Drupal Development (Part 2)
Loading...
Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.
2 Favorites
-
Devlon Duthie, Developer favorited this 6 months ago
-
bennos
favorited this 6 months ago
Drupal Development (Part 2) - Presentation Transcript
- Drupal Code: Day 2 the good, the bad, and the nerdy
- we join our cms, already in progress
- drupal core coordinates http://www.flickr.com/photos/35104960@N00/509525572/
- drupal announces events
- hooks let modules listen
- modules react
- ...and change behavior http://www.flickr.com/photos/spiicytuna/188111824
- happy baby is happy
- FormAPI
- $form[‘foo’] = array( ‘#type’ => ‘textarea’, ‘#required’ => TRUE, ‘#title’ => t(‘Your foo’), ‘#default_value’ => “Some text…”, ‘#resizable’ => TRUE, );
- $form[‘bar’] = array( ‘#type’ => ‘fieldset’, ‘#title’ => t(‘Several bars’), ‘#collapsible’ => TRUE, ‘#collapsed’ => FALSE, );
- $form[‘bar’][‘baz’] = array( ‘#type’ => ‘select’, ‘#title’ => t(‘Baz in a bar’), ‘#options’ => array( 1 => t(‘Option one’), 2 => t(‘Option two’), 3 => t(‘Option three’), ), ‘#multiple’ => TRUE, ‘#default_value’ => 2, ‘#weight’ => -10 );
- function mymodule_settings_page() { return drupal_get_form(‘mymodule_form’); } function mymodule_form() { $form[‘foo’] = array( ‘#type’ => ‘textarea’, ‘#title’ => t(‘Your foo’), ‘#default_value’ => t(‘Enter your text here…’), ); $form[‘submit’] = array( ‘#type’ => ‘submit’, ‘#value’ => t(‘Pity the foo’), ); return $form; }
- function mymodule_settings_page() { return drupal_get_form(‘mymodule_form’); } function mymodule_form() { $form[‘foo’] = array( ‘#type’ => ‘textarea’, ‘#title’ => t(‘Your foo’), ‘#default_value’ => t(‘Enter your text here…’), ); $form[‘submit’] = array( ‘#type’ => ‘submit’, ‘#value’ => t(‘Pity the foo’), ); return $form; }
- function mymodule_form_alter($form, &$state, $id) { if ($id == ‘yourmodule_form’) { unset($form[‘your_field’]); $form[‘my_extra_field’] = array( ‘#type’ => ‘textarea’, ‘#title’ => t(‘THIS field is mine.’, ‘#weight’ => -10, ); $form[‘#validate’][] = ‘my_validation_code’; $form[‘#submit’][] = ‘my_submit_code’; } }
- function mymodule_form_validate($form, &$state) { if ($state[‘values’][‘foo’] == ‘Yo Momma’) { form_set_error(‘foo’, t(‘Show some respect.’)); } } function mymodule_form_submit($form, &$state) { variable_set(‘my_foo’, $state[‘values’][‘foo’]); }
- Key Pieces • Form ID • Form Builder function • Validation functions • Submission functions • “Form State”
- happy baby is happy
- best practices
- best practices
- theme()
- function build_my_page() { $output = ‘<h3>My stuff</h3>' $records = get_records(); $output .= ‘<ul>’; foreach ($records as $record) { $output .= “<li>”. $record->name .”</li>”; } $output .= ‘</ul>’; return $output; }
- function build_my_page() { $output = ‘<h3>My stuff</h3>' $records = get_records(); $output .= ‘<ul>’; foreach ($records as $record) { $output .= “<li>”. $record->name .”</li>”; } $output .= ‘</ul>’; return $output; } function build_my_page() { $records = get_records(); foreach ($records as $record) { $items[] = $records->name; } return theme(‘item_list’, $items, t(‘My stuff’)); }
- function mymodule_theme() { return array( 'mymodule_data' => array( 'arguments' => array( 'data' => NULL, 'option' => TRUE))); } function theme_mymodule_data($data, $option) { $output = ‘<em>’. $data->foo .’</em>’; if ($option) { $output .= ‘ <b>’. $data->bar .’</b>’; } return $output; }
- use theme() for all html
- db_query()
- function get_my_data($username) { $sql = “SELECT * FROM users “; $sql .= “WHERE name = ‘$username’”; $results = mysql_query($sql); return $results; }
- function get_my_data($username) { $sql = “SELECT * FROM users “; $sql .= “WHERE name = ‘$username’”; $results = mysql_query($sql); return $results; } function get_my_data($username) { $sql = “SELECT * FROM {users} u “; $sql .= “WHERE u.name = ‘%s’”; $results = db_query($sql, $username); return $results; }
- use db_query() for all queries
- l()
- $link = “<a href=‘/about-us’>About!</a>”;
- $link = “<a href=‘/about-us’>About!</a>”; http://www.mysite.com/node/1 http://www.mysite.com/seo-friendly-name http://www.mysite.com/subdirectory/node/1 http://www.mysite.com/index.php?q=node/1 http://www.mysite.com/fr/node/1
- $link = “<a href=‘/about-us’>About!</a>”; http://www.mysite.com/node/1 http://www.mysite.com/seo-friendly-name http://www.mysite.com/subdirectory/node/1 http://www.mysite.com/index.php?q=node/1 http://www.mysite.com/fr/node/1 $link = l($title, $url);
- use l() for all links
- t()
- function my_message($name) { return “This is your message, $name!”; }
- function my_message($name) { return “This is your message, $name!”; } function my_message($name) { $values = array(‘%name’ => $name); $message = ‘This is your message, %name!’; return t($message, $values); }
- use t() for all UI text
- PHPDoc
- /** * Prepares a structured form array by adding required elements, * executing any hook_form_alter functions, and optionally * inserting a validation token to prevent tampering. * * @param $form_id * A unique string identifying the form for validation, * submission, theming, and hook_form_alter functions. * @param $form * An associative array containing the structure of the form. * @param $form_state * A keyed array containing the current state of the form. * Passed in here so that hook_form_alter() calls can use it, * as well. */ function drupal_prepare_form($form_id, &$form, &$form_state) { // Actual codes goes here… }
- drupal core 1% Code 37% Comments Jokes 62%
- use PHPDoc to explain your code
- Coder module
- hook, don’t hack
- happy baby is happy
- security (never trust anyone)
- SQL Injection
- function get_my_data($name, $date) { $sql = “SELECT * FROM {users} u “; $sql .= “WHERE u.name = ‘%s’ ”; $sql .= “AND u.created > %d ”; $results = db_query($sql, $name, $date); return $results; }
- function get_my_data($name, $date) { $sql = “SELECT * FROM {users} u “; $sql .= “WHERE u.name = ‘%s’ ”; $sql .= “AND u.created > %d ”; $results = db_query($sql, $name, $date); return $results; } %s, %d, %f, and %b are your friends
- XSS (use output filtering)
- XSS (use output filtering)
- XSS (use output filtering) Use filter_xss($text)
- CSRF
- CSRF Use FormAPI. ALWAYS.
- input formats (PHP, oh noes)
- input formats (PHP, oh noes)
- http://drupal.org/ writing-secure-code
- happy baby is happy
- Performance (It’s always the db)
- cold hard cache
- cold hard cache
- devel module
- devel module
- devel module
- make your own cache
- function my_module_stuff($reset = FALSE) { static $stuff; if (!isset($stuff) || $reset) { if (!$reset && ($cache = cache_get('my_stuff'))) { $stuff = $cache->data; make your } else { own cache // Do your expensive calculations here, // and populate $my_data with stuff.. cache_set('my_stuff', $stuff); } } return $stuff; }
- happy baby is happy
- the community
- sign up. seriously.
- participate
- participate
- • Always use FormAPI • Follow best practices (Coder helps!) • It’s always the DB’s fault (cache) • Don’t trust anyone (sanitize output) • Participate!
- happy baby is happy
+
631 views, 2 favs, more stats
A whirlwind tour of Drupal best practices, presente more
Related Presentations
-
Drupal Development
-
Introduction to Python - Part Two
-
Introduction to Python - Part Three
-
Best Practices For Drupal Develope…
-
Drupal Development Security Essent…
-
Managing Drupal Development with M…
-
SharePoint Saturday Baltimore 7/25…
-
An Introduction to Development wit…
-
Apress Pro Drupal Development (A…
More info about this document
© All Rights Reserved
Go to text version
- Total Views 631
- 631 on SlideShare
- Comments 0
- Favorites 2
- Downloads 32
Most viewed embeds
All embeds
- Upload Info
- Uploaded via SlideShare
- Uploaded as Apple Keynote
0 comments
Post a comment