Boy Baukema

Drupal 8: display user login in admin theme


Do you want your websites users to log in? For certain types you would, but often there is no need. The Ibuildings website does not allow you to register an account and log in. Why would it?

However by default Drupal 8 (and earlier) considers logging in on /user part of the frontend theme. This means that either you have to theme it or accept a horribly broken login page.

Or you could convince Drupal to apply the admin theme to user pages.

Lees meer

Working with entities in Drupal 7


Developers love object-oriented code. But how can this be achieved with Drupal 7 entities?

Lees meer
Boy Baukema

Drupal Security Lessons: XSS in field_display_label

BoyBaukemaSecurity, Drupal

This is the first blog post in what will hopefully become a new series where we look at old Drupal 7 & 8 security advisories (at least 3 months ago so they should be patched everywhere) and try to learn from the mistakes of others.

As a first post I'd like to pick an older vulnerability, one I've used in presentations to demonstrate how hard it can be to properly apply HTML encoding for Drupal.

Lees meer

My journey to core contribution mentoring

Chris JansenDrupal

With many, many open issues (15496 at the time of writing) for Drupal core alone and even more issues for all the contributed modules it can feel like a big hurdle to start contributing to the project.

Lees meer