DRUPALDEALS.COM

LN Webworks: The Admin Toolbar - A Phenomenal Drupal Module for Website

Drupal is a cutting-edge content management system (CMS) with many marvelous features and functionalities. Some are centered around causing customer delight while others are focused on promoting the ease of administration. The admin toolbar module is a remarkable feature that has simplified the lives of site admins worldwide and has made a special place in the heart of every Drupal company. It can help you easily navigate to your desired destination, assign user permissions, and organize administrative links into submenus.

The best part is that you can use this Drupal module on all types of devices irrespective of their screen sizes. Are you already feeling captivated by the magic of the admin toolbar module? What we have discussed by far is just the tip of the iceberg. There is a lot more about this phenomenal Drupal module that we’ll discuss further in this blog.

Droptica: Recurring Payments in Drupal Commerce with PayPal. How to Set Up the Braintree Module?

Would you like to offer a recurring payment option in your online store? If so, this article is for you. You'll learn how to configure the Drupal Commerce Braintree module enabling payment processing through the Braintree gateway, how to link it to your PayPal account, and how to test and successfully launch this solution on your Drupal platform for online selling.

Samuel Mortenson: Meet Bookish, an install profile for static Drupal blogs

For the last four years I’ve been working on a static site generator for Drupal called Tome. Unlike other generators Tome uses “vanilla” Drupal, which means that if you know how to build a Drupal site, you know how to build a Tome site! One downside of this is that when comparing a default install of Drupal with a default install of something like Gatsby, Drupal looks pretty outdated. I wanted to show Tome off but couldn’t do it well with core, so I decided to focus my energy on a new install profile for static blogs - Bookish.

Samuel Mortenson: Drupal security testing for everyone

I've just published a new project for performing static application security testing (SAST) on Drupal sites, mortenson/psalm-plugin-drupal. Using Psalm, custom plugins, funky scripts, and a lot of elbow grease, I think I have something that will help everyone write safer Drupal code.

Samuel Mortenson: Promoting jQuery JSON to JSONP to trigger XSS

I’ve done quite a bit of security research for Drupal, and one area of exploitation that I often come back to is the AJAX API. Drupal’s AJAX API is built on top of jQuery, and lets developers easily add interactive behavior to the frontend.

Samuel Mortenson: Drupal Services SQL injection - don't trust abstractions

Drupal doesn’t have many SQL injection vulnerabilities anymore, at least not since the original Drupalgeddon was released into the wild. So what makes Drupal so safe? Abstractions of course! The database abstraction layer or “DB layer” is used throughout core and contrib to make all sorts of database calls in a way that’s easy to understand and relatively secure. On top of that, now-a-days most code only needs to use the Entity API, which is another huge abstraction on top of the DB layer.

Samuel Mortenson: Drupal services private file access bypass via IDOR

There’s a feature in Drupal that not a lot of people know about, but is a great target for security research - private files. Private files allow you to upload files to a non-public directory on your server, then serve them through Drupal instead of through your HTTP server. Drupal is then able to check access for files to determine if the current user can download them.

Samuel Mortenson: Making a multiplayer game with Go and gRPC

Recently I’ve started to pick up a new programming language, Go, but have struggled to absorb lessons from presentations and tutorials into practical knowledge. My preferred learning method is always to work on a real project, even if it means the finished work has loads of flaws.

Samuel Mortenson: Building my site with Tome and Single File Components

I've just finished re-building my site using Tome and Single File Components (SFC), two Drupal projects I maintain and wanted to test out on a real site. If you're reading this post, you're already on my new website! Hope it's working OK so far.

Samuel Mortenson: Simplifying Drupal frontend with Single File Components

I’ve been thinking about ways to make Drupal frontend easier recently, and have been working on an experimental module called Single File Components (SFC), which lets you put your CSS, JS, Twig, and PHP in one file. If you want to skip the blog (😭) you can just check out the project at https://www.drupal.org/project/sfc. The main problems with Drupal frontend SFC aims to help with are:

Subscribe to