Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
ItemManager 2.0
Yes, it is possible to do this, but I see potential security implications by making this type of functionality accessible from the frontend. I do not recommend frontend file upload for non authorized users, because it's only a matter of time before the website is compromised.

If you want something like this on the frontend, you should be really very-very careful, you'll need to be storing files they add in a non-web accessible location. Also, you should make sure they are not posting hundreds of large files to fill up your drive or using image resize functions as DDOS entry points etc ...

If you want to get an overview of how you can use the API to render item fields, see this method: https://github.com/bigin/ImExtraFields/b...er.php#L97 - but, this method is not suitable for frontend file upload.
Reply
(2018-09-03, 00:08:46)Bigin Wrote: This is the answer to the question from this thread: http://get-simple.info/forums/showthread...9#pid62939

Don't quite understand what you want, is it an ImForms form you want to show or are you looking for a way to create the items from the frontend?

(2018-09-04, 03:03:59)Bigin Wrote: Yes, it is possible to do this, but I see potential security implications by making this type of functionality accessible from the frontend. I do not recommend frontend file upload for non authorized users, because it's only a matter of time before the website is compromised.

If you want something like this on the frontend, you should be really very-very careful, you'll need to be storing files they add in a non-web accessible location. Also, you should make sure they are not posting hundreds of large files to fill up your drive or using image resize functions as DDOS entry points etc ...

If you want to get an overview of how you can use the API to render item fields, see this method: https://github.com/bigin/ImExtraFields/b...er.php#L97 - but, this method is not suitable for frontend file upload.

"is not suitable?" meaning it can be done but not recommended or cannot be done at all?
Reply
Both, not recommended for safety reasons and not directly suitable because code must be adapted.
Reply
(2018-09-04, 06:33:12)Bigin Wrote: Both, not recommended for safety reasons and not directly suitable because code must be adapted.

Damn it, I thought it could be just a matter of calling a function with category ID.
Of course it wouldn't be that straightforward but at least something similar...
Reply
It's very similar but there's a significant part missing, especially in matters of security.
Reply
Hey Bigin, it's me again Big Grin

i want to pick the latest 4 items from a category. currently i doin it "static" what means: if i add a new entry into my category, the latest item will not be shown on my page cause the $count is already at its limit. do you know what i mean? Here is my code so far:

<?php
$count = "1";
$imanager = imanager();
$mapper = $imanager->getItemMapper();
// change 1 to your category id
$mapper->alloc(1);

foreach($mapper->simpleItems as $item) {
if($count > 4) break;
echo '
<div class="box20 angebot">
<div class="angebot-bild">
<img src="'.IM_SITE_URL.$item->bild[0].'" width="100%">
</div>
<div class="angebot-bauteil">'.$item->bauteil.'</div>
<div class="angebot-bauteil">'.$item->preis.'</div>
</div>
';
$count++;
};
?>

regards
Fab
Reply
Hello Fabmue, try this:

PHP Code:
$length 4;

$imanager imanager();
$mapper $imanager->getItemMapper();
// change 1 to your category id
$mapper->alloc(1);
$recentItems array_slice($mapper->simpleItems, -$length$lengthtrue);

foreach(
$recentItems as $item) {
    echo 
'
        <div class="box20 angebot">
            <div class="angebot-bild">
                <img src="'
.IM_SITE_URL.$item->bild[0].'" width="100%">
            </div>
            <div class="angebot-bauteil">'
.$item->bauteil.'</div>
            <div class="angebot-bauteil">'
.$item->preis.'</div>
        </div>
        '
;
}; 
Reply
you're my man! works perfectly - thanks!!
Reply
(2018-09-04, 18:57:23)Bigin Wrote: It's very similar but there's a significant part missing, especially in matters of security.

I'm still curious that how could this be implemented regardless of security implications?

I can't imagine that how hard it can be to display a form?
I can always create a custom PHP processing script for form submissions and I'm just trying to avoid inventing the wheel again.
Reply
I posted link in the previous reply, there are methods for rendering the markup for fields, such as used in ItemManager admin, that can be used as an example. Or what did you expect? ItemManager is not a wizard, it's just a simple framework, it offers functions and methods, but you have to write your application yourself ;-)
Reply
(2018-09-21, 02:58:07)JAKE Wrote: I can't imagine that how hard it can be to display a form?

Which form do you mean? ItemManger does not offer any forms, you have to create them yourself. But you can use ImForms to create your forms. How to show them in the font-end is explained in the description.
Reply
(2018-09-21, 03:51:09)Bigin Wrote:
(2018-09-21, 02:58:07)JAKE Wrote: I can't imagine that how hard it can be to display a form?

Which form do you mean? ItemManger does not offer any forms, you have to create them yourself. But you can use ImForms to create your forms. How to show them in the font-end is explained in the description.

So how does it provide means to add i.e. to manage items? By forms.
For example load.php?id=imanager&edit > Add new.

Of course I could always just copy and paste markup from that form and use custom processing.


File upload is still a bit of a question...

ImForms is just for forms and it has nothiing to do with Items just like I stated in the other topic.
I don't see that there's anything else common with these but the naming convetion.
Reply
Any forms always do the same job, a HTML form on a web page has nothing to do with your items, it just allows a user to enter data that is sent to a server for processing, there are no forms that do anything else.

So, your task is to create a simple HTML form for the frontend, which has the corresponding fields like the category in ItemManager you created, which items should contain the data – It's no matter how you do it.

For instance, if your items contain the following fields: name, age, profession, interests, image, etc ... Your HTML form should also support these fields: name-> text field, age -> number, profession -> text, interests -> text, image -> file upload ...

After the form has been sent, you can process the data in your php script: Check if all data has been entered correctly, check validity, clean invalid characters, validate the height, width of the image, file type, etc ... (To process and save images you can also use /plugins/imanager/upload/server/php/UploadHandler.php) - but as I already wrote it is not an easy task. Now, that you have checked the data, you can save it as an item. How you can use API to create new items and populate its fields with data I have shown thousands of times, you can find all the information on my website https://ehret-studio.com/articles/itemma...ith-items/ look under "Creating items"
Reply
So a short answer: ItemManager doesn't provide forms, or methods that process the data from forms (By the way, this is exactly what ImForms is designed for). It rather provides a various functions for creating forms and such processing scripts. Either way, you have to create your own application, of course, you can use the tools that ItemManger provides for you.
Reply
(2018-09-21, 06:11:12)Bigin Wrote: Any forms always do the same job, a HTML form on a web page has nothing to do with your items, it just allows a user to enter data that is sent to a server for processing, there are no forms that do anything else.

So, your task is to create a simple HTML form for the frontend, which has the corresponding fields like the category in ItemManager you created, which items should contain the data – It's no matter how you do it.

For instance, if your items contain the following fields: name, age, profession, interests, image, etc ... Your HTML form should also support these fields: name-> text field, age -> number, profession -> text, interests -> text, image -> file upload ...

After the form has been sent, you can process the data in your php script: Check if all data has been entered correctly, check validity, clean invalid characters, validate the height, width of the image, file type, etc ... (To process and save images you can also use /plugins/imanager/upload/server/php/UploadHandler.php) - but as I already wrote it is not an easy task. Now, that you have checked the data, you can save it as an item. How you can use API to create new items and populate its fields with data I have shown thousands of times, you can find all the information on my website https://ehret-studio.com/articles/itemma...ith-items/ look under "Creating items"

Yes of course I can do that, but this is just what I'm trying to avoid: inventing the wheel again.

If there's already everything place for admins to create new items via forms then how it can be that hard to create similar page that would be accessbile to anyone?

What would be the least overlapping method?
Could I create another Manager class which doesn't include admin checks and similar things that are now in Manager class?
Reply
(2018-09-24, 20:27:47)JAKE Wrote: Yes of course I can do that, but this is just what I'm trying to avoid: inventing the wheel again.

Hmm, why don't you publish the password for the admin on your website and the job is done, so you don't have to write a line of code? ;-)

(2018-09-24, 20:27:47)JAKE Wrote: If there's already everything place for admins to create new items via forms then how it can be that hard to create similar page that would be accessbile to anyone?

As I have already written, it is relatively simple to adopt the approach of backend methods as long as you are confident in what you are doing, and know how it works.

(2018-09-24, 20:27:47)JAKE Wrote: What would be the least overlapping method?
Could I create another Manager class which doesn't include admin checks and similar things that are now in Manager class?

I don't understand the point of your approach, sorry... that sounds strange, somehow comparable with :-)

[Image: mini-cooper.jpg?raw=1]

To make this adjustments you need to be familiar with ItemManager core. This is completely unnecessary, there is a comfortable API to do these things quicker and better. For these customizations you will need 10 times longer than writing your own processor - so much for staying "inventing the wheel again".

Just try ImForms and see how easy it is to use that plugin for this purpose.

Step 1:
Download the latest version of ItemManager and ImForms and install/update it.
Open /plugins/im_forms/inc/custom.config.php file, and modify formProcessors variable as follows: 

PHP Code:
$config->formProcessors = array(
 
   'EmailTransmitter' => 'EmailTransmitter',
 
   // Note: Key and value should be equal, there is an issue for the moment
 
   'FormProcessor' => 'FormProcessor'
); 

Next, download an example form processors from https://github.com/bigin/FormProcessor, and extract the archive into /plugins/im_forms/module/ folder (Note, folder, file and the class, must have the same name FormProcessor, see EmailTransmitter modules, for example).

Step 2:

Go to the IM menu and select imforms category click "ADD NEW".
Enter name "itemform".
Check "Enabled".
Enter exactly this value , in the field Form Data.
Then, click "Save".

Step 3:
Go to Pages > ImForms menu and check if there is a new test form itemforms.
If so, open a page on which the form should be shown and enter this placeholder [[imforms itemform]] in editor, then save.
Open that page in the browser, a test form should now appears there.

Step 4:
Now, look at your processor file in the /plugins/im_forms/module/FormProcessor/FormProcessor.php directory. Especially the methods checkUserInput() and save() - there you can start to extend your application. All the form entries can be found in the $this->input->post variable. You can display it by using the Util::preformat($this->input->post) method.
A tip: If you remove the AjaxBlock and DelayBlock in your itemform, you can see the output directly from the processor, use echo or var_dump() for this.
Reply
Hello

I just post here a message because I use the version 1.0.2 IM Extra Fields and ItemManager 2.5.5 on GS 3.3.15

Here is my problem which I think looks like a bug

I added fields in localhost whose variables I call without any problem. Once my site uploaded to my host (OVH - France) some data are no longer accessible and the registration of some pages are no longer possible.

I also did a test, as soon as I activate the fields in a BackOffice page the recording does not work anymore.

Has this problem ever been encountered?

Thanks for your help
B
Reply
Hi,
what exactly do you mean by "the registration of some pages is no longer possible"?
Well, I have a hunch... Are items created on the localhost under the GS Pages menu no longer accessible?

Can you give a few slugs that are no longer available on the OVH environment? thx.
Reply
(2019-01-24, 13:41:25)Bigin Wrote: Hi,
what exactly do you mean by "the registration of some pages is no longer possible"?
Well, I have a hunch... Are items created on the localhost under the GS Pages menu no longer accessible?

Can you give a few slugs that are no longer available on the OVH environment? thx.

Hello Bigin,

Thank you for your reply.
Actually I created my fields and inserted all of my data in "Localhost" to then migrate the whole site.

What is even more curious is that I uploaded to GANDI or I have a space and everything seems to work.

I have checked the rights of directories and files from the "Health Check" panel and in the logs I simply have errors related to the variables that GS can not display in the pages that are problematic

Here are the 2 SLUG pages for that do not appear:
tarifs/
baptemes-paramoteur-touraine/

I put you a screenshot of the message that appears when the save fails.
   

I tried to create a "Test" page to check that simple GS was not a problem. In fact, this fails when "Additional Fields" is selected from the Select Category (Capture # 2).

   

Do you think I have to delete the plugin and all that data and then recreate everything?


Thank you for your help

Bertrand


Sorry for my English (I'm French)
Reply
All right, again the questions:
  1. Do items created on the localhost appear on the Pages menu on the other host after migration and the issue only occurs when saving new items?

  2. Or are the locally created items not appear at all?


Before you delete anything, let's try something, just to check out a hunch: I guess it's because your localhost and the OVH host generate different id's for the pages.

1. Please check if the item created on the localhost that belong to the "tarifs" page is stored on the OVH host in the IM menu, for this you'll need the item ID, which is displayed on the localhost under Pages (See here example the id's: 4189635734):
[Image: Screenshot%202019-01-24%2010.51.23.png?raw=1]

2. Then try to create the CRC32 id for "tarifs" page manually, once on the localhost and once on the host of OVH, and see if the generated ID's are different. To do this, simply call the Utility function "computeUnsignedCRC32()" on both hosts. Insert this code somewhere in your template and reload your page:
PHP Code:
<?php
    imanager
();
    echo 
Util::computeUnsignedCRC32('tarifs');
?>
Reply
(2019-01-24, 20:22:13)Bigin Wrote: All right, again the questions:
  1. Do items created on the localhost appear on the Pages menu on the other host after migration and the issue only occurs when saving new items?

  2. Or are the locally created items not appear at all?


Before you delete anything, let's try something, just to check out a hunch: I guess it's because your localhost and the OVH host generate different id's for the pages.

1. Please check if the item created on the localhost that belong to the "tarifs" page is stored on the OVH host in the IM menu, for this you'll need the item ID, which is displayed on the localhost under Pages (See here example the id's: 4189635734):


2. Then try to create the CRC32 id for "tarifs" page manually, once on the localhost and once on the host of OVH, and see if the generated ID's are different. To do this, simply call the Utility function "computeUnsignedCRC32()" on both hosts. Insert this code somewhere in your template and reload your page:
PHP Code:
<?php
    imanager
();
 
   echo Util::computeUnsignedCRC32('tarifs');
?>
Thank you for your help, because I'm totally crazy ...


Locally created items appear except 2 (Rates / baptism-paramotor ...)

Registration is not possible on these 2 items. However, if I add a new page and want to add my extra fields, the bug also occurs.

In the meantime I did a test: Delete plugins and data then reinstall and recreate fields and it is always the same 2 pages that are problematic. It's crazy…

Even if LocalHost and OVH generate different credentials, removing and reinstalling everything should work?
But that does not seem to be the case ... Confused

If it's easier to identify the problem, I can give you access to pages in Private Message or Email.


Here is a capture of the IDs for the "Rates" page. Actually there is a difference between LocalHost and OVH

   


The code to insert to manage manually will I use to determine the iD manually?


UPDATE --
There's differences between Localhost Fields and OVH as you can see with this ScreenShot.
   

what questions me most is why by removing everything and recreating everything, the problem remains the same ... it's very curious.  Undecided Huh
Reply
See, there are minor differences between id's, it looks like the values differ on 32 and 64 bit environments. Does your localhost run on a 32-bit?


(2019-01-24, 20:47:50)PGK37 Wrote: what questions me most is why by removing everything and recreating everything, the problem remains the same ... it's very curious.  Undecided Huh
Unfortunately, you have not yet clearly described what problem you have - once you write you can not access the item data and another time you write that the problem occurs when saving... Huh
Reply
I just tested the PHP function below. The IDs are identical on both sides.
However, when you want to save the page "tarifs" the registration is not done.

<?php
    imanager();
    echo Util::computeUnsignedCRC32('tarifs');
?>

What is strange is that the data appear well in the input page but not in FrontOffice. And if I want to save the page the error message appears (in red).

   
Reply
(2019-01-24, 21:20:46)PGK37 Wrote: I just tested the PHP function below. The IDs are identical on both sides.

- Strange, and why then are the ID's on your screenshot different? http://get-simple.info/forums/attachment.php?aid=844

(2019-01-24, 21:20:46)PGK37 Wrote: However, when you want to save the page "tarifs" the registration is not done.

- I assume by "registration" you mean that the changes will not be saved, right?

(2019-01-24, 21:20:46)PGK37 Wrote: What is strange is that the data appear well in the input page but not in FrontOffice.

- By FrontOffice do you mean front-end?
Please show me the function you use to retrieve data from items in the frontend.
Reply
Thank you again for your help !

Quote:Strange, and why then are the ID's on your screenshot different? http://get-simple.info/forums/attachment.php?aid=844
I do not know, it looks like they changed when I uploaded to the server.

Quote:I assume by "registration" you mean that the changes will not be saved, right?
Yes, The changes to the text box (GetSSimple- WYSIWYG) are well recorded, but not the information of the fields below (Prices / Photos) and especially there is this (red) error message at the top of the page.

Quote:By FrontOffice do you mean front-end?
Please show me the function you use to retrieve data from items in the frontend.
Yes, it's Front End User — Here's how the information is displayed

PHP Code:
<?PHP
$pageSlug 
return_page_slug();
$item get_page_item(1); // The Category —I've just Only One.

# PRICE DISPLAY
if ($item):
# echo "<h3> $item->name </ h3>";
titleImg $item->visuel_title[0];
backImg $item->visuel[0];
# var_dump ($item);
endif;

if ($ 
item):
#echo "<h3> $item->name </ h3>";
echo $item->tarifs;
endif;
?>


And The VAR DUMP does not display anything on the pages Tarifs and Bapteme ...
Reply




Users browsing this thread: 1 Guest(s)