Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.
Sign In
Not a member yet? Click here to register.

Custom Infusions Installation Issue

OK I joined Discord as you asked but am unfamiliar with it. I left a message for Deviance(I assume that's you?), but need you to tell me what to do now.
BTW my site is running fine just can't see my installed infusions admin stuff. Here is the url to my site:
Bonsai Site
Please check your infusions's infusion.php. You will need these, replace the values as necessary.

CodeDownload  

$inf_title = $locale['forums']['title'];
$inf_description = $locale['forums']['description'];
$inf_version = '3.0';
$inf_developer = 'PHP Fusion Development Team';
$inf_email = 'info@php-fusion.co.uk';
$inf_weburl = 'https://www.php-fusion.co.uk';
$inf_folder = 'forum';
$inf_image = 'forums.svg';

$inf_adminpanel[] = [
 "rights" => "F",
 "image" => $inf_image,
 "title" => $locale['setup_3012'],
 "panel" => "admin/forums.php",
 "page" => 1,
 'language' => LANGUAGE
 ];

Here is what I have now:
CodeDownload  
 $inf_adminpanel[] = [
 "rights" => "GNS",
 "image" => $inf_image,
 "title" => $locale['nl_100'],
 "panel" => "news_letter_menu.php",
 "page" => 5,
 'language' => LANGUAGE
 ];

$inf_sitelink[] = [
   "title" => $locale['nl_470'],
   "url" => "subscriptions.php",
   "visibility" => "101"
 ];

$inf_sitelink[] = [
   "title" => $locale['nl_110'],
   "url" => "news_letter_archive.php",
   "visibility" => "101"
 ];

if(isset($_POST['infuse'])){
 dbquery(" ALTER TABLE ".DB_USERS."
 ADD user_newsletter tinyint( 1 ) NOT NULL DEFAULT '0';
 ");
}

if(isset($_GET['defuse'])){
 dbquery(" ALTER TABLE ".DB_USERS."
 DROP user_newsletter;
 ");
}


The site links are added OK.
Please check user's user_rights' contains "GNS" key. I'm not sure why it's not added. Looks fine to me.
OK. After meticulously examining 9.03 code and modifying a LOT of code in my infusions I now have 3 infusions that are working correctly as far as admin stuff. Of course I am slowly working through all the errors that are generated. So far I have 1 that is kosher with no errors and that is 'booklib'; an ebook infusion. I'll report back as my progress continues.
Good to know that you've made progress.

Yes, to implement token in your infusions simply change to openform instead of using form.

change:
CodeDownload  
echo "<form class='spacer' name='example-form' method='post' action='$action'>";

with:
CodeDownload  
echo openform('example-form', 'post', $action, ['class'=>'spacer', 'enctype'=>FALSE]);

The last 4th array options are optional, not necessarily required.
My newsletters infusion is now working perfectly, error free in 9.03 but I have a question. Why is it not possible to use 'radio button' fields in v9 admin? I had to change all my radio to checkbox fields which don't work the same as radio? When form fields are set to radio a checked field doesn't show as checked. When you select a non pre-checked field nothing shows in the hole you click. Hopefully it's just a css issue?
CodeDownload  
echo form_checkbox(‘input_name’, ‘label’, $radio_input, [‘type’=>’radio’, ‘options’=>[
0=>’no’,
1=>’yes’
]]);

This is what I have now. I don't understand how to re-code with what you showed me.
CodeDownload  
if($allow == 0) { 
   echo "<td><b>".$locale['nl_861']."</b></td><td><input type='radio' name='subs_allow' value='0' checked /></td><td>".$locale['nl_864']."</td>\n";
   echo "</tr><tr>\n"; } else { echo "<td><b>".$locale['nl_861']."</b> </td><td><input type='radio' name='subs_allow' value='0' /></td><td>   ".$locale['nl_864']."</td>\n"; echo "</tr><tr>\n";
}
if($allow == 1) {
   echo "<td><b>".$locale['nl_862']."</b> </td><td><input type='radio' name='subs_allow' value='1' checked /></td><td>   ".$locale['nl_865']."</td>\n"; echo "</tr><tr>\n";
} else {
   echo "<td><b>".$locale['nl_862']."</b> </td><td><input type='radio' name='subs_allow' value='1' /></td><td>   ".$locale['nl_865']."</td>\n"; echo "</tr><tr>\n";
}
if($allow == 2) {
   echo "<td><b>".$locale['nl_863']."</b> </td><td><input type='radio' name='subs_allow' value='2' checked /></td><td>   ".$locale['nl_866']."</td>\n"; echo "</tr><tr>\n";
} else {
   echo "<td><b>".$locale['nl_863']."</b> </td><td><input type='radio' name='subs_allow' value='2' /></td><td>   ".$locale['nl_866']."</td>\n"; echo "</tr><tr>\n";
}



You guys must love it the way code is now displayed in your forums but I really don't like not being able to see all the code at once. Just an observation.
This is my form now:
www.whisperwillow.com/my_panels/form.jpg

Subscriptions field can be 0 1 or 2. PM Sender field can be 0 or 1.

infusion.php

allow_public_subs TINYINT(1) NOT NULL DEFAULT '0',
pm_notify TINYINT(1) NOT NULL DEFAULT '0',
You know what? I'm just gonna change all my radio buttons to checkboxes and be done with it. I just can't understand why you guys would've changed the NORMAL operation of form fields that have been around for years!
The Fusion Dynamics UI is developed not without any purpose.

1. Cutting development downtime.
Would you type:
CodeDownload  

<div id='radio-field' class=' form-group clearfix'>
<label class='control-label' data-checked='0' for='radio'>
<div class='overflow-hide'>
Label </div>
</label>
<div class='radio'>
<label class='control-label m-r-10' data-label='1' for='radio-1'><input id='radio-1' name='radio' value='1' type='radio' />
PHP-Fusion</label>
</div>
<div class='radio'>
<label class='control-label m-r-10' data-label='2' for='radio-2'><input id='radio-2' name='radio' value='2' type='radio' />
Site News</label>
</div>
<div class='radio'>
<label class='control-label m-r-10' data-label='5' for='radio-5'><input id='radio-5' name='radio' value='5' type='radio' />
Security</label>
</div>
<div class='radio'>
<label class='control-label m-r-10' data-label='6' for='radio-6'><input id='radio-6' name='radio' value='6' type='radio' />
Bugs and Errors</label>
</div>
<div class='radio'>
<label class='control-label m-r-10' data-label='7' for='radio-7'><input id='radio-7' name='radio' value='7' type='radio' />
PHP Fusion Network</label>
</div>
<div class='radio'>
<label class='control-label m-r-10' data-label='8' for='radio-8'><input id='radio-8' name='radio' value='8' type='radio' />
Addons</label>
</div>
<div class='radio'>
<label class='control-label m-r-10' data-label='9' for='radio-9'><input id='radio-9' name='radio' value='9' type='radio' />
Theming</label>
</div>
<div class='radio'>
<label class='control-label m-r-10' data-label='10' for='radio-10'><input id='radio-10' name='radio' value='10' type='radio' />
Members</label>
</div>
<div class='radio'>
<label class='control-label m-r-10' data-label='11' for='radio-11'><input id='radio-11' name='radio' value='11' type='radio' />
Downloads</label>
</div>
<div class='radio'>
<label class='control-label m-r-10' data-label='12' for='radio-12'><input id='radio-12' name='radio' value='12' type='radio' />
National Support Network</label>
</div>
<div class='radio'>
<label class='control-label m-r-10' data-label='13' for='radio-13'><input id='radio-13' name='radio' value='13' type='radio' />
Development & Design</label>
</div>
<div class='radio'>
<label class='control-label m-r-10' data-label='28' for='radio-28'><input id='radio-28' name='radio' value='28' type='radio' />
Windows</label>
</div>
</div>

or just 1 line of code?
CodeDownload  
form_checkbox('radio', 'Label', '', ['options'=>$options, 'type'=>'radio']);

2. Implementing Automated Sanitization.
For every Fusion Dynamics UI component being used, you can adapt 1 line sanitization.
For example:
CodeDownload  
form_text('text', 'This is a text field', '', ['type'=>'text']);
form_text('number', 'This is a number field', '', ['type'=>'number']);
form_text('email', 'This is a email field', '', ['type'=>'email']);
form_text('url', 'This is a URL field', '', ['type'=>'url']);


The sanitization part would be 4 lines of code:
CodeDownload  
$text_input_safe_value = form_sanitizer($_POST['text'], '', 'text');
$number_input_safe_value = form_sanitizer($_POST['number'], '', 'number');
$$email_safe_value= form_sanitizer($_POST['email'], '', 'email');
$url_safe_value = form_sanitizer($_POST['url'], '', 'url');


Now, if any of the field contains anything not intended, your SQL is protected, implemented as such:
CodeDownload  
if (\Defender::safe()) {   
   ... run sql code.. update or save.
}

It is very efficient, but it requires some understanding of the underlying mechanic and mostly it will take you some fiddling. Most people get the gist of Fusion Dynamics coding after building 1 custom application, but some take 2 or more. That is understandable.

And it is very convenient to change from 1 type of input to another.

From checkbox to radio to select dropdown is just a matter of seconds:
CodeDownload  
form_checkbox('checkbox', 'Label', '', ['options'=>$options, 'type'=>'checkbox']);
form_checkbox('radio', 'Label', '', ['options'=>$options, 'type'=>'radio']);
form_select('select', 'Label 2', '', ['options'=>$options]);

Yes the forum somehow has compressed the lines during reply. I'll need to check on it. Sorry about that.
Well unfortunately the Fusion Dynamics UI is still way above my pay grade. I appreciate the info but can't really make use of it right now because I don't really understand it. Thanks anyway.
Your welcome. Sorry for the lack of documentation. We're still busy preparing for it.

The forum code is compressed by the template class, and is now reverted, for now. Will find another way to tidy the template class code later.

Grimloch wrote:

@Grimloch - You know what? I'm just gonna change all my radio buttons to checkboxes and be done with it. I just can't understand why you guys would've changed the NORMAL operation of form fields that have been around for years!


After looking at your code, it cannot have the interface you need, but we can do it like this simply:

CodeDownload  

// read your settings
$result = dbquery("SELECT .... ");
$data = dbarray($result);
$allow = $data['subs_allow'];

if (isset($_POST['xyz'])) {
   //    If subs_allow is being posted, run sanitize function, and return 0 as default value if something goes wrong.
   //   and if subs_allow is not being posted, just use 0 to prevent isset errors.
   $allow = isset($_POST['subs_allow']) ? form_sanitizer($_POST['subs_allow'], 0, 'subs_allow') : 0;
   
   // safety guard, sanitizer error or CSRF errors
   if (\Defender::safe()) {
      dbquery("UPDATE ... ");
      addNotice('success', 'Settings saved');
      redirect(FUSION_REQUEST); // redirect back to same form.
   }
}

// The form would look like this:

echo openform('form', 'POST', FORM_REQUEST);

// the checkbox.
echo form_checkbox('subs_allow', $locale['nl_861'], $allow, array(
'options'   =>    array(
               0 => $locale['nl_864'],
               1 => $locale['nl_865'],
               2 => $locale['nl_866']
            ),
'type' => 'radio',
);
echo form_button('xyz', 'Save', 'xyz-value', array('class'=>'btn-primary'));
echo closeform();



The reason I post this is to show:
1. The above form is just 4 lines of echo.
2. That form has token CSRF protection.
3. The sanitization has no need to identify or know what value shall be posted. 1 same sanitizer can be used across all types. Don't care whether it is email, number, text, phone, hexcode, date, timestamp etc. Throw an error otherwise than what is being defined by the form itself.

i.e.
CodeDownload  

$a = form_sanitizer($_POST['a'], '', 'a'); // this is email
$b = form_sanitizer($_POST['b'], '', 'b'); // this is number, etc.



4. You don't see a single line of HTML code in the whole file.
5. Future-proofed. Bootstrap to Semantic UI, Plugin upgrades, etc.

Well, we've built 9 around the goal for fastest development time, without the need to deal with stuff like 'responsive, bootstrap compatible, icon supported, has JS, ajax responses, conformity to quite a number of libraries such as 3rd party plugins' - like that of select2 dropdown, date picker, etc.

Although I can give many reasons to use it or learn it, simply pick one of the reasons that fit best to your need. What I'm saying is that I hope the community doesn't take it as we are changing something that is not broken. We are leading change for greater distributed tools that can save everyone's time to do more with less, and PHPFusion is dealing in favor of a PHP Developer.

Also why I prioritized your questions and efforts.

Regards.
@Chan:
I really appreciate the time and effort you have shown me and I will try to understand and implement this in my newsletters infusion because I think it's one of the best infusions I've ever done and would like for it to work great and error free in 9.03.00 (with the latest coding).
Thread Information
Author
Replies
15 posts
Views
365 times
Last Post
Last updated on 4 months ago
You can view all discussion threads in this forum.
You cannot set up a bounty in this discussion thread.
You can start a new discussion thread in this forum.
You cannot reply in this discussion thread.
You cannot start on a poll in this forum.
You cannot upload attachments in this forum.
You can download attachments in this forum.
You cannot up or down-vote on the post in this discussion thread.
Users who participated in discussion: Chan, Grimloch