Monday, July 18, 2011

Updated Security In BlueBox2.0

BlueBox2.0 security and passwords just got a bit of a face-lift with the inclusion of 2 new features:


Javascript Password Confirmation:

When entering a new password (or changing an existing one) a Javascript/modal popup is initiated which confirms the password prior to accepting it.

New bbsettings for Enhanced Security:

These new bbsettings have been added to the bb_secure module and can be edited via admin->module settings...

A new standard minimum password length of 5 characters has been introduced. This can be shortened or lengthened by editing bbsetting_enable_password_length for bb_secure to the number of characters required.

You can also force combined alpha/numeric passwords by setting bbsetting_enable_password_alphanumeric to 1.

Finally, you can force users to update/change their password regularly by setting bbsetting_enable_force_password_change_in_days to the number of days per cycle.

Wednesday, July 6, 2011

New In-Line Form Field Management in BlueBox2.0

One of the most powerful things about BlueBox2.0 is the ability to design form and templates for every screen and output in the system. One of the difficulties, up till now, has been knowing which bbsetting to apply in order to achieve these customisations.

In an effort to simplify this, there is now an in-line toolbox next to each field in a form which displays various options with regards to the display/behaviour of that field... for example, whether to hide it, or make it required etc.. Only users with 'admin' rights to the specific module will see these toolbox icons:

This tool will evolve significantly over the next few months, but this is a good starting point for now...

Friday, July 1, 2011

Using conditional IF and IFNOT statements in BlueBox2.0 Tags

Today I decided to use my 'sharpening time' to get to grips with BB2.0 <!--:if and <!--:ifnot tags.

The basic syntax for these tags is:

<!--:if:{variable_name}{optional condition}:{action}:-->

This can be used as follows:


<!--:if:email:{print:Your email address is (#email#).}:-->

or

<!--:ifnot:email:{print:You do not have an email address.}:-->

This is fairly straightforward, the condition of the if and ifnot statements purely checks if a positive value exists for the variable and, if so, then it runs a sub-tag between the { }'s. This subtag is exactly the same as a normal BB2.0 tag, but, due to it's embedded nature, it gets { in place of <!--: and } in place of :-->. Also: you will notice that referring to the variable value within subtags you use the (# approach, by wrappinf the variable name in (# and #).

To up the ante a bit, I then decided to play with conditional statements like ==, !=, > and <. These work as follows:

<!--:if:email==bill@microsoft.com:{print:Hi Bill!}:-->

Note here that the value is never encapsulated in the ' and " string-wrappers normally used in code, and also that the condtional statement for 'equals' is double =.

Last thought on this, and this one stumped me for a while, is that when you are evaluating form-posted variables, remember to describe the variable name fully using the global|fields|variable_name method, eg:

<!--:if:global|fields|email==bill@microsoft.com:{print:Hi Bill!}:-->