If you find yourself going out of way to keep your accounts secure and care about your website support, you are on the right page, reading information you need. Everyone, who has their own accounts in Facebook, Gmail, Twitter, LinkedIn or any other network, is concerned about protection against social media threats. Here in this article we are going to suggest some effective tips to help to reduce the risk of hacker attacks.Read more
This past week, a new open database for economic, demographic, and market data was launched called Vizala. Vizala is a Drupal site and at the core of its user experience is a module called Views Save that allows users to personalize the site by saving views of data that are meaningful to them.
Views Save takes all of the functionality and flexibility provided by the Views module and its extensions, and enhances it by allowing users to save/bookmark any view of content. Basically, if Views can display it, then it can be saved with Views Save. It works with any configuration set by administrators or users including exposed filters, sorting, and any options added by extensions. Views Save works with all Views display types, plugins, handlers etc.
When a view is saved, it becomes an entity in Drupal. This allows you to use Views to generate lists of saved views per user. Views Bulk Operations (VBO) can be used to allow users to manage their lists. Saved views being stored as entities also allows you to take take advantage of a lot of other Drupal functionality including Fields and content permissions. Future development may involve Rules integration to allow alerts to be created that are based on saved views.
Example use cases for Views Save include …
- Sites that allow users to customize and save maps
- Analytics sites that allow you to save any view of the data, and create recurring reports
- When notifications are not required for a site, it could also be a replacement for the Search API Saved Searches module
In a previous post, we reflected on how our Drupal module Views Aggregator Plus came about: "….that [government] project was eventually put on ice, but during its course another module baby was born. We called it Views Aggregator Plus and set her free in Drupalland. It seemed a waste not to share it."
Views Aggregator Plus now enjoys thousands of installs across the world. There is a 90 second video about it on YouTube and quite a few mentions on Google etc. To us it’s lovely that our efforts didn’t go to waste.
The three real-live examples described in the previous post highlighted the module’s row aggregation capability. This is where Views result rows are grouped and compressed based on the identical values of one column, while at the same time applying aggregation functions (like sum, average, enumeration) on the other columns -- the project page explains this better with an example.
This type of data summary can provide useful insights on the entire dataset.
But Views Aggregator Plus does straightforward column aggregations easily too.
The following example was mentioned to us the other day. It can be found on Vizala.com, a new online database for economic, demographic, and market research information.
If you look at these examples ....
.... you can see that the grey aggregation row (near the the top) provides totals and averages for any year that is selected.
Also, no matter what configuration of exposed filters is set by the user, VAP automatically updates the totals and averages for that group of countries.
* * *
Image of aggregation taken from Wikipedia, "Pheromone"
File under: Planet Drupal
One of our members asked how to create a map with custom points to highlight specific areas.
In this tutorial we will show you how to create custom maps by using the Image-Maps online tool.
Docker is reinventing the way we package and deploy our applications, bringing new challenges to hosting. In this blog post I will provide a recipe for logging your Docker packaged applications.
You're wearing too many hats in your web development firm. Whether you're a freelancer or agency, reduce frustration and cost with these 10 web services.
Continuing the trend from Drupalcon Amsterdam, I hosted an informal BoF session at Drupalcon Barcelona, for freelancers to chat among themselves. As a lot more of Drupal's space is being occupied by big players these days, I like to think this helps "single players" carve out a space at the conference.
My notes are publicly available, as a g.d.o wiki page no less: so I won't add to them too much here. However, it's interesting to see that:
This Blog covers the highlights of how Drupal could be used effectively to build a multi domain, multilingual site for a large Multi National Company.
No matter what tool you use to create a website, you still need to put time into planning before you actually start designing and building the site. If you rush to start with the design and build process you run the risk of having a project that takes more time and money than desired and generates less of a return on investment. There are key questions you need to answer to ensure that you create a clear and comprehensive website definition document.
Drupal has long been described as a content management system for developers. It’s been criticized for its Drupal-centric jargon and characterized as unfriendly to inexperienced and experienced web site creators alike. In the DrupalCon Barcelona 2007 State of Drupal address, project creator Dries Buytaert stressed the need to focus on Drupal’s usability.
Not long afterward, the first formal usability study took place at the University of Minnesota, just after the release of Drupal 6 in February, 2008. Several studies of Drupal 7 were conducted in subsequent years. In June, 2015, community members returned to the university for Drupal 8’s first formal evaluation.
These formal usability tests are just one metric about Drupal’s user experience. Anyone who has introduced a new site builder to Drupal, or tried to help a Dreamweaver-savvy friend get started, has a pretty good idea where existing major challenges lie. Drupal.org has methodology suggestions to empower anyone to conduct their own studies, which can take place any time. New features in Drupal 8 are evaluated as they’re introduced, as well. For example, the Drupal User Experience team has conducted more than 70 informal sessions on Drupal 8-specific changes. The formal studies, however, lend a certain gravitas to recommendations for improvements; as we return to Barcelona for DrupalCon 2015, the history from formal evaluations provides a valuable metric to reflect on how far the project has come.
When I was invited to attend Drupal 8’s study, I was eager and hesitant. Eager, because who doesn't want to geek out on eye tracking feedback and all the experience-capturing equipment while spending focused time with key players who are working toward sorely needed improvements? Hesitant, because four years into the development of Drupal 8 seemed like a difficult time in the cycle to introduce meaningful change.
Every Wednesday, the Drupal Security Team publishes "Security Advisories" (or SA's) to tell users about security vulnerabilities in Drupal core and contrib modules, with advice on how to solve the issue so that their site is secure.
This is the second in a series of articles about how to better understand all the information in a security advisory, so that you know how to take the appropriate action for your site!
There are several different types of security vulnerabilities, each with a cryptic (and highly technical) name like Cross Site Scripting (XSS) or SQL Injection.
There's plenty of technical articles on the internet explaining what those mean from a coder perspective, including how to prevent them (by writing better code) or even how to exploit them.
But what do they mean for you, the site builder or site owner?
The most important question for you is: If an attacker exploits your site with a particular vulnerability, what will they be able to do to your site or users?
Of course, you should take action on any security advisory that affects your site as soon as possible (or hire someone else to do it). But what could happen if you didn't?
Some vulnerabilities would allow an attacker to completely take control over your site, whereas others would only allow them to access some non-public data. How can you tell which are which?
Read more to learn how the different vulnerability types could impact your site or users!
So. KDE has landed at Qt World Summit.
You can come and visit our booth and …
- hear about our amazing Free Qt Addons (KDE Frameworks)
- stories about our development tools
- meet some of our developers
- Talk about KDE in general
- Or just say hi!
KDE – 19 years of Qt Experience.
In this Drupalize.Me interview, we interview Scott Wilkinson, a builder of Drupal sites that solve problems for his freelance clientele. This interview is part of an ongoing series where we talk with a variety of people in the Drupal community about the work they do. Each interview focuses on a particular Drupal role and this interview with Scott focuses the site builder role, filled by a person who builds Drupal sites by expertly piecing together and configuring modules, themes, and settings.
Debian was not generally seen s a bleeding-edge distribution, but it offered a perfect combination of stability and up-to-date software in our field when we chose the platform for our signature verification project. Having an active Debian Developer in the team also helped ensuring that packages which we use were in good shape when the freeze, then the release came and we can still rely on Jessie images with only a few extra packages to run our software stack.
Not having to worry about the platform, we could concentrate on the core project and I’m proud to announce that our start-up‘s algorithm won this year’s Signature Verification Competition for Online Skilled Forgeries (SigWIComp2015) . The more detailed story can be read already in the English business news and is also on index.hu, a leading Hungarian news site. We are also working on a solution for categorizing users based on cursor/finger movements for targeting content, offers and ads better. This is also covered in the articles.
The verification task was not easy. The reference signatures were recorded at very low resolution and frequency and the forgers did a very good job in forging them creating a true challenge for everyone competing. At first glance it is hard to imagine that there is usable information in such small amount of recorded data, but our software is already better than me, for example in telling the difference between genuine and forged signatures. It feels like when the chess program beats the programmer again and again.
I would like to thank you all, who helped making Debian an awesome universal operating system and hope we can keep making every release better and better!
We are finally almost there to release Drupal 8 RC1. For us, the release candidate means that Drupal has a stable API, a feature freeze and "should" be free of critical bugs as far as there are no new ones found. That counts for Drupal8 core. We will start with Drupal 8 projects from the release of RC1. The question is only: How to create estimations for a system we, honestly spoken, don't know yet with the same depth of details as we know Drupal 7. There are so many pitfalls related to the decision making of Drupal 8 architectures. As we usually need many contrib modules in our Drupal applications, and this will not change in Drupal 8, they are not yet ready and stable enough for a bug free experience in our development team. So we are all in a difficult situation where we want to start with Drupal 8 from now on the one side but want to be able to estimate projects reliably on the other site. There needs to be some trade-offs which I want to discuss in this blog post - so please feel free to add your thoughts in the comments below.
1) Focus on Drupal core and REST
2) Try to split projects
The bigger the project we want to build with Drupal (not only Drupal 8) the bigger the risk. As in Germany most clients want fixed prices for their projects, we need a fine-grained planning of small feature junks. Keeping project requirements as small as needed reduces the risk to oversee some details that will crash your estimation during the development. From an agile perspective small development steps with detailed requirements reduce also the risk to build a product that nobody needs.
3) Give some discount to contribute
We will offer our clients an up to 10% cheaper price if they pay us by the hour and allow us to fix bugs in core and contribs. This helps us to contribute and improve the code base of Drupal 8 and contrib modules. Our clients as well as the community will benefit from a fast growing and stable code base in the future as they put their strategy on Drupal 8.
4) Update early and often
Whereas the update frequency in Drupal 7 becomes slower, Drupal 8 is almost there and as more and more people will use Drupal 8 and contrib modules, the more bugs will be reported and hopefully fixed. This means for us that we need to update early and often to see code and feature changes early and react on them. Keeping modules out-dated for a long time, even for none security related updates will bring additional risk for a broken site. The bigger the difference between your current code base and the latest release, the bigger the risk that your site will break with your update. The same rule as working with GIT in a team Update / GIT pull early and often and fix issues immediately. That's why we integrate Drop Guard also in the process of our on-going development and not only in the deployment process of critical security updates. With the right setup, we don't need to care manually about our update workflow. Drop Guard will do. You can start with Drop Guard for free during our beta period and automate updates as well.
The python-suseapi 0.22 has been released last week. The version number shows nothing special, but one important change has happened - the development repository has been moved.
It's now under openSUSE project on GitHub, what makes it easier to find for potential users and also makes team maintenance a bit easier than under my personal account.
If you're curious what the module does - it's mostly usable only inside SUSE, providing access to some internal services. One major thing usable outside is the Bugzilla interface, which should be at one day replaced by python-bugzilla, but for now provides some features not available there (using web scraping).
Anyway the code has documentation on readhtedocs.org, so you can figure out yourself what it includes.
SASS and LESS preprocessors make front-end development much easier. To compile them to CSS automatically, you can use Grunt.js. Let’s see how to do it through the example of Ubuntu OS.1. sudo apt-get install npm
Install npm (package manager for node.js)2. sudo npm install -g grunt-cli
Install grunt-cli to run Grunt in any directory if it is there (this command does not install Grunt).Read more
This blog post is a follow-up of DrupalCon session Next Generation Graphics: SVG.
Drupalcon Barcelona has been a blast for me, I met a lot of old good friends and it recharged my Drupal batteries. Some people has asked me about the slides of my session. Sorry for the delay, I was knocked out by the drupalflu. It was not a myth. Here is some material and thoughts about SVG session:
Me, pretending not to be nervous:
See the slides at dcorb.github.io (with animated gifs and page transitions. But non-clickable links)
Slides at slideshare.net with clickable links, no gifs:Next generation Graphics: SVG Drupal core and SVG. You can help
Drupal 8 has 79 SVG files in core at the moment. Most of them are SVG icons from ry5n's Libricons used mostly in the toolbar.
Drupal 8 themes by default will look for a "logo.svg" file in the theme folder, instead of "logo.png". See Change record.
This change was introduced at the same time that we were converting the Druplicon logo from PNG to SVG.
There are plenty of graphic assets in Drupal core that could be converted to SVG, starting with the throbber icon. I'm not sure after Drupal 8 hits RC1, if still would be possible to convert them, though.
And if you have a great idea for using a SVG sprite technique to avoid 17 HTTP individual requests! for admin users, please help here.
I created a Twitter list of SVG Experts, if you are interested. A lot of fresh relevant information on SVG, quirks, tips and demos they share daily, that can't be found anywhere else. Some are SVG Working group members, some are developers working on SVG browser implementation, some SVG web developers, and some are creative people testing the limits of SVG in an artistic way.
Last week, I've been invited to the OpenStack Paris meetup #16, whose subject was about metrics in OpenStack. Last time I spoke at this meetup was back in 2012, during the OpenStack Paris meetup #2. A very long time ago!
I talked for half an hour about Gnocchi, the OpenStack project I've been running for 18 months now. I started by explaining the story behind the project and why we needed to build it. Ceilometer has an interesting history and had a curious roadmap these last year, and I summarized that briefly. Then I talk about how Gnocchi works and what it offers to users and operators. The slides where full of JSON, but I imagine it offered a interesting view of what the API looks like and how easy it is to operate. This also allowed me to emphasize how many use cases are actually really covered and solved, contrary to what Ceilometer did so far. The talk has been well received and I got a few interesting questions at the end.
The video of the talk (in French) and my slides are available on my talk page and below. I hope you'll enjoy it.
Two s390x changes landed in Debian unstable today:
- A new version of zipl-installer that will infer the root filesystem to pass to the kernel using mapdevfs instead of enforcing a single DASD partition for it.
- A new version of sysconfig-hardware that contains a hook that activates all configured disks in the initramfs instead of a single one passed in as the root parameter in the kernel command-line. Thanks to Stephen Powell for the patch.
Furthermore I uploaded a new version of Hercules - a z/Architecture emulator - to get a few more years of maintenance into Debian. See its upstream changelog for details on the changes (old 3.07 → new 3.11).
At this point qemu at master is also usable for s390x emulation. It is much faster than Hercules, but it uses newfangled I/O subsystems like virtio. Hence we will need to do some more patching to make debian-installer just work. One patch for netcfg is in to support virtio networking correctly, but then it forces the user to configure a DASD. (Which would be as wrong if Fibre Channel were to be used.) In the end qemu and KVM on s390x look so much like a normal x86 VM that we could drop most of the special-casing of s390x (netcfg-static instead of netcfg; network-console instead of using the VM console; DASD configuration instead of simply using virtio-blk devices; I guess we get to keep zIPL for booting).