Subscribe to feed Planet Drupal - aggregated feeds in category Planet Drupal
Bijgewerkt: 35 min 54 sec geleden

Drupal @ Penn State: Pulling Git repo content into Drupal

do, 2016/04/07 - 12:06am

The ELMS Learning Network team is seeking to not only transform education, but also the concept of content and how you can interact with a CMS. By taking our network based approach to educational delivery to Drupal, and viewing Drupal as more of an engine connecting people rather then a product out of the box, we can craft innovative solutions (like this one).

Categorieën: frontpage posts for the Drupal planet: Drupal 8.1.0 RC1 is available for testing

wo, 2016/04/06 - 11:46pm

The first release candidate for the upcoming Drupal 8.1.0 release is now available for testing. With Drupal 8, we made major changes in our release process, adopting semantic versioning and scheduled releases. This allows us to make significant improvements to Drupal 8 in a timely fashion while still providing backwards compatibility. Drupal 8.1.0 will be the first such update, expected to be released April 20.

Download Drupal-8.1.0-rc1

8.1.x includes an experimental user interface for migrating from Drupal 6 and 7, the BigPipe module for increasing perceived site performance, and more. You can read a detailed list of improvements in the announcements of beta1 and beta2.

What does this mean to me?
For Drupal 8 site owners

The final bugfix release of 8.0.x has been released. 8.0.x will receive no further releases following 8.1.0, and sites should prepare to update from 8.0.x to 8.1.x in order to continue getting bug and security fixes. Use update.php to update your 8.0.x sites to the 8.1.x series, just as you would to update from (e.g.) 8.0.4 to 8.0.5. You can use this release candidate to test the update. (Always back up your data before updating sites, and do not test updates in production.)

For module and theme authors

Drupal 8.1.x is backwards-compatible with 8.0.x. However, it does include internal API changes and API changes to experimental modules, so some minor updates may be required. Review the change records for 8.1.x, and test modules and themes with the release candidate now.

For translators

Some text changes were made since Drupal 8.0.0. automatically offers these new and modified strings for translation. Strings are frozen with the release candidate, so translators can now update translations.

For core developers

All outstanding issues filed against 8.0.x are automatically migrated to 8.1.x after the final 8.0.x patch release. Future bug reports should be targeted against the 8.1.x branch. 8.2.x will remain open for new development during the 8.1.x release candidate phase. For more information, see the release candidate phase announcement.

Your bug reports help make Drupal better!

Release candidates are a chance to identify bugs for the upcoming release, so help us by searching the issue queue for any bugs you find, and filing a new issue if your bug has not been reported yet.

Note that there are known issues with the experimental Migrate module suite, especially the incomplete Drupal 7 to Drupal 8 migration path. If the bug you find is not covered by one of these issues, your detailed bug report with steps to reproduce is a big help!

Front page news: Planet DrupalDrupal version: Drupal 8.x

Acquia Developer Center Blog: Use Drush to Sync Your Drupal Installations Between Multiple Environments

wo, 2016/04/06 - 10:39pm

Note: This is an updated version of a blog post originally published by Promet Source. Moshe Weitzman contributed to this post.

One of main draws to Drush is the library's ability to make developer's lives easier. There are two simple commands that work using Drush aliases that can help sync database and files between multiple Drupal instances. First, we'll go over setting up an alias file for Drush. After that, we'll document the usage of Drush's sql-sync and rsync commands.

Tags: acquia drupal planet

Promet Source: How to Download and Install the AMP Module on Drupal 7 Sites

wo, 2016/04/06 - 9:41pm
Accelerated Mobile Pages (AMP) in Drupal 


Google’s search ranking algorithm was updated in 2015 to reflect a critical factor in user experience: mobile accessibility. More than half of all searches in major markets such as the U.S. and Japan happen on mobile devices, so Google began ranking webpage results with mobile layout and design higher than non-mobile pages to give their users the best possible experience. 

Now there’s a way to enhance the user experience for mobile devices without having to completely redesign a site. This method is convenient for publishers and it’s built on existing HTML standards. Site owners who want to provide users a good experience on mobile devices can now serve pages in the accelerated mobile page, or AMP, standard. Google designed the AMP standard and open-sourced the project in 2015. Drupal siteowners can download and install the AMP module for Drupal 7 and Drupal 8.  

This post covers the process of downloading, installing and configuring the AMP module for a Drupal 7 site. 



Jeff Geerling's Blog: Drupal VM - DrupalEasy Podcast and DrupalCon NOLA BoF

wo, 2016/04/06 - 9:19pm

As Drupal VM has passed 500 stars on GitHub, and is becoming a fairly mature environment for local development environment—especially for teams of Drupal developers who want to maintain consistency and flexibility when developing many sites, I've been working to get more stable releases, better documentation, and a more focused feature set.

Also, in the past few months, as interest has surged, I've even had the opportunity to talk about all things Drupal VM on the DrupalEasy podcast! Check out DrupalEasy Podcast 172 - The Coup (Jeff Geerling - Drupal VM), which was just posted a few days ago.

And to keep the conversation flowing, I'm going to be moderating a BoF on Drupal VM at DrupalCon New Orleans, Drupal VM and local Drupal development for teams.


LevelTen Interactive: TexasCamp 2016: A DrupalCamp Hangover

wo, 2016/04/06 - 8:44pm

If you were at the first-ever statewide DrupalCamp in Texas this weekend, that's awesome! As part of the team that helped organize this camp, I loved what we were able to accomplish. We organized TexasCamp to bring together the Drupal community from all over the state of Texas to teach, learn, connect, and collaborate.

It was all Drupal everything, especially in the week leading up to the event! As part of the team, we spent months of planning and finding the right venue (only to have to change it a month before the camp). The logistics that went into planning an event this large...Read more


Drop Guard: Drupalgeddon strikes back: outdated Drupal allegedly linked to "Panama Papers"

wo, 2016/04/06 - 8:35pm
Drupalgeddon strikes back: outdated Drupal allegedly linked to "Panama Papers" Igor Kandyba Wed, 06.04.2016 - 20:35

Drupalgeddon vulnerability, also known as SA-CORE-2014-005 affected millions of websites back in 2014 and we believe it started a new era for the Drupal community. It became apparent that if you don't want to put your website or business to a huge risk it's not enough to check for its status once a month, or even once a day - you should be continuously and tirelessly be scanning all available sources of information for potential security vulnerabilities in your code, being prepared to take immediate action.

Security Drupal Planet

Four Kitchens: Trip Report: Stanford DrupalCamp 2016

wo, 2016/04/06 - 6:35pm

I always enjoy going to Stanford for the annual DrupalCamp, and this year was no exception. Here are some takeaways from a few of the sessions I enjoyed this past Saturday. …

Categorieën: blog: Restructuring

wo, 2016/04/06 - 6:33pm

In this post I'd like to talk about one of our major projects for 2016, which comes as a follow up to content strategy project of 2015.

Content restructure

Last year we presented our findings from the content strategy developed by Drupal Association staff in collaboration with Forum One. This year we're focusing on bringing as many of those ideas to life as we can. We call this implementation phase 'content restructure'. We'll look at one area of the site at a time, audit its content, change the way it is created and stored (content type) if needed, redesign the way it looks and reorganize it into a more usable and findable structure, improving content quality and giving content creators better tools to maintain it along the way.

The backbone of the new content structure are 'sections' or top level groupings of content. We created infrastructure to make those possible and have already launched the first few.

Together with sections we've been rolling out blogs to improve how we communicate about specific topics on Recently, I talked in more detail how blogs and sections fit into our overall plan of making it easier to communicate important announcements and news to the Drupal community.

Our current focus is Documentation area of the site. We're working on a complete revamp that will change the way documentation looks and works, and will change the way users can navigate and improve documentation. We're working closely with the Documentation Working Group and performing rounds of usability testing to ensure the changes we are working on will improve the user experience across the board. More details on this can be found in the issue queue.

A big part of the content restructure plan is a content audit and migration. This is especially true for documentation revamp, where we have thousands of pages to migrate into the new system. We'll be turning to the community to help us with this effort. Not only because that's too many pages for a small team like ours to migrate on our own, but also because we need subject matter experts to look at a lot of the pages and evaluate how accurate they are, whether they should be migrated or archived, and so on.

More than just content

Along with the content restructure project, we'll be doing important work that complements and supports it, though each component is not a discrete project on its own.

Developing visual design system

The current design is based on branding and design work done in 2008 by Mark Boulton Design and Leisa Reichelt. They did a great job, but even the most beautiful site will age. Since more than seven years have elapsed since the last redesign, it's time to update the site for a more contemporary look.

Our quest towards updating visually started in 2014 with the user research project, which brought us user personas. The next big step was the content strategy project, which laid the groundwork for the content restructure work discussed above.

Building on what we learned about our users, and how to structure our content to best serve their needs, this year we'll be introducing the new visual design system for the site. There will not be a single, comprehensive launch, where you wake up and suddenly looks completely different. We'll do it iteratively, in parallel with the content restructure, by redesigning the specific area of the site we are focusing on at a given time. This approach lets us introduce visual changes sooner, and iteratively improve and refine them as we go. In fact, you've already seen some of the elements of the new visual system appear with the Drupal 8 launch.

Later this week, our designer DyanneNova will share a bit more details about the work we've already done towards the new system and our next steps.

Updating content style guide

Along with restructuring content we also want to improve the quality of the existing content during migrations, as well as the quality of the content that will be created in the future. To this end, we'll be taking a look at the content style guide, and plan to refresh and update it. We also anticipate expanding the guide to add information about specific content types and communication channels.

Capturing user engagement and contribution

Another aspect of our content restructure work will touch on user engagement and contribution. As we go area through area of the site, redesigning it and improving its content, we'll be looking at what type of user engagement and contributions happen in that area. We'll be looking for opportunities to better capture them, and subsequently better recognize and display those contributions. For example, right now 'documentation edits' count on user profiles show the number of edits user has done to 'book page' content type items, which may or may not be documentation. We'll make that calculation more precise to display the actual documentation edits. We'll also be able to display specific parts of documentation a user maintains, similar to projects they maintain.

Increasing sustainability

An ongoing challenge at the Drupal Association is ensuring we have sustainable revenue to support our work for the community. As we do this work, we will be looking into improving existing revenue opportunities and introducing new ones to make more sustainable. We will also work closely with partners who may be willing to sponsor specific improvements to on behalf of the community.

Other initiatives

The content restructure is not the only project we are working on right now. Some of the other initiatives will be described in future posts. Check our Roadmap to see all the things in progress.

And if you happen to be at DrupalCon New Orleans this May, come to our session to get further updates on some of the topics discussed in this blog.


Pronovix: Building Landing Pages faster

wo, 2016/04/06 - 6:17pm

At Pronovix, we use the paragraphs module almost every day to create new web pages. We continuously evaluate and improve our landing page creation process: we were already able to shorten the feedback process and reduce the number of editing rounds before publishing.


OSTraining: Add Scrolling Text Ticker to Drupal

wo, 2016/04/06 - 5:10pm

An OSTraining member asked us how to setup scrolling text in Drupal.

They wanted to create a CNN / BBC-style news site, with a breaking news ticker.

We recommended the ScrollText module and I'm going to show you how to use it.


Mediacurrent: Don't Rely on the Title Attribute for Accessibility

wo, 2016/04/06 - 5:04pm
What is the Title Attribute?

The title attribute is often used to give additional information about an element. Content editors will find a field for it when they add a link or an image to the WYSIWYG. The CKEditor WYSIWYG calls it the “Advisory Title” under the Advanced tab of the Link and Image Properties modals:


DrupalCon News: The Schedule is Live for DrupalCon New Orleans

wo, 2016/04/06 - 3:47pm

DrupalCon New Orleans is just over a month away, which means it’s time to start planning your con experience! That’s right — the schedule is now available on the website, so you can start planning out how you’ll make the most of every minute in New Orleans.

See the Schedule


OpenLucius: Bitcoin foundation 'Blockchain' replaces bankers | Can Drupal help?

wo, 2016/04/06 - 3:38pm

After reading the book 'Swimming with Sharks: My Journey into the World of the Bankers', the bestseller from Joris Luyendijk, I wondered: how will our financial system look like in 10~20 years? Since the book is describing a dark financial future: a future crash seems to be in sight. The movie based on a true story 'The big short' confirms this impression.

At the same time my partner Henk van Cann is studying the world of cryptocurrency and explained me what this currency will mean for the future: no more intermediaries, so no more banks as well.

Mic drop.

Bitcoin and other cryptocurrency, a new human right

KnackForge: CDN Module, and Amazon Cloudfront in Drupal 7

wo, 2016/04/06 - 2:12pm
CDN Module, and Amazon Cloudfront in Drupal 7

Recently I decided to check out Amazon CloudFront to use it as a CDN. I felt delighted as it was so easy to setup with drupal and configuring it involving just a few steps. Another thing that excited me was its cost. It is really really cheap, just costs about 12 cents per gigabyte of transfer.

Step 1: Create a CloudFront Web Distribution

     To create a CloudFront web distribution

Karalmax Wed, 04/06/2016 - 17:42

Jim Birch: Bootstrap Navbar in Drupal 8 with 4 easy template changes

wo, 2016/04/06 - 2:00pm

I am teaching myself Drupal 8 theming. Rather than starting with a contrib theme, I am starting with an empty folder, using core's Stable theme as my base theme. This is a great way to learn to the ins and outs of the new Drupal theming system, and getting it to conform to your wishes.

For a few years now, I have successfully used the Bootstrap framework in my personal and professional projects. This article will explain how I implement the Bootstrap Navbar in a way that is far simpler in Drupal 8 than it was in Drupal 7.

You can use the base Bootstrap Navbar styling, a Bootstrap theme, or your own custom Bootstrap theme. The classes should be all the same. All we need to do is change the following 4 templates, make sure two blocks are in the "Page Header" region, and add menu items and we are good to go.

Here are the step by step instructions:

1. page.html.twig

If you have a "Page Header" region, wrap it in a container-fluid div, which is wrapped in a navbar nav. This is the base container for the Bootstrap Navbar.

Read more


Red Route: Solving problems by avoiding them

wo, 2016/04/06 - 1:38pm

As happens so often, real life has been getting in the way of making more progress on my attempts to migrate The Gallery Guide from Drupal 6 to 8.

Now that I've moved back to London, I'm not living like Alan Partridge any more, and I'm not cursed and blessed with ridiculous early mornings or evenings on my own, so this project has been on the back burner for a while. I have managed to find a little bit of time to start looking at it again - although unfortunately in short stretches, rather than in a long enough stint to really get into a good flow, but better than nothing.

As I mentioned in my last post, one of the node migrations is failing. For some reason, it's now failing with a different error:

Migration failed with source plugin exception: SQLSTATE[42S22]: Column not found: 1054 Unknown column                         [error]
'field_postcode_short_' in 'where clause': SELECT 0 AS delta
{content_type_gallery} t
WHERE  (field_postcode_short_ IS NOT NULL ) AND (nid = :db_condition_placeholder_0) AND (vid = :db_condition_placeholder_1);

field_postcode_short is a computed field on the gallery content type in the D6 site, which shows the first part of a gallery's postcode, derived from the value entered for the address. The weird thing is the extra underscore in the SQL query. Perhaps there's something odd about the way the Computed field module stores its data. The module does have a D8 version, but I'd like to minimise the number of modules I need on the site, and I'm not sure if this field is actually necessary. The other odd thing is that I can't figure out where this migration is being registered. Digging through the database and the code, there's nothing that seems to be relevant, and the migration seems to be getting registered automatically. I should probably start from scratch, and approach the whole thing in a much more scientific manner.

With the limited time available to me, I was getting frustrated with banging my head against this migration problem. I wanted to feel a sense of progress, so I switched to a different task, deciding to get some work done on the theme. It may not be how I'd approach things at work, leaving something half-done and moving on to something a bit easier, but I'm my own boss on this project, and there isn't really a critical path.

One of the most useful little modules used on the old site is Prepopulate, which allows fields in node edit and creation forms to be filled based on items in the query string. For instance, on a gallery page, there's a link to create a new exhibition at that gallery. The module has a dev version for D8, but it doesn't currently support entity reference fields. I found an existing issue with a suggested fix, and put that into a patch which works perfectly for my purposes - the joy of open source.

With that patch in, I could start adding my custom links to node templates. Having worked on themes for Drupal 6 and 7 for so long, it feels very odd to be creating links and including text in templates, but following the Twig guidelines it seems to make sense. As with some of the other changes in Drupal 8, for people who have been working on the Drupal island for a while, there's some unlearning to be done, and it's important to try and approach things with beginner's mind.

Here's the first pass at the links in the templates. I think I should probably re-work them to generate the links using Twig functions, but they work for now:

  {% if logged_in %}
    <a href="/node/add/exhibition?edit?edit[field_gallery]={{ }}">{{ 'Add a new exhibition at this gallery'|t }}</a>
    <a href="/node/{{ }}/edit">{{ 'Edit this gallery'|t }}</a>
  {% else %}
    <a href="/user?destination=node/{{ }}">{{ 'Log in or register to edit this gallery'|t }}</a>
  {% endif %}

Sometimes you figure out a problem by not thinking about it for a while, and sometimes the best way to solve the problem is to figure out a way of not needing to solve it. Having left the migration issue to stew itself over in my mind for a few days, I realised that the short postcode field isn't necessary, so the best thing to do is delete it from the Drupal 6 site. In an ideal world, I'd investigate more and fix the problem migrating that field, but just because a problem is interesting or challenging, doesn't mean you have to try to solve it.

Having deleted that field, the migration could run to completion, and my local dev site now has 719 galleries for me to poke about with. Which is good, but now it's on to the next problem - the link field in the old site didn't necessarily store the http:// protocol. The migration didn't choke on it, but when viewing the migrated nodes it causes a fatal error. So I'll need to edit the value as part of the migration. But that can wait for another day...

Tags:  Drupal Drupal 8 The Gallery Guide All tags

KnackForge: Drupal moodle integration

wo, 2016/04/06 - 1:00pm
Drupal moodle integration

We got an interesting requirement, to integrate Drupal and Moodle (Totara actually) in order for a nice combination of CMS features and LMS features. The integration should follow SSO, where a user logged in Drupal should automatically be logged in Moodle.

We decided to use existing plugins as much as possible along with additional customization wherever needed.

selvam Wed, 04/06/2016 - 16:30

Code Enigma: The importance of being up to date

wo, 2016/04/06 - 11:42am
The importance of being up to date Language English The importance of being up to date

Drupal is a secure system, but you really need to keep your software up to date. Code Enigma director responsible for support services, Greg Harvey, explains why this is so important.

Wed, 2016-04-06 10:42By greg

In light of the much talked about #PanamaPapers leak, it seems there has never been a better time to talk about keeping your software up to date. It has been reported by Forbes that a possible (if not the most significant) vector of the leak was a Drupal vulnerability, well publicised a few years ago, called Drupageddon. This story has been picked up by the website, which ran a piece last night on Drupal's possible involvement in the scandal.

The author of that piece rightly points out:

Since there is no single entity to blame for Drupal or other Open Source CMSes, as opposed to commercial entities like Oracle or Microsoft - there will likely be no fingerpointing in this issue.

But then goes on to say:

Increased awareness of web services security matters is required from the Open Source [communities] so that we will avoid large information leaks in the future.

We beg to differ! Sure, nobody is saying we can't improve on developer awareness, and that's true absolutely across the board in every developer community. But hindsight is always 20/20 and that kind of comment carries an implied "mea culpa" for open source software that, in my opinion, is totally misplaced and maybe even a little dangerous.

And more importantly, it has nothing whatsoever to do with the issue at hand! It really doesn't matter what software is or is not behind the leak. The principle point is this: it is alleged that the affected company, Mossack Fonseca, was running a version of Drupal more than two years old (7.23*) as its customer portal software. More than two years old!

Many information security specialists around the world (ourselves included) will tell you the first, single, most important thing anybody can do to protect themselves from infiltration and disclosure is keep their software up to date. It's a security 101. It is the first line of defence, the most basic number one priority, because researchers and hackers find security holes in software all the time. At Code Enigma we manage over 150 servers for our customers, we have the intrusion detection system (IDS) logs, we know we get scanned for known vulnerabilities like Drupageddon literally thousands of times a day! A colleague tells me he saw a Drupageddon attack this very week on another website (not managed by Code Enigma, I might add).

If the Forbes article is correct, and Mossack Fonseca were still running Drupal 7.23 in 2016, this is absolutely unforgiveable from a corporate infosec standpoint. There have been literally dozens of security fixes to Drupal since that date, allegedly none of which had been applied to Mossack Fonseca's (presumably) confidential client portal. The only thing I find astounding is that it took two years for this leak to break.

(Side point, but I find it telling Mossack Fonseca's official statement doesn't talk about their information security posture at all.)


So let's assume you're just an ordinary person or organisation using Drupal, and information security is important to you. Regardless of what Mossack Fonseca were alleged to have been up to, there are many good reasons you might not want information held on a website to be disclosed. Numerous Code Enigma clients could not afford a leak like this for far more honourable reasons than a political fire-storm - they carry genuine private data, for example medical researchers' contact information, interactions of members of the public with local government, sometimes we relay payment details, and so on. What do you do? Well, you can never entirely protect yourself from a clever and resourceful attacker, but at a bare minimum:

You keep your software up to date!
All of it.
Without exception.
All of the time!

It's not that difficult, and if you do that one thing then it's much, much harder for a Panama Papers-style leak to happen to you. If you don't have the time or the ability to do so yourself, you can get support for Drupal and support for Linux from literally hundreds of companies around the world. Those packages vary hugely from the relatively inexpensive and totally automated services (like Drop Guard) to hands-on Enterprise support packages (such as our own) where professional experts hand-check your updates. We're at the expensive end, but then we're ISO 27001 certified by the British Standards Institute, and you get what you pay for.


Finally, you may be wondering what Code Enigma did in the face of Drupageddon? Why wasn't this an issue for our customers?

Well firstly, because we have a member of our security and support team actually on the Drupal security committee, we have our finger on the pulse. He actually respected the embargo on disclosure, even internally, but we were primed and ready. As soon as the vulnerability was announced, we patched all customer systems. And here's the thing:

We have customers who pay us for security patching and those that don't. But Drupageddon was so serious that in the interests of good 'net citizenship, we took the view that regardless of whether or not our customers were paying for security updates, we would patch everyone. In fact, we had that patching done inside an hour. We also blocked all customer automated deployment tools until they could demonstrate to us they had upgraded Drupal core in their version control repositories, so we could be sure customer changes to code could not reinstate the vulnerability.

The TL;DR is we patched EVERYONE, regardless of contract, and we took the responsibility to ensure their systems stayed patched upon ourselves, even when we weren't contractually obliged to.


The only thing left to say is please now go update the software on your computer, on your servers, your websites, your JavaScript libraries, the lot. Now. they are all attack vectors.
Stay up to date, stay safe.


* This version pre-dated the devastating Drupageddon vulnerability, which made it extremely trivial to gain total control of a Drupal website if left unpatched. The vulnerability was widely reported in the technology press when it broke, in October 2014, and posted strong advice that any website left unpatched for more than seven hours after disclosure should be considered compromised as a matter of course.


BlogISO 27001 - what you need to know PageSecure Drupal Hosting PageDrupal Security Updates BlogDrupal Security Audits: What to look for

Dries Buytaert: State of Drupal 2016 survey

wo, 2016/04/06 - 10:11am

I've been writing a lot about what I believe is important for the future of Drupal, but now it is your turn. After every major release of Drupal I do a "product management" survey to get your ideas on what to focus on for future releases of Drupal (8.x/9).

The last time we had such a survey was after the release of Drupal 7, six months into the development of Drupal 8. I presented the results at DrupalCon London in 2011. The results of that survey informed the Drupal community at large, but were also the basis for defining initiatives for Drupal 8. This time around, I'm hoping for similar impact, but also some higher-level strategic thinking about how Drupal should respond to various market trends.

Take the State of Drupal 2016 survey now

It shouldn't take more than 10-15 minutes to fill out the survey. We'd like to hear from everyone who cares about Drupal: content managers, site owners, site builders, module developers, front-end developers, people selling Drupal, etc. Whether you are a Drupal expert or just getting started with Drupal, every voice counts! Best of all, with Drupal 8's new 6-month release cycle, we can act on the results of this survey much sooner than in the past.

I will be presenting the results during my DrupalCon New Orleans keynote (the video recording of the keynote, the presentation slides and the survey results will be downloadable on my blog after). Please tell us what you think about Drupal; your feedback will shape future versions of Drupal.