A new contrib module that makes it easy for content editors to create Media Entities from existing Filesby lee.rowlands / 23 April 2021
We're pleased to announce the first release of the File To Media module, a relatively simple module that adds a much-requested content-editor feature - namely the ability to easily create a Media entity from an existing File.
The modules adds a new form for creating media entities from existing files, and a handy views plugin that gives you a drop-button of compatible media-types for a file.
To configure the module, edit the view provided by core at admin/content/files and add the File to Media field to the table and save the view.
Now when a user with the access files overview permission visits admin/content/files the get a handy drop-button link for any eligible files.
This link will show if:
- The file has no existing Media entity association
- The user has permission to create media of the given type
- The media-type supports files; and
- The file extension matches the field configuration for the media-type source field
Once clicking on one of the links, the user is taken to a form to create new media of that type, with the file reference and media name pre-filled based on the given file.
A relatively small module, but a very useful feature for content-editors.
And of course, backed with the test-coverage you'd expect from any of the modules we maintain.
Give it a whirl and let us know what you think in the issue queue.
Watch this space for an announcement of a soon to be released related module that handles the opposite content-editor pain-point - deleting files from disk when deleting the associated media item.Tagged Media, Media Entities
You can easily build a basic website without customizing a single setting in your Drupal installation, but chances are your needs are a bit more complex.
There’s a number of ways you can add new features to Drupal:
Let’s take a look at these three options.
🏗️ Learn how to build your own custom Drupal modules from scratch! Sign up for an upcoming training session.Optional preinstalled Drupal core modules
If you’re new to Drupal, you might not know that it comes prepackaged out of the box with a number of optional modules that you must manually activate in order to use.
If you have site content in more than one language, for example, you’ll need to turn on the four optional Multilingual modules to manage translations. The ability to store end dates in a field also needs to be activated manually.
To access the list of preinstalled optional modules, go to Admin ➜ Extend.
Here are all Drupal core modules that aren't enabled by default:Actions
What it does: Lets you configure tasks for your site to execute (e.g. send an email, unpublish a page) in response to a predetermined trigger event
When to activate it: If you need a simple automation solution for routine website tasks, or if you're using a module that includes its own actionsActivity Tracker
What it does: Lets you track what your content editors have been up to and displays a list of recently published content
When to activate it: If you want to keep track of what's getting published, when, and by whomAggregator
What it does: Allows you to gather and display RSS, RDF, and Atom feeds from external sources
When to activate it: If you wish to display aggregated content from outside your website, this might be all you need.Ban
What it does: Lets you ban specific IP addresses from accessing your site
When to activate it: Activate Ban if your site receives malicious or spam-type trafficContent Moderation
What it does: Lets you define custom states (e.g. draft, needs review, ready to publish) for your content publication workflow
When to activate it: If you have any sort of editorial process or publication calendar, Content Moderation is definitely helpful.Forum
What it does: Lets you add a discussion board to your site
When to activate it: If your site needs a discussion forum!Inline Form Settings
What it does: Displays inline error messages for your forms
When to activate it: Almost always - it's an easy way to increase your site's accessibilityLayout Builder
What it does: Provides editors with a visual, drag-and-drop interface for adding and arranging blocks and content fields directly within a piece of content
When to activate it: Read this article for an overview of the two main page editing options in Drupal, Paragraphs and Layout BuilderLayout Discovery
What it does: API module that provides a way for modules or themes to register layouts
When to activate it: Layout Discovery is required if you use Layout Builder on your site.Media
What it does: Lets you manage how media items are created, configured and displayed
When to activate it: Unless you have some kind of third-party solution for this, you'll want to activate both Media and Media Library for easier asset management.Media Library
What it does: Adds more features to the default media list, making it easier to find and use assets that have already been uploaded to Drupal
When to activate it: Almost alwaysResponsive Image
What it does: Leverages the HTML5 picture tag with formatting and breakpoint mappings in order to output responsive images
When to activate it: With today's mobile-first paradigm, responsive images are a must-have. Activate this module unless you have another option to accomplish the same thing.Settings Tray
What it does: Lets editors modify blocks directly via a page
When to activate it: If your editors have permission to edit blocks, activate Settings Tray to make it more efficient for themStatistics
What it does: Keeps track of your site's content stats
When to activate it: You can never have too much data, right?Syslog
What it does: Logs and records system events
When to activate it: See above.Testing
What it does: Provides a framework for unit and functional testing
When to activate it: Use the Testing module to monitor the impact of code changes on your siteWorkflows
What it does: Lets you create workflows with transitions between different states provided by other modules (e.g. publication states from the Content Moderation module)
When to activate it: If you rely on a state-based module such as Content ModerationExperimental modules
These three optional modules are labelled experimental, meaning they should work, but you might run into some bugs. Install at your own risk!
- Field Layout allows users to customize displays and form displays by arranging fields in columns
- Help Topics displays helper text provided by themes and modules directly in the user interface
- Workspaces lets you have multiple workspaces related to a single site, enabling content staging and full site previews
Two lesser-used field types that you can activate if needed:
- Datetime Range adds the ability to store end dates (e.g. to display multi-day events)
- Telephone adds a field for storing phone numbers
Turn on these optional helper modules if you need to migrate content from another platform or from an older version of Drupal.
- Migrate Drupal
- Migrate Drupal UI
You'll need all four of these to be active if your site handles content in more than one language.
- Configuration Translation
- Content Translation
- Interface Translation
Drupal comes with a handful of web service integrations you can activate as needed. You'll find many more of these in the contributed module library.
- HTTP Basic Authentication
- RESTful Web Services
You can find plugins and add-ons for all popular CMS options, but Drupal stands out for two main reasons:
- Modules are centralized. Nearly every available Drupal module can be found in one place.
- Modules are overwhelmingly free. While the freemium model is extremely prevalent in the CMS plugin space, Drupal's philosophy tends to discourage monetizing one's contributions to the open-source project. As a result, almost all of the community-made modules available for Drupal are available for free, forever.
If you’re looking for a community-made module to add specific functionality to your Drupal site, the official module library is your one-stop-shop. You can narrow down your search to only include actively maintained and supported modules, or, if you’d prefer an overview of what’s available, select a module category to browse.
For a side-by-side look at the available options for common use cases (content deployment, mapping, image management, etc.), refer to the comparison of contributed modules page.Have it your way: Creating custom Drupal modules
If you can’t find a module that’s able to accomplish what you’re looking for, there’s always the DIY route. If you’ve never done this sort of thing before, developing your own custom Drupal module can seem a bit daunting, but there’s plenty of help available to get you started (including our popular Drupal module development course!).
Here are a few things you’ll need to get up to speed with:
- PHP, the main language involved in building custom Drupal modules, and a solid understanding of object-oriented programming
- Common design patterns, especially dependency injection, which is heavily used in Drupal
- PHP namespaces
- Symphony, a PHP framework
- PHP annotations
- Drupal’s Plugin API
This page lists lots of resources for each topic to help you start learning.
If you’re already familiar with most of the concepts listed above, you can skip to this tutorial and try building your first Hello World module.Make Drupal yours
Evolving Web’s experienced Drupal team can help you build the digital experience platform of your dreams.
Whether you need advice on extending Drupal’s functionality with modules or you’d like to start building your own custom project, we offer the assistance, training, and support you need to get it done quickly and effectively. Reach out to us, and start doing more with Drupal.+ more awesome articles by Evolving Web
As DrupalCon comes to a close for the crew at Mediacurrent, we’ve all had a chance to reflect on the experience. Here are the top 10 things we loved and learned at this year’s event.1. Opening New Doors to ‘Discover Drupal’
Drupal talent is in high demand and The Drupal Association is focused on cultivating that talent with an emphasis on diversity, equity, and inclusion. That’s important to our team at Mediacurrent, too. We love helping young professionals get started in a Drupal career (like our two student interns who experienced their first-ever DrupalCon last week!) and we jumped at the chance to become a training partner for the just-launched Discover Drupal program. We will be mentoring students and providing an opportunity to intern with us after they have finished their scholarship.
Speaking of training, our booth offer this year was a drawing for a free 4-hour training workshop in one of our most popular topics: Front-End Development, Decoupled Drupal with Gatsby, or Drupal Component-Based Theming. We are very excited to be drawing the names of 3 winners this week, who will learn about current technology demands and best practices using active discussion and a hands-on workshop. Watch our Twitter channel to see who wins!2. Bright Horizons Ahead for Drupal 10
Dries reinforced that the sun is quickly setting on Drupal 8, with community support ending this fall. Drupal 7’s days are numbered as well. If you haven’t already, it’s time to think about your Drupal 9 action plan.
The community’s innovation efforts will focus on Drupal 9 while also looking ahead to June 2022 — the target release date for Drupal 10.
3. Going Back to Our Site Builder Roots
Drupal’s roots are about empowering site builders to build ambitious websites with low code.
-Dries Buytaert, State of Drupal Keynote - DrupalCon North America 2021
What made YOU fall in love with Drupal?
In his State of Drupal keynote, Dries reflected on Drupal’s core strength to find focus for the year ahead. He reasoned that to help our community grow and become even more successful, we need to give every user a clear reason to adopt Drupal.
Many Drupal love stories share a common spark; the feeling of being quickly empowered by Drupal’s low code approach. To give site builders that “love at first site” feeling, Dries announced the Project Browser Initiative. That goal is to make site builder basics like installing a module as easy as installing an iPhone app and rise to the competition of Wix, Squarespace, and WordPress.
4. Building a Better Foundation for Future Features
Everyone wants to know what comes next for our favorite digital experience platform. As always, DrupalCon sessions and the Driesnote shed some light on the innovation that lies ahead, highlighting both core and contrib initiatives that the community is working to advance.
Visitors to the Mediacurrent booth saw how Rain CMS speeds up development and gives content creators the authoring experience they crave. (If you missed it, Rain CMS now ships with Layout Builder to make page building a breeze)
Dries shared a progress update on the core strategic initiatives that are blazing trails for future functionality and improvements in Drupal core. These initiatives shaped the program content, with a different one assigned to each day of the conference.
- Easy Out of the Box - This initiative is improving Drupal's ease-of-use remains a top priority.
- Automatic Updates - By getting automated security updates into Drupal 9 core, we can help site owners sleep soundly.
- Drupal 10 Readiness - Drupal 9 is just under a year old but the community is already looking ahead. Dries called for community support to hit the target release date for Drupal 10.
Drupal continues to shine as of the most scalable, robust, and mature development communities in open source. We heard from Heather Rocker, Global Executive Director of the Drupal Association, about some of the initiatives that are making it easier for first-time and non-coding contributors to get involved.
Both individual and company-level contributors were celebrated on the DrupalCon stage. Congratulations are in order for AmyJune Hineline, the recipient of this year’s Aaron Winborn Award. The award honors individuals for their outstanding commitment to the Drupal project and community. (Check out our interview with AmyJune from season one of the Open Waters podcast.)
Giving back to Drupal remains a core priority for the Mediacurrent team. This year, we’re proud to show our support for the Drupal Association as a Diamond Drupal Certified Partner and excited to maintain our rank as one of the top five organizational contributors.
6. The More Sites, The Merrier
How do you manage and maintain dozens or even hundreds of sites effectively?
That’s the question Jay Callicott, VP of Operations at Mediacurrent, set out to answer in his DevOps track session on scaling Drupal with the power of multisite. Drupal’s multisite capabilities are a standout feature, setting it apart from other CMS platforms. Yet there’s a lot to consider - configuration, deployments, site provisioning, and more.
This session recording is now available to registered attendees with public access coming in a few weeks. Stay tuned!
7. Making Sense of Open Source Security
Mediacurrent’s Drupal security pros took the stage to tackle a timely topic: open source security for marketing and business leaders.
As open source software like Drupal continues to become widely adopted, sticking to security standards is a challenge. The global losses from cybercrime totaled nearly $1 trillion last year (csis.org), raising the stakes on security even higher.
Be on the lookout for the session recording for a playbook on how to optimize your Drupal security. They covered how to become a security-first organization, embrace process automation, harden Drupal security, and create clear security policies.
8. Higher Education: The Stage for Ambitious Digital Experiences
DrupalCon’s industry summits are always a great accompaniment to the regular program, and this year was no exception. At the Higher Education Summit, Director of Development Dan Polant was joined by one of Mediacurrent’s ivy league partners to co-present a case study session. We saw how the university relies on Drupal to model complex data and got a behind-the-scenes look at the decoupled architecture with Gatsby.
9. Drupal is Powering Hope
At this year’s DCon, we saw how Drupal is powering some of the most impactful organizations in the world. All but one of the major COVID-19 vaccine-producing companies use Drupal.
Major nonprofits like Habitat for Humanity also rely on Drupal. Through its website, the organization has helped more than 5.9 million people build or improve the place they call home. Mediacurrent has been honored to support Habitat’s mission and partner with them to build a maintainable platform that thrives on support from the Drupal community. The Drupal Showcase session recording for Habitat for Humanity: Building a foundation for digital success will be publicly available soon. We’re grateful for the opportunity to reflect on the success we achieved through our partnership, and we hope others can learn from it.
10. The Momentum Continues With Drupalfest
DrupalCon has ended but the celebration continues with Drupalfest.
Interested in learning more about contributing to Drupal? Let Mediacurrent’s Community Lead Damien McKenna be your guide. Join Damien for Contrib Open Hours through the end of April.Watch the State of Drupal Keynote
Check out the recording of the State of Drupal keynote below.
Cheers to 20 years, Drupal! We look forward to gathering again next year.
Last week, Drupalists around the world gathered virtually for DrupalCon North America 2021.
I gave a Drupal 9 and Drupal 10 update, talked about going back to our site builder roots, and discussed the need to improve Drupal's contributor experience.Drupal 9 update
People are adopting Drupal 9 at a record pace. We've gone from 0 to 60,000 websites in only one month. In contrast, it took us seven months to reach the same milestone with Drupal 7, and three months for Drupal 8.With Drupal 8, after about 1.5 years, only a third of the top 50 Drupal modules were ready for Drupal 8. Now, only 10 months after the release of Drupal 9, a whopping 90% of top 50 modules are Drupal 9 ready. Drupal 10 update
Next, I spoke about the five big initiatives for Drupal 10, which are making progress:
- Decoupled menus
- Easy out of the box
- Automated updates
- Drupal 10 readiness
- New front-end theme initiative
I then covered some key dates for Drupal 9 and 10:Improving the site builder experience with a project browser
When I ask people why they fell in love with Drupal, most often they talk about feeling empowered to build ambitious websites with little or no code. In fact, the journey of many Drupalists started with Drupal's low-code approach to site building. It's how they got involved with Drupal.
This leads me to believe that we need to focus more on the site builder persona. With that in mind, I proposed a new Project Browser initiative. One of the first things site builders do when they start with Drupal is install a module. A Project Browser makes it easier to find and install modules.
Drupal has one of the largest and most robust development communities. And Drupal.org's collaboration tools have been key to that success.
What you might not know is that we've built these tools ourselves over the past 15+ years. While that made sense 10 years ago, it no longer does today.
Today, most Open Source communities have standardized on tools like GitHub and GitLab. In fact, contributors expect to use GitHub or GitLab when contributing to Open Source. Everything else requires too much learning.
For example, here is a quick video that shows of how easy it is to contribute to Symfony using GitHub:
Next, I showed how people contribute to Drupal. As you can see in the video below, the process takes much longer and the steps are not as clear cut.
(This is an abridged version of the full experience; you can also watch the full video.)
To improve Drupal's contributor experience, the Drupal Association is modernizing our collaboration tools with GitLab. So far, this has resulted in some great new features. However, more work is required to give new Drupalists an easier path to start contributing.
Please reach out to Heather Rocker, the Executive Director at Drupal Association, if you want to help support our GitLab work. We are looking for ways to expand the Drupal Association's engineering team so we can accelerate this work.Thank you
I'd like to wrap up with a thank you to the people and organizations who have contributed since we released Drupal 9 last June. It's been pretty amazing to see the momentum!
As you may know, Drupal 6 has reached End-of-Life (EOL) which means the Drupal Security Team is no longer doing Security Advisories or working on security patches for Drupal 6 core or contrib modules - but the Drupal 6 LTS vendors are and we're one of them!
Today, there is a Critical security release for Drupal core to fix a Cross-Site Scripting (XSS) vulnerability. You can learn more in the security advisory:
If you have a Drupal 6 site, we recommend you update immediately! We have already deployed the patch for all of our Drupal 6 Long-Term Support clients. :-)
FYI, there were other Drupal core security advisories made today, but those don't affect Drupal 6.
If you'd like all your Drupal 6 modules to receive security updates and have the fixes deployed the same day they're released, please check out our D6LTS plans.
Note: if you use the myDropWizard module (totally free!), you'll be alerted to these and any future security updates, and will be able to use drush to install them (even though they won't necessarily have a release on Drupal.org).
Tag1 Consulting: Automating Infrastructure with EKS and Pulumi: Deploying New Enterprise Web Applications in Minutes - Part 1
Today’s business reality is nearly every company needs at least one website in order to be successful in their business. As organizations get larger, the number of websites companies need also increases. From Human Resources, to sales support, to customer service and support, different groups in your organization may have some similar needs, but different access levels. Making these websites turnkey can reduce the amount of time your IT or devops teams need to spend standing up resources. It can also significantly reduce development costs when you have a deployable website instance that can be used to fulfill the needs of several organizations in your company. In this first part a two part series, Tag1 Managing Director Michael Meyers talks with CIO Jeff Sheltren, and Senior Infrastructure Engineer Travis Whitehead about the challenges large enterprises face, and the software-based solutions Tag1 is using to help our customers be more successful with standardized website deployments. ### Additional resources - EKS - Pulumi For a transcript of this video, see Transcript: Deploying New Enterprise Web Applications in Minutes - Part 1. Photo by Amir Hanna on UnsplashRead more lynette@tag1co… Wed, 04/21/2021 - 11:26
Drupal core's sanitization API fails to properly filter cross-site scripting under certain circumstances.
Not all sites and users are affected, but configuration changes to prevent the exploit might be impractical and will vary between sites. Therefore, we recommend all sites update to this release as soon as possible.Solution:
Install the latest version:
- If you are using Drupal 9.1, update to Drupal 9.1.7.
- If you are using Drupal 9.0, update to Drupal 9.0.12.
- If you are using Drupal 8.9, update to Drupal 8.9.14.
- If you are using Drupal 7, update to Drupal 7.80.
Versions of Drupal 8 prior to 8.9.x are end-of-life and do not receive security coverage.Reported By:
- Alex Pott of the Drupal Security Team
- Jasper Mattsson
- Michael Hess of the Drupal Security Team
- Wim Leers
- Heine of the Drupal Security Team
- Peter Wolanin of the Drupal Security Team
- Jess (xjm) of the Drupal Security Team
- Samuel Mortenson of the Drupal Security Team
- Alex Bronstein of the Drupal Security Team
- Lee Rowlands of the Drupal Security Team
- Adam G-H
- Drew Webber of the Drupal Security Team
We are going to use Bootstrap 4 in Drupal 8/9 with Bootstrap Barrio. The Bootstrap Barrio theme for Drupal 8/9 integrates Bootstrap 4 (or Bootstrap 5 if you want) with your Drupal site.
Bootstrap is a very popular framework for building websites. It provides designers and developers with a common language to communicate, making the development process a lot easier.
Creating a subtheme of Barrio is a straightforward process. This tutorial will explore the basic configuration options of the theme, which are managed through a complete graphical user interface.
Keep reading to learn how!
For the second year in a row, DrupalCon NA went virtual - and it was great. Here are some of our top takeaways from the event.READ MORE
Dealing with constant upgrades and changes to the project requirements is not just the despair of all developers, but also dents the pockets of the clients. When discussing the project development - time and cost go hand in hand. The more the development time, the higher will be the cost.