All RPGs and Storygames by Tod Foley are now available at DrivethruRPG and RPGnow. Bring these games to your table!
Provides integration for Webform into Googalytics module.
It bridges the two modules by providing a Webform submission handler preparing the tracking event, as well as a Googalytics tracking event subscriber that actually sends the command
This module use angularjs and gives a field for webform which provide a list of numeric fields and a total field, which auto populated by sum of all numeric fields.
This module has dependency on following modules.
Only a month has passed since DrupalCamp Transylvania, and already another Drupal Camp has come and gone in Romania. This time it was Drupal HackCamp, organised in the Romanian capital, Bucharest. It was a Drupal Camp with a very specific theme: Security.
Vasi Chindris Tue, 06/19/2018 - 14:29
Throughout the sessions presented at the Camp, one was able to find out what security issues Drupal had experienced in the past, how the Drupal Security team, as well as the Community in general, had dealt with them, what Drupal did to improve the security of the platforms that were developed using the CMS and what can (and should) be done to have a more secure application.
Since I first heard of it, a Camp focused on Drupal security sounded really interesting to me. This is the type of camp every Drupal developer should attend at least once in their career. Actually any web developer for that matter. As we know, security is a very important topic with regards to the web. Even for experienced developers, some things can be very tricky, as an application's security does not only depend on the code. It also depends on how the web server is configured or what kind of third-party libraries your code depends on. Additionally, it also depends on the libraries you are using in development, if they are used to pack or bundle your code, or if they end up touching your code in any other way.
One of the sessions which focused on how Drupal improved its security with each new version, was Peter Wolanin's - 10 Ways Drupal 8 Is More Secure.
In this session, Peter Wolanin first gave a brief introduction to the OWASP Top 10, a list with the top 10 critical security risks that affect a web application. This is not only Drupal related, it applies to any kind of application that is accessible via the web. Next, he pointed out 10 things Drupal 8 implemented that help the developer to avoid those security risks. Among the points he mentioned were, the autoescaping feature implemented in twig (so now everything which gets outputted by twig, is by default, escaped), the automatic CSRF tokens in the route definitions (making it easier for the developer to create links which are valid only for the current user session), the removal of the PHP input filter (which was very dangerous if misused), and the enforcement of trusted host patterns for requests (so that your application will respond only if requested via a host which you actually trust).
So, you do the best you can to write secure code, try to evaluate the dependencies of your project, and make sure that they don't introduce critical security issues, but is that enough? There could still be several security issues which you’re unaware of, which will only be discovered while you are using the application. It would be awesome if we're able to do something to proactively protect us against common security risks.
Bastian Widmer (@dasrecht) presented a talk on this subject, entitled “How Open Source will help you to survive the next Drupalgeddon”, where he showed us a few tips that we can use in advance, in order to respond to potential security issues in future. Besides ensuring you do regular updates for all your app’s dependencies, you could also take some measures at the web server level. For example, only allow index.php to be executed, use a web application firewall or make sure that your operating system is configured properly.
Of course, there had to be a session about the last Drupalgeddon(s), at a Camp focusing on Security. The event’s keynote was by Jasper Mattsson, who actually discovered Drupalgeddon 2. He shared some tips with us on how to find security breaches. He said that there is no secret 'recipe' for that, but a good starting point, is to look for functions which output data, which can do multiple things, perhaps depending on how they are invoked (in which context or with which parameters) or which can trigger code execution.
There is one very important thing to keep in mind if you discover a security breach: do not post it on the regular Drupal issue queue. Instead, follow the instructions on how to report a security issue when you found one. The implications of reporting a security issue inside the regular Drupal issue queue can be very dangerous, as the attackers will then have plenty of time to create an attack until the issue is fixed.
Being in a city with such a rich history, we could certainly not miss the walking tour that the organisers had prepared for us on the Saturday afternoon. During the tour, we saw Bucharest’s most iconic buildings, which have survived all the great historical periods over the last 200 years - the monarchy, two world wars, communism and now democracy.
Drupal HackCamp Bucharest was a really great event, and I hope it takes place next year. It is of great value to all web developers, especially those at the beginning of their careers, as it prepares them for the dangers of the wild world wide web and equips them with the required knowledge to guard against any that may pop up along the way.
A website for a university always needs a lot of functionality because of a heavy amount of data managed there. Here you will find the list of Drupal modules which allow you to add new features to any Drupal university website.
User Picture Bulk Upload module help to upload user profile image and avatar.
This module helps to update the user profile image on the basis of UID.
Sometime you need to update the user profile image from any external source,
then this will helps in mapping the external image url with UID and update the profile image.
Sensible Object, developer of the voice-augmented trivia board game When in Rome, has raised $3.2 million to be used toward R& D for board games that will utilize Amazon Alexa. ...
Let's revisit my recent post and see if we can come up with more user-friendly names for PatternLab items.markconroy Mon, 06/18/2018 - 21:24
My Approach to PatternLab recently got quite an amount of discussion on Slack and other places about PatternLab and naming conventions, especially the line "Clients do not want a science lesson". In that I set out my current naming convention like so:
- Basic Elements
- Site Blocks
- Building Blocks
- Sample Pages
While generally appreciated, some people criticised it for being too Drupal-centred. What happens if your client doesn't want to use Drupal? What happens if you want to use the same PatternLab instance for an app on Android or iOS? Good questions, and they got me thinking more. A number of people on Slack recently have been asking about what naming conventions besides the atoms > molecules > organisms one people have been using.
I had a verrrrry long chat (over 3 hours) with some developers from outside of my work place to see what what naming convention(s) might make sense, be easy for clients to understand, and allow enough scale to be used outside of Drupal. Here's what we came up with:
- Items such as utility classes like .visually-hidden or .padding-top
- Items such as colours and fonts
- Low level elements such as headings, paragraphs, basic lists
- High definition components such as a teaser view mode, an embedded video component, a list of teasers
- General layout classes for the different page designs - with sidebar, without sidebar, etc
- Rendered 'pages' or other UI interfaces
- We shied away from 'Pages' here because not everything might be a page, such as a login screen on an iPhone app
I'm quite happy with those naming conventions and think I might start porting some of them to my work at Annertech. (Oh, and by the way, if you want to get really good Drupal developers to work on your website, we're available for hire - contact us!)
The majority of players still prefer physical games over digital on console, and Nielsen Games reports that the exact opposite is true for players on PC. ...