In the 333rd issue of ProcessWire Weekly we'll check out what's new in the latest dev version of ProcessWire, 3.0.167, and more. Read on!
Welcome to the latest issue of ProcessWire Weekly, #333! As usual, we're going to kick things off by taking a quick look at the latest dev version of ProcessWire, right before diving into some recent online resources; forum threads, articles, and some module updates. Last but not least we'll introduce you folks to a brand new site of the week.
Thanks to all of our readers for being here with us again, and as always, any feedback is most welcome – please don't hesitate to drop us a line if there's anything in your mind you'd like to share with us.
Latest core updates: ProcessWire 3.0.167
In his latest weekly update Ryan introduces ProcessWire 3.0.167, our latest dev release. This version officially contains the updates we covered in our last week's post, as well as a bunch of completely new stuff added just this week:
- Improvements and optimizations to several database fulltext index-based text-searching operators, such as
- New $input->queryStringClean() method that works like
$input->queryString(), with the difference that it also provides a number of options for cleaning up (sanitizing) the query string.
- Sanitizer array methods now support associative arrays, with a new
keySanitizeroption that lets one specify the sanitizer method for cleaning up array keys with.
- Rewritten and improved version of the $sanitizer->validateFile() method.
Added security through enforced SVG file validation
Probably the most important feature included in this week's release is related to the last item on the list above, and currently only affects SVG files: if you allow uploading SVG's in a file or image field (this is something that isn't enabled by default, mind you) ProcessWire requires that you also set up proper validation for uploaded files.
Validating SVG files is quite simple, requiring only that you install the File Validator Svg Sanitizer module, which was just updated to use a new and improved validation library behind the scenes. And, in case you're wondering why this is so important, here's what Ryan has to say about this particular security feature:
This was motivated by SVG files being increasingly problematic [...] because they can contain the kind of bad stuff that regular markup can (scripts, loading external assets, etc.)
The SVG sanitizer requirement can be explicitly disabled on a per-field basis, but since this is a security feature, you should think twice before doing that. Check out the core updates post from Ryan for more details. Thanks!
Weekly forum highlights, tutorials, and other online resources
Here's a list of support forum highlights and other useful and/or interesting resources. As always, please let us know if there's anything important we've missed, so that we can include it in one of our future issues.
- First of all, there's this introductory post about ProcessWire (in Spanish). This post may be from 2018, but somehow it didn't show up before now and it'd be a shame not to mention it. The post seems quite detailed as well.
- Another non-English resource we'd like to mention is the blog of Asbjørn Ness, in which he occasionally touches ProcessWire topics, such as when he wrote about features missing from WordPress but found from ProcessWire (in Norwegian).
- While we're on the topic of ProcessWire and non-English content, let us also drop a couple of newly added language packs: Norwegian language pack was authored by Asbjørn Ness, while Eduard has released both a Russian language pack, and a collection of third party module translations (also in Russian).
- And finally, one more highlight related to language support: we haven't (yet) had the chance to properly test this one, but the Translator module from Ivan Milincic ("for managing hardcoded and multi-language strings") seems pretty interesting!
- Last but not least, a couple of recent forum posts we'd like to recommend: first is the "there's no such thing as a perfect page builder" topic from Jonathan Lahijani, and the second one is the one about progressive web apps and native apps. To be fair that last one is actually a couple of years old by now, but the topic is still as fresh as ever; perhaps even more so now due to all the new tools we have!
Recently updated third party modules
In addition to the articles and forum topics mentioned above, there have also been some pretty interesting new module updates recently. Here are a some highlights:
- Tracy, the ultimate debugger and development helper for ProcessWire, is about to get a very interesting new feature: support for third party panels. In a nutshell this means that soon any third party module may be able to easily ship custom panels with additions to Tracy's already formidable set of tools. So much potential!
- Relatively new yet already popular cookie management and async asset loading module PrivacyWire now supports a new category of cookies called "functional", has the ability to store cookie preferences in localStorage, and can output a completely unstyled cookie management banner for added customizability.
- Table CSV Import / Export, the companion module for the commercial Profields Table fieldtype, now supports exporting subfields of Page Reference field values. This module is a major time saver whenever you're dealing with imports to, or exports from, a Table field. Definitely worth checking out.
- Finally, we'd like to mention that Padloper, the popular ecommerce module for ProcessWire, received a new maintenance update (1.3.1) this week. This update fixes reported bugs and improves PHP 7.x support. A new major version of this module is also in the works, but not available quite yet.
If you're interested in ProcessWire news, discussions, and updates, there's always something going on at the support forum. Since we're only able to include a tiny selection of all that in our weekly updates, head down to the forum for more.
Site of the week: Cobalt Sky
Our latest site of the week belongs to a London based company called Cobalt Sky. They are a provider of award-winning IT solutions for the market research industry, with an offering consisting of online data collectio, data processing, analytics, data entry, and software solutions.
The website of Cobalt Sky was developed by ID Studio Web Agency. In terms of design the site features a stylish and modern layout, complemented by neat little animation and transition effects. As for the content, the site's got pretty much everything you'd expect to find from a top-notch business site: introduction to the company and the team, service details, news, and so on.
Once again great work from ID Studio Web Agency, as well as everyone else involved in the project. Our congratulations to the client, Cobalt Sky — their new site's looking real good, and we're happy to feature it as our latest site of the week!
Stay tuned for our next issue
That's all for the 333rd issue of ProcessWire Weekly. We'll be back with more news, updates, and content Saturday, 3rd of October. As always, ProcessWire newsletter subscribers will get our updates a few days later.
Thanks for staying with us, once again. Hope you've had a great and productive week, and don't forget to check out the ProcessWire forums for more interesting topics. Until next week, happy hacking with ProcessWire!