Language Selection

English French German Italian Portuguese Spanish

Drupal

Building better pages in Drupal with Paragraphs

Filed under
Interviews
Drupal

When you’re publishing anything online, the way you lay out your content can be as important as the content itself. A good layout can help readers better interact and consume that content.

Users of content management systems like Drupal have a number of options that allow them to create very attractive, very usable layouts. That’s one factor that drew Murray Woodman to Drupal. He co-founded Morpht, a Drupal-based web development shop in Sydney, Australia. He found that Drupal 6 provided a level of freedom and productivity, and hasn’t looked back.

One Drupal module for laying out pages that Woodman is keen on is Paragraphs. I caught up with Woodman ahead of his talk at DrupalCon 2015, and he kindly shared his insights into the Paragraphs module.

Read more

Also: 4 tips for building a successful CMS

govCMS to release its own Drupal distribution

Filed under
Drupal

The government's govCMS project will make its own Drupal distribution publicly available for download, it announced today.

The distribution will be a fork of the aGov distribution, which was developed by local development shop PreviousNext and is the building block for govCMS sites.

aGov was released in 2013 after a beta period involving a number of federal and state government agencies. High profile end users include the NSW government's 'one stop shop' for services, Service NSW.

Read more

Drupageddon: SQL Injection, Database Abstraction and Hundreds of Thousands of Web Sites

Filed under
Drupal
Security

On October 29, 2014, the Drupal Security Team released advisory identifier DRUPAL-PSA-2014-003. This advisory informed administrators of Drupal-based Web sites that all Drupal-based Web sites utilizing vulnerable versions of Drupal should be considered compromised if they were not patched/upgraded before 2300 UTC on October 15, 2014 (seven hours following the initial announcement of the vulnerability in SA-CORE-2014-005).

In the case of the Drupageddon vulnerability, the database abstraction layer provided by Drupal included a function called expandArguments that was used in order to expand arrays that provide arguments to SQL queries utilized in supporting the Drupal installation. Due to the way this function was written, supplying an array with keys (rather than an array with no keys) as input to the function could be used in order to perform an SQL injection attack.

Read more

Git Success Stories and Tips from Drupal Core Committer Angie Byron

Filed under
Drupal

The Git revision control system is “at the center” of Drupal's hyper-collaborative community says Drupal core committer Angie Byron. The open source content management platform has 37,802 developers with Git commit access, and about 1,300 actively committing each month, she says.

“Git (was) the smartest/safest choice for our community, and a choice that definitely paid off,” said Byron, who is also the director of community development at Acquia.

Read more

Higher ed finds increasing value in open source CMS options

Filed under
OSS
Drupal

"The university has since launched somewhere between 350 and 400 websites, all built on Drupal 7," writes Schaffhauser "While the CMS is centrally managed to keep the system updated, it grants individual colleges, programs and departments the flexibility to put up their own images, update text as they want, add and move site objects (themes, content types and Drupal "modules") and "essentially have a custom look with a managed system," [director of university Web services, Mark] Albert explained to Campus Technology.

Read more

The Changing Cost of Open Source

Filed under
OSS
Drupal

At one time higher ed wanted community-built software because of the $0 price tag; now many universities are paying somebody else to keep open source projects moving forward.

Read more

4 tips for how to migrate to Drupal

Filed under
OSS
Drupal

Well, to jump from your current CMS (or lack thereof) and make the transition to Drupal, you want to know much it costs and exacting what that migration entails. First, there are several factors that have to be taken into an account before any Drupal development company can give you a quote. But, while there isn’t an exact price range for migrating to Drupal, you can do some in-house work to keep your migration costs down and prepare your team for the migration, keeping headaches down too.

Read more

Mark Morton: Why we chose an open source website

Filed under
OSS
Drupal

Platforms like Wordpress and Drupal, which are maintained by a community of users, can be a cost-effective and flexible option for charities, writes the digital media manager at Epilepsy Action

Read more

Also: Sydney developer brings open source e-commerce to WordPress

Australian government Drupal-based CMS goes live

Filed under
OSS
Drupal

GovCMS, the Australian government's new cloud-based web content management system, has gone live on Australia.gov.au, the federal government's chief technology officer, John Sheridan, said at a media briefing in Sydney on Tuesday. The site receives more than 2 million visitors each month, and is the first site to migrate to the platform.

The Department of Finance has developed govCMS, an Australian government-specific distribution of the Drupal open-source content management platform, in conjunction with Acquia — a company founded by Drupal's creator, Dries Buytaert, to provide commercial-grade support for the platform.

Read more

Drupal Core - Highly Critical - Public Service announcement - PSA-2014-003

Filed under
Drupal
Security

This Public Service Announcement is a follow up to SA-CORE-2014-005 - Drupal core - SQL injection. This is not an announcement of a new vulnerability in Drupal.

Automated attacks began compromising Drupal 7 websites that were not patched or updated to Drupal 7.32 within hours of the announcement of SA-CORE-2014-005 - Drupal core - SQL injection. You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is 7 hours after the announcement.

Read more

Syndicate content

More in Tux Machines

Security Leftovers

  • Atom Installer
    One thing that I miss about using Ubuntu is PPA’s there are lot’s of PPA in Ubuntu and you can hack around and install all types of software which are required for your usage. In the Fedora side of the world there are copr repos but they don’t have as many repos as in Ubuntu and you can’t build non-free software (don’t get me wrong here, I love FREEdom software but couldn’t resist not using some beautiful non-free applications such as Sublime). I am creating a work around for this by using shell scripts which are open source (cc0) but when those scripts are executed they install non-free software on your system.
  • MKVToolNix 9.9.0 MKV Manipulation Tool Released with New GUI Improvements, More
    MKVToolNix developer Moritz Bunkus announced today, February 20, 2017, the release and general availability of MKVToolNix 9.9.0 "Pick Up" for all supported platforms, including GNU/Linux, macOS, and Microsoft Windows. MKVToolNix 9.9.0 represents a month of hard work, during which the developer managed to add a bunch of new and interesting features, fix as many bugs reported by users since last month's MKVToolNix 9.8.0 point release, as well as to improve the build system, especially in regards to the man pages of the software.
  • Chakra GNU/Linux Users Get KDE Plasma 5.9.2 and KDE Applications 16.12.2, More
    The developers behind the Chakra GNU/Linux operating system have announced today the immediate availability of all the latest KDE technologies released this month in the stable repositories of the distribution. Yes, we're talking about the KDE Plasma 5.9.2 desktop environment, KDE Applications 16.12.2 software suite, KDE Frameworks 5.31.0, and KDE Development Platform 4.14.29, all of which can be found in your Chakra GNU/Linux's repos if you want to run the newest KDE software.

today's howtos

Leftovers: Ubuntu

  • IOTA: IoT revolutionized with a Ledger
    Ever since the introduction of digital money, the world quickly came to realize how dire and expensive the consequences of centralized systems are. Not only are these systems incredibly expensive to maintain, they are also “single points of failures” which expose a large number of users to unexpected service interruptions, fraudulent activities and vulnerabilities that can be exploited by malicious hackers. Thanks to Blockchain, which was first introduced through Bitcoin in 2009, the clear benefits of a decentralized and “trustless” transactional settlement system became apparent. No longer should expensive trusted third parties be used for handling transactions, instead, the flow of money should be handled in a direct, Peer-to-Peer fashion. This concept of a Blockchain (or more broadly, a distributed ledger) has since then become a global phenomenon attracting billions of dollars in investments to further develop the concept.
  • Return Home and Unify: My Case for Unity 8
  • Can netbooks be cool again?
    Earlier this week, my colleague Chaim Gartenberg covered a laptop called the GPD Pocket, which is currently being funded on Indiegogo. As Chaim pointed out, the Pocket’s main advantage is its size — with a 7-inch screen, the thing is really, really small — and its price, a reasonable $399. But he didn’t mention that the Pocket is the resurrection of one of the most compelling, yet fatally flawed, computing trends of the ‘00s: the netbook. So after ten years, are netbooks finally cool again? That might be putting it too strongly, but I’m willing to hope.

Linux Devices

  • Compact, rugged module runs Linux or Android on Apollo Lake
    Ubiqcomm’s 95 x 95mm, Apollo Lake-based “COM-AL6C” COM offers 4K video along with multiple SATA, USB, GbE, and PCIe interfaces, plus -40 to 85°C operation. Ubiqconn Technology Inc. has announced a “COM-AL6C” COM Express Type 6 Compact form factor computer-on-module built around Intel’s Apollo Lake processors and designed to withstand the rigors of both fixed and mobile industrial applications. The module offers a choice among three Intel Apollo Lake processors: the quad-core Atom x5-E3930, quad-core x5-E3940, and dual-core x7-E3950, which are clocked at up to 2.0GHz burst and offer TDPs from 6.5 to 12 Watts.
  • Internet-enable your microcontroller projects for under $6 with ESP8266
    To get started with IoT (the Internet of Things), your device needs, well, an Internet connection. Base Arduino microcontrollers don't have Internet connectivity by default, so you either need to add Ethernet, Wi-Fi shields, or adapters to them, or buy an Arduino that has built-in Internet connectivity. In addition to complexity, both approaches add cost and consume the already-precious Arduino flash RAM for program space, which limits what you can do. Another approach is to use a Raspberry Pi or similar single-board computer that runs a full-blown operating system like Linux. The Raspberry Pi is a solid choice in many IoT use cases, but it is often overkill when all you really want to do is read a sensor and send the reading up to a server in the cloud. Not only does the Raspberry Pi potentially drive up the costs, complexity, and power consumption of your project, but it is running a full operating system that needs to be patched, and it has a much larger attack surface than a simple microcontroller. When it comes to IoT devices and security, simpler is better, so you can spend more time making and less time patching what you already made.
  • Blinkenlights!
  • Blinkenlights, part 2
  • Blinkenlights, part 3
  • [Older] Shmoocon 2017: The Ins And Outs Of Manufacturing And Selling Hardware
    Every day, we see people building things. Sometimes, useful things. Very rarely, this thing becomes a product, but even then we don’t hear much about the ins and outs of manufacturing a bunch of these things or the economics of actually selling them. This past weekend at Shmoocon, [Conor Patrick] gave the crowd the inside scoop on selling a few hundred two factor authentication tokens. What started as a hobby is now a legitimate business, thanks to good engineering and abusing Amazon’s distribution program.
  • 1.8 Billion Mobile Internet Users NEVER use a PC, 200 Million PC Internet Users never use a mobile phone. Understanding the 3.5 Billion Internet Total Audience
    As I am working to finish the 2017 Edition of the TomiAhonen Almanac (last days now) I always get into various updates of numbers, that remind me 'I gotta tell this story'.. For example the internet user numbers. We have the December count by the ITU for year 2016, that says the world has now 3.5 Billion internet users in total (up from 3.2 Billion at the end of year 2015). So its no 'drama' to know what is 'that' number. The number of current internet total users is yes, 3.5 Billion, almost half of the planet's total population (47%).