

    text fields in white background
  5. After successful authentication, all the shared content (from server end) will be available to the client site at [client_base_url]/admin/content/entity_share/pull to be pulled and displayed at its end. 


    This provides an added advantage to the client-side where it can accept the shared content only after complete verification. The shared content simply does not get created as soon as the server shares it.

    Moreover, the interface that the module provides for the entities to be pulled is user-friendly and easily understandable. It clearly depicts newly created and already pulled content along with its synchronization status. In case the content after being shared and pulled gets edited either at the server or client-side, the status gets immediately updated.

text fields in white background

Use Case of Entity Share

We implemented Entity Share module for a client project 

Recently Srijan came across a requirement where one of its established clients had local websites in regional languages distributed across many countries in the world.

Our main objective was to provide them with a solution where the administrator or central authority would be able to share some content like news updates, press releases, etc from the main/corporate website without affecting the rest of the content at each end. 

Additionally, a necessity of central control over each of the shared content/nodes was required where any change on the main site would be available on the client end to be pulled again or re-synchronized. 

Similarly, if a client site made any change on the content at its end, changes would appear on the corporate/main to be synced. The entity share module was best suited for such a scenario. 

We configured channels and remote sites as described above and the functionality was achieved. One of the custom functionalities added was to set the default status of the node being pulled into the Draft state so that the content editor can review the same before publishing. 

Despite the fact that Entity Share module is not yet identified as secure since a lot of inaccessible data is exposed using JSON:API endpoints, we implemented it for the client project. 

Because an extra security layer can be implemented to the web server configuration level by blocking requests from unwanted sources and allowing only trusted sources to fetch data. No third party expensive integrations were required. It matched with the clients’ requirements and also simplified our process of adding custom functionalities to it.

Benefits of Entity Share Module

It offers the following benefits-

  1. Authorized access- The module provides content exposure to a site ensuring authentication. Without proper authentication, no site can have access to the channel data exposed from the server website.
  2. Enhanced security for verifying content- The client site has a choice to pull data from the available list of content shared with it. This allows an extra layer of security that allows the administrator/editor of the client site to verify data at its end before synchronizing it. A link to the content/entity being shared is available beside each item in the list of entities present in the respective channel.
  3. Different versions to detect changes, if made- The module lets you view the difference between the already pulled entity and the entity on the server end, in case anyone of them gets changed.

    Given this, you have to install a module called diff to let you view revisions of an entity. Although the module has issues depicting differences in the reference fields; developers have an opportunity here to contribute to the community by finding an appropriate solution to the same.

  4. Multilingual support- Translated entities may be shared among sites provided the language is configured on both the ends. Even in the case where the default language of the server and the client site is different, this module is appropriate to use. 
    The client site may add appropriate translations based on the pulled content at its respective end.
  5. Auto-creation of referenced entities- All the referenced entities are auto-created based on UUID when a content/entity gets pulled if not present on the client end. Hence referenced paragraphs, images, and media that contain references to such fields need not be present on the client end before pulling content. They will be automatically created and linked.
  6. Clean and simple user interface- Lastly, the UI interface that entity_share provides for pulling/synchronizing content is easy to use. The entity pull access might be given to a specific user/editor of the website without developer intervention, once configured properly.

Limitations of Entity Share Module

Like other modules mentioned above, entity_share has limitations too:

  1. The entity when pulled on the client site, is displayed in the same state, i.e., published/unpublished as that on the main/server website. It implies that the module doesn’t obey customized editorial workflow and moderation process. Editors can’t take appropriate action of passing content through various workflow states such as draft, ready for review, approved and then published.

    For example - A published content when pulled is directly assigned a state from the pulled reference i.e published rather than in draft mode.

    However, there is a possibility to change this functionality by subscribing to the event

    \Drupal\entity_share_client\Event\EntityListDataAlterEvent

    provided by entity_share_client module to alter the status of the content being pulled.

    Likewise, other events are also available in the module that can be used to   tweak any functionality as and when required.

  2. The revision history of the node gets affected after pulling an already pulled entity that has been edited on the client end as well. This is because the changed timestamp that the JSON:API endpoint provides gets added to the client-side as it is after synchronization.

    This also needs to be fixed in the module to allow pull operations without affecting revisions on both ends. You can find another related issues  too.

Instead of using exorbitant and ineffective Drupal modules for content management across the various sites, give a try to Entity share module, it is a cost-effective solution that can be optimized as per enterprises' requirements.

Looking for a similar solution? Drop us a line and our team will get back to you.

Apr 24 2020
Apr 24

CDPs are meant to integrate customers’ data beyond digital and physical technology warehouses to provide valuable insights into the data and help enterprises in delivering substantial engagement at every touch-point.

With Customer Data Platforms (CDPs) witnessing more activity and investment heavily from companies like Adobe and Salesforce in the technology, the acquisition of AgilOne by Acquia to enhance its open digital experience platform capabilities can help companies and marketers deliver seamless digital experiences to their customers.

The greater flexibility and more control over the tools will allow marketers to apply advanced machine learning and analytics to get valuable insights and deliver top-notch experience across all touchpoints- no matter how the customer engages with a brand.

This blog will give you a glimpse of AgilOne’s capabilities, what value it can bring for marketers together with Acquia's products, and how it can improve customer experience.

Benefits of CDPs


one circle divided into sections and pointing with arrows towards a girlSource: Tealium

CDPs facilitate enterprises to deliver high-quality engagements with customers as well as fortifying the capabilities of marketing teams. Its benefits include:

  1. Increased ability to gain a competitive advantage

    Customer data not only brings value to the marketing department but also to business intelligence, customer service and beyond all who rely on the availability of data to drive the business forward. A CDP changes the way customer data and touchpoints are accessed and leveraged across organizational departments.
    This transparency across platforms will ensure that teams react more quickly to changes in markets or customer preferences.
  2. Greater customer loyalty

    While you understand the customers’ needs, you should also have the ability to anticipate their future needs. This way, there would be a higher probability of customers coming back to you again. This report clearly shows that a customer data platform is assisting companies to drive customer loyalty and ROI in their organization.
  3. More Effective Customer Experience and Marketing 

    With customers accessing more channels every day through several devices than ever, businesses are expected to deliver a more consistent customer experience across all. They don’t like it when they are shown products online that they have already purchased in-store.

    However, with CDP in place, organizations can obtain a 360-degree view of customers’ profiles including their interest, buying pattern, and demographics, to help in leading the most detailed customer experience possible without any blind spots.

  4. Operational Efficiency 

    Putting new technology into use by consolidating point solutions and tools can require a considerable amount of resources, which also might not be effective as custom solutions can be complex to maintain.

    Thus, CDPs act as a one-stop solution for centralizing customer data to eliminate the extra efforts required in integrating the data from various sources. Besides, it has also defined audiences and business rules centrally to further apply it across various tools saving huge amounts of duplicated effort between.

  5. You can measure too

    CDPs ensure that everything is available under one roof, facilitating enterprises to measure several metrics across a range of marketing initiatives such as website visits, campaign results, content performance, and customer journey analysis.

So, enterprises can consider CDP when-

  • They need direct access to first-party datasets of the highest quality
  • A platform-based technique to manage a unified customer database
  • A centralized space for storing and managing record, be it online or offline
  • A scalable platform that evolves in tandem with the technology stack
  • Reduced cost of ownership for handling and activating customer data

Features of AgilOne

AgilOne facilitates enterprises in easily configuring unique business rules, data elements, metadata, and scripting directly into the platform for higher performance results. 

It is the only CDP that can be upgraded to the enterprise level. Built for large, multinational companies, its Privacy API is compliant with GDPR and other privacy guidelines.

Here are some of its features-

  1. Single customer view

    Integrating customer data from online and offline sources to create a centralized network of records, AgilOne simplifies interactions with existing and potential customers.
    It comprises pre-built connectors and APIs to fetch profile data from customer-facing systems, transaction information from order management and point of sale systems, and engagement data from websites, mobile applications, email, and call center systems.

    Once data is pulled, it removes duplicate information from it and put together customer data into a single ID.

    Enterprises can also refine and standardize customer data across all sources by categorizing it with first and third party attributes such as income, demographic, social profile data, and later amalgamate it into modifiable, searchable customer profiles available in AgilOne UI and as an API to leverage across the enterprise.

  2. Analytics and machine learning

    Machine learning provides valuable insights into customers’ profiles that further help in understanding their buying patterns for analysis, smart categorization, and action.

    AgilOne’s metadata-configurable engine calculates metrics from any transaction or event data to let teams gain insights useful for the business niche. 

    Besides, it also assorts customers through supervised machine learning models that speculate events such as purchase, subscription, and engagement while the unsupervised models classify customers together based on interest and behavior. 

    You can provide direct access to data to help marketers and scientists leverage it for business growth.

  3. Customer data activation and orchestration

    Integrate your messages and offers across all points of engagement for customers alongside their profiles and insights for real-time interactions.

    Enterprises can strengthen their outbound marketing systems such as email, SMS, push notifications, and direct mail. Smartly target audiences by enhancing addressable media systems across display, search, and video advertising.
    Fetch this AgilOne data to CRM and other support systems in real-time to view comprehensive profile data such as analysis, identity graph, real-time events and transactions, active offers, and messages.

What value it can bring for marketers together with Acquia's products

With Acquia’s aspiration to create a multi-channel digital experience platform, i.e. ensuring support from all channels to have a proper customer-level database at the core, their existing products, Acquia Lift (personalization tool) and Mautic (automation and personalization tool) had some behavioral data capabilities but neither one was close enough to what enterprise customers are going to need to consolidate a real-time behavioral profile.

Acquia-agilone

Thus, acquiring AgilOne helped Acquia further in providing advanced segmentation, personalization, and campaign management. 

Besides, it complements Acquia’s Open Digital Experience Platform, seamlessly integrates into its open marketing cloud to provide an amalgamated solution to a marketing organization instead of juxtaposing point solutions.

Such capabilities make it an indispensable solution for marketers trying to make sense of the overwhelming sea of data from multiple diverse systems.

Further, the addition of AgilOne into Acquia’s entire open DXP will give marketers a significant opportunity to integrate actionable data in real-time and leverage it for personalized multichannel marketing to customers.

After all, a good data set quality and size are crucial to ensure personalization and relevance, thereby improving customer experience extensively.

It’s use cases include-

  1. Outbound Marketing
    Outbound marketing enables the classification of customers to an advanced level based on value, behavior, and attributes to power 1:1 content on every outbound marketing message.
  2. Digital Advertising

    Digital advertising enables marketers to consider acquisition-focused, audience-based targeting for leveraging first-party data for DMPs, retargeting, and ad networks.
  3. Customer experience

    This allows marketers to use real-time personalization during any direct interaction with customers. 
  4. Analytics and API

    It evaluates and predicts vital marketing metrics while giving customer intelligence to teams who need it.

Conclusion

Customer data platforms have become an integral part of digitally savvy enterprises to gain a comprehensive view of customers and engage them across all channels.

However, all the CDPs are not similar; they need to be scalable, secure and competent enough to manage diverse customer data. 

Thus, to manage everything from end-to-end, enterprises will need to focus on leveraging such capabilities to scrutinize all of it and then act on relevant customer journeys.

Acquia will enact as an accelerator, aspiring other enterprises to either become DXP providers by acquiring a CDP or risk being left behind!

Apr 15 2020
Apr 15

A good-looking Drupal-based website is essential to engage the audience but what if the website is slow?

The visitor will lose interest and may not return ever! 

Unfortunate, but true!

Drupal is an incredible website content management system especially when you need your website up and running before the end of the day. 

Even though the platform caters to all our online website needs, there are always options to speed up your website.

Since we have already covered basic and intermediate level tips for optimizing the website, this blog would cover 8 advanced level tips to help you up your game in this fast-paced digital environment.

  1. Cache Tags & Varnish :
    Varnish Cache, also known as caching HTTP reverse proxy is a web application accelerator that is used to boost the page load performance by a factor 10-1000x depending on your architecture of Drupal-powered websites.

Besides, it can also be used with cache tags to ensure easy cache invalidation.

Follow these 3 steps for basic cache tag integration. Also, ensure that Varnish works well the cache tags generated by Drupal

  1. Update your Varnish VCL to ease it at handling BAN requests
  2. Send a cache tags header (e.g. X-Cache-Tags) header with every request, containing a space-separated list of all the page’s cache tags.
  3. Send a BAN request with appropriate cache tags whenever content or configuration is updated so as to mark pages expired with the associated cache tags.


2.   Advanced Page Expiration

With the Advanced Page Expiration module, you can manage those pages which you want to be expired faster than other pages. For instance, this module would cache all the site pages for 24 hours except for the homepage which could be cached for five minutes.

It also allows improved control on the cache-control header during the use of external caching servers, like Varnish. Sites with an external caching server that uses the cache-control header to set TTL for cached pages such as Varnish and Nginx should opt for this module.

This header further indicates caching servers about how long the URL should be kept in the cache-

Here are some options that you can use to manage cache-control header

  • Increased cache lengths - The maximum amount of time for a cached item is 1 Day. This module allows up to 1 Year.
  • Exclude pages from caching - A list of pages that should not be excluded from caching can be defined. It sets the cache-control header to no-cache.
  • Rules Integration - Use Rules for more complex conditions beyond just creating a route/path to set the cache-control header. This is currently only supported for Drupal 7.x.
  • hook_ape_cache_expiration_alter() - This hook will allow complex custom logic to manage the cache expiration length. 

3.  Minification

Drupal logo in blue background

Source: Drupal.org

Minification process reduces code/markup in web pages and script files. It is one of the most significant methods to reduce load times and bandwidth usage on websites.


There are two Drupal modules that help in the same-

  1. Html Minify
    Minify Source HTML was developed to replace the Minify module, which would only minify the HTML in the content area of the page instead of the HTML of the entire page.
    The module is placed at the bottom of the page render process and minifies everything.
    The companion module Minify JS module minifies JS.
  2. Minify JS
    Minify JS module was developed to get rid of problems caused due to the implementation of the Minify module.


Those problems were-

  1. It does not store the minified version of its files in the public file system, thereby disabling other modules such as the S3 File System module to work with it.
  2. Uses remote call to Closure Compiler which itself has few limitations like the cap on the number of files it can minify in an hour and another one is preventing from minifying JS to a single line.
  3. It only detects javascript files that were already loaded on a page, indicating that all pages would need to be visited again to obtain a complete list of javascript files.

Look how Minify JS provided the solutions to the above problems respectively-

  1. The module uses the public file system and if any module that uses its own stream Wrapper for the public file system will surely work with this module out of the box.
  2. This module uses the JSqueeze PHP class for its minification, which does not have any such kind of limitations.
  3. This module scans the file directory for .js files (excluding .min.js files).


4.  Third-party performance tool for performance and slow query logs- NewRelic

New Relic’s software analytics product enables easy application performance monitoring (APM) to deliver real-time and trending data about clients’ web applications’ performance and the kind of delightful experiences your customers are getting through it.

This cloud-based platform facilitates developers, operations, and management teams a clear view of what is happening around in today’s complex software environments. 

Hence, you can find and fix problems faster to avoid any hindrances while delivering great digital experiences to users. 

5.  Akamai / Amazon CloudFront CDN / Acquia

Akamai is a prominent content delivery network with one of the largest distributed computing platforms in the world that serves between 15% to 30% of all web traffic.

Amazon CloudFront is also a content delivery network released by Amazon Web Services.

And the third one is the Acquia Cloud Platform CDN. It is a distributed network of servers that caches web site content to improve page load speed by saving copies of your pages to its servers, hence reducing bandwidth and CPU usage on the server.

With it, you can deliver exceptional digital experiences to users across the globe by caching pages and static assets at more than 65 points of presence (POPs) around the world.
Visitors will be able to access your website easily by loading static assets from the POP closest to their location, thereby decreasing the turnaround time and helping in increased conversions.

6.  Server Cache

It identifies anonymous user pages cached. You can check this URL CURL here-

HTTP/2 200 

date: Thu, 02 Jan 2020 06:17:48 GMT

expires: -1

cache-control: private, max-age=0

content-type: text/html; charset=ISO-8859-1

p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."

server: gws

x-xss-protection: 0

x-frame-options: SAMEORIGIN

set-cookie: cookie values display here

set-cookie: cookie values display here

accept-ranges: none

vary: Accept-Encoding

Make sure the URL header should not have no-cache in Cache-Control.
 

7.   Managed Dedicated Server(s)

A managed dedicated server provides you with the hardware and a team of experts to ensure the smooth and efficient running of the software. Besides updating it, it also alerts you if there are any problems, generally after fixing them.

You can implement multiple servers in several configurations. For example, a firewall caching server, database server or multiple HTTP servers could all be part of a larger solution.

8.  BigPipe 

BigPipe module in Drupal 8 reduces load time by dispatching unchanged components of a page to the browser and also the dynamic components as soon as they're prepared.

You can enable the BigPipe module for Drupal 8 and see the distinction for yourself.

[embedded content]

Performance results are like this-

1. When the BigPipe is disabled

text in white and black backgroundHere, the load time is 789ms.

2.  When the BigPipe is enabled

text in white and black backgroundNow the load time has reduced to 195ms.

Conclusion

Optimizing your Drupal-powered website can be a difficult task on its own. Consultants and IT firms can spend days or weeks even evaluating the performance-related issues and fixing them.

But the tips and tricks mentioned in the blog can be implemented right away hassle-free. 

Besides, you don’t need to implement absolutely everything on this list- implement some and analyze the difference it brings in enhancing your site speed.

Drop us a line for such assistance and our team will get back to you.

Apr 13 2020
Apr 13

While there is a difference between knowing something and knowing the name of something; the former method gives importance to knowing the name of something and the latter one ensures that a person actually knows and understands something. 

This Richard Feynman technique states that the ultimate test of your knowledge is when you can convey it to another person.

Considering this, there are many concepts of Drupal 8 based on object-oriented PHP, which we might not have nailed it earlier, so let’s get a good refresher on the same to see its implementation as well as the use cases. This blog will focus on the following elements-

  • Singleton Design Pattern
  • Factory Design Pattern
  • Mediator Design Pattern
  • PHP Introspection and Reflection 
  • Services and Dependency Injection

A quick note before we start-

Pragmatic programming is all about teaching yourself, implementing what you've learned, and sharing the knowledge. Sharing allows you to get more feedback and useful insights. So, learn more, and share more!


Design Patterns and Their Importance

Design patterns describe the communicating objects and classes that are customized to solve a problem in a particular context.

In simple words, they are patterns or templates that can be implemented to solve a problem in different particular solutions.

Why are they required? (Design Patterns’ Superpowers)

  • Design patterns speed up the development process by providing re-usable templates for developing features and describing problems that occur time and again.
  • Only, implementation is required. The templates are well tested by developers.
  • Encapsulates big ideas in a simpler way
  • Design Patterns enforces SOLID principles - SOLID is a set of object-oriented design principles aimed at making code more maintainable and flexible. 

The categorization of GoF (Gang of Four Design Patterns)

  • Creational - Patterns that are used for constructing objects in a way that they can be decoupled from their implementations.
  • Structural - Patterns used to form large structures among several different objects.
  • Behavioral - As the name suggests, the behavior of the objects, relationships, and responsibilities between different objects.

They are called GoF Design Patterns because the patterns were originally written and designed by Erich Gamma, Richard Helm, Ralph Johnson, and John Vlissides,

Getting the Basics Right

Let's start with :

  1. Singleton design pattern

It is the creational design pattern that doesn’t allow the system to create more than one instance of the class.


6 yellow boxes connected to each other

Benefits -

    1. Boosts performance by restricting the creation of multiple objects to avoid consumption of more memory  
    2. Since the class controls the process of object creation, the class has the flexibility to change how the objects are created and instantiated
    3. Ease of implementation

Let's take a look at the example which explains it's working. This example considers that you are familiar with creating a custom module and creating routing and controllers in Drupal 8-

    1. Over here, I have created a custom route with path /get-connection which makes a call to the method makeConnection of the Controller Class MakeConnection :
      code in black background
    2. Let's take a look at the method makeConnection of the Controller MakeConnection :
      code in black backgroundOver here, you can see that the method creates the instance (object) of the class GetConnection by calling its method get_instance(). Using the object, I am calling the method getConnection() 2 times and printing the output of each variable using the debugger function provided by the Kint module.
    3. code in black background
    4. In this class, you can see that inside the get_instance() method, I am creating the object of the class (GetConnection) and return the object if it is already created/instantiated.
      text in white background

      Also in my method getConnection(), I am returning the object hashcode using the built-in php function spl_object_hash(). Let's take a look at the output of this code. The result shows the same hash-codes for both method calls.
      This is how it saves the object memory consumption. Also, notice that the process of object creation is controlled by the object creating class itself.

2.  Factory design pattern (the creational pattern)

The factory method is used for creating objects instead of making direct constructor calls. The factory pattern just separates the process of "object creation" from the "business logic" by creating a "factory class" whose sole responsibility is to create "objects".

Extended classes can override this method to change the class of objects that will be created.

5 boxes interconnected

This is a pretty simple example of understanding factory patterns, where multiple objects creation is involved based upon some business logic.

Let's look at the example to understand this in a better way.

    1. Look at the routing YAML which initiates the object creation based upon some logic :

      code in black backgroundOver here, I have created a route with path /get-content/{role} that accepts a user role as the argument and calls the method getContent() of controller class GetContent.

    2. In the GetContent class, I have created an object of class ContentFactory using the constructor method. The class contains a method getContent() with a default value of role as null.
      code in black background
      Next, I have called the method of the class ContentFactory at line no. 22 and have passed the role that was being added to the URL as the argument.
      In the end, I have called the method getUserNameWithRole() for that specific role and returned the result in the same method.
    3. Factory class :

      code in black background
      Over here, the factory class contains the process of object creation based upon the role passed in the URL. This creates the user object of the class UserRoleAuthenticated and UserRoleOther, using which I am calling the method ( getUserNameWithRole() ) of the class UserRoleAuthenticated and UserRoleOther .

    4. Let's take a look at the business logic in the method getUserNameWithRole().

code in black background


This method contains the business logic for user role creation and returning the user-created with its role and user name.

This is how the separation of logic and object creation works in factory patterns.

Note: The ideal factory pattern will include the dynamic object creation logic. To keep it simple here, I have hardcoded the user role in if condition to create an object of a specific class.

3.  Mediator design pattern

The mediator is a behavioral design pattern that is used to reduce the dependency between the components and act as a mediator between them by handling the communication between them.


6 boxes interconnected

One of the best examples in Drupal 8 for the Mediator design pattern is events. It allows several components to interact with each other using a mediator object.

As the class diagram shows, the Mediator has the responsibility to carry out the communication between the classes and the objects.

Using the example mentioned in https://www.drupal.org/docs/8/creating-custom-modules/subscribe-to-and-dispatch-events, I created a simple implementation in Drupal which subscribes to a specific event and fires an action based upon the event triggered.

Based upon the event-triggered ConfigEvents::Save, I am displaying the message with the name of the configuration saved and action performed on it as follows-

dialog box in green backgroundYou can refer to the example in the link above to learn how to create Events in Drupal and create one for your own.

4.  Introspection and Reflection

Introspection in a programming language can be defined as a process through which developers can manipulate objects and classes. 

It is useful when the execution of classes or methods is unknown at design time.

In PHP, it provides the ability to examine classes, interfaces, properties, and methods. PHP offers a large number of functions that you can use to accomplish the task.

PHP Introspection Functions:

    1. get_class(): Method used to get the class name of the object
    2. class_exists(): Checks whether a class has been defined or not
    3. is_subclass_of(): Method used to check if an object is a subclass of the parent class passed as a parameter
    4. get_parent_class() : Method that returns the class name of an object’s parent class


PHP supports reflection through its Reflection API class. It provides a large number of classes and methods that can be used to achieve reflection tasks.


    1. The perfect example of PHP Introspection and Reflection is the Devel Module in Drupal.
    2. The purpose of the Devel module is to break down and display the element information that includes its class name, where it is coming from, and methods information.
    3. Similarly, the Kint module that comes with Devel installation displays what methods are included in a specific class along with their documentation and method / variable visibility.
    4. Take a look at the example snippet below which uses the Reflection Class and methods to display the object information :

code in black background

 You can learn more on the same from here-

[embedded content]

5. Services and Dependency injection

Drupal 8 introduces the concept of services and dependency injection that can be used to write reusable functions and keep them at a single place in a way that these are pluggable and replaceable as well.

Services and dependency injections are the best way to make reusable and pluggable components
They are design patterns in itself which can be categorized under the Creational Pattern, and where the object creation has a specific pattern based upon some business logic.


They are ready to use code blocks that pull in the required code functionality and can be used to avoid writing the same piece of code multiple times.

You can learn more about services and dependency injections here.

Wrapping up-

This brings us to the end of our discussion about "Revisiting the PHP programming concepts in Drupal 8". However, there are so many other important PHP concepts as well which should be revisited time and again to ensure easy implementation, whenever required. 

Never stop learning!

Mar 20 2020
Mar 20

On June 24, 2020 Drupal.org announced that Drupal 7’s end of life has been extended until November 2022 because of the impact of COVID-19 on budgets and capacity. This article still remains relevant– but please note that the dates have been pushed back a year

If you have a Drupal 7 website, you might have already heard that the official end-of-life date for Drupal 7 has been officially set for November 2021. Many organizations should upgrade their Drupal 7 sites before then. But that might not be required. Here’s how you figure out what you need to do.

“What does Drupal 7 End-of-Life mean?”

First let’s talk about what EOL means for Drupal. The main thing is security updates. 

Drupal has a highly regarded security team who manage security for both core Drupal and thousands of public modules, themes and distributions that add additional features. When a security problem is found with Drupal core, the team fixes the problem and publishes advisories that explain vulnerabilities, along with steps to mitigate them. All of this is contributed publicly and freely, just like you would expect from open source software. 

The security team supports versions of Drupal until they reach their end-of-life. 

But after the EOL, the baton is passed along to an Extended Security Support team. This team is composed of pre-vetted Drupal agencies, and they are commercially funded by those clients who want to pay for the extended security support. They are mandated to publicly release fixes for most of the security vulnerabilities that they find. 

“Hold on — What level of security support do I need?”

Before we talk about what you should do about D7 EOL, you first need to think about how important security is for your website.

  • Are there people who are actively trying to attack your website (maybe because of your strong stance on a particular issue)?
  • Does your website process commercial transactions? (Most non-profit websites these days use third-party websites to process donations and event registrations.)
  • Does your website collect a lot of personally identifiable information (PII)? This relates back to the first point: if there’s lots of valuable PII, an attacker will be more interested in trying to steal it. 

If you answered “yes” to any of these questions, then security is of extra importance for you. 

“I won’t have the budget for a big website rebuild before November 2021”

It’s going to be okay, we’ve got a few options for you. You’ll fall into one of the following categories:

1. “Security is really important for our website, we need Extended Security Support”

Regardless of whether you are an existing client, or someone we’ve never worked with before, please reach out to us and let us know if we can help.

2. “Security is just as important to our website as it is for every other website, but not in an extra special way”

If your website does not have a reason for someone to actively try to attack it, then you only need to be guarded from publicly known security vulnerabilities. That way, you’re protected against the automated attacks that hit every website. Typically those kinds of automated attacks are either trying to use your web servers to mine bitcoin, or lock up your website and demand a ransom. 

When Drupal 6 reached end-of-life in 2016 we continued to support our Drupal 6 clients using the publicly released updates from the Extended Security Support team. Our last Drupal 6 client just got a new website a few months ago! 

We’ll do the same when Drupal 7 reaches end-of-life. When a Drupal 7 update is released, we’ll update your website, just like we already do for all of our Drupal and WordPress support and maintenance clients.

3. “Help, I have no idea what I need!”

No problem. We can help here too. Just let us know. 

 

Conclusion

Regardless of where you’re at — or where you’re going next — we’re here to help. Drop us a line.

Dec 06 2019
Dec 06

You may have read our previous articles about how to plan for Drupal 6 or Drupal 7 End-of-Life. The important thing to know is that the Drupal 8 End-of-Life is nothing like those. In fact, “End of Life” is completely the wrong idea. Instead, it’s more like one of those spa treatments where you get a full body scrub to get rid of the dead skin cells. You walk out feeling rejuvenated and refreshed. 

Drupal 9 — Same as Drupal 8, But Without The Old Stuff

Drupal release timeline

In each new minor version of Drupal 8 there are some new features, and some old code is marked as “deprecated” (that just means that it’s time to stop using this, because it’s going to go away some day). After nine minor versions over almost five years, there’s now an accumulation of deprecated code. This deprecated code is like those dead skin cells that you go to the spa to get rid of.  So Drupal 9.0 will be the same as Drupal 8.9, just without the deprecated code. The two might even be released at the same time. 

Then, in Drupal 9.1, we see the cycle starting again: some new features, and some old code is marked as deprecated.

Don’t Rely on Deprecated Code

In the graphic above, you’ll notice that 8.9 does not have any more deprecated code than 8.8. That means that once a website is upgraded to 8.8, we can then start the process of ensuring that the site isn’t using any deprecated code. 

If you are an Advomatic client, we’ll create a ticket in your queue to clean out all uses of deprecated code. In fact, if you’ve done a project with us recently, we’ve already started doing this as part of the Q/A process in our two-week sprints. 

A Window of Almost Two Years for This Cleanup

Drupal timeline by quarters

This is the timeline for the next several versions of Drupal.  We’ve got about 2 years to make this change — more than enough time. 

Alternating Minor Versions

We handle all the technical stuff for you. But the purpose of the website is not for us to have a technical toy to play with, it’s to advance the mission of your non-profit. So we want to devote most of our time and effort towards your web strategy. While we could upgrade your website to the newest version every six months, it’s not the best use of your money or time. So we alternate versions. That means that your Drupal 8 website is either always on an even minor version, or an odd minor version. 

We’ll likely continue that pattern as we cross the threshold into Drupal 9. That means that this process could be delayed by 6 months from what you see here.

Flipping the Switch

Once we’ve cleaned up all the deprecated code, then we’re ready to upgrade the site to Drupal 9.  Remember: this is nothing like past major upgrades in Drupal. Instead it’s just like the minor upgrades from Drupal 8.6 → 8.7 → 8.8 etc.

Conclusion

The key takeaway is that this whole process should be almost seamless. We’ll create a few tickets in the queue to prep for the upgrade, and then for the upgrade itself.  But the majority of our time will still be spent on advancing your mission. Over the years to come the website content and its presentation will be able to continually evolve, all without a costly major upgrade. 

Thanks to Amanda Luker for the charts!

Apr 23 2018
Apr 23

Two weeks ago, the Advomatic team divided up and went to both Drupalcon in Nashville and the Nonprofit Tech Conference in New Orleans – they happened at the same time this year. (A few of us went to both!)

The short story is: We had a great time and met a lot of people and hung out with our clients and got inspired and learned a lot and you should go to one of them next year too.

But, if you want a bit more detail, we took a minute to write down our Big Takeaways and linked to the slides and notes from a few of our fave conference sessions:

Becoming a Digital Pacesetter in Banking, Seeking a Proven IT Architecture. Huntington National Banks acquisition of FirstMerit combined nearly 1,000 branches and 2,000 ATMs across eight Midwest states. At the same time, Huntington was looking 200-125 exam dumps to use digital innovation to improve customer and employee experiences and rapidly roll out new branch offices without significantly raising costs. This marriage of business and technology offered a much-needed opportunity to step back and review overarching 300-075 exam IT strategy.The most pressing problems included: First, Disparate legacy infrastructure created inconsistent performance experiences for branch colleagues. Mainstream services like guest Wi-Fi access and bring-your-owndevice needed to be deployed. Second, the IT team was spending too much time on things like firefighting circuit failures and applying security patches. Last,The banks IT team needed to spend less time on short-term fixes and more time finding innovative solutions for the business. They had to more quickly and seamlessly integrate new people, processes, and technologies. Also, it was important for the company CISSP Lab material to raise customer services levels while lowering costs. It all came back to the same point, recalls Patrick Drew, the banks assistant VP of network infrastructure. We needed a proven IT architecture to turn the business into a digital pacesetter, so we could fast-track customer 200-125 exam dumps experience improvements and make our staff and business processes more efficient. Achieving Business Outcomes,Faster 300-075 exam Keen to protect 200-125 exam dumps existing investment, Huntington engaged Cisco? Services to help define 300-075 exam and then accelerate its IT transformation. We compared increasing circuit capacity and refreshing hardware with a CISSP Lab material new CISSP Lab material software-defined model, says Drew. The latter, based on Cisco CISSP Lab material Intelligent WAN with the opportunity to deploy Application Policy Infrastructure Controller Enterprise Module software, 200-125 exam dumps won hands down.Cisco’s office in Sao Paulo, Brazil, 300-075 exam has created an innovative work environment that leverages cisco technology and real estate solutions to achieve business and financial goals. The increased staff and business needs the network to provide better service.Cisco’s development team and cisco’s IT maintenance team are once 300-075 exam again working together, this time focusing on cisco’s NAM network CISSP Lab material analysis module. Cisco’s Sao Paulo office has grown rapidly — from less than 20 in 1997 to 132 today.However, there is no land available CISSP Lab material near the office.It is clear that the traditional office environment has failed to meet 300-075 exam the flexibility requirements 200-125 exam dumps of the rapidly developing office in Sao Paulo.It needs to adopt new office solutions based on advanced technology to improve flexibility and mobility.In order to improve the office environment of cisco’s Sao Paulo office on a 200-125 exam dumps large scale, cisco has adopted a variety of technical 200-125 exam dumps solutions.At first, each of the office’s employees was given a mobile phone and a high-speed Internet connection to their home computers.This allows them to do their work at home freely and easily through remote access.With cisco’s secure VPN client CISSP Lab material software installed on their laptops, they can access enterprise applications as quickly and safely as they would in an office. The actual layout of the office has also been adjusted.First, the area of the compartment was reduced, and the height of the partition between the compartments was decreased.This has transformed the office from a separate 300-075 exam workspace into a collaborative environment where everyone can always know where the team members are.This new design promotes collaboration between teams.

Hierarchical integrated defense: cisco SAFE that successful security solution should CISSP Lab material adopt integrated protection on the network infrastructure, and not only consider some special safety equipment.As a result, cisco has integrated security capabilities into its various network products to ensure that the entire network CISSP Lab material is fully integrated and three-dimensional.Guangdong development bank has implemented such a three-dimensional integrated security defense.Take the guangdong development bank’s outreach network system, for example, which USES three CISSP Lab material layers of integrated security protection, including 200-125 exam dumps routers, firewalls and switches.1, the first layer security protection provided by the router to achieve router in Internet/extranet wan connection of public information network, such as DNS server with guangdong development bank, the WWW server 300-075 exam and E-mail servers located in external PIX firewall, with these servers CISSP Lab material as part of the opening to the outside world, the ministry of internal and external users to provide the corresponding services, its itself also become a part CISSP Lab material of the public information network.These servers in order to 200-125 exam dumps provide effective security, prevent the outside of the user to the illegal operation of the server, the server, delete, modify, or the content, should be carried out to external access can strictly control.With the firewall function of Cisco router, the operation of external users on the servers can be restricted to prevent the servers from being damaged from the outside.2. The second layer of 300-075 exam security protection is CISSP Lab material protected by PIX firewall, which completely separates the internal network of enterprises from the external network. PIX is the only outlet for the internal network subsystems.By using PIX firewall to isolate the internal and external network, the security of the internal network 300-075 exam is further guaranteed.PIX provides a complete record of all access, including illegal intrusion attempts.PIX realized from the network layer 300-075 exam to application layer security protection, can be CISSP Lab material based on packet source address, destination address, TCP port Numbers 200-125 exam dumps 300-075 exam and 300-075 exam packet length on the communication control, as a move method to access is prohibited.3, the third layer security protection provided by the LAN switches Catalyst 6500 core switches deployed IDS and firewall module, CISSP Lab material monitoring the safety of the complex intranets effectively, is the third barrier against external attacks to prevent, is a good method to prevent internal attacks.Another 300-075 exam Catalyst series switches have MAC address filtering function, therefore can be defined according to the need to switch each port, only allow specific MAC address of the workstation through the specific port access, port to communicate CISSP Lab material with the 300-075 exam connection PIX.Due to the uniqueness of the MAC address and not configured, this kind of control, in fact, from hardware to control a specific machine, compared with the IP 200-125 exam dumps address filtering, this protection has 200-125 exam dumps 200-125 exam dumps higher security.Through the above three layers of security protection, guangdong development bank network system to realize the reliable from link 200-125 exam dumps layer to application layer security control, have the effect to prevent illegal access 200-125 exam dumps external, 300-075 exam has the very high security.Reading this wasn’t the first time Ive paused to consider whether my hearts and my people’s infatuation with autumn is not a worldly indulgence. The promise of the Kingdom is fullness of life, not pretty death. Halloween just means the night before the Saints and all 200-125 exam dumps the gruesomeness on display represents the demons coming out one last night before the Saints arrive and drive them all away. A Christian may secretly treasure the festival for that reason, but how can she join in when her place is not with the demons and decay, but with the Saints and salvation? Whence this covert delight in the seasons celebration of fear and death?

Apr 20 2018
Apr 20

Becoming a Digital Pacesetter in Banking, Seeking a Proven IT Architecture. Huntington National Banks acquisition of FirstMerit combined nearly 1,000 branches and 2,000 ATMs across eight Midwest states. At the same time, Huntington was looking 200-125 exam dumps to use digital innovation to improve customer and employee experiences and rapidly roll out new branch offices without significantly raising costs. This marriage of business and technology offered a much-needed opportunity to step back and review overarching 300-075 exam IT strategy.The most pressing problems included: First, Disparate legacy infrastructure created inconsistent performance experiences for branch colleagues. Mainstream services like guest Wi-Fi access and bring-your-owndevice needed to be deployed. Second, the IT team was spending too much time on things like firefighting circuit failures and applying security patches. Last,The banks IT team needed to spend less time on short-term fixes and more time finding innovative solutions for the business. They had to more quickly and seamlessly integrate new people, processes, and technologies. Also, it was important for the company CISSP Lab material to raise customer services levels while lowering costs. It all came back to the same point, recalls Patrick Drew, the banks assistant VP of network infrastructure. We needed a proven IT architecture to turn the business into a digital pacesetter, so we could fast-track customer 200-125 exam dumps experience improvements and make our staff and business processes more efficient. Achieving Business Outcomes,Faster 300-075 exam Keen to protect 200-125 exam dumps existing investment, Huntington engaged Cisco? Services to help define 300-075 exam and then accelerate its IT transformation. We compared increasing circuit capacity and refreshing hardware with a CISSP Lab material new CISSP Lab material software-defined model, says Drew. The latter, based on Cisco CISSP Lab material Intelligent WAN with the opportunity to deploy Application Policy Infrastructure Controller Enterprise Module software, 200-125 exam dumps won hands down.Cisco’s office in Sao Paulo, Brazil, 300-075 exam has created an innovative work environment that leverages cisco technology and real estate solutions to achieve business and financial goals. The increased staff and business needs the network to provide better service.Cisco’s development team and cisco’s IT maintenance team are once 300-075 exam again working together, this time focusing on cisco’s NAM network CISSP Lab material analysis module. Cisco’s Sao Paulo office has grown rapidly — from less than 20 in 1997 to 132 today.However, there is no land available CISSP Lab material near the office.It is clear that the traditional office environment has failed to meet 300-075 exam the flexibility requirements 200-125 exam dumps of the rapidly developing office in Sao Paulo.It needs to adopt new office solutions based on advanced technology to improve flexibility and mobility.In order to improve the office environment of cisco’s Sao Paulo office on a 200-125 exam dumps large scale, cisco has adopted a variety of technical 200-125 exam dumps solutions.At first, each of the office’s employees was given a mobile phone and a high-speed Internet connection to their home computers.This allows them to do their work at home freely and easily through remote access.With cisco’s secure VPN client CISSP Lab material software installed on their laptops, they can access enterprise applications as quickly and safely as they would in an office. The actual layout of the office has also been adjusted.First, the area of the compartment was reduced, and the height of the partition between the compartments was decreased.This has transformed the office from a separate 300-075 exam workspace into a collaborative environment where everyone can always know where the team members are.This new design promotes collaboration between teams.

Hierarchical integrated defense: cisco SAFE that successful security solution should CISSP Lab material adopt integrated protection on the network infrastructure, and not only consider some special safety equipment.As a result, cisco has integrated security capabilities into its various network products to ensure that the entire network CISSP Lab material is fully integrated and three-dimensional.Guangdong development bank has implemented such a three-dimensional integrated security defense.Take the guangdong development bank’s outreach network system, for example, which USES three CISSP Lab material layers of integrated security protection, including 200-125 exam dumps routers, firewalls and switches.1, the first layer security protection provided by the router to achieve router in Internet/extranet wan connection of public information network, such as DNS server with guangdong development bank, the WWW server 300-075 exam and E-mail servers located in external PIX firewall, with these servers CISSP Lab material as part of the opening to the outside world, the ministry of internal and external users to provide the corresponding services, its itself also become a part CISSP Lab material of the public information network.These servers in order to 200-125 exam dumps provide effective security, prevent the outside of the user to the illegal operation of the server, the server, delete, modify, or the content, should be carried out to external access can strictly control.With the firewall function of Cisco router, the operation of external users on the servers can be restricted to prevent the servers from being damaged from the outside.2. The second layer of 300-075 exam security protection is CISSP Lab material protected by PIX firewall, which completely separates the internal network of enterprises from the external network. PIX is the only outlet for the internal network subsystems.By using PIX firewall to isolate the internal and external network, the security of the internal network 300-075 exam is further guaranteed.PIX provides a complete record of all access, including illegal intrusion attempts.PIX realized from the network layer 300-075 exam to application layer security protection, can be CISSP Lab material based on packet source address, destination address, TCP port Numbers 200-125 exam dumps 300-075 exam and 300-075 exam packet length on the communication control, as a move method to access is prohibited.3, the third layer security protection provided by the LAN switches Catalyst 6500 core switches deployed IDS and firewall module, CISSP Lab material monitoring the safety of the complex intranets effectively, is the third barrier against external attacks to prevent, is a good method to prevent internal attacks.Another 300-075 exam Catalyst series switches have MAC address filtering function, therefore can be defined according to the need to switch each port, only allow specific MAC address of the workstation through the specific port access, port to communicate CISSP Lab material with the 300-075 exam connection PIX.Due to the uniqueness of the MAC address and not configured, this kind of control, in fact, from hardware to control a specific machine, compared with the IP 200-125 exam dumps address filtering, this protection has 200-125 exam dumps 200-125 exam dumps higher security.Through the above three layers of security protection, guangdong development bank network system to realize the reliable from link 200-125 exam dumps layer to application layer security control, have the effect to prevent illegal access 200-125 exam dumps external, 300-075 exam has the very high security.Reading this wasn’t the first time Ive paused to consider whether my hearts and my people’s infatuation with autumn is not a worldly indulgence. The promise of the Kingdom is fullness of life, not pretty death. Halloween just means the night before the Saints and all 200-125 exam dumps the gruesomeness on display represents the demons coming out one last night before the Saints arrive and drive them all away. A Christian may secretly treasure the festival for that reason, but how can she join in when her place is not with the demons and decay, but with the Saints and salvation? Whence this covert delight in the seasons celebration of fear and death?

Apr 20 2018
Apr 20

I went to DrupalCon this year with the goal of doing things a bit differently this time. I’m a bit of an introvert with people at first, but I’ve been told I don’t come off that way. So, I decided to leverage that and just push myself through things that, in years past, I would have avoided: namely, constant interactions with total strangers. This is my seventh DrupalCon and thirteenth year in the Drupal space, so I felt it was time to dip into the community a bit more and challenge myself.

I started by hosting a “Birds of a Feather” meet-up on web accessibility in the Drupal and nonprofit world. I was nervous, but it ended up being a very casual and fruitful discussion about successes and difficulties in getting organization buy-in on accessibility improvements.

On the social front,  I started my week out by attending the Drupal Diversity & Inclusion game night with a couple of my co-workers. It turned out to be a great time, where I met some really friendly people.

I even took part in the code sprint on the last day. Admittedly, it was a bit frustrating to find something to dive into due to many the long issue histories I had to read through, and I didn’t get much done. However, I can now say I’m the proud owner of credit for a core commit!

Some other wins for the week included:

  • Having conversations with people in the community and other dev shops that I’ve admired from afar
  • Mentoring a student sent to the conference on a sponsorship and helped get his portfolio Drupalized
  • Attending more sessions that spoke to specific challenges around self-care and being a remote worker and fewer sessions about bright shiny new technical “toys” that will probably not be useful in real-world, day to day operations

All in all, this year felt rejuvenating and full of personal successes. I’m really glad I pushed myself to be more outward and open to aspects of the conference that I’ve previously skated around.

Becoming a Digital Pacesetter in Banking, Seeking a Proven IT Architecture. Huntington National Banks acquisition of FirstMerit combined nearly 1,000 branches and 2,000 ATMs across eight Midwest states. At the same time, Huntington was looking 200-125 exam dumps to use digital innovation to improve customer and employee experiences and rapidly roll out new branch offices without significantly raising costs. This marriage of business and technology offered a much-needed opportunity to step back and review overarching 300-075 exam IT strategy.The most pressing problems included: First, Disparate legacy infrastructure created inconsistent performance experiences for branch colleagues. Mainstream services like guest Wi-Fi access and bring-your-owndevice needed to be deployed. Second, the IT team was spending too much time on things like firefighting circuit failures and applying security patches. Last,The banks IT team needed to spend less time on short-term fixes and more time finding innovative solutions for the business. They had to more quickly and seamlessly integrate new people, processes, and technologies. Also, it was important for the company CISSP Lab material to raise customer services levels while lowering costs. It all came back to the same point, recalls Patrick Drew, the banks assistant VP of network infrastructure. We needed a proven IT architecture to turn the business into a digital pacesetter, so we could fast-track customer 200-125 exam dumps experience improvements and make our staff and business processes more efficient. Achieving Business Outcomes,Faster 300-075 exam Keen to protect 200-125 exam dumps existing investment, Huntington engaged Cisco? Services to help define 300-075 exam and then accelerate its IT transformation. We compared increasing circuit capacity and refreshing hardware with a CISSP Lab material new CISSP Lab material software-defined model, says Drew. The latter, based on Cisco CISSP Lab material Intelligent WAN with the opportunity to deploy Application Policy Infrastructure Controller Enterprise Module software, 200-125 exam dumps won hands down.Cisco’s office in Sao Paulo, Brazil, 300-075 exam has created an innovative work environment that leverages cisco technology and real estate solutions to achieve business and financial goals. The increased staff and business needs the network to provide better service.Cisco’s development team and cisco’s IT maintenance team are once 300-075 exam again working together, this time focusing on cisco’s NAM network CISSP Lab material analysis module. Cisco’s Sao Paulo office has grown rapidly — from less than 20 in 1997 to 132 today.However, there is no land available CISSP Lab material near the office.It is clear that the traditional office environment has failed to meet 300-075 exam the flexibility requirements 200-125 exam dumps of the rapidly developing office in Sao Paulo.It needs to adopt new office solutions based on advanced technology to improve flexibility and mobility.In order to improve the office environment of cisco’s Sao Paulo office on a 200-125 exam dumps large scale, cisco has adopted a variety of technical 200-125 exam dumps solutions.At first, each of the office’s employees was given a mobile phone and a high-speed Internet connection to their home computers.This allows them to do their work at home freely and easily through remote access.With cisco’s secure VPN client CISSP Lab material software installed on their laptops, they can access enterprise applications as quickly and safely as they would in an office. The actual layout of the office has also been adjusted.First, the area of the compartment was reduced, and the height of the partition between the compartments was decreased.This has transformed the office from a separate 300-075 exam workspace into a collaborative environment where everyone can always know where the team members are.This new design promotes collaboration between teams.

Hierarchical integrated defense: cisco SAFE that successful security solution should CISSP Lab material adopt integrated protection on the network infrastructure, and not only consider some special safety equipment.As a result, cisco has integrated security capabilities into its various network products to ensure that the entire network CISSP Lab material is fully integrated and three-dimensional.Guangdong development bank has implemented such a three-dimensional integrated security defense.Take the guangdong development bank’s outreach network system, for example, which USES three CISSP Lab material layers of integrated security protection, including 200-125 exam dumps routers, firewalls and switches.1, the first layer security protection provided by the router to achieve router in Internet/extranet wan connection of public information network, such as DNS server with guangdong development bank, the WWW server 300-075 exam and E-mail servers located in external PIX firewall, with these servers CISSP Lab material as part of the opening to the outside world, the ministry of internal and external users to provide the corresponding services, its itself also become a part CISSP Lab material of the public information network.These servers in order to 200-125 exam dumps provide effective security, prevent the outside of the user to the illegal operation of the server, the server, delete, modify, or the content, should be carried out to external access can strictly control.With the firewall function of Cisco router, the operation of external users on the servers can be restricted to prevent the servers from being damaged from the outside.2. The second layer of 300-075 exam security protection is CISSP Lab material protected by PIX firewall, which completely separates the internal network of enterprises from the external network. PIX is the only outlet for the internal network subsystems.By using PIX firewall to isolate the internal and external network, the security of the internal network 300-075 exam is further guaranteed.PIX provides a complete record of all access, including illegal intrusion attempts.PIX realized from the network layer 300-075 exam to application layer security protection, can be CISSP Lab material based on packet source address, destination address, TCP port Numbers 200-125 exam dumps 300-075 exam and 300-075 exam packet length on the communication control, as a move method to access is prohibited.3, the third layer security protection provided by the LAN switches Catalyst 6500 core switches deployed IDS and firewall module, CISSP Lab material monitoring the safety of the complex intranets effectively, is the third barrier against external attacks to prevent, is a good method to prevent internal attacks.Another 300-075 exam Catalyst series switches have MAC address filtering function, therefore can be defined according to the need to switch each port, only allow specific MAC address of the workstation through the specific port access, port to communicate CISSP Lab material with the 300-075 exam connection PIX.Due to the uniqueness of the MAC address and not configured, this kind of control, in fact, from hardware to control a specific machine, compared with the IP 200-125 exam dumps address filtering, this protection has 200-125 exam dumps 200-125 exam dumps higher security.Through the above three layers of security protection, guangdong development bank network system to realize the reliable from link 200-125 exam dumps layer to application layer security control, have the effect to prevent illegal access 200-125 exam dumps external, 300-075 exam has the very high security.Reading this wasn’t the first time Ive paused to consider whether my hearts and my people’s infatuation with autumn is not a worldly indulgence. The promise of the Kingdom is fullness of life, not pretty death. Halloween just means the night before the Saints and all 200-125 exam dumps the gruesomeness on display represents the demons coming out one last night before the Saints arrive and drive them all away. A Christian may secretly treasure the festival for that reason, but how can she join in when her place is not with the demons and decay, but with the Saints and salvation? Whence this covert delight in the seasons celebration of fear and death?

Jan 18 2018
Jan 18

One of the things we do on an annual basis for our clients at Advomatic is an annual site audit – a high level kick-the-tires kind of site inspection. For Drupal sites, we check the logs for any glaring errors, check for overrides in Features, run some SEO and accessibility testing, and, of course, take it for a speed test.

If you run speed tests (like Google’s Page Speed Insights), you have probably seen a common, vexing error: “Render-blocking javascript and CSS.” What’s that?

Optimize Images, Eliminate render-blocking Javascript and CSS in above-the-fold content. Your page has 4 blocking script resources and 6 blocking CSS resources. This causes a delay in rendering your page. None of the above-the-fold content on your page could be rendered without waiting for the following resources to load. Try to defer or asynchronously load blocking resources, or inline the critical portions of these resources directly in the HTML.

Pagespeed Insight’s error message for render blocking assets.

Large CSS/JS assets can block rendering “above-the-fold” content. Modern browsers tend to allow concurrent downloading of 6 to 8 files at any given time (a few offer more, now). So developers aggregate and compress CSS and JS files so we have less to load, but that also means front-loading large — though compressed — styles and javascript files. This is a recipe for a log jam.

Here’s how to beat this speed bump. Using the methods described below, I’ve seen Pagespeed Insight scores on Drupal sites increase by 30% or more.

Javascript

For javascript, the solution is fairly easy: ensure the files are in the footer. In Drupal 8, this is already the standard, unless you have added some elsewhere. For your javascript to load in the header, you actually have to set: header: true in your theme’s library.yml file. (Also, be sure you are not loading any javascript that is not needed on the page.) In Drupal 7, you will need to move the files, perhaps using Advanced CSS/JS Aggregation or manually.

If there is specific JS that needs to be there as the page loads, you may want to defer it instead. Again, AdvAgg can help you do that, or you can defer it manually.

CSS

While moving files to the footer technically works for CSS as well, it introduces a new problem: the dreaded FOUC, or “flash of unstyled content.” Put plainly, the content is loading before the styles, so users – especially on slower connections – will see a very ugly site until the page is completely done loading. While not the end of the world, it makes for an unpleasant user experience.

What we do to counter FOUC is load a “Critical CSS” file first. Critical CSS is, as it sounds, any CSS that is crucial to making above-the-fold content appear close to the final product. Think layout, position, readability, sizing – particularly in the header … anything that will smooth a transition to the full CSS loading. These styles will be put in their own file (as straight CSS) and loaded inline, in the page’s .

Place this in your html.html.twig file, in the :

When you view your site, those styles will now load directly .

Now, sifting through your CSS to figure out what is critical is a challenge in and of itself. I’ve tried using automated grunt/gulp tasks (critical, grunt-critical, grunt-criticalcss), that will take “snapshots” of styles that have been called for above-the-fold content only on a specific page, but those tools have their limitations. (For instance, you may build your critical CSS file from a snapshot of a wide view of your page, but then it may miss styles needed for a mobile version of the page. Or there are just too many variations page-to-page with a site with dynamic content.) It’s possible some of these projects have improved since I last checked, so it still may be worth looking into.

If you have (wisely) built your styles using discrete files for base, regions, components, etc, you *could* do a compile just of the your base, layout, header, and header component styles and that would put you in a good position to start building your critical CSS file. You could use a tool like Sassmeister to compile outside your normal workflow.

If you haven’t (or you have inherited a site will less precision), you may just end up taking that final, compiled CSS file, un-compressing it, and doing your best to grab styles for the header and top part of the body (taking special care for the homepage.) Like I said, it’s an imprecise science.

Once the critical CSS is in place, you can try moving the rest of the CSS in the footer. In Drupal 8, this means moving this line in html.html.twig:

Move it down to before the closing   tag.

In most cases, fine tuning what should be in the Critical CSS file takes a little trial and error.

Like with any style changes, make sure you review in a variety of browsers, devices and widths. Also, be sure to try throttling your page speed, under the Google Chrome web inspector’s Network tab. This allows you to simulate a slower network. 

Network tab of Chrome's web inspector

Network tab of Chrome’s web inspector

Note that you will need to maintain this new file. Any time you make changes to things included in the Critical CSS file, you will need to manually adjust it. 

A final word of caution: you may very well be shifting around some structural stuff, and regressions can happen, especially at that level. Testing is very important – by you, and by the client, particularly on inherited sites. In a dream world, we’d have ubiquitous and comprehensive visual regression testing tools to catch anything that might have changed in the underlying load order of styles – but that level of safety netting is rare!

With all this in mind, you can plan for a critical CSS file for the next project that requires stellar performance: start out with all the javascript in the footer, prepare your CSS in compartmentalized Sass files that can be funneled to a critical CSS file, run speed tests throughout the project to see where problems are introduced, and, since you won’t want to maintain it during development, hold off until near-launch to generate your inline critical CSS file. 

Jul 06 2017
Jul 06

The problem

If you are using Drupal’s Configuration Management subsystem to deploy configuration out to the production environment, you’ll run into a problem where the configuration .yml files contain your development settings.  To avoid this you’ll need to use the Configuration Split module

I couldn’t find any good documentation for this, so I had to figure it out by trial and error.  Here’s the results of my investigations.

Development-only modules

In the simplest scenario, we want to enable a few extra modules on development environments (Devel, Kint, Stage File Proxy, Views UI, etc.), but not have these modules enabled on production.  For this we’ll need to create a new Configuration Split Setting for the development environments.

But first:

  1. Ensure that you have no config overrides.
  2. Enable Configuration Split module in a local environment.
  3. Export config, commit and deploy to the live environment as you usually would.
  4. Enable and configure all your development modules in the local environment.

Create a Configuration Split

Navigate to:

Administration » Configuration » Development » Synchronize » Configuration Split Setting » Add configuration split setting

Creating a new split configuration.

There’s a few things that will help you keep your sanity, but aren’t covered in the help text:

  • Keep the Machine name the same as the Folder.
  • The Folder is relative to the Drupal root (it does say this in the help text, I just skimmed right past it the first time).
  • Active should be checked (more on this later).

And add your development modules to the Blacklist.  Stuff listed here will be ignored from the main configuration.  No need to also select their configuration, you only need to select the modules.  Disregard the Greylist (More on this later).

Export your configuration

From this point on, you will never have drush cex again.  For the first time that you export your configuration, use this:

# Create the directory.
mkdir sites/default/config_dev
# Export the development configuration
drush csex config_dev
# Export the main configuration
drush csex

Greylists

As mentioned in the help text, this isn’t a great name, but it’s basically used for configuration that should have different values in different environments.  E.g. Payment processing configuration, Stage File Proxy URLs, Solr URLs, etc..

I’m not a fan of using Config Split for this.  I prefer to keep all this in settings.php.  Then it’s all in one place, you can easily see all the variations between environments, and if you need to make a change you’ll be less likely to forget something.

At the top of settings.php you’ll need some logic to determine which environment you’re in.  We almost exclusively use Pantheon, so we’ve got the following:

// The environment the current site is running on.
// Possible values: local, dev, test, live.
// Configuration further in this file sets different settings for different
// environments.
if (defined('PANTHEON_ENVIRONMENT')) {
 switch (PANTHEON_ENVIRONMENT) {
    case 'kalabox':
      $config['server_environment'] = 'local';
      break;

    case 'dev':
    case 'test':
    case 'live':
      $config['server_environment'] = PANTHEON_ENVIRONMENT;
      break;

    // Multidevs.
    default:
     $config['server_environment'] = 'dev';
 }
}
else {
 $config['server_environment'] = 'local';
}

Pantheon only supports sites/default/settings.php.  But if you are hosted elsewhere, then another method is to use different sites directories for different environments.   

Enabling the split configuration in development environments, but not production

Remember that active checkbox from above?  That’s what defines whether the configuration split is enabled or not.  The trick is that we want to have that setting be different on different environments.  This can be done in settings.php, leveraging the code block above.

// Use development config in dev environments.
if (in_array($config['server_environment'], ['live', 'test'])) {
 $config['config_split.config_split.config_dev']['status'] = FALSE;
}
else {
 $config['config_split.config_split.config_dev']['status'] = TRUE;
}

Make sure to use the same machine name as you configured previously.

Development Workflow

Three things to note:

  1. You don’t need to use any of the following Drush commands, you can still use the UI at:
    Administration » Configuration Development » Synchronize
  2. If you prefer Drupal Console, there’s equivalent commands.
  3. At the time of this writing Pantheon uses 8.1.3.  If you have Drush >= 8.1.10 you’ll be able to use the old cex and cim commands.

Pulling a database from production to a dev environment

The first step is to get the database.  How to do that depends on your hosting and local environments.  We’re fans of Kalabox, and the command is real simple:

kbox pull

Then import configuration

# Clear caches
drush cr
# Then import the development configuration only.
drush csim config_dev
# Check for config overrides from production, and get those back into code.
drush csex

Pushing configuration from dev to production

In the dev environment

After you made some configuration changes:

# Export the configuration.  
# This will update both config and config_dev.
drush csex

In the pre-production / production environment

# Import configuration.
# This will import config; and if active in settings.php, config_dev
drush csim

Next Steps

The above should be able to handle 95% of Drupal sites.  But if you’ve got more complicated requirements, you can always add more splits.

Automate all the things

Running a set of magic commands every time you push code or move a database from one environment to another is error prone, and a bit of a time waste.  You can automate all of this using Pantheon’s Quicksilver.  On Kalabox the automation is a bit trickier (you’d need to create a custom plugin, which isn’t a well-tread path), but we have high hopes for its successor: Lando (currently in alpha). 

Dec 13 2016
Dec 13
In a recent project built in Drupal 7, I came across a bit of an uncommon scenario, by which some users needed to have access to certain features that were normally restricted to them, when viewing, editing or creating groups content (ie: whenever they are visiting a part of the site that is considered part of […]
Oct 16 2016
Oct 16
With parts one and two of the series covered, this 3rd (and final!) part will cover some other important aspects of Drupal development that I wanted to pay attention to while working on the Drupal 8 version of the viewport module. Essentially, the kind of aspects that are easy to forget (or ignore on purpose) […]
Aug 24 2016
Aug 24

The Winnipeg City’s NOW (Neighbourhoods Of Winnipeg) Portal is an initiative to create a complete neighbourhood web portal for its citizens. At the core of the project we have a set of about 47 fully linked, integrated and structured datasets of things of interests to Winnipegers. The focal point of the portal is Winnipeg’s 236 neighbourhoods, which define the main structure of the portal. The portal has six main sections: topics of interests, maps, history, census, images and economic development. The portal is meant to be used by citizens to find things of interest in their neibourhood, to learn their history, to see the images of the things of interest, to find tools to help economic development, etc.

The NOW portal is not new; Structured Dynamics was also its main technical contractor for its first release in 2013. However we just finished to help Winnipeg City’s NOW team to migrate their older NOW portal from OSF 1.x to OSF 3.x and from Drupal 6 to Drupal 7; we also trained them on the new system. Major improvements accompany this upgrade, but the user interface design is essentially the same.

The first thing I will do is to introduce each major section of the portal and I will explain the main features of each. Then I will discuss the new improvements of the portal.

Datasets

A NOW portal user won’t notice any of this, but the main feature of the portal is the data it uses. The portal manages 47 datasets (and growing) of fully structured, integrated and linked datasets of things of interests to Winnipegers. What the portal does is to manage entities. Each kind of entity (swimming pools, parks, places, images, addresses, streets, etc.) are defined with multiple properties and values. Several of the entities reference other entities in other datasets (for example, an assessment parcel from the Assessment Parcels dataset references neighbourhoods entities and property addresses entities from their respective datasets).

The fact that these datasets are fully structured and integrated means that we can leverage these characteristics to create a powerful search experience by enabling filtering of the information on any of the properties, to bias the searches depending where a keyword search match occurs, etc.

Here is the list of all the 47 datasets that currently exists in the portal:

  1. Aboriginal Service Providers
  2. Arenas
  3. Neighbourhoods of Winnipeg City
  4. Streets
  5. Economic Development Images
  6. Recreation & Leisure Images
  7. Neighbourhoods Images
  8. Volunteer Images
  9. Library Images
  10. Parks Images
  11. Census 2006
  12. Census 2001
  13. Winnipeg Internal Websites
  14. Winnipeg External Websites
  15. Heritage Buildings and Resources
  16. NOW Local Content Dataset
  17. Outdoor Swimming Pools
  18. Zoning Parcels
  19. School Divisions
  20. Property Addresses
  21. Wading Pools
  22. Electoral wards of Winnipeg City
  23. Assessment Parcels
  24. Libraries
  25. Community Centres
  26. Police Service Centers
  27. Community Gardens
  28. Leisure Centres
  29. Parks and Open Spaces
  30. Community Committee
  31. Commercial real estates
  32. Sports and Recreation Facilities
  33. Community Characterization Areas
  34. Indoor Swimming Pools
  35. Neighbourhood Clusters
  36. Fire and Paramedic Stations
  37. Bus Stops
  38. Fire and Paramedic Service Images
  39. Animal Services Images
  40. Skateboard Parks
  41. Daycare Nurseries
  42. Indoor Soccer Fields
  43. Schools
  44. Truck Routes
  45. Fire Stations
  46. Paramedic Stations
  47. Spray Parks Pads

Structured Search

The most useful feature of the portal to me is its full-text search engine. It is simple, clean and quite effective. The search engine is configured to try to give the most relevant results a NOW portal user may be searching. For example, it will positively bias some results that comes from some specific datasets, or matches that occurs in specific property values. The goal of this biasing is to improve the quality of the returned results. This is somewhat easy to do since the context of the portal is well known and we can easily boost scoring of search results since everything is fully structured.

Another major gain is that all the search results are fully templated. The search results do not simply return a title and some description for your search results. It does template all the information the system has about the matched results, but also displays the most relevant information to the users in the search results.

For example, if I search for a indoor swimming pool, in most of the cases it may be to call the front desk to get some information about the pool. This is why different key information will be displayed directly in the search results. That way, most of the users won’t even have to click on the result to get the information they were looking for directly in the search results page.

Here is an example of a search for the keywords main street. As you can notice, you are getting different kind of results. Each result is templated to get the core information about these entities. You have the possibility to focus on particular kind of entities, or to filter by their location in specific neighbourhoods.

now--search-1

Templated Search Results

Now let’s see some of the kind of entities that can be searched on the portal and how they are presented to the users.

Here is an example of an assessment parcel that is located in the St. John’s neighbourhood. The address, the value, the type and the location of the parcel on a map is displayed directly into the search results.

now--template-search-assessment-pacels

Another kind of entity that can be searched are the property addresses. These are located on a map, the value of the parcels and the building and the zoning of the address is displayed. The property is also linked to its assessment parcel entity which can be clicked to get additional information about the parcel.

now--template-search-property-address

Another interesting type of entity that can be searched are the streets. What is interesting in this case is that you get the complete outline of the street directly on a map. That way you know where it starts and where it ends and where it is located in the city.

now--template-search-street

There are more than a thousand geo-localized images of all different things in the city that can be searched. A thumbnail of the image and the location of the thing that appears on the image appears in the search results.

now--template-search-heritage-building-image

If you were searching for a nursery for your new born child, then you can quickly see the name, location on a map and the phone number of the nursery directly in the search result.

now--template-search-nurseries

There are just a few examples of the fifty different kind of entities that can appear like this in the search results.

Mapping

The mapping tool is another powerful feature of the portal. You can search like if you were using the full-text search engine (the top search box on the portal) however you will only get the results that can be geo-localized on a map. You can also simply browse entities from a dataset or you can filter entities by their properties/values. You can persist entities you find on the map and save the map for future reference.

In the example below, it shows that someone searched for a street (main street) and then he persisted it on the map. Then he search for other things like nurseries and selected the ones that are near the street he persisted, etc. That way he can visualize the different known entities in the portal on a map to better understand where things are located in the city, what exists near a certain location, within a neighbourhood, etc.

now--map

Census Analysis

Census information is vital to the good development of a city. They are necessary to understand the trends of a sector, who populates it, etc., such that the city and other organizations may properly plan their projects to have has much impact as possible.

These are some of the reason why one of the main section of the site is dedicated to census data. Key census indicators have been configured in the portal. Then users can select different kind of regions (neighbourhood clusters, community areas and electoral wards) to get the numbers for each of these indicators. Then they can select multiple of these regions to compare each other. A chart view and a table view is available for presenting the census data.

now--census

History, Images & Points of Interest

The City took the time to write the history of each of its neighbourhoods. In additional to that, they hired professional photographs to photograph the points of interests of the city, to geo-localize them and to write a description for each of these photos. Because of this dedication, users of the portal can learn a much about the city in general and the neighbourhood they live in. This is what the History and Image sections of the website are about.

now--history

Historic buildings are displayed on a map and they can be browsed from there.

now--history-heritage-buildings

Images of points of interests in the neighbourhood are also located on a map.

now--history-heritage-resources

Find Your Neighbourhood

Ever wondered in which neighbourhood you live in? No problem, go on the home page, put your address in the Find your Neighbourhood section and you will know it right away. From there you can learn more about your neighbourhood like its history, the points of interest, etc.

now--find-your-neighbourhood

Your address will be located on a map, and your neighbourhood will be outlined around it. Not only you will know in which neighbourhood you live, but you will also know where you live within it. From there you can click on the name of the neigbourhood to get to the neighbourhood’s page and start learning more about it like its history, to see photos of points of interest that exists in your neighbourhood, etc.

now--find-your-neighbourhood-result

Browsing Content by Topic

Because all the content of the portal is fully structured, it is easy to browse its content using a well defined topic structure. The city developed its own ontology that is used to help the users browse the content of the portal by browsing topics of interest. In the example below, I clicked the Economic Development node and then the Land use topic. Finally I clicked the Map button to display things that are related to land use: in this case, zoning and assessment parcels are displayed to the user.

This is another way to find meaningful and interesting content from the portal.

now--topics

Depending on the topic you choose, and the kind of information related to that topic, you may end up with different options like a map, a list of links to documents related to that topic, etc.

Export Content

Now that I made an overview of each of the main features of the portal, let’s go back to the geeky things. The first thing I said about this portal is that at its core, all information it manages is fully structured, integrated and linked data. If you get to the page of an entity, you have the possibility to see the underlying data that exists about it in the system. You simply have to click the Export tab at the top of the entity’s page. Then you will have access to the description of that entity in multiple different formats.

now--export-entity

In the future, the City should (or at least I hope will) make the whole set of datasets fully downloadable. Right now you only have access to that information via that export feature per entity. I hope because this NOW portal is fully disconnected from another initiative by the city: data.winnipeg.ca, which uses Socrata. The problem is that barely any of the datasets from NOW are available on data.winnipeg.ca, and the ones that are appearing are the raw ones (semi-structured, un-documented, un-integrated and non-linked) all the normalization work, the integration work, the linkage work done by the NOW team hasn’t been leveraged to really improve the data.winnipeg.ca datasets catalog.

New with the upgrades

Those who are familiar with the NOW portal will notice a few changes. The user interface did not change that much, but multiple little things got improved in the process. I will cover the most notable of these changes.

The major changes that happened are in the backend of the portal. The data management in OSF for Drupal 7 is incompatible with what was available in Drupal 6. The management of the entities became easier, the configuration of OSF networks became a breeze. A revisioning system has been added, the user interface is more intuitive, etc. There is no comparison possible. However, portal users’ won’t notice any of this, since these are all site administrator functions.

The first thing that users will notice is the completely new full-text search engine. The underlying search engine is almost the same, but the presentation is far better. All entity types have gotten their own special template, which are displayed in a special way in the search results. Most of the time results should be much more relevant, filtering is easier and cleaner. The search experience is much better in my view.

The overall site performance is much better since different caching strategies have been put in place in OSF 3.x and OSF for Drupal. This means that most of the features of the portal should react more swiftly.

Now every type of entity managed by the portal is templated: their webpage is templated in specific ways to optimize the information they want to convey to users along with their search result “mini page” when they get returned as the result of a search query.

Multi-linguality is now fully supported by the portal, however not everything is currently templated. However expect a fully translated NOW portal in French in the future.

Creating a Network of Portals

One of the most interesting features that goes with this upgrade is that the NOW portal is now in a position to participate into a network of OSF instances. What does that mean? Well, it means that the NOW portal could create partnerships with other local (regional, national or international) organizations to share datasets (and their maintenance costs).

Are there other organizations that uses this kind of system? Well, there is at least another one right in Winnipeg City: MyPeg.ca, also developed by Structured Dynamics. MyPeg uses RDF to model its information and uses OSF to manage its information. MyPeg is a non-profit organization that uses census (and other indicator) data to do studies on the well being of Winnipegers. The team behind MyPeg.ca are research experts in indicator data. Their indicator datasets (which includes census data) is top notch.

Let’s hypothetize that there would be interest between the two groups to start collaborating. Let’s say that the NOW portal would like to use MyPeg’s census datasets instead of its own since they are more complete, accurate and include a larger number of important indicators. What they basically want is to outsource the creation and maintenance of the census/indicators data to a local, dedicated and highly professional organization. The only things they would need to do is to:

  1. Formalize their relationship by signing a usage agreement
  2. The NOW portal would need to configure the MyPeg.ca OSF network into their OSF for Drupal instance
  3. The NOW portal would need to register the datasets it want to use from MyPeg.ca.

Once these 3 steps are done, taking no more than a couple of minutes, then the system administrators of the NOW portal could start using the MyPeg.ca indicator datasets like they were existing on their own network. (The reverse could also be true for MyPeg.) Everything would be transparent to them. From then on, all the fixes and updates performed by MyPeg.ca to their indicator datasets would immediately appear on the NOW portal and accessible to its users.

This is one possibility to collaborate. Another possibility would be to simply on a routine basis (every month, every 6 months, every year) share the serialized datasets such that the NOW portal re-import the dataset from the files shared by MyPeg.ca. This is also possible since both organizations use the same Ontology to describe the indicator data. This means that no modification is required by the City to take that new information into account, they only have to import and update their local datasets. This is the beauty of ontologies.

Conclusion

The new NOW portal is a great service for citizens of Winnipeg City. It is also a really good example of a web portal that leverages fully structured, integrated and linked data. To me, the NOW portal is a really good example of the features that should go along with a municipal data portal.

Jul 13 2016
Jul 13

The Drupal security team published a PSA to warn about upcoming security advisories. I shared my advice and predicted attacks within the hour after the security advisories are published. The security advisories are now published. Here is my followup.

I applaud the Drupal Security Team for warning about the highly critical updates. However the public service announcement (PSA) left the impression that this event was going to be much more serious than it was. Such a PSA would have been perfectly appropriate for SA-CORE-2014-005 "Drupalgeddon". But the only PSA there was in hindsight.

I guess it is resonable for the Drupal Security Team to be over cautious, especially given the lessons learned from Drupalgeddon fallout. And of course, such decisions and criticism is much easier with hindsight.

But now I am concerned how the Drupal Security Team can realistically raise the level further there is another vulnerability that is as serious as Drupalgeddon. Even if they raise the alert level using language in the PSA, will people still believe them? It reminds me of the boy who cried wolf.

Of course serious vulnerabilities like these are rare events in Drupal, so there is not yet a standard to compare alert levels to.

Jul 12 2016
Jul 12

Just arrived here? Read my followup first.

Original post

The Drupal security team announced multiple highly critical updates to Drupal contrib modules in PSA-2016-001. Expect attacks within less than one hour from the announcement; 18 hours from the time this article is published. This is probably going to be Drupalgeddon all over again.

My advice

If you are prepared, you will save yourself a lot of time. If you are late or too slow, you will probably find yourself with a lot more work, e.g. the rescue workflow for Drupalgeddon 1.

Today

Don't skimp on the first two. And do at least one of "3. Update a contrib module" or "4. Learn how to apply patches". Which one you choose depends on your skills and how out of date contrib modules are on your Drupal websites. Ideally, do both steps 3 & 4; You might find one of them is significantly challenging for you.

  1. Backup your Drupal 7 websites; Database, code & files directory
  2. Plan to be online at 1600 Wednesday 13 July 2016 UTC. In other timezones:
    America/Los_Angeles: 0900 Wednesday 13 Jul
    America/New_York: 1200 Wednesday 13 Jul
    Europe/London: 1700 Wednesday 13 Jul
    Europe/Paris: 1800 Wednesday 13 Jul
    Australia/Sydney: 0200 Thursday 14 Jul
    Pacific/Auckland: 0400 Thursday 14 Jul
  3. Update a contrib module on each of your Drupal 7 website(s) to make sure there will be no problems and you know how to do it. Do it manually by downloading the module from Drupal.org. The update server that Drush and Drupal use might be delayed, overloaded or under attack.
  4. Learn how to apply patches:
    1. Choose any popular module that your website uses, e.g. Views
    2. Navigate to the module's issue queue
    3. Filter for "Reviewed & tested by the community"
    4. Filter for the version of the module your website uses
    5. E.g. Views 7.3 RTBC issues
    6. Open any issue
    7. Download any .patch file
    8. Apply it using Drupal's documentation, which boils down to something like:
      1. cd sites/all/modules/views/
      2. patch -p1 < ~/Downloads/views-fix_hide_rewriting_if_empty-1428256-21.patch
      3. Test the patched module still works
  5. Restore your website from the backup into a new environment to make sure your backup is complete, you have sufficient access and you know how to do it. If you are on time and fast, this won't become necessary. But just in case...
  6. Subscribe to Drupal security email announcements: Log in on Drupal.org, go to your user profile page and subscribe to the security newsletter on the "Edit » My newsletters" tab.
  7. Consider taking servers that host highly sensitive data offline if your Drupal website can reach them. Drupal's maintenance mode may not be sufficient protection.
  8. If you can move to a Drupal-tailored web host easily, do so. They often offer additional protection while you work on applying updates. I usually recommend Pantheon.
  9. Take stock of any modifications (patches) to Drupal core and contrib modules. The Hacked! module automates most of this.
  10. Clean up and/or take stock of any unusual files in your website. A version control system like git makes this easy.
  11. Use the Security Review module to check if you have configured your Drupal website securely.
  12. Backup your website again if you made changes since the last backup.
  13. Subscribe to my blog;
    • I will post any important or relevant updates, more aggressively than what the Drupal Security Team is able to
    • Submit your email address in the right sidebar.
    • You can unsubscribe anytime (I won't be offended)

At T minus 1-hour

At 1500 Wednesday 13 July 2016 UTC, an hour before the scheduled time;

Do what you need to do to have the next few hours free from distractions; I.e. eat, use the bathroom, get comfortable.

At 1600 Wednesday 13 July 2016 UTC

  1. Look for contrib security advisories on Drupal.org.
  2. For each advisory that is published, check if your website(s) use the module. If yes, update it.
  3. Check you are recieving security advisory emails. Sometimes the highly critical updates require followup.

Drupal 6

The Drupal security team no longer supports Drupal 6. So we don't yet know if it is vulnerable or if there will be a patch. All of the above applies and you should do it, but if Drupal 6 is vulnerable patches or updates will probably be provided by the Drupal 6 long term support (LTS) programme.

Worst case, be prepared to roll-back to your backup from before the announcement.

Consider also;

  1. Accellerating your plans to upgrade to Drupal 7 or 8
  2. Taking your server or website offline
  3. Archiving it as a static HTML website (no PHP)
  4. Maintenance mode or locked-down permissions to be read-only is better than nothing, but may not offer any protection

Will I be affected?

The Drupal security team have added that the affected contrib modules are used on between 1,000 and 10,000 sites. That limits the affected modules to those ranked 522 to 2180; Just 1680 of the most popular 2000 Drupal contrib modules. Some Drupal websites, especially simple ones, will be lucky in that they won't be using an affected contrib module. But don't count on luck.

Dec 08 2015
Dec 08

Six months ago or so it clearly stated in the Drupal docs to NOT create D8 modules due to the API not being finished. But people were still developing and porting D8 modules. I decided to try my hand at it and had a working module complete after a month or so. When I finally got Git access 6 months later to push my changes to Fancy Login, It had stopped working on the latest D8 build. This article covers the updates I had to make since the D8 API had changed.

UPDATE: this article is quite old and D8 core is now complete.

1. Moved FancyLoginSettingsForm.php rom folder fancy_login/src to fancy_login/src/Form folder

2. In FancyLoginSettingsForm.php file changed translate functions t(). for example

t('Text !url.', array('!url' => 'background-

color')) to t('Text background-color', array('@url' =>

'http://themeshift.com'))

3. Moved the function user_login_block_ajax_callback from file FancyLoginSettingsForm.php to

fancy_login.module file.

4. Moved libraries such as

Drupal\Core\Ajax\AjaxResponse;

Drupal\lightbox_login\Ajax\lightboxLoginRefreshPageCommand;

Drupal\lightbox_login\Ajax\lightboxLoginRedirectCommand;

from FancyLogin_loginForm.php file to fancy_login.module file.

5. Deleted library

use Drupal\Core\Ajax\AppendCommand;

from FancyLogin_loginForm.php file.

6. Moved function ser_pass_ajax_callback from FancyLogin_passForm.php file to fancy_login.module

file.

7. Moved library

use Drupal\lightbox_login\Ajax\lightboxLoginClosePopupCommand;

from FancyLogin_passForm.php file to fancy_login.module file.

8. In folder fancy_login/src/Plugin/Block

a) Added rows

/**

* @file

* Contains \Drupal\fancy_login\Plugin\Block\FancyLoginBlock.

*/

to FancyLoginBlock.php file.

b) Changed code from

$GLOBALS['user']->isAnonymous() || !empty($GLOBALS['menu_admin'])

to

\Drupal::currentUser()->isAnonymous()

in build function in FancyLoginBlock.php file.

9. In folder fancy_login/src/Controller

a) Deleted function

drupal_process_attached($form) in ajax_callback function in FancyLoginController.php file.

b) Changed row

$scripts = _drupal_add_js();

to

$scripts = drupal_js_defaults();

in ajax_callback function in FancyLoginController.php file.

10. In fancy_login.module file

a) in functions user_login_block_ajax_callback and user_pass_ajax_callback

changed argument to no longer pass by reference from

array &$form

to

$form

b) In functions user_login_block_ajax_callback and user_pass_ajax_callback

changed rows

$messages = array('#theme' => 'status_messages');

$messages = drupal_render($messages);

to

$renderer = \Drupal::service('renderer');

$messages = array('#type' => 'status_messages');

$messages = $renderer->renderRoot($messages);

c) In function user_login_block_ajax_callback

changed row

$response->addCommand(new AppendCommand('#lightbox_login_user_login_block_wrapper',

$messages));

to

$selector = '#fancy_login_user_login_block_wrapper';

...

$response->addCommand(new Ajax\AppendCommand($selector, $messages));

d) in function user_pass_ajax_callback

changed row

$response->addCommand(new AppendCommand('#lightbox_login_user_pass_block_wrapper',

$messages));

to

$selector = '#lightbox_login_user_pass_block_wrapper';

...

$response->addCommand(new Ajax\AppendCommand($selector, $messages));

e) in function fancy_login_page_bottom

changed row

GLOBALS['user']->isAnonymous() || !empty($GLOBALS['menu_admin'])

to

\Drupal::currentUser()->isAnonymous()

f) in function fancy_login_page_bottom

changed row

$login_path = \Drupal::service('path.alias_manager')->getAliasByPath('user/login');

to

$login_path = \Drupal::service('path.alias_manager')->getAliasByPath('/user/login');

g) in function fancy_login_page_bottom

changed row

'callback' =>

'Drupal\lightbox_login\Form\lightboxLogin_loginForm::user_login_block_ajax_callback',

to

'callback' => 'user_login_block_ajax_callback',

h) in function fancy_login_page_bottom

changed row

'callback' => 'Drupal\lightbox_login\Form\lightboxLogin_passForm::user_pass_ajax_callback',

to

'callback' => 'user_pass_ajax_callback',

11. In folder fancy_login/js in file fancy_login.js

changed all methods to use each in JQuery

$("body").once("fancy-login-init", function () {

to

$("body").once("fancy-login-init").each(function () {

All of these changes were necessary for the module to work.

May 15 2015
May 15

I have been building apps recently that integrate a REST API which subscribes users to a Drupal web app via SMS, they are simultaneously subscribed in the telecom operators database. Conditions must be checked to keep the users status in sync with Drupal and the operator. Other conditions that I won’t cover here include recurring billing or the free trial period.

This is a practical example of how using the REST protocol allows technologies that are completely different to communicate with each other. The technologies in our stack include SMS, mobile billing and a Drupal web app.

First create the URL endpoint with a callback function by using hook_menu

function my_module_menu() {
$items['my_url/send'] = array(
'title' => 'send',
'page callback' => 'my_module_send_page',
'access callback' => TRUE
);
return $items;
}

When a mobile originated text message “MO” is sent from the customer handset to the shortcode created for our app, a relay message is sent from the telecom integrator’s API and hits the endpoint created with hook_menu on our web app. We then use a GET request to get the values from the values posted to our endpoint url. Parameters include product identification information, partner ID, customer MSISDN and subscription method, as well as other info. We also run an additional API call to check if the MSISDN/phone number is valid and if there is enough money on the customer account.

Here we have the beginning of the callback function that runs when our endpoint is hit.

function my_module_send_page() {

if (isset($_GET[‘MyVar4’])) {
$mobile = $_GET[‘MyVar3’];
$PricePointId = $_GET[‘MyVar2’];
$prodId = $_GET[‘MyVar’];
$mtmo = time() . ‘MO’;

There are many conditions in the business requirements, which determine different messages in the $text variable to the customer. Success/failure, weekly/monthly, arabic/english, below is the case if success and weekly PricePointId is selected. There is also a check for what language is selected, here we use the language value in the user object, we get this from what language the user selects on the registration form. We then pass back the correct language in the $text variable in a post request using cURL with everything else. Here is some more of the callback function.

if ($PricePointId == XXXXXX) {
if($user->language == 'en') {
$text = 'You have successfully subscribed
}
else {
$text = 'تمّ إشتراكك بملهمتي بنجاح بسعر ‘
}
}

$data = array(
‘Password’ => ‘test’,
‘ProductId’ => $prodId,
‘PricePointId’ => $PricePointId,
‘Destination’ => $mobile,
“Text”=> $text
);

$qry_str = drupal_http_build_query($data);
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, ‘http://integrator-api-endpoint/mystring?’ . (string) $qry_str);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$result = curl_exec($ch);
curl_close($ch);

Here we get the result from the cURL post to the telecom API.
If the result is greater than one that is success, so we create the user in Drupal.

if($result > 0) {
$obj->field_product = $prodId;
$obj->save(); */
$smart_db->changeUserRoles($user->uid , 'subscribe');
$smart_db->changeplan($user->uid, $prodId, $free = TRUE);
$to=$user->mail;
drupal_mail('user', 'register_no_approval_required', $to, user_preferred_language($user, $default = NULL), array('account' => $user), variable_get('site_mail', ''));
}
}

Apr 25 2015
Apr 25
  I’ve been hearing about Yeoman for quite some time now. Pretty much since the project took off, or soon after. As a tool born in the Javascript community, I came across this little gem when I was learning about Node.js and the different tools and frameworks available for it, either in my free time, or as […]
Apr 18 2015
Apr 18
If you’re a web developer, chances are that you’ve come across Emmet before. If you haven’t, chances are that you’re wasting time whenever you get to write some html in your favorite code editor or IDE. You should really check it out and see the options on the project page, but let me show you a quick […]
Apr 16 2015
Apr 16
One of the major disadvantages of entities in Drupal 7, is the lack of support for built-in comments. This is due to the model of the core comments module, which is heavily tied to nodes -node comments are essentially settings of each content type-, and not available for other entity types. In Drupal 8 this has changed already, […]
Apr 13 2015
Apr 13

finalrest
The future of the web is inarguably mobile. Mobile use is clearly increasing as people spend more time on their phones, and the rate that people are using dedicated mobile apps rather than their mobile browser is also increasing. But with web services, mobile apps can integrate popular web-based content management systems and in the process save hundreds of development hours while providing enhanced user experience for both the end user and web editors. This also creates tremendous, largely untapped business opportunity for agencies.

View our conversion service.

Drupal and WordPress power 2.1% and 23.3% of the web, respectively. There are many contrasts you can make to decide “which is better,” but in the end it comes down to the question of “what is the right tool for the job?” Drupal runs a smaller percentage of the web so it is targeted less by hackers, thus making it less vulnerable. In Drupal all contributed code or “modules,” are peer reviewed at http://drupal.org, helping to ensure quality and stability. Conversely, because of the smaller community and the strict review process there are less modules that get released than WordPress “plugins.” This puts Drupal at a distant second in the volume of contributed plugins/modules that are available. Still, Drupal 8 (the next release of Drupal), shows foresight into the future direction of the web, taking into account “the web of things” or to many web developers the “elephant in the room” Mobile Apps.

Drupal has fully mature projects that turn it into a powerful backend or RESTful “web service” that can be used to provide data to mobile apps via API calls. Drupal 8 comes with the very powerful and stable “Services” module built into D8 core, meaning it will come bundled in every new site of Drupal 8.

To put it simply, your Drupal or WordPress website could be powering the next best mobile app. “The web of things” is another way to say web services, the things that make the apps we use every day “do” things or “talk to” things. Snapchat for example is a popular app, but the native code, the kind written by an iOS or Android developer in the languages Java or Objective C, is quite simple. The heavy lifting is done by a web server somewhere which exposes data through “REST endpoints”;” this web server could be a web app like Drupal or WordPress running the ubiquitous language PHP.

PHP runs on about 75% of websites today, it can be looked at as a big ship – it takes a while for it to turn around (incorporate latest innovations) but it eventually does. While newer languages innovate quicker, PHP has proved to have a dedicated community that eventually does evolve with the times. For these reasons PHP is here to stay.

There are a variety of methods to utilize Drupal or WordPress to create an app that can be purchased on the iOS and Android app stores. For larger budget projects or projects started from scratch, the best method is to code the entire front-end presentation layer of the app in a native language, then use a web service to pull data in from a Drupal/Wordpress web app on “the cloud.” Some people may be able understand this by thinking in the terms of “feeds,” though the technology is quite different. The benefits are clear — you could have a powerful website and also a mobile app for less effort than it would cost to develop each individually with completely unique data sources. It also allows editors to login to their familiar Drupal/Wordpress editors and push out content that will then go to the app and website simultaneously.

Another hybrid method I developed which is very useful for smaller budget projects and for websites that already exist, is to create an API only for the login interface. I created a very simple API and native front-end to handle the login and password reset functionality. The rest of the app is a web view or “wrapper,” meaning that after you login, you just see the website. What makes this so cool is that it does feel quite “appy.” The native feel is enhanced by native navigation and custom offline messaging. After the user enters their email and password into the native interface they never have to login again, thus giving an experience identical to an app in every way. They simply click the icon on their homescreen and they are in. What is happening behind the scenes is that the email and password are getting saved and the user is being logged into the website via the API every time they click the icon.

Through the growth of RESTful web services we can have it all. We can build both web and mobile apps with greater ease than ever before, by simply reusing the same backend infrastructure for multiple platforms.

Mar 28 2015
Mar 28
warcraft peasants building a town hall

Life before Code Generators

I love automation.

It’s something that lives deep inside me, and I always seem to seek it as hard as I can, even when dealing with the most trivial things. Yes, even those things for which automation might not even give huge benefits at all. That is, perhaps, because I just fit in the prototype of lazy developer who wants to reduce the work to do as much as possible, or simply because I like the challenge of grabbing a problem that requires some hours and several steps to get solved, and turn it into a trivial matter that can be done in less time, by anyone.

And that’s what I did a year and some months ago, when I wrote the Field Type Generator module for Drupal 7, which I’m releasing today. Depending on your background, and the processes and tools that you use for Drupal development, this might or might not be as great a tool as it is for me, but I can tell you that in my case, it’s a little gem that has saved me a lot of time over the last year.

There are some reasons why I decided to write the module:

  1. As mentioned, I love automation.
  2. This book, by Chad Fowler, convinced me that my love for automation was good, and that I should automate things. And that includes writing code generators.
  3. I was finding myself writing plenty of custom field types to be used in Drupal nodes and entities. All from scratch. Best scenario involved copying and pasting code to amend plenty of things afterwards.
  4. There wasn’t a clear, standard approach to the task in the company I was working for. Most devs were fairly new to the concept of custom field types, in fact, and would spend a fair amount of time writing them from scratch, too.

So what is it, then?

The Field Type Generator is a code generator to create custom field types based on Drupal’s Field API. It allows developers to create a custom field type, containing as many columns as they want, and download it as a fully-working module that they can drop in a drupal repository, ready to be installed and used in any Drupal site.

The module makes as little assumptions as possible about the purpose of the created custom field type, and it’s expected that developers will still have to add some custom code to the module created for their specific needs. So the goal is not to solve anyone’s problem in 5 minutes, but instead, solve about 3/4 of the task in 5 minutes, letting developers focus on their particular requirements (e.g: custom validation of data).

computer guy thumbs up gif

If he approves, you can’t just ignore it.

Why now?

Sure, I could have released it before, but I didn’t. Why? Because I wanted my company to benefit from it a bit more before releasing it for everyone out there. I could mention a few more reasons, but there’s no point on denying that the main reason was probably that.

So why now? Well, I know a few developers out there that make heavy use of custom field types, and I’m fairly confident that this utility is going to be very useful for many people, in the same way it’s been for me and some of my colleagues.

Just go and try it

I don’t wanna keep you for long here. The good stuff is in the module. Really. Just download and enable, create a custom field type, and see what you get with it. If you like it, please comment. If you don’t like it, comment too, but be nice! I’m leaving a 4-minute video here showing what the module can do for you. Also, you can get the module generated in the video from here.

[embedded content]

Did you like it? Don’t forget to share it with any dev who might be interested! If you find any issues with it, I’ll be happy to apply patches, but keep in mind this was done as a proof of concept, and even though it works well, it’s not meant to be a perfect tool to cover all possible cases out there!

Final note for developers

There’s a small caveat a colleague mentioned to me recently, that you might need to amend after generating a custom field type, depending on your use case. It’s pretty simple, and I’ll get it sorted in code soon. This issue does not affect the generated module at all, and it’ll work as expected. If you’re not saving the entity that uses your custom field programmatically, this doesn’t affect you. 

If you are, you’ll need to edit the “_field_presave()” hook implementation generated. The reason is that there’s a wrapper array that contains all the columns data for your field, added for better UX in entity forms. When saving an entity from code (not from the entity form), the wrapper won’t be present, as it’s added by the widget form, and Drupal will throw an error. All you need to do is add a check so that the wrapper is only used when the entity is being saved after a form submission (ie by checking the url path, for example). That way, when the entity is saved from any other place, the values of the field will be read just as they were loaded from the database.

Update: The caveat of _field_presave() mentioned above is fixed in 7.x-1.2 branch.

Mar 13 2015
Mar 13

The services module comes built into core (standard issue), with Drupal 8, the next generation of Drupal. This shows incredible insight in the Drupal community as we had toward a RESTful web connected through APIs. There are a variety of methods to convert a Drupal or WordPress app to a native app that can be purchased on the iOS and Android app stores. The most complex of which, but which also result in the most native feel would be as follows.

View our conversion service.

The entire front end  of the app would be native code, such as Java or Objective C.

Drupal would be used as the backend infrastructure, editors could add content through the Drupal editor as they are accustomed.

The content would be pull in through REST API.   Such as Services module.

The upcoming trend is the web of things, and the move toward mobile. Having a website serve functional purposes and be able to interact with each other through exposing APIs.

Using the method above will be a completely separate blog post…

The method I will explain here uses an API to talk to Drupal but only in a limited capacity,  this can be used to quickly and inexpensively convert a Drupal website into a native feeling app.

There is a very simple API and native front end to handle the login functionality. The rest of the app is a web view or “wrapper” meaning that after you login you basically just see the website. What makes this so cool is that it does feel quite native.

The native feel is further enhanced by the limited use of a simple API created in a  custom Drupal module.

After the user enters their email and password into the iOS or Android interface they never have to login again, making it feel more like an app.   They simply click the icon on their homescreen and they are logged in. What is happening behind the scenes is the app is saving your email and password and logging you into the website via the API every time.

Implementing an API (or a simple web service) in Drupal might sound complicated but that is not actually the case. In this article, we will create a generic and simple user authentication web service in Drupal that can be used to authenticate the user from any other platform.

For this we’ll be having following basic requirements:

  • A page where we’ll hit with the username and password entered by the user who wishes to login through third party.
  • A mechanism to verify the entered credentials.
  • Session generation for the user if the entered credentials are valid and correct.

Like most of the custom features in Drupal, we’ll implement it via a custom module. We’ll create a custom module with an info and a module file. In this article, I have used hook_menu() function to create three pages to implement the three above listed operations. You can alternatively use any other suitable approach, however the crude logic remains the same.

View example apps

https://itunes.apple.com/us/app/juiceguru/id912819929?mt=8

https://play.google.com/store/apps/details?id=com.spreaker.custom.prod.a...

https://itunes.apple.com/us/app/smartwoman-qatar/id971973725?mt=8&ign-mp...

https://play.google.com/store/apps/details?id=com.alex.smartwomanqatarfem 

https://play.google.com/store/apps/details?id=com.alex.smartwomen

finalrest

code

 

So the hook_menu code goes here:

function myModule_menu() {

$items = array();

 

$items[‘is_valid’] = array(

‘title’ => ‘Email resend’,

‘page callback’ => ‘check_user_register’,

‘access arguments’ => array(‘access content’),

‘type’ => MENU_CALLBACK,

);

$items[‘login_with_uid/%’] = array(

‘title’ => ‘User Login’,

‘page callback’ => ‘user_login_by_uid’,

‘page arguments’ => array(1),

‘access arguments’ => array(‘access content’),

‘type’ => MENU_CALLBACK,

);

$items[‘forget_password/%’] = array(

‘title’ => ‘Forget Password’,

‘page callback’ => ‘send_forget_password_mail’,

‘page arguments’ => array(1),

‘access arguments’ => array(‘access content’),

‘type’ => MENU_CALLBACK,

);

 

return $items;

}

Here, we have created 3 pages: is_valid , login_with_uid , forget_password .

Once we have created the pages, we’ll define the page_callback functions for them. For the first page – is_valid page – the callback function is check_user_register which should be defined as follows:

function check_user_register() {

$output= 0; global $base_url;

$name = $_REQUEST[‘username’];

$password = $_REQUEST[‘pass’];

if ($uid = user_authenticate($name, $password)) {

$output = trim($base_url.’/login_with_uid/’.$uid);

} else {

$output = 0;

}

print trim($output);

}

 

In the above code, we have extracted the username and password from the $_REQUEST variable. These parameter might be passed through GET or POST. We are using the user_authenticate function to ensure that the correct credentials are provided. This function accepts username and password as arguments and returns the user’s uid on success, or FALSE on failure to authenticate. We return this URL because it would be required in the next step.

 Next, we will define the function for our second page – login_with_uid page. This page generates a session for the user after his credentials are verified.

function user_login_by_uid($uid){

global $user;

if($user = user_load($uid))

{

drupal_session_regenerate();

print ‘Successfully Login!’;

}

else

{

print ‘Wrong Username or Password!’;

}

drupal_goto(“”);

}

 

In the above function, we are loading the user object into the global $user variable and just using the drupal_session_regenerate() function that regenerates the session for the object in $user global. Further the drupal_goto() function redirects the user to the site’s front page after login.

 The above two pages along with their callback functions complete our login process. Now, we need to implement the “forgot password” link in case the user forgets the password. Our third page – forget_password serves this purpose. The callback for this page is:

function send_forget_password_mail($email) {

$account = user_load_by_mail($email);

if(!empty($account) && $account->uid){

_user_mail_notify(‘password_reset’, $account, $language = NULL);

$output = ’email sent!’;

}else{

$output = ‘Wrong Username!’;

}

print $output;

}

In this function, we first test if the user with the provided email actually exists or not. If it exists, then we use _user_mail_notify function for drupal to send the password reset email for that account. This function accepts three arguments out of which the third one is optional. The first one is the type of email to be sent. We use “password_reset” to send an email with password reset link. The other placeholders for this argument are given on this page. The second argument is the user object of the user whom the email is to be sent.

 

Thus, we easily created a web-service or simple generic API that can validate and login users into the drupal website and also send a password reset email whenever required. All you need to do it create the module, install and enable it!

Implementing Webview along with API in Android

 

WebView is a view that display web pages inside your application. You can also specify HTML string and can show it inside your application using WebView. WebView makes turns your application to a web application.

 

In order to add WebView to your application , you have to add element to your xml layout file. Its syntax is as follows:

 

android:id=”@+id/webview”

android:layout_width=”fill_parent”

android:layout_height=”fill_parent”

/>

In order to use it, you have to get a refrence of this view in Java file. To get a reference , create an object of the class WebView. Its syntax is:

 

WebView browser = (WebView) findViewById(R.id.webview);

In order to load a web url into the WebView , you need to call a method loadUrl(String url) of the WebView class, specifying the required url. Its syntax is:

 

browser.loadUrl(“http://om-msmartwoman.com/member/register”);

 

At times, you may require to invoke the device browser, when an external link is clicked from app. For example, in most of the mobile advertising platform, when user click on a banner, it redirect user to the ad publisher website to show more info on specific ad. For such similar requirement, you need to open device browser with a URL.

 

This application consist of four different Activity(Screens).

First activity consist of Splash screen(First Screen) where I have used thread(Timer) for 3 seconds and after that it initiates the intent to move on further Activity which is Login screen.

 

On Login Screen I have used two edit text and buttons to fire the function.

 

On Auth class, I have used intent on Button’s click.Here is the example

 

Intent i = new Intent(Auth.this, WebViewDemoActivity.class);

i.putExtra(“reg”, true);

startActivity(i);

On WebviewDemoActivity,I have placed functions for initialting webview that I have mentioned above.

 

We will make the call to the API in an AsyncTask since you should never make Web API calls in the user interface thread.

 

Here is the sample how I have called API from class asyncronysly

Runnable SignupService = new Runnable() {

 

@Override

public void run() {

String result = “”;

try {

result = WebServiceHandler.signupservice(Auth.this, username,

pwd);

 

} catch (Exception e) {

e.printStackTrace();

}

Message msg = new Message();

msg.obj = result;

SignupHandler.sendMessage(msg);

}

};

 

In WebServiceHandler,I have placed all the api and called them from Auth class using

 

WebServiceHandler.signupservice(Auth.this, username,

pwd);

 

I got the website link from API in msg and share it with WebView activity in app.

 

In WebViewDemoActivity, I have featched the web url using intent extra and initiate it in webview using webview client.

 

in AndroidManifest.xml, I have setup all permissions which are required in application for processing like Internet,External Storage and Activity used in application.

 

Here is the example how to set permissions in Manifest file in Android

 

“android.permission.INTERNET”</i> />

“android.permission.WRITE_EXTERNAL_STORAGE”</i> />

“android.permission.ACCESS_NETWORK_STATE”</i> />

android:name=“Splash”

android:configChanges=“orientation|keyboardHidden”

android:label=“@string/app_name”

android:screenOrientation=“portrait” >

“android.intent.action.MAIN”</i> />

 

“android.intent.category.LAUNCHER”</i> />

android:name=“WebViewDemoActivity”

android:screenOrientation=“portrait”

android:windowSoftInputMode=“stateHidden” />

 

This is how we create a wrapper application using manual webservices and webview in Android.

Feb 10 2015
Feb 10

Multi lingual sites is a desired feature for sites targeting audiences of multiple countries or of more than one linguistic groups for example my first experience with the module was translating the Wanderlust Festival website for audiences in Quebec, where French and English are national languages. For Drupal there are many features which streamline the process. We will go into some of the standard translation techniques. In a later post I will go into identifying and translating certain hard to target strings such as those in complex views.

The Translate Function:

When we are dealing with content in templates for pages/nodes/content-types, etc. some strings are hardcoded in these tpl.php files.

Drupal provides us a smart way to let its template engine know which strings to consider for translation and which strings to treat as constant literals – that don’t need translation.

There is a translate function, also known as t function or t(). Anything passed inside this function is processed and considered for translation before getting passed to html content. Example: t(“text for translation”).

String literals that are not enclosed in this function are considered as constant strings and are passed as is into the html content. Example: Anything that doesn’t require translation – like Names of places, persons, etc. (in case we are translating in the same script like English to French)

The prototype of the translate function is:

t($string, array $args = array(), array $options = array());

Here, $string is the variable containing the English string to translate.
$args is an associative array of replacements to make. Occurrences in $string of any key in $args are replaced with the corresponding value, after optional sanitization and formatting. The type of sanitization and formatting depends on the first character of the key:

  • @variable: Value is inserted as plain text.
  • %variable: This makes it display as emphasized text.
  • !variable: Inserted as is, with no sanitization or formatting. Only use this for text that has already been prepared for HTML display (for example, user-supplied text that has already been run through check_plain() previously, or is expected to contain some limited HTML tags and has already been run through filter_xss() previously).

This is an example to demonstrate above three keys:

t("This is my text", array( '@This' => 'yeh', '%is my' => 'hi', '!text' =>  'text'));

It will translate from “This is my text” to “yeh hi text”.
The simplest call to t() looks like this:
t(“This is my text”);

Where to call t() function ?

  • Any string that is a name, url, address passed in t() should specify the translated string also either from the admin panel or in the translate function call itself by passing through $args array.
  • In case you are making a Form with form API, it is a good practice to pass the title, placeholder and labels in t() function. Example:$form['title'] = array(
    '#type' => 'textfield',
    '#title' => t('Subject'),
    '#required' => TRUE,
    );
  • In case your are using a php field in views, it is advisable to output any text in t(), except for dates or dynamic data.

Where not to call t() function ?

It is NOT advisable to use t() in following scenarios:

  • t($text);
    unless the text that the variable holds has been passed through t() elsewhere (e.g., $text is one of several translated literal strings in an array).
  • It is especially important never to call
    t($user_text);
    where $user_text is some text that a user entered – doing that can lead to cross-site scripting and other security problems.

However, you can use variable substitution in your string, to put variable text such as user names or link URLs into translated text. Variable substitution looks like this:

$text = t("@name's blog", array('@name' => format_username($account)));

Basically, you can put variables like @name into your string, and t() will substitute their sanitized values at translation time. Translators can then rearrange the string as necessary for the language (e.g., in Spanish, it might be “blog de @name”).

Feb 08 2015
Feb 08

This widget allows the Drupal Five Star module to accept inputs from multiple votes for various criteria and average it into one, It then displays the average of the multiple votes.

To create views sortable by the new widget (the average of five votes), hook_votingapi_results_alter() was used in a small custom module.

Below is a tutorial on how to implement the code.

Best practices using multiple votes criteria In node using FiveStar module in Drupal 6.

1. Enable Fivestar module, Voting API.
2. Go to edit content type and Enable Fivestar rating.
3. Add CCK field Type Fivestar Rating with “Fivestar rating” Select list widget.
4. Configure this CCK field: add Voting Axis: which is the multiple criteria separated by a comma. For example: first, second, third, fourth, fifth . Save field settings.
5. Create the template for node type. In this example it is node type is “teacher”. This will be node-teacher.tpl.php .

In the template paste this snippet:

$output = '';
$tags = array(
'first' = t('Communication'),
'second' = t(‘Availability'),
'third' = t(‘Skills'),
'fourth' = t(‘Efficiency'),
'fifth' = t(‘Personality'),
);
$i = 0;
foreach ($tags as $tag = $title) {
$votes = fivestar_get_votes('node', $node->nid, $tag);
if(!empty($votes['average']['value'])){
$i++;
}
$values = array(
'user' = isset($votes['user']['value']) ? $votes['user']['value'] : NULL,
'average' = isset($votes['average']['value']) ? $votes['average']['value'] : NULL,
'count' = isset($votes['count']['value']) ? $votes['count']['value'] : NULL,
);

if (user_access('rate content')) { /*check user access for voting in fivestar*/
$settings = array(
'stars' = 5,
'allow_clear' = TRUE,
'style' = 'average',
'text' = 'dual',
'content_type' = 'node',
'content_id' = $node->nid,
'tag' = $tag,
'autosubmit' = TRUE,
'title' = $title,
'feedback_enable' = TRUE,
'labels_enable' = TRUE,
'labels' = array(t('Poor'), t('Okay'), t('Good'), t('Great'), t('Awesome')),
);
$output .= drupal_get_form('fivestar_custom_widget', $values, $settings);
}
else {
$output .= theme_fivestar_static($values['average'], 5, $tag);
}
}

$reliability_rating = votingapi_select_results(array('content_id' = $node->nid, 'tag' =array('first', 'second', 'third', 'fourth', 'fifth' ), 'function' = 'average'));
foreach ($reliability_rating as $v) {
$a = $a + $v['value]; /*sum values*/
}
?>
print theme('fivestar_static', $a/$i, '5') ; /* print fivestar widget with general average result*/
?>
print $output; /*print 5 fivestar fields for votes with average result each*/
?>
Check out the module used in this social networking site for yoga teachers, (ignore debug output at top)

Sort By Votes

To create views sortable by votes here is a small custom module that uses hook_votingapi_results_alter().  This is a complete custom module so save this code in a .module file with it’s own .info file.
[php]
function mymodule_votingapi_results_alter(&$results, $content_type, $content_id) {
$vote_avg_sum = 0;
$vote_avg_count = 0;
$vote_tags = 0;

foreach($results as $tag = $data) {
if($tag != ‘vote’) {
$vote_avg_sum += $data[‘percent’][‘average’];
$vote_avg_count += $data[‘percent’][‘count’];
$vote_tags++;
}
}
if($vote_tags > 0) {
$results[‘vote’][‘percent’][‘average’] = $vote_avg_sum/$vote_tags;
$results[‘vote’][‘percent’][‘count’] = $vote_avg_count/$vote_tags;
}
}</code>

1.In views settings add relationships
“Node: Vote results ”

2. configure it
“Value type: No filtering” “Vote tag: Normal vote” “Aggregation function:No filtering”

3. Go to Sort criteria and add
“Vote results: Value”
choose Descending or Ascending.

4. Add the filters that you need.

5. Then you can add to your fields
“Vote results: Value”

Jan 25 2015
Jan 25

Preface

Our fourth  multilingual site and significantly more of a challange.  When in the past I had dealt with latin alphabet only, this time I was dealing with Arabic and there were some major differences here. In the Arabic language everything reads right to left. So through simply checking a setting in i18n admin panel you can add the attribute dir="rtl" to the <html>  tag. This conveniently moves all your content to the right side of your page and changes text highlight from this direction as well. This caused quite a few issues mainly with CSS.   Sprites were off on the Arabic version by a few px, but luckily this was easy to fix, as Drupal adds the class i18n-ar to the body tag, so it was easy to target Arabic only views. One other major issue I had was a large left margin of > 1000px when language was set to Arabic, this was fixed by setting body tag to overflow:none;

Translating Fields and Taxonomy

First enable translation on the content type you want to translate.  You can find this  at the bottom  in the  ‘Publishing options’ tab.  There you need to select ‘Enabled with translation’ . After saving  you will see a new tab – ‘Multilingual settings’.  Afterwards select checkbox ‘Set current language as default for new content’ – This makes it easier for editors creating a post if they primarily post in a certain language, it will be set to that language by default without having to manually choose a language.

To translate fields in content type (labels, descriptions etc.) –  enable ‘Field translation’ module. After this we can go to the field in the ‘manage fields’ section.

and click translate tab –

and there you can translate needed title

Replace text

and click ‘Save translation’.

To translate taxonomy terms enable – ‘Taxonomy translation’ module. After this we can go to the vocabulary and edit it.

With this method we can translate terms via the admin panel. If we need different terms for each language – we must choose ‘Translate.  Different terms will be allowed for each language and they can be translated.’ – this method can also be used too in some cases. You must decide before development what method you want to use.
Now we can translate the term in admin section. Go to yoursite.com/admin/config/regional/translate/translate and search term –

now we can see the term in the translation interface.

and translate –

Jan 03 2015
Jan 03

Need to control which users can access a node/page of a particular content type on your Drupal site?

The Drupal Node API provides us a quick way to do this. It provides the hook_nodeapi function to react to the actions affecting all kinds of nodes. We can easily implement this hook in our module or theme. A prototype of this hook looks like this:

function myCustomModuleName_nodeapi (&$node, $op) {

/*Your code and conditions here*/

}
Here myCustomModuleName is the name of the module in which this hook is defined. The two parameters are $node, which represents the node on which the action is being performed and the other one $op,  is the kind of action which is being performed. The $op can have values like view, alter, delete, print and so on…

As an example, I was looking to design such a condition for my website:

  • If enrolled user creates content type for "recipe", restrict access to recipe except for node author and admin.

So, I needed to develop a mechanism through which for each node of type “recipe”:

  • Everyone can see nodes created by admin including Anonymous user.
  • Only site admin and node author can see nodes created by users other than administrator.


I created a custom module for and used the nodeapi hook to implement the mechanism as follows:

—————————————————– ————————————————–

function custom_hook_implements_nodeapi (&$node, $op)

{

global $user;

if(($node->type == ‘recipe’ and $op == ‘view’))

{

$author=user_load($node->uid);

if(!array_key_exists(3,$author->roles) and $author->uid!=$user->uid and !array_key_exists(3,$user->roles))

{

drupal_access_denied();

}

}

}

—————————————————– ————————————————–

As you can easily observe here that I have only created an if condition that first checks, if the node type is “recipe” and operation performed is “view“. Thereafter, if conditions are found to be true, it further checks for the following:

– if the author of the node is NOT an administrator user (3 being the role ID of administrator user).

– if the author of the node is NOT the user accessing the node himself.

– Finally, the user accessing the node is not an administrator user himself.

 

If these conditions are met, it shows the drupal access denied error message, thus, denying the user access to that node.

Jan 01 2015
Jan 01

In this tutorial we will

1. Configure Views to show nodes with only the current language.

2. Translate  strings in views that cant be translated via admin UI.

3. Translate menu items.

1. On each views (pages, blocks etc) we need to add filter criteria ‘Content: Language’ and choose ‘Current user’s language’ – https://screencast.com/t/hvRR4XmL8DQZ After this you the view will only show nodes that contain your current language on site.

2. Sometimes we have views with a difficult structure and fields with a lot of HTML tags, tokens and strings. These can’t be translated via Drupal admin UI. For example this global custom field – https://screencast.com/t/S0U6Zibb0p54 a method for translating something irregular like this is as follows.  Create a .tpl file for this field and wrap strings and links in t() and l() functions.  https://screencast.com/t/3Dj1gGjEe after this we Then these can easily found and translated in admin UI.

The Same method can be used for other views templates and nodes if there are links

3. To translate the menu we need to enable ‘Menu translation’ module (from i18n). Now we go to edit menu and enable translation mode – https://screencast.com/t/JRw0ngrBa8  Now we can translate any menu item – https://screencast.com/t/s6maX10qk

Then add (or edit) the Arabic variant  – https://screencast.com/t/LGoewMdCo

Oct 22 2014
Oct 22

I estimate hundreds of thousands of Drupal websites now have backdoors; between ten and ninety percent of all Drupal websites. Automated Drupageddon exploits were in the wild within hours of the announcement. Updating or patching Drupal does not fix backdoors that attackers installed before updating or patching Drupal. Backdoors give attackers admin access and allow arbitrary PHP execution.

If your Drupal 7 (and 8) website is not updated or patched it is most likely compromised. If your website was not updated within a day of the announcement, it is probably compromised. Even if your website was updated within a day, it may be compromised.

If you did not know, Drupageddon is the highly critical SQL injection vulnerability in Drupal core announced 15 October. It is also known as Drupalgeddon (with an "L"), CVE-2014-3704, Drupal SA core 2014 005 and #DrupalSA05. Drupageddon (no "L") is the original name selected by Stefan Horst, who initially reported to the Drupal security team. See Drupageddon.com.

I have drafted this flowchart to help Drupal website administrators understand their options for recovering from Drupageddon. Review, feedback and collaboration is welcome.

The flowchart is a living document. Currently version is number 7.

Updates

How to fix a Drupal site compromised by Drupageddon

Creative Commons License

Oct 13 2014
Oct 13

A whirlwind tour of dozens of useful contributed modules for building Drupal 7 sites.

There are many really useful contributed modules to take your site beyond the basics of Drupal core. There are modules to improve, allow, and/or help with everything from administration to workflow, from paths to views, and beyond.

One factor to consider when choosing contributed modules is the recommendations of other experienced Drupallers. So in the list below I've noted some Drupal-as-a-Service (DaaS) platforms that have included a module in their service, which is essentially groups of experienced Drupallers indicating they find a module useful (and reliable enough) for a very large number of sites. I've also noted when at least some of a module's features are part of core in Drupal 8, which is an indication that very senior indeed Drupallers consider it useful for most sites.

  • (This functionality is part of core in Drupal 8.) indicates some/all of module's functionality is part of core in Drupal 8.
  • (This module is included in Stanford Sites.) indicates module is included in Stanford Sites.
  • (This module is included in Drupal Gardens.) indicates module was included in the late, lamented Drupal Gardens.

A key principle of module usage is to use as many as you need, but no more. Some of the modules (or their submodules) listed below are really useful when you are building or configuring the site, but don't need to be enabled for just visiting it or editing its content and so should normally be disabled on live/production sites.

  • (This module should only be enabled on live/production site if truly required by content editors.) indicates module should only be enabled on live/production site if truly required by content editors.

Essentials

These are modules that I install on essentially every site I build.

Administration menu (drupal.org/project/admin_menu(This module is included in Stanford Sites.) Provides a dropdown menu to most administrative tasks and other common destinations (to users with the proper permissions). (Don't forget to disable the core Toolbar module when using this.) Administration views (drupal.org/project/admin_views) (This functionality is part of core in Drupal 8.) (This module is included in Stanford Sites.) Requires Views, Views Bulk Operations, Chaos Tool Suite, Entity API.
"Replaces administrative overview/listing pages with actual views for superior usability" —in other words, you can customize them! Advanced help (drupal.org/project/advanced_help(This module is included in Stanford Sites.) Displays advanced help and documentation. Many contributed modules' help and documentation are primarily available through this module. (This module should only be enabled on live/production site if truly required by content editors.) Chaos tool suite (drupal.org/project/ctools) (This functionality is part of core in Drupal 8.) (This module is included in Stanford Sites.) (This module is included in Drupal Gardens.) A helper module required by Administration views, Views and a number of other modules. Date (drupal.org/project/date) (This functionality is part of core in Drupal 8.) (This module is included in Stanford Sites.) (This module is included in Drupal Gardens.) Provides "a flexible date/time field type (Date field) and a Date API that other modules can use." Entity API (drupal.org/project/entity(This module is included in Stanford Sites.) (This module is included in Drupal Gardens.) Required by Administration views and Views bulk operations.
Extends the entity API of Drupal core in order to provide a unified way to deal with entities and their properties. Libraries API (drupal.org/project/libraries(This module is included in Stanford Sites.) (This module is included in Drupal Gardens.) Provides a common repository for external (non-Drupal) libraries in sites/all/libraries and sites//libraries for use by contributed modules. Module filter (drupal.org/project/module_filter(This module is included in Stanford Sites.) Tames the modules list page, so you can quickly find the module you are looking for without tons of scrolling or having to rely on the browser's search feature. (This module should only be enabled on live/production site if truly required by content editors.) Pathauto (drupal.org/project/pathauto(This module is included in Stanford Sites.) (This module is included in Drupal Gardens.) Requires Token.
Provides a mechanism for modules to automatically generate URL aliases for the content they manage. Human-friendly URLs (e.g.,"about" rather than "node/72") are important for accessibility, usability, and SEO. Pathologic (drupal.org/project/pathologic(This module is included in Stanford Sites.) A filter that helps avoid broken links and incorrect paths in general text fields (e.g., Body, etc.). These tend to arise when full URLs ("http://sample.edu/about") or relative path URLs ("about") are used in general text fields instead of absolute path URLs ("/about") for internal content. Redirect (drupal.org/project/redirect(This module is included in Stanford Sites.) (This module is included in Drupal Gardens.) Redirects users from one URL to another. When used with Pathauto, "automatically generates path redirects to ensure that URL alias changes do not break existing links." This is considered the best practice for SEO and usability. Token (drupal.org/project/token(This module is included in Stanford Sites.) (This module is included in Drupal Gardens.) The basic token API is now a part of Drupal 7 core, but this module provides a browsable token UI, as well as field & profile tokens that did not make it into core for Drupal 7. Transliteration (drupal.org/project/transliteration(This module is included in Stanford Sites.) Provides a central transliteration service (converting Unicode text to US-ASCII) to other Drupal modules (e.g., Pathauto), and sanitizes file names while uploading. Views (drupal.org/project/views) (This functionality is part of core in Drupal 8.) (This module is included in Stanford Sites.) (This module is included in Drupal Gardens.) Requires Chaos tool suite.
Required by Administration views and Views bulk operations.
Creates customized lists and displays from already entered content. Along with fields, this is the heart of adding content once but being free to display it multiple places and multiple ways. (For those familiar with relational databases, fields & Views let you use the power of relational databases to wrangle your content, while still keeping content adding and editing as simple as word processing and online shopping.) Submodules include views_ui (This module should only be enabled on live/production site if truly required by content editors.) Views Bulk Operations (drupal.org/project/views_bulk_operations(This module is included in Stanford Sites.) (This module is included in Drupal Gardens.) Requires Views and Entity API.
Required by Administration views.
Exposes new Views style 'Bulk Operations' for selecting multiple nodes and performing actions on them all at once. Wysiwyg (drupal.org/project/wysiwyg) (This functionality is part of core in Drupal 8.) (This module is included in Stanford Sites.) (This module is included in Drupal Gardens.) Requires installation of (non-Drupal) editor libraries.
Allows users to edit contents with rich text editors such as CKeditor (This functionality is part of core in Drupal 8.) and TinyMCE. Permits inclusion of more than one rich text editor in the same site. Wysiwyg filter (drupal.org/project/wysiwyg_filter(This module is included in Stanford Sites.) "Provides an input filter that allows site administrators to configure which HTML elements, attributes and style properties are allowed" (based on whitelists). This lets administrators permit content editors to include images in general text fields without giving them access to Full HTML. (Allowing Full HTML is a security risk and just generally a Bad Idea.)

Frequently used

These are modules I install on many sites, but not all of them need the functionality provided.

Fields

Address Field (drupal.org/project/addressfield)"Defines a new field type to store international postal addresses, implementing a subset of the top-level address elements defined in the xNAL standard"Automatic entity label (drupal.org/project/auto_entitylabel) Allows automatic generation of entity label fields, such as node titles. (Replaces Automatic node titles module.) Email field (drupal.org/project/email) (This functionality is part of core in Drupal 8.) (This module is included in Stanford Sites.) Provides a field type for email addresses. Entity Reference (drupal.org/project/entityreference) (This functionality is part of core in Drupal 8.) (This module is included in Stanford Sites.) (This module is included in Drupal Gardens.) Requires Entity API and Chaos tool suite.
Provides a field type that can reference arbitrary entities (nodes, etc.). Can display the field either as a link to the entity or as a rendered entity (for example, it can show either a link to a node or the node itself).Field collection (drupal.org/project/field_collection) (This module is included in Stanford Sites.) (This module is included in Drupal Gardens.)Field Group (drupal.org/project/field_group(This module is included in Stanford Sites.) Link (drupal.org/project/link) (This functionality is part of core in Drupal 8.) (This module is included in Stanford Sites.) (This module is included in Drupal Gardens.) Provides a link field type. This allows association of a link title with a link URL, while permitting either to be optional.Smart trim (drupal.org/project/smart_trim(This module is included in Stanford Sites.)

Views

Better exposed filters (drupal.org/project/better_exposed_filters(This module is included in Stanford Sites.) "[R]eplaces the Views' default single- or multi-select boxes with radio buttons or checkboxes, respectively. Description fields and Select All/None links can be added to exposed filters to make for a better user experience." Calendar (drupal.org/project/calendar(This module is included in Stanford Sites.) Enables displaying views containing date fields in calendar formats. Can display information by day, week, month, or year in either pages or blocks. Date iCal (drupal.org/project/date_ical(This module is included in Stanford Sites.)"provides a plugin for Views to enable exporting your site's calendar as an iCal feed, and a plugin for Feeds to enable importing external iCal feeds into your site's calendar."EVA: Entity Views Attachment (drupal.org/project/eva)"Provides a Views display plugin that allows the output of a View to be attached to the content of any Drupal entity", such as a node, user profile, comment, etc.Views data export (drupal.org/project/views_data_export(This module is included in Stanford Sites.) Provides a way to export data from views to CSV, Microsoft XLS, Microsoft DOC, plain TXT, or XML. Views Datasource () (This module is included in Stanford Sites.)Views field view (http://drupal.org/project/views_field_view(This module is included in Stanford Sites.) Allows users to embed a view as a field in a view. A new field handler is made available, so this can also be used in area (header/footer/empty) handlers as well as rows.Views slideshow (http://drupal.org/project/views_slideshow(This module is included in Stanford Sites.)"Views Slideshow can be used to create a slideshow of any content (not just images) that can appear in a View." 

Blocks

Bean (drupal.org/project/bean(This module is included in Stanford Sites.) Allows the definition of block types (like content types, only for blocks instead of nodes). This has various benefits, including making it easy to add distinct fields to blocks, use WYSIWYG editors for block content, and the like. Block class (drupal.org/project/block_class(This module is included in Stanford Sites.) Lets site builders add CSS classes to any block through the block's configuration interface. This lets you really take advantage of the block-centric responsive design of themes like Open Framework and Stanford Framework. Block title link (drupal.org/project/block_titlelink(This module is included in Stanford Sites.) Allows site builders to turn a block's title into a link.Menu block () (This module is included in Stanford Sites.)

Context

Context (drupal.org/project/context(This module is included in Stanford Sites.)Allows site builders more fine-grained control over what is shown, where it is shown, and how it is shown ("reactions") on any given page based on a much wider and more flexible range of criteria/"conditions" than Drupal core. There is a lot of power in this module: with it you can have the same block show up in the header of one page but in the footer of others or have different themes depending on the path and much, much more. Context accordion (drupal.org/project/context_accordion(This module is included in Stanford Sites.) Requires Context
Improves the user interface (UI) of the Context module by adding a nice javascript accordion effect.Context HTTP headers (drupal.org/project/context_http_headers) (This module is included in Stanford Sites.)Requires Context
"Provides a set of Context reactions that allow you to set HTTP Response Headers for each context on your site. It is a generalized framework for response header handling that allows the sending of any arbitrary header value(s)." You can thank Whitehouse.gov for this one! Context list (drupal.org/project/context_list(This module is included in Stanford Sites.)Requires Context
Improves the administration experience of the Context module by providing "a list of contexts, their conditions and reactions in a simple view … The intention of this module is to provide a means of inspecting all contexts in one easy screen." Context list active (drupal.org/project/context_list_active(This module is included in Stanford Sites.)Requires Context
Like the Context list module, but lists the contexts, conditions, and reactions only for the current page. Context respect (drupal.org/project/context_respect(This module is included in Stanford Sites.)Requires Context
"Extends the Context module by making it respect default block settings. This makes it so you can retain your block visibility when assigning them into various Contexts." Context user agent (drupal.org/project/context_useragent(This module is included in Stanford Sites.)Requires Context
"Adds a new condition to the Context module that allows performing regular expression tests on the useragent string ($_SERVER['HTTP_USER_AGENT']). This allows adding different reactions based on the user's browser, operating system, or other needed contexts that may be found in the useragent string."  Delta (drupal.org/project/delta(This module is included in Stanford Sites.) Requires Context
Allows site builders "to make duplicates of your theme settings for any context on your site. This gives you the ability for alternative layouts as a reaction in Context" Contextual Block Class(es) (drupal.org/project/cbc(This module is included in Stanford Sites.)Requires Context
Allows site builders "to contextualize block classes" 

Appearance/Theme

Colorbox (drupal.org/project/colorbox) (This module is included in Stanford Sites.) (This module is included in Drupal Gardens.)CSS injector (drupal.org/project/css_injector(This module is included in Stanford Sites.)Allows site builders to add new CSS (and override the theme's CSS) without editing (or even access to) the theme's files on the server. Display suite (drupal.org/project/ds(This module is included in Stanford Sites.) "[A]llows you to take full control over how your content is displayed using a drag and drop interface. Arrange your nodes, views, comments, user data etc. the way you want" by defining custom view modes. Site builders can define how one piece of content should be displayed in different places such as teaser lists, search results, the full node, views, etc."JS injector (drupal.org/project/js_injector) (This module is included in Stanford Sites.)Like CSS injector, only for JavaScript (SJ).

Development

Bundle copy (drupal.org/project/bundle_copy(This module is included in Stanford Sites.) Allows administrators to export and import content types and other entity definitions (taxonomy, user, field definitions, field groups). This is great for sharing structures between sites, instead of rebuilding them by hand each time. (Note, it does not import/export the content/data, just the structure/definitions.)Features (drupal.org/project/features) (This module is included in Stanford Sites.)"Enables the capture and management of features in Drupal. A feature is a collection of Drupal entities which taken together satisfy a certain use-case."Strongarm () (This module is included in Stanford Sites.)

Data Import

Feeds (drupal.org/project/feeds(This module is included in Stanford Sites.) "Import or aggregate data as nodes, users, taxonomy terms or simple database records." Feeds JSONPath Parser (drupal.org/project/feeds_jsonpath_parser(This module is included in Stanford Sites.)Feeds Tamper (drupal.org/project/feeds_tamper) (This module is included in Stanford Sites.)Feeds XPath Parser (drupal.org/project/feeds_xpathparser) (This module is included in Stanford Sites.)Path redirect import () (This module is included in Stanford Sites.)

Files and Images

File entity (fieldable files) (drupal.org/project/file_entity(This module is included in Stanford Sites.)"File entity provides interfaces for managing files. It also extends the core file entity, allowing files to be fieldable, grouped into types, viewed (using display modes) and formatted using field formatters."File (Field) Paths (drupal.org/project/filefield_paths(This module is included in Stanford Sites.)Requires Token. 
Adds the ability to use node tokens in destination paths and filenames. FileField Sources (drupal.org/project/filefield_sources) Extends file and image fields to allow referencing existing files, remote files, and server files.Insert (drupal.org/project/insert(This module is included in Stanford Sites.)Adds a button to file and image fields so images and links to files may be inserted inline into general text fields (e.g., the Body field).

Other

Backup and migrate ( drupal.org/project/backup_migrate (This module is included in Stanford Sites.) "Back up and restore your Drupal MySQL database, code, and files or migrate a site between environments. Backup and Migrate supports gzip, bzip and zip compression as well as automatic scheduled backups." [I use this when I can't use shell scripts in the command line on the server.] Better formats (drupal.org/project/better_formats(This module is included in Stanford Sites.) Adds more flexibility and control to Drupal's core text format system. It allows site builders to: set allowed text formats and/or default order of text formats per field; hide format tips and/or hide more format tips link per role; and hide format selection per role per entity. Bibliography module (drupal.org/project/biblio(This module is included in Stanford Sites.) For managing and displaying lists of scholarly publications, including importing from PubMed, BibTex, RIS, MARC, EndNotee and XML and exporting to BibTex, EndNote, and XML. Output styles include AMA, APA, Chicago, CSE, MLA and others. Content Access (drupal.org/project/content_access(This module is included in Stanford Sites.) Allows granular control of access to content by content types and, optionally, specific nodes by role and author, by specificing independent view, edit and delete permissions. Custom breadcrumbs (drupal.org/project/custom_breadcrumbs(This module is included in Stanford Sites.)"Allows you to create and modify your own breadcrumbs based on node type." (Breadcrumbs are that trail of links indicating the way to your current page, usually displayed just above or below the page title.) Diff (drupal.org/project/diff(This module is included in Stanford Sites.) "[A]llows pretty viewing of all added/changed/deleted words between revisions." Drupal Commerce (drupal.org/project/commerce)Flag () (This module is included in Stanford Sites.) (This module is included in Drupal Gardens.)Google analytics (drupal.org/project/google_analytics(This module is included in Stanford Sites.) (This module is included in Drupal Gardens.) "Adds the Google Analytics web statistics tracking system to your website."Inline entity form ()"Provides a widget for inline management (creation, modification, removal) of referenced entities. … Existing entities can also be referenced." This solves the chicken or egg problem for referencing content that hasn't been created yet!Job Scheduler (drupal.org/project/job_scheduler) (This module is included in Stanford Sites.)An API (helper module) "for scheduling tasks once at a predetermined time or periodically at a fixed interval."JW Player() (This module is included in Stanford Sites.) Link checker (drupal.org/project/linkchecker) Periodically checks for broken links in node types, blocks and cck fields and reports the results.Menu position () (This module is included in Stanford Sites.)Metatag () (This module is included in Stanford Sites.) (This module is included in Drupal Gardens.)Mollom () (This module is included in Stanford Sites.) (This module is included in Drupal Gardens.)Node clone () (This module is included in Stanford Sites.)Node convert (drupal.org/project/node_convert(This module is included in Stanford Sites.) (This module should only be enabled on live/production site if truly required by content editors.)Node form columns () (This module is included in Stanford Sites.)Panels ()Relation () (This module is included in Stanford Sites.) Rules (drupal.org/project/rules) (This module is included in Stanford Sites.) Lets you define conditionally executed actions based on occurring events. In other words, add logic/processing without having to code a custom module. Also required/used by many other modules. Services () (This module is included in Stanford Sites.)Site verification () (This module is included in Stanford Sites.) (This module is included in Drupal Gardens.)Taxonomy manager () (This module is included in Stanford Sites.)Universally Unique IDentifier () (This module is included in Stanford Sites.)Webform () (This module is included in Stanford Sites.) (This module is included in Drupal Gardens.)Workbench (drupal.org/project/workbench) (This module is included in Stanford Sites.) Workbench access (drupal.org/project/workbench_access) (This module is included in Stanford Sites.) Workbench moderation (drupal.org/project/workbench_moderation) (This module is included in Stanford Sites.) XML sitemap (drupal.org/project/xmlsitemap) (This module is included in Stanford Sites.) (This module is included in Drupal Gardens.)

Pages

About Drupal Sun

Drupal Sun is an Evolving Web project. It allows you to:

  • Do full-text search on all the articles in Drupal Planet (thanks to Apache Solr)
  • Facet based on tags, author, or feed
  • Flip through articles quickly (with j/k or arrow keys) to find what you're interested in
  • View the entire article text inline, or in the context of the site where it was created

See the blog post at Evolving Web

Evolving Web