Development Blog

Get Field Label Text in Joomla 2.5 JForm

I’m switching back and forth between projects in Joomla 3.X and Joomla 2.5… to get the field label text (not the HTML tags, just the text) from a JFormField object is simple enough in Joomla 3.X, since the class has a getAttribute() method, so:

$field = $form->getField('myfield');
$label = $field->getAttribute('label');

I could be mistaken, but didn’t see the same functionality in Joomla 2.5. The closest I’ve come up with is to get the full label, then strip out the HTML tags, like:

$field = $form->getField('myfield');
$label = strip_tags($field->__get('label'));

…which is ugly, but seems to work in the cases I’ve tested. Anyone know of a better way to access the element attributes directly in Joomla 2.5?

ProcessForm 3.0.18 Security Update

We’ve just posted a security patch update to the old/archived script ProcessForm. It is strongly recommended that any existing users update to the latest version. We’re working hard on a complete re-write of the script, but in the meantime, will continue releasing patch updates as issues are found.

New eCommerce Site:

We’re launching a new custom Joomla eCommerce site this week. I’m especially excited about this one, because it’s one of my own ventures, via Mock-Epic LLC. The first retail site is, which sells twisted pens (some of which we make here in-house). We hope to have a total of three retail sites online before this summer. Looking forward to it!

Retrieving Custom Profile Data from Joomla User Account

I’ve been experimenting with modifying a copy of the Joomla “profile” plugin (/plugins/users/profile) and adding custom profile fields to use in other Components. Retrieving those stored profile values required some research, but it turns out it’s pretty straight-forward:

$User = JFactory::getUser();
$Profile = JUserHelper::getProfile(User->id);

From there, it may be easiest to just use the print_r() function to see what properties are available. In my case, they were in the “profile” property of the $Profile object, which was an array. So:

$favorite_goat = $Profile->profile['favorite_goat'];

Joomla 2.5+ Deprecated JRequest::checkToken() Replacement

I’ve become very accustomed to using Joomla’s JRequest class in custom Components. Since that class is now deprecated, I’m having to find new work-arounds, most involving the JInput class. Pretty much ever form had been using JRequest::checkToken() to guard against CSRF attacks, like:

if (!JRequest::checkToken())
$this->setError('Invalid (or expired) request token.');

To get around using JRequest, I’m now using this:

$app = JFactory::getApplication();
$token = JSession::getFormToken();
if (!$token || !$app->input->get($token, null, 'alnum'))
$this->setError('Invalid (or expired) request token.');

…which seems to work in pretty much the same way. In the old JRequest::checkToken() method, it was also redirecting to the login page if no session was detected, which I’m generally skipping.