Skip to: Site menu | Main content

OSCMS 2007

I recently attended Drupalcon at the Open Source Content Management Summit (OSCMS) held at the Yahoo! campus in Sunnyvale, California. Here's a few tidbits I wanted to pass along:

The conference keynote was given by Rasmus Lerdorf , the creator of the PHP scripting language . Rasmus's talk focused on security and demonstrated how easy it is to perform cross-site-scripting (XSS) on various CMSs. The one important rule I took away from the talk: never browse in another window/tab when you're logged in to a site you want to keep secure (banking, bill paying, etc...)

There's some really great stuff going on with video on Drupal. Both the video module and the CCK video field are making great strides.

Something I didn't know about themes - you can create custom layouts for individual nodes and or pages just by using distinct filenames: page-node-22.tpl.php, node-blog.tpl.php, node-story.tpl.php, etc...

The Yahoo! Maps API is pretty cool - it returns serialized PHP if requested - this makes integrating it with any PHP application that much easier. ProgrammableWeb.com is a great site with lots of links to mashups using various APIs including Yahoo! Maps.

Jeff Eaton's token module is going to save me a bunch of time when developing Drupal modules in the future.

Barry Jaspan's persistent login module looks good, and appears to improve security a bit.

The Coder module is something I had never tried before, but I'll be using now. It's got a great extensible framework that will help Drupal developers adhere to Drupal's coding standards. drupal.org/node/318

The Deletion API stuff going into Drupal 6 is going to make it possible to hook into the Drupal Deletion cycle. It'll make it possible for modules to hook into Drupal's confirm delete stuff.

Dries Buytaert , leader of the Drupal project, gave a talk on "the state of Drupal". Dries focused on keeping Drupal developers thinking about what other traditional web development roles (webmaster, designer, etc..) can be eliminated by Drupal.

Julian Tschannen's talk about using Drupal as a Wiki really showed that modules exist (freelinking, diff, wikitools, image_attach) to make Drupal pretty much a full featured Wiki platform.

Tao Starbow's AHAH presentation was really exciting - if you're into dynamically generated form elements - which I am. There's still some work to go, but hopefully by Drupal 6 we'll have a way to dynamically add form elements to forms using JavaScript. This is useful for allowing users to enter an indeterminant number of responses. For example, I have a module where a person can enter in various certifications that they have. For each certification, they have make a selection from a list, then input data into a couple of text fields. For each certification, they have to click submit and send the info to the server. With AHAH, the user would just be able to click "add another" and JavaScript can dynamically create an additional set of fields. Sweet.

I also attended the Lullabot performance workshop - a full day extravaganza of Apache/PHP/MySql/Drupal performance tips. The #1 tip I took from the day: use a PHP opcode cache (like APC ).
Submitted by michael on Mon, 03/26/2007 - 1:00am
Filed under: