Securing your admin area with SSL in drupal (and other systems)
This article is here to start a discussion about this topic, and maybe go on making this into a GSOC proposal or a new module.
Securing your admin area with SSL in drupal
Setting up a secure administration environment in drupal is still complicated, and might even be an important security flaw in several configurations. A large part of this is due to the architecture of drupal that does not have a dedicated admin area and not much difference between normal (unprivileged) users and admin users.
Read more
Dojo Lesson #2 -- Coding Standards
The Drupal Dojo will convene again this Thursday at 8pm EST (GMT -5). We will gather in #drupal-dojo, get on a worldwide Skypecast and fire up an improved screen-sharing application to do our lesson. We will also take time to debrief the work so far, talk about what we'd like to do going forward, and answer misc questions about the group and about Drupal.
The Lesson Plan
- Sound Check: make sure everyone can get on Skype and is in IRC
- Debrief: talk about how we've been doing, also about moving the regular lesson time to Sunday and/or starting other times
- Drupal Coding Standards: what they are; why they matter
- Keeping Your Code Clean: where to put stuff; how not to kludge
- Keeping Your Code Safe: how and why to use Drupal functions for text, links, input fields and database queries
- Making Your Code Intelligible: the tao of commenting
- Dojo Challenge!: review a patch for Drupal 5.0
- Documentation: lets keep the great documentation coming!
Feel free to comment on this post with feedback. I'm especially interested in collecting links to documentation folks may want to read ahead of time, and/or we should look at improving as a result of this lesson.
See you in the Dojo!
Read more
Best practices anyone?
Hey all, just thought I'd throw my hat in the ring so Laura doesn't feel too lonely up there on the front page.. ;)
What I would love to see come out of this group is some "best practices" documents for people building community sites. Especially sites geared towards online communities where the end user has special needs.
By special needs, I am not only referring to accessability issues, (although that is certainly one concern) I also mean things like ;
-
How do you build sites for youth that give them adequate privacy, security and priveleges(spelling?) so they can feel like they own the space, while keeping parents satisfied that their children are safe from online harrassment and stalking?
-
How do you provide a granulated set of user roles for a semi-closed group of low-level technophobes without overcomplicating the means to contribute to the site? [not like I've ever had to deal with that or anything ;)]
-
How do you explain copyright and copyleft to inexperienced webpublishers and transmit the importance of the issue adequately? Is it even necesary? What are we leaving out if we don't talk about copyright before giving a community a site they can publish to?
-
How does a web developer/social marketer do knowledge transmission for community-building online to end-users/ site editors who mostly use analogue technologies to communicate with their constituents.
-
When is a community website the solution and when is it overkill? How do you help your client develop a project/product that really fits their needs.
