How does authentication work with the server-side API?
Answer
Authentication is handled automatically using cookies, similar to regular website requests. If cookies are not feasible, the response parameters device_auth_member_id_cn/device_auth_pass_hashed_cn/device_auth_member_id_vl/device_auth_pass_hashed_vl from the login endpoint can be resent as POST parameters in subsequent requests.
How do I access the server-side API for my mobile app?
Answer
The server-side API can be accessed via HTTP calls to http://yourbaseurl/data/endpoint.php. Results are returned in JSON format. The API utilizes endpoints with a 'hook' name and a 'hook type' categorization. Both REST-style and GET-parameter style requests are supported, with the latter recommended for simplicity.
What is the purpose of the Composr Mobile SDK Toolkit?
Answer
The Toolkit, part of the composr_mobile_sdk addon, aids in mirroring Composr website resources into a mobile app. It includes tools for generating iOS/Android string resources from language files and exporting theme images in a directory structure suitable for iOS/Android app image assets.
To connect to a Composr site, you will need to install the composr_mobile_sdk addon, which is not bundled. This addon provides scripting to generate app assets from the Composr site.
Composr Mobile SDK (CMS SDK) is a toolkit designed for experienced iOS and Android developers to build mobile apps that integrate with a Composr-powered website. It offers both Composr-specific integrations and a collection of standalone utilities for building apps, providing a common base between iOS and Android akin to the PHP and Composr APIs, enabling easier code porting while maintaining a native experience.
Composr follows a rolling release model. This means:
New major/minor versions are released as they are ready.
Patch releases, primarily containing bug fixes, are only released for the latest supported major/minor version branch.
Users are responsible for staying updated to the latest release or applying necessary hotfixes.
This policy allows developers to focus resources on the latest versions and encourages users to leverage the ongoing improvements. You can find the release status on the Composr maintenance status page.
Constructive design feedback is valuable. To provide effective feedback:
Be specific and detailed. Identify particular issues and provide clear examples.
Offer solutions. Suggest improvements or provide mockups demonstrating your ideas.
Avoid vague statements. General comments like "it looks dated" are unhelpful.
Understand design constraints. Consider factors like modularity, generality, feature density, compatibility, performance, and the subjective nature of design.
Directly reporting specific design bugs to the tracker or redesigning Composr interfaces yourself are excellent ways to contribute.
Be comprehensive and self-contained. Provide all necessary information and context for the developers to understand your suggestion.
Focus on widely beneficial features. Esoteric suggestions are less likely to be implemented.
Understand developer constraints. Feature development depends on factors like developer availability, funding, and project strategy.
Consider sponsoring features. Financial contributions can prioritize the development of desired features as it affords developers the time to implement it.
The system scheduler is crucial for scheduled tasks like sending notifications, running backups, and processing reports. To set it up, you need to schedule a system-level task to run the data/cron_bridge.php file at least every 10 minutes. This links Composr's scheduler with your server's scheduler (like Cron on Linux).
Composr can often detect the correct command to use for your setup. You can check by visiting http://yourbaseurl/data/cron_bridge.php?query_mode=1, which should display the suggested Cron command. Note that you may need to replace the php command with the absolute path to PHP if you cannot use the php command directly.
If your hosting doesn't support Cron or scheduled tasks, you can enable scheduled tasks to run when visitors access your site. Navigate to Admin Zone > Setup > Configuration > Performance options and check "Web requests run scheduled tasks". Keep in mind that this method relies on visitor traffic and isn't as reliable as a dedicated scheduler.
Alternatively, consider using external services like EasyCron, setcronjob.com, or onlinecronjobs.com. These services allow you to schedule calls to the data/cron_bridge.php script by URL at specified intervals.
What are the different security levels in Composr's Setup Wizard and what do they affect?
Answer
Composr offers five security levels in the Setup Wizard: Minimum, Low, Medium, High, and Ultra High. Each level sets various security configurations that you can later customize under Admin Zone > Setup > Configuration.
The security levels influence settings such as:
Content Security Policy
Session expiry time
Password reset process
Password expiry days
Minimum password length and strength
Login error secrecy
IP strictness for sessions
Cryptographic ratchet
CAPTCHA usage
Brute force threshold
Audio CAPTCHA
URL Monikers
.htaccess restrictions on maintenance scripts
Enquiry on new IP addresses
The higher the security level, the more stringent the security measures, with Ultra High offering the most robust protection but the most potential inconvenience to users.
Generally, you should use these settings depending on your site:
Minimum: Very bare-bones informational-only sites
Low: Sites which do not allow public registrations and do not use eCommerce but have content managed by different staff, and are not concerned with privacy or data
Medium: Sites with social features / public accounts but do not use eCommerce.
High: Sites which use eCommerce.
Ultra High: Sites containing very sensitive data, such as but not limited to cybersecurity sites, government departments, banks, healthcare, etc.
You can change your site's logo manually or by using the Logo Wizard. To change it manually, go to Admin Zone > Style > Themes. Choose "logo/-logo" from the dropdown list, which represents the logo for the Welcome Zone and any zone without a specific logo. Replace the current image by uploading a new .jpeg, .gif, or .png file. Ensure that the 'Name' field remains unchanged.
Composr is built using a series of addons that provide different functionalities. All "bundled" addons are installed by default. Once you are familiar with Composr, it's recommended to remove any bundled addons you don't need to simplify your site and prevent accidental exposure of unconfigured features to visitors (the Setup Wizard can also uninstall these addons based on your preferences). You can manage addons by navigating to Admin Zone > Structure > Addons. Uninstalled addons are archived and can be restored later, but any associated data will be permanently lost.
Composr also offers non-bundled addons. These addons are not bundled because they are not considered mainstream, rely on third-party services, haven't been vetted to Composr standards, or don't fully conform to those standards.
You can install non-bundled addons by going to Admin Zone > Structure > Addons, scrolling to the bottom and clicking "Import non-bundled addon(s)". You will need to browse to the addon file and click the import button. Once imported, review the warnings and proceed to install the addon.
You can also download and import addons from this website under the Downloads section.
What are some of the default Comcode pages in Composr?
Answer
Composr includes several default Comcode pages, each serving a specific purpose:
home (Welcome and Site zones): The default front pages for the respective zones.
sitemap (Welcome zone): Displays the sitemap, typically generated automatically.
_rules (Welcome zone): Outlines the site rules, also displayed during registration. The "rules" page (no underscore) is a wrapper for this page.
privacy (Welcome zone): Provides privacy policy information. By default, this is generated automatically with Composr's privacy policy generator block.
404 (Welcome zone): The page shown for 404 errors (page not found) and includes a sitemap.
help (Site zone): Contains general help information.
userguide_comcode (Site zone): A basic guide to Comcode for users.
Remember that you can edit these default pages or create entirely new ones to tailor your site's content to your specific needs.
If you want to prevent a Comcode page from appearing in your sitemap, you can simply prefix its name with an underscore (_). For example, pages named "_test" or "_example" would be excluded from the sitemap. Note that this generally does not hide the page from your site itself (to do that, use the validation addon to turn validated to "OFF" for the pages); it only hides them from the sitemap / search engines.
Can I organize Comcode pages in a hierarchical structure?
Answer
Yes, Composr allows you to simulate a hierarchical structure for your Comcode pages using multi-part paths in the page monikers. By editing the page monikers to include slashes (e.g., "about/team"), you can create a virtual directory structure within a single zone, enhancing your site's organization and navigation.
How do I embed content from other modules into a Comcode page?
Answer
You can use various blocks to embed content from different modules:
main_content block: Allows you to feature individual entries from modules/content like news or articles.
main_multi_content, main_cc_embed, main_gallery_embed, main_news blocks: Enable you to pull in and display multiple entries based on categories or other criteria.
main_include_module block: Provides a powerful way to integrate any module screen directly into a Comcode page.
What is the difference between blocks and boxes in Composr?
Answer
While both terms may seem similar, they have distinct meanings in Composr:
Blocks are functional units that generate dynamic content or provide specific features. They don't inherently have a visual form and their output can vary widely.
Boxes are a visual design element in Composr, essentially containers that visually group content on a page and often with a title at the top.
In practice, blocks often place their content within a box, but this isn't a requirement / standard.
Yes, you can customize the appearance of blocks by editing the associated templates and CSS. Each block typically has a corresponding template file (e.g., BLOCK_MAIN_NEWS.tpl for the main_news block) that controls its HTML structure. You can modify this template to change the layout and styling of the block's output.
An easy way to do this is through the template editor in Admin Zone > Style > Themes, and click edit templates for the relevant theme.