gonssal

@datakick check this out for some profiling stuff: https://github.com/gonssal/thirtybees/tree/profiling-bar. I've been using it for some time, and I have a local version that improves the awful core custom error handler to show a nice profiling page on fatals, but I'm not developing it further. You can use the profiling-bar as a head start.

@gandalf well the Javascript way is an option, not ideal and easily broken depending on the user's input, but could work. I would probably combine the already mentioned tpl/form hooks, the actionCustomerAccountAdd hook and the other hooks provided by ObjectModel. No, I can't make an example, sorry. It's also very likely there's at least a module that already implements this without overrides.

I don't see the need for any button. You just cherry-pick the commits you want and create a patch with them, which is then automatically applied everytime you run Composer.

I use https://github.com/cweagans/composer-patches in the two installations I maintain.

@gandalf the Customer class extends ObjectModel, which provides multiple hooks through the object lifecycle. In your case you would be interested in actionObjectCustomerAddAfter and actionObjectCustomerUpdateAfter. Probably also actionObjectCustomerUpdateAfter to clean leftover data.

@angstony_2 That's clearly a problem with the homesliderpro module, nothing to do with TB's core.

SVG is a vectorial format and doesn't have "pixel density" like bitmap images. You can upload a 130x100px svg file (viewbox of that size) that looks perfect at 1300x1000px or 13000x10000px. The only thing I can tell you is that I can see both logos using Safari in my macOS VM, so maybe that iPad has an old Safari version. Your best bet is probably to run the SVG through svgomg. If that doesn't work, maybe disable lazy loading images just in case.

To me this looks like the ZIPs you are trying to install are not the themes themselves, but a package with the theme, its docs, graphic assets, etc... Most probably the theme is somewhere inside the ZIP, probably as another ZIP file. Like matryoshka dolls if you want. I'm also pretty sure the Template Monster guys have documented this somewhere, for example in a readme file inside the main ZIP file or somewhere in their website, probably after you purchase the theme. In any case you should ask them for support, that's why you pay.

/admin761q4ax/ajax-tab.php?rand=1539701051171:1 Failed to load resource: the server responded with a status of 500 (Internal Server Error) Check your server logs, there you'll have the error.

@rubben1985 If the step-by-step one is almost what you need, maybe you should use it and make the UI changes you want. You would ideally do it using a vcs (git) so you can apply module updates to your changes when they are released.

I can speak for Spain, Portugal and France. The thing here is that in these 3 countries we had privacy and ecommerce laws that predate all this GDPR nonsense and everyone abids by those laws and ignores the nonsense. Also, there's no culture of all the competition-suing stuff I've read in this thread. While it happens, specially between big businesses, it's not common and in general small shops are left alone to do their thing. They'll have time to care about legalities when they actually grow and make money. Personal data privacy is the only thing taken seriously and it also predates the GDPR; in general you only need to declare a "file" owned by your company stating which personal data you gather to the respective Data Protection Agency, which is free. On the delivery time issue, it's always been enough to have a "Delivery in 24-48h" or "Delivery in at most 72h" in your shop's footer or somewhere else, for example in a specific "Selling conditions" page. And about the cookies, I never put the dreaded "I accept cookies" popup unless requested by the client (I always ask them if they want to). In my (non-lawyer, although corroborated by some field experts I've met over the years) opinion, it is not required if you explain your cookies usage in your privacy policy or in a specific cookies page, and make the user accept your policy if they actually create an user account. In Spain an IP address is not considered personal information and, even if it was, it would still be lawful to gather it stating "functional or security" reasons, like for example avoiding DDoS attacks or having server logs. Not only that, but in websites allowing user comments (or other content, like images), it is mandatory to store an IP address in case something unlawful is sent, so it can be prosecuted. My 2 cents.

Can we stop saying that deprecations mean the software is "not compatible" with a given version of a programming language? Deprecations are a way to warn developers that some functionality will most probably get removed in a future version, and deprecation messages should never show up in a properly configured production server. thirty bees' own code has plenty of deprecations (search for @deprecated in the code), does that mean that the deprecated code is "not compatible" with the rest of thirty bees? No, it means that it will most probably be removed in a future version while it still works perfectly fine.

I think that, sadly, it's pretty clear the merging functionality needs to be used to avoid breaking modules that allow uploading stuff into the module's folder. This is one of those baggage things from PS that can't be avoided for now.

@radell As can be seen in the password_hash function call's second parameter, the type of encryption (hashing, really) is bcrypt, which is an open specification. I'm pretty sure there's plenty of libraries for javascript and probably even some Angular-specific ones for it.

@radell Hi there. md5 was the old, insecure way of hashing passwords. The legacy code is still present, but right after a user with an old hash logs in, it is converted to the new format, that uses the built-in PHP function password_hash, as follows: php password_hash($password, PASSWORD_BCRYPT) In the same way, to verify a password you should use the password_verify function: php password_verify($provided_password, $user_password_in_db) Needless to say, if there's still any user with the old md5 hash, the password verification will return false.