Creative Juices: Programmatically Creating a Block in Drupal 8

Planet Drupal - Mon, 2014/11/10 - 10:21pm
Programmatically Creating a Block in Drupal 8 Mon, 11/10/2014 - 16:21 matt

cs_shadow: GSoC Reunion Summit 2014 from my point of view

Planet Drupal - Mon, 2014/11/10 - 8:44pm

I was very lucky to be provided with wonderful opportunity of attending GSoC 2014 Reunion Summit as a Drupal delegate. The event was celebration of ten-year anniversary of Google Summer of Code program. It was an amazing event and also my first trip to the states. I had very high expectations from this event and was very excited to attend it, and I was not appointed after I did. I totally enjoyed my time there and will try to describe my experiences in more detail below. I'll stick to a chronological in order to describe my experiences since that makes it easier for me to recollect all the things that were going on.

23rd October The long flight to San Francisco

My journey to the states started when I boarded flight to London from Hyderabad airport on the morning of 23rd (according to local time). It was a long 10 hour journey but I was accompanied by two of my friends who were also coming for the Reunion summit. From London, we had another 10 hour flight to San Francisco. While waiting at the London airport, we saw a couple of guys walking around in GSoC t-shirts. Without missing a chance to socialize, we asked them if they were also going to attend the Reunion and obviously the answer was yes. Slowly, we realized that the entire boarding area was flocked with nerds from all around the world. We boarded the flight after few introductions and it was a pleasant journey thereafter.

San Jose Marriott, webchick and more socializing

The plane landed at the SFO airport late in the evening and we checked in at the Marriott an hour later. I was a bit of late to check in and apparently they ran out of normal rooms at that point of time so they upgraded me to a Deluxe room at no extra cost which was pretty cool. At this point, I was pretty tired to do anything else apart from crashing on the bed but strong desire to see Angie Byron (webchick) ASAP kept me awake. Finally I met Angie who was in a 'Big Blue Drupal' t-shirt. It was really great to finally see her in person. It was interesting to meet another fellow Drupaler Dhruv Baldawa(dhruvbaldawa) there.

There was also a dinner planned that night, but by the time I got there only dessert counters were still open. But who cares whether or not other counters are open anyway when desserts are still being served. After that it was time for some more socializing. Meeting folks from various different projects such as Libre Office, Sahana, OSGeo, PHPMyAdmin among others was also very interesting. Our topics of discussion ranged from organizational structure of large organizations to heavy metal music so it was quite a bit of fun. After some time, I slowly disappeared from the Grand Ballroom of Marriott and went to sleep.

24th October Trip to Great America

Just after the breakfast, we boarded shuttles to the Great America amusement park. While in other amusement parks, the problem is the long queue for the rides, the major problem there was to identify whether or not a ride was open that day. This was because of the fact that the park was closed for common public that day. Yes, you heard me right - Google had booked the entire park that for the Reunion attendees which was pretty awesome. That also meant free access to the Arcade and we all got a chance to show off their skills on the Pacman and other games. After having a satisfying lunch, we headed back to the hotel.

Dressy Dinner Reception

After a downtime of a few hours, it was time for the Dinner Reception. The schedule said that we had to be in dressy outfits and of course everyone had a different interpretation of what dressy meant. For some, it meant not wearing shorts and beach t-shirts and for some, it meant wearing their Halloween costumes. The reception was held at the Tech Museum which had a bunch of geeky exhibits including an 'Earthquake Room'.

Google had organized few sessions and the speakers included Chris DiBona, Alfred Spector, Peter Norvig, Dirk Hohndel and drumroll Linus Torvalds. Since, the speakers were not announced beforehand, it was a big surprise to see Linus there. Everyone practically stood in line to get a picture with him. Though I didn't managed to get a selfie with him, it was still awesome to see him.

25th October

Followed by an opening session by Carol, it was time for the un-conference sessions. Un-conferences were the part I was most looking forward to for this summit.

Our session

Me and Angie had also proposed a session titled: 'Making your project more approachable to new contributors: Discuss strategies regarding how to help new contributors get started with your open source project' (which by the way was the most voted session on the Moderator forum for sessions). We tried to make our session more like a discussion instead of we just walking though some slides. To get the discussion started, we talked about some of the strategies we use at Drupal to help new contributors. And then, we asked others to discuss any problems or ideas they come across working on their open source projects. Since I was a recent newcomer to Drupal and Angie was an experienced Drupalista, we could present the both sides, i.e mentor and metee. It was a pretty interesting discussion overall and I got to know about various new techniques.
Slides/Notes from our session:

Plone and Drupal get together

Just after our session, someone asked me "Are you cs_shadow" and I was like ".....Yes!?". Then I came to know that he was David Bain (@pigeonflight), a rockstar Plone developer. He was a friend of Varun Baker (@varunity) who had specially asked him to get a pic with me and Angie. That was a very sweet gesture on his part and here's that pic with all of us smiling:

After our session, I went attended some other sessions such as best practices for open source documentation, codejam session and feedback session for Melange and GSoC.

GSoC 10 year t-shirt wall

The OSPO team had put up t-shirts from all the 10 years of GSoC on display which was pretty cool. We all were discussing in front of it that who has how many of those. I pointed out that I had that one, Angie said she has 'that, that and that one'. Then someone came and said that he had 8 of those and we all went Wow. Here's a pic of the wall:

26th October

That morning, we went to visit the Googleplex and had a semi-guided tour of the campus including the Android lawn statues. When we came back to the hotel, there were a few more sessions. But the the most interesting session was the 'Lightning Talks' where basically people had to showcase an awesome project in just a few minutes.

After the lunch, it was time for the closing session by Carol, which was followed by a much deserved standing ovation to the entire OSPO team, including Carol, Stephanie, Cat and others. After the session, they gave all of us a Google Cardboard which was very cool.

Quickly after that, we had to catch our shuttles, so I said goodbye to Angie, who had to catch a plane. And since I planned to stay around for a few more days, I went off to my hotel in San Francisco.

27th October onward

The Summit was officially over but I had planned to stay around for a little more so that morning I went to visit the Golden Gate Bridge area. I got a chance to meet Matthew Lechlieder (@Slurpee) and it was pretty nice to finally meet him person after those long IRC chats. Here's a pic of me and Slurpee at the Fishermen's Wharf:

To sum it all up, it was an awesome trip to the States and a big thanks to everyone who provided me this wonderful opportunity.

Tags: Google Summer of CodeDrupal PlanetReunion Summitgsoc

Stauffer: Measuring Success in Web Projects

Planet Drupal - Mon, 2014/11/10 - 8:17pm

A Ship Without a Rudder

When I was a younger developer, I struggled often with the idea that I wasn't doing meaningful work. Yes, I was building good websites. Yes, they meant something to somebody (at least to the client). But is that brochureware site really going to make the world a better place? Does this university sub-department really need its own website? (I don't think I looked at a single individual department site when I was in school.) When you work on a project that doesn't have a clear and obvious goal, it's easy to fall into this line of thinking. And that line of thinking is very demotivating to a developer - you start to feel like you're spending your days doing busywork. And that's not even touching the fact that web projects are expensive. That university sub-department is probably spending tens of thousands of dollars to make a site that the students may never visit.

The solution is to figure out and clearly define the goals of a site at the outset of the project. The main purpose of that university department site is to serve information. Potential students can learn about the department, and current staff and students keep up to date on what's going on. There are secondary purposes too, like directing potential students to the main school website, getting them to submit a contact form, or getting people to sign up for a newsletter. Just knowing that much gives you something to work towards. If your work doesn't contribute to one of those goals, then things are getting off track.

Getting on Track

Once the list of goals for a site is known, it should be communicated to the whole team. The client knows why they need a website, but the development team may not. Keeping your developers informed of a project’s goals will keep them motivated and on track.

Some projects have obvious goals. An e-commerce site, whose sole purpose is to to sell products, is probably the easiest example. This type of project is deemed a success when the profit from the store surpasses the cost of development. Sites that market an upcoming product may have obvious goals too, even if their value is more difficult to calculate. In the case of a promo site for an upcoming service, the business may plan to collect as many email addresses as possible,assigning an estimated value to each address collected. Then there are sites like libraries and club forums, which don't make any money, but have value in other ways, i.e. providing information and fostering community interaction. In those cases, the value is in making it as easy as possible for visitors to find what they are looking for. If visitors to the library site are getting lost on the way to finding content, the project is in trouble.

In any case, it's important for a project to define success for when the project goes live.

The next step, after knowing the goals, is to refine them into specific user actions like viewing a specific page or clicking a specific button. These "goalpost" actions are defined as something that users can do so we know when they have reached one of the site's goals. This makes each goal both specific and measurable. If the goal is newsletter signups, the goalpost might be "user submits the newsletter form and reaches the signup thank you page." Now every time a visitor reaches the signup thank you page, we can mark a tally because the goal is specific. Looking at the percentage of visitors reaching each goal gives us what's called a conversion rate. The higher the conversion rates, the better your website is doing what it was made to do.

Learning to Measure Progress

Setting up goalposts is what separates directionless projects from meaningful ones. Whether you, as a developer, fully stand behind the product or not, you're helping someone bring their idea into reality. And more importantly, by measuring the value of your contribution, clients can see the return on their investment.

Websites actually have it relatively easy when it comes to tracking goals like this. The most common bit of tracking info in web is just the path a user is on. If a user ends up on a path ending in /checkout/complete, chances are they just finished placing an e-commerce order. Your analytics package will note that /checkout/complete got a pageview, and now you have a tally that one more visitor completed a purchase. Of course, you can also log in to your commerce site to see how many orders are placed, but analytics dashboards are extra convenient and give you endless options for number crunching and filtering data.

For more complicated goals, any decent analytics package will let you submit custom data and track events manually. For example, if you're only tracking checkouts with /checkout/complete, you don't know how much money each individual order was worth. Using this simple method, someone buying a $10 t-shirt looks exactly the same as a person buying a $20,000 giraffe. (Why you have that in your store is beyond the scope of this article.) Custom analytics events let you pass the real value of the order, which might make a big difference depending on what you're measuring. Maybe people entering your site on the homepage mostly buy t-shirts, and people who click through from your Giraffe for Sale banner ad mostly buy giraffes. These distinctions are important for tracking the success of ad runs.

So you know your goals, you've decided on goalposts, and you’ve configured them in an analytics package. Unfortunately, users still aren't reaching the end point. What do you do now? Goal funnels can help identify pain points for your users. A funnel is a list of steps that a user takes on the way to a goalpost (marked by specific and measurable mini-goalposts, of course). Using commerce as an example, step 1 is viewing a product, step 2 is adding to cart, step 3 is starting checkout, step 4 is billing and shipping info, and step 5 is the goal - a finished checkout. Each step has a page or action associated, so we can track how far into the process users get. By watching the percentage of users hitting each step, you can see what step is scaring users off. A huge dropoff on step X tells you that something about that page is bad, wrong, or just plain broken. Revisit that step, develop a more user-friendly way to do it, and then after you push it live, measure the new conversion rate. Since you already have a funnel in place, you don't have to guess whether new development is actually better or not. You'll have percentages to back it up. (Prettier isn't always better. Sometimes users prefer unexpected things - Craigslist has barely updated its style in the last 20 years, and yet it remains popular.)

Wrapping Up

To recap, by defining and tracking the goals of a website developers stay motivated, clients focus on real sets of goals, and managers can look at the numbers and see real return on investment. So at the outset of any web project, lay out the goals. Once a general list of goals is known, refine them into specific user actions that can be tracked and measured. Analytics software can tell you the value of the completed development. If users just aren't hitting your goals, use funnels to look for pain points to improve on. All of this together will give your projects a more defined purpose with less guessing and more transparency.

Tags: Drupal , Planet Drupal , Success , Goals , Analytics

Chapter Three: Ruby, RVM, Gemsets and Bundler/Gemfiles

Planet Drupal - Mon, 2014/11/10 - 6:00pm

As a Drupal themer, we're often tasked with building multiple sites concurrently. One site may be a new build from scratch, and another could be a site built two years ago that is getting a new feature. If they utilize Sass in the theme, then they both have one thing in common:

They have Ruby gem dependencies.

What are they chances that both sites use the same versions of the same gems? Slim? None? Ever tried to build a set of Sass files when you don't have the correct gem versions installed? Oh what a pain.

Let's take the pain away with a few simple techniques.

Ruby and RVM

OS X comes with Ruby built-in, but I highly recommend installing Ruby with RVM. With RVM, you can specify the version of Ruby you want installed, plus a whole lot more. Installation instructions are available, but are outside the scope of this blog post.


Phase2: AngularJS Meet Open Atrium

Planet Drupal - Mon, 2014/11/10 - 4:52pm

The recent 2.23 version of Open Atrium contains a cool new interactive site builder and navigator application (see it in action). This application was written using the AngularJS framework.  The combination of Drupal, jQuery, and AngularJS proved to be powerful, but wasn’t without some pitfalls.

Using AngularJS in Drupal

The basics of using Angular within Drupal is pretty straight-forward.  Simply reference the external AngularJS scripts using the drupal_add_js() function, then add your custom javascript app code, then use a tpl template to generate the markup including the normal Angular tags.  For example, here is the Drupal module code, javascript and template for a simple Angular app:

// Implements hook_menu() function myapp_menu() { $items['myapp'] = array( 'page callback' => 'myapp_menu_callback', 'access callback' => TRUE, ); return $items; } // The menu callback to display the page function myapp_menu_callback() { drupal_add_js(''); $base = drupal_get_path('module', 'myapp'); // data you want to pass to the app drupal_add_js(array( 'myapp' => array( 'title' => t('Hello World'), ), ), 'setting'); drupal_add_js($base . '/myapp.js'); drupal_add_css($base . '/myapp.css'); return theme('myapp', array()); } // Implements hook_theme(). function myapp_theme() { return array( 'myapp' => array( 'template' => 'myapp', ), ); }

(function ($) { var app = angular.module("myApp", []); app.controller("myAppController", function($scope) { $scope.settings = Drupal.settings.myapp; $scope.count = 1; $scope.updateCount = function(value) { $scope.count = $scope.count + value; } $scope.myClass = function() { return "myclass-" + $scope.count; } }) }(jQuery));

<div class="myapp" ng-app="myApp" ng-controller="myAppController"> <h3 ng-class="myClass()">{{settings.title}}</h3> <p> <a class="btn btn-default" ng-click="updateCount(1)">Click</a> to increment {{count}} </p> </div>

Now, obviously we aren’t using the full Angular framework here.  We aren’t using any directives, nor are we really using Angular as a MVC framework.  But it gives you the idea of how easy it is to get started playing with basic Angular functionality.

Angular plus jQuery

Developing javascript applications in Angular requires a different mindset from normal Drupal and jQuery development.  In jQuery you are often manipulating the DOM directly, whereas Angular is a full framework that allows data to be bound and manipulated on page elements.  Trying to combine both is often a source of frustration unless you understand more about how Angular works behind the scenes. Specifically, Angular has it’s own execution loop causing a mix of Angular and jQuery code to not seem to execute in a straightforward order.  For example, in the above code, we set the class of the H3 based on the current “count” variable.  What if we modified the updateCount function to try and set a css property for this class:

$scope.updateCount = function(value) { $scope.count = $scope.count + value; $('.' + $scope.myClass()).css('color', 'red'); }

If you click the button you’ll notice that the css color does NOT change to red! The problem is that Angular is executing the query function call BEFORE it actually updates the page.  You need to delay the jQuery so it executes after the current Angular event loop is finished.  If you change the code to:

$scope.updateCount = function(value) { $scope.count = $scope.count + value; setTimeout( function() { $('.' + $scope.myClass()).css('color', 'red'); }, 1); }

then it will work.  The timeout value can be anything greater than zero.  It just needs to be something to take the jQuery execution outside the Angular loop. Now, that was a horrid example!  You would never actually manipulate the css and class properties like this in a real application.  But it was a simple way to demonstrate some of the possible pitfalls waiting to trap you when mixing jQuery with Angular.

Drupal Behaviors

When doing javascript the “Drupal way”, you typically create a behavior “attach” handler.  Drupal executes all of the behaviors when the page is updated, passing the context of what part of the page has changed.  For example, in an Ajax update, the DOM that was updated by Ajax is passed as the context to all attached behavior functions. Angular doesn’t know anything about these behaviors.  When Angular updates something on the page, the behaviors are never called.  If you need something updated from a Drupal behavior, you need to call Drupal.attachBehaviors() directly.

Angular with CTools modals

In the Open Atrium site map, we have buttons for adding a New Space or New Section.  These are links to the Open Atrium Wizard module which wraps the normal Drupal node/add form into a CTools modal popup and groups the fields into “steps” that can be shown within vertical tabs.  This is used to provide a simpler content creation wizard for new users who don’t need to see the full node/all form, and yet still allows all modules that hook into this form via form_alters to work as expected. The tricky part of this is that as you navigate through the sitemap, Angular is updating the URLs of these “New” links.  But CTools creates a Drupal Ajax object for each link with the “ctools-use-modal” class in it’s Drupal behavior javascript.  This causes the URL of the first link to be cached.  When Angular updates the page and changes the link URLs, this Ajax object cache is not updated. To solve this within the Open Atrium Sitemap app, an event is called when the page is updated, and we update the cached Ajax object directly via the Drupal.ajax array. This was a rather kludgy way to handle it.  Ultimately it would be better to create a true Angular “Directive” that encapsulates the CTools modal requirements in a way that is more reusable.


Angular can be a very useful framework for building highly interactive front-ends.  Using Drupal as the backend is relatively straight-forward.  Angular allowed us to create a very cool and intuitive interface for navigating and creating content quickly within Open Atrium far easier than it would have been in jQuery alone.  In fact, we began the interactive site map tool in jQuery and the code quickly became unmanageable.  Adding functionality such as drag/drop for rearranging your spaces and sections would have been a mess in jQuery.  In Angular it was very straight-forward. Once you understand how Angular works, you’ll be able to blend the best of Drupal + jQuery + Angular into very rich interfaces.  Programming in Angular is very different.  Learn more about Angular on the Phase2 blog!

Categories: Featured Case Studies: Doctors of BC

Planet Drupal - Mon, 2014/11/10 - 4:11pm
Completed Drupal site or project URL:

Doctors of BC was founded in 1900 as the British Columbia Medical Association, and has a long history of working for members, improving patient care, and influencing health care policy. As part of a rebranding process started in late 2012, Doctors of BC (formerly the British Columbia Medical Association), engaged Fuse to build a new Drupal based website in spring of 2014. The Doctors of BC had been running on Drupal 6 for years and the site served successfully as a key communications and transactional resource for Doctors of BC staff & members. However, with a new brand, a desire to better support mobile users and a need to replace an aging codebase it was time for a rebuild.

This was no ordinary corporate website project. The new Drupal 7 system was replacing not only an aging Drupal 6 site, but a legacy custom eCommerce system with sophisticated business logic, a complex permissions matrix and a host of integration points with internal systems. Oh... and it all needed to be responsive.

We worked alongside Cossette Communications on the project (UX & Design) and were given a tight four month timeframe to build out the project.

Key modules/theme/distribution used: CommercePanelsPanelizerMediaFeaturesFeedsMenu MinipanelsCKEditor - WYSIWYG HTML editorBeanBreakpointsPictureManual CropMenu Node ViewsMigrateDrupal-to-Drupal data migrationFlagFlag PageOmega

Paul Rowell: Drupal images; why they suck and what you can do about it

Planet Drupal - Mon, 2014/11/10 - 4:06pm

It's a well-known frustration that the core image management within Drupal isn't great (to put it mildly). Compared to CMS' such as wordpress it falls very short, there are however a few modules you can install and configure to help manage images better within your site. 


Drupal core announcements: Drupal core updates for November 8, 2014

Planet Drupal - Sun, 2014/11/09 - 2:06am

Co-authored by alimac, xjm, mparker17, and effulgentsia.

What's new with Drupal 8? DrupalCon Amsterdam and the Drupal 8 beta!

It's been more than a month since the last Drupal Core Update, and so much has happened! Around 2300 people travelled to the historic city of Amsterdam, Netherlands for DrupalCon Amsterdam, where after 5 days of sprinting, Drupal 8.0 entered beta! Beta 3 will be released on Wednesday, November 12.

Photo credit: Paul Johnson

Be sure to review the allowed beta changes policy to understand which core issues are still priorities for Drupal 8.0, and which will need to wait for Drupal 8.1 or Drupal 9.

Highly critical security fix released for Drupal 7 and 8

On October 15th, SA-CORE-2014-005, a highly critcial security fix necessary for all Drupal 7 and 8 sites was revealed and Drupal 7.32 and Drupal 8.0.0-beta2 were released to address the issue. A week later, on October 29th, the Drupal security team issued a public service announcement warning of automated attacks against Drupal sites that haven't been patched for SA-CORE-2014-005.

To help website administrators choose the best possible path for dealing with affected Drupal sites, Bevan Rudge has developed a detailed flowchart of actions to take, specific to different scenarios. One tool that can be useful is Drupalgeddon, a Drush command that can help detect some of the exploits. It is important to understand that some attacks may not leave any trace. If possible, restore your Drupal site from backup made before October 15, 2014.

In A Lesson In Security, Anthony Ferrara deconstructed the vulnerability and its resolution as well as Drupal Security Team's response. For some discussion of Drupal Security Team's practices and the media response, check out Bryan Ruby's post: Drupal Security: Not Shocking but Responsible.

D8 critical office hours with chx

Core contributor chx has started a weekly critical issue office hours on Fridays at 12:00p PST. If you are interested in really digging into a tough problem and helping resolve a stagnating release blocker, or if you are stuck on a critical currently, join #drupal-contribute IRC channel during the office hours. See chx's report of the first critical office hours for an idea of what we've done so far!

Where's Drupal 8 at in terms of release?

DrupalCon Amsterdam and the beta release have brought lots of new momentum to the critical issue queue, with many issues both identified and resolved. Of the 130 critical issues currently blocking Drupal 8's release, 1 in 3 are new since the initial beta release, and 58% have activity within the past two weeks!

Where can I help? Top criticals to hit this week

Each week, we check with core maintainers and contributors for the "extra critical" criticals that are blocking other work. These issues are often tough problems with a long history. If you're familiar with the problem-space of one of these issues and have the time to dig in, help drive it forward by reviewing, improving, and testing its patch, and by making sure the issue's summary is up to date and any API changes are documented with a draft change record.

More ways to help

As always, if you're new to contributing to core, check out Core contribution mentoring hours. Twice per week, you can log into IRC and helpful Drupal core mentors will get you set up with answers to any of your questions, plus provide some useful issues to work on.

You can also help by sponsoring independent Drupal core development.

Notable Commits

So much great work has gone into Drupal 8 in the past weeks that it's difficult to pick the best of git log --after=2014-09-18 --pretty=oneline (571 commits in total). The final beta blocker was resolved across several issues, as were many entity API, theme system, dependency management, usability, and accessibility improvements.

  • Issue #2271419 by alexpott, larowlan: Fixed Allow field types, widgets, formatters to specify config dependencies.
  • Issue #1879930 by fran seva, Gábor Hojtsy, martin107, markie, Schnitzel, alexpott, Sutharsan, mon_franco, YesCT, spearhead93, herom, Désiré: Fixed Language selectors are not showing localized to the page language.
  • Issue #1953770 by amateescu: Move the field-specific settings form elements at the top of the form.
  • Issue #2224581 by alexpott, larowlan, jhodgdon, mgifford: Delete forum data on uninstall.
  • Issue #2332935 by plach, alexpott, dawehner: Allow code to respond to entity/field schema changes.
  • Issue #2028053 by vegantriathlete, franxo, InternetDevels, thamas, rootwork, LewisNyman: Add typographic styles, components, and utility classes.
  • Issue #2226207 by lauriii, mgbellaire, Cottser, m1r1k, Mark Carver, LinL, rachel_norfolk, rteijeiro, skwashd, davidhernandez, euphoric_mv: Make 'template' the default output option for hook_theme().
  • Issue #2350779 by benjy: Update Migrate maintainers in MAINTAINERS.txt.
  • Issue #2292035 by DimitriV, mgifford | andrewmacpherson: Fixed CKEditor uses the automatically generated ID attribute for the body field in the ARIA label.
  • Issue #2324791 by Michael Hodge Jr, ParisLiakos: Remove watchdog().
  • Issue #2329501 by alexpott, mdrummond, davidhernandez | Cottser: Add to core, set Classy as base theme for Bartik and Seven.
  • Issue #2278353 by cilefen, dawehner, hussainweb, jibran, andyceo: Update to Symfony 2.5.
  • Issue #2304987 by Berdir, Wim Leers: Fixed Don't invalidate cache tags of referenced entities, use entity list cache tags correctly, add test coverage for entity list cache tags.
  • Issue #1869476 by rteijeiro, LewisNyman, lauriii, Wim Leers, mdrummond, swentel, hosef, cbiggins, larowlan, sun, EclipseGc, Gábor Hojtsy: Convert global menus (primary links, secondary links) into blocks.
  • Issue #2343759 by pwolanin, larowlan, dawehner, tim.plunkett, effulgentsia, xjm, Wim Leers: Provide an API function to replace url()/l() for external urls.
  • Issue #2002138 by yched, Jose Reyero, xjm, andypost, fago, msonnabaum, Berdir, dixon_: Use adapters for supporting typed data.
  • Issue #2338475 by herom: Remove hook_permission().
  • Issue #2232605 by alexpott, dawehner, martin107, Cottser, sun: Fixed Themes cannot be uninstalled.
Security fixes

Now that Drupal 8 is in beta, we're focusing on resolving disclosed security vulnerabilities in Drupal 8 so that site owners can safely build test sites. Here are the security fixes that have gone in over the past weeks:

  • Issue #1948418 by webflo, martin107, galooph, cilefen, gaurav.goyal, amitgoyal, dawehner, dstol: Fixed Address SA-CONTRIB-2013-035 for views in D8.
  • Issue #2357249 by Stefan Horst, greggles, larowlan, David_Rothstein, klausi: Fixed SA-CORE-2014-005 (SQL injection).
  • Issue #2304969 by pwolanin, cilefen, Berdir, Devin Carlson, klausi: Fixed Port private files access bypass from SA-CORE-2014-003.
  • Issue #2242749 by znerol, torotil, rszrama, larowlan, dawehner, penyaskito, tim.plunkett, sun, Damien Tournoud, David_Rothstein, effulgentsia: Fixed Port Form API security fix SA-CORE-2014-002 to Drupal 8.
  • Issue #2234277 by cilefen, hussainweb, Xano, netlooker, martin107: Composer update (includes security fixes).
  • Issue #2029855 by klausi, benjy, fgm, hussainweb, Cottser, pfrenssen, kim.pepper | moshe weitzman: Fixed Missing access control for user base fields.
  • Issue #2098419 by larowlan | fago: Fixed Missing default access for all comment fields.
Drupal 8 Around the Interwebs Drupal 8 in "Real Life" Whew! That's a wrap!

Do you follow Drupal Planet with devotion, or keep a close eye on the Drupal event calendar, or git pull origin 8.0.x every morning without fail before your coffee? We're looking for more contributors to help compile these posts. You could either take a few hours once every six weeks or so to put together a whole post, or help with one section more regularly. Read more about how you can volunteer to help with these posts!


Bluespark Labs: BADCamp Drupal Higher Education Summit - Stories of rapid adaption and the challenges of standardization at scale

Planet Drupal - Sat, 2014/11/08 - 7:08pm

Attending the Higher Education Summit at the 2014 Bay Area Drupal Camp was a great experience. We work with several higher education institutions and are acutely aware of the very specific challenges these organizations face. The summit improved our understanding of the issues and helped them coalesce around a few key overarching concerns: standardization, adaption and scalability.

The summit got off to a great start before even starting because of the theme selected: “Storytellers and Geeks United for Higher Ed”. A clear indication of the importance of not solving just technological issues but solving communication issues with the help of technology. Everyone was in agreement that web people and communication people need to get together to figure out how to best tell their university’s story.

The opening panel session was the perfect illustration of the theme as it brought together technologists and communications partners (with the roles often blending into each other) from the universities of Arizona State, University of California, Davis and University of California, San Francisco. The big news for all was Arizona State’s bold move to enforce (albeit with a light touch) standardization from the top down. Arizona State has embarked on a very ambitious project aiming to provide a complete set of tools for departments to build their websites that spans not just the actual web page but hosting, analytics, sophisticated email and CRM systems (institution-wide Salesforce instance). All this will ultimately enable them to realize their vision of personalizing the experience for every user of the University. While it is still early days everyone seemed very excited about what AS is attempting to do and we are eagerly awaiting news about lessons learned.

A session by John Bickar of Stanford Web Services was inspiring and provided a great roadmap for any university about how to drive adoption of Drupal within the institution and support the needs of the community by providing both infrastructure and Drupal development tools in the form of pre-baked solutions and templates. As John indicated the forthcoming challenges for them will be those of success. They are seeing great adoption of their hosting solution and web development tools and need to ensure that they will be able to scale.

Finally, I found the discussions around development processes, estimation and the use of agile particularly interesting. It is clear that where such processes have been put in place it has yielded positive results. At a break-out session on the subject everyone agreed that while agile provides a great set of principles it is equally important that to adapt the practices to the specific needs of an organization. In other words don’t be afraid to try a few different things and see what works for you, but start getting a process in place!

Overall, it looks like the future of Drupal in Higher Education is brighter than ever. The problems are those of improving communication and dealing with the success that widespread adoption brings. Helping to standardize around common practices in how Drupal is deployed and how individual departments adapt so that they can meet both wider University needs as well as their specific requirements will be key. This will allow the University as a whole and groups within it to each tell the best version of their story.

Many thanks to everyone that worked hard to make this summit possible and we look forward to attending next year!

Tags: Higher EducationDrupalDrupal Planet

Paul Booker: Sending Push Notifications to users with a given role using Private Messages

Planet Drupal - Sat, 2014/11/08 - 6:27pm
/** * Implements hook_privatemsg_message_insert. */ function push_notifications_privatemsg_message_insert( $message ) { if ( variable_get( 'push_notifications_privatemsg_integration', 0 ) ) { // Compose the payload. If the body is empty, just use the subject line. // Otherwise, combine subject and body. $payload = (empty($message->body)) ? $message->subject : $message->subject . ' ' . $message->body; $payload = 'From ' . $message->author->name . ': ' . $payload; // Compose an array of recipients. $recipients = array(); foreach ( $message->recipients as $recipient ) { if ( $recipient->type == "role" && $recipient->name != 'authenticated user' ) { $results = db_select('users_roles', 'ur') ->fields('ur', array('uid')) ->condition('ur.rid', $recipient->rid, '=') ->execute() ->fetchCol(); } elseif ( $recipient->type == "role" && $recipient->name == 'authenticated user' ) { $results = db_select('users', 'u') ->fields( 'u' ) ->execute() ->fetchCol(); } if ($recipient->type == "role") { foreach ($results as $result) { $recipients[] = $result; } } else{ $recipients[] = $recipient->uid; } } push_notifications_send_message( $recipients, $payload ); } } Tags: URL: Push Notification does not send Push when Private Message goes to Roles

Entity Pilot: The Entity Pilot exists plugin - dealing with conflicts

Planet Drupal - Sat, 2014/11/08 - 5:06am

Any content-staging workflow is going to have conflicts. In the simplest form a conflict exists when trying to import content that already exists. In more complex cases conflict might occur between revisions.

Having a solid API to detect and handle conflicts is key to any content-staging workflow. Read on to find out how Entity Pilot handles conflicts via an extendable plugin system.


Entity Pilot: Working with normalizers in Drupal 8

Planet Drupal - Sat, 2014/11/08 - 5:06am

Entity Pilot makes extensive use of normalizers for handling dereferencing incoming content.

Normalizers are a key part of Drupal 8's serialization strategies and represent a flexible extension point for your module to interact with core APIs.

Read on to learn how your code can interact with Drupal's normalizing and denormalizing operations and influence what is output by the REST and Hal modules.


Entity Pilot: Introducing Entity Pilot - Painless content staging for Drupal

Planet Drupal - Sat, 2014/11/08 - 5:06am

After nine months of development, we're proud to announce Entity Pilot, a painless content-staging solution for Drupal.

Offering a flexible content deployment model that adapts your preferred workflow, Entity Pilot aims to solve deploying content once and for all.

Read on for details on how it works and our plans for future development.


Paul Booker: Updating push notification page to send out messages to devices belonging to users with a given role

Planet Drupal - Sat, 2014/11/08 - 1:49am
/** * Additional handler for push_notifications_mass_push_form_validate form validate. */ function mymodule_push_notifications_mass_push_form_validate($form, &$form_state) { } /** * Additional handler for push_notifications_mass_push_form_submit form submit. */ function mymodule_push_notifications_mass_push_form_submit($form, &$form_state) { $recipients = $form_state['values']['recipients']; $payload = $form_state['values']['payload']; $role = $form_state['values']['role']; $language = (isset($form_state['values']['language'])) ? $form_state['values']['language'] : false; // Send message to all iOS recipients. if (!empty($recipients['ios'])) { // Get all iOS recipients. $tokens_ios = push_notifications_get_tokens_by_role(PUSH_NOTIFICATIONS_TYPE_ID_IOS, $role, $language); if (!empty($tokens_ios)) { // Convert the payload into the correct format for APNS. $payload_apns = array('aps' => $payload); $result = push_notifications_apns_send_message($tokens_ios, $payload_apns); $dsm_type = ($result['success']) ? 'status' : 'error'; drupal_set_message($result['message'], $dsm_type); } else { drupal_set_message(t('No iOS recipients found, potentially for this language.')); } } // Send message to all Android recipients. if (!empty($recipients['android'])) { // Get all Android recipients. $tokens_android = push_notifications_get_tokens_by_role(PUSH_NOTIFICATIONS_TYPE_ID_ANDROID, $role, $language); if (!empty($tokens_android)) { // Determine which method to use for Google push notifications. switch (PUSH_NOTIFICATIONS_GOOGLE_TYPE) { case PUSH_NOTIFICATIONS_GOOGLE_TYPE_C2DM: $result = push_notifications_c2dm_send_message($tokens_android, $payload); break; case PUSH_NOTIFICATIONS_GOOGLE_TYPE_GCM: $result = push_notifications_gcm_send_message($tokens_android, $payload); break; } $dsm_type = ($result['success']) ? 'status' : 'error'; drupal_set_message($result['message'], $dsm_type); } else { drupal_set_message(t('No Android recipients found, potentially for this language.')); } } } /** * Determine all recipients of a given role from a specific device type. * * @param $type_id * Device Type ID. * @param $role * User Role. * @param $language * Language code, optional. * @param $raw * Boolean, set true to retrieve the raw query results. * * @return * Array of results, null if no entries. */ function push_notifications_get_tokens_by_role($type_id = '', $role = FALSE, $language = FALSE, $raw = FALSE) { // Make sure this type_id is supported. $valid_type_ids = array(PUSH_NOTIFICATIONS_TYPE_ID_IOS, PUSH_NOTIFICATIONS_TYPE_ID_ANDROID); if (!in_array($type_id, $valid_type_ids)) { return FALSE; } // Select all tokens for this type id and users of given user role. $query = db_select('push_notifications_tokens', 'pnt'); $query->join('users', 'u', 'pnt.uid = u.uid'); $query->join('users_roles', 'ur', 'u.uid = ur.uid'); $query->fields('pnt', array('token')); $query->condition('pnt.type', $type_id); $query->condition('ur.rid', $role); // If language code is passed, limit the results by language. if ($language) { $query->condition('pnt.language', $language); } $result = $query->execute(); // Return raw result, if needed. if ($raw) { return $result; } // Otherwise, create an array of tokens. else { $tokens = array(); foreach ($result as $record) { $tokens[] = $record->token; } return $tokens; } } /** * Implements hook_form_alter(). */ function mymodule_form_alter(&$form, &$form_state, $form_id) { if ($form_id == 'push_notifications_mass_push_form') { $result = db_select('role', 'r') ->fields('r',array('rid','name')) ->condition('name',array('administrator','anonymous user'),'NOT IN') ->execute() ->fetchAll(); $role = array(); foreach($result as $role){ $roles[$role->rid] = $role->name; } $form['role']['#title'] = "Roles"; $form['role']['#type'] = "select"; $form['role']['#options'] = $roles; $form['role']['#required'] = 1; $form['#validate'][] = 'mymodule_push_notifications_mass_push_form_validate'; unset($form['#submit']); $form['#submit'][] = 'mymodule_push_notifications_mass_push_form_submit'; } } Tags:

Code Karate: How to setup a Drupal website with Bluehost

Planet Drupal - Fri, 2014/11/07 - 11:57pm

So let me guess: You either have a Drupal website or are going to create one and need a place to


ImageX Media: Speeding up your MySQL dump/restores with Mydumper

Planet Drupal - Fri, 2014/11/07 - 11:39pm
Why Mydumper?

How many times in your last web development project have you had to load a mysql/mariadb database? If your answer was "too many", and you've been frustrated by how slow the process can be, this article may be for you.


Appnovation Technologies: How to Use Drupal REST Services with AngularJs

Planet Drupal - Fri, 2014/11/07 - 11:20pm

In a previous post I showed how to use Drupal 8 RESTful services.

var switchTo5x = false;stLight.options({"publisher":"dr-75626d0b-d9b4-2fdb-6d29-1a20f61d683"});

Mediacurrent: Why Drupal is the Right Fit for Higher Ed

Planet Drupal - Fri, 2014/11/07 - 9:35pm

After speaking to dozens of higher ed institutions over the last several years, I’m convinced now more than ever that open source technology, particularly Drupal, is the best fit for these organizations. I know I’m echoing what many in the Drupal community have observed for a while, but I’d like to describe why Drupal makes so much sense for higher ed.


CMS Quick Start: Publishing Drupal 7 Content to Social Media: Part 1

Planet Drupal - Fri, 2014/11/07 - 8:55pm

 Streamlined workflows are important for sites of any size. Today it is very common to update your readers via multiple social sites, namely Twitter and Facebook. However, it can be tedious sometimes to update your site, then update Facebook and Twitter separately with the correct links (especially if you publish a lot of content). In this series we are going to explore different ways of pushing content to your social media platforms automatically.

read more


Deeson: Using PhpStorm's Live Templates for t functions

Planet Drupal - Fri, 2014/11/07 - 6:00pm

At Deeson's PhpStorm is our IDE of choice. Working with PhpStorm's Live Templates can save you some valueable time. In this post I'll show you how to use Live Templates to surround strings in simple t functions in template files.

Live templates

PhpStorm’s Live Templates are chunks of code which can be quickly inserted into a file. Surround Live Templates allow you to select a piece of text and surround it with template.

Drupal's t function

It's Drupal best practice to wrap all strings in a t function - this allow the sting to be translated. In a template file this looks like:

<span><?php print t('This is good Practice'); ?></span>

On most sites there will be hundreds of these strings, so anything that can shave off time will be worthwhile.

Take a look

Here’s an example of Surround Live Templates in action. It’s quick and easy to surround a string with a simple t function.

PhpStorm Live Templates and T function


To show the Surround Live Template list on Macs use Cmd+Alt+J and if you are on a Windows machine use Ctrl+Alt+J.

Setting up Live Templates

To set up a Surround Live Template, go to Preferences > Live Templates and click the plus symbol in the top right of the window.

A Surround Live Template needs to have ‘$SELECTION$’ in it, which is replaced with the selected text. The template also need to be available in the correct contexts.

Here's one I prepared earlier...

Have a go

To set up this T string Surround Live Template, the template text needs to be:

<?php print t('$SELECTION$'); ?>

It needs to be applicable in the ‘HTML’ context.

That’s it! You should now be able to use the template. Let us know if you've got any PhpStorm tips too.