Planet Drupal

Subscribe to Planet Drupal feed
Drupal.org - aggregated feeds in category Planet Drupal
Updated: 1 hour 30 min ago

KnackForge: How to update Drupal 8 core?

23 March 2018 - 10:01pm
How to update Drupal 8 core?

Let's see how to update your Drupal site between 8.x.x minor and patch versions. For example, from 8.1.2 to 8.1.3, or from 8.3.5 to 8.4.0. I hope this will help you.

  • If you are upgrading to Drupal version x.y.z

           x -> is known as the major version number

           y -> is known as the minor version number

           z -> is known as the patch version number.

Sat, 03/24/2018 - 10:31
Categories: Drupal

qed42.com: Securing Cookie for 3rd Party Identity Management in Drupal

30 October 2017 - 1:15am
Securing Cookie for 3rd Party Identity Management in Drupal Body

We are in an era where we see a lots of third party integrations being done in projects. In Drupal based projects, cookie management is done via Drupal itself to maintain session, whether it be a pure Drupal project or decoupled Drupal project,.

But what when we have a scenario where user’s information is being managed by a third party service and no user information is being saved on Drupal? And when the authentication is done via some other third party services? How can we manage cookie in this case to run our site session and also keep it secure?

One is way is to set and maintain cookie on our own. In this case, our user’s will be anonymous to Drupal. So, we keep session running based on cookies! The user information will be stored in cookie itself, which then can be validated when a request is made to Drupal.

We have a php function to set cookie called setCookie() , which we can use to create and destroy cookie. So, the flow will be that a user login request which is made to website is verified via a third party service and then we call setCookie function which sets the cookie containing user information. But, securing the cookie is must, so how do we do that?

For this, let’s refer to Bakery module to see how it does it. It contains functions for encrypting cookie, setting it and validating it.

To achieve this in Drupal 8, we will write a helper class let’s say “UserCookie.php” and place it in ‘{modulename}/src/Helper/’. Our cookie helper class will contain static methods for setting cookie and validating cookie. Static methods so that we will be able to call them from anywhere.

We will have to encrypt cookie before setting it so we will use openssl_encrypt() php function in following manner:

/** * Encrypts given cookie data. * * @param string $cookieData * Serialized Cookie data for encryption. * * @return string * Encrypted cookie. */ private static function encryptCookie($cookieData) { // Create a key using a string data. $key = openssl_digest(Settings::get('SOME_COOKIE_KEY'), 'sha256'); // Create an initialization vector to be used for encryption. $iv = openssl_random_pseudo_bytes(16); // Encrypt cookie data along with initialization vector so that initialization // vector can be used for decryption of this cookie. $encryptedCookie = openssl_encrypt($iv . $cookieData, 'aes-256-cbc', $key, OPENSSL_RAW_DATA, $iv); // Add a signature to cookie. $signature = hash_hmac('sha256', $encryptedCookie, $key); // Encode signature and cookie. return base64_encode($signature . $encryptedCookie); }
  1. String parameter in openssl_digest can be replaced with any string you feel like that can be used as key. You can keep simple keyword too.
  2. Key used should be same while decryption of data.
  3. Same initialization vector will be needed while decrypting the data, so to retrieve it back we append this along with cookie data string.
  4. We also add a signature which is generate used the same key used above. We will verify this key while validating cookie.
  5. Finally, we encode both signature and encrypted cookie data together.

For setting cookie:
 

/** * Set cookie using user data. * * @param string $name * Name of cookie to store. * @param mixed $data * Data to store in cookie. */ public static function setCookie($name, $data) { $data = (is_array($data)) ? json_encode($data) : $data; $data = self::encrypt($data); setcookie($name, $cookieData,Settings::get('SOME_DEFAULT_COOKIE_EXPIRE_TIME'), '/'); }

Note: You can keep 'SOME_COOKIE_KEY' and 'SOME_DEFAULT_COOKIE_EXPIRE_TIME' in your settings.php. Settings::get() will fetch that for you.
Tip: You can also append and save expiration time of cookie in encrypted data itself so that you can also verify that at time of decryption. This will stop anyone from extending the session by setting cookie timing manually.

Congrats! We have successfully encrypted the user data and set it into a cookie.

Now let’s see how we can decrypt and validate the same cookie.

To decrypt cookie:

/** * Decrypts the given cookie data. * * @param string $cookieData * Encrypted cookie data. * * @return bool|mixed * False if retrieved signature doesn't matches * or data. */ public static function decryptCookie($cookieData) { // Create a key using a string data used while encryption. $key = openssl_digest(Settings::get('SOME_COOKIE_KEY'), 'sha256'); // Reverse base64 encryption of $cookieData. $cookieData = base64_decode($cookieData); // Extract signature from cookie data. $signature = substr($cookieData, 0, 64); // Extract data without signature. $encryptedData = substr($cookieData, 64); // Signature should match for verification of data. if ($signature !== hash_hmac('sha256', $encryptedData, $key)) { return FALSE; } // Extract initialization vector from data appended while encryption. $iv = substr($string, 64, 16); // Extract main encrypted string data which contains profile details. $encrypted = substr($string, 80); // Decrypt the data using key and // initialization vector extracted above. return openssl_decrypt($encrypted, 'aes-256-cbc', $key, OPENSSL_RAW_DATA, $iv); }
  1. We generate the same key using same string parameter given while encryption.
  2. Then we reverse base64 encoding as we need extract signature to verify it.
  3. We generate same signature again as we have used the same key which was used to creating signature while encryption. If doesn’t signatures doesn’t matches, validation fails!
  4. Else, we extract initialization vector from the encrypted data and use to decrypt the data return to be utilized.
/** * Validates cookie. * * @param string $cookie * Name of cookie. * * @return boolean * True or False based on cookie validation. */ public static function validateCookie($cookie) { if (self::decryptCookie($cookieData)) { return TRUE; } return FALSE; }

We can verify cookie on requests made to website to maintain our session. You can implement function for expiring cookie for simulating user logout. We can also use decrypted user data out of cookie for serving user related pages.

navneet.singh Mon, 10/30/2017 - 13:45
Categories: Drupal

Flocon de toile | Freelance Drupal: Filter content by year with Views on Drupal 8

19 October 2017 - 3:00am
It is not uncommon to propose to filter contents according to dates, and in particular depending on the year. How to filter content from a view based on years from a date field? We have an immediate solution using the Search API module coupled with Facets. This last module allows us very easily to add a facet, to a view, based on a date field of our content type, and to choose the granularity (year, month, day) that we wish to expose to the visitors. But if you do not have these two modules for other reasons, it may be a shame to install them just for that. We can get to our ends pretty quickly with a native Views option, the contextual filter. Let's discover in a few images how to get there.
Categories: Drupal

Elevated Third: Elevated Third Wins 2017 Acquia Engage Award

8 hours 2 min ago
Elevated Third Wins 2017 Acquia Engage Award Elevated Third Wins 2017 Acquia Engage Award Ayla Peacock Wed, 10/18/2017 - 12:04

At the 2017 Acquia Engage Conference, our enterprise web project for Pinnacol Assurance won the Financial Services category. As an Acquia Preferred Partner and sponsor of the Acquia Engage conference, we are thrilled to have been ranked beside the world's top Drupal websites. 

Pinnacol.com launched in December of 2016. As Colorado’s leading workers compensation insurer, Pinnacol Assurance needed a Drupal website design that reflected the company’s commitment to first-class service.

Built on Drupal 8, we launched a brand new enterprise content management system, created a one-of-a-kind knowledge hub, and revamped the site’s user experience interface.

“The Pinnacol project was lengthy and complex, we had very specific problems that required creative solutions. Elevated Third developed a high performing, enterprise-level website that continues to exceed our expectations.”

- Hilary Miller, Brand and Marketing Director, Pinnacol Assurance

This year, five of our Drupal websites were finalists in the annual Acquia Engage competition. Partners and customers submitted more than 200 nominations across 17 categories to the program. Our Drupal work ranked in the following categories. 

Powdr Corporation, Digital Experience Finalist

Denver Botanic Gardens, Nonprofit Finalist

Comcast Technology Solutions, Brand Experience Finalist

Firewise USA, Community Finalist

Pinnacol Assurance, Financial Services Winner

“Winning sites set themselves apart in how they grabbed our attention and made us want to learn more,” said CMSWire’s Dom Nicastro, one of the award program jurors. “The first thing I looked for were search and commerce capabilities. It's a Google and Amazon world that we live in. No one comes to a website just for a pretty design, and no one remembers a red call-to-action button versus a blue one. Sites that deliver excellent search and easy transactional experiences won for me.”

Congratulations to all the 2017 Acquia Engage winners!

Categories: Drupal

Amazee Labs: Take the Amazee Agile Agency Survey 2017

14 hours 10 min ago
Take the Amazee Agile Agency Survey 2017

As part of my new role as Agile Consultant with Amazee Labs Zurich, I'm running a global survey to assess agile practices in our industry. Anyone working in an agency environment is welcome to fill out the survey!

Josef Dabernig Wed, 10/18/2017 - 13:57

Do you / does your agency work using defined agile methodologies such as Scrum and or Kanban? How do you fit theory into practice when it comes to working for different clients with different levels of understanding with regards to Agile practices at the same time?

Thank you for taking the survey before October 31 - I’m looking forward to report the findings in an upcoming blog post.

Categories: Drupal

OSTraining: Importing data from a CSV file into Drupal 8 with the Content Import module

19 hours 7 min ago

Sometimes you would like to import a huge volume of data from a CSV file into Drupal. Maybe from another CMS. Maybe from a spreadsheet. But there is no such functionality in Drupal 8 core. 

To import your data from a CSV file, you need to install and enable the contributed module "Content Import". In this tutorial, you are going to import five content items of the content type Customer.

Categories: Drupal

Acro Media: Video: Checkout in Drupal Commerce 2.x is Configurable for any Order Type

17 October 2017 - 8:00pm

A checkout is a pretty fundamental part of a commerce system. So the fact that Commerce 2.x has a checkout is not really news. But it’s what you can do with the checkout that makes 2.x special.

You can now configure the checkout workflow. You can opt to ask for billing information, shipping information, certificates, registration details, etc. There’s lots of different data that can change depending on the type of product you sell. If you sell digital products, for instance, you don’t need shipping information. If you sell course registrations, you might require pre-existing certificates. Maybe you do both, so you need to configure multiple types of checkouts.

And that’s easy to do. For the most part, it’s a matter of dragging and dropping options. You can add or remove pieces pretty easily. If you need something really custom, like if you need to validate a safety certificate against a third party, you might need a developer to build that functionality. But otherwise it’s a fairly simple process.

You can also integrate into any part of the checkout. Maybe you do something when you add to cart, or when you complete the order. Maybe you even go off-site to pay through PayPal or register through Eventbrite and then come back. You can hook into any step you need in order to get those things done.

Categories: Drupal

Drupal.org blog: What's new on Drupal.org - September 2017

17 October 2017 - 3:27pm

Read our Roadmap to understand how this work falls into priorities set by the Drupal Association with direction and collaboration from the Board and community.

We're back from DrupalCon Vienna, with updates on what's new from the month of our European event.

Announcement TLS 1.0 and 1.1 deprecated

Drupal.org uses the Fastly CDN service for content delivery, and Fastly has depreciated support for TLS 1.1, 1.0, and 3DES on the cert we use for Drupal.org, per the mandate by the PCI Security Standards Council. This change took place on 9 Aug 2017. This means that browsers and API clients using the older TLS 1.1 or 1.0 protocols will no longer be supported. Older versions of curl or wget may be affected as well.

Drupal.org updates DrupalCon Calendar syncing

In our last update, we teased a new feature for DrupalCon attendees - the ability to sync your personal schedule to a calendar program. We're pleased to report that this feature made it in time for the event, and was used by attendees throughout the week. If you've already synced your calendar for DrupalCon Vienna, you're already set up to use the same feed for DrupalCon Nashville next April!

Keynote simulcast to Youtube

This year at DrupalCon, in addition to live streaming on Events.Drupal.org itself, we simulcast the keynotes to YouTube. We also embedded the keynote on the Drupal.org homepage - to spread the latest news about Drupal beyond DrupalCon attendees.

In fact, if you couldn't attend DrupalCon or just missed the keynotes, you can watch Dries' update on the Drupal project here:

Industry Pages promoted in the front page Call-to-Action

We've also made some updates to how the industry pages are promoted. In addition to the dedicated block with icons linking to each industry, we now also promote the industry solutions landing page in the main CTA under the homepage header.

We hope to further encourage users evaluating Drupal to explore some of the tremendous solutions that are already out there, and take inspiration from their success.

First-in/First-out issue sorting

To make sure that issues are reviewed by maintainers in the order they are received, it is now possible to sort the issue queues by when the issue status last changed. This means RTBC issues can be reviewed on a first-in/first-out basis!

This 'status changed' date field is available on the advanced search view for any issue queue. Here's what it looks like for Drupal core:

Project creation analysis

About six months ago we opened up project creation on Drupal.org to allow any confirmed user to create a full project. We've put together a blog post outlining the impact these changes have had on the contrib landscape. In short, we've seen a tremendous increase in the rate of project creation, and the rate of applications for security advisory coverage, and a modest increase in projects receiving stable releases without yet opting in coverage. We're continuing to monitor project creation and work with the Security Working Group and others on next steps.

Displaying orphan dev releases

In last month's update we talked about a variety of changes we made to project pages, to provide better signals about project quality to evaluators. In response to feedback, we've restored the visibility of dev releases, even when they aren't associated with a tagged release.

This is particularly helpful for project maintainers trying to bring visibility to the next major development version of their modules, such as their Drupal 8 module port efforts.

———

As always, we’d like to say thanks to all the volunteers who work with us, and to the Drupal Association Supporters, who made it possible for us to work on these projects. In particular we want to thank:

If you would like to support our work as an individual or an organization, consider becoming a member of the Drupal Association.

Follow us on Twitter for regular updates: @drupal_org, @drupal_infra

Categories: Drupal

myDropWizard.com: It's OK to build new sites on Drupal 7

17 October 2017 - 2:11pm

In about a month, it'll be 2 years since Drupal 8.0.0 was released. Drupal 8 has come a long way since then, especially with Drupal 8.4.0 released two weeks ago, which is the most feature-packed release yet.

Drupal 8 is the future of Drupal. It's awesome.

However, looking at all the blogs and articles and podcasts in the Drupalsphere, we're sending a message that you should only build new sites on Drupal 8.

The common wisdom is that starting a new project on Drupal 7 is dumb idea.

While I'm sure there's lots of people who are OK with that or even think that's the right message...

I strongly believe that we are hurting the Drupal project by sending that message.

Read more to find out why!

Categories: Drupal

Drupal core announcements: Coding Standards Change Proposals 10/17

17 October 2017 - 11:59am

The TWG coding standards committee is announcing two issues for final discussion. Feedback will be reviewed on 10/31/2017.

New issues for discussion: Pending ratification Provisionally approved issues Interested in helping out?

You can get started quickly by helping us to update an issue summary or two or dive in and check out the full list of open proposals and see if there's anything you'd like to champion!

Categories: Drupal

Elevated Third: Elevated 3 Takeaways: Drupal 8

17 October 2017 - 9:35am
Elevated 3 Takeaways: Drupal 8 Elevated 3 Takeaways: Drupal 8 Nelson Harris Tue, 10/17/2017 - 10:35

In this edition of 3 Takeaways, our Business Development Strategist, Nelson Harris, reviews Drupal 8 and how the latest improvements help get more out of the box, leverage mobile, and upgrade smoothly.

 

 

Hi, I’m Nelson Harris, Business Development Strategist at Elevated Third. A question I get a lot from people is “what’s new and interesting about Drupal 8, and why might I upgrade.” There are a lot of reasons why you might want to upgrade to Drupal 8 but I’m just going to list three of them.

Takeaways #1: First, you get more out of the box.

There are a lot of useful modules in Drupal 8 core that have been built in. Things like views, multilingual, a WYSIWYG editor, and more types of fields. This means you can spend less time configuring and installing modules, and more time working on your site.

Takeaway #2: Second of all, mobile is in it’s DNA.

Built-in themes are all responsive and adapt well to different screen sizes. Tables will scale, and the new admin toolbar is really good on mobile devices. Chances are, you’re probably watching this video on the screen of your mobile device right now, so you can imagine why mobile might be important.

Takeaway #3: Finally, it’s built to be more future proof.

Where an upgrade from 7 to 8 or 6 to 7 requires scraping your codebase and starting all over from scratch, Drupal 8 is designed to go from 8 to 9 and 9 to 10 more seamlessly and more like an update patch as opposed to starting over. An investment in Drupal 8 really means that you're investing in your website because it's going to be easier to upgrade in the future.

Categories: Drupal

Drupal Modules: The One Percent: Drupal Modules: The One Percent —Timelogin (video tutorial)

17 October 2017 - 6:47am
Drupal Modules: The One Percent —Timelogin (video tutorial) NonProfit Tue, 10/17/2017 - 08:47 Episode 40

Here is where we seek to bring awareness to Drupal modules running on less than 1% of reporting sites. Today we'll look at Timelogin, a module which restricts users, based on role, from logging in during certain times of the day.

Categories: Drupal

Appnovation Technologies: Appnovator Spotlight: Paulo Gomes

17 October 2017 - 3:35am
Appnovator Spotlight: Paulo Gomes Who are you? What's your story? My name is Paulo Gomes, I am from Portugal and moved to the UK with my wife in 2016 to join Appnovation crew. I am an tech and web enthusiast since the 90's (so not too old and not too young), I graduated in Computers and Management in 2002, after that worked in many places and companies, as freelancer, trainer and t...
Categories: Drupal

Dropsolid: Load testing Drupal with Blazemeter and JMeter

17 October 2017 - 2:59am
17 Oct Load testing Drupal with Blazemeter and JMeter Niels A Tech

When going live with a big project, it is all about reassuring the client that the project will be able to handle all those excited visitors. To achieve that state of zen, it is paramount that you do a load test. The benefits of load tests go beyond peace of mind, however. For example, it enables you to spot issues that only happen during high load or let’s you spot bottlenecks in the infrastructure setup. The added bonus is that you can bask in the glory of your high-performance code - on the condition the test doesn’t fail, of course.

Need help with your load and performance testing?
Contact us 

 

When doing a load test it is important to do the following steps:

  • Analyse existing data
  • Prepare tests
  • Set up tools
  • Run the tests
  • Analyse the results

 

Analyse existing data

If you are in luck, you will already  have historic data available to use from Google Analytics. If this isn’t the case, you’ll have to get in touch with your client and ask a few to-the-point questions to help you estimate all the important metrics that I’ll be covering in this post.

 

A couple of tips I can give if you lack the historic data:

  • Ask if the client has a mailing (digital or old-school) list and how many people are on it
  • If you have made comparable sites in the past, look at their Google Analytics data
  • Ask the client how they are going to announce their new website
  • When you are working on an estimate, it is always better to add an extra 15% to it. Better safe than sorry!

The first thing you need to do, is set a reference frame. Pick a date range that has low activity as well as the highest activity you can find. Then start putting that data into a spreadsheet, as pictured below:

You can download an example copy of the file here

 

The most important metrics we are going to calculate are:

  • Peak concurrent user (Hourly sessions x Average sessions Duration / 3600)
  • Peak page views per second

 

The values you need to find or estimate are:

  • Peak daily page views
  • Peak hourly page views
  • Total page view for period
  • Peak hourly sessions
  • Total amount of sessions
  • Average session duration in seconds

As you can see, we mainly focus on the peak activity, because you test with the worst-case scenario in mind - which is, funnily enough, usually the best-case scenario for your client.

Before we start preparing our test, it is also handy to check which pages receive the most traffic. This benefits the validity of your test scenario.

 

Prepare the tests

For our tests we are going to start out with Apache JMeter, which you can grab here.

With JMeter you can test many different applications/server/protocol types, but we’re going to use it to make a whole lot of HTTP requests.

Make sure you have the required Java library and go boot up the ApacheJMeter.jar file.

 

Adding and configuring a Thread Group

Start by adding a Thread Group to your test plan by right clicking your Test plan and selecting Add > Threads (Users) > Thread Group

 

Eventually you will need to fill in the number of (concurrent) users and ramp-up period based on your analysis, but for now keep it low for debugging your test.

 

Adding and configuring User-Defined Variables

Then right click the thread group to add User Defined Variables (Add > Config Element > User Defined Variables).

Add two variables named url and protocol and assign them a value.

Using these user-defined variables makes it easy to choose another environment to test on. It avoids the painstaking and error-prone work of finding all references and changing them manually.

You can use these variables in input fields in your test by doing this: ${url} or ${protocol}

 

Adding and configuring HTTP config elements

 Next up, you need to add the following HTTP config elements to your thread group:

  • HTTP Request Defaults
  • HTTP Header Manager
  • HTTP Cookie Manager

On the first one, you use your variables to fill in the protocol and the server name.

On the second one, you can set default headers for each one of your requests. See the screenshot below for what I’ve put in default.

For the third one, you only select cookie policy: standard.

 

A simple page request sampler

Right-click your test again and add the HTTP request sampler (Add > Sampler > HTTP Request).

Here we are going to call the home page. The only things you need to set here are:

  • Method: GET
  • Path: /

We don’t fill in the protocol or server name because this is already covered by our HTTP Request Defaults.

 

Posting the contact form

In this one we are going to submit the contact form (which is located at www.example.com/contact), so add another HTTP Request like we did before. Now only fill in the following values:

  • Method: POST
  • Path: /contact
  • Follow redirects: True
  • Use KeepAlive: True

In order for Drupal to accept the submit, we need to add some parameters to our post, like this:

The important ones here are form_build_id and form_id. You can manually get the form id because it always stays the same. The form build ID can vary, so we need to extract this from the page. We’ll do this using the CSS/JQuery Extractor (right-click your HTTP Request sampler: Add > Post Processors > CSS/JQuery Extractor)

Configure it like the screenshot below:

It will now get that form_build_id from the page and put into a variable the sampler can use.$

 

Posting some Ajax on the form

Imagine our contact form has some Ajax functionality and we also want to test this. The way we go about it is identical to posting the regular form like we did before. The only difference is the post parameters, the path and an extra HTTP Header Manager.

You should set the path in your sampler to: /system/ajax

Then right click your sampler to add your new HTTP Header Manager (Add > Config Element > HTTP Header Manager). Configure it like shown in the screenshot:

  Saving the results of your test

Now that we’ve configured samplers, we need to add some listeners. You can add these listeners everywhere, but in our example we’ve added it to the test in a whole.

 

We’ll add three listeners:

  • View Results in Table:
    • Show every request in a table format
    • Handy for getting some metrics like latency and connect time
  • Simple Data Writer:
    • Writes test data to a file
    • Handy for debugging when using Blazemeter (check out this link)
    • Just load the file into the View Results Tree
  • View Results Tree:
    • It shows you the actual response and request.
    • Uses a lot of resources (so only good for debugging)

 

There is a lot more you can do with JMeter. You can read all about it here.


Test-run the test

Now that we’ve configured our test it is time to try it out. So make sure not to put too much concurrent users in there. Just run the test by pressing the green ‘Play’ icon.

If you get errors, debug them using the feedback you got from your listeners.

As this wise man once said: "Improvise. Adapt. Overcome."

After you’ve validated your test, it’s always handy to turn up the concurrent users until your local site breaks. It’ll give you a quick idea of where a possible bottleneck could be.

Just a small warning: doing that load test on your local machine (running the test and the webserver) will take up a lot of resources and can give you skewed results.

You can download an example here.

 

Set up tools Load testing with Blazemeter

When you have a project that will have a lot of concurrent users, your computer is most likely not able to handle doing all those calls and that is why it is good to test from a distributed setup like Blazemeter does.

 

You can have multiple computers running the same test with only a part of the concurrent users or you can pay for a service like Blazemeter.

 

The downside of using multiple computers is that they still use the same corporate WiFi or ethernet, blocking yourself possibly to the lowest common denominator, which is most likely unknown and could cause trouble that might skew your test. On top of that you will also have to aggregate all those results yourself, costing you precious time.

 

For us the mayor benefits of Blazemeter are the following:

  • Simulate a massive amount of concurrent users with little hassle
  • Persistence of test results and comparison between tests
  • Executive report to deliver to a technical savvy client
  • Sandbox mode tests that don’t count against your monthly testing quota

 

Adding your JMeter test in Blazemeter is very easy and straightforward. Just click ‘Create Test’ in the menu and select JMeter Test.

Upload the file and you can start to configure your test to reflect your test scenario from the analysis chapter. We suggest to choose to ‘Originate a load’ from a service that is closest to your target population.

Before you run your test, it is important to have set up your monitoring of the environment you want to test.

 

Monitoring performance

At Dropsolid, we like to use New Relic to monitor performance of our environments but you could also use open source tools like Munin.

The most important factors in your decision of monitoring tool should be:

  • Persistence of monitoring data
  • Detail of monitoring data
  • Ease of use

If you are using New Relic, we recommend to install both APM and Server. The added value of having APM is that you can quickly get an overview of possible bottlenecks in PHP and MySQL.

 

Run the test

Now that everything is set up, it is important to have an environment that is a perfect copy of your production environment. That way you can easily optimize your environment without having to wait for a good moment to restart your server.

Run your test, sit back and relax.

 

Analyse the results

If everything has gone according to plan, you should now have reports from both Blazemeter and New Relic.

Blazemeter report of a test of 854 concurrent usersNew Relic monitoring during the same test

If your server was able to handle the peak amount of users, then your job is done and you can inform the client that they can rest assured that it won’t go down.

If your server couldn’t handle it, it is time to compare the results from Blazemeter and New Relic to find out where your bottleneck is.

Common issues are the following:

  • Not the right memory allocation between parts of the stack.
  • Misconfiguration of your stack. For example, MySQL has multiple example configuration files for different scenarios
  • Not using extra performance enhancing services like varnish, memcache, redis,...
  • Horrible code

If the issue is horrible code, then use tools like xhprof or blackfire.io to profile your code.

Need expert help with your performance tests? Just get in touch!

Contact us for performance testing 


Final note

As Colin Powell once said: "There are no secrets to success. It is the result of preparation, hard work and learning from failure." That is exactly what we did here: we prepared our test thoroughly, we tested our script multiple times and adapted when it failed.

Categories: Drupal

Chapter Three: Presentation: Aprendiendo D8 a través de Single Sign-On (Learning Drupal 8 through Single Sign-On)

16 October 2017 - 10:35am

Last week at DrupalCamp Quito, I presented an updated, Spanish-language version of my DrupalCon session. If you would like to view the presentation in English, you can find it on my DrupalCon blog post.

Las estructuras orientadas a objetos han reemplazado a nuestros queridos "hooks" que nos permitían extender Drupal con nueva funcionalidad sin necesidad de hackear core (u otros módulos de contrib). Pero, ¿cómo funciona esto? En esta charla revisamos cómo extender un módulo para implementar single sign-on (SSO), y al hacerlo nos adentramos a cómo la programación orientada a objetos hace magia en nuestros módulos, haciéndolos más fáciles de escribir, entender y depurar. Adicionalmente, se describen algunos de los patrones de diseño de Drupal, cómo utilizar event listeners, sobreescribir rutas y otras herramientas.

 

Categories: Drupal

Nextide Blog: Drupal Ember Basic App Refinements

16 October 2017 - 9:04am

This is part 3 of our series on developing a Decoupled Drupal Client Application with Ember. If you haven't yet read the previous articles, it would be best to review Part1 first. In this article, we are going to clean up the code to remove the hard coded URL for the host, move the login form to a separate page and add a basic header and styling.

We currently have defined the host URL in both the adapter (app/adapters/application.js) for the Ember Data REST calls as well as the AJAX Service that we use for the authentication (app/services/ajax.js). This is clearly not a good idea but helped us focus on the initial goal and our simple working app.

Categories: Drupal

Matt Glaman: Why and How for SSLs and your website

16 October 2017 - 2:00am
Why and How for SSLs and your website mglaman Mon, 10/16/2017 - 04:00 Secure sites. HTTPS and SSL. A topic more and more site owners and maintainers are having to work with. For some, this is a great thing and others it is either nerve-wracking or confusing. Luckily, for us all, getting an SSL and implementing full site HTTPS is becoming easier.
Categories: Drupal

PreviousNext: Update to Drupal core 8.4, a step by step guide

15 October 2017 - 11:24pm
Share:

Drupal 8.4 is stable! With 8.3 coming to end of life, it's important to update your projects to the latest and greatest. This blog will guide you through upgrading from Drupal core 8.3 to 8.4 while avoiding those nasty and confusing composer dependency errors.

by Adam Bramley / 16 October 2017

The main issues with the upgrade to Drupal core 8.3 are dependency conflicts between Drush and Drupal core. The main conflict being that both Drush 8.1.x and Drupal 8.3 use the 2.x version of Symfony libraries, while Drupal 8.4 has been updated to use Symfony 3.x. This means that when using composer to update Drupal core alone, composer will complain about conflicts in dependencies, since Drush depends on Symfony 2.x

Updating your libraries

Note: If you are using Drush 8.1.15 you will not have these issues as it is now compatible with both Symfony 2.x and 3.x

However, if you are using Drush < 8.1.15 (which a lot of people will be on), running the following command will give you a dependency conflict:

composer update drupal/core --with-dependencies

Resulting in an error message, followed by a composer trace:

Your requirements could not be resolved to an installable set of packages.

The best way to fix this is to update both Drupal core and Drush at the same time. Drush 8.x is not compatible with Drupal 8.4 so you will need to update to Drush 9.x.

composer update drupal/core drush/drush --with-dependencies
composer require "drush/drush:~9.0"

Some people have reported success with simply running a require on both updated versions of Drupal and Drush at the same time, but this did not work for me

composer require "drupal/core:~8.4" "drush/drush:~9.0"

What next?

Great, you're on the latest versions of both core and drush, but what's next? Well, that depends on a lot of things like what contributed and custom modules your project is running, how you're deploying your site, and what automated tests you are running. As I can't possibly cover all bases, I'll go through the main issues we encountered.

First things first, you'll need to get your site's database and configuration updated. I highly recommend running your database update hooks and exporting your site's configuration before proceeding any further.

Next, you'll want to ensure that all of your deployment tools are still working. Here at PreviousNext our CI/CD tools call Make commands which are essentially just wrappers around one or more Drush commands.

For the most part, the core Drush commands (that is, the commands that ship with drush) continued working as expected, with a couple of small caveats:

1. You can no longer pipe a SQL dump into the drush sql-cli (sqlc) command.

Previously, we had:
drush sqlc < /path/to/db.sql
Now we have:
`eval drush sql-connect` < /path/to/db.sql

Note: As of Drush 9.0-beta7 this has now been fixed, meaning the old version will work again!

2. The drush --root option no longer works with relative paths

Previously, our make commands all ran Drush with the --root (or -r) option relative to the repository root:
./bin/drush -r ./app some-command
Now it must be an absolute path, or Drush will complain about not being able to find the Drupal settings:
./bin/drush -r /path/to/app some-command

3. Custom Drush commands

For custom Drush commands, you will need to port them to use the new object oriented style approach and put the command into a dedicated module. Since version 9.0-beta5, Drush has dropped support for the old drush.inc style approach that could be used to add commands to a site without adding a new module.

For an example on this, take a look at our drush_cmi_tools library which provides some great extensions for importing and exporting config. This PR shows how we ported these commands to the new Drush 9 format.

For more information on porting commands to Drush 9, check out Moshe Weitzman's blog on it.

Other gotchas

Following the Drush upgrades, your project will need various other updates based on the modules and libraries it uses. I'll detail some issues I faced when updating the Transport for NSW site below.

1. Stale bundles in the bundle field map key value collection

Added as part of this issue, views now throws warnings similar to "A non-existent config entity name returned by FieldStorageConfigInterface::getBundles(): field name: field_dates, bundle: page" for fields that are in the entity bundle field field map that no longer exist on the site. We had a handful of these fields which threw warnings on every cache clear. To fix this, simply add an update hook which clears out these stale fields from the entity.definitions.bundle_field_map keyvalue collection:

/** * Fix entity.definitions.bundle_field_map key store with old bundles. */ function my_module_update_8001() { /** @var \Drupal\Core\KeyValueStore\KeyValueFactoryInterface $key_value_factory */ $key_value_factory = \Drupal::service('keyvalue'); $field_map_kv_store = $key_value_factory->get('entity.definitions.bundle_field_map'); $node_map = $field_map_kv_store->get('node'); // Remove the field_dates field from the bundle field map for the page bundle. unset($node_map['field_dates']['bundles']['page']); $field_map_kv_store->set('node', $node_map); }

2. Custom entities with external uri relationships throw Fatal errors when delete while menu_link_content is installed

The menu_link_content module now has an entity_predelete hook that looks through an entities uri relationships and tries to find any menu links that link to that specific route, and if so deletes them. When the uri is external, an error is thrown when it tries to get the route name "External URLs do not have an internal route name.". See this issue for more information.

3. Tests that submit a modal dialog window will need to be altered

This is a very edge case issue, but will hopefully help someone! In older versions of jQuery UI, the buttons that were added to the bottom of the modal form for submission had an inner span tag which could be clicked as part of a test. For example, in Linkit's LinkitDialogTest. This span no longer exists, and attempting to "click" any other part of that button in a similar way will throw an error in PhantomJS. To get around that simply change your test to do something similar to the following:

$this->click('.ui-dialog button:contains("Save")');

Kudos to jhedstrom for finding this one. See this issue for more information.

Conclusion

Personally, I found the upgrade to be quite tedious for a minor version upgrade. Thankfully, our project has a large suite of functional/end-to-end tests which really helped tease out the issues and gave us greater confidence that the site was still functioning well post-upgrade. Let me know in the comments what issues you're facing!

Finally, take a look at Lee's blog on some of the major changes in 8.4 for some more insight into what you might need to fix.

Tagged Composer, Drupal 8, drush

Posted by Adam Bramley
Senior Drupal Developer

Dated 16 October 2017

Add new comment
Categories: Drupal

Love Huria: Time to level up Code Reviews

15 October 2017 - 11:00pm

Being part of a Code review process is very important for us and trust me we take it very seriously. This is required not just for the team but for an individual learning as well.

Code reviews are very crucial for knowledge transfer and to avoid making small/common mistakes and of course maintaining best practices throughout the dev team. So Let’s take my team for example: we are around 11 developers in the team, all producing code which needs to be reviewed. So basically yeah that’s a whole lot of code!

Why It’s Important?

Pushing code to production is...

Categories: Drupal

Lullabot: Behind the Screens with Chris Teitzel

15 October 2017 - 9:00pm
Chris Teitzel of Cellar Door Media gives us a preview of Security Saturday at BadCamp 2017 and provides some great tips for securing your website. He tells us why we should always say yes to the community; you never know where it's going to lead. Chris also shares some amazing stories about bringing a Drupal-based communications tool developed from the DrupalCon Denver Tropo Hackathon, to Haiti in 2012 to help with relief efforts after their devastating 2010 earthquake.
Categories: Drupal

Pages