SlideShare a Scribd company logo

Drupal sins 2016 10-06

Download as PPTX, PDF
A
Aaron Crosman

Provide a custom authentication solution that allows staff to have one backend and members another.

Internet
1 of 8
Drupal Sins How I learned to stop thinking and love sites that bomb. By: Aaron Crosman
The Goal Provide a custom authentication solution that allows staff to have one backend and members another.
The sinful solution During login form validation check to see if the user is a staff member, by authenticating the user, checking their groups, and logging out staff.
Taken from a .module file /** * Prevents staff members from logging in outside of staff login page. <<-- Why? */ function my_auth_staff_boot($form, &$form_state) { // NOT actually a hook_boot (thankfully) called as login form validator... user_authenticate($form_state['values']); global $user; if (in_array('An Employee', $user->roles)) { form_set_error($form['#id'], l(t('Staff must log in via staff-login', 'staff-login')), TRUE); drupal_set_message('Staff must log in via ' . l(t('staff-login', 'staff-login')), 'error', TRUE); // Load the user pages in case they have not been loaded. module_load_include('inc', 'user', 'user.pages'); user_logout(); } }
A Better Solution Mimic LDAP or GAuth Modules’ approaches. LDAP attaches a validator to the form and takes over authentication (there are lots of options so the code there is extensive). The GAuth module adds a submit button to the form and handles all processing for that form directly.
GAuth Simplified /** * Implements hook_form_alter(). */ function gauth_login_form_alter(&$form, &$form_state, $form_id) { if ($form_id == 'user_login' || $form_id == 'user_login_block') { $form['submit_google'] = array( '#type' => 'submit', '#value' => t(''), '#submit' => array('gauth_login_user_login_submit'), '#limit_validation_errors' => array(), '#weight' => 1000, ); drupal_add_css(drupal_get_path('module', 'gauth_login') . '/gauth_login.css'); } }
GAuth Simplified 2 /** * Login using google, submit handler */ function gauth_login_user_login_submit() { if (variable_get('gauth_login_client_id', FALSE)) { // .. skipping resource validation ... $client = new Google_Client(); // .. skipping client setup ... $url = $client->createAuthUrl(); // Send the user off to Google for processing drupal_goto($url); } // ... skip errors } From there we pass through a menu router from the main module, and an API hook to get...
GAuth Simplified 3 function gauth_login_gauth_google_response() { if (isset($_GET['state'])) { // Skipping some error traps... $redirect_url = isset($state['destination']) ? $state['destination'] : ''; if (isset($_GET['code'])) { // Skipping a bunch of Client setup... $oauth = new Google_Service_Oauth2($client); $info = $oauth->userinfo->get(); if ($uid = gauth_login_load_google_id($info['id'])) { $form_state['uid'] = $uid; user_login_submit(array(), $form_state); // << That right there!! } else { // Skipping other options.... } } drupal_goto($redirect_url); // << be nice and handle the destination parameter } } <<Yeah I know three slides hardly counts as simplified.>>

Recommended

Sins Against Drupal 2
Sins Against Drupal 2Sins Against Drupal 2
Sins Against Drupal 2
Aaron Crosman
 
Php if
Php ifPhp if
Php if
nurhardianti98
 
WordPress Capabilities Magic
WordPress Capabilities MagicWordPress Capabilities Magic
WordPress Capabilities Magic
mannieschumpert
 
날로 먹는 Django admin 활용
날로 먹는 Django admin 활용날로 먹는 Django admin 활용
날로 먹는 Django admin 활용
KyeongMook "Kay" Cha
 
Growing jQuery
Growing jQueryGrowing jQuery
Growing jQuery
gueste8d8bc
 
AngularJS Routing
AngularJS RoutingAngularJS Routing
AngularJS Routing
Eyal Vardi
 
Keeping It Simple
Keeping It SimpleKeeping It Simple
Keeping It Simple
Stephanie Leary
 
AngulrJS Overview
AngulrJS OverviewAngulrJS Overview
AngulrJS Overview
Eyal Vardi
 

Recommended

Sins Against Drupal 2
Sins Against Drupal 2Sins Against Drupal 2
Sins Against Drupal 2
Aaron Crosman
 
Php if
Php ifPhp if
Php if
nurhardianti98
 
WordPress Capabilities Magic
WordPress Capabilities MagicWordPress Capabilities Magic
WordPress Capabilities Magic
mannieschumpert
 
날로 먹는 Django admin 활용
날로 먹는 Django admin 활용날로 먹는 Django admin 활용
날로 먹는 Django admin 활용
KyeongMook "Kay" Cha
 
Growing jQuery
Growing jQueryGrowing jQuery
Growing jQuery
gueste8d8bc
 
AngularJS Routing
AngularJS RoutingAngularJS Routing
AngularJS Routing
Eyal Vardi
 
Keeping It Simple
Keeping It SimpleKeeping It Simple
Keeping It Simple
Stephanie Leary
 
AngulrJS Overview
AngulrJS OverviewAngulrJS Overview
AngulrJS Overview
Eyal Vardi
 
Rails, Postgres, Angular, and Bootstrap: The Power Stack
Rails, Postgres, Angular, and Bootstrap: The Power StackRails, Postgres, Angular, and Bootstrap: The Power Stack
Rails, Postgres, Angular, and Bootstrap: The Power Stack
David Copeland
 
Introducing jQuery
Introducing jQueryIntroducing jQuery
Introducing jQueryWildan Maulana
 
J queryui
J queryuiJ queryui
J queryuiInbal Geffen
 
WordPress Theme Design and Development Workshop - Day 3
WordPress Theme Design and Development Workshop - Day 3WordPress Theme Design and Development Workshop - Day 3
WordPress Theme Design and Development Workshop - Day 3
Mizanur Rahaman Mizan
 
Rails GUI Development with Ext JS
Rails GUI Development with Ext JSRails GUI Development with Ext JS
Rails GUI Development with Ext JS
Martin Rehfeld
 
06 Php Mysql Connect Query
06 Php Mysql Connect Query06 Php Mysql Connect Query
06 Php Mysql Connect Query
Geshan Manandhar
 
Who Needs Ruby When You've Got CodeIgniter
Who Needs Ruby When You've Got CodeIgniterWho Needs Ruby When You've Got CodeIgniter
Who Needs Ruby When You've Got CodeIgniterciconf
 
Handlebars
HandlebarsHandlebars
HandlebarsSivasankaran Murugaiyan
 
jQuery and Rails, Sitting in a Tree
jQuery and Rails, Sitting in a TreejQuery and Rails, Sitting in a Tree
jQuery and Rails, Sitting in a Treeadamlogic
 
Getting classy with ES6
Getting classy with ES6Getting classy with ES6
Getting classy with ES6
Andy Sharman
 
Devoxx 2014-webComponents
Devoxx 2014-webComponentsDevoxx 2014-webComponents
Devoxx 2014-webComponents
Cyril Balit
 
Friendlier, Safer WordPress Admin Areas
Friendlier, Safer WordPress Admin AreasFriendlier, Safer WordPress Admin Areas
Friendlier, Safer WordPress Admin Areas
Cliff Seal
 
Kick start with j query
Kick start with j queryKick start with j query
Kick start with j queryMd. Ziaul Haq
 
24. CodeIgniter simple login with sessions
24. CodeIgniter simple login with sessions24. CodeIgniter simple login with sessions
24. CodeIgniter simple login with sessions
Razvan Raducanu, PhD
 
Casl. isomorphic permission management.pptx
Casl. isomorphic permission management.pptxCasl. isomorphic permission management.pptx
Casl. isomorphic permission management.pptx
Sergiy Stotskiy
 
Clever Joomla! Templating Tips and Tricks
Clever Joomla! Templating Tips and TricksClever Joomla! Templating Tips and Tricks
Clever Joomla! Templating Tips and Tricks
ThemePartner
 
jQuery - 10 Time-Savers You (Maybe) Don't Know
jQuery - 10 Time-Savers You (Maybe) Don't KnowjQuery - 10 Time-Savers You (Maybe) Don't Know
jQuery - 10 Time-Savers You (Maybe) Don't Knowgirish82
 
TDC2016SP - Rails Custom Validators - Não se esqueça deles
TDC2016SP - Rails Custom Validators - Não se esqueça delesTDC2016SP - Rails Custom Validators - Não se esqueça deles
TDC2016SP - Rails Custom Validators - Não se esqueça deles
tdc-globalcode
 
Javascript
JavascriptJavascript
Javascripttimsplin
 
Introduction to Web Components
Introduction to Web ComponentsIntroduction to Web Components
Introduction to Web Components
Felix Arntz
 
Routing in Drupal 8
Routing in Drupal 8Routing in Drupal 8
Routing in Drupal 8
kgoel1
 
Angular Workshop_Sarajevo2
Angular Workshop_Sarajevo2Angular Workshop_Sarajevo2
Angular Workshop_Sarajevo2Christoffer Noring
 

More Related Content

What's hot

Rails, Postgres, Angular, and Bootstrap: The Power Stack
Rails, Postgres, Angular, and Bootstrap: The Power StackRails, Postgres, Angular, and Bootstrap: The Power Stack
Rails, Postgres, Angular, and Bootstrap: The Power Stack
David Copeland
 
WordPress Theme Design and Development Workshop - Day 3
WordPress Theme Design and Development Workshop - Day 3WordPress Theme Design and Development Workshop - Day 3
WordPress Theme Design and Development Workshop - Day 3
Mizanur Rahaman Mizan
 
Rails GUI Development with Ext JS
Rails GUI Development with Ext JSRails GUI Development with Ext JS
Rails GUI Development with Ext JS
Martin Rehfeld
 
06 Php Mysql Connect Query
06 Php Mysql Connect Query06 Php Mysql Connect Query
06 Php Mysql Connect Query
Geshan Manandhar
 
Who Needs Ruby When You've Got CodeIgniter
Who Needs Ruby When You've Got CodeIgniterWho Needs Ruby When You've Got CodeIgniter
Who Needs Ruby When You've Got CodeIgniterciconf
 
jQuery and Rails, Sitting in a Tree
jQuery and Rails, Sitting in a TreejQuery and Rails, Sitting in a Tree
jQuery and Rails, Sitting in a Treeadamlogic
 
Getting classy with ES6
Getting classy with ES6Getting classy with ES6
Getting classy with ES6
Andy Sharman
 
Devoxx 2014-webComponents
Devoxx 2014-webComponentsDevoxx 2014-webComponents
Devoxx 2014-webComponents
Cyril Balit
 
Friendlier, Safer WordPress Admin Areas
Friendlier, Safer WordPress Admin AreasFriendlier, Safer WordPress Admin Areas
Friendlier, Safer WordPress Admin Areas
Cliff Seal
 
Kick start with j query
Kick start with j queryKick start with j query
Kick start with j queryMd. Ziaul Haq
 
24. CodeIgniter simple login with sessions
24. CodeIgniter simple login with sessions24. CodeIgniter simple login with sessions
24. CodeIgniter simple login with sessions
Razvan Raducanu, PhD
 
Casl. isomorphic permission management.pptx
Casl. isomorphic permission management.pptxCasl. isomorphic permission management.pptx
Casl. isomorphic permission management.pptx
Sergiy Stotskiy
 
Clever Joomla! Templating Tips and Tricks
Clever Joomla! Templating Tips and TricksClever Joomla! Templating Tips and Tricks
Clever Joomla! Templating Tips and Tricks
ThemePartner
 
jQuery - 10 Time-Savers You (Maybe) Don't Know
jQuery - 10 Time-Savers You (Maybe) Don't KnowjQuery - 10 Time-Savers You (Maybe) Don't Know
jQuery - 10 Time-Savers You (Maybe) Don't Knowgirish82
 
TDC2016SP - Rails Custom Validators - Não se esqueça deles
TDC2016SP - Rails Custom Validators - Não se esqueça delesTDC2016SP - Rails Custom Validators - Não se esqueça deles
TDC2016SP - Rails Custom Validators - Não se esqueça deles
tdc-globalcode
 
Javascript
JavascriptJavascript
Javascripttimsplin
 
Introduction to Web Components
Introduction to Web ComponentsIntroduction to Web Components
Introduction to Web Components
Felix Arntz
 

What's hot (20)

Rails, Postgres, Angular, and Bootstrap: The Power Stack
Rails, Postgres, Angular, and Bootstrap: The Power StackRails, Postgres, Angular, and Bootstrap: The Power Stack
Rails, Postgres, Angular, and Bootstrap: The Power Stack
 
Introducing jQuery
Introducing jQueryIntroducing jQuery
Introducing jQuery
 
J queryui
J queryuiJ queryui
J queryui
 
WordPress Theme Design and Development Workshop - Day 3
WordPress Theme Design and Development Workshop - Day 3WordPress Theme Design and Development Workshop - Day 3
WordPress Theme Design and Development Workshop - Day 3
 
Rails GUI Development with Ext JS
Rails GUI Development with Ext JSRails GUI Development with Ext JS
Rails GUI Development with Ext JS
 
06 Php Mysql Connect Query
06 Php Mysql Connect Query06 Php Mysql Connect Query
06 Php Mysql Connect Query
 
Who Needs Ruby When You've Got CodeIgniter
Who Needs Ruby When You've Got CodeIgniterWho Needs Ruby When You've Got CodeIgniter
Who Needs Ruby When You've Got CodeIgniter
 
Handlebars
HandlebarsHandlebars
Handlebars
 
jQuery and Rails, Sitting in a Tree
jQuery and Rails, Sitting in a TreejQuery and Rails, Sitting in a Tree
jQuery and Rails, Sitting in a Tree
 
Getting classy with ES6
Getting classy with ES6Getting classy with ES6
Getting classy with ES6
 
Devoxx 2014-webComponents
Devoxx 2014-webComponentsDevoxx 2014-webComponents
Devoxx 2014-webComponents
 
Friendlier, Safer WordPress Admin Areas
Friendlier, Safer WordPress Admin AreasFriendlier, Safer WordPress Admin Areas
Friendlier, Safer WordPress Admin Areas
 
Kick start with j query
Kick start with j queryKick start with j query
Kick start with j query
 
24. CodeIgniter simple login with sessions
24. CodeIgniter simple login with sessions24. CodeIgniter simple login with sessions
24. CodeIgniter simple login with sessions
 
Casl. isomorphic permission management.pptx
Casl. isomorphic permission management.pptxCasl. isomorphic permission management.pptx
Casl. isomorphic permission management.pptx
 
Clever Joomla! Templating Tips and Tricks
Clever Joomla! Templating Tips and TricksClever Joomla! Templating Tips and Tricks
Clever Joomla! Templating Tips and Tricks
 
jQuery - 10 Time-Savers You (Maybe) Don't Know
jQuery - 10 Time-Savers You (Maybe) Don't KnowjQuery - 10 Time-Savers You (Maybe) Don't Know
jQuery - 10 Time-Savers You (Maybe) Don't Know
 
TDC2016SP - Rails Custom Validators - Não se esqueça deles
TDC2016SP - Rails Custom Validators - Não se esqueça delesTDC2016SP - Rails Custom Validators - Não se esqueça deles
TDC2016SP - Rails Custom Validators - Não se esqueça deles
 
Javascript
JavascriptJavascript
Javascript
 
Introduction to Web Components
Introduction to Web ComponentsIntroduction to Web Components
Introduction to Web Components
 

Similar to Drupal sins 2016 10-06

Routing in Drupal 8
Routing in Drupal 8Routing in Drupal 8
Routing in Drupal 8
kgoel1
 
Virtual Madness @ Etsy
Virtual Madness @ EtsyVirtual Madness @ Etsy
Virtual Madness @ Etsy
Nishan Subedi
 
17. CodeIgniter login simplu cu sesiuni
17. CodeIgniter login simplu cu sesiuni17. CodeIgniter login simplu cu sesiuni
17. CodeIgniter login simplu cu sesiuni
Razvan Raducanu, PhD
 
Form demoinplaywithmysql
Form demoinplaywithmysqlForm demoinplaywithmysql
Form demoinplaywithmysql
Knoldus Inc.
 
Magento2&amp;java script (2)
Magento2&amp;java script (2)Magento2&amp;java script (2)
Magento2&amp;java script (2)
EvgeniyKapelko1
 
Building Large jQuery Applications
Building Large jQuery ApplicationsBuilding Large jQuery Applications
Building Large jQuery Applications
Rebecca Murphey
 
WordPress REST API hacking
WordPress REST API hackingWordPress REST API hacking
WordPress REST API hacking
Jeroen van Dijk
 
Bag Of Tricks From Iusethis
Bag Of Tricks From IusethisBag Of Tricks From Iusethis
Bag Of Tricks From Iusethis
Marcus Ramberg
 
Routing in Drupal 8
Routing in Drupal 8Routing in Drupal 8
Routing in Drupal 8
kgoel1
 
Mashing up JavaScript – Advanced Techniques for modern Web Apps
Mashing up JavaScript – Advanced Techniques for modern Web AppsMashing up JavaScript – Advanced Techniques for modern Web Apps
Mashing up JavaScript – Advanced Techniques for modern Web Apps
Bastian Hofmann
 
Building Persona: federated and privacy-sensitive identity for the Web (Open ...
Building Persona: federated and privacy-sensitive identity for the Web (Open ...Building Persona: federated and privacy-sensitive identity for the Web (Open ...
Building Persona: federated and privacy-sensitive identity for the Web (Open ...
Francois Marier
 
How to Create A Magento Adminhtml Controller in Magento Extension
How to Create A Magento Adminhtml Controller in Magento ExtensionHow to Create A Magento Adminhtml Controller in Magento Extension
How to Create A Magento Adminhtml Controller in Magento Extension
Hendy Irawan
 
Tidy Up Your Code
Tidy Up Your CodeTidy Up Your Code
Tidy Up Your Code
Abbas Ali
 
WordPress as an application framework
WordPress as an application frameworkWordPress as an application framework
WordPress as an application framework
Dustin Filippini
 
HTML::FormFu talk for Sydney PM
HTML::FormFu talk for Sydney PMHTML::FormFu talk for Sydney PM
HTML::FormFu talk for Sydney PM
Dean Hamstead
 
Drupal csu-open atriumname
Drupal csu-open atriumnameDrupal csu-open atriumname
Drupal csu-open atriumname
Emanuele Quinto
 
Curso Symfony - Clase 4
Curso Symfony - Clase 4Curso Symfony - Clase 4
Curso Symfony - Clase 4
Javier Eguiluz
 
Doctrine For Beginners
Doctrine For BeginnersDoctrine For Beginners
Doctrine For Beginners
Jonathan Wage
 

Similar to Drupal sins 2016 10-06 (20)

Routing in Drupal 8
Routing in Drupal 8Routing in Drupal 8
Routing in Drupal 8
 
Angular Workshop_Sarajevo2
Angular Workshop_Sarajevo2Angular Workshop_Sarajevo2
Angular Workshop_Sarajevo2
 
Virtual Madness @ Etsy
Virtual Madness @ EtsyVirtual Madness @ Etsy
Virtual Madness @ Etsy
 
17. CodeIgniter login simplu cu sesiuni
17. CodeIgniter login simplu cu sesiuni17. CodeIgniter login simplu cu sesiuni
17. CodeIgniter login simplu cu sesiuni
 
Form demoinplaywithmysql
Form demoinplaywithmysqlForm demoinplaywithmysql
Form demoinplaywithmysql
 
Magento2&amp;java script (2)
Magento2&amp;java script (2)Magento2&amp;java script (2)
Magento2&amp;java script (2)
 
Building Large jQuery Applications
Building Large jQuery ApplicationsBuilding Large jQuery Applications
Building Large jQuery Applications
 
WordPress REST API hacking
WordPress REST API hackingWordPress REST API hacking
WordPress REST API hacking
 
Bag Of Tricks From Iusethis
Bag Of Tricks From IusethisBag Of Tricks From Iusethis
Bag Of Tricks From Iusethis
 
Mashing up JavaScript
Mashing up JavaScriptMashing up JavaScript
Mashing up JavaScript
 
Routing in Drupal 8
Routing in Drupal 8Routing in Drupal 8
Routing in Drupal 8
 
Mashing up JavaScript – Advanced Techniques for modern Web Apps
Mashing up JavaScript – Advanced Techniques for modern Web AppsMashing up JavaScript – Advanced Techniques for modern Web Apps
Mashing up JavaScript – Advanced Techniques for modern Web Apps
 
Building Persona: federated and privacy-sensitive identity for the Web (Open ...
Building Persona: federated and privacy-sensitive identity for the Web (Open ...Building Persona: federated and privacy-sensitive identity for the Web (Open ...
Building Persona: federated and privacy-sensitive identity for the Web (Open ...
 
How to Create A Magento Adminhtml Controller in Magento Extension
How to Create A Magento Adminhtml Controller in Magento ExtensionHow to Create A Magento Adminhtml Controller in Magento Extension
How to Create A Magento Adminhtml Controller in Magento Extension
 
Tidy Up Your Code
Tidy Up Your CodeTidy Up Your Code
Tidy Up Your Code
 
WordPress as an application framework
WordPress as an application frameworkWordPress as an application framework
WordPress as an application framework
 
HTML::FormFu talk for Sydney PM
HTML::FormFu talk for Sydney PMHTML::FormFu talk for Sydney PM
HTML::FormFu talk for Sydney PM
 
Drupal csu-open atriumname
Drupal csu-open atriumnameDrupal csu-open atriumname
Drupal csu-open atriumname
 
Curso Symfony - Clase 4
Curso Symfony - Clase 4Curso Symfony - Clase 4
Curso Symfony - Clase 4
 
Doctrine For Beginners
Doctrine For BeginnersDoctrine For Beginners
Doctrine For Beginners
 

Recently uploaded

存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
fovkoyb
 
Explore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories SecretlyExplore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories Secretly
Trending Blogers
 
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
3ipehhoa
 
Search Result Showing My Post is Now Buried
Search Result Showing My Post is Now BuriedSearch Result Showing My Post is Now Buried
Search Result Showing My Post is Now Buried
Trish Parr
 
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
cuobya
 
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
eutxy
 
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
cuobya
 
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
3ipehhoa
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
ysasp1
 
Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!
Toptal Tech
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
cuobya
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
uehowe
 
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC
 
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
keoku
 
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfMeet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Florence Consulting
 
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
CIOWomenMagazine
 
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Brad Spiegel Macon GA
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
Laura Szabó
 
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdfJAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
Javier Lasa
 
7 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 20247 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 2024
Danica Gill
 

Recently uploaded (20)

存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
 
Explore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories SecretlyExplore-Insanony: Watch Instagram Stories Secretly
Explore-Insanony: Watch Instagram Stories Secretly
 
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
 
Search Result Showing My Post is Now Buried
Search Result Showing My Post is Now BuriedSearch Result Showing My Post is Now Buried
Search Result Showing My Post is Now Buried
 
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
假文凭国外(Adelaide毕业证)澳大利亚国立大学毕业证成绩单办理
 
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
一比一原版(LBS毕业证)伦敦商学院毕业证成绩单专业办理
 
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
制作毕业证书(ANU毕业证)莫纳什大学毕业证成绩单官方原版办理
 
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
 
Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!
 
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
可查真实(Monash毕业证)西澳大学毕业证成绩单退学买
 
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
 
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
 
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
 
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfMeet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
 
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
 
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
 
Gen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needsGen Z and the marketplaces - let's translate their needs
Gen Z and the marketplaces - let's translate their needs
 
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdfJAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
 
7 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 20247 Best Cloud Hosting Services to Try Out in 2024
7 Best Cloud Hosting Services to Try Out in 2024
 

Drupal sins 2016 10-06

  • 1. Drupal Sins How I learned to stop thinking and love sites that bomb. By: Aaron Crosman
  • 2. The Goal Provide a custom authentication solution that allows staff to have one backend and members another.
  • 3. The sinful solution During login form validation check to see if the user is a staff member, by authenticating the user, checking their groups, and logging out staff.
  • 4. Taken from a .module file /** * Prevents staff members from logging in outside of staff login page. <<-- Why? */ function my_auth_staff_boot($form, &$form_state) { // NOT actually a hook_boot (thankfully) called as login form validator... user_authenticate($form_state['values']); global $user; if (in_array('An Employee', $user->roles)) { form_set_error($form['#id'], l(t('Staff must log in via staff-login', 'staff-login')), TRUE); drupal_set_message('Staff must log in via ' . l(t('staff-login', 'staff-login')), 'error', TRUE); // Load the user pages in case they have not been loaded. module_load_include('inc', 'user', 'user.pages'); user_logout(); } }
  • 5. A Better Solution Mimic LDAP or GAuth Modules’ approaches. LDAP attaches a validator to the form and takes over authentication (there are lots of options so the code there is extensive). The GAuth module adds a submit button to the form and handles all processing for that form directly.
  • 6. GAuth Simplified /** * Implements hook_form_alter(). */ function gauth_login_form_alter(&$form, &$form_state, $form_id) { if ($form_id == 'user_login' || $form_id == 'user_login_block') { $form['submit_google'] = array( '#type' => 'submit', '#value' => t(''), '#submit' => array('gauth_login_user_login_submit'), '#limit_validation_errors' => array(), '#weight' => 1000, ); drupal_add_css(drupal_get_path('module', 'gauth_login') . '/gauth_login.css'); } }
  • 7. GAuth Simplified 2 /** * Login using google, submit handler */ function gauth_login_user_login_submit() { if (variable_get('gauth_login_client_id', FALSE)) { // .. skipping resource validation ... $client = new Google_Client(); // .. skipping client setup ... $url = $client->createAuthUrl(); // Send the user off to Google for processing drupal_goto($url); } // ... skip errors } From there we pass through a menu router from the main module, and an API hook to get...
  • 8. GAuth Simplified 3 function gauth_login_gauth_google_response() { if (isset($_GET['state'])) { // Skipping some error traps... $redirect_url = isset($state['destination']) ? $state['destination'] : ''; if (isset($_GET['code'])) { // Skipping a bunch of Client setup... $oauth = new Google_Service_Oauth2($client); $info = $oauth->userinfo->get(); if ($uid = gauth_login_load_google_id($info['id'])) { $form_state['uid'] = $uid; user_login_submit(array(), $form_state); // << That right there!! } else { // Skipping other options.... } } drupal_goto($redirect_url); // << be nice and handle the destination parameter } } <<Yeah I know three slides hardly counts as simplified.>>