By default we could put "lax" but in the preferences. This is easier for users to be able to change from the preferences.
ini_set('session.cookie_lifetime', 0); // Make session cookie persist until browser closes
ini_set('session.use_only_cookies', 1);
ini_set('session.use_trans_sid', 0);
ini_set('session.cookie_samesite', 'Lax'); // Allow cross-site requests while maintaining some security
'samesite' => 'strict',
'samesite' => 'Lax',
if (PHP_VERSION_ID >= 70300) {
$options = [
'lifetime' => $lifetime,
'path' => '/',
'domain' => XOOPS_COOKIE_DOMAIN,
'secure' => $secure,
'httponly' => true,
'samesite' => 'strict',
];
session_set_cookie_params($options);
} else {
session_set_cookie_params($lifetime, '/', XOOPS_COOKIE_DOMAIN, $secure, true);
}
What’s the best way to retrieve data from other modules in XOOPS? Should I be using the existing APIs, or is there another recommended method?
Is there a specific XOOPS function or best practice for interacting with the database across multiple modules? I want to ensure that my approach is clean and efficient.
use Xmf\Module\Helper;
// Get the helper for the 'news' module
$helper = Helper::getHelper('news');
// Get the handler for the 'story' object in the 'news' module
$storyHandler = $helper->getHandler('story');
// Define criteria for data retrieval
$criteria = new CriteriaCompo();
$criteria->setLimit(10); // Limit to 10 items
// Retrieve data objects
$newsItems = $storyHandler->getObjects($criteria);
// Loop through and display data
foreach ($newsItems as $newsItem) {
echo $newsItem->getVar('title');
}
How should I structure the permissions for users accessing this dashboard, especially considering the different access levels required for the different modules?
use Xmf\Module\Helper\Permission;
$permHelper = new Permission();
// Assuming you're in your custom module context
$moduleDirName = basename(dirname(__DIR__));
$helper = Helper::getHelper($moduleDirName);
$permHelper = new Permission($helper);
$permissionName = 'view_dashboard'; // Define your custom permission
$itemId = null; // Use null if not item-specific
$userGroups = $xoopsUser ? $xoopsUser->getGroups() : [XOOPS_GROUP_ANONYMOUS];
if ($permHelper->checkPermission($permissionName, $itemId, $userGroups)) {
// User has permission, display dashboard
} else {
// User doesn't have permission, show an error or redirect
redirect_header('index.php', 3, _NOPERM);
}
$modversion['config'][] = [
'name' => 'permissions',
'title' => '_MI_YOURMODULE_PERMISSIONS',
'description' => '_MI_YOURMODULE_PERMISSIONS_DESC',
'formtype' => 'group_multi',
'valuetype' => 'array',
'default' => [XOOPS_GROUP_ADMIN, XOOPS_GROUP_USERS],
];
$permHelper->savePermissionForItem('view_dashboard', $itemId, $groupIds);
// For the 'news' module
$newsHelper = Helper::getHelper('news');
$newsPermHelper = new Permission($newsHelper);
if ($newsPermHelper->checkPermission('view', $newsItemId, $userGroups)) {
// User has permission to view the news item
} else {
// Handle lack of permission
}
Are there any examples or tutorials for similar use cases (integrating data from multiple modules) that you could point me to?