Back to top


Enthusiast Groups Tips on Making your Company Social-Media Savvy

The Enthusiast Group is an exciting company built around providing social networking and citizen media platforms for passionate folks. For nearly 2 years now they've been building sites to support communities around adrenaline sports (,,,, This has given them great experience in the world of social networks and user-generated-content (citizen journalism) including some relatively novel uses like Grassroots coverage of major events.

People Involved: 

Simple Strategies to Pick a Drupal Theme

I often get asked for advice about picking a Drupal theme. Themes are extensions of the Drupal content management system which allow a site admin to quickly change the look and feel of their site. You just download the theme you like, install it, select it, and your whole site has a new design.

However, like finding high quality Drupal modules there are some good rules of thumb to follow in your theme search.

Strategy 1: Find A Drupal Theme Close to What you Want

People Involved: 

Drupal Introduction at CLUE Denver Meeting (Colorado Linux Users and Enthusiasts)

Drupal Introduction for Denver Linux Group

Tuesday night the folks at CLUE South (in the Denver Tech Center) had a "CMS Panel" that ended up collapsing into a Drupal and Mambo/Joomla! discussion. As I was writing my presentation I happened upon Gabor Hojtsy's request for new maintainers for modules including the S5 module. It seemed like a nice coincidence and since I found the S5 module to be useful in preparing my presentation I'm now the maintainer.

So, you can now see the slides that I used last night as a Drupal book or as an s5 presentation - including Drupal style theming.

Drupal as Presentation Maker - s5 Module

This is, in my opinion, a real boon for conferences and organizations that host presentations. You no longer need to worry about "which slideshow technology do we use" or "where do participants go to download the slides. Now everyone can use html or markdown syntax to make bulleted lists in Drupal book pages and then click the "export to s5" button and your presentation is all set to go.

Once I figure out a few details to make the system easier to use and the theme a little stronger I'll be committing the changes, release an improved version of that Drupal s5 theme, and branch s5 for Drupal5. If you want to try out the s5 module for Drupal5 now, the HEAD in CVS is currently compatible with Drupal5.

Future of Drupal Presentations

People Involved: 

Drupal Siting: jQuery gets Proper Plugin Repository

I had heard weeks ago from chatting with Mike Hostetler that he was working on a code repository for jQuery plugins which got me quite excited. Historically getting specific versions of jQuery plugins has been a little difficult. Now there's a great jQuery Plugin Repository that replaces the Wiki. The recent jQuery Blog post discusses the new system:

People Involved: 

Drupal Download Statistics for April 2007

Background on the Numbers

The lowest level that registered in Analog this month was 113. So, if your project or release was downloaded fewer than 113 times it won't register. I say project OR release because it's possible that the 5.x-1.20 release of your module was quickly followed by the 5.x-1.21 release - the 5.x-1.20 version may not register even if the module is fairly popular. So, 1) the numbers are inherently flawed a little bit 2) project maintainers should only create new releases when there has been a significant enough change to warrant it. Doing so on every new commit to the project is a waste of your time, your users time, and reduces the quality of these metrics.

That said, on with the report...

People Involved: 

RFC - Security Bounties in Open Source

The other day I broached the idea of a security bounty in the Drupal project. I had first heard about this concept from the Mozilla Foundation's Security Bug Bounty which appears to be the most famous of these.

Why Security Bug Bounty's are a good idea

This is pretty simple:

  1. It provides at least some motivation for folks to actually look at the code and find security bugs making the software more secure.
  2. More folks looking at the code is always a good thing.
  3. Just the concept and the existence of the program reminds people that we take security seriously, and informs them of the proper way to report a bug.
  4. In the case of the Drupal Association - which can't make decisions about the code based about the statutes (en pdf) (more formats/languages).

Generalized Security Bug Bounty System

This concept seems to me like it could be generalized for any software project. Here are the rules I came up with, based upon the Mozilla foundation's rules.



  • Security bug must be original and previously unreported.
  • Security bug must be a remote exploit.
  • Security bug is present in the most recent version of the Mozilla Suite, Firefox, and/or Thunderbird, as released by the Mozilla Foundation.
  • Security bugs in or caused by additional 3rd-party software (e.g. Java, plugins, extensions) are excluded from the Bug Bounty program.
  • Submitter must not be the author of the buggy code nor otherwise involved in its contribution to the project (such as by providing check-in reviews).
  • Employees of the project (if applicable) are ineligible.
  • If multiple people report the bug the reward will be split among them equally.
  • People Involved: 


    Subscribe to RSS - Drupal