Fork me on GitHub

Sunday, October 29, 2023

Blog / General / Long way to FlatPress 1.3: Current status

Long way to FlatPress 1.3: Current status

2023-10-29_coding.jpg
Image: ‘Coding Javascript’ by Christiaan Colen - licensed under CC BY-SA 2.0. Real coders use green on black!^^

Hey folks, quite some time has passed since the release of our last FlatPress version 1.2.1. And often the obvious question has been asked: β€œWhen will FlatPress 1.3 finally be released?”

Today, I’d like to give you an overview over the current status of development.

tl;dr: FlatPress 1.3 is almost ready, but a few annoying problems are still holding us back from releasing it. We ask for your help.

What we want to achieve with FlatPress 1.3

  • Main goal (and it’s about damn time!) is PHP 8.1 and 8.2 compatibility.
  • Also, we want to add a few more plugins for convenience. For example, FlatPress lacked a proper image gallery display and management.
  • And of course, known bugs and security issues should be fixed.

What is done already

2023-10-29_gallerycaptionsplugin.png
The Gallery Captions plugin in action

Even if you haven’t necessarily noticed it, a lot has happened since the last FlatPress release. As of today, we count 424 GitHub commits to be precise :)

Reading through the change log, you’ll find a lot of changes, fixes and additions. I want to highlight the most important ones:

  • We got FlatPress working with PHP 8.1 and 8.2.
    But there was a “little” catch: In previous versions, FlatPress utilized version 2 of the templating engine Smarty, which is outdated and does not support current PHP versions. So we switched to the current Smarty version 4, that came with significant API changes - we had to rework a lot of code and template files. Although that worked out great in general, we still have a few critical issues to fix (see below).
  • Some new plugins have found their way into the FlatPress standard, for example PhotoSwipe for stylish and responsive image gallery display, or the Gallery Captions plugin for maintaining the captions of gallery images in the Admin Area.
  • A proper metric ton of bugs and security issues has been fixed.
  • The FlatPress installer is now localized and looks better than ever.

If you’re curious, feel free to get the latest development version, it’s currently named “FlatPress 1.3.dev”. The “dev” is not silent - it stands for “do not update your productive blog, some things might not work properly yet!”. But there’s absolutely nothing to be said against installing it in another folder of your web server to take a peek at the cool new features of FlatPress 1.3! After all, removing it afterwards is as simple as deleting this folder.

What still has to be tackled

There a still a few open issues, we gather them in a milestone on GitHub. Some of them are real blockers for the release of FlatPress 1.3 - we can’t ship as long as the contact form is not working, or saving entries is not possible under some circumstances. Also, the RSS feed delivers raw BBCode, which simply has to be fixed. Most of these issues relate to the Smarty update.

Greatest limiting factor is, no surprise, the developers’ spare time. Especially the Smarty issues are quite challenging and require more than one or two single hours of debugging.
So if you like to support us there, we’d appreciate any help!

What you can do to help us

  • We invite FlatPress users to download the lastest development version. Fiddle around with it, and let us know your findings on the support forum.
  • Template and plugin authors may want to prepare their templates and plugins for Smarty 4 in order to run with FlatPress 1.3. This helpful article on our wiki also contains tips on how to keep plugins backwards compatible.
  • As a PHP programmer, please feel free to tackle any of the open issues from the 1.3 milestone! We’re always very grateful for Pull Requests with your changes on GitHub.

So this is the current FlatPress 1.3 development status. Of course, we’ll keep you up to date whenever there’s something new. Make sure to follow the FlatPress accounts on Mastodon or Twitter, and subscribe to this blog’s RSS feed.

Keep blogging happily!
All the best,
Arvid

Image: Slightly cropped “Coding Javascript” by Christiaan Colen - licensed under CC BY-SA 2.0

Friday, January 6, 2023

Blog / News / Forum: Login with Two Factor Authentication

Forum: Login with Two Factor Authentication

From now on, the FlatPress support forum supports Two Factor Authentication (2FA). (For more information on what’s 2FA, see below.)
Feel free to secure your account!

Activating it is quite easy: Go to the User Control Panel, tab “Two Factor Authentication”. Select “OTP” and hit “Add new key”.

Screenshot of the FlatPress support forum; arrows show the click path to 2FA activation
How to activate 2FA on the FlatPress support forum - part 1

Your OTP secret and a QR code are being generated. (The QR code basically contains the secret.)
Scan the code with your OTP app or enter the secret manually.

Screenshot of the FlatPress support forum; arrows show the OTP key and the QR code
How to activate 2FA on the FlatPress support forum - part 2

Read the OTP from your OTP app and enter it in the “OTP key” field. Hit “Register new key”, and 2FA is activated for your account! From now on, you’ll need to enter the current OTP code after giving your username and password.

Of course, you can disable 2FA at any time by simply deleting the registered keys.

What is Two Factor Authentication?

Two Factor Authentication (2FA) with Time-based One-Time Passwords (TOTP) is a great way to protect your user accounts on any platform providing it. It basically means you do not only need your username and password to login, but also a 6-digit code freshly generated every 30 seconds e.g. in the OTP app on your mobile device.
So even if your username and password get stolen (via phishing, keylogging, social engineering, … you name it), your account can still not be accessed without knowing the 6-digit OTP code (which changes every 30 seconds).
This massive increase in security comes with a price, though: Without your OTP generator (i.e., the OTP app on your mobile or any other program capable of generating the code), you will be not able to access your account. But fear not, a good OTP implementation will provide you with static backup codes you can use instead. Of course, nobody else than you should ever get those backup codes, so keep them well :)

2FA is a widely spread standard. Some examples: Amazon offers it, PayPal does, GitHub and Twitter as well. My personal recommendation: Try it, get used to using it, and activate it on any platform that provides it.

What’s a good OTP app?

There may be countless TOTP generators out there. My recommendations are:

  • The password safe KeePass (great for securely managing many different, unique and safe passwords on Windows, Linux and even mobile platforms!) has the OTP plugin KeeTrayTOTP.
  • FreeOTP+ (F-Droid / Google Play Store) is great for Android devices.
  • Apple users may want to take a look at FreeOTP.

More questions?

If you have questions regarding 2FA or want to share opinions or recommendations, please feel free to do so on the FlatPress support forum.

All the best,
Arvid

Wednesday, September 14, 2022

Blog / General / Project interna / Feel free to say “Thank you”

Feel free to say “Thank you”

Hi folks,

over the last few years, some of you have asked me how they could send me a small donation to recognize my efforts on the FlatPress project.
This means a lot to me, not for the money, but for your gratitude.

I’ve finally managed to set up a PayPal account and a SEPA bank account for this - so if you want to send a little “Thank you”, feel free to do so now:

Thanks a lot to all of you!
Arvid

Sunday, June 26, 2022

Blog / News / Project interna / Latest development news

Latest development news

Old photograph of a man working with a Commodore PET computer.
Rare picture of the FlatPress main development machine

Hi folks,

viewed from the outside, it seems rather quiet around the FlatPress project. But just look at the picture to see how hard we’re actually working behind the scenes! ;)

In fact, things are really moving nicely. In total, we have three active development branches:

Main development

In the master branch, we’re working on “normal” features and bugfixes for the next FlatPress version. Talking about the new Gallery captions plugin, improvements of the Leggero theme and many smaller and bigger bugfixes. Oh, and the cool PhotoSwipe plugin made it into the standard FlatPress package!

For all details, see the current change log.

PHP 8.1 compatibility

We need to make FlatPress working with PHP 8.1 properly. This aim contains two main tasks:

  • Update the Smarty template engine to its current 4.x version.
    This has been done in the Smarty update branch - now we need to make sure everything works fine. If you feel like supporting our project, please help us testing!

  • Change all internal date formattings.
    With the current “%Y-%m-%d” style of the deprecated strftime() function, FlatPress throws ugly warnings under PHP 8.1. We opened issue 92 for that, the development will take place in the strftime branch.

New Admin Area

Honestly, it’s a shame this gem isn’t part of a final FlatPress version yet. Franah built a completely new Admin Area which brings a new fresh touch to working with FlatPress. Also, it’s reponsive, meaning it adapts to your screen size and works flawlessly even on your mobile gizmo.

If you want to take a look into it, please feel free to get it from the Responsive Admin branch. Of course, it also contains all the bugfixes and features from the master branch.

Share your findings and opinion on the new Admin Area on the support forum.

Be part of the development!

You’re warmly invited to grab FlatPress from the described development branches and test the heck out of it.
Simply follow the link to each branch on GitHub, hit the green “Code” button in the upper right, and select “Download ZIP”. Then just install FlatPress on any web server, e.g. in a subdirectory of your blog site. To get rid of it later again, simply delete this subdirectory :)

Report any bugs and glitches or simply let us know what you think about the new features on the support forum.
Also, follow FlatPress on Mastodon or Twitter to stay in touch with the latest progress of your favourite blogging engine.

For any further questions or suggestions, please drop a line in the comments below.

All the best,
Arvid

Image: “HRA computer lab - ~1983” by Blake Patterson - licensed under CC BY 2.0

Saturday, January 29, 2022

Blog / Project interna / Current development status: New Admin Area and PHP 8.1

Current development status: New Admin Area and PHP 8.1

Hi everybody,

here’s a little update on the current development status of FlatPress. We’re actively working on two main topics: The new Admin Area and getting FlatPress PHP 8.1 compatible.

New Admin Area

As described in the last blog posting, franah created a great new Admin Area for FlatPress: It looks fresh and awesome, adapts to your screen size, and also works great on mobile devices.
It is quite complete, and now it needs a lots of testing with different themes, plugins, and page content. We have to make sure everything works fine, so please help us testing!

Check out the future of FlatPress, and test the heck out of it :)

PHP 8.1 compatibility

FlatPress throws ugly errors when run under the current PHP version 8.1. This is because it uses functions PHP 8.1 marks as deprecated. In order to keep running correctly, FlatPress needs to be reworked.
One main issue here is that we still utilize the outdated version 2.6 of the template engine Smarty - which is not ready for PHP 8.1. So our first step to PHP 8.1 compatibility is to update Smarty to its current version 4 (Issue 94). What sounds quite easy, is actually a lot of work, since Smarty changed a lot in between. I’m still working on it (Branch on GitHub), but some effects become clear already:

  • With the new Smarty version, FlatPress will require at least PHP 7.1. (Until now, PHP 5.6 is minium.)
  • Themes and plugins may need some overhauling. The name of many Smarty functions has changed, and it has become less tolerant when it comes to template syntax.

As soon as Smarty is up-to-date, we can work on the PHP 8.1 compatibility of the FlatPress code itself (Issue 92). Main task here is the strftime() function that has become deprecated. Its date and time formats (e.g., “%Y-%m-%d” - check out the “International settings” options in your FlatPress settings!) most likely have to be changed to the format of the date() function (e.g., “Y-m-d”). This also may require some sort of automatically updating these date format settings.

Schedule for the next FlatPress versions

PHP 8.1 compatibility is quite urgent, since this is the current PHP version for quite a while now. And since the Admin Area still needs testing, the next FlatPress version 1.3 could bring PHP 8.1 compatibility and then 1.4 the new Admin Area. But this order is not finally decided and simply depends on when each topic is finished; we’re actively working on both.

Stay up to date!

If there is any news on the developments, I’ll let you know here on the project blog (you may want to subscribe to the RSS feed). Also, feel free to follow FlatPress on Twitter and on Mastodon.

All the best,
Arvid