xoops forums

Forum Index


Board index » All Posts (geekwright)




geekwright

Quite a regular
Posted on: 4/25 21:16
geekwright
geekwright (Show more)
Quite a regular
Posts: 210
Since: 2010/10/15
#1

Switching to https

Switching the scheme an existing XOOPS installation from http to https is a common concern. XOOPS developers have been investigating ways we can assist in making this transition easier for the XOOPS webmasters everywhere. In this post we will introduce two new tools that can help us in achieving that goal.

Let's review the basic recommended process for switching a site from http to https:

Before you make any changes, make a backup! It may take a few minutes to download a copy of your site and its database, but those minutes are nothing compared to the hours it may take to recover from a mistake, or even worse losing all of your content. Do backups for safety before changing anything.

1) Enable SSL on your domain. To achieve this, you typically need to work with (or possibly change) your hosting provider to adjust the configuration and install the needed certificate. We really cannot help much with this layer, but it is a prerequisite to achieving the change to the https scheme.

2) Review the files that make up your site, both PHP code and templates, looking for explicit "http://" references. This may be easiest with an editor/IDE intended for developers - examples are any IntelliJ product, Eclipse, Sublime Text, Kate, Notepad++. The hardcore geek may find grep, sed and vi to be the best tools, but most of us will appreciate the GUI based search and replace across multiple files that these editors make available.

You need to identify and change (to https) any direct links into your site using http as well as any assets such as js, css or similar files directly loaded with an http URL. These can easily creep in with things such as CDN, sharing services, font servers. All these will need to be changed to https. Remember, what we want to change are links to our own site, and any assets which may be included when our site builds its pages. We don't need to change things like links to pages on other websites.

3) Update the XOOPS_URL definition in your site's mainfile.php to start with "https://" This will cause any URL's generated by XOOPS to start using the https scheme.

At this point, your site should be trying to use SSL, but will in all likelihood have issues -- broken images, errors and warnings in the browser console, etc. Don't worry, this is normal at this point.

4) Update any http links to resources on your site in your database. This can be a huge effort, and this is the focus of one of our new tools.

Interconnect/it has a product called Search-Replace-DB which can help with this. It comes with awareness of Wordpress and Drupal environments built in. As is, this tool can be very helpful, but it is even better when it is aware of your XOOPS. You can find a XOOPS aware version at https://github.com/geekwright/srdb

Follow the instructions in the README.md file to download and temporarily install this utility on your site. In step 3, we changed the XOOPS_URL define. When you run this tool, you want to replace the original XOOPS_URL definition with the new definition, i.e replace http://example.com with https://example.com

Enter your old and new URLs, and choose the dry run option. Review the changes, and if everything looks good, go for the live run option. This step will catch configuration items and links inside your content that refer to your site using http.

Another way to accomplish this step without the srdb tool would be to dump your database, edit the dump in a text editor changing the http URLs to https, and then reloading the database from your edited dump. Yes, that process is involved enough and carries enough risk that people were motivated to create specialized tools such as Search-Replace-DB.

5) Redirect any http traffic to your website to the https version. Since you can't go out and change everyone's bookmarks and links to your site, you will need to redirect these requests as they reach your site. Your webserver usually has the best tools to accomplish that. Your sever has the ability to establish rewrite rules that will redirect the traffic as appropriate. These will vary according to your exact server configuration. There are many tutorials and quick fix recipes out there.

If for some reason, you cannot use rewrite rules, there is a way to do the required redirection in XOOPS. We can accomplish this by adding some code to your mainfile.php file. The code we will be adding can be found at https://gist.github.com/geekwright/5cc0b93b41b9515b3f06ad3d6b9dd772

Add the code from that Gist (without the opening php tag) directly under the line in your mainfile.php that defines XOOPS_URL. Then, if the scheme of the current transaction does not match the scheme specified in XOOPS_URL, the current transaction will result in a 301 (Permanently Moved) redirect to the URL with the appropriate scheme.

With the 301 status return, search engine crawlers will quickly re-index your content, and existing indexed links will still lead to the correct content.

6) Clear caches in XOOPS and your browser, then test and enjoy your new SSL enabled site. Don't forget to remove srdb once you have verified everything is working.

7) Please share your experiences with the community so we can continue to make this easier for XOOPS webmasters!

XOOPS Resources:
srdb - https://github.com/geekwright/srdb
301 redirects in mainfile - https://gist.github.com/geekwright/5cc0b93b41b9515b3f06ad3d6b9dd772

Rewrite rules:
Apache - http://httpd.apache.org/docs/2.4/rewrite/
Nginx - https://www.nginx.com/blog/creating-nginx-rewrite-rules/
IIS - https://www.iis.net/learn/extensions/u ... or-the-url-rewrite-module


geekwright

Quite a regular
Posted on: 4/21 18:42
geekwright
geekwright (Show more)
Quite a regular
Posts: 210
Since: 2010/10/15
#2

Re: Profile module translation?

There is an example in xswatch in XOOPS 2.5.9 that you could adapt to what you need:
https://github.com/XOOPS/XoopsCore25/b ... atch/tpl/nav-menu.tpl#L16


geekwright

Quite a regular
Posted on: 4/15 11:00
geekwright
geekwright (Show more)
Quite a regular
Posts: 210
Since: 2010/10/15
#3

Re: Profile module translation?

That constant is only used during the install.

After that, you can change it to anything you want in the profile module administration. Just edit the category and change the title.


geekwright

Quite a regular
Posted on: 3/22 12:38
geekwright
geekwright (Show more)
Quite a regular
Posts: 210
Since: 2010/10/15
#4

Re: WTF Shareoholic!

You will need to set up an "Inline App"

Down at the bottom of the Site Tools Dashboard there is a drop down labeled "Add Inline App Location" - select the "Share Buttons" option. You can control what services are included, styles, alignment, etc.

You may have to edit the individual templates to add the new data-app-id to see the results. There is some default behavior going on there, but I don't know the rules for sure.


geekwright

Quite a regular
Posted on: 3/22 11:32
geekwright
geekwright (Show more)
Quite a regular
Posts: 210
Since: 2010/10/15
#5

Re: WTF Shareoholic!

Shareaholic is the service used by xBootstrap to provide the social links for sharing content. You see those when viewing an item in Publisher, as an example.

Shareaholic has added new options and the default settings are resulting in that pop up ad section.

You can remove the Shareaholic code as sabahan mentions above. That will kill the ads and the social links.

If you want to preserve the social links, you can create an account and register your site on shareaholic.com to take control of the settings.

Once you have registered your site, edit themes/xbootstrap/tpl/shareaholic-script.tpl

Find the line reads:
var apikey = '4b44261173043ae4c20b8aef56d4521d';

Change that 4b44261173043ae4c20b8aef56d4521d to the site id Shareaholic generated for your site.

You can then change the settings for the site in the Site Tools Dashboard (i.e. turn off Anchor Overlay Ads.)

You can also customize the social links by creating an Inline App. To implement these changes, edit the template you want to customize (i.e. in themes/xbootstrap/modules/publisher/publisher_item.tpl). Locate the div with these attributes :
class='shareaholic-canvas' data-app='share_buttons' data-app-id='482507'

Replace that line with the code snippet generated by Shareaholic for your inline app.

The current plan for the next release will change this feature in xBootstrap to require explicit opt-in, requiring the admin to supply the site id.


geekwright

Quite a regular
Posted on: 3/2 17:02
geekwright
geekwright (Show more)
Quite a regular
Posts: 210
Since: 2010/10/15
#6

Re: Bulk user registration with xoops 2.5.8.1

Try this script: import_users.php

It uses system handlers, so it should work in more modern systems.


geekwright

Quite a regular
Posted on: 2/22 23:43
geekwright
geekwright (Show more)
Quite a regular
Posts: 210
Since: 2010/10/15
#7

Re: mysql_real_escape_string XOOPS replacement ?

The BEST way is to do this:
$employee_id $xoopsDB->escape($_GET['id']);


That will continue to work no matter what the underlying database driver is in the future.

Quote:

mjoel wrote:
since mysql_real_escape_string is deprecated

if i have this code
$employee_id mysql_real_escape_string($_GET['id']);

what should i replace it with


geekwright

Quite a regular
Posted on: 2/20 22:44
geekwright
geekwright (Show more)
Quite a regular
Posts: 210
Since: 2010/10/15
#8

Re: mysql query with XOOPS 2.581

There was a stray semicolon in while condition. This should do it.

$result $xoopsDB->query('SELECT * FROM ' $xoopsDB->prefix('myunit')); 
if (
$result===false) { 
    die(
$xoopsDB->error()); 
}
while (
$row $xoopsDB->fetchArray($result)) {
    echo 
'<option value="' $row['list_unit'] . '">' $row['list_unit'] . '</option>'
}


geekwright

Quite a regular
Posted on: 2/20 19:47
geekwright
geekwright (Show more)
Quite a regular
Posts: 210
Since: 2010/10/15
#9

Re: Just not good enough?

We spend a great deal of effort in our coding and testing to make sure that there is a path forward from version to version. There will be hicups from time to time, but in the end, things work.

As an example, this site is running our current development branch of XOOPS 2.5.9, currently still in a beta stage. It is near release, but not quite. This site has data preserved over many years, moving forward with each new version. We have a great deal of confidence in our product.

Here are a few things to keep in mind as you plan your upgrade.

Make backups of your full site and your database before starting. You can always restore service by restoring you backups if things don't work as expected.

Check for more current versions of the modules you use. Newer versions of modules may fix issues that occur because of changing technologies, or be tailored specifically to support newer versions of XOOPS. Start with upgrading XOOPS, and then update the modules individually. Most modules have the same attention paid to upgrades as XOOPS does.

As a community, we have a lot of experience in upgrading, and most of us are happy to share our expertise and help out.

Looking at your site (BTW, that is an awesome topic focus!) it looks like it should go smoothly. XOOPS 2.5.1 is old, but no where near the oldest we've seen. And the modules you use are still maintained and have recent updates.

If you decide to go ahead with an upgrade, your site could be responsive and mobile ready fairly quickly.


PS - regarding the long lines on preview, there seems to be a simple template issue in newbb, nothing to serious and it should be resolved soon.


Quote:

LonesomeTwin wrote:
Hello everybody.

I'm looking to upgrade my old forum site so that it has more web content and more importantly works well on a smartphone. It's currently V2.5.1a, is it safe/possible to upgrade it to a newer version and then install a responsive theme over it without losing all the posts? While I'm at it would also like an auto-resizer so that people don't keep downloading 2M pics because they can't resize them themselves. One option I've been exploring is redoing the whole thing in Wordpress and then trying to port the database over, but WP forums are pretty rubbish.

Many thanks for any input - Steve

The Lonesome Twin

ps. On previewing this post the text box spread over the edge of the screen, doesn't inspire confidence.


geekwright

Quite a regular
Posted on: 2/20 18:39
geekwright
geekwright (Show more)
Quite a regular
Posts: 210
Since: 2010/10/15
#10

Re: mysql query with XOOPS 2.581

As of version 2.5.8, XOOPS no longer uses the deprecated mysql extension, so the mysql connection that is required for calls like mysql_query() does not exist. This change was required to make XOOPS work with PHP 7.0 and above, where the mysql extension was removed. (See this page on supported versions of PHP to understand why that is important. Time is running out for PHP 5.)

The best approach in this case is to rewrite the code to use the standard database connection calls. It would look something like this (not tested, just off the cuff.)

$result $xoopsDB->query('SELECT * FROM ' $xoopsDB->prefix('myunit'));
if (
$result===false) {
    die(
$xoopsDB->error());
}
while (
$row $xoopsDB->fetchArray($result);) {
    echo 
'<option value="' $row['list_unit'] . '">' $row['list_unit'] . '</option>';
}


Quote:

mjoel wrote:
I have this query code in one of my custom page in XOOPS 2.572..and its working fine but when i upgraded to XOOPS 2.581 recently this no longer work..the page is not fully load and it stopped at this query

$resultmysql_query("SELECT * FROM ".$xoopsDB->prefix("myunit")." ") or die(mysql_error());  
        while (
$row mysql_fetch_assoc($result)) { 
            echo 
'<option value="' $row['list_unit'] . '">' $row['list_unit'] . '</option>';
        } 
        
?>


what might be the problem ?



TopTop
(1) 2 3 4 ... 12 »