Trace:

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
joomla:bethico40 [2021/12/31 14:37] Bernard Condraujoomla:bethico40 [2023/01/22 14:21] (current) – [Guides] Bernard Condrau
Line 6: Line 6:
   * [[https://docs.joomla.org/J4.x:Web_Assets/de|Web Assets]]   * [[https://docs.joomla.org/J4.x:Web_Assets/de|Web Assets]]
   * [[https://docs.joomla.org/Category:Joomla!_4.x|Joomla! 4.x]]   * [[https://docs.joomla.org/Category:Joomla!_4.x|Joomla! 4.x]]
 +  * [[https://docs.joomla.org/URLs_in_Joomla|URLs in Joomla]]
 +  * [[https://docs.joomla.org/Using_own_library_in_your_extensions/en|Using own library in your extensions]]
 +  * [[https://www.inmotionhosting.com/support/edu/joomla/joomla-4/joomla-http-headers/|Joomla 4 Security HTTP Headers]], then check [[https://securityheaders.com/|here]]
 +  * [[https://docs.joomla.org/Archived:How_to_implement_actions_in_your_code|How to implement actions in your code (Permissions)]]
  
 ===== Installation ===== ===== Installation =====
Line 14: Line 18:
 headers/style3/header.php headers/style3/header.php
 features/footer.php features/footer.php
 +features/logo.php
 css/custom.css css/custom.css
 js/custom.js js/custom.js
Line 22: Line 27:
   * Install //SP Page Builder 3.8.2 Free// or //Pro// and make the following changes:   * Install //SP Page Builder 3.8.2 Free// or //Pro// and make the following changes:
     - <color red>**Free:**</color> ''com_sppagebuilder/layouts/row/start.php'': set variable ''$video_loop'' to always 'loop' to allow looped videos on the site. You could also rename the file and override it in ''html/layouts/com_sppagebuilder/row/start.php'' (SP Page Builder does not allow overriding it's own layout files).     - <color red>**Free:**</color> ''com_sppagebuilder/layouts/row/start.php'': set variable ''$video_loop'' to always 'loop' to allow looped videos on the site. You could also rename the file and override it in ''html/layouts/com_sppagebuilder/row/start.php'' (SP Page Builder does not allow overriding it's own layout files).
-    - <color red>**Pro:**</color> SP Page Builder adds a custom Access Control Header which needs to be enabled on the server for correct CORS handling. The header is **X-CSRF-Token** and must be added to the server's Access-Control-Allow-Headers for preflight response. If you are unable to do so you need to modify the following files (see [[https://archive.joomshaper.com/forums/pagebuillder-pro-3-2-1-interfere-causes-error-request-header-field-x-csrftoken-is-not-allowed-by-access-control-allow-headers-in-preflight-response#205009|Request header field X-CSRFToken is not allowed by Access-Control-Allow-Headers in preflight response]]):<code>/components/com_sppagebuilder/sppagebuilder.php+    - <color red>**Pro:**</color> SP Page Builder Pro adds a custom Access Control Header which needs to be enabled on the server for correct CORS handling. The header is **X-CSRF-Token** and must be added to the server's Access-Control-Allow-Headers for preflight response. If you are unable to do so you need to modify the following files (see [[https://archive.joomshaper.com/forums/pagebuillder-pro-3-2-1-interfere-causes-error-request-header-field-x-csrftoken-is-not-allowed-by-access-control-allow-headers-in-preflight-response#205009|Request header field X-CSRFToken is not allowed by Access-Control-Allow-Headers in preflight response]]):<code>/components/com_sppagebuilder/sppagebuilder.php
 /components/com_sppagebuilder/controllers/page.php /components/com_sppagebuilder/controllers/page.php
 /components/com_sppagebuilder/addons/ajax_contact/site.php /components/com_sppagebuilder/addons/ajax_contact/site.php
 /components/com_sppagebuilder/addons/form_builder/site.php</code> /components/com_sppagebuilder/addons/form_builder/site.php</code>
-    - <color red>**Pro:**</color> SP Page Builder adds the custom Access Control Header with a call to jQuery.ajaxSetup(), which is not recommended by jQuery. In the process it also triggers that jQuery shipped with SP Page Builder is loaded after jQuery shipped with Joomla 4. Since SP Page Builder uses an ancient jQuery version 1.12 this breaks functionality with extensions which depend on more up to date jQuery versions, where jQuery widgets are usedIt is therefore recommended to remove the CSRF Token in ''/components/com_sppagebuilder/sppagebuilder.php''.+    - <color red>**Pro:**</color> SP Page Builder Pro adds the custom Access Control Header with a call to jQuery.ajaxSetup(), which is not recommended by jQuery. In the process it also triggers that jQuery shipped with SP Page Builder is loaded after jQuery shipped with Joomla 4. Since SP Page Builder uses an ancient jQuery version 1.12 this breaks functionality with extensions which use widgets depending on more up to date jQuery versions. You can fix this 2 ways: 
 +      - Rename or remove jQuery shipped with SP Page Builder: ''/components/com_sppagebuilder/assets/js/jquery.min.js'' 
 +      - Manually remove the CSRF Token in ''/components/com_sppagebuilder/sppagebuilder.php'' as described above. Just remember to redo this after updating SP Page Builder Pro.
   * Install //Akeeba 9.0.10// for Joomla 4 and enter the download ID   * Install //Akeeba 9.0.10// for Joomla 4 and enter the download ID
   * Disable the //SEF plugin// which messes with urls generated by //Bethico File Upload (based on jQuery File Upload)//   * Disable the //SEF plugin// which messes with urls generated by //Bethico File Upload (based on jQuery File Upload)//
Line 53: Line 60:
     * Define background image and video in section, then save it with video active. This will make sure the background image is shown when javascript is disabled, instead of a white area where the video should show.     * Define background image and video in section, then save it with video active. This will make sure the background image is shown when javascript is disabled, instead of a white area where the video should show.
   * Disable plugin //System - WebAuthn Passwordless Login//   * Disable plugin //System - WebAuthn Passwordless Login//
 +  * Site module should be enabled for all pages. mod_bethico_contact_form, for example, will not work if not enabled for the page where it is used.
  
 ===== Development ===== ===== Development =====
   * If a namespace changes during development, for example in the xml file, then you need to adjust the namespace in file ''/administrator/cache/autoload_psr4.php''   * If a namespace changes during development, for example in the xml file, then you need to adjust the namespace in file ''/administrator/cache/autoload_psr4.php''
 +
 +===== Login =====
 +  * If you need to change the site's Multi-Faktor Login credentials, you need to align the following:
 +  - File ''configuration.php'' variable ''$secret'' in your site root
 +  - Table ''#__user_mfa'' in the database
  
 ===== CORS - CSRF ===== ===== CORS - CSRF =====

Know How

© 2007-2024 Bernard Condrau - Powered by DokuWiki