Sitecore Tips & tricks

Sitecore Field Help messages

Go to template,  select the particular field in the content tree, make sure you enabled “standard fields” from View ribbon. scroll down to the “Help” section.

OR – select the item, go to configure tab in the ribbon and click on Help link.

3 fields that you can configure are as follows-

  • Help link (can set up a link on click og help text)
  • Short description (displayed on Item after field name)
  • Long description (tool tip on help text)

Sitecore Template Inheritance

Two types of template inheritance:-

  • Field section inheritance
  • Presentation layer inheritance

Best practices

  • avoid having more than three levels of inheritance
  • split templates into four main folders such as system templates,Data templates,Page templates and Parameters templates:
  • when an item gets created from a template that has standard values set, respective item field value gets populated from template standard values.  But when you modify the item field value manually, the template inheritance for that particular field will be broken, and will not reflect the standard values.

Sitecore Security Tips

Following points are relevant to Sitecore solutions with user login and access to user data.

  • Prevent XSS attacks by setting requestValidationMode=”2.0” in web.config

Cross Site Scripting (XSS) attacks are when a user submits HTML, script or SQL code to your site via form fields.Add the following attribute to the <httpRuntime> element in your web.config file to enable request validation:

    <httpRuntime requestValidationMode="2.0" />

If you need to allow HTML markup to be submitted you can decorate your controller actions with the attribute [ValidateInput(false)] when necessary to override the web.config setting.

  • Guard against CSRF attacks by using @Html.AntiForgeryToken() and [ValidateAntiForgeryToken]

Cross-Site Request Forgery (CSRF) attacks involve a malicious user creating a copy of one of your site’s forms, hosting it in a different domain allowing users to post data from the malicious site to yours. Luckily the solution is very simple: In your view, add @Html.AntiForgeryToken() within your form declaration as shown below:

@using(Html.BeginForm(“YourAction”, YourController”))

Then in your controller, simply add the [ValidateAntiForgeryToken] attribute as follows:

public ActionResult YourAction(YourViewModel viewModel)
  • Mark form actions with the [Authorize] attribute (where appropriate)
  • Mark form submit actions with the [HttpPost] attribute

Running Sitecore in Live Mode

Two ways you can do this.

  1. Go to <site name=”website”> tag under <sites> section in sitecore.config and change the database name from web to master
  2. add master database name in the query string of website url.                                               eg:- http://sitecore8demo?sc_database=master

Restoring an accidentally deleted item in Sitecore

Restoring an item from Recycle Bin

If an item is deleted from Sitecore, then it will be moved automatically to Recycle Bin.So when an item is deleted accidentally, then you could get that item restored from the Recycle bin as mentioned in the below steps.

  • login to Sitecore in desktop mode and the click on Sitecore start button and then select ‘Recyle bin’.
  • select the items and click on Restore from the ribbon.

Restoring even after it is deleted from Recycle Bin

If the item is deleted in one database (say master) but you have already published that to web database before deleting, then you could restore it from web database. To restore you need to use the Transfer option present in Sitecore. So transfer the item from web database to master database. Follow the below steps to do the same.

  • Open Sitecore content editor in web database. Right click on the item which you want to restore and click on Transfer.
  • Then select the destination database as master(or which ever db where you want it to be restored) and then click on Transfer option.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s