On the Joomla community site there's a recent post made of a video from the Joomla Day conference in Australia about creating a Joomla template from scratch. The presenter is Norm Douglas.

Norm Douglas recently presented about how to create a Joomla template from scratch at the Joomla Day in Melbourne, Australia, on 13 February 2010. This is a very informative 77 minute presentation and also covers using the Firebug Firefox addon, code editors and much more.

He covers some simple tools you get you started, the basics of HTML to create a sample layout and looks at CSS definitions that can make the layout look a bit better. Firebug (the plugin for Firefox) helps make locating the different parts of the page easier with a highlighting feature.

From CMStr.com there's a new tutorial showing you how to set up Joomla manually just in case something happens with the install and you need to change things yourself.

Why would I want to do a manual install when my web host has this Fantastico thingy that will install Joomla for me? Good question. [...] If you are building websites for a living, and or plan on using Joomla a lot, then you really need to start doing your own installs. [...] If you are an experienced parachute jumper, you would pack your own chute right? This is no different.

Screenshots are included to help make the process easier as they walk you through setting up the basics like language settings and database information. They also touch on the FTP setting (off for security) and removing the admin user's information to help make things a bit more secure. It's not a comprehensive list of the things you'd need to do to get it 100% configured for just what you need, but it's a start.

A fun bit of trivia for the Joomla users out there from Brian Teeman's blog today - why the default user ID is 62 and how it could effect your site's security.

Andrew attempted to give the most complete answer but the truth is the answer is lost in the dim and distant past. There is nothing you can do about it. On every install a superadmin user is created with username "admin" and userid "62".

Since this is a common "feature" of the older Joomla installs, it could potentially be used in a sort of attack on the site. Fortunately, as of the Joomla 1.6 release, the installation allows you to select a username of your own (while still suggesting "admin") with a new change to the user's ID - 42 instead of 61.

Don Raman has a new post to his IIS blog today with a quick bit of information that Joomla users could use to get better performance with WinCache, integrated directly into the CMS's caching system.

Now that we have WINCACHE 1.1 Beta released which has got implementation for both user and session cache, one can easily take advantage of WINCACHE user cache and increase performance of Joomla. In this post I am going to tell you steps to use WINCACHE user cache with Joomla.

There's a class you'll need to copy and paste to create a new Joomla caching component, but after that it's as easy as having the WinCache tool installed and changing your configuration options to use the new wincache connector class for the CMS's caching.

Here's a direct link to grab this latest version of WinCache since it only works with version 1.1.0 and higher - WinCache.zip.

From the Joomla blog today there's a new post looking at a few things that you can do to help speed up your site's Joomla installation - simple things that can make a lot of difference.

I'm going to outline some basic rudimentary steps that you can take to optimize your sites performance, and I'd like to hear any other suggestions that you may have ... here's the kicker though, steps users can take WITHOUT making addons to Joomla [...] I also think the majority of Joomla users are running Joomla in a shared hosting environment, so talking about too many server side optimisations could also overwhelm them with steps they are unable to take anyway.

Their suggestions involve enabling caching, keeping up with the latest version, checking on the PHP versions your hosting company is running (or you are) and optimizing some of the contents of the site like images, javascript or CSS. Check out the comments for other suggestions from other Joomla users.

New from OurBlogLog.com there's a new post that compares Joomla and Drupal based on their features, ease of use and extensibility.

I've had more than a few conversations recently about which CMS is better. From the Joomla camp I hear, "Joomla is easier. Joomla has a great user interface." From its competitor I hear, "Drupal is more flexible and it has tagging." It's the Pepsi versus Coke debate for open source CMSes.

For the two CMSes there's a list of the good and bad things about each - good on Joomla's side was the easy deployment and versioning of content, good for Drupal was its flexibility and the high profile sites that use it. On the bad side, Joomla has a limitation for one-site-one-install and limited permissions handling. Overall, though, the author found that they both had their strengths and weaknesses and that, if you're shopping around for a CMS, find what fits best for you and your organization.

Instead of comparing the software itself, the GnomeOnTheRun.com blog takes a look at the project homepages of three major PHP CMS/blogging tools - Joomla!, Drupal and WordPress - to see when they might tell us about the project itself. (Some of the homepages are actually built using the software too).

I found some interesting things that might shed some light onto the different projects. This is all based on January 11th, and 28th homepages, so by the time you read this a lot may have changed. Rather than go into great detail, I'll provide short lists of interesting things I noticed.

He looks at three different sides of the sites - how the markup is structured and if they conformed to an HTML standard, the overall performance of the sites and the actual content of the site (how useful it is, the organization, etc). You'll have to read the post to see what his conclusions were, though.

Joomla users may or may not know about this list of extensions on the Joomla Docs that have been marked as vulnerable to various kinds of attack. Before you install an extension, you might want to check the list to ensure you're not exposing your site to a malicious attacker.

Please check with the extension publisher in case of any questions over the security of their product. Report Vulnerable extensions either in the jforum:432 security topic or the extensions topic clearly marked with the first word in the title being Vulnerable where the security moderators or JSST team will respond. This list is change protected, for updates or editing requests Mandville or lafrance.

Each of the issues includes the extension name, a summary of what the issue is, when the vulnerability was published, a possible severity level and a link to more information about the problem. Some extensions listed also include a link to an updated version that corrects the issue.

On the WhyJoomla.com site today Qasim Virjee has a quick tutorial showing how to add in a module to your Joomla site that talks to the Tweetmeme website with just a small bit of code.

When you take a peek at the tweetmeme page containing the necessary embed code it may not be too easy to tell how to use it with your Joomla site - and though there's a couple of plugins/extension floating around Joomla, it may not offer the flexibility you require for clean theming/templating. However, there's an easy way to go about embedding this and all it takes is a small modification of the de facto embed code.

It really just boils down to about five lines of Javascript that can be customized to pull just the information you want (like article templates or article lists). Then it's just a simple matter of dropping it into your template and adding it to the site.

In a recent post to his blog Brian Teeman asks the question of Joomla users and developers - "can you trust your Joomla extensions?"

Sadly in the last 6 months there have been two published circumstances where an extension provider has been hacked and malicious code inserted into the extensions that they offer. This meant that as soon as you installed the extension your site was vulnerable to defacement etc. If there have been two published cases perhaps there have been more that we don't know about. So is there anything we can do to prevent this?

There is a sort of checking system in place with the md5sum matching but it's not widely supported currently. Sites like the Joomla Extension Directory would be prime candidates for sharing this sort of information to help protect those with Joomla installs all across the web.

Brian also suggests a way to make it even more seamless - integrate the md5sum checking into the Joomla code itself to make it even simpler for users to verify they they've gotten the write package from the right source (with the right code inside).