Planet Drupal

Subscribe to Planet Drupal feed
Drupal.org - aggregated feeds in category Planet Drupal
Updated: 6 hours 23 min ago

ADCI Solutions: Drupal Global Training Day #5

19 September 2017 - 12:12am

We used to feel satisfied with just giving a few lectures at Drupal Global Training Day. What do we see now? We see young Drupal developers who are hungry not only for knowledge but for practice, too.

 

Learn about the easy way of organizing a practical part at GTD.

Categories: Drupal

Code Positive: Automate Drupal 8 Deployment On Pantheon With Quicksilver Scripts

18 September 2017 - 6:50pm

Drupal deployment automation for Pantheon hosting - save time, make deployments safer, automate your testing workflow, and leave the boring repetative work to the computers!

READ MORE

 

Categories: Drupal

OSTraining: Dropdown Menus in Drupal 8 with the Superfish Module

18 September 2017 - 6:00pm

If you want to build a large, multi-level drop-down menu in Drupal 8, then the Superfish module is a great choice.

The Superfish module makes use of the jQuery Superfish menu plugin, which is useful for multi-level drop-down menus. Superfish has more features than most dropdown menus. It supports touch devices and keyboard interaction.

Categories: Drupal

Bay Area Drupal Camp: Summit Registration is Now Open!

18 September 2017 - 10:54am
Summit Registration is Now Open! Grace Lovelace Mon, 09/18/2017 - 10:54am BADCamp Drupal Summits

Summits are one-day events focused around specific topics and areas of practice that gather people in specific industries or with specific skills to dive deep into the issues that matter and collaborate freely.

 

Sign Up for a Summit Today!

 

Nonprofit Summit (Wed)

The BADCamp Nonprofit Summit (NPS) is back in Berkeley for 2017 with even more opportunities for nonprofits and developers to collaborate, learn, and grow! We’ve got a full day of case studies, presentations, and small-group breakout sessions, all led by nonprofit tech experts. Come discover new tools and strategies, learn how to use them, and make contacts with other members of the Drupal nonprofit community!

Higher Ed Summit (Thurs)

The Higher Education Summit is a unique opportunity for site owners, IT managers, developers, content creators, and agencies dedicated to supporting and advancing the use of Drupal in academia to share, learn, and strengthen our community of practice. Through panels, talks, and ample breakout sessions, participants share and learn from one another’s victories and challenges, and build momentum in cross-institutional initiatives. Drupal behind the login. This year's theme is using Drupal as a collaboration tool (intranets, research sites, data sharing, administrative tasks, portals, etc.).

Front End Summit (Thursday)

Perhaps more than any other discipline, front-end development has been rapidly evolving over the past several years to accommodate an ever-changing variety of workflows, toolsets, best practices, and technologies. As BADCamp turns 10, let us acknowledge the past, assess current trends, and discuss the future of front-end development at the Frontend Summit.

Backdrop Summit (Wed)

Backdrop CMS is a content management system based on the Drupal you know and love, but with a new mission that aims to decrease the cost of long-term website ownership. The goal of this Drupal fork is to empower more people to do more things on the web. At the Backdrop Summit you'll learn about the Backdrop software and its differences from the Drupal CMS.

DevOps Summit (Thurs)

Want to accelerate development at your organization? The DevOps Summit is about inspiring people (aka YOU) with new processes and tools to help transform ideas into working web applications. We’ll be discussing topics like automated testing, continuous integration, local development, ChatOps, and more. Along the way you’ll have a chance to pick the brains of leading DevOps professionals in the Drupal community. Anyone who is looking to work with happier development teams while saving time and money should attend.

  Do you think BADCamp is awesome?

Would you have been willing to pay for your ticket?  If so, then you can give back to the camp by purchasing an individual sponsorship at the level most comfortable for you. As our thanks, we will be handing out some awesome BADCamp swag as our thanks.

We need your help!

BADCamp is 100% volunteer driven and we need your hands! We need stout hearts to volunteer and help set up, tear down, give directions and so much more!  If you are local and can help us, please sign up on our Volunteer Form.

Sponsors

A BIG thanks to our sponsors who have committed early. Without them this magical event wouldn’t be possible. Interested in sponsoring BADCamp? Contact matt@badcamp.net or anne@badcamp.net


Thank you to Pantheon & Acquia for sponsoring at the Core level to help keep BADCamp free and awesome.

Drupal Planet
Categories: Drupal

Colan Schwartz: Client-side encryption options now available in Drupal

18 September 2017 - 10:24am
Topics: 

After the success of last year's GSOC project with Drupal, I thought it would be a great idea to see if we could take what we did there (server-side encryption) and do something similar on the client side. The benefit of this approach is that unencrypted content/data is never seen by the hosting server. So it's not necessary to trust it to the same degree. This has been a requested feature for some time, and become very popular within the instant-messaging space.

I posted the idea, but wasn't sure how much traction there would be given the additional complexity. Before long, there were two interested students, Marcin Czarnecki and Tameesh Biswas, who were interested in the project given their interest in cryptography. They both wrote very good proposals, which we in the Drupal community accepted.

With the help of Adam Bergstein (my co-mentor from last year) and Talha Paracha (last year's student), we were able to mentor both students in working towards completing their projects, even with the added complexity. Unlike last year, users' passwords couldn't be used to encrypt anything because the site has access to these. An out-of-band mechanism was necessary to perform the encryption, public-key cryptography. It needed to be in the hands of users themselves instead of being handled implicitly by the server.

I'm delighted to report that both students passed. The community can now take their projects and build upon them. Please review the new Drupal modules at Client-side content encryption (overview) and Client Side File Crypto (overview). If there are any issues, please open tickets in the respective queues.

This article, Client-side encryption options now available in Drupal, appeared first on the Colan Schwartz Consulting Services blog.

Categories: Drupal

Deeson: Where to find Deeson at DrupalCon Vienna 2017

18 September 2017 - 9:06am

It’s official: Deeson is in the top 30 of companies contributing to Drupal globally! As huge proponents of open source we’re proud to be playing a key role in supporting the health of the project, and this is testament to the hard work of our development team.

Next week we’re heading to DrupalCon Vienna 2017. We’re pleased to sponsor the Women in Drupal event again this year, and in the spirit of sharing what we’ve learned we’ll also be delivering several sessions throughout the event. Here’s a taste of what to expect:

Component driven front-end development

John Ennew. 26th September, 2.15pm in Lehar 2.

Pages are dead - long live components.

With a component based approach your development team can maintain a catalogue of templates independent of the backend CMS.

When the backend work starts, these components will then be integrated into Drupal. This talk will describe a method for doing this which does not cause complex themes or copying pieces of template code out of the front-end prototypes.

This talk will cover:

  • The general approach to component based development
  • A method for developing components independent of the backend system which will be used
  • How to integrate the components with Drupal 8
  • An overview of the advantages of this approach
Building social websites with Group and Open Social

Kristiaan Van den Eynde. 27th September, 10.45am in Lehar 1.

A lot of Drupal sites are run by only a handful of people. A few power users receive the rights to administer other user accounts, some others can post and publish content and everyone else can just view content and “use” the site. It’s when this scenario doesn’t suit your needs that you might want to have a look at the Group module.

Group allows you to give people similar permissions like those above but only for smaller subsections of a website. Say you run a school website and you want students to be able to only see the courses that are available for them to enroll in, but nothing else. Or you want to run a social network where users can post content, but only within their sandboxed area on the website. Group’s got you covered.

This session will be a brief description of the Group module by its author Kristiaan Van den Eynde (Deeson) and explain its key concepts. We will demo how to configure it and then show you how Group is used in the wonderful Open Social distribution.

Joining us for the second part of the presentation, Jochem van Nieuwenhuijsen (GoalGorilla / Open Social) will explain how Group enabled a team of talented developers to build a social network using Drupal 8. He will list some of the challenges and show you some of the cool stuff they built on top of the Group module.

This session is suitable for developers with some experience with Drupal 8 site building, but most of the presentation should be easy to digest for even the most junior site builders.

Birds of a Feather sessions

Drupal recently announced that Vienna will be the last European conference for the foreseeable future, and that they will host BoFs at the event for the community to discuss the future. 

If you’re not familiar with the BoF format, DrupalCon describes them as “informal gatherings of like-minded individuals who wish to discuss a certain topic without a pre-planned agenda”. This year, Deeson team members are delivering five BoF sessions:

Facilitating happy, high performing distributed teams

Tim Deeson. 26th September, 10.45am in Galerie 11-12. 

An opportunity to share tips and tools for what you've found works or problems you want help with.

At Deeson we've found a mix of tools, processes and relationship building is key. And that sharing what works for us and learning from others is invaluable.

  • Are there tools that you find that really make a difference?
  • Any team events or activities that help people get to know each other?
  • How do you spot if someone isn't happy or engaged?
  • What methods works or doesn't work for different types of personalities?
  • Is always-on Slack a blessing or a curse?
  • Do in-person events matter or can everything be done online?
  • Do you have a structured way of supporting the team to get know each other well?

Bookmark this session

Agile and agencies

John Ennew. 27th September, 1pm in Galerie 15-16. 

The are many ways to run an Agile project.

Much of the written support for working with Agile is based on an internal team which doesn't always support to how the client and agency relationship works.

Agencies have a variety of mechanisms for running an Agile project from simply embedding the ceremonies of Agile to actually ensuring the project team, client and contract are Agile from the start. 

Come along and share your experiences (highs and lows), your tips and your best practices for making Agile work in an Agency.

Bookmark this session

Creating technical excellence in the tech team

John Ennew. 28th September, 2.15pm in Galerie 11-12.

Are you a technical lead?

Come and meet like minded people to share your experiences in managing your team members and ensuring technical excellence.

Bookmark this session

The road ahead for Group: New features and future development

Kristiaan Van den Eynde. 27th September, 3.45pm in Galerie 15-16.

This BoF is intended for site builders who are actively using Group for Drupal 8 and are wondering what's currently planned for development or for site builders who think there is a key feature missing from Group 8 right now. The goal is to either learn about what's coming or to actually add something to the roadmap, provided it would be useful to a larger audience.

Bookmark this session

Reinventing the entity access layer (Node access for all entities)

Kristiaan Van den Eynde. 28th September, 12pm in Galerie 13-14.

This BoF is intended for those involved in https://www.drupal.org/node/777578 and all those who wish to participate by writing a proof of concept or by brainstorming over possible approaches.

Bookmark this session

Heading to DrupalCon Vienna 2017? We’d love to meet you! Drop us a line on Twitter if you want to chat to us or email hello@deeson.co.uk.

Categories: Drupal

Drop Guard: Drop Guard is cutting costs by 40% - facts and figures

18 September 2017 - 6:45am
Drop Guard is cutting costs by 40% - facts and figures

While working with other NGOs and agencies during the last 1,5 years, we collected more and more information about the time and money that Drop Guard will save your agency. On our website, we claim that Drop Guard will cut your update costs by 40%. CTOs and COOs want to challenge numbers like this and ask how exactly this ROI is calculated. That’s why I want to share the detailed information in this blog post with you.

Security updates are released every Wednesday. If you work in a Drupal shop that cares about security, you have to apply updates for every site every Wednesday or at least Thursday.

Drupal Business Drupal Planet
Categories: Drupal

Chromatic: How To: Multiple Authors in Drupal

18 September 2017 - 6:35am

A brief rundown of how to configure Drupal to display multiple content authors.

Categories: Drupal

Appnovation Technologies: Appnovator Spotlight: Richard Hales

18 September 2017 - 5:41am
Appnovator Spotlight: Richard Hales Who are you? What's your story?  Richard Hales - "Talent Acquisition". With 13 years in recruitment, working with some top global brands, hiring some of the best talent. I now use that experience and those connections to find the very best people for Appnovation What's your role at Appnovation?  Working in the UK, I am ideally placed to serv...
Categories: Drupal

Vardot: What Is A Chatbot, And Why Is It Important For Your Business?

18 September 2017 - 4:06am
What Is A Chatbot, And Why Is It Important For Your Business? Dmitrii Susloparov Mon, 09/18/2017 - 14:06

There is a great deal of enthusiasm surrounding chatbots in the Internet technology world today. Fanning the flames was the news that the White House had created a Facebook chatbot using Drupal. This post explains what a chatbot is, its current status, and how it can benefit business enterprises.

What is a chatbot?

Chatbots are software agents which communicate and collaborate with human users through text messaging using a natural language, say English, to accomplish specific tasks. Examples of common tasks in a business context are product inquiries, ordering, and troubleshooting.

 

Chatbots holds the promise of being the next generation of technology that people use to interact online with business enterprises. From a historical perspective, the first generation of customer contact technology involves websites. Users opens the company website within their browser, navigate web pages to get the information they want and to trigger various e-commerce transactions, such as ordering a product. Next up are mobile apps which users can download on their smartphones or tablets. The problem with apps is that people have to manually download and learn to use each of them. Chatbots lead the way for the next wave of technology. With chatbots, there are no new apps to download. This is because most users already have at least 1 instant messaging application installed on their communication devices, e.g., SMS, Facebook Messenger, Slack, Telegram, Kik, etc. Another advantage for chatbots is that, because chatbots communicate using a natural language, users don't need to learn yet another new website interface and to get comfortable with the unavoidable quirks.

 

The chatbot interface is powered by Artificial Intelligence (AI) technologies. AI is tasked to understand the text that users enter and pass on the knowledge to the backend for processing. Another benefit of using AI is that the chatbot will learn over time to better understand user preferences and as a result, deliver better and faster services.

Why are chatbots important to enterprises?

It was reported that, in 2016, for the first time in Internet history, there were more people using messaging apps than social media. It follows that chat has outpaced social media to become the de facto standard in how mobile users want to make contact. Mobile users are known to be an impatient bunch, ready to abandon any website en masse if they are made to wait for mere seconds after their initial request. Is your business staffed properly to handle this 24x7 onslaught of customer product queries, sales orders, and support requests?

 

Image Source: Business Insider

 

Chatbots can be programmed to monitor and respond to those chat sessions that fall within their domain expertise, such as troubleshooting, return merchandise authorization (RMA), sales inquiry, etc. For chatbots to do their job, enterprises first need to capture the aforementioned domain knowledge in a knowledge base. Once the knowledge becomes accessible, chatbots can staff the all-important corporate functions 24x7.

 

By deploying chatbots, a business can save money by easing the staff head count while guaranteeing good service response time. Besides its always-on feature, another major advantage of using chatbots is the consistency in how your business processes are applied: chatbots will execute the business logic consistently in all customer contacts.

 

Chatbots, advanced that it is, is not the panacea of all enterprise customer service problems, nor does it completely replace the entire human work force. Human agents are still required to solve the more complex problems that are beyond the ability of chatbots. While chatbots can resolve the most basic troubleshooting tasks, second-level support technicians are still required to tackle the complicated product issues.

State of the union

The chatbot technology is still an emerging technology. There are many components that have to work together to make chatbots work. As of today, the technology stack is not standardized, and a clear market leader has not yet manifested itself.

 

Just as there are many messaging apps, there are as many, if not more, chatbot building platforms, each designed to work with a subset of specific messaging apps. Some messaging app vendors, such as Facebook and Telegram, also provide their own official chatbot building platforms. Besides those, there are other third-party chatbot platforms that support multiple messaging apps. For instance, Chatfuel is a chatbot platform that supports both Facebook and Telegram. The Microsoft Bot Framework supports Facebook Messenger, Slack, and SMS.

 

Most chatbot building platforms claim that chatbots can be developed in minutes with no coding required. While creating a chatbot may take only minutes, making it do something useful involves customization including configuring the AI front-end engine, the e-commerce and payment processor backend, etc. Given the myriad technical choices and possibilities, it is best to leverage professional help to guide the development of chatbots for your business enterprise.

Chatbots and Drupal

Many businesses have already crafted their online presence in the form of a website using an enterprise-class CMS technology, for instance, Drupal. The good news is that you can add chatbot technology to your existing technology infrastructure, rather than starting from scratch.

 

If you have already built an enterprise-class Drupal website, you are a one-step ahead of everyone else. The Drupal infrastructure is essentially a portal that captures your business logic, including the backend portion that interfaces with your e-commerce and other back office systems. Adding chatbots to your overall technology stack involves adding the proper middleware to connect your chatbot frontend with your Drupal-based business logic backend.

 

As stated in the previous section, chatbots itself is an emerging technology that may be outside the scope for most in-house development expertise. Adding the middleware to join together chatbots and your Drupal backend is an extra level of software complexity. This middleware framework is available from the Drupal community, but is currently in a very early stage for commercialization. To ensure success for your chatbot project, professional consulting is highly recommended.

 

If you require professional services, whether to build from scratch an enterprise-class Drupal website with chatbot integration, or to add chatbot capabilities to your existing Drupal platform, Vardot is pleased to offer such services from its Jordanian headquarters or its American and Egyptian regional offices. Contact us now for more details regarding your project!

Categories: Drupal

Deeson: Component driven front-end development

18 September 2017 - 3:58am

At Deeson we’ve been working on ways to develop our front-end independently from any back-end application.

Our front-end team has developed web applications using decoupled JavaScript frameworks including Angular and React but we’ve found that for many website projects a full web application is overkill and the traditional HTML templating approach is still the most efficient.

Our back-end application is usually Drupal but we’re increasingly using other frameworks such as Laravel or Symfony and would like to be able to use a consistent approach for our front-end teams. 

We’ve developed a system for this that allows modern build tools, practices Component Driven Development, allows the generation of living style guides and is agnostic to the back-end.

Component Driven Development 

A component, for us, is a collection of HTML, CSS and JS that goes together to form some display element. Consider this against a more traditional approach where HTML, CSS and JS are stored in separate global files, for example, in a global style.css and app.js files.

By grouping code together into components, we separate our application by the domain language, rather than arbitrarily by file extension. This isolates components and makes them easier to develop and maintain.

Components get named based on the domain language of the project and client. Components are not defined for the designer by the limitations and modeling of the application. This provides a common language for the designers, developers and client and reduces the chances of misunderstanding when it comes to the development of functionality.

Using the BEM approach to structuring CSS we isolate much of our CSS to specific components rather than continuously generalising CSS in the way a CSS framework like Bootstrap does. This isolates much of the CSS to a specific component giving us high cohesion and low coupling allowing for confident maintenance, removing much of the fear of wondering what effect changing a piece of CSS is will have on the whole site.

This better matches the way that we work where the complexity of our challenging designs mean rapid delivery using a CSS framework isn’t possible.

Living style guides

The output of our front-end development will include a style guide which will render each of our components into static pages.

Style guides are useful as they demonstrate the components independently of the specific implementation. This allows more rapid front-end development as front-end developers can work without having to worry about how the back-end will integrate.

Over time, however, these style guides move out of sync with the applications they were developed to provide styling information for. An application developer's job is to integrate the HTML provided by the style guide into the finished site. This has meant copying and pasting code out of the style guide templates and into the application’s templating system.

At this point we have duplication of code and the ability to maintain a strict style guide is lost. When the style guide is updated, all the application templates affected must be identified and updated as well.

Our approach makes the style guide a living style guide. The front-end templates we produce for our components get referenced directly from the target applications theme system. This means that our front-end templates are the exact same ones that the application will be using within the theme.

Front-end developers can make changes to it knowing that those changes will flow through into the application without need for a second step.

For Drupal developers this means either providing new theme functions for the front-end templates or referencing our front-end templates from within Drupal templates.

Modern build tools, agnostic to the back-end

Freed from the constraints of a specific application’s templating system we can select the most appropriate tools for the job of front-end development.

Our front-end tooling uses the latest standards and tools. We’re using yarn for package management, and webpack to bundle the static assets. 

Very little knowledge of the back-end is assumed or needed in this approach. You can confidently bring new front-end developers onto your team who are used to using the latest tools without having to spend the first few weeks teaching them the specific theming language and quirks of your back-end application such as the Drupal theme layer.

A real example 

We’ve got an exemplar project to showcase this way of working. If you clone the project at https://github.com/teamdeeson/cdd-demo and follow the instructions in the README you’ll get a Drupal 8 project up and running with a theme that uses this process. You’ll see we’ve developed a componentised version of the Bartik theme for this.

If you are intrigued by this and would like to hear more, you’ll enjoy my talk on the subject at DrupalCon Vienna on 26th September.

In summary

Component driven front-end development has worked well for us at Deeson, allowing rapid independent development of our front-end code. Our designers are freed from the previous constraints of designing for a Drupal website and our developers get to use the latest tools and get onboarded quicker.

Like the sound of the way we do things? We're currently hiring a Senior Front-end Developer.

Categories: Drupal

PreviousNext: OK Drupal - powering chatbots with Drupal

17 September 2017 - 5:28pm
Share:

Conversational UIs are the next digital frontier.

And as always, Drupal is right there on the frontier, helping you leverage your existing content and data to power more than just web-pages.

Want to see it action - click 'Start chatting' and chat to our Drupal site.

by lee.rowlands / 18 September 2017

Start chatting

So what's going on here?

We're using the Chatbot API module in conjunction with the API AI webook module to respond to intents. We're using API.ai for the natural language parsing and machine learning. And we're using the new Chatbot API entities sub module to push our Drupal entities to API.ai so it is able to identify Drupal entities in its language parsing.

A handful of custom Chatbot API intent plugin to wire up the webhook responses and that's it - as we create content, users and terms on our site - our chatbot automatically knows how to surface them. As we monitor the converstions in the API.ai training area, we can expand on our synonyms and suggestions to increase our matching rates.

So let's consider our team member Eric Goodwin. If I ask the chatbot about Eric, at first it doesn't recognise my question.

Eric isn't recognized as an entity

So I edit Eric's user account and add some synonyms

Adding synonyms to Eric's account

And then after running cron - I can see these show up in API.ai

Synonyms now available in API.ai

So I then ask the bot again 'Who is eric?'

Screenshot showing the default response

But again, nothing shows up. Now I recognise the response 'Sorry, can you say that again' as what our JavaScript shows if the response is empty. But just to be sure - I check the API.ai console to see that it parsed Eric as a staff member.

Intent is matched as Bio and Eric is identified as staff member

So I can see that the Bio Intent was matched and that Eric was correctly identifed as the Staff entity. So why was the response empty? Because I need to complete Eric's bio in his user account. So let's add some text (apologies Eric you can refine this later).

Adding a biography

Now I ask the bot again (note I've not reloaded or anything, this is all in real time).

A working response!

And just like that, the bot can answer questions about Eric.

What's next?

Well API.ai provides integrations with Google Assistant and Facebook messenger, so we plan to roll out those too. In our early testing we can use this to power an Actions on Google app with the flick of a switch in API.ai. Our next step is to expand on the intents to provide rich content tailored to those platforms instead of just plain-text that is required for chatbot and voice responses.

Credits

Thanks go to @gambry for the Chatbot API module and for being open to the feature addition to allow Drupal to push entities to the remote services.

And credit to the amazing Rikki Bochow for building the JavaScript and front-end components to incorporate this into our site so seamlessly.

Further Reading Tagged Chatbots, Conversational UI, Drupal 8

Posted by lee.rowlands
Senior Drupal Developer

Dated 18 September 2017

Add new comment
Categories: Drupal

Dave Hall Consulting: Trying Drupal

16 September 2017 - 3:34am

While preparing for my DrupalCamp Belgium keynote presentation I looked at how easy it is to get started with various CMS platforms. For my talk I used Contentful, a hosted content as a service CMS platform and contrasted that to the "Try Drupal" experience. Below is the walk through of both.

Let's start with Contentful. I start off by visiting their website.

In the top right corner is a blue button encouraging me to "try for free". I hit the link and I'm presented with a sign up form. I can even use Google or GitHub for authentication if I want.

While my example site is being installed I am presented with an overview of what I can do once it is finished. It takes around 30 seconds for the site to be installed.

My site is installed and I'm given some guidance about what to do next. There is even an onboarding tour in the bottom right corner that is waving at me.

Overall this took around a minute and required very little thought. I never once found myself thinking come on hurry up.

Now let's see what it is like to try Drupal. I land on d.o. I see a big prominent "Try Drupal" button, so I click that.

I am presented with 3 options. I am not sure why I'm being presented options to "Build on Drupal 8 for Free" or to "Get Started Risk-Free", I just want to try Drupal, so I go with Pantheon.

Like with Contentful I'm asked to create an account. Again I have the option of using Google for the sign up or completing a form. This form has more fields than contentful.

I've created my account and I am expecting to be dropped into a demo Drupal site. Instead I am presented with a dashboard. The most prominent call to action is importing a site. I decide to create a new site.

I have to now think of a name for my site. This is already feeling like a lot of work just to try Drupal. If I was a busy manager I would have probably given up by this point.

When I submit the form I must surely be going to see a Drupal site. No, sorry. I am given the choice of installing WordPress, yes WordPress, Drupal 8 or Drupal 7. Despite being very confused I go with Drupal 8.

Now my site is deploying. While this happens there is a bunch of items that update above the progress bar. They're all a bit nerdy, but at least I know something is happening. Why is my only option to visit my dashboard again? I want to try Drupal.

I land on the dashboard. Now I'm really confused. This all looks pretty geeky. I want to try Drupal not deal with code, connection modes and the like. If I stick around I might eventually click "Visit Development site", which doesn't really feel like trying Drupal.

Now I'm asked to select a language. OK so Drupal supports multiple languages, that nice. Let's select English so I can finally get to try Drupal.

Next I need to chose an installation profile. What is an installation profile? Which one is best for me?

Now I need to create an account. About 10 minutes I already created an account. Why do I need to create another one? I also named my site earlier in the process.

Finally I am dropped into a Drupal 8 site. There is nothing to guide me on what to do next.

I am left with a sense that setting up Contentful is super easy and Drupal is a lot of work. For most people wanting to try Drupal they would have abandonned someway through the process. I would love to see the conversion stats for the try Drupal service. It must miniscule.

It is worth noting that Pantheon has the best user experience of the 3 companies. The process with 1&1 just dumps me at a hosting sign up page. How does that let me try Drupal?

Acquia drops onto a page where you select your role, then you're presented with some marketing stuff and a form to request a demo. That is unless you're running an ad blocker, then when you select your role you get an Ajax error.

The Try Drupal program generates revenue for the Drupal Association. This money helps fund development of the project. I'm well aware that the DA needs money. At the same time I wonder if it is worth it. For many people this is the first experience they have using Drupal.

The previous attempt to have simplytest.me added to the try Drupal page ultimately failed due to the financial implications. While this is disappointing I don't think simplytest.me is necessarily the answer either.

There needs to be some minimum standards for the Try Drupal page. One of the key item is the number of clicks to get from d.o to a working demo site. Without this the "Try Drupal" page will drive people away from the project, which isn't the intention.

If you're at DrupalCon Vienna and want to discuss this and other ways to improve the marketing of Drupal, please attend the marketing sprints.

AttachmentSize try-contentful-1.png342.82 KB try-contentful-2.png214.5 KB try-contentful-3.png583.02 KB try-contentful-5.png826.13 KB try-drupal-1.png1.19 MB try-drupal-2.png455.11 KB try-drupal-3.png330.45 KB try-drupal-4.png239.5 KB try-drupal-5.png203.46 KB try-drupal-6.png332.93 KB try-drupal-7.png196.75 KB try-drupal-8.png333.46 KB try-drupal-9.png1.74 MB try-drupal-10.png1.77 MB try-drupal-11.png1.12 MB try-drupal-12.png1.1 MB try-drupal-13.png216.49 KB
Categories: Drupal

Joachim's blog: Brief update on Drupal Code Builder

15 September 2017 - 1:31pm

I've completely revamped the Drush commands for Drupal Code Builder:

  • First, they're now in their own project on Github
  • Second, I've rewritten them completely for Drush 9, completely interactive.
  • Third, they are now geared towards adding to existing modules, rather than generating a module as a single shot. That approach made sense in the days of Drupal 6 when it was just hook implementations, but I increasingly find I want to add a plugin, a service, a form, to a module I've already started.

The downside is that installing these is rather tricky at the moment due to some current limitations in Drush 9 beta; see details in the project README, which has full instructions for workarounds.

Now that's out of the way, I'm pushing on with some new generators for the Drupal Code Builder library itself. On my list is:

  • plugin types (as in the plugin manager service, base class and interface, and declaration for Plugins module)
  • entity type
  • entity type handlers
  • your suggestions in the issue queue...

And of course more unit tests and refactoring of the codebase.

Categories: Drupal

Aten Design Group: Mastering Drupal 8’s Libraries API

15 September 2017 - 9:56am

If you ever had to overwrite a module’s css file or a core javascript library in Drupal 7, you likely remember the experience. And not because it was a glorious encounter that left you teary-eyed at the sheer beauty of its ease and simplicity.

Along with Drupal 8 came the Libraries API and a whole new way of adding CSS and JS assets and managing libraries. In true Drupal 8 fashion, the new system uses YAML files to grant developers flexibility and control over their CSS and JS assets. This gives you the ability to overwrite core libraries, add libraries directly to templates, specify dependencies and more.

There are many pros to this approach. The most important improvement being that you can add these assets conditionally. The FOAD technique and other hackish ways to overwrite core CSS files or javascript libraries are long gone. This is extraordinarily good news!

However, the simplicity of the drupal_add_js() and drupal_add_css() functions have also disappeared, and now you have to navigate a potentially overwhelming and confusing nest of yml’s just to add some custom CSS or javascript to a page. (No, you can’t just add css via the theme’s .info file). In this post, I’ll guide you through the new Libraries API in Drupal 8 so you can nimbly place assets like you’ve always dreamed.

Prerequisites

If you haven’t yet experienced the glory that is the yml file, you’ll want to get familiar. Read this great introduction to YAML then come back to this post.

Creating Libraries

First step is to create your libraries.yml file at your-theme-name.libraries.yml or your-module-name.libraries.yml.

Here’s an example of how you define a Drupal 8 library.

A few things to note:

  • The path to CSS and JS files are relative to the theme or module directory that contains the libraries.yml file. We’ll cover that in more depth shortly.
  • The dependencies, in this case jQuery, are any other library your library depends on. They will automatically be attached wherever you attach your library and will load before yours.
  • Multiple libraries can be defined in one libraries.yml file, so each library in the file must have a unique name. However the libraries will be namespaced as mytheme/mylibrary or mymodule/mylibrary so a libraries.yml file in your theme and libraries.yml file in your module can contain libraries with the same name.
  • The css files are organized according to the SMACSS categories. This gives some control over the order of which assets are added to your page. The css files will be added according to their category. So any css file in the theme category will be added last, regardless of whether or not it comes from the base theme or the active child theme. Javascript files are not organized by SMACSS category.

Now that you know the library basics, it’s time to up the ante.

Properties

You can add additional properties inside the curly braces that allow you to define where the javascript is included, additional ordering of files, browser properties and more. We won’t cover all the possibilities just now, but here are some examples

Attaching Libraries

The simplest way to attach libraries globally is through the your-theme-name.info.yml file. Instead of adding stylesheets and scripts ala Drupal 7, you now attach libraries like so:

Global is great and all, but perhaps the coolest libraries upgrade in Drupal 8 is the ability to attach libraries via twig templates. For example, if you have a search form block, you can define the css and js for the block, add it to a library, and add that library to the search form block twig template. Those assets specific to the search form block will only be included when the block is rendered.

And yes, you can also attach libraries with our ol’ pal php.

Extending and Overriding Libraries

Another boon is the ability to extend and override libraries. These extensions and overrides take place in the your-theme-name.info.yml file.

As you might expect, libraries-extend respects the conditions of the library is being extended. Maybe you have a forum module that comes with css and js out-of-the-box. If you want to tweak the styling, you can extend the forum modules library, and add your own css file.

For overrides, you can remove or override a specific file or an entire library.

Final Considerations

Before we wrap up, I'll send you on your way with a couple final considerations and gotcha's that you need to be aware of.

  • The Libraries API Module is still relevant in Drupal 8, and should be used to handle external libraries that don't ship with drupal or a module or theme. It also allows libraries to be used by multiple modules or sites.
  • If a file is already linked to within a library it won't get added a second time.
  • Module CSS files are grouped before theme CSS files, so a module's css file will always be loaded before a theme's css file.
  • Refer to the Drupal 8 Theming Guide for more info.

Thanks for reading. Now go forth and use your asset placing powers for good, not evil.

Categories: Drupal

DrupalCon News: Novice Contributor Sprints at DrupalCon Vienna

15 September 2017 - 9:47am
Everyone is welcome (including you!)

With just about two weeks to go until DrupalCon Vienna we are anticipating an amazing week of learning and collaborating ahead! There will be code sprints all week, but Friday is our dedicated sprint day when anyone and everyone can come contribute to Drupal core and participate together in guided sprints.

Categories: Drupal

Dries Buytaert: Don't blame open-source software for poor security practices

15 September 2017 - 7:28am

Last week, Equifax, one of the largest American credit agencies, was hit by a cyber attack that may have compromised the personal data of nearly 143 million people, including name, address, social security numbers, birthdates and more. The forfeited information reveals everything required to steal someone's identity or to take out a loan on someone else's name. Considering that the current US population is 321 million, this cyberattack is now considered to be one of the largest and most intrusive breaches in US history.

It's Equifax that is to blame, not open-source

As Equifax began to examine how the breach occurred, many unsubstantiated reports and theories surfaced in an attempt to pinpoint the vulnerability. One such theory targeted Apache Struts as the software responsible for the breach. Because Apache Struts is an open-source framework used for developing Java applications, this resulted in some unwarranted open source shaming.

Yesterday, Equifax confirmed that the security breach was due to an Apache Struts vulnerability. However, here is what is important; it wasn't because Apache Struts is open-source or because open-source is less secure. Equifax was hacked because the firm failed to patch a well-know Apache Struts flaw that was disclosed months earlier in March. Running an old, insecure version of software — open-source or proprietary — can and will jeopardize the security of any site. It's Equifax that is to blame, not open-source.

The importance of keeping software up-to-date

The Equifax breach is a good reminder of why organizations need to remain vigilant about properly maintaining and updating their software, especially when security vulnerabilities have been disclosed. In an ideal world, software would update itself the moment a security patch is released. Wordpress, for example, offers automatic updates in an effort to promote better security, and to streamline the update experience overall. It would be interesting to consider automatic security updates for Drupal (just for patch releases, not for minor or major releases).

In absence of automatic updates, I would encourage users to work with PaaS companies that keep not only your infrastructure secure, but also your Drupal application code. Too many organizations underestimate the effort and expertise it takes to do it themselves.

At Acquia, we provide customers with automatic security patching of both the infrastructure and Drupal code. We monitor our customers sites for intrusion attempts, DDoS attacks, and other suspicious activity. If you prefer to do the security patching yourself, we offer continuous integration or continuous delivery tools that enable you to get security patches into production in minutes rather than weeks or months. We take pride in assisting our customers to keep their sites current with the latest patches and upgrades; it's good for our customers and helps dispel the myth that open-source software is more susceptible to security breaches.

Categories: Drupal

CiviCRM Blog: CiviCon UK Sponsor post: Registrations in seconds, logins without passwords

15 September 2017 - 5:39am

A big thank you to all our CiviCON UK Sponsors. Here's a special post from Gold Sponsor Yoti:

Doing things differently: Registrations in seconds, logins without passwords and minimising data.

Over the last 15 years I’ve probably been responsible for around 50 or so websites or microsites that in some way or another have tried to gather people’s data.  Either to enter into an event, join a forum or buy something.  And like most other marketeers I’ve been obsessed by two things.  Funnels and Data. i.e how easily are people signing up and how much do I now know about my customers.  I’ve always known that by asking people for more information there was a danger people would drop out of my acquisition funnel but we marketeers are hungry for data. We want it all and we want it now.

I’ve now come to realise that less is more.  I still want the customers, and loads of them, but I want them to join me on their terms. If I ask people less about themselves I’m more likely to get an answer. 

I always try to liken marketing situations with personal situations.  When you first meet someone in a bar you don’t tend to ask them everything about themselves in the first sentence.  You might introduce yourself and ask them their name.  And perhaps ask them where they’re from.  You certainly wouldn’t ask their address or birthday.  If you did, you can be fairly sure they’d either not tell you or they’d give you a fake one and then avoid you for the rest of the night.  So why do we do it in business?  

So we can send them emails they’ll never read?  Send them mail that’ll clog up their recycling bin. Profiling our user base?  Most businesses can’t afford this kind of wastage.  We can’t afford to be sending emails that damage our brand by clogging up people’s inboxes or sending people mail that costs us thousands of pounds.  And just how much effective user profiling can be done if the data they are giving us isn't actually real in the first place?

I want to suggest a revolutionary new idea.  Why not just ask for less, just their first name? Or maybe, not even ask them anything at all. Imagine if you could give them access to a secure user profile on your website even though you didn't even have a name or email address for them.  And they could return to that profile whenever they want to tell you a bit more about themselves. Imagine if you could give them a special key to your world.

A special key?  What like a password?  Surely not...No, not like a password.  Just let them use their phone and their biometrics.  Let them then build their trust with you by adding more details when they want to.  When they need to.  Let them feel special by showing them all the awesome stuff they can now see that nobody else can, and then when you need their address to send them something they've bought you can ask for it.  You could even give them the option of giving you their phone number or email so you can tell them when you’ve got something new and cool to sell. Or you could just say ‘come and stop by whenever you fancy. You’ve got the keys and you can’t lose them so come and have a browse whenever you fancy it.’

It feels a little scary doesn't it? Having anonymous customers that are in control of what information they give you and when.  But there's also all sorts of other interesting stuff it means you could do. You can create chat forums where people just prove they are from a certain city but otherwise remain anonymous.  You could build web forums for children that only allowed people under a certain age or over another age to register.

However, I know there are plenty of us who do actually need all the data up front, just because that’s how business works and it may take a while for my utopian customer-centric world to exist.  And plenty of businesses need to be absolutely sure they have the right name and address to eliminate fraud that’s costing us billions of pounds every year.

But these businesses still want to get people signed up quickly and they’re still scared about getting their data hacked.  And a lot of businesses do end up giving their customers passwords, which their customers usually forget.

We created Yoti to try and let people and businesses do all of the above. We want to encourage businesses to ask for less, but give you the confidence people are who they claim to be.  We want to make it frictionless for you to sign up new verified customers. We don't want anyone to ever hate your website just because they forgot their password.

Yoti is an easy to use digital identity app for consumers and secure digital identity attribute exchange platform for organisations. Our phones help us connect, make payments and board planes, it’s time that they helped us prove our identity.

People create their Yoti by downloading our free app, prove they’re a real person and match their selfie to their passport or driving licence photo. In less than 5 minutes, out pops their verified digital identity that they control for life. Yoti uses AES 256 encryption to store and share user data in such a way that only they have access to their personal details. Yoti cannot see or access any personal information once the accounts have been verified.

Once people have Yoti they can then prove any element of their identity in seconds to businesses and organisations that accept Yoti.  They simply scan a QR code if they are on a desktop, or press ‘Use Yoti’ if on their mobile.  They’ll then be told what information is being requested and they allow the information to be shared.  Registered in seconds.  They can then log back in using their Yoti. No password is required meaning they’ll never forget them and the business need never worry about whether or not they chose a secure password.  

We are building an ecosystem of places where people can use Yoti in their everyday life. They will use Yoti to prove their age at the supermarket self checkout, apply for jobs online, sign up to new web services, prove their age on nights out instead of having to carry their passport.

We’re in our ‘pre-launch’ phase at the moment (we launch in November) but people seem interested.  Over 65,000 people have installed the app already and some great businesses and organisations like Reed, Worldpay and NSPCC are already working with Yoti.

To make it as easy as possible for businesses and organisations to use Yoti we've developed a number of SDKs in seven different coding languages and plugins for Wordpress and Drupal 7, with Joomla and Drupal 8 in development right now.

If you'd like to find out more about Yoti please visit www.yoti.com

ArchitectureCiviConDrupal
Categories: Drupal

aleksip.net: More thoughts on the Drupal upgrade model and Drupal 8.4

15 September 2017 - 5:22am
As I experienced some issues upgrading to Drupal 8.3, I thought I should be more prepared this time, and tried out the Release Candidate version of Drupal 8.4.
Categories: Drupal

Valuebound: How to use Features module in Drupal 8 to bundle functionality in reusable module

15 September 2017 - 5:01am

Features Module has played a significant role in deploying site configuration for Drupal 7. If you’ve ever build a site in Drupal 7, then possibly you have worked with the Features Module. However, CMI in Drupal 8 solved a lot of problems that we faced with Features in Drupal 7. In this blog, we will discuss - Why do we need Features Module in Drupal 8? What is the use of it? We will also attempt to export photo gallery feature.

Let’s take a use-case where you are working on a media and publishing company project and your client wants a feature of ‘…

Categories: Drupal

Pages