 | News Feed |
Sections
|
| feed this: |  |
Ken Guests' Blog: Is PHP vulnerable software?
by Chris Cornutt August 27, 2008 @ 10:28:40
In response to some of the claims made by CNet about the security of PHP, Ken Guest has made a few comments on his blog hoping to correct a few wrongs.
What are featuring in IBM's top ten of vulnerable that makes the report insinuate that the PHP language is a security risk are Jooma, Wordpress and Drupal. How PHP would feature in a list of "vendors" is beside the point.
He illustrates with an allegory that it's not the tool's fault if it's used improperly. Pointing out software like WordPress and Drupal is not the same as pointing out issues with the language that powers them (no matter how trendy it is). The burden is on the developers to use the power the language offers to create more secure, flexible, stable applications. Does PHP have its share of problems? Sure, but get it right next time CNet - don't blame the tool if the builder's not up to spec.
voice your opinion now!
vulnerable software ibm cnet article wordpress drupal
Ivo Jansch's Blog: Apple, Microsoft and PHP are vulnerable
by Chris Cornutt August 26, 2008 @ 08:47:28
Ivo Jansch mentions an interesting comparison that CNet made on security and levels of vulnerability in a new blog post today. Their article mentions PHP right along side Apple and Microsoft in their list of "most vulnerable software".
This article once again demonstrates the cluelessness that some people have regarding what PHP is. First of all, PHP is not a vendor, so "Apple, Microsoft & PHP" does not make much sense. Furthermore, the only reason PHP even is mentioned in this context is that Joomla, Drupal and Wordpress appear in the list. So PHP, a programming language, gets blamed for the security flaws that are in these packages.
By their logic (applications written in a language on the list means the language is more insecure), they should have marked C as a more insecure language given the ratio of PHP to C software.
voice your opinion now!
apple microsoft vulnerable wordpress drupal joomla invalid conclusion
Developer Tutorials: Drupal CMS e-Commerce Module Basics
by Chris Cornutt August 21, 2008 @ 10:21:04
On the Developer Tutorials site today, there's a new look at working with the Drupal e-Commerce module in your Drupal installation.
What if you [also] want to support collaborative editing of content, community forums, and other capabilities that could help increase traffic to your site, but are usually only found in content management systems (CMSs)? Is it possible to combine the best of both worlds - shopping carts and CMSs? Fortunately, the answer is yes, if you choose a world-class CMS such as Drupal as a foundation for your site.
They walk you through how to get the module installed, how to configure it to match with your site's layout and flow and how to hook the purchase process into PayPal to make purchasing a few simple user clicks away.
voice your opinion now!
drupal tutorial ecommerce module basic introduction
PHPClasses.org: Book Review Drupal Creating Blogs, Forums, Portals and Community Websites
by Chris Cornutt July 14, 2008 @ 12:51:58
The PHPClasses.org website has posted a new book review about the Packt Publishing offering "Drupal: Creating Blogs, Forums, Portals and Community Websites" (book by David Mercer, review by Zoltan Hunt).
This Packt book takes the reader through installing the Drupal software, configuring and theming, adding content and deploying a Web site. It is aimed at the end user who is looking to setup and customize Drupal's themes, but not actually write their own modules, which would be a topic for book on its own.
The review talks about some of the origins of the content management system, the contents of the book (use cases, introductions to the functionality, etc) and how to manage your site.
voice your opinion now!
drupal book review davidmercer blog forum portal community website
Developer Tutorials: Creating an Online Newsletter with Drupal
by Chris Cornutt July 14, 2008 @ 12:02:55
On the Developer Tutorials site today, there's a new article post from Michael Ross walking you through the installation and creation of an online newsletter with the Drupal content management system.
There is a much better approach [than mass emails], and that is the use of a Web site that houses the newsletter and also limits reader access to paying subscribers. The ideal tool for creating such a site, is a content management system (CMS), such as Drupal, which is what we will be using in this tutorial. Specifically, we will explore how to use a forum for organizing the newsletter contents and allowing subscriber feedback, and also how to use a Drupal module for controlling subscriber access.
There's not really much in the way of actually installation help (that's what Drupal's documentation is for anyway), but he does talk about how it's initially set up, the subscription method and how to add an access-protected forum to the site to hold the newsletter information.
voice your opinion now!
online newsletter drupal tutorial developer
Paranoid Engineering Blog: CMS Battle Drupal va Joomla va Custom Programming
by Chris Cornutt July 03, 2008 @ 12:50:06
On the Paranoid Engineering blog, there's a recent post with a "CMS battle" of sorts between two of the more popular PHP-based content management systems out there - Drupal and Joomla.
It's hard to choose which one to use without trying them out. As usually, there are more options - home grown custom programming or even building your own CMS (which I was once stupid enough to do). Programming from scratch is always fun and beneficial for your skills, however, if you need things up and running in no time or you don't do (or don't want to do) any programming, using a CMS is the way to go.
His vote is for Drupal but he's included a long list of specs comparing the features of both so you can decide for yourself on which is the better fit.
voice your opinion now!
battle content management system cms drupal joomla compare
Larry Garfield's Blog: Drupal 7 gets introspective code registry
by Chris Cornutt May 08, 2008 @ 12:53:14
Larry Garfield talks about a new feature of Drupal 7 in a new post to his blog - the new introspective code registry that's been introduced in this latest version.
As a GHOP Task , Cornil did a performance analysis of Drupal and found its two largest performance drains were the bootstrap process and the theming layer. Quite simply, Drupal spends too much time including code. [...] Fortunately, Drupal 7's self-learning code registry system has just landed, which should obliterate most of the wasted bootstrap cost.
Larry describes the "heart of it all", the token_get_all call, that parses through an entire PHP file, splitting out things like classes included and functions called. This is passed through a function_exists call to the current script and, if it's already there, the file isn't included repetitively.
voice your opinion now!
drupal cms code registry tokengetall system functionexists
|
Community Events
Don't see your event here? Let us know!
|