Quicktips

When writing custom modules, few functions are as useful as filter_xss(). In a nutshell, this function protects your web site from both malicious HTML and unwanted tags.

The function takes some text and, in effect, "cleans" it based on some very simple rules. First and foremost, it makes sure any HTML elements, tags, and attributes are well-formed. It also removes any non-standard characters and constructs that can trick browsers. Finally, it can remove any HTML tags depending on an argument passed to the function.

So often clients ask me for the ability to add an "email this page" or "print this page" option to their web site. Luckily, the print module does both these things - and more.

The module is a snap to set up and even offers the capability to print any web page as a PDF (using an external, free, open-source library). It has loads of options that allow you to tweak the position and language of the links and provides several theme functions that can be overridden so you can match the links to your site's theme.

So you have a content type that you created with CCK that has more than a few fields. In some cases, you don't want all of the fields to show up when viewing the full node - luckily, there's an easy way to hide individual fields without resorting to theming tricks or PHP code.

Simply go to the content type's "edit" page (assuming you're logged in as an appropriate administrative user) and click on the "Display fields" tab. From here you can hide or exclude individual fields from view in both teasers and full nodes.

When developing a new site or adding features to your old site, it's always a good idea to do frequent database "development" backups (as opposed to normal "everyday" backups that you're already doing, right?) While there are a bunch of different methods for performing a backup (via the command line, phpMyAdmin), one of the easiest is with the Backup and Migrate module.

One thing that consistently trips up both new and experienced developers when enabling a new module are "permissions". I can't tell you how many times I've enabled a new module then cursed my computer for a few minutes thinking that the module wasn't working properly - only to realize that I forgot to set some arcane permission on the admin/user/permissions page.

So, next time you download and enable that shiny new module, be sure to not only configure it using its settings page, but to check its permissions!