joomla/Component-Builder
joomla
/
Component-Builder
38
20
Fork 11
Code Issues 54 Pull Requests Projects 3 Releases Wiki Activity

Updated 055 Dynamic File and Folder Inclusion concept (markdown)

Amigo 2019-09-09 09:07:05 +02:00
parent 209bbcc55e
commit 19a3b9f663
1 changed files with 13 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
055-Dynamic-File-and-Folder-Inclusion-concept.md

@ -5,9 +5,9 @@
[00:00:00](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h00m00s)
(_Click on these time links to see Youtube video_)
I would like to introduce you to a feature that we have been working on for quite some time now. Most of the features already existed for quite a while. It is just that I have been trying to make it stable so that it will work well. [00:00:32](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h00m32s) In doing so I had to extend it a bit. This feature has two or three concepts that I would like to explain. [00:00:49](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h00m49s) It is about adding dynamic files, folders or even external files which maybe is on a website or on GitHub, and you want the content from that file and add it as code or even as a file to your system.[00:01:17](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h01m17s)
I would like to introduce you to a feature that we have been working on for quite some time now. Most of the features already existed for quite a while. It is just that I have been trying to make it stable so that it will work well. [00:00:32](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h00m32s) In doing so I had to extend it a bit. This feature has two or three concepts that I would like to explain. [00:00:49](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h00m49s) It is about adding dynamic files, folders or even external files which might be on a website or on GitHub, and you want the content from that file and add it as code or even as a file to your system.[00:01:17](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h01m17s)
I am working with components that are pulling data from all over the place. Most of these features are really what I needed to get projects going. There is a feature that can be used to add files and folders. This feature has always been there. [00:02:03](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h02m03s) But currently I have expanded this by adding an Advance tab to this feature. It got this Basic tab which is the normal one. I did explain in previous tutorials, how you get these files.
I am working with components that are pulling data from all over the place. Most of these features are really what I needed to get projects going. There is a feature that can be used to add files and folders. This feature has always been there. [00:02:03](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h02m03s) But currently I have expanded this by adding an 'Advance' tab to this feature. It got this Basic tab which is the normal one. I did explain in previous tutorials, how to get these files.
### New Area - Advance
@ -31,9 +31,9 @@ Then you need to still set the target path and relation to the ZIP package. You
[00:05:53](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h05m53s)
When JCB detects that you are not targeting the normal Admin, Media or Site Folders, which is not part of the expected component package folders, it will add a little script to the script install.[00:06:28](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h06m28s) So that it move this folder into its correct place upon installation of the component or whether the component is updated. I have the script file for Component Builder open and I am going to scroll down. [00:06:58](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h06m58s) This new little script is way at the bottom, (setDynamicF0ld3rs) it does not conflict with any other method at any time. It gets the details from the above methods. Then it checks whether the folders get the dynamic install folder. It checks whether there is more than one. Then [00:07:29](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h07m29s) if it is one of these Media, Admin, or Site, it ignores it, because those already being dealt with by Joomla. If it is not, it moves it into its correct place. This is a dangerous feature, you must use this with caution because you can literally grab with this new function, anything anywhere from your Joomla website and overwrite it anywhere on the users installation website, which could be problematic.[00:07:59](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h07m59s) Something you should not do unless it is your right to do so.
When JCB detects that you are not targeting the normal Admin, Media or Site Folders, which is not part of the expected component package folders, it will add a short script to the script install.[00:06:28](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h06m28s) So that it move this folder into its correct place upon installation of the component or whether the component is updated. I have the script file for Component Builder open and are going to scroll down. [00:06:58](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h06m58s) This new short script is way at the bottom, (`setDynamicF0ld3rs`) it does not conflict with any other method at any time. It gets the details from the above methods. Then it checks whether the folders get the dynamic install folder. It checks whether there is more than one. [00:07:29](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h07m29s) Then if it is one of these Media, Admin, or Site, it ignores it, because those already being dealt with by Joomla. If it is not, it moves it into its correct place. This is a dangerous feature, you must use this with caution because you can literally grab with this new function, anything anywhere from your Joomla website and overwrite it anywhere on the users installation website, which could be problematic.[00:07:59](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h07m59s) Something you should not do unless it is your right to do so.
This is the new feature in dynamic movement of folders and files.[00:08:25](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h08m25s) What makes this all so nice is if you are using these constants in the naming of your paths, if you export a JCB package and you import it at another JCB install, it remaps these files. It export them, remaps them and moves them back into place on the other install. That really makes it very comfortable in working in a team and you want to have these files always to be the same everywhere.
This is the new feature in dynamic movement of folders and files.[00:08:25](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h08m25s) What makes this all so nice is if you are using these constants in the naming of the paths, if you export a JCB package and you import it at another JCB install, it remaps these files. It export them, remaps them and moves them back into place on the other install. That really makes it very convenient when working in a team where you want to have these files always to be the same everywhere.
### Heads Up - Consider With Whom You Are Sharing Packages - Part Of Security
@ -48,7 +48,7 @@ This is the new feature in dynamic movement of folders and files.[00:08:25](http
The other aspect which I mentioned earlier, where you are able to get content from anywhere works as follows. So anywhere in any custom area of JCB, where you can add a custom script, you can also use this 'EXTERNALCODE' Snippet. Now, this could be a URL or it could be a folder in your system. This folder does not yet work with Constants. It needs to be exact for the path at this stage but the reality is that with this EXTERNALCODE concept, you can take for example the variable from a Gits snippet. [00:10:36](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h10m36s)
Let me illustrate. Here is what I have called 'fancydate' which is a few static functions that are not wrapped in the class yet. It is outside a class because I want to include it in my helper class with the snippet, that I can have others work with me on this code on GitHub. [00:11:07](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h11m07s) If any changes are made to this code, it automatically updates my system. Now there might be some security concern in doing it. But a few tricks have been added in the compiler to notify you if there has been a change to the code. [00:11:36](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h11m36s)
It means that the first time you use that snippet to include this snippet that you have got here, you do something like 'Raw'. Here is a text file. Grab that URL(see video) an add it like this. [00:12:11](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h12m11s) Currently it is bound to a specific version which if anybody makes a change to the snippet, you will not get the new version. Well, that is the way to lock it in. But if you want it to be dynamic, you can remove a part of this(see video) and then you can use it like that.
It means that the first time you use that snippet to include this snippet that you have got here, use the 'Raw' function. Here is a text file. Grab that URL(see video) an add it. [00:12:11](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h12m11s) Currently it is bound to a specific version which if anybody makes a change to the snippet, you will not get the new version. Well, that is the way to lock it in. But if you want it to be dynamic, you can remove a part of this(see video) and then you can use it like that.
### Specific Piece Of Text Dynamically Added To The Back End Of Component Builder
@ -60,7 +60,7 @@ Now this specific piece of text that you see here, will dynamically be added to
[00:13:19](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h13m19s)
Go to the Compiler. The moment it is compiled, it should indicate that this kind of external code has been added to your component. If not something is wrong. It is supposed to tell you the first time you have added the snippet because it creates a hash of that snippet. [00:13:43](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h13m43s) In the future if it changes, you get notified. When we grab the snippet from Github and anybody in the middle tampers with it, it will notify you that the snippet was changed. If you know that it should have changed because you made a change to the Gits snippet or someone else in your team did, [00:14:15](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h14m15s) then obviously you can be expecting that. You could still for safety sake go check in the code of the component where the snippet is being added to ensure that it is still accurate. Let's compile this.
Go to the Compiler. The moment it is compiled, it should indicate that this kind of external code has been added to your component. If not, something is wrong. It is supposed to tell you the first time you have added the snippet because it creates a hash of that snippet. [00:13:43](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h13m43s) In the future if it changes, you get notified. When we grab the snippet from Github and anybody in the middle tampers with it, it will notify you that the snippet was changed. If you know that it should have changed because you made a change to the Gits snippet or someone else in your team did, [00:14:15](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h14m15s) then obviously you can be expecting that. You could still for safety sake go check in the code of the component where the snippet is being added to ensure that it is still accurate. Let's compile this.
### When Compile Two Messages Are Relevant To The Issue
@ -68,31 +68,26 @@ Go to the Compiler. The moment it is compiled, it should indicate that this kind
[00:14:34](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h14m34s)
So we see two messages that are relevant to the issue at hand. The one deals with this folder which when it is placed in the Library folders and every time you would compile, it will notify you that it has been done. It will tell you that it has detected it and it has added the script to the script PHP. [00:15:11](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h15m11s) This first line here(see video), is showing you the snippet, and it is telling you there it has been added for the first time, and that you should examine it to ensure the correct code string was used. You should go to the place where the compiled package, where this should have been added, go and check that it is the correct, that what you see here on GitHub, the string here, [00:15:44](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h15m44s) is also what you going to see in the code.
So we see two messages that are relevant to the issue at hand. The one deals with this folder which when it is placed in the Library folders and every time you would compile, it will notify you that it has been done. It will tell you that it has detected it and it has added the script to the script PHP. [00:15:11](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h15m11s) This first line here(see video), is showing you the snippet, and it is telling you there it has been added for the first time, and that you should examine it to ensure the correct code string was used. You should go to the place where the compiled package, where this (follow on video) should have been added, go and check that it is correct, that what you see here on GitHub, the string here, [00:15:44](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h15m44s) is also what you going to see in the code.
* Second Message
[00:15:51](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h15m51s)
Every time thereafter it should give you this little message here. It should tell you how many code strings are being added to this component as an external code, and to avoid shipping your component with a malicious code string, always make sure that the correct code string values are used. If we detect a change, it will also notify you. <<<<<<<<<<<<<<<<<
Every time thereafter it should give you this little message here. It should tell you how many code strings are being added to this component as an external code, and to avoid shipping your component with a malicious code string, always make sure that the correct code string values are used. If we detect a change, it will also notify you.
### Do As Note Says: Check If It Is The Correct Code
[00:16:16](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h16m16s)
Let's go and check that it is the correct code. In in the ZIP package we see that this `library` folder has been added. Go to the `admin area`, `helpers`, open Component Builders `helper` file where I added the snippet. Let's just open that and then here we have it, `fancydate`, and `fancydatetime`. [00:16:53](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h16m53s) This whole selected area(see video) was taken from GitHub and put in the component. I am going to make a change to this snippet on GitHub. I'm going to just do something small so that we can see what happens if a change is made to this code, and how JCB responds. I am just adding this [00:17:20](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h17m20s) new short string saying (change was made) and click on this 'Updates Public Gist'. So it now tells us that it has been revised for a second time, and a change was made. Now let's compile the component without doing anything else, just make the changes here on GitHub, then go back to the component and compile it. We are selecting this and Compile. [00:17:51](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h17m51s) Some spacing between the messages should be added. It does not always seem clear enough that the messages are not related to each other like here it is showing that other message again. You might miss that. I need to give attention to this.
Let's go and check that it is the correct code. In the ZIP package, we see that this `library` folder has been added. Go to the `admin area`, `helpers`, open Component Builders `helper` file where I added the snippet. Let's just open that, `fancydate`, and `fancydatetime`. [00:16:53](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h16m53s) This whole selected area(see video) was taken from GitHub and put in the component. I am going to make a change to this snippet on GitHub. I'm going to just do something small so that we can see what happens if a change is made to this code, and how JCB responds. I am just adding this [00:17:20](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h17m20s) new short string saying (change was made) and click on this 'Updates Public Gist'. So it now tells us that it has been revised for a second time, and a change was made. Now let's compile the component without doing anything else, just make the changes here on GitHub, and go back to the component and compile it. We are selecting this and Compile. [00:17:51](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h17m51s) Some spacing between the messages should be added. It does not always seem clear enough that the messages are not related to each other like here it is showing that other message again. You might miss that. I need to give attention to this.
### Warnings Area
[00:18:12](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h18m12s)
Here in the warnings area we see that it has changed since the last compilation. Please examine that to ensure that change is safe. That means JCB has automatically detected that the snippet that you originally added has actually been updated. At this point we anticipated that so. If we go and look at the code, we see that it just added this 'change was made'. [00:18:49](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h18m49s) The rest of it is exactly the way we want it. Everything is fine, it is a change we anticipated.<<<<<<<<
Here in the 'Warnings' area, we see that it has 'changed' since the last compilation. Please examine that to ensure that change is safe. That means JCB has automatically detected that the snippet that you originally added has actually been updated. At this point, we anticipated that so. If we go and look at the code, we see that it just added this 'change was made'. [00:18:49](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h18m49s) The rest of it is exactly the way we want it. Everything is fine, it is a change we anticipated.
We know that nobody else has tampered with the script. Neither was there a man in the middle attack. In any case if there is someone tampering with the script, it will end up as a string. Let's say they put something in here it will do [00:19:16](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h19m16s) something like that whatever they put in, and you will see this error in your file. That's how it will play out. In the actual reality JCB will detect that, it will see that the hash for the script is changed, and it will notify you with that message. I'm going to do my part and trying to make sure that it's more obvious you won't miss that message, when you use this kind of implementation, [00:19:52](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h19m52s) it is not the most ideal implementation. It's just that sometimes we want included an external value in our component which is dynamically changing. We want to do it without really thinking about it all the time. This is what this feature is ideal for. Use it with caution and know what you are doing or don't use it at all.
That was a quick overview [00:20:21](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h20m21s) of the new folder file inclusion, as well external code inclusion features which I really trust would be useful to you. It's powerful tools. I realize there are the danger of it being abused. But at the same time I think component development works upon reputation and if you want to have a good [00:20:54](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h20m54s) reputation in the community, you shouldn't do anything that will hurt others or damage their contribution, and their applications but you should steer within the parameters of your own component, and your own implementation. In any case because people are going to look at your code they are going to unzip your package they are going to see if you're doing things that are not [00:21:22](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h21m22s) good. They're going to notice that and your reputation will get hurt. That's the last thing you would want when you're developing components for Joomla.
Nobody else has tampered with the script. Neither was there a man in the middle attack. In any case, if there is someone tampering with the script, it will end up as a string. If for instance something is put in here it will show this error in your file. [00:19:16](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h19m16s) JCB will detect that and will see that the hash for the script is changed, and it will notify you with that message. Sometimes we want to include an external value in our component which is dynamically changing and want to do it without really thinking about it all the time. This is what this feature is ideal for. Use it with caution and know what you are doing or do not use it at all.
[00:20:15](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h20m15s)
That was a quick overview of the new folder file inclusion, as well as the external code inclusion features which I really trust would be useful to you. It is a powerful tool. I realize there is the danger of it being abused but at the same time I think component development works upon reputation and if you want to have a good [00:20:54](https://www.youtube.com/watch?v=_c7wzW075lA&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h20m54s) reputation in the community, you should not do anything that will hurt others or damage their contribution, and their applications but you should steer within the parameters of your own component, and your own implementation.