• Several new, detailed user permissions
• Support for stateful SOAP sessions
• UI enhancements

• An improved Tiki plugin for embedding Kaltura media
• Improved Kaltura administration, via Tiki
• Configuration the of Kaltura Configuration Wizard (KCW) interface
• and much more.

Help us to finish LimeSurvey 2.0: Today we start the LimeSurvey 2012 Fund-Raiser, which is our first fund-raising drive ever. We ask you to donate a small part of the money that  LimeSurvey saved you in the first place compared to commercial software/services. Why? The idea behind LimeSurvey is not only only being free and open source but also it should be fun to work with and have an extensive feature set - usable by all kind of users. Be it the student doing a survey for the master thesis or a company using it to survey thousands of participants.

The volunteer work done by our team of 20 volunteer developers/supporters/translators is amazing and they are the reason LimeSurvey has come this far. Still for bigger changes you need full-time developers - that's what we will use your donated money exclusively for. You will help to speed up development and get new/redesigned features much faster (see our donation letter for more information).

Now, think about how much LimeSurvey helped you and you have the chance to give something in return: Please donate!

P.S: If you donate you will receive a donators status in the forums, and, if you want to, you will also be listed on our page of donators. For donations of 500 USD or more you will even be able to link your name with an URL of your choice.

LimeSurvey 2.00beta1 incorporates about 50 fixes since alpha 3 and has many new features compared to 1.92. Be sure to download it and give it a try soon and report any issues in our bugtracker.

As more feedback we get as earlier it will be stable for a general release.

There have been many forum posts recently asking how to use Expression Manager (EM) and other new features available in Version 1.92+. We have found the best way to learn is to explore working demos.

So, we have updated the documentation to provide easy access to 9 new surveys that test all of the EM and new 1.92 features. For each, we describe which features the survey demonstrates, and provide representative screen shots plus a link to download the survey so that you can import and play with it yourself. The main features demonstrated include:

• Relevance - with support for more powerful conditional logic than is available via the 1.91+ Conditions editor.
• Group-level Relevance - if the same conditions apply to all questions in a group, you no longer have to apply them to each question (as was true in 1.91+) - simply specify the relevance at the group-level.
• Cascading Relevance - this never worked perfectly in 1.91+. Now it does. And, you don't need to specify all of the conditional logic for cascaded questions - they will automatically inherit the conditions from any questions upon which they depend.
• Piping / Tailoring - easier, more powerful ability to insert answers and question metadata than the old {INSERTANS:xxx} syntax.
• Conditional Micro-Tailoring - you can dynamically change sentences, such as "Mr." vs. "Mrs.", or "child" vs. "children" based upon prior questions (even ones on the same page). You can even conjugate verbs and decline nouns based upon the gender and/or number of your subjects.
• Equations - there is a new Equation question type that lets you do complex calculations and store them in the database, all without needing custom JavaScript (thus, this is more powerful and flexible than 1.91+ Assessment functionality).
• Conditional Validation - traditional validation, like regular expressions, min/max numbers of answers, min/max individual values, and min/max/equals summed values are more robustly supported, with tailored message and CSS styling rather than pop-up messages. Moreover, you can use equations so that your min/max criteria are based upon prior answers. Additionally, these traditional validation styles work for many more question types.
• (Sub)-Question Level Validation - for most question types, you can now use complex expressions to validate either individual answers or the collection of answers. This lets you do things like ensure that answers are in descending order; specify the maximum responses on a row; or even call external functions to validate the response.
• Better International Support - you can now use the comma as a radix separator (decimal point) in all question types that require numerical input, plus be sure that the data will be properly stored in the database.
• Qcode Naming - when you do tailoring, you need to know the proper naming of your variables. One of the surveys includes samples of every question type so you can see how variables should be named.
• Tailoring using Question Metadata - there are now 16 "dot notation" suffixes available for each question. These let you easily access question metadata (e.g. text, relevance, number, IDs) and answer metadata (e.g. the value stored in the database, the value shown, or the assessment value). One of the surveys has tables showing (for all question types), the values generated for each of these dot notation suffixes.

Today we are bringing you not just one great news but two! LimeSurvey 1.92 is now available for general download. While at the moment it is not yet available on the ComfortUpdate we will make it available within the next two weeks.

As you may already know that the biggest change on this release is the availability of the great Expression Manager engine coded by Thomas White. Before you upgrade please have a look at our upgrade notes, as there might be some issues with your existing surveys that need to be resolved before/after upgrade.

The other news is that version 2.0 alpha 3 is now available. It incorporates all features from LimeSurvey 1.92 and adds several new ones. Version 2.0 is now based entirely on the Yii PHP framework and thus makes extending LimeSurvey at a later time much easier. Please download and test it out and let us know if you see any problems.

The LimeSurvey project is looking for volunteers who would like to help in an Open Source project on a long-term base :-). We have three positions that need to be filled, all of which require only little/none coding experience, but require about 10 hours of work every week.

Translations Community Manager

The translation community manager takes care of translators and translations. The important part of this is to make translations of the application and the documentation alot better by motivating existing and new translators, give incentives to translate, look for new tools to make translations better in general. You should be an experienced LimeSurvey user.

Incident Manager

The incident manager takes care of incidents in the LimeSurvey project in general, be it with the application or the website. He monitors new bug reports, does a first filtering, ask the reporters for details and tries to reproduce the issue. After the incident proves to be a really issue he assigns these to coders or translators. He reports to the project lead and if escalates things if a general problem seems to show up.

Documentation Manager

The documentation manager takes care of everything documentation related. He works together with the translations manager, as translations a re a big part of the documentation. He also makes sure that documentation is well structure and organized. If needed he will restructure or rewrite existing documentation. He will also look for ways to get the community involved with the documentation so in general it gets better.

If you are interested in any of these volunteer positions, please send us an email with the following details:

• Which position are you interested in and why?
• Short CV
• Details of your past experience with LimeSurvey and past involvement with the LimeSurvey community

Thank you for reading. if you have any questions please let us know.

Lea Alcantara & Emily Lewis have published their Annual ExpressionEngine Listener Survey. Make sure to take 10 minutes and help them out by filling in the short survey. Plus you will be entered to win a very rare EEPodcast T-Shirt.

Also, make sure to listen to this week’s Podcast. James and Wes talk about the recent EE Version 2.5 update, the EU Cookie Module, the modularity of EE and more.

In November of 2009, the European Parliament issued EU Directive 2009/136/EC, an amendment to several prior directives concerning data protection and electronic privacy rights.  Of primary concern to this article were changes regarding the storing and accessing of personal data on a user’s device via cookies [1].  The amendment changed such storage to require opt-in rather than opt-out permission from end users.  EU member states were supposed to implement laws in accordance with the directive by May 2011.

Who Is Affected

So, who has to worry about the directive?  The EU member countries (and Norway).  If you own, operate or design websites for EU based entities, you need to worry about the specific Data Privacy Laws in that country, because all EU countries were supposed to enact legislation consistent with the directive.  Not all of them have, and the existing laws vary from country to country.  But if you are operating in the EU, it’s likely that the privacy directive will apply in some way, shape or form.

The Legal Basics

While the specific laws may vary, the EU E-Privacy Directive does provide us with a generic template for building websites that comply with EU privacy concerns.

Users must be informed

Visitors to your website must be informed of your privacy policy, including the use of any cookies or similar technologies (i.e., Locally Stored Objects, etc.).  A generic statement that cookies are used and necessary to site functioning isn’t really enough.  You should specify each cookie and what it does in terms a layman can understand.

Users must grant prior consent

Before setting cookies, you must receive the informed consent of the user.  Given the current state of web browsers, browser settings cannot be used to infer informed consent. 

The directive does make an exception to this requirement, but only when it is strictly necessary and done to provide a service that the user has explicitly requested.  The typical example would be a shopping cart where the user has taken direct action to add items to the cart.

Users should be able to revoke consent

At any time, a user should be able to revoke their consent and remove any existing cookies.  While not explicitly stated in the E-Privacy directive, providing users with an easily accessible means of removing current site cookies and blocking future ones is a wise precaution.

How to address the EU Privacy laws

1. Know the law in the relevant country.
Laws differ among the EU member countries, with some having enacted no law derived from the directive at all.  There is also variation in how the laws address prior/implied consent.  Understanding what the law actually requires is key to compliance.  Unfortunately, reading the relevant statutes doesn’t always provide a lot of clarification and you will need to stay on top of the latest news regarding how the law is actually being interpreted and applied.  For UK users, the The Cookie Collective is a good resource for tracking the latest legal and technical news regarding cookie regulation.  Just keep in mind, the details may vary on a per country basis.

2. Know what cookies your site sets and what they do.
You need to know what data you are storing on visitors’ devices and why you need to store it.  If you’re reading this, you’re probably using ExpressionEngine on your site, so be sure to check out the Cookie Consent Module’s documentation, which details the cookies set by the CMS and its native modules.  It’s also likely you have cookies being set by other applications.  Ad services, analytic tools, store/ordering code, video and social media applications may all be setting cookies on your site.  Know the tools you are using and check with each to see what cookies they set.

Once you think you know what cookies are being set, doing a manual audit of the site is a good idea.  There are a number of browser based tools you can use to help you do a ‘cookie audit’ of your site in action [2].

3. Provide a Privacy Policy
If you don’t already have one, put a privacy policy on the website.  If you do have one, make sure it is up-to-date.  The policy should be easily accessible and it should detail all data that may be stored on a user’s device, the purpose of the data, and how long it persists. 

4. Decide on a plan of action
The reports I’ve seen on users opting-in to cookies when asked on a website suggest around 5-10% will grant consent.  You will need to plan accordingly and make an informed decision regarding the use of cookies on your site.  If you are designing the site for a client, you need to ensure they understand the law and what they may need to sacrifice in order to be fully compliant.

The Cookie Consent Module and EU Cookie Compliance

ExpressionEngine sets a number of cookies on each page load for all site visitors.  In order to prevent these cookies from being set without end user consent, a Cookie Consent Module is available for download in the Add-on Library.

Installing the module instantly prevents any cookies being set using the internal cookie setting method unless consent has been given.  Consent is indicated by the presence of an ‘allow_cookies’ cookie.  Because cookies are required for much member functionality both fronted and backend, login and registration are disabled for users who do not have the consent cookie set.  The module also provides several means for deriving consent (and thus setting the consent cookie), a mechanism for revoking consent and clearing domain cookies, and conditionals allowing you to vary the content included based on whether consent has been provided.

Watch the new ‘How To’ video “The ExpressionEngine Cookie Consent Module & EU Cookie Legislation” for a guide to using the module.

   
And remember, we have a variety of “How-To” videos covering other aspects of ExpressionEngine on our Vimeo page.

End Notes

[1] Third parties may wish to store information on the equipment of a user, or gain access to information already stored, for a number of purposes, ranging from the legitimate (such as certain types of cookies) to those involving unwarranted intrusion into the private sphere (such as spyware or viruses). It is therefore of paramount importance that users be provided with clear and comprehensive information when engaging in any activity which could result in such storage or gaining of access. The methods of providing information and offering the right to refuse should be as user-friendly as possible. Exceptions to the obligation to provide information and offer the right to refuse should be limited to those situations where the technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user. Where it is technically possible and effective, in accordance with the relevant provisions of Directive 95/46/EC, the user’s consent to processing may be expressed by using the appropriate settings of a browser or other application. The enforcement of these requirements should be made more effective by way of enhanced powers granted to the relevant national authorities.
(EU Directive 2009/136/EC)
[Return]

[2] Recommended browser based tools for identifying cookies set on your site:
- Firefox Web Developer (https://addons.mozilla.org/en-US/firefox/addon/web-developer/)
- Firefox Firecookie (https://addons.mozilla.org/en-US/firefox/addon/firecookie/), extension for Firebug (https://addons.mozilla.org/en-US/firefox/addon/firebug/)
[Return]

There comes a time in an ExpressionEngine site’s life when it needs to scale. The demand for it’s dynamically-generated pages becomes too much; you can throw more servers at the problem or tweak the ones you’ve got, but that has its own scaling issues.

Or, there’s Varnish Cache.

The idea of caching is familiar: why waste resources regenerating the same content from scratch on each page view? But Varnish takes it a bit further by stepping in before the request even makes it to ExpressionEngine or Apache (or your favorite HTTP server). Even better, it can intercept a request before it hits the disk!

To illustrate this impact, let’s send 1000 requests with 100 concurrent to EE’s default Agile Records theme, hosted on a quad-core Mac with 8GB of RAM, accessed via a local network over 802.11n:

No Caching
13.67 hits/sec

EE’s Template Caching
36.01 hits/sec

Varnish
276.55 hits/sec

With little or no caching, the CPU just cannot keep up. With Varnish, however, the only bottleneck becomes the network.

On that bombshell, if you’re wondering where to sign up, let me walk you though setting up Varnish from scratch and then configuring both Varnish and EE to set up the ideal caching for your site.

Wait, what’s going on, here?

Varnish is a proxy that sits between your HTTP server and the world. For example, when a request comes to your server for “example.com/index.php”, it first goes through Varnish who then checks to see if it has cached output for the requested URL. If it has cached the output of that specific request before, and it has not expired yet, Varnish will serve up the all ready, fully-generated output for that request from its cache stored in the RAM.

With that conceptual illustration, you can see the request doesn’t even make it to Apache, PHP or MySQL, which is great for our server’s health, no matter how optimized those processes may be. Since Varnish, it’s configuration, and cache can all live in the server’s RAM, this allows for lightning-fast responses and high hitrates.

Who is Varnish best for?

Sites who have minimal user interaction, therefore mostly static (mainly driven by channels, pages, etc.), are best for Varnish. Since the caching proxy’s job is to serve up the same pre-generated content to everyone, it won’t be able to show user-specific content (login-driven sites) and be as effective since that specific content will need to be regenerated on each page view. But that’s not to say it’s not possible or that it won’t help in those situations. Later, we’ll get into ways of serving dynamic content while still using Varnish to cache the static bits.

Installing Varnish

Now, it’s time to play. Varnish is one of those daemons that runs in the background on your server, much like Apache or MySQL. Your favorite flavor of Linux should provide a Varnish package which you can install with a one-liner, or you can compile from source. A Homebrew package is also available for OSX.

Like Apache, Varnish listens on a port. Since we want Varnish to listen to all HTTP requests coming to our web server, it needs to listen on port 80. This means Apache has to listen on another port; we’ll choose 8080. Or if you’re not ready to put Varnish in production, we can choose to have Varnish listen on 8080 and keep Apache on port 80 while we mess around.

You can tell Varnish which port to listen on when starting the daemon, as well as specify storage for the cache. These flags may also be set in your DAEMONOPTS configuration, depending on your OS-specific installation.

Configuring Varnish: The VCL

We need to tell Varnish when to cache, when not to cache, and how long to cache for. To do that, we write in the Varnish Configuration Language (VCL). Fun, geeky fact: Varnish translates this VCL code to C and compiles it into a small program kept in memory, for even more uber-fast request processing.

When you installed Varnish, a default VCL file was likely supplied at /etc/varnish/default.vcl if you’re on Linux. I recommend creating your own file instead of editing the default, because upgrades tend to overwrite that file, don’t learn the hard way.

Go ahead and paste this in your new VCL file:

That is the bare minimum we need to get EE caching, but let’s first understand what Varnish is being told to do. Notice the backend declaration at the top:

Your backend is the source for which Varnish will pass requests to. If Varnish does not have a request cached, it forwards it to the backend to be generated. You can do some neat things with backend configuration, such as load balancing and health-checking, which we’ll touch on later. Since Apache is running on the same machine as our Varnish service, the host is a localhost IP address, and the port is 8080 since that’s what we’ve set Apache to listen on.

Next, notice the vcl_recv subroutine. This is called at the beginning of each request, before the backend is called. We need to make sure our control panel isn’t cached, otherwise we couldn’t interact with it and change content. To do this, we check req.url to see if it starts with /system/, our default system folder name. If that’s true, we return pass which tells Varnish to pull directly from the backend and not its cache. We also are choosing not to cache ACT or POST requests, since those likely need to hit the backend:

This is also a good place to specify sites you don’t want served out of Varnish at all. If your server runs multiple sites, but only need Varnish for some of them, exclude the site by checking for req.http.host ~ 'example.com'.

Next, we need to make sure user-specific content isn’t cached, so we unset cookies:

For example, if you’re logged into EE, and have a message on the front end of your site that says, “Hello, Admin!”, that will be cached in Varnish and then appear for all users who come to the site. So we anonymize the visit by unsetting those cookies when retrieving from the backend.

Finally, we’ll look at the vcl_fetch subroutine, which is called after a request has been retrieved from the backend. Here, we’ll just use this function to set the time-to-live (TTL) of our cache:

1m means one minute. This means that any single page won’t have to be regenerated more than once per minute, which should greatly ease the load on the server while making sure the content on your site is no longer than a minute old.

Now we’re ready to start Varnish. Once you find out where your varnish daemon is, start it like so:

-f specifies the path to your VCL file, and -s sets the cache storage type. I choose to store the cache in the RAM for extra speed by specifying malloc, but you can also choose to store the cache on the disk.

If all goes well, you should be able to go to your existing site like usual. To make sure caching is working, refresh a few times, then check the request headers in your browser and confirm your site’s Age is incrementing:

The Age shows how old the object is you are viewing, and if you keep refreshing, you’ll see the Age go back down to zero once the document becomes older than a minute. That means caching is working correctly, and you should notice a nice speed boost as well!

Now that we’ve got our site caching, let’s learn how to tune Varnish to work even better with ExpressionEngine.

Manual Purging

On some of my sites, I like to go the extreme route and set a TTL of 24h to always give the site that extra speed boost provided by Varnish. The problem with that is it may take an entire day for new changes to show up on the site, and you can imagine what clients think of that.

To fix this, we need to purge the cache when content is updated. I wrote an add-on called Purge to do just this task. It works by taking advantage of EE’s entry_submission_end and delete_entries_end hooks to know when content is updated, then it sends a special header to Varnish which we then check in the VCL, and then purge the cache if the header exists, like so:

The Purge add-on could use some improvement, such as purging on comment submission (if you’re not pulling those in dynamically, as we’ll discuss below) and better integration with the Multiple Site Manager, so pull requests are welcome.

Showing Dynamic/User-Specific Content

Earlier I mentioned a block on our site that greets the user if they’re logged in, but we intentionally broke it to make sure the wrong name wouldn’t appear for other users.

We want to get this working again to greet the user and hide the “Log in” and “Register” links. To do that, we take advantage of Varnish’s Edge Side Includes feature. In a nutshell, ESI allows you to serve bits of content from from the backend without having to serve the whole document from the backend. That’s what we’ll do for our greeting box.

First, we need to make the greeting box its own template so that Varnish has something to request without loading the rest of the page. Now we’ll embed the template on our page, but we won’t use EE’s embed tag, we’ll use Varnish’s ESI tag:

We’re not quite finished yet. We need to tell Varnish to process ESI tags, and NOT to cache that template request. We do this by adding req.url ~ 'member_box' to the check in vcl_recv, and by adding set beresp.do_esi = true; to vcl_fetch.

Now we’ll restart Varnish, and go to our homepage. If we’re logged into EE, we should see this on the homepage:

Great! But a problem with this is it really lowered our hitrate. We still have the benefits of caching the rest of the page, but hitting the backend on each request creates a bottleneck. Since we don’t need to have our greeting box hit the backend for anonymous users since it always appears the same for guests, let’s continue to cache everything for anonymous users, and only have our greeting box hit the backend for logged-in users.

To do that, modify your check for req.url ~ 'member_box' to read as (req.url ~ 'member_box' &&; req.http.Cookie ~ 'exp_sessionid'). Varnish lets us check for individual cookies so we can decide how to best handle the request. With this change, requests for our member_box template will only hit the backend if a sessionid cookie is set. You can also alter the if-statement to allow ALL requests to hit the backend if that cookie is set, that way if you’re logged into your site to make changes, you can see the changes live without having to purge the cache or wait for it to expire.

There’s certainly more you can do to handle logged-in users, and Varnish has more documentation about that.

Get IP Logging Working Again

Since running Varnish, you may notice in your server and EE logs that everyone’s IP address appears as 127.0.0.1 or the IP address of your Varnish server. That’s because, technically, Varnish is the one making the request to the backend. Luckily we can tell Varnish to forward along the user’s actual IP address to us.

In your vcl_recv subroutine, add these lines:

Now open your EE install’s config.php and add your Varnish server’s IP address to the proxy_ips setting:

This should get ExpressionEngine seeing the correct IP address. Apache, however, requires further tweaking. In your httpd.conf, modify your LogFormat to read %{X-Forwarded-for} in the IP address portion of the log line. Other HTTP servers should provide a similar way of showing our special header in log files.

By the Grace of Varnish

We’ve all lost precious uptime when our HTTP service decides to crash. Varnish has some nifty tools in place to cover your tail in such an event, and it’s called backend polling. The concept is simple: Varnish will poll your backend at an interval you specify, and if it detects the backend is unreachable, it will continue to serve out of the cache for a specified period of time, called grace time.

Setting up polling is easy, we do it by adding a probe section to our backend declaration:

These are the default settings from Varnish’s docs, but you may want to tweak them further for your server. This basically says, “Go to http://127.0.0.1:8080/ every second, and if it takes less than 34ms to respond for at least 8 of the last 10 polls, the backend is considered healthy.”

If the backend fails the test, objects are served out of the cache in accordance to their grace time setting. To set this, we need to set the grace time both for the request and for the fetched object. To set grace time for the request, add this line to vcl_recv:

And to set grace time on the object, add this line to vcl_fetch:

This allows our backend to be down for a whole hour before we get it fixed without website visitors ever noticing.

Go Forth

I hope by now that I’ve given you an arsenal of tips and tricks necessary to set up the ideal caching for your ExpressionEngine site, and that traffic spikes are no longer a cause of anxiety. If you need Varnish to do something I didn’t cover here, it’s likely outlined in the Varnish docs, along with more detailed descriptions of everything I mentioned here. This was just the tip of the Varnish iceberg.

For reference, you’ll find the final VCL file with all the modifications we made below.

Here’s this week’s round up post. Remember to add your news via #FRUP on Twitter, or this forum thread.

Add-ons

• Michael Rog updated Show Me My Assets! to 1.1.1, which now expands subfolders in the Assets file manager and Assets file field.

• Nine Four wrote an add-on to return and entry ID based off a given letter. Say for instance you wanted to show all entries that start with the letters “A, B, or C”, this add-on will return the relevant entry IDs for passing into a channel entires loop. You can find it on Github.

• Jesse Bunch released a YQL plugin for ExpressionEngine. This plugin will make it easy to consume and cache your YQL queries directly from your ExpressionEngine templates.

• Causing Effect launched CE Tweet ($), a very customizable Twitter add-on for ExpressionEngine.

• Max Lazar released MX Select Plus ($), a fieldtype that brings a much cleaner UI when dealing with select boxes.

• Max Lazar released MX GetID3, a plugin that extracts useful information form MP3s and other multimedia files.

• Max Lazar released MX Lone Star, a fieldtype that can replace the standard checkbox fieldtype, but allows for fine tuned control over how many items people can check. This video shows the power of this fieldtype.

• Max Lazar updated MX Notify Control to 2.3.0.

• Finally, Max Lazar updated MX *Title Control to 2.8.0, now with custom status support and bug fixes.

• DevDemon updated Channel Files ($) to 5.0.4. They added Amazon S3 Subdirectory support & Rackspace CloudFiles CDN URI Override and an optional Download button in the fieldtype.

• DevDemon updated Channel Images ($) to 5.2.1. This adds the ability to import images from the local server.

• DevDemon updated Forms ($) to 2.0.7, which adds a Forms Entries tag, and allows you to delete entries straight from the CP.

• Finally, DevDemon updated Channel Ratings ($) to 4.0.1, which adds a My Likes tag and the ability for a user to delete it’s “like” vote using a special URL.

• Nicolas Bottari released Zenbu Tag Formatting, an extension for the Zenbu ($) add-on that modifies how tags from the Solspace Tag ($) module are displayed in Zenbu columns.

• Brian Litzinger released Wyvern Video ($). Wyvern Video is a robust YouTube and Vimeo add-on that integrates with all the popular WYSIWYG editors, including the new Rich Text Editor, and acts as a stand-alone field.

Site Launches

• Creative Arc launched a site for Aulik.

• Tyssen Design redesigned and upgraded Clipper Motoryachts from ExpressionEngine 1.6 to 2.4.

• 55bits launched a new company site.

• Lealea design launched a site for Strathcona High School.

• Carlo Laitano launched a site for the American School.

• eecoder along with Antistatic Design launched WilmingtonFAVS, which is the third site in a series of sites for Religion News Service.

Community News

• Hambo Development launched a new responsive company site running ExpressionEngine 2.5.

• You can help shape the future of Exp:resso’s Store add-on by casting your vote on their new feature requests page.

• a&m impact was added to our pro network, and they celebrated this accomplishment rather nicely.

• EE Pro Net member Boyink Interactive celebrated their ten year anniversary!

• The EE Podcast has a new episode on DRY Techniques out, and next episode they’ll have us, EllisLab, on to talk about the new release.

Must Read

• Jamie Pittock blogged on “Selling tickets with CartThrob”.

From EllisLab

• ExpressionEngine 2.5 was released!

• We have a new “How-to” video on Getting Started with ExpressionEngine.

• A new showcase on Next American City was posted.

• A new showcase on Viget Labs was posted.

• A new showcase on Frieze Art Fair New York was posted.

Have a good weekend!

We have a new “How-To” video for your viewing! For those of you just getting started with ExpressionEngine, or those who’d like a refresher on the basic concepts of ExpressionEngine, this is the video for you.

It brings the Getting Started with ExpressionEngine 2 page from our documentation to life. Enjoy!

Remember, we have a variety of “How-To” videos covering other aspects of ExpressionEngine on our Vimeo page.

Today Website Baker Org e.V. has released the new official homepage of WebsiteBaker content management system. From now on you can find all information about the cms refreshed and new structured on www.websitebaker.org.

Today Website Baker Org e.V. has released the new version of WebsiteBaker content management system. You can find the download of WebsiteBaker 2.8.1 now on the official source www.websitebaker2.org.

For way too long, we considered MODX the best kept secret for anyone who cares about total creative freedom on the web—we effectively were hiding in plain sight. CMS Expo in Chicago last week brought home that it wasn’t just us. We used CMSX as our official “launch” for MODX, both as an Open Source project and company.

And boy, did it ever exceed our expectations on all fronts. Our Twitter activity during CMSX was just one indicator of how much buzz there was around MODX:

Our booth was constantly busy—probably the busiest one—at CMSX. We think the amount of traffic just from Joomla users indicates there's even more room for what we’re doing in the CMS space than we originally thought. Most people really had no experience or even knowledge of MODX, and were really happy we were there.

Suffice it to say, MODX is officially now very much on the radar.

Making Hard Things Simple

We demoed MODX Cloud a lot at CMSX. Not a watered down, safe prototype, but the real code that’s currently in internal beta. It just works, and it blew people away.

MODX Cloud is the ultimate MODX dev platform. There is a ton of code behind the scenes—actually more than Revo itself, in four different languages no less—that makes things like 15-second upgrades happen in one click, or making trivial the creation of new websites from a Template in less than two minutes. Backups are on by default, and restores are dead easy with end users 100% in the driver’s seat.

MODXers loved it. Non-MODXers left wondering where the heck we came from! It was a blast watching mouths drop and even a few backwards stutter steps during demos.

One thing I hope people notice when Cloud opens for public beta is the un-intimidating interface and focus on experience that is friendly, banishes overly-technical jargon and works intuitively. In short it’s designed so that regular folks can do sophisticated things with web infrastructure on demand, without needing help from expensive, overworked and sometimes fickle server geeks.

MODX Needs Simplicity and Vision

We’ve already discussed our tagline at MODX, Creative Freedom. This resonated with many at CMSX. When we showed non-MODXers how easy it is to suck in a design generated from another CMS and to put it into Revo, they got it. When they saw what Cloud could do for them, they really got it.

Going forward, we will apply the lessons learned from CMS Expo and filter everything we do at MODX through our company vision:

Create amazing collaboration experiences for the people that build the web.

That means that designers, developers and content creators can work side-by-side to without breaking each others’ work. Long-term MODXers probably already get this, but it’s important to state it explicitly for all.

A Streamlined Logo and Focus

You may notice we have a simpler iteration of our logo now. We think it better exemplifies what we did with Cloud—taking tremendous complexity behind the scenes and presenting it in a more streamlined fashion (the previous iteration was more appropriate for complexity…). It also better represents our three core initiatives: Community (largest, green bar), Cloud (blue) and Complete:

• Community—I’m the owner of this initiative and its purpose is to drive adoption and awareness of MODX. In the coming months, you’ll see me on the road, talking and demoing MODX, attending meetups all over the world (assuming I finally get my passport renewed…) and in general listening to what’s going on in the market to make sure our core Open Source product continues to kick ass.

• Complete—led by James Bohan-Pitt, MODX Complete is our Commercial Support and Partner operations, a traditional Open Source business model pioneered by companies like MySQL and Red Hat. CMS Expo reinforced how critical vendor-backed commercial support is for many organizations. Our Partners that attended CMSX learned how MODX can help them grow, owning their client relationships and focusing on their strengths, with MODX filling in the gaps. MODX helps by doing some of the heavy lifting and strategic work, enabling Partners to win and deliver larger, more profitable projects that previously would have been out of reach.

• Cloud—led by our CTO, Kevin Marvin, MODX Cloud is the future of MODX. It’s truly a transformative way to build and manage websites. If you haven’t already requested private beta access, I’d suggest you definitely get in line. Cloud is tremendously powerful even today, and has an even richer roadmap that will set the bar for what all web workers will expect of web development platforms.

Applying Lessons Learned

The first on the list for long-overdue interface attention is our core CMS product. It needs to be brought up to the standards of MODX Cloud in order to be aligned with our Vision. (Yes, this is a teaser while we finish our planning.) But based on some private chats at CMSX with long-time MODXers, we think you’ll like what you see.

In fact, the experience you get in MODX Cloud will be mirrored in everything that wears a MODX label. That means you’ll also see updates in our forums, too.

Living up to our Vision is not an easy task—we have a lot of work to do. However, we are committed to enacting the standard it implies for our busines and for every product associated with MODX. We have already started using it as a filter against decisions we have to make. The results so far have been both very positive and would have likely not happened the same way otherwise.

As sure as I was when we promised to go all in on MODX at our first MODxpo in May 2010, after CMSX I now know we did the right thing. For current MODXers, thanks for sticking it out and believing in what we do. For those new to MODX, welcome aboard and get ready to experience creative freedom like you never have before.

Today we released MODX Revolution 2.2.2 which includes a number of important fixes, some minor—yet always welcome—performance improvements, and 2 new wizards to make it easier to create User and Resource Groups.

In case you missed it, in 2.2.1, we added a new user setting that gives a user unrestricted access to the installation called Sudo user. This setting means an account cannot get locked out of the site while creating Access Policies for other Site Administrators and users. With tremendous power comes tremendous responsibility; you should use the Sudo user setting wisely. Read more about Sudo users from MODX Senior Developer Mark Hamstra.

If you're using MODX Revolution and have not upgraded to 2.2, it has been one of biggest releases to date. With the Manager interface refinements, other additions including Media Sources and the release of the Articles add-on, now is the time to upgrade to this latest version. For details on the major features read the complete MODX Revolution 2.2 announcement for more details.

Here are the highlights of the 2.2.2 release:

• New wizards for creating User and Resource Groups
• xPDO change to improve performance, specifically with getResources
• Upgrades from commandline no longer require all settings in the config file
• Added User duplication for the easy creation of Users and to preserve settings
• New prompt to login to regain access to work in progress after timeout
• Improvement to URL handling
• Further performance enhancements via xPDO method changes.
• For more detail read the Complete Changelog

We encourage you to try out MODX Revolution 2.2 and share your experiences with others. Here are the important links to get you on your way:

• Download Revolution 2.2.2
• What's required to run Revolution 2.2
• How to install MODX Revolution
• Before upgrading please read the 2.2 Upgrade Notes
• How to upgrade MODX Revolution
• Read the MODX Revolution Documentation

MODX is only as good as it is because of many individual community members and users that take the time to report issues and request new features. Make sure you read the documentation, post feedback and share your successes in the MODX community forums.

If you are really interested in mastering MODX you can buy the book. MODX: The Official Guide by Bob Ray is available now.

On behalf of the entire MODX Team,
Thank-you!

Creative Perspectives is a series of interviews with Designers and Creatives discussing their tools, design and how they use MODX. This first series of profiles and the interview questions were produced in conjunction with CMS Expo. Over the coming weeks we will be posting Creative Perspectives on each respective site. Want to share your Creative Perspective? We'll let you know how in an upcoming post.

In this Creative Perspective GP Sietzema and Sipko Groefsema offer a combined view of how they work.

Who are GP Sietzema and Sipko Groefsema

Names: Gauke Pieter Sietzema and Sipko Groefsema
Location: Surhuisterveen, the Netherlands
Titles: GP Lead Developer
Sipko Art Director
Company: Sterc Internet & Marketing
Twitter: @gpsietzema, @groefsema

As Lead Developer at Sterc, GP is responsible for the quality of web development. He leads research in new web-related technology. Sterc as an agency focuses on user experience and internet marketing, which requires a lot of flexibility. MODX delivers this for them.

Interview

Remember your first computer? What was it? Any interesting stories behind it?

GP: It was one of those old 8086 models with huge floppy disks. I remember creating start menu’s on it, which displayed all installed games on the system. I was 7 years old and already developing stuff; I loved it!

So...Photoshop or Fireworks or both/neither and why?

GP: Photoshop, because we’ve always used it, it works and our workflow depends on it.

Who is the person who inspires you the most creatively, and what you admire most about them?

GP: That has to be the whole group of people who brought us web standards and are still on the frontline of web development. Names who come up immediately are Dan Cederholm, Jeffrey Zeldman and Eric Meyer.

Sipko: There are many great designers out there. But I don't follow or admire one in particular. When I'm low on inspiration I like to browse Dribbble; the biggest advantage of this is you only see partial designs, that way you don't get influenced to much.

People who inspire me most are the people who give feedback on my designs. It sucks if they don't like it straight away, but with their feedback give new insights and make me rethink the design which often leads to a better design overall.

What are young designers and upcoming art directors missing today that you got to experience first-hand, when you were starting out?

Sipko: Web design isn't only about making a pretty picture. It’s about usability, interaction, business goals, technical possibilities and restrictions. Concepting and wireframes are the fundamentals to build on. These 2 steps also help in ‘selling’ the design to the client. You can explain your design decisions easier this way: the design is based on the wireframe(s), which is based on the concept, which is the translation of your client’s mission statement, vision, values and business goals.

Similarly, if you had to do it all over again, what do you wish you knew then, that you know now?

Sipko:

• Start with defining the concept, make wireframes and then make your design the best you can.
• Grids rule, but they ain't holy.
• God is in the details and in our line of business it’s in the pixels.

Quick, name your favorite 3 “must-have” apps and what makes them so?

GP:

• iA Writer for typing text. That’s what it does, enable you to write.
• Sparrow for handling my enormous flow of emails in a beautiful interface.
• Sublime Text 2 for my daily coding. It’s fast and beautiful.

What HTML editor do you use? (or are you secretly using DreamWeaver in design view? :P)

GP: Sublime Text 2; Previously TextMate.

So, how long have you been using a CMS? What led you to start using MODX?

I wrote my first CMS, with loads of ‘PHP includes’ after 2 years of web development without CMS’s, which has to be roughly 12 years ago. The reason was faster development. Whenever I changed something in the HTML code of a site, I had to change ALL HTML files, which wasn’t needed anymore when I started using templates.

What are some “must-have” features and add-ons or features you like most about MODX?

GP:

• The overall SEO-friendliness
• Templating engine
• TV’s to allow us to create anything we like
• Form customization to make customizable interfaces

What capabilities does MODX give you and your team that you appreciate most, and why?

GP: We’re able to make fully customizable websites, which are stuffed with SEO and usability tricks. MODX is so flexible that it obstructs us in no way. We’re not tied to weird templating workflows or limited to predefined variables. We’re free to create anything our crazy minds can come up with.

Who touches your CMS? All members? Freelancers? Your Clients? How is that working?

GP: Our developers, project managers, support crew, internet marketeers and of course our clients. Even our accountant knows how to get stuff done in MODX. It works like a charm. By applying ‘Form customization’ to the MODX interface, we only show input fields which make sense, so it’s easy-peasy for non-technical folks.

What are the most important things you’ve learned, using a CMS, versus the “old days” of static web sites?

GP: I’ll highlight one thing: semantics. Without CMS’s we could rely on our own HTML skills for managing content and the semantics would be fine. With CMS’s we have to depend on the willingness of content managers to enter content the right way. Common pitfalls here are copy pasting from Word, other websites and the usage of ancient browsers. They all mess up semantics, which can break the site, mess up search engine rankings, etc.

Bonus Question If you hadn’t decided to go into the creative realm, what do you think you’d be doing today?

GP: That’s a hard question, because I made a job out of my hobby. Before I got into the creative realm I was doing an IT Consultancy study, so I probably would’ve ended up as a suit, advising big corporations about how to waste their budget on new hardware.

More from the Creative Perspectives Series

If you enjoyed this Creative Perspective take a look at the complete Creative Perspectives series for more inspiring and interesting stories from designers who use and love MODX.

Creative Perspectives is a series of interviews with Designers and Creatives discussing their tools, design and how they use MODX. This first series of profiles and the interview questions were produced in conjunction with CMS Expo. Over the coming weeks we will be posting Creative Perspectives on each respective site. Want to share your Creative Perspective? We'll let you know how in an upcoming post.

Who's Patrick Ortman

Name: Patrick Ortman
Location: Los Angeles
Title: President & CEO
Company: Patrick Ortman, Inc.
Twitter: @patrickortman

Patrick Ortman founded one of the world’s first commercial web design companies, in 1993. He directed and produced the world’s first rock concert on the web* , the first live Internet newscast, first large-scale corporate rollout of Shockwave and Futuresplash (now basically Adobe Flash, sorry about that), and virtual reality and web projects for events like The Olympics and Major League Baseball’s World Series. More recently, he’s designed and managed projects for 8 Fortune 500 companies, and a whole bunch of smaller organizations.

He and his web projects have been featured in The New York Times, Washington Post, Atlanta Journal & Constitution, The Toronto Star, PDN, Time Magazine, Newsweek, a ton of expired Internet rags, and NHK Network in Japan.

His eponymous agency splits its time between coming up with brilliantly designed websites and gorgeous web and broadcast video marketing materials for clients who “get it”.

*Blues Traveler, Hootie & The Blowfish, Matthew Sweet, & Moist. Former MTV VJ Adam Curry sent a congratulatory email, as we beat his Rolling Stones Mbone event.

Interview

Remember your first computer? What was it? Any interesting stories behind it?

Yes, yes I do. I was a kid, and my brother convinced me to buy an Atari. I spent all my newspaper money (remember newspapers?). He let me use it once in a while, mainly to play Zaxxon. What a rip.

So...Photoshop or Fireworks or both/neither and why?

Pencil and paper. Then Photoshop. Because it works for me.

Who is the person who inspires you the most creatively, and what you admire most about them?

I admire people who can harness their dreams and create stuff.

What are young designers and upcoming art directors missing today that you got to experience first-hand, when you were starting out?

The birth of the web, for sure. I know some whippersnapper type will be banging me for saying this, but back then for a moment it felt like we were changing the world in a good way, for everyone. It was certainly a more innocent time, more positive. Not that it was all ‘Happy Days’, of course.

That said, I’ve decided to bring a sense of purposeful play back. Are you with me? Yeah! Woohoo! And if you’re not with me, then f&*K off!!! Oh, sorry, that was meant for the article on bringing punk back. Which is kind of silly, really, seeing how punk comes back every 4 years it seems. I guess the web is a bit cyclical as well, and I’m hopeful that as the economy rebounds a bit we’ll see more risk taking in web design and interactive, again.

Similarly, if you had to do it all over again, what do you wish you knew then, that you know now?

Buy more Apple stock. Lots more. Tons more.

Quick, name your favorite 3 “must-have” apps and what makes them so?

Have2Pee, to find public bathrooms in strange cities. Ninjump! for boring meetings. And I’m digging the Kindle app, too. I read a lot.

What HTML editor do you use? (or are you secretly using DreamWeaver in design view? :P)

I’m responding to this interview in Dreamweaver code view, powered by my voice using Nuance’s Dragon Dictate. Mainly because I can, not because it’s efficient. And like any good web designer, I like the sound of my own voice. Bonus!

But really, any text editor’s just fine. It’s not the tools we’re lacking, mostly, it’s imagination and the freedom to create beautiful things that work.

So, how long have you been using a CMS? What led you to start using MODX?

I wrote my own in the 1990s. Did the job, but the process sucked. Tried a lotta proprietary ones. Got sad. Then tried Joomla and Drupal. Got sadder. Then... MODX. Yay, MODX! No longer was I sad.

What are some “must-have” features and add-ons or features you like most about MODX?

It’s all just wonderful. But the feature I like best about MODX? The community. Seriously. I’ve met some great folks through this project. I find that MODX attracts real problem-solvers, devs with depth, so to speak.

What capabilities does MODX give you and your team that you appreciate most, and why?

The capability to do a $500K project for $100K, scale that up or down a bit as needed :-). In this economy, that’s vital. Because the clients are squeezing us all, always. Most agencies do things sloppier, with less care. I hate that. I like quality. MODX lets us roll out quality work, at a very reasonable price, and that makes us super-competitive.

Who touches your CMS? All members? Freelancers? Your Clients? How is that working?

All of the above. Swimmingly!

What are the most important things you’ve learned, using a CMS, versus the “old days” of static web sites?

Who are you calling “old”? Geez, man. Well, back when we built sites with hammer and chisel, on granite tablets, things were really tough to change. So clients often wouldn’t change them. And information was locked up and crusty and boring. And dinosaurs still roamed the Earth, too. CMS driven sites change all that. I won’t say everything’s groovy in webland these days. But the idea that each page isn’t hand coded? That’s better than sliced bread. Which, yes, my generation also invented alongside Al Gore.

Bonus Question: If you hadn’t decided to go into the creative realm, what do you think you’d be doing today?

Gigolo for lonely, hot women with money. That’s actually a side business I’m considering starting up, with all the free time using MODX has given me.

More from the Creative Perspectives Series

If you enjoyed this Creative Perspective take a look at the complete Creative Perspectives series for more inspiring and interesting stories from designers who use and love MODX.

Creative Perspectives is a series of interviews with Designers and Creatives discussing their tools, design and how they use MODX. This first series of profiles and the interview questions were produced in conjunction with CMS Expo. Over the coming weeks we will be posting Creative Perspectives on each respective site. Want to share your Creative Perspective? We'll let you know how in an upcoming post.

Who's Anne Miles

Name: Anne Miles
Location: Louisville, KY
Title: Toad-in-Chief
Company: Red Toad Media
Twitter: @redtoadmedia

Anne is a designer and information junkie with a passion for user interfaces, gaming, business, marketing and languages. Her experience ranges from UI design for software companies to designing children’s books. She blogs whenever possible and has been a contributor to Smashing Magazine and People Stories, Inside the Outside, a collection of essays by the Wizard of Ads.

Interview

Remember your first computer? What was it? Any interesting stories behind it?

A TRS-80! It was the all-in-one model with the insanely huge and loud dot-matrix printer. It was the same model we had in the computer lab at my high school in 1987. I took a BASIC programming class, but my real takeaway from the class was how to use SCRIPSIT... an early word processor. I ended up making extra money through high school and college doing resumes and papers for others with that.

So...Photoshop or Fireworks or both/neither and why?

Photoshop. When I was in school we learned Freehand and Fireworks as alternatives to Illustrator/Photoshop but I just liked the UI set in the Adobe products better. Illustrator was the big deciding factor there. I do occasionally work with channels and lab color, and do print work as well as web, so PS is more versatile for me.

Who is the person who inspires you the most creatively, and what you admire most about them?

Impossible question. I will give you a short list. Roy Williams (Wizard of Ads) - for wordsmithing, Mary Engelbreit - for sheer business sense and endless joy in her art, Jelly Helm - chutzpah and exploration, CS Lewis - attention to reason, Rauschenberg for the glint in his eye, Andy Clarke for his obstinance. Jesse Schell for his keen observation and then how he uses that to engineer. Mark McGuinness for his courage and poetry.

I find new heroes daily.

What are young designers and upcoming art directors missing today that you got to experience first-hand, when you were starting out?

I think I have a real respect for the roots of where we are now with technology, and for ideas and not just pushing buttons or producing glam bells and whistles because you can. For me design is fundamentally about the message and purpose. When I was in school, we started with paper and endless thumbnailing; I still do that. I don’t know if that has changed for schools? I find in some of the younger designers (web designers) that I know a lack of clarity about their message. That could be immaturity, a lack of thought regarding function. Impatience. It also reflects where they started. Print designers turned web designers can be woefully ignorant but so can developers turned web designers. There isn’t a good balance. I wonder how much emphasis on the importance of thought there is now in schools. I think there is some confusion as to what design is. I’m not just an artist. I solve problems. There is much more attention paid now to interactive design as a discipline and that’s been positive. Because I do some programming and work with so many geeks I have seen the iterative process at work and a lot of art directors/designers don’t experience that to the same degree. I think it’s been really helpful to me growing as an interactive designer.

Similarly, if you had to do it all over again, what do you wish you knew then, that you know now?

I wish I’d learned to program earlier. I don’t think it’s really possible to do good design for web without a groundwork of programming concepts/logic at least.

Quick, name your favorite 3 “must-have” apps and what makes them so?

• Firebug – my little friend that keeps me sane and helps me bring my ideas to life.
• BBEdit – it opens everything, it zaps gremlins (do you know how many gremlins are in photoshopped text?) it isn’t heavy or cumbersome, doesn’t try to correct my code.
• Photoshop/Illustrator – two sides of the same coin. I use them for layout and comps and ...well, they’re just essential.

Now if you mean fun apps I’d go with Scrivener for writing, Kindle Reader for Android and Netflix!

What HTML editor do you use? (or are you secretly using DreamWeaver in design view? :P)

I do use DW in design view in some phases of developing our custom templates, but it is normally split screen with me editing code. BBEdit is my workhorse. :-)

So, how long have you been using a CMS? What led you to start using MODX?

I actually started writing my own CMS back in...oh...2002? I got a SitePoint book on how to program php and mySql and one of the exercises was a simple CMS and at about the same time I did two sites for local businesses where I used my newfound knowledge. They were not fancy, mostly TinyMCE, a file manager and uploader. Then I started looking at and testing Joomla and Drupal. I implemented Wordpress. Drupal and Joomla just limited me, design-wise. WordPress was fun to use but not easy to make a website with. I kept exploring and stumbled onto MODX one day. It was version 0.9.6 and I had a site for a local mayor’s race to turn around in a week. With the help of some tutorials, I did it and I never looked back.

What are some “must-have” features and add-ons or features you like most about MODX?

Template Variables. TV’s are chunks of code that I can put anywhere in my design. They empower me to implement my vision instead of leaving me baffled, frustrated and limited, like other CMS’s. I can do a full flash interface fed by XML with a separate mobile version or turn around and implement a full CSS3, HTML5, jQuery-animated marketing machine of a site. I have the power to customize every piece of the site on both admin side and on the front-end.

What capabilities does MODX give you and your team that you appreciate most, and why?

The front-end editing and ability to fully customize the admin means we can tailor our solutions for clients and give them a tool they will actually use. They are not afraid of the interface and enjoy updating their websites. It’s also nearly painless to integrate RSS and social media in creative ways.

Who touches your CMS? All members? Freelancers? Your Clients? How is that working?

We use some freelancers who work with us and then we train our clients as users. It’s not difficult to create different levels of users with different levels of access. We love that.

What are the most important things you’ve learned, using a CMS, versus the “old days” of static web sites?

We’ve learned how important it is to design a site for how it will grow in the future. It must be scalable. Websites are never finished these days, they grow. A site has to be designed and built in such a way that it can grow without agony of rebuilding or lot of hassle for the client. There has been a huge shift of power and control back to the client with the advent of CMS’s, but we’re responsible to give them good tools so they can publish without their sites turning into mammoth, difficult to navigate, confusing messes. It’s like Christmas for us to see the eyes of a client when they realize they aren’t hostage to a developer anymore.

Bonus Question: If you hadn’t decided to go into the creative realm, what do you think you’d be doing today?

I would be a writer.

More from the Creative Perspectives Series

If you enjoyed this Creative Perspective take a look at the complete Creative Perspectives series for more inspiring and interesting stories from designers who use and love MODX.

We are currently working on what will finally become Textpattern 4.5. Here’s an overview of some notable changes and enhancements.

Ever thought “I can do things as well as the devs”? Ever wanted to be dev for a day? Now’s your chance to shape Textpattern 5 your way.

Never one to shy away from pointing out Textpattern’s greatness, when the opportunity arose to talk shop, some Bloke was all over it.

Among the sun-drenched skyscrapers of Olde London Town, some virtual strangers with only Textpattern in common met in a pub. With just beer, handheld devices and a network close by, what could they possibly talk about?

What happens when you wedge four TXP geeks in a room? Surprisingly little in tangible output, but some great codeworthy exploration and daft pictures. Find out how the North Bristol TXP meet went down.

• One Low XSS Vulnerability fixed in the Archive - This is tagged as low because it requires moderator permissions. This vulnerability was discovered and reported by frostschutz.
• One Medium XSS vulnerabilities fixed in Attachments - This vulnerability was reported by frostschutz.
  Please note that this patch will remove the ability to open some types of attachments directly in your browser (e.g. QuickTime Movies), and will instead ask you to download them.
• … Several other bug fixes
  

• Search Backend Refactoring by Dhruv Goel, India
  Dhruv will focus on enabling proper abstraction in the search system and allowing for individual backends to modify the user interface. He will also integrate Sphinx and PostgreSQL Fulltext search into the phpBB codebase.
  
  
• Attachment Improvements by Kim Mantas, Hong Kong & UK
  Kim will improve both the interface and functionality of the attachment system by implementing multiple file uploads, an improved user interface and a tool for downloading several attachments at once.
  
  
• Auth Plugin Refactoring & User Integration by Joseph Warner, United States
  Joseph will enable phpBB to simply integrate with third party authentication services. The generic interface will allow administrators to configure which services to accept or add additional services at a later time.

• Closing RFCs Like a Boss by Joas Schilling, Germany
  Joas will focus on completing some existing RFCs, including events, proper grouping for the teams page, improved ACP layout, soft delete, a log class, native php timezone handling, and others.
  
  
• Post Revisions/Edit Log by David King, United States
  David will implement a post revision system, enabling moderators to view detailed differences between edits made to a post with the ability to revert. This feature will have an option to be disabled, and can be further configured via the ACP to enable revision pruning.

Statistics: Posted by Marshalrusty — Mon Apr 23, 2012 7:18 pm — Replies 0 — Views 8281

Statistics: Posted by Marshalrusty — Wed Apr 18, 2012 9:27 am — Replies 0 — Views 8440

Statistics: Posted by Marshalrusty — Tue Mar 20, 2012 12:52 pm — Replies 1 — Views 17030

Statistics: Posted by Oleg — Fri Mar 09, 2012 4:21 pm — Replies 0 — Views 16689

Statistics: Posted by DavidIQ — Sat Feb 11, 2012 4:48 am — Replies 0 — Views 21884

ive disabled everything for guests but the news still shows up on the main log in page.  any way to get rid of just that?

• Added plugin hook “user.verifyregister” to allow spam control at registration time.
• Replaced CAPTCHA image library with a newer one backported from UNB2. It is configured to use language-specific dictionary files. Edit unb_lib/captcha_words_*.txt where * is the language code. If you want to add more languages, you need to update the code in forum.php (watch for those file names). Currently, de and en are available. If you create a long enough file for another language, please let me know. Warning: Translation file “common”, string “vericode~” has been updated in de and en (may lead to misunderstanding if not updated). Template file “register” has been updated (only cosmetic layout change).

• Fix in session/cookie handling for php.ini "request_order=GP"
• Forum notifications are forum-recursive
• Increased size of background images to improve IE7/8 performance a bit.

• PHP 5.3 compatibility

• Log Viewer: Line break between filter check boxes and their label text prohibited

• A complete features list is now available.

I have tried to install the 'Broadcast Email plugin', but it says 'This extension is not compatible with your PunBB version.'

Is there a 'Broadcast Email plugin' or some other plugin for sending mails out to the forum users that is supported in PunBB v1.4.2?

I need some kind of personalized 'Ignore user' feature when some members may put 'Ignore' on some other members so their posts will not appear on the website when they are logged in.

Add logo to header
v0.5.1
The tests only in our 1.4.2

screenshots:

Logo for download via the "Settings" page.
Storage Location logo - 'img' folder at the root of the forum -> File 'logo'
Need permission to write to this folder
Download the new logo will delete the old one.
Hide the name of the forum, use the alignment is only possible when the logo
"Insert logo" is now disabled if the logo is not found
Select logo position (left or right)
Select the text alignment Forum name and description (left, right, centered)
Selecting a vertical position for the title of the forum and its description (top, bottom, middle)
Logo of the default link to the homepage, you can change the link address and a description of the settings
Download: http://punbb.ru/downloads/v14/logo_v0.5.1.zip

Translated into English
I'll take any comments.
thank you

No Rules Forum is looking for all trolls, flamers, gamers, and most of all, anyone that has anything to say about anything!  It is a general forum with very few limitations where anyone can freely speak their mind.  Come join today and help get some topics started so that eventually it will have a large, active community where people can be free!

Thank you PunBB for providing such a straight forward, smooth forum package!

norulesforum.com/forum

南楼红双喜翠映雪峰

A team of developers has released a new version of their native iPhone/iPad app for Gallery 3.

viGallery allows you to manage your photos and albums straight from your iOS device.

Take a look on the app store: viGallery and on their info/support page.

It isn't open source and it does cost $4, but it looks like a nice way to work with Gallery 3 from your Apple devices. Read on for features and requirements.

read more

We're releasing both Gallery 3.0.3 and Gallery 2.3.2 as security releases. Several researchers, working independently, discovered possible encryption-related vulnerabilities. Low-risk XSS vulnerabilities limited to the administration area were also reported. We thank the following individuals for reporting these issues: James 'albino' Kettle, George Argyros & Aggelos Kiayias, and Emanuel Bronshtein. They will be receiving bounties for these issues. Read our Bounties page for details and how to submit any security issues you find. The CVE id for these issues is CVE-2012-1113.

We recommend that all users of Gallery 2 and Gallery 3 upgrade as soon as possible.

read more

Researchers at Carnegie Mellon University are using Gallery to learn more about how people use access-control permissions in online photograph sharing systems.

If you would like to contribute, please take their survey http://www.surveygizmo.com/s3/666856/Gallery-Usage which should take less than 5 minutes to complete.

Check out this forum topic for more details.

read more

The Xotof Team have been busy working on their Gallery 3 Client, getting it to as many users as possible.

Xotof already works on your favorite Android phones and tables, and they have just received approval to run on the Amazon Kindle Fire.

If you're a Gallery 3 user with an Android device or a Kindle Fire, head over the Android Market or Amazon Appstore and give Xotof a try.

read more