Posts in Uncategorized

Workspace

Using myPHP to Gain Admin Privileges in Drupal

November 23rd, 2015 Posted by Uncategorized 0 comments on “Using myPHP to Gain Admin Privileges in Drupal”

Unlike a CMS like WordPress where multiple users frequently have full Administrator privileges, Drupal is set by default to only allow one Admin (Super User). Other users in Drupal may be assigned to Authenticated roles to publish on the site, but their options will be extremely limited. For example, Authenticated roles lack the basic capability to make changes to the site layout.

This can be a problem when the web developer with Admin privileges goes on vacation or leaves the project completely. If the owner of the site has hired a developer, the developer will likely be assigned the role of Administrator and the owner will be given the lesser Authenticated role. What happens then when the site owner wants to work with a different web developer? Most likely, they will give the new developer their Authenticated username and password to work with. This will not give the new developer the authorization to make needed changes or even to give themselves the needed Administrator privileges within the Drupal interface.

drupalAn easy way to change this is to sign in to the database through myPHP. Once in, select Browse on the “users” table. There you will see a list of users. Select the user with the “uid” of 1 and edit that to a different number or delete the user from the database. Next, select the user you would like to grant full Administrator privileges to and edit their “uid” to 1. Refresh the Drupal page and you should now see access to the full Administrator panel.
[/vc_column_text][/vc_column][/vc_row]

Call us now to talk over your project and

get an expert’s opinion

Technology

jQuery AJAX within Laravel Blade Templates

October 26th, 2015 Posted by Uncategorized 0 comments on “jQuery AJAX within Laravel Blade Templates”

Here’s how to create an AJAX call in Laravel.

Note that none of the login and authentication routes or pages are included in this guide. To set those up refer to the official Laravel page on authentication. Also note that for the code examples only the relevant code is shown, there may be code in these files that isn’t shown.

 

Set up the routes

This example uses two routes, one to serve the page and another to interface with the AJAX calls. These routes are intentionally hidden behind the ‘auth’ middleware, the AJAX call used later will handle that.

// app\Http\routes.php

Route::group(['middleware' => 'auth'], function()
{
  Route::get('my-data', 'DataController@getData');
  Route::post('edit-data', 'DataController@editData');
});

 

Configure the middleware

In Laravel 5.0 you can configure the VerifyCsrfToken middleware to skip checking AJAX calls.

// app\Http\Middleware\VerifyCsrfToken.php

public function handle($request, Closure $next)
{
  // Checks if request is an ajax call
  if ($request->ajax())
  {
    return $next($request);
  }
  return parent::handle($request, $next);
}

In Laravel 5.1 there is a variable provided for URIs that should be ignored by CSRF middleware.

// app\Http\Middleware\VerifyCsrfToken.php

class VerifyCsrfToken extends BaseVerifier
{
  protected $except = [
    'edit-data',
  ];
}

 

Set up the controller

There are two very simple controller endpoints for this app. Function getData simply uses the Auth facade to return a page with the user information. Function editData takes a Request instance, does some validation, then saves the information and returns a json response.

// app\Http\Controllers\DataController.php

class DataController extends Controller {

  /**
   * Display a page containing some user data
   *
   * @return View
   */
  public function getData()
  {
    $user = Auth::user();
    return view('users.myData', $user->toArray());
  }
 
  /**
   * Edit user data
   *  This will be called by the jQuery to store the data using AJAX
   * 
   * @param  \Illuminate\Http\Request  $request
   * @return \Illuminate\Http\Response
   */
  public function editData(Request $request)
  {
    // Validate the input
    $this->validate($request, [
      'name' => 'min:2|max:255',
      'email' => 'email|max:255',
    ]);
 
    // Set the user instance to the current user
    $user = Auth::user();
 
    // Update the name if it is in the request
    if ($request->includes('name'))
    {
      $user->name = $request->input('name');
    }
 
    // Update the email if it is in the request
    if ($request->has('email'))
    {
      $user->email = $request->input('email');
    }
 
    $user->save();
 
    return response()->json(['succes', 'Information updated']);
  }
}

 

Create the view

An example view for displaying the data. This example doesn’t use a form, but a series of individual inputs. As a result, jQuery has a greater level of flexibility when saving the data. For example, if there was a table with a list of several users (say for an admin console), then the jQuery could walk over all the inputs and send post requests for each user with the click of one save button. A form would send a mixed bag of user data that would require creating a special api endpoint on the backend to handle. The other choice would be to create a separate form for each user, but that would mean a save button for each user as well, which could be annoying to use.

<!-- resources/views/users/myData.blade.php -->
<!DOCTYPE html>
  <html>
    <head>
      <title>User Information</title>
    </head>
  <body>
    <button id="save-data" class="btn btn-primary" type="button">Save Information</button>
    <div>
      Name:
      <input class="name-input" type="text" value="{{ $name }}" data-userid="{{ $id }}" />
    </div>
    <div>
      Email:
     <input class="email-input" type="email" value="{{ $email }}" data-userid="{{ $id }}" />
    </div>
  </body>
  <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js"></script>
  <script src="js/all.js"></script>
</html>

 

Write the javascript

This javascript uses jQuery to walk over all the inputs on the page, checks if the value has been changed, then sends a request to the server with the new data. It could be optimized by putting the name and email in one single request, especially since the backend has already been configured to handle this, but this example leaves out the extra logic necessary for the sake of simplicity.

Also note that the cookie with the laravel_session variable is already included in the post request sent to the server, so the user is already considered logged in, and the request can be sent to routes behind auth middleware without any extra configuration.

// public\js\all.js

$("#save-data").click(function() {
  // Save all of the names (only one in this example, but can be expanded)
  $('.name-input').each(function() {
    // Create an object with the new value and pass it to the save function
    saveInput($(this), { name: $(this).val() });
  });
  // Save all of the emails (only one in this example, but can be expanded)
  $('.email-input').each(function() {
    // Create an object with the new value and pass it to the save function
    saveInput($(this), { email: $(this).val() });
  });
});
 
// Save all the changed inputs using ajax
function saveInput(element, postData) {
  // Check if the value has changed
  if (element.val() !== element.attr('value')) {
    // Upload the new value to the server
    $.post('/edit-data', postData)
      .fail(function(data) {  // Ignore successful uploads, but display errors
        alert("There was an error with saving data: " + element.val() );
      });
  }
}

[/vc_column_text][/vc_column][/vc_row]

Call us now to talk over your project and

get an expert’s opinion

Office Space

Legend Web Solutions has grown!

June 15th, 2015 Posted by Uncategorized 0 comments on “Legend Web Solutions has grown!”

An update to our awesome clients and amazing friends. May 8th was the one-year anniversary for Legend Web Solutions and I must say I’m very happy with the progress we’ve made over the last year. Here’s the major milestones how we’ve grown:

June 2014 Jonathan Waters hired!

He’s a Jr Developer and the senior most developer at LWS! He was the guinea-pig to see if hiring another developer full-time worked out, and it has paid off many times over! Jonny’s strength is being able to easily grab hold of a new concept and figure out how to use it to get the job done.

Sept 2014 Ricardo Sanchez hired!

He’s a Jr Developer with great aspirations and a killer design sense. He’s attending Willamette University as a Computer Science major. Ricardo listens to inspiring speakers every day and learns iOS development on his lunch hour.

January 2015 Caleb Kobzeff hired!

Caleb is LWS’s first Sr Developer! He’s got a Computer Science degree from OSU, and that’s just the start! Caleb is an integral part of LWS because he is able to articulate in-depth what is going on at a deep software architectural level. This means that the applications we deliver are built on an absolutely solid foundation that you can have confidence in.

May 2015 Opt-e-Web purchased!

That’s right, we bought a business! If you search the term “web design salem” on Google, Opt-e-Web is the very first search result that comes up! That means we’re the best (that’s how I interpret it anyway). We will be using Opt-e-Web to funnel more and more projects into our business to ensure a steady growth through 2015 and into the years to come.

With Opt-e-Web come two contractors,

Rob McGuire and Aaron Young. These guys are behind the websites made by Opt-e-Web in the past, and represent excellent, veteran experience in the field.

Opt-e-Web offered web design and SEO work in the past,

and we are continuing those offerings as we acquire them! SEO is what turns a regular website into a lead-generating marketing tool. It’s the process of getting your website to show up on Google and ultimately drive traffic to you.

May 2015 David Waters hired!

David is LWS’s first non-developer staff. He will be handling all the accounts from Opt-e-Web, and will help me handle the business side of managing a growing web design firm! This will allow me to take advantage of opportunities and also give my time as a developer to projects that need more attention.

How all this affects you:

  • Rates – Some of you were grandfathered in at different rates, but we now have a “firm-wide minimum rate”. This makes sense because we are doing work faster and more efficiently than ever before!
  • Firm – It’s no longer me that’s doing all the working and all the talking, so you might be interacting with some of the people listed above from time to time. Don’t worry though, we are keeping the same core values of flexibility and friendliness with everyone that works here.

Call us now to talk over your project and

get an expert’s opinion