SPECIAL OFFER! Get 1 year of access to everything in OSTraining for only $59! You save $85!
Join today and get access to 1,000's of books and videos. Learn WordPress, Drupal, Magento, Joomla and more! Sign up today!

| Drupal

In this tutorial we'll show you how to place a Twitter feed inside a block. You can then display that Twitter feed anywhere around your theme. There are many different Twitter options out there but most have a couple of limitations:

  • They post tweets as nodes rather than in a block.
  • If they post to a block, they require very complex setups normally involving creating Views.

Thanks to Expedition Post, we're going to suggest a much simpler way to show tweets in a block on your site. They've created a script that is very cleverly called "Twitter Block".

Installing Twitterblock to Your Drupal Site

  • Step 1: Click here to download the latest version of "Twitter Block".
  • Step 2: Extract the files into a folder on your desktop. The folder will be called "twitterblock".
  • Step 3: Login to your site's files via FTP and navigate to /sites/default/. If there isn't a folder called /modules/ here, create one.
  • Step 4: Upload the "twitterblock" folder to /sites/default/modules/
  • Step 5: Go to Administer >> Site building >> Modules. Check the box next to "Twitter Block" and click Save Configuration.

Placing Your Twitter Feed in a Block

Now that Twitter Block is set up, we'll go and place it on our site:

  • Step 6: Go to Administer >> Site building >> Blocks. Scroll down to find Twitter Block.
  • Step 7: Click "Configure" next to the block and enter your Twitter username and password:
  • Drupal twitterblock Module
  • Step 8: Click "Save Block", publish the block and check to see how it looks on your site:

  • Drupal twitterblock Module

| WordPress
Perhaps the #1 most common question we get from beginners is: "How do I change the logo on a Wordpress theme?" This tutorial is the answer:

  • Step 1: Go and download the Firefox browser, if you haven't done so yet: http://www.mozilla.com/en-US/firefox/personal.html. Firefox is much better than Internet Explorer or Safari for working on websites.
  • Step 2: Start Firefox so that you're browing the web with it. We're now going to install an extra toolbar for Firefox. It is called the "Web Developer" toolbar. Visit this page: https://addons.mozilla.org/en-US/firefox/addon/60
  • Step 3: Click "Add to Firefox" and follow the instructions, including restarting Firefox.
  • Step 4: The next time you open Firefox, you will see a list of links that starts with "Disable", "Cookies", "CSS" and ends in "Options":
Wordpress and Firefox Toolbar

  • View Image InfoStep 5: Browse to the website where you want to change the logo. We're going to use http://wordpress.org for this example.
  • Step 6: In the toolbar, click on "Images" which is the 5th link from the left. Then click "View Image Information" from the dropdown.
  • Step 7: You will now see a list of all the images on the site.
  • Step 8: Scroll down until you see the logo. You will see two pieces of information about it: Location ( http://s.wordpress.org/style/images/wordpress-logo.png ) and Size ( Width = 301 pixels, Height = 52 pixels ).
Wordpress Logo
  • Step 9: You need to make a new logo that is the same width and height as the old.
  • Step 10: Use your favorite file manager to upload the new logo to the location you found in Step 8. It is better to rename rather than delete the old logo. You could call it logo-backup.png for example.

| Templates

This post is for all of you Mac fans out there, specifically those using the excellent Coda editor by Panic. I could preach all day long about how using a quality code editor like Coda can both speed up your coding as well as make your coding better.

One brilliant little function of Coda is that it has a built-in code snippet collector called 'Clips'. What's even more brilliant is that Coda gives developers a way to share groups of these clips with each other. I was inspired by our friend Jon from Zuno Studios when he released a few clip groups relating to Joomla 1.5 development a few months ago. His clips are specifically geared towards developers creating extensions, and if you're at that level I highly recommend checking out his handy clips.

Since more of my day-to-day work involves creating templates, I put together a set of clips that I use almost daily for creating Joomla 1.5 templates. Lucky for you Coda users out there, I've packaged them up in a tidy group that you can download.

Read more ...

| Security

On 12/17/2008 around 7:00 PM EST , Twitter.com was hacked by a group claiming to be the Iranian Cyber Army. The actual attack was a DNS Hijacking (or DNS Poisoning) that resulted in Twitter Users being directed to a page of their choosing. In this example here is what they posted:

Twitter Hacked - could it happen to you?

This old school defacement actually was conducted by 'hijacking' the sites DNS - how they accomplished this is still unknown, the fact is they did. What exactly is a DNS Poisoning or Hijacking?

Read more ...

| Development

One of the most important aspects of extension development is gathering input from the user and manipulating it in a meaningful way. Many times, you will collect data with a form and then store it into a database table. Other times, you will decide how to order or display information to the user based on the query string of the URL. In either instance, you are taking and acting upon input from the user. Obviously, you hope that your users have good intentions in using your extension, but unfortunately, the reality is that not everyone has your best interests in mind. For that reason, you must be careful about the input that you allow into your extension.

Read more ...

A detailed look at the Wireshark protocol analyzer

Greetings, In this article I want to discuss the other powerful tool a systems administrator should know about. It is called Wireshark (from Wireshark.org). Wireshark is in essence a sniffer, in that it can listen in on the packets on the wire and tell you whats what. Officially its called a protocol analyzer which is more true to its mission. In this article I want to share with you a few items of value about Wireshark, and why you should get to know this tool better.

I think that as technical people we get lulled into a dull sense of safety with tools, for example a reliance on a control panel tool that identifies bad guys by their actions and blocks their IP's. This is for sure a good thing, but it is not the only thing. With tools like Wireshark, we can peer into the activity of our server and see what is going on at the packet level. A client some months ago came to JoomlaRescue.com and was having a problem with continually being hacked. We tracked it down to a compromised (vulnerable) FTP software that had allowed them in. However we found they were using FTP through the use of Wireshark.

This is important because if you were unfortunate enough to have a bad guy insert this INTO your network he could eavesdrop on everything you do. However - in this use case, it is being demonstrated as diagnostic tool.

For the purposes of this article I ran Wireshark on MY personal machine only. It was never allowed  outside my network, so in other words, everything you see here came to my machine using normal, everyday browsing techniques.

Read more ...

| Security

A detailed look at the Wireshark protocol analyzer

Greetings, In this article I want to discuss the other powerful tool a systems administrator should know about. It is called Wireshark (from Wireshark.org). Wireshark is in essence a sniffer, in that it can listen in on the packets on the wire and tell you whats what. Officially its called a protocol analyzer which is more true to its mission. In this article I want to share with you a few items of value about Wireshark, and why you should get to know this tool better.

I think that as technical people we get lulled into a dull sense of safety with tools, for example a reliance on a control panel tool that identifies bad guys by their actions and blocks their IP's. This is for sure a good thing, but it is not the only thing. With tools like Wireshark, we can peer into the activity of our server and see what is going on at the packet level. A client some months ago came to JoomlaRescue.com and was having a problem with continually being hacked. We tracked it down to a compromised (vulnerable) FTP software that had allowed them in. However we found they were using FTP through the use of Wireshark.

This is important because if you were unfortunate enough to have a bad guy insert this INTO your network he could eavesdrop on everything you do. However - in this use case, it is being demonstrated as diagnostic tool.

For the purposes of this article I ran Wireshark on MY personal machine only. It was never allowed  outside my network, so in other words, everything you see here came to my machine using normal, everyday browsing techniques.

Read more ...

| Development

This article applies to Joomla! 1.5 development. This information is subject to change in Joomla! 1.6.

When writing your custom component or module, more often than not, you will want to include your own CSS or Javascript code. If Joomla! did not provide an easy way to do this, you would be forced to use script tags throughout your code. While this approach would technically work, the best practice is to put all scripts inside the head tag of your page. How is that possible when the of your page is only seen on your template index.php file and you're developing a new module or component? The JDocument class is the answer. Let's look at the easiest way to go about doing this.

Read more ...

In our previous articles, we discussed at a high level a few tools, the first of which was Nmap from insecure.org. In this article I want to give you a short primer on Nmap and some of the popular methods to use this powerful tool.

Read more ...

| Security

In our previous articles, we discussed at a high level a few tools, the first of which was Nmap from insecure.org. In this article I want to give you a short primer on Nmap and some of the popular methods to use this powerful tool.

Read more ...

Good Day to you!

In my last article, I introduced you to NMAP, WIRESHARK and NETCAT. These fall in the category of diagnostics and troubleshooting. The next two tools known as vulnerability scanners. They check your server, code and in the case of the second tool - Accunetix  - it scans your "code" for such things as SQL Injection flaws and Cross site scripting.

Read more ...

| Security

Good Day to you!

In my last article, I introduced you to NMAP, WIRESHARK and NETCAT. These fall in the category of diagnostics and troubleshooting. The next two tools known as vulnerability scanners. They check your server, code and in the case of the second tool - Accunetix  - it scans your "code" for such things as SQL Injection flaws and Cross site scripting.

Read more ...

Good Day to you and welcome to Tools you need to know about.

This article is part one of the TOOL Series. In this I want to introduce you to some of my favorite tools. In the first few articles, I will discuss them generally, then in future articles, I'll spend time discussing each one.

The tools discussed will be both GPL and NON-GPL tools as well as Joomla based tools.  Your comments are welcome and I hope that you find this series helpful.

Read more ...

| Security

Good Day to you and welcome to Tools you need to know about.

This article is part one of the TOOL Series. In this I want to introduce you to some of my favorite tools. In the first few articles, I will discuss them generally, then in future articles, I'll spend time discussing each one.

The tools discussed will be both GPL and NON-GPL tools as well as Joomla based tools.  Your comments are welcome and I hope that you find this series helpful.

Read more ...

| Security

Good day, if you are reading this, I hope you will take a few moments to really consider the need for a good incident management plan for your website. Ask yourself, What WOULD you do if you were hacked?

Read more ...

| Security

As a security guy, I get asked frequently about Joomla, and if it's secure. I start to answer, and am always interrupted with something along the lines of:

"..I know it's not, I just want to know how insecure it is.."

As if security is measured on a 1 to 10 scale..Security is not a scale, but a total philosophy, a set of tools and actions. Yes, it can be measured, but taking Joomla and singling it out is foolish. Looking at Joomla as part of your total site security makeup IS the right answer. You must measure security holistically. Any part of your security that is weak,weakens the entire infrastructure.

So how do you answer it? To begin with, Joomla is only as secure as the platform it is on, the extensions installed on it and the proper safeguards that are put in place. In fact, many times if a Joomla site is hacked, it could be any number of things. But here's the part that is hard for some to swallow...It's not typically Joomla's fault. it's many times the administrators fault for failing in some basic areas. Now to be fair to the admin, security is an entire practice itself, and in this article I will lay out some basic concepts both Joomla and non-joomla to help you understand how to secure your site.

Read more ...

Join today and get access to 1,000's of books and videos. Learn WordPress, Drupal, Magento, Joomla and more! Sign up today!