In Part 1 I discussed Cross Site Scripting attacks and how to prevent and avoid it while coding, In this part I will talk about SQL Injection attacks and how to prevent it by using Drupal API functions
While Drupal is a secure CMS, We don't have to use another functions to avoid such expoits we just need to follow the Drupal way in development, That's why i'm going to focus on the bad and good behaviors of development.
Drush is very important tool for drupal Developers, Its managed from Shell so a lot of people failed in getting it work at shared hosts like godaddy, I will explain briefly how to install Drush on godaddy shared hosting plane. 1- Open your Linux Terminal and create SSH Connection to you account
ssh username@website.com
and Enter your password. 2- Go to your main directory
Drupal is one of the most secure CMS because its support its developers with the appropriate API functions that keep drupal applications secure from sql injection and Cross site scripting attacks . In this tutorial i will discuss the most important API functions , bad and good development behaviors that affects your applications security.
In this tutorial we will use Drupal 7 Form Api to create Machine name Field which is not well Documented in drupal.org . To create Machine name field we need another Field which is the Parent/Source field, Source field contain the Human Readable Text that will be converted Automatically by Using "misc/machine-name.js" to machine Friendly name. End users Usually working Directly with Source Field. Lets Create Form like what we get when we Add vocabulary from Structure > taxonomy > Add vocabulary.
Drupal come with a great Overlay Module which make you able to display your pages in overlay view,I wonder when i see a lot of drupal developers uses another Jquery libraries such as Fancybox, Lightbox, ShadowBox...etc, Anyway overlay View is usually limited for administration pages, So in order to make our visitors access our pages in overlay view we should tell drupal "Hey Drupal !! This page is for administrators" ;-) (okkk i know we lie !!) :-#
Although Drupal has a great API, But i see that its not well Documents, Anyway a few people have asked me about how they can create a block in administrator configuration page "admin/config", its easy but not well documented, I will do this by using HOOK_MENU, lets see:
Drupal is a High performance Content Management System, But there is a different reasons that may decrease the performance of your web applications, And there is a different steps that should be taken into account when developing your great application with Drupal .
A low speed web application may be due to different reasons :
Drupal is not Only a Perfect Content Managment System (CMS), But its a Great Content Management Framework (CMF) . A Lot of Developers around the world Contribute Drupal. Drupal has more than 9000 Modules !!! .In this topics i will discuss The most important 6 modules and tools for Drupal Development, Lets Goo!!
In Our Drupal World there is a lot of modules that can help us in different purposes. Google Analytics is one of the most important modules that help you to integrate your drupal web application with Google Analytics using some GUI configurations. But if you are looking for performance you should reduce the number of installed modules, Thats why we are going to Explain how to Integrate google Analytics Code to your Drupal web applications Easly in 3 Steps by using "drupal_add_js()" function .
What if you shared your Drupal web site URL in Facebook !! What is the Title, Description and Image You will Got ? Is that Exactly what You want ?
In this Tutorial i will show You How To control The Appearance of your Drupal Front page In Facebook .
1- Open your Theme Directory "sites/all/themes/XXX" or "themes/XXX" where XXX is your theme name .
2- Open the "template.php" file if its Exists or Create it if its not Exists .