Weekend Special: Get 1 year of the Everything Club for $59! You save $85!
  Offer ends in 1
Join today and get access to 1,000's of books and videos. Learn WordPress, Drupal, Magento, Joomla and more! Sign up today!

| Joomla

Today's security topic is inspired by a recent exercise I went through - testing a server for PCI compliance. For those who are not aware PCI is a security standard for accepting credit cards.

According the website for PCI they state their mission as follows:

"The PCI Security Standards Council’s mission is to enhance payment account data security by driving education and awareness of the PCI Security Standards. The organization was founded by American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa, Inc."

Read more ...

| Security

Today's security topic is inspired by a recent exercise I went through - testing a server for PCI compliance. For those who are not aware PCI is a security standard for accepting credit cards.

According the website for PCI they state their mission as follows:

"The PCI Security Standards Council’s mission is to enhance payment account data security by driving education and awareness of the PCI Security Standards. The organization was founded by American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa, Inc."

Read more ...

| Development

Something I have run into frequently during module development is the need to allow multiple instances of that module on a single page. Joomla!, of course, handles 99% of the work involved, but there are a few tricky aspects to making this work. One is the need to eliminate styling conflicts, especially in themed modules. If you only use generic classes and then load multiple theme/color stylesheets, the end result can be unpredictable to say the least.

Read more ...

| Joomla

This tutorial will show you how to take an RSS feed and import it into your  Joomla site. Each item on the RSS feed will become a separate Joomla article. We use this technique for a couple purposes:

  • Distributing our content to other Joomla sites. For example, we use this technique to showing these tutorials on Alledia.com.
  • Importing blogs and news on a particular topic from other sites. This way people can read them all in one place.

We're going to use a component called 4RSS from 4RSS.com.

Installing and Configuring 4RSS

  • Go to the 4RSS page on the Joomla Extensions Directory and download the file.
  • You'll see a file on your desktop with a name very similar to com_4ss_1.3.06.zip
  • Go to the administrator area of your Joomla site, then Extensions >> Install / Uninstall.
  • Click "Browse" to locate the package file and then click "Upload File and Install".
  • Go to Components >> 4RSS
  • Click "New" in the top-right corner and you'll see a screen like the one below:

    rssimport

These are the settings you'll need to enter:

  • RSS Feed Title: This is just for your own use. It will never show on the front-end.
  • Feed Post URL: The address of the RSS feed you want to import.
  • Section / Category: Where the new articles will be created.
  • KeyWord: If you'd only like to import articles that mention a particular keyword, insert it here.
  • Frontpage: Do you want to publish these to the frontpage of your site?
  • Include link to original: Highly recommended to click "Yes" in nearly all circumstance. This will insert a link back to the article's original location with the text "read full article". You don't want search engines to get confused as to which page is the original.
  • Screen for Duplicates: Should 4RSS check to see whether any feeds have already been imported? Again, "Yes" is highly recommended.

Importing the RSS Feeds

Now that you're set up, there are two ways to import feeds:

  • Manually: In Components >> 4RSS, select the feeds you want to import and then click "Post" in the top-right corner.
  • Automatically: In Components >> 4RSS you can click the "4RSS CRON" tab. This is a little trickier and will depend on your server for the correct setup. Each hosting company will have a different place to setup cron jobs so you will need to check with them. The developer's support forum may be able to help. One common entry that may work is:

Php -q/home/......./public_html/administrator/com_4rss/cronjob_4rss/cronjob.php > /dev/null 2>&1

| WordPress

This tutorial will show you how to take an RSS feed and import it into your Wordpress site. Each item on the RSS feed will become a separate Wordpress post. We use this technique for a couple purposes:

  • Distributing our content to other Wordpress sites.
  • Importing blogs and news on a particular topic from other sites. This way people can read them all in one place.

We're going to use a plugin called FeedWordPress.

Installing and Configuring FeedWordPress

  • WP RSS ImportStep 1: Go to the FeedWordPress page on Wordpress.org and download the file.
  • Step 2: Extract the files into a folder on your desktop. The folder will be called, unsurprisingly "feedwordpress"
  • Step 3: Login to your site's files via FTP and navigate to /wp-content/plugins/.
  • Step 4: Upload the "feedwordpress" folder to  /wp-content/plugins/.
  • Step 5: Go to wp-admin >> Plugins and click "Activate" under "FeedWordPress".
  • Step 6: Once you've enabled it, you'll see a new tab on the sidebar called "Syndication". Click the first link called "Syndication". You'll see a screen like below:
  • Step 7: Enter your RSS feed into the box called "Add new source" and click "Syndicate"
  • Step 8: FeedWordPress will check the feed and if it's valid, you can click "Use this Feed" to import the posts.
WP RSS Import

Importing the RSS Feeds

Now that you're set up, there are two ways to import feeds:

  • Manually: If you'd like to manually import feeds, go the "Syndication" link, check the feeds and click "Update Checked".
  • Automatically: If you'd like to manually import feeds, go the "Feed and Updates" link and FeedWordPress will show you how to give you instructions to set-up a cron job.

| Drupal

This tutorial was requested by a student who is learning the Drupal basics. They turned on "Clean URLs" in the Drupal admin area and were surprised to see that the URLs remained largely unchanged:

  • Old: /?q=node/3
  • New: /node/3

The student's comment was:

"that's still a silly address for my About Us page. I want the address to be /about-us/."

We also tried to help them by turning on the Path module in the Drupal core. That allowed them to create URLs like /about-us/ however they still needed to think about it and ask their users to create a path every time. They wanted something that would create great URLs automatically.

The solution is the "Pathauto" module and let's show you how to set it up:

Installing Pathauto to Your Drupal Site

In fact, we're going to install two modules because Pathauto also requires the "Token" module.

  • Step 1: Go to Administer >> Site configuration >> Clean URLs to check that they are enabled.
  • Step 2: Click here to download the latest version of "Pathauto" and click here for "Token".
  • Step 3: Extract the files into a two folders on your desktop. One  folder will be called "pathauto" and the other "token".
  • Step 4: Login to your site's files via FTP and navigate to /sites/all/. If there isn't a folder called /modules/ here, create one.
  • Step 5: Upload the "sections" folder to /sites/all/modules/
  • Step 6: Go to Administer >> Site building >> Modules. You'll need to check four boxes:

    Enable Drupal Pathauto

  • Step 7: Go and create a new node. When you do, you should notice a new area labelled "URL path settings". If you leave "Automatic alias" checked, the address of the page will likely be your Page title in this format:
    /content/your-page-title/

    Enable Drupal Pathauto

Configuring Pathauto

The default Pathauto setting might not be to everyone's taste:

  • You may want to use underscores _ instead of dashes as this student did.
  • You may want to remove /content/ so that you really can have pages with the address /about-us/ rather than /content/about-us/
To change the settings, go to Administer >> Site building >> URL aliases >> Automated Alias Settings:

Drupal Pathauto Settings

| Joomla

It's no secret that Joomla's default editor lacks quite a few features. We often recommend that people upgrade to Joomla Content Editor (JCE). You can click here to find full instructions how to install JCE, including a video.

What we're going to cover in this tutorial are 5 really great features of JCE that people often don't realise are there:

1) Cut and Paste Images Into Different Folders

One common complaint about Joomla's default Media Manager is that you can't move images around. Once you've uploaded an image to one location, you'll need to delete it and re-upload it if you want it in a different folder. JCE allows you to do that:

  • Click on the "Image" button in the JCE editor:

    JCE Image Button

  • You'll see a pop-up screen with the title "Image Manager". Select an image and look on the right-hand side for the pair of scissors. Click this button:

    JCE Image Button

  • You can now browse to another folder and click the "Paste" button, also on the right-hand side:

    JCE Image Button

2) Upload Images in Bulk

A second complaint about the Media Manager is that images have to be uploaded one-by-one. JCE offers the ability to upload in bulk.

  • As in Part 1, click on the image button in the JCE Editor.
  • Click on the "upload" button on the middle-right of the screen:

    JCE Bulk Upload

  • Keep clicking "Add" to select more images from your desktop.
  • When you're ready, click "Upload" and all your images will be uploaded.

    JCE Bulk Upload

3) Link Directly to Any File in Your Media Manager

With the basic Joomla editor you're faced with difficult time linking to any documents that you've uploaded. A lot of people find this a problem because they need to allow their visitors to download PDF, Word and other files. With the basic editor you actually need to know the exact location of the file if you want link to it:

Joomla Basic Editor

With JCE, this process is much easier:

  • Select some text in your article. This is likely to be something such as "Click here to download the PDF". The click the link button in JCE:

    Joomla Basic Editor

  • You'll see a pop-up screen with the title "Advanced Link". In the top-right hand corner, you'll see a small button that will allow you to browse all the files inside the /images/stories/ folder:

    Joomla Basic Editor

  • Select the file you want to link to and then click "Insert". JCE will automatically generate a link to that file for you.

4) Different Editing Options for Different Users

The JCE Editor is a very powerful tool with a lot of options. In fact, it can sometimes have too many options. You can easily imagine some non-technical users getting a little intimidated for 4 rows of buttons like this:

JCE Layout Changes

JCE allows you to add or remove these features, depending on what your users need.

  • Go to Components >> JCE Administrator >> Groups.
  • Here you can create different groups and assign varied features to different users. We'll use the existing "Default" group as an example.
  • Click on "Default" and then the "Layout" tab at the top.
  • The top box called "Available Plugins / Buttons" is the list of disabled features. The bottom box called "Current Editor Layout" is the list of active features. You can drag and drop individual features or even entire rows of features between these two boxes:

    JCE Layout Changes

  • We use this to make article submission much easier for our guests. For example, on Alledia.com we give writers these options:

    JCE Layout Changes

  • If you have a user who is really clumsy, you might decide to restrict their options even more :)

    JCE Layout Changes

5) Restricting Users to their Own Upload Folders

An important security feature that many people need is the ability to restrict users to their own upload folder. They don't want John to be able to browse around the site and see all the documents that Jane has uploaded. They don't want one client being able to find files destined for another client. JCE can do that too.

  • Go to Components >> JCE Administrator >> Groups.
  • Again, click on the existing "Default" group as an example.
  • Click the "Editor Parameters" tab and scroll to the bottom where you'll see "File Directory Path".
  • In this field you'll be able to choose the settings for people's folders. Some instructions are available in the yellow pop-up box:

    JCE Layout Changes

  • The setting I often use is images/stories/$username This will automatically create a folder for each person based on their username and they'll only be able to upload to that folder.
  • Finally, this setting only works inside JCE so you 'll need to unpublish the normal Joomla image button. Go to Extensions >> Plugin Manager and disable the plugin called "Editor Button - Image".

We just had this wonderful email from one of our Joomla training clients. Paulo and his team came to the class knowing nothing about Joomla, but on a

"Just wanted to share our success. :)

Back in December 10,11 we (my coworkers and I) went to a Joomla Training and we had nothing. I think I even told you that we needed the website up by the end of January, and you're like... "that's gonna be hard". Well... it was, but we did it. :)

I'm still implementing more functionality to the site and giving more power to the editors, but we have the site up and running beautifully, with 277 articles, 25 sections, 88 categories, and around 40 editors. The church purchased CommunityACL and It really works well. Every user has access to only their areas and JCE lets them have access to only their folder in the server.

So, that's it... We did it.

Check out: http://www.fba.org

Thanks!

Paulo"

| Development

Long-time users of Joomla are quite familiar with content plugins. When you want to take some user-entered text and reformat it into something else, there’s nothing quite as handy as having a content plugin ready to do your bidding.

However, Joomla 1.5 brought some subtle behavior changes. In Joomla 1.0, content plugins act on both articles entered through the Article Manager, as well as HTML entered in user created modules. When a Joomla 1.0 content plugin is recoded for 1.5, the original effect still takes place on content items, but module output is left unchanged.

What happened? Content plugins in Joomla 1.5 are designed to only act on articles managed through the Article Manager. This will seem inconvenient to people used to the old behavior, but there is a good reason for this change. While many content plugins reformat user-entered HTML, others add markup near the article title or just after an article is output. Also, some content plugins are designed to do additional tasks when articles are saved. These actions do not make sense within the context of a module, so content plugins no longer run on them.

While this good in that it enforces consistency, it also poses a problem. Now that content plugins only work on articles, how do you reformat markup coming from modules? Fortunately, there are a couple of workarounds in Joomla 1.5 achieving similar (if not better) results.

Read more ...

| Drupal

This tutorial was written after a request in one of this week's Drupal classes: "How do I show different Drupal themes on different pages?". The answer is a module called "Sections":

Installing Sections to Your Drupal Site

  • Step 1: Click here to download the latest version of "Sections".
  • Step 2: Extract the files into a folder on your desktop. The folder will be called "sections".
  • Step 3: Login to your site's files via FTP and navigate to /sites/all/. If there isn't a folder called /modules/ here, create one.
  • Step 4: Upload the "sections" folder to /sites/all/modules/
  • Step 5: Go to Administer >> Site building >> Modules. Check the box next to "Sections" and click Save Configuration.

Showing Different Drupal Themes on Different Pages

Now that Sections is set up, we'll be able to use it to place different themes on different pages:

  • Step 6: Go to Administer >> Site building >> Themes. Make sure that all the themes you want to use are enabled.
  • Step 7: Go to Administer >> Site building >> Sections and click "Add Sections".
  • Step 8: Give the section a name, click "enabled" and choose the theme you want to use.
  • Step 9: At the bottom of the page you'll see an area called "Page specific visibility settings". This is the same option you have with Blocks. Enter the pages you'd like this theme to appear on, click save and you're done!

| Security

"Congressional Web Site Defacements Follow the State of the Union"
- Praetorian Prefect

An interesting problem that we as the US have is our denial of Cyberwar. While this post isn't exactly about that, it's close. Last Wednesday night during or after the President's State of the Union Address, several congressional websites were hacked by Red Eye Crew. Why is this of interest? According to Praetorian Prefect, they were all running Joomla!

Read more ...

| Development

Because of it ubiquitous nature, automatic emailing is something that many clients expect. People want to be notified immediately of changes on their sites -- when a new article has been submitted, or a blog comment has been posted. Joomla! already provides some of this functionality out of the box by notifying administrators when a user has registered on their site. You, however, may find yourself needing to implement emailing in your own components. As you may have already guessed, Joomla! provides a very helpful class for this: JMail.

Read more ...

| Development

If you've worked with any kind of database-driven web application, you know that HTML forms are the foundation of the user's interaction with the database. Applications use forms to take input from the user and store it or use it to manipulate existing data. Unfortunately, HTML forms can potentially be quite tedious to write. In this article, we will look at a handful of helpful functions that Joomla! provides to save you time preparing your forms.

Read more ...

| Joomla

Would you like to be able to update your Joomla site and automatically send that update to Twitter, Facebook, Linkedin, MySpace, Ning and dozens of other sites?

This tutorial will show you how.

Our first part will be to create an RSS feed to export all our new posts. From there we'll use Twitterfeed.com and Ping.fm to distribute the posts to all our social networks.

Creating an RSS Feed

First we'll use Ninja RSS Syndicator to create our RSS feed. (it has the unusual name because it's developed by a company based in Japan).

  • Step 1: Go to Joomla.org and download Ninja RSS.
  • Step 2: Download Ninja RSS onto your desktop, and you'll see a file called ninjarss_unzipme.zip. Extract that package and you should see a new folder with a component and module inside.
  • Step 3: Go to Administrator >> Extensions >> Install / Uninstall and upload com_ninjarss.zip.
  • Step 4: Go to Components >> Ninja RSS Syndicator >> Feeds and click "New".
  • Step 5: If you want to produce a feed of your whole site, simply enter a title and click save. Otherwise, scroll down and fill in the information requested. Most importantly, you can choose to hide certain sections, categories or articles:

    hidesections

  • Step 6: Save the feed, and you should see a screen like this:

    feed url

  • Step 7: Copy the entry in "Feed URL" and save it into a text editor. This will be the feed that is sent to Twitter and Facebook.

Sending your Feed to Twitter and Facebook

  • Step 8: We're going to use a service called Twitterfeed to send our news automatically to both Twitter and Facebook. The first step is to visit Twitterfeed.com and register.
  • Step 9: Login to Twitterfeed and click "Create New Feed".
  • Step 10: You'll see a box like the one below. Enter the title, and then paste the RSS feed from Step 6:
  • feed url

  • Step 11: Click "test rss feed" to make sure everything is OK. If it is, click "Continue to Step 2".
  • Step 12: This next part allows you to send your feed to Twitter and Facebook amongst other options:

    feed url

  • Step 13: Twitter and Facebook will allow you to authenticate your accounts and link them to Twitterfeed directly from this page. You can also add "UTM" tags which are designed for Google Analytics. They will show in your analytics results, so you can see how much traffic has been sent from Twitter or Facebook. (Click here for instructions on using Google Analytics with Joomla).

    feed url

  • Step 14: The final step is a really powerful feature here that many people overlook ... Ping.fm. If you create an account and authenticate it here with Twitterfeed, you can then pass on your updates to Linkedin.com, MySpace.com, Ning.com and dozens of others. There is a full list available here.

| Security

Happy New Year - How's your patches?

It's about the middle of January of 2010 and in the news, Google was hacked by unknown's from China and Google is considering a few options, including a complete pull out of China. A large search engine in China (not Google) was defaced by the Iranian cyber thugs, Adobe was appartently targeted in the same attack as Google. And in other news the new BREECH report came out from the ITRC showing that overall while breeches were lower than the year before, the number of exposed records was higher. And as I write this article, this just came across my desk:

"Hackers have stolen the login credentials for more than 8,300 customers of New York's Suffolk County National Bank after breaching its security and accessing a server that hosted its online banking system. "
source: http://www.theregister.co.uk/2010/01/12/bank_server_breached/

What does this have to do with your Joomla site? Everything. Today I am discussing patching and patch management with you. For the purpose of this article I am going to refer to my personal favorite work on patching from ProjectQuant - Measuring and Optimizing Patch Management: an Open Model. A must read in my opinion.

Read more ...

| Drupal
One of things we often do for our training clients is simplify the admin area for them. There is a module that allows users to manage their site via a clean, dropdown menu. It has proven so popular that companies such as Acquia provide it by default to all their customers:
Here's how to install it:
  • Step 1: Click here to download the latest version of "Admin Menu". Choose the top link under "Recommended releases".
  • Step 2: Extract the files into a folder on your desktop. The folder will be called "admin_menu"
  • Step 3: Login to your site's files via FTP and navigate to /sites/default/. If there isn't a folder called /modules/ here, create one.
  • Step 4: Upload the "admin_menu" folder to /sites/default/modules/
  • Step 5: Go to Administer >> Modules >> Administration menu and check the box.  
  • Step 6: Click 'Save Configuration" at the very bottom of the screen.
  • Step 7: Go to Administer >> Site configuration >> Administration menu and there are some settings you can edit.

Once you've followed those seven steps, your dropdown menu should appear at the top of the page.

Drupal Admin Menu

Join today and get access to 1,000's of books and videos. Learn WordPress, Drupal, Magento, Joomla and more! Sign up today!