All RPGs and Storygames by Tod Foley are now available at DrivethruRPG. Bring these games to your table!
Version 1.9.0 of DDEV-local introduced the ability to share your local project online via a temporary, public URL using ngrok.
This allows you the ability to quickly and securely provide access to your local site to other developers and stakeholders as well as an easy way to test your local site on other devices.
ngrok is a service that exposes local servers behind NATs and firewalls via public URLs over secure tunnels. Once the small ngrok client is installed on your local machine, the ddev share command will enable the sharing and provide you with a public URL for your local site.
While there are paid tiers for the ngrok service, a free tier is provided with reasonable limits on usage. See the ngrok web site for details. In the first example, we'll utilize the free, anonymous tier.
The free, anonymous tier does not encrypt your data between your local and the ngrok servers, even though an https connection is provided from the ngrok servers to connected clients. Therefore, it is strongly suggested that once you get the free, anonymous tier working, create a free account and authenticate your local ngrok client to ensure your data is encrypted the entire trip.
Note that this is a one-time setup for your machine, and does not have to be repeated for each of your DDEV-Local projects.
Step 1: Install the ngrok client
Download and install the client specific to your OS from https://ngrok.com/download. While there are instructions to download and install ngrok on various operating systems, I found that using Homebrew (Mac OS X and Linux) was easiest:
brew cask install ngrok
If you're using Windows 10 and Chocolately, then I recommend installing with:
choco install ngrokStep 2: Sharing your local site
Run the following:
If successful, this command will return some information about the share, including public URLs with which you can access the site.
As requests are made to the site, the screen will update detailing each request.
Note that in the screenshot above, that the "https://94d5c548.ngrok.io" public URL is forwarding the insecure "http://127.0.0.1:32786". If we were to set up a ngrok account and authenticate our local ngrok client, it would be forwarding "https://127.0.0.1:32786" instead.
Use Crtl-C to stop the sharing.Additional ngrok features and functionality
Secure your data by signing up for a free ngrok account and then authenticating your local ngrok client with your account credentials using the command provided by the ngrok web site:
Once your local ngrok client is authenticated, the next time you do a ddev share, you'll be able to see that your connection uses https from end-to-end.
While the free ngrok plan is normally sufficient for smaller projects, paid ngrok plans include multiple users, custom domains and subdomains, additional connections, static IP addresses, and other features.
This tutorial is an excerpt from version 3 of Michael Anello's Local Development with DDEV Explained book - coming soon! Version 3 will include everything new to DDEV-Local through version 1.9.1. Pick up an electronic copy of Version 2 for less than $10 and you'll automatically get free access to Version 3.
Here's a recap of Acquia's webinar on content as a service held on June 27. Give it a read if you weren't able to attend it or just need a refresher.READ MORE
The next part will be some general tips and tricks about CSS/JS and then we will release a full blown article containing all parts. so lets cut the intro and get right into it.Faster Drupal - Part 3: Drupal Theming
Automate optimizing of CSS, JS & Images. The thing is, it really depends on the node packages that you use on your theme level and how you can take advantage of it, for instance, there are many (I MEAN MANY WITH ALL CAPS) packages that can help you achieve that using a build system such as gulp, grunt or the new favorite webpack.
Avoid using unnecessary bootstrap packages as much as possible. Usually, Starterkit themes load bootstrap packages one by one, why not remove the ones you don’t need? WHY? JUST TELL ME WHY?
Is your theme using fontAwesome or any other kind of font out of box? But you are using SVG icons from your design file! Well… why not just remove the built-in icon font from your theme then?
Fonts are nice, And it seems our designers usually like to use 12 billions of them in a single page, but you should never listen to your designer (Or should you?) Always remember to load fewer fonts and fewer font weights as much as possible.
While we are on the fonts topic:
Control font performance with font-display - Resource
Are you the type that invents the wheel each time yourself? Then don’t use a base theme that comes with a lot of good stuff! we usually don't use half of those goodies. Create a new base theme off of Drupal core's "stable" theme and go with the bare minimum. Or use a proper Starterkit, strip off the unnecessary parts, get your own Starterkit and get rid of all the Drupal themes excessive wrappers and classes.
On this note, it’s a good practice to get your DOM size less than 1500 nodes (recommended from Google Page Speed)
For Drupal 7 also maybe just consider Fences module if nothing else works for you
Reduce the scope and complexity of style calculations
Prioritizing Your Resources with link rel='preload' and yes you can use <link> for scripts as well - Resource
When we were kids (Back in Windows XP era) you’d read everywhere that do not use inline styles for your HTML files, but now you should use inline-styling to avoid render blocking CSS files. All the CSS Styles loaded from external files is considered render blocking. Why You asked?critical is a wrapper for penthouse with the main advantage that it delivers critical css for several breakpoints in one file.
In order for the browser to display your web page and use the styles you specified in the external CSS files, it has to load them first. This means that your web page won't be displayed until these files are loaded. In order to speed up the loading of your website, you can inline the parts from the external CSS files which are needed to render the above the fold content. After loading the page you can instruct the browser to load the rest of the CSS files via JS - There are many tools that you can use to achieve this but this one explains good enough and works: https://www.sitelocity.com/critical-path-css-generator
Also, check penthouse as well, Can be set up easily as a task runner task!
https://www.npmjs.com/package/penthouse - includes CSS for critical path above the fold in the HTML head.
By the way, there’s a Drupal module for that (but we didn’t test it, do so at your own risk)
Our very own Sven played around with both penthouse and critical and let me just quote him in our slack chat here:
Note: To generate critical css, `link_css` module must be enabled, and you can not be using deter css loading in AdvAgg, otherwise you get an empty file. (Needs testing)
Critical_css module on Drupal
Now that you have the critical CSS, the proper tool to load the rest of your CSS: https://github.com/filamentgroup/loadCSS
Remove unused CSS, there are tools inside the IDEs that can help you with that, you should search this part yourself since it depends on your weapon of choice for coding, also there are node packages that you can set up but I’d still go with the IDE approach and do it manually, just to be safe.
Use video tag instead of gif images (Yup, it loads faster)
Avoid using document.write, specifically for scripts injection - Resource
Images must not be delivered larger than they are actually displayed to avoid loading unnecessary data. Resizing images on the browser side to reduce their rendering size is not recommended.
Written by Sohail Lajevardi
Developer at Ramsalt Lab
Valuable, easy to navigate, useful and (most of all) usable content. This is the criterion that we use for selecting our favorite Drupal blog posts in a month.
And this is precisely what all the pieces of content that we're about to highlight in this post here have in common.
- inspiring lessons learned while working on a specific Drupal project
- to actionable insights and valuable advice on how to keep up with Drupal's own advancement
- to highlighted modules, that make the perfect fit for particular types of projects and challenges
… each one of these blog posts provided us with content with... an impact.
But let's just get started: here are the 5 Drupal-related blog posts that won the “popularity contest” in our team this month:
Just imagine: you update content on one of your Drupal websites and content across your whole network gets automatically synchronized! That's Drupal on Blockchain in just a few words...
Say you manage a national library's infrastructure of Drupal websites. One for each one of its local branches.
Now, here's how moving all the user data stored in there from your centralized database onto a decentralized blockchain system would benefit you:
For this week's interview, we spoke with Cindy McCourt, consultant at IDCM Innovations, Drupal trainer, and author and co-author of several books ranging from Drupal to fantasy fiction. Give it a read to see what drew her to Drupal and why she thinks it'll continue to be a great solution to site builders' and developers' needs.READ MORE
This week, Acquia announced the opening of its new office in Pune, India, which extends our presence in the Asia Pacific region. In addition to Pune, we already have offices in Australia and Japan.
I've made several trips to India in recent years, and have experienced not only Drupal's fast growth, but also the contagious excitement and passion for Drupal from the people I've met there.
While I wasn't able to personally attend the opening of our new office, I'm looking forward to visiting the Pune office soon.
For now, here are a few pictures from our grand opening celebration:
We announced on April 30, 2019 that Heather Rocker has been selected as the next Drupal Association Executive Director.
Heather Rocker joins the Drupal Association with a strong history of leadership in technology and the nonprofit world. She was the first executive director of the Women in Technology Foundation, as well as the CEO of Girls Incorporated of Greater Atlanta. Most recently she acted as the Managing Principal of Systems Evolution, Inc. in Atlanta, Georgia. She also serves as Immediate Past-President of the Board of Directors of Georgia FIRST Robotics.GitLab phase 1 Completed!
For the past 18 months, interoperability between the current Git infrastructure and migration to GitLab was a much larger effort than expected. With several challenges: optimization of project syncing, disaster recovery, replication, high availability, and phasing out our old Git servers, to name a few. Each member of the Engineering Team has put a lot of time and effort in testing and addressing these challenges. We thank GitLab, The Drupal Association Engineering Team, and Partners for helping us achieve this launch date.
I hope you are excited as we are in achieving this milestone.
The goals of phase 1 were to:
● Transparently replace Drupal’s current underlying Git infrastructure (as part of this migration git.drupal.org’s SSH host key will change) for: repository hosting, maintainer permissions, code viewing with GitLab repositories, GitLab roles and permissions for maintainers, and the GitLab code viewing UI.
● Enable inline code editing for project maintainers.
● To unblock allowing pull requests, inline code editing for all contributors, and more in phase 2.
Read more about the Drupal Association partnership with GitLab at: https://www.drupal.org/drupalorg/blog/developer-tools-initiative-part-5-gitlab-partnership
Please feel free to review our FAQs about GitLab at: https://www.drupal.org/drupalorg/docs/gitlab-integration/gitlab-frequently-asked-questionsBeginning of Gitlab Phase 2
This phase is focused on: enabling merge requests, inline code editing, and web-based code review. Phase 2 will enable benefits to developer velocity and collaboration:
● By adding merge requests, contributing to Drupal will become much more familiar to the broad audience of open source contributors who've learned their skills in the post-patch era.
● By adding inline editing and web-based code review, it will be much easier to make quick contributions. This not only lowers the barrier to contribution for people new to our community, it also saves significant effort for our existing community members, as they'll no longer need to clone work locally and generate patches.
● Finally, by creating a tight integration between the Drupal.org issue queues and GitLab's development tools, we'll be able to transition to this new toolset without disrupting the community's existing way of collaborating.
The Engineering team and our partners are currently evaluating the timeline for Phase 2 and will update our issue tracker once it’s established.Drupal Steward Program
The program will focus on protection that closes the gap between security releases and site updates. The Security Team and the Drupal Association have been developing this program for over a year.
The goals are:
● Provide a new service to the Drupal community, from small site owners to enterprise-scale end users, to protect their sites in the gap from security release to the time it takes them to patch.
● Create a new model for sustainability for the Security Team, generating funding that 1) covers the operating costs of the program 2) can support security team operations and 3) can support additional Drupal Association programs.
Drupal Steward will offer sites a form of mitigation through the implementation of web application firewall rules to prevent mass exploitation of some highly critical vulnerabilities (not all highly critical vulnerabilities can be protected in this fashion, but a good many can be—this method would have worked for SA-CORE-2018-002 for example).
It will come in three versions:
● Community version - for small sites, low-budget organizations, and nonprofits, we will offer a community tier, sold directly by the DA. This will be effectively at cost.
● Self-hosted version - for sites that are too large for the community tier but not hosted by our vendor partners.
● Partner version - For sites that are hosted on vetted Drupal platform providers, who have demonstrated a commitment of contribution to the project in general and the Security Team in particular, protection will be available directly through these partners.
We will announce more details of the program over the coming weeks and months as we get it up and running.
If you are a hosting company and are interested in providing this service to your customers, please reach out to us at firstname.lastname@example.org.
Updates to Drupal.org metrics and visualizations
Please visit our new graphical display of project usage information at: https://www.drupal.org/project/usage/drupal. The usage graph now displays a stacked chart by version. In the long term, we have plans to revise how our usage data is tabulated to provide more accurate and useful data.Changes in credit attribution
We have made available by default giving commenters credit attribution as we believe comments are an important part of the development process. Although we deployed this successfully, we had to roll this back so we can refine our guidelines a bit. For now this issue is in backlog and expect to have our guidelines by the end of the year.Introducing Community Group Sections in the Community Portal
/Community has been expanded to include more targeted sections upon landing at the /Community page. We’ve defined these sections in groups. We also have a framework that will enable these groups to tell us:
- Who they are
- What they do
- How they work
- Their latest updates
- How you can get involved
Some of the early adopters that are now posted are:
Each section will have “standard” home page content, detailing the info above, as many content pages as the group can muster, and a blog that will go on to Drupal Planet.Drupal 7 Extended Support - request for partners
With the upcoming release of Drupal 9 in June 2020, it's time to start thinking about migration. Drupal 7 will be supported through November 2021, but after that any end-users who haven't yet updated will want to partner with a Drupal 7 Extended Support vendor.
The Drupal Security Working Group is accepting applications for vendors who want to be part of the extended support program.A renewed push on the Composer Initiative
At DrupalCon Seattle there was also renewed interest in the Composer Initiative—this initiative seeks to rationalize the way that Composer is used in Core, to make it easier to manage sites using Composer, and also to make it easier for sites set up using a non-Composer method to be converted to using Composer, something increasingly important as contributed modules add Composer dependencies.
As always, we’d like to say thanks to all the volunteers who work with us, and to the Drupal Association Supporters, who make it possible for us to work on these projects. In particular, we want to thank:
- Srijan - Renewing Signature Supporting Partner
- FFW - Renewing Signature Supporting Partner
- Sixeleven - Renewing Signature Supporting Partner
- Acquia - Renewing Signature Hosting Supporter
- Nexcess.net - *NEW* Signature Hosting Supporter
- Specbee - *NEW* Premium Supporting Partner
- EPAM - Renewing Premium Supporting Partner
- Elevated Third - Renewing Premium Supporting Partner
- publicplan - Renewing Premium Supporting Partner
- CI&T - Renewing Premium Supporting Partner
- Capgemini - Renewing Premium Supporting Partner
- Zoocha - Renewing Premium Supporting Partner
- 1XInternet - Renewing Premium Supporting Partner
- Message Agency - Renewing Premium Supporting Partner
- Lullabot - Renewing Premium Supporting Partner
- Aten - Renewing Premium Supporting Partner
- Contegix - Renewing Premium Hosting Supporter
- Platform.sh - Renewing Premium Hosting Supporter
- Contegix - Renewing Premium Hosting Supporter
- KWALL - Renewing Classic Supporting Partner
- ANNAI - Renewing Classic Supporting Partner
- Softescu - Renewing Classic Supporting Partner
- SymSoft - Renewing Classic Supporting Partner
- Vardot - Renewing Classic Supporting Partner
- Forum One - Renewing Classic Supporting Partner
- Berger Schmidt - Renewing Classic Supporting Partner
- Catalyst IT - Renewing Classic Supporting Partner
- Old Moon Digital - *NEW* Classic Supporting Partner
- AddWeb Solution - *NEW* Classic Supporting Partner
- Urban Insight - *NEW* Classic Supporting Partner
- Asentech - *NEW* Classic Supporting Partner
- One Shoe - Renewing Classic Supporting Partner
- Hook 42 - *NEW* Classic Supporting Partner
- Electric Citizen - Renewing Classic Supporting Partner
- Beaconfire RED - Renewing Classic Supporting Partner
- University Of Virginia - *NEW* Classic Supporting Partner
- Bear Group - *NEW* Classic Supporting Partner
- Dropsolid - *NEW* Classic Supporting Partner
- ezCompany - *NEW* Classic Supporting Partner
- Spry Digital - Renewing Classic Supporting Partner
- Perpetuum - *NEW* Classic Supporting Partner
- Factorial - Renewing Classic Supporting Partner
- Acro Media - Renewing Classic Supporting Partner
- Third & Grove - Renewing Classic Supporting Partner
- Digital Circus - Renewing Classic Supporting Partner
- Bounteous - Renewing Classic Supporting Partner
- Cybage - Renewing Classic Supporting Partner
- QED42 - Renewing Classic Supporting Partner
- Digitalist Group - *NEW* Classic Supporting Partner
- Red Crackle - *NEW* Classic Supporting Partner
- SeeD - Renewing Classic Supporting Partner
- Last Call - Renewing Classic Supporting Partner
- CivicActions - Renewing Classic Supporting Partner
- Morpht - Renewing Classic Supporting Partner
- Tata Consultancy Services - Renewing Classic Supporting Partner
- Wunder - Renewing Classic Supporting Partner
- Promet Source - Renewing Classic Supporting Partner
- Unleashed Technologies - Renewing Classic Supporting Partner
- Digital Echidna - Renewing Classic Supporting Partner
- Evolving Web - Renewing Classic Supporting Partner
- Adapt - Renewing Classic Supporting Partner
- Microserve - Renewing Classic Supporting Partner
- ImageX - Renewing Classic Supporting Partner
- Therefore - Renewing Classic Supporting Partner
- Sevaa Group - Renewing Classic Hosting Supporter
- DRUD - Renewing Classic Hosting Supporter
- Smartling - Renewing Classic Technology Supporter
If you would like to support our work as an individual, consider becoming a member of the Drupal Association.
Since 2014, I've been working for Acquia, doing some fun work with a great team in Professional Services. I started out managing some huge Drupal site builds for Acquia clients, and ended up devoting all my time for the past couple years to some major infrastructure projects, diving deeper into operations work, Ansible, AWS, Docker, and Kubernetes in production.
In that same time period, I began work on my second book, Ansible for Kubernetes, but have not had the dedicated time to get too deep into writing—especially now that I have three young kids. When I started writing Ansible for DevOps, I had one newborn!
LakeDrops Drupal Consulting, Development and Hosting: Migrate Drupal 6 files to Drupal 8 media entities
A design system gives you a “lego box” of components that you can use to create consistent, beautiful interfaces.
Design System artifacts go by many names - Living Style Guides, Pattern Libraries, UI Libraries, and just plain Design Systems. The core idea is to give digital teams greater flexibility and control over their website. Instead of having to decide exactly what all pages should look like in one big redesign and then sticking with those templates until the next redesign, a design system gives you a “lego box” of components the team can use to create consistent, beautiful interfaces. Component-based design is how you SCALE.
At Palantir we build content management systems, so we’ve named our design system artifact a “style guide” in a nod to the editorial space.
Our style guides are organized into three sections:
- 'Design Elements' which are the very basic building blocks for the website.
- 'Components' which combine design elements into working pieces of code that serve a defined purpose.
- 'Page Templates' which combine the elements and components into page templates that are used to display the content at destination URLs.
But how do we help our clients determine what the list of elements, components and page templates should be?How to Identify Elements for Your Design System
In this post I’ll walk through how we worked with the University of Miami Health System to create a style guide that enabled the marketing team to build a consistent, branded experience for a system with 1,200 doctors and scientists, three primary locations, and multiple local clinics.1. Start by generating a list of your most important types of content.
Why are people coming to your site? What content helps them complete the task they are there to do? This content list is ground zero for component ideation: how can design support and elevate the information your site delivers?
The list of content serving user needs is your starting point for components. In addition, we can use this list to identify a few page templates right off the bat:
- Home page
- Treatment landing page
- Search page
- Listing page: Search results, news, classes
- Clinical trials landing page
- Clinical trial detail page
- Location landing page
- Appointment landing page
- Appointment detail page
- Basic page (About us, contact us, general information)
This is just the start of the UHealth style guide; we ultimately created about 80 components and 17 page templates. But it gives you a sense of how we tackled the challenge!2. Sort your list of important types of content into groups by similarities.
Visitors should be able to scan your website for the information they need, and distinctive component designs help them differentiate content without having to read every word. In addition, being rigorous about consistently using components for specific kinds of information creates predictable interfaces, and predictable interfaces are easy for your visitors to use.
In this step, you should audit the design and photo assets you have available now, and assess your capacity to create them going forward. If, for example, you have a limited photo library and no graphic artist on staff, you’ll want to choose a set of components that don’t heavily rely on photos and graphics.
In this example, we have three component types: News, Events/Classes, and a Simple Success story.
- News Component: This component has no images. This is largely about content management; UHealth publishes a lot of news, and they didn’t want to create a bottleneck in their publishing schedule by requiring each story to have a digital-ready photo.
- Events/Classes Component: This component has an option for images or a pattern. Because UHealth wants visitors to take action on this content by signing up, we wanted these to have an eye-catching image. Requiring a photo introduces a potential bottleneck in publishing, so we also gave them the option to make the image a pattern or graphic.
- Simple success story: This is the most visually complex component because successful health narratives are an important element of UHealth’s content strategy. We were able to create a complex component here because there’s a smaller number of success stories compared to news stories or classes and events. That means the marketing team can dedicate significant time and resources to making the content for this component as effective as possible.
Unlike paper publications, websites are built to enable actions like searching, subscribing, and making appointments. Your component set should include interfaces for your functionality.
In a more complex example, the Sylvester Cancer Center included a dynamic “Find a lab” functionality that was powered by a database. We designed the template around the limitations of the data set powering the feature, rather than ideating the ideal interface. Search is another feature that benefits from planning during the design phase.
For example, these components for a side bar location search and a full screen location search require carefully structured databases to support them. The design and technical teams must be in alignment on the capacity and limits of the functionality underlying the interface.4. Differentiate components by brand.
UHealth is an enormous health care system, and there are several centers of excellence within the system that have their own logos and distinct content strategies. As a result, we created several components that were differentiated by brand.
In this example, you see navigation interfaces that are different by brand and language. Incorporating the differentiated logos for the core UHealth system and the Centers of Excellence is fairly straightforward. But as you can see the Sylvester Center also has three additional top nav options: Cancer treatments, Research, and For Healthcare Professionals.
That content change necessitated a different nav bar - you can see that it’s longer. We also created a component for the nav in Spanish, because sometimes in other languages you find that the menu labels are different lengths and need to be adjusted for. In this case, they didn’t, but we kept it as a reference for the site builders.5. Review the list: can you combine any components?
Your overall goal should be creating the smallest possible set of components. Depending on the complexity and variety of your content and functionality, this might be a set of 100 components or it might be just 20. The UHealth Design System has about 80 components, and another 17 page templates.
The key is that each of the components does a specific job and is visually differentiated from components that do different jobs. You want clear visual differences that signal clear content differences to your audience, and you don’t want your web team spending time trying to parse minor differences - that’s not how you scale!
In my experience, the biggest stumbling block to creating a streamlined list of components is stakeholders asking for maximum flexibility and control. I’ve found the best way to manage this challenge is to provide stakeholders with the option to differentiate their fiefdoms through content rather than components.
In this example, we have the exact same component featuring different images, which allows for two widely different experiences. You can also enable minor differentiation within a component: maybe you can leave off a sub-head, or allow for two buttons instead of one.6. Start building your design system and stay flexible.
The list you generated here will get you 80% of the way there, but as you proceed with designing and building your design system, you will almost certainly uncover new component needs. When you do, first double check that you can’t use an existing component. This can be a little tricky, because of course content can essentially be displayed any way you want.
At Palantir, we solve for this challenge by building our Style Guide components with real content. This approach solves for a few key challenges with building a design system:
- Showing the “why” of a component. Each component is designed for a specific type of content - news, classes, header, testimonial, directory, etc. This consistency is critical for scaling design: the goal is to create consistent interfaces to create ease of use for your visitors. By building our Style Guides with real content, we document the thought process behind creating a specific component.
- Consistency. Digital teams change and grow. We use content in our Style Guide to show your digital team how each component should be used, even if they weren’t a part of the original design process.
- Capturing User Testing. Some of our components, like menus, are heavily user-tested to ensure that we’re creating intuitive interfaces. By building the components with the tested content in place, we’re capturing that research and ensuring it goes forward in the design.
- Identifying gaps. If you’ve got a piece of content or functionality that you think needs a new component, you can check your assumptions against the Style Guide. Does the content you’re working with actually fit within an existing pattern, or is it really new? If it is, add it to the project backlog!
The most important takeaway here is that design systems let your web team scale. Through the use of design systems, your digital team can generate gorgeous, consistent and branded pages as new needs arise.
But don’t take our word for it! Tauffyt Aguilar, the Executive Director of Digital Solutions for Miller School of Medicine and UHealth, describes the impact of their new design system:
“One of the major improvements is Marketing’s ability to maintain and grow their site moving forward. Previously each page was designed and developed individually. The ability to create or edit pages using various elements and components of the Design System is a significant improvement in the turnaround time and efficiency for the Marketing department.”
My favorite example of a new page constructed with the UHealth design system is this gorgeous interface for the Sports Medicine Institute.
The Sports Medicine audience has unique needs and interests: they are professional and amateur athletes who need to get back in the game. The UHealth team used basic components plus an attention-grabbing image to create this interface for finding experts by issue.
And ultimately, that’s Palantir’s goal: your digital team should have the tools to create gorgeous, effective websites.Content Strategy Design Industries Healthcare
As you may know, Drupal 6 has reached End-of-Life (EOL) which means the Drupal Security Team is no longer doing Security Advisories or working on security patches for Drupal 6 core or contrib modules - but the Drupal 6 LTS vendors are and we're one of them!
Today, there is a Critical security release for the Advanced Forum 6.x-2.x module to fix an Cross Site Scripting (XSS) vulnerability.
Advanced Forum builds on and enhances Drupal's core forum module.
The module doesn't sufficiently sanitise user input in specific circumstances relating to the module's default functionality. It is not possible to disable the vulnerable functionality.
This vulnerability is mitigated by the fact that an attacker must have a role with permission to create forum content.
See the security advisory for Drupal 7 for more information.
Note: This only affects Advanced Forum 6.x-2.x -- not 6.x-1.x.
If you have a Drupal 6 site using the Advanced Forum 6.x-2.x module, we recommend you update immediately! We have already deployed the patch for all of our Drupal 6 Long-Term Support clients. :-)
If you'd like all your Drupal 6 modules to receive security updates and have the fixes deployed the same day they're released, please check out our D6LTS plans.
Note: if you use the myDropWizard module (totally free!), you'll be alerted to these and any future security updates, and will be able to use drush to install them (even though they won't necessarily have a release on Drupal.org).
Streamlining the content creation and approval processes is necessary on many websites. Editorial workflows in Drupal 8 are easy to create and manage. This is achieved by the Content Moderation and Workflows modules.
These modules are Drupal 8’s innovation — they have appeared in the core and reached stability during the time from Drupal 8.2 to Drupal 8.5. So welcome on a tour of creating and managing editorial workflows with them.Read more
Drupal 9 is coming — its arrival is planned for June 2020. So while the world continues enjoying Drupal 8’s benefits, it’s also time to start getting ready for Drupal 9. What does it mean and how to prepare? We are discussing this in our blog post.
How to Set, Get and Invalidate the caches per user in Drupal 7, this blog article will explain a brief of how to do such implementation on Drupal using the default drupal cache functions.heykarthikwithu Wednesday, 26 June 2019 - 17:35:20 IST
The Drupal 8 Pager module provides simple pager navigation in a block to ease up the navigation between nodes of the same content type or between nodes with a common taxonomy tag.
This tutorial will explain the usage of this module with an example. Let’s start!
Acquia HQ and the Mayor of Boston
You may have already heard of Drupal, but for those who don't know, Drupal is an open source Content Management System. However, you might not know the history behind Drupal and the connection that it has with the SaaS company, Acquia. Well, in this blog post, I’m going to tell you the history behind the biggest open source Content Management System and the role it played in the founding of Acquia.
Dries Buytaert in his student days. Photo credit.
It all started in the year 2000 when Dries Buytaert and Hans Snijder, which at the time were students at the University of Antwerp, needed an internet connection, which was quite seldom found back in the days. This resulted in them both building a wireless bridge between their dorms. On top of that, they had a need for a place to also talk. This led Dries Buytaert to start a small news website with a chat board for him and his friends to be able to meet, publish and share the news.
The software that was built in the process remained unnamed until Dries had graduated. However, after his graduation, he put the website online, because he wanted to stay in touch with his friends. He originally wanted to name the domain to dorp.org. The word "dorp" translates to "village" in dutch. However, Dries had misspelled the word "dorp" to "drop" and he chose to leave it like that. After a while, the website began to attract new members that would discuss topics on new technologies and ideas.
In January of 2001, Dries had decided that he wanted to release the software at the core of the website, for other people to be able to use it. So, it started as an open source project. The name of the software was derived from the English pronunciation of the Dutch word “Druppel”, which means “drop”. On top of that, the software was in need of a logo. For this task, Kristjan Jansen and Steven Wittens had stylized a water droplet with eyes, curved nose and a smile.
pA00 : 08 / 02 : 06O
Video showing one of the earliest Drupal Camps, New York City 2006. Unmute (bottom left) this video to get the full experience.Drupal 1.0
The first release version was Drupal 1.0, which was built using Slash, a modular CMS, and Scoop. It was released on the 15th of January 2001. At first, there were 18 core modules, which were basically a set of PHP files containing a set of routines. Everything was accessed through PHP files due to the lack of a menu. On top of that, at first, the code had to be put into one of the seven hooks of the modules. The system was built from the beginning to be modular. This lets people adapt their websites to their needs. The system is depending on SQL in order to manage and change layout, themes and content.
Just after two months on the 15th March 2001 Drupal 2.0 was released. This version added a translation feature that made it possible for users to translate their website into another language. On top of that, it also provided a framework that supported multilingual websites. It had 22 core modules and added user ratings and sections for stories.
On 15th September 2001, Drupal 3.0 was released. The primary difference between this version and its predecessors is that it used nodes instead of pages. Meaning that every form of content was managed by a node from the node module. On top of that, this version reached 26 core modules.
Video showing Drupal 4 with the (in)famous book module.
It was released on the 15th of June 2002. At this point, there were already 100 websites that were operating on Drupal. This made Drupal truly an international open source project. A notable addition to this version was the taxonomy module which replaces the attributes and meta tags. On later versions, there were added a lot of new modules including the e-commerce module and the support for a profile module or theme template that facilitated an early version of the What You See Is What You Get. Right now, Drupal was starting to look like a truly enterprise CMS.
The 6.0 version was released on 13th February 2008. One major step for Drupal was that the Whitehouse has adopted Drupal as their website managing CMS. One notable improvement was the rewriting of the menu system from scratch, which makes it a lot easier to use. On top of that, users were now able to drag-and-drop a number of features such a blocks and taxonomy vocabularies and terms. Moreover, the language system was modified so it could handle right-to-left languages. Security was also improved by providing an Update Status module that automatically checks for new updates.
Video showing Drupal 7 and its clear improvements in user experience
It was released on the 5th of January 2011. Drupal was used to build simple blogs and websites of large corporations, essentially becoming trustworthy worldwide. This version of Drupal also had a couple of improvements. First of all, nodes were no longer dependent on modules, as they could interact with any node at runtime, meaning that everything became an independent entity. On top of that, this version added a queue API and an improved jQuery usage. This made it possible for everything to be associated with web apps.
The current version of the CMS was officially released on 15th November 2015. The previous generations did manage to accomplish a big deal, however, this version is sure to bring even bigger changes. Drupal 8 was a complete rewrite of Drupal 7, this time based on a PHP framework called Symfony. Notable new features that were added are enhanced multilingual features, Views in core, a new level of web accessibility, improved theming with Twig, modern PHP, Symfony and OOP (Object Oriented Programming) adoption amongst others. Another notable feature is the new in-line editing. However, not as powerful and intuitive as our own in-line editing tool, Glazed Builder, which is based on Drupal. Here you can try our more elaborate inline editing experience for free!
Glazed Builder: Our Drupal UX add-on solution
While Drupal made strides in improving its core components' user experience, Sooperthemes created a commercial add-on solution that takes Drupal to the next level. With our 10+ years experience in Drupal theming, we decided to concentrate our resources on developing a new Drupal experience for authors, marketers, and site builders. Here is a short demo of what our our Glazed Builder product can add to your Drupal website:pA00 : 32 / 02 : 17O
Video showing our Drupal UX solution Glazed Builder. This blog post was also created with Glazed Builder and without our tool we couldn't have created this video-enhanced story-telling experience.Acquia
When Drupal was gaining momentum in 2007, Dries Buytaert saw that in order to be able to deliver the best support for large organizations, a dedicated company was needed. However, he was still hesitant, since, at that time, he was dedicated to finishing his Ph.D. This all changes when Jay Batson introduces himself to Dries at the Sunnyvale DrupalCon. Jay dreaming of opening a company that was focused on providing support and supplementary services for open source software such as Drupal and Apache Solr. After Jay persuaded Dries, they dropped Apache Solr from the equation and chose to focus on Drupal. On June 25th 2007, Jay registered the company under the name Acquia.
Although Acquia did not have an official product yet, they still received their Series A funding. This meant that Acquia was to be a significant player in the Drupal communnity, having managed to raise $7 million. For the most part of the remaining year, Acquia worked on their corporate values and products. Finally, In September 2008, Acquia has opened the doors for business. From that moment on, Dries and Jay's vision to build the universal platform for the world’s greatest digital experiences had started to materialize.
Drupal and Acquia both have had humble beginnings. However, with the passage of time, they have become staples for the open source community. Right now, Drupal is the third most popular Content Management System by market share. Moreover, with the ongoing trend in the market for companies to adopt or incorporate open source, Drupal still has potential to grow. In our previous blog post, you can find out why open source is our future.