CMSMS | CMS Made Simple

So, 1.1.3 had a small problem with stylesheets which is now fixed in 1.1.3.1.

We recommend that all users upgrade their sites as soon as possible. The files (including diffs) can be found on the download page here or on the forge.

Bookmark to:

Even before we could start beta testing 1.2, a potential security vulnerability was found in 1.1.2. (Thank you johnbmcdonald for bringing this to our attention.), forcing us to release 1.1.3

This is a very slight change, only the adodb_lite files have been adjusted.

We recommend that all users upgrade their sites as soon as possible. The files (including diffs) can be found on the download page here or on the forge.

Thank you.

[edit]
The links on the download page have been removed. An error was spotted in the patch.

Bookmark to:

For the first time seven members of the core development met in person. Copenhagen, Denmark’s capital, was the host city of this meeting.

Core team members attending were (from top left): Samuel Goldstein (SjG), Tatu Wikman (tsw), Daniel Westergren (westis), René Helminsen (reneh), Morten Poulsen (Silmarillion), Ted Kulp (Ted), and Keith Lauchlan (Utter).

We got together for three productive days to plan the future of CMS Made Simple. Here’s an overview of what we discussed.

Organisation

First up we looked at transforming the organisation around CMSMS to give ourselves a more formal structure, enable applications for grants and loans and put the whole outfit on a more stable footing.

Many other open source groups have formed non-profit foundations and that’s the model we’re looking to.

Responsible: Samuel and Keith

Promotion and Marketing

Given how great CMSMS really is we’re way behind with getting the message out there. Keith and Daniel will be far more rigorous at targeting the online and print-based press with articles and information on our product. This involves becoming more aware of who our target audience really is and pushing CMSMS at them more aggressively.

One way of putting CMSMS on the map would be to put together a book with a publisher like Packt. Since we’re now one of the finalists in the Packt CMS Awards this may be a real possibility and will be pursued over the next few weeks.

Other topics touched on were:

• a much better themes site (Tatu will work on this) and a competition to design the new CMSMS site (already launched)
• better screencasts of important tasks on the site, as well as new features in new versions
• better feature list on the site (completed)

Responsible: Keith and Daniel

Documentation

• Ted joined the documentation team for taking the lead in core and module developer documentation.

• We will move the documentation from the wiki to CMSMS pages. We will also make use of the Comments and Questions modules. This way it will be properly centralised and easier to locate.

  Only members of the Documentation Team will be able to add and edit articles, but anyone can make comments to improve the documentation. This way we keep better control of what is in the documentation, while still letting users contribute. We’re still working on how the documentation may be multi-lingual in this system. Most likely only English, German and French will be available until CMSMS 2.0 makes multi-lingual sites easier. (Daniel)

• A new print functionality will be written that can combine pages into one page and export them to PDF. This should eventually allow for the creation of screen and print versions of docs right out of CMSMS. (Morten and Ted).

• More screencasts will be produced about how to accomplish different tasks and to present how CMSMS works for new users. All these and any other forms of media used to document the sitebuilding process could be included on CD with the book. (Tatu)

Documentation on the site will eventually be separated into 4 areas:

• FAQ
• Tutorials
• Handbook for everything
• Developer documentation (API, module writing etc.)

The new documentation structure should be up and running within three weeks.

Responsible: Gunnar

Training

There was a fair bit of discussion around how to organise CMSMS training and it was felt that we first needed to do some fairly extensive market research to determine who wanted it and where in the world they were likely to be. Amongst the suggestions were that training could be dispensed in a variety of ways such as at annual gatherings or even regularly from specific locations (say, once a month in London etc.)

It was also suggested that we could operate a sort of franchise structure so that ‘approved’ CMSMS developers or users would be recommended for training using specific training materials developed from the documentation when it was finished.

On a more advanced basis, companies could be offered commercial training packages for developers and users.

A poll will be put up on the CMSMS site to gauge the level of interest for this although nothing too ambitious is likely to be undertaken until the documentation is ready.

As with many aspects of the discussion it was felt that the organisational and promotional aspects of elements like training would become simpler when/if there was a foundation group.

This is a more long-term project.

Themes site

As was mentioned earlier in this article, the Themes site is seen as an important contributor to the success of CMSMS.

The discussion centered around how to structure the site more like the one at www.oswd.org so that themes could be better categorised, previewed, rated, commented upon and downloaded.

Responsible: Tatu

Modules and the new forge

The present forge is too inflexible and needs rewriting. Samuel is creating the new Forge in Ruby on Rails and it will hopefully be complete by the end of the year. A QA team will be responsible for testing and overseeing modules and projects

Some of the new and improved features will include:

• modules can be recommended: yes/no set by QA team (with version)
• a “works for me / doesn’t work for me” feature (along with CMS version, module version, PHP version and comments) submitted by users
• comments and ratings: specify which version of module comment and rating applies to. Admin has delete button for comments
• ability to have a matrix or some other means to say what version of CMSMS a module works with
• ability to set modules as outdated if they haven’t had activity in a certain amount of time
• Optional field for next planned release
• Modules can be tagged and categorised with a tag cloud for project category
• news, with RSS
• most recently released modules, with RSS
• a subscription feature for bugs, features and projects

In addition, there’ll be changes to the admin of a CMSMS install to reflect these improvements:

• ModuleManager will show only modules compatible to installed version
• ModuleManager will show module name, module version, last release date, recommended (or not)

Responsible: Samuel

Translations

• The translations will be stored in a database, rather than in files like now. That will make it possible to dynamically update translations from the admin panel without having to wait for a new release of the core or a module.
• The changelog will be split up, so that it’s easier for translators to see when the changelog has been updated and needs translation.
• It will be possible to change translations locally, i.e. for a specific site. When the translation is updated it will not overwrite the local translation.
• Ways for translators to be notified when there are new translations to be made, on a module-per-module basis.
• Sorting language strings by new, updated, all etc.
• Re-usable language strings from the core (submit, cancel, apply etc.)
• More tweaks to make life easier for translators

Responsible: Reneh

CMSMS Version 1.2

1.2 is going to be the last supported 1.x version. After 1.2 is released there will be a feature freeze and only bug and security fixes will be released. From now on all development will be focused on version 2.0.

Responsible: Robert

CMSMS Version 2.0

There’s been plenty written about the next version of CMSMS. These are a few extra ideas we discussed. One idea was to split the language files so as to use less memory, not having to load everything, like admin/front page. We also thought admin users can create new menus and assign to user groups. The admin theme will be an easily editable xml file.

• Module upgrade warning + automatic backups
• Roadmap for 2.0 is
• early-Dec: pre-beta
• Dec 20: 2.0 beta1
• Jan 15: Final beta
• Feb 5: RELEASE!!!

Responsible: Ted

The End

We spent a couple of hours bug-busting and then went to the pub…

Bookmark to:

The fastest of you noticed the defacement of cmsmadesimple.org site several days ago. The site had been defaced by a script kiddie. The actual script that had been used was r57shell (google). Its a litlle tool one can use to upload / download and query stuff from the server.

The script had been there for a while and gone unnoticed as it wasn’t used for anything else than removing the log entries from that time :/

One thing is certain, the hole they have used is old, it looks like the FCKEditorX filemanager hole was used, but we cant be sure.

We have checked that the release files are intact, and as far as we know no data has been compromised.

We are still trying to dig more info about this incident, and are in the process of securing the server up a notch.

Sorry about the problems.

Bookmark to:

Development discussion for CMS Made Simple is still sort of scattered. Generally, the devs hang out in IRC and bounce ideas off of each other. Easy enough. However, if everyone isn’t around and it’s one of those ideas or decisions that really needs some conversation to flesh out, it usually drags out for days in a series of “@later tell” conversations.

Again, using git as a bit of a guinea pig, I’m interested in their development model. Development discussion is focused into one mailing list. New ideas are sparked up, patches are constantly submitted and critiqued, and all in all it seems very productive.

My idea is to make something similar for development. Sure, quick ideas will probably be asked, agreed upon and committed in IRC before anyone could even open up an email client… but that’s not really the point. The point is to have a place for the long conversations, the fleshing out of ideas, and contribution by other people.

There is another motivation as well. In my quest to de-centralize the CMSMS development model, this gives a perfect place for people outside of our “inner circle” (read: commit access) to contribute their patches. Using either svn or preferably git (read this for more information on that), patches can be submitted directly to the mailing list and VERY easily discussed, critiqued, and rolled in. It allows the community at large to handle patches instead of getting emailed to individual people and forgotten about.

This is also a place for people to suggest features, but to a certain extent. Prepare for constructive criticism or asked to please submit a patch. Though, don’t worry, the tone will never get nasty… it’s just not the way we roll.

Mailing list information lives here and anyone is welcome to sign up. However, keep in mind that this is a focused mailing list. If you contribute to low signal to noise ratio, you will have your posting privileges revoked.

As a side note, I’ve moved the announcements mailing list over to mailman as well. Anyone that was subscribed was re-subscribed to the new list and properly spammed with the information. Sorry about that. At least they should work again, as I believe they were broken in the server move several months ago.

Bookmark to:

In light of recent articles, and in the interest of updating its main sites, CMSMS is holding a design competition for re-designing cmsmadesimple.org.

If you’re a talented designer and think you’ve got what it takes to take the CMSMS domains to the next level, then keep reading.

CMSMS needs you!

We can’t offer much in the way of incentive or prizes - this is an open source project, remember?! - but we can promise you kudos and praise beyond your wildest dreams. Plus the sure knowledge that your name will be up in lights across all the CMSMS domains in perpetuity, or at least until we need another re-design. Maybe we’ll even give you a free t-shirt…

Here are the guidelines:

• Edit: What we’re after is a great design for cmsmadesimple.org. So although a full XHTML/CSS markup would be preferred you can just as well submit a Photoshop image. We are aware that the timeline is tight, so if you have a great design, don’t let any details below scare you!
• Your design should preferably be provided as a CMSMS Theme. That is, export templates and stylesheets with the module called Theme Manager (can be installed through the Module Manager) to an xml file.
• You may also provide a Photoshop layered image, although that makes it more difficult to win…
• If you include images with a theme, link them to the uploads/images/<themename> folder in the stylesheets and pack the theme xml file and the image(s) in a zip or tar file.
• Themes should be valid XHTML 1.0 transitional and CSS 2.1 (minimum). That means no hacks, or as few as humanly possible, and same appearance in all major browsers.
• No Flash or other propritary technologies - avoid Java and JavaScripts to the greatest extent possible.
  • blink tag is banned
  • gif animations are just as bad as flash
• We would like to see a Web 2.0, clean and accessible layout.
• We would like you to use CMSMMS tags in the templates. These include but are not limited to {sitename}, {title}, {breadcrumbs}, {search}, {content}, {footer} etc.
• You may include content example pages in the zip file.
• The general navigation structure should be similar to the current site structure, but flexible enough to be able to adjust.
• Everything included in the theme must be the designer’s original work. No copyrighted images or template theft!

Timeline:

• Send all themes to competition@cmsmadesimple.org at the last by October 10 2007.
• include your contact details in the email and in a README.txt file in the zip package
• A jury from the core team will select which theme will be used for cmsmadesimple.org. The winner will be announced on October 15.
• Themes that are submitted as proper packages will be presented on the themes site (http://themes.cmsmadesimple.org) after the winner has been announced

Disclaimer:
CMS Made Simple claims the right to edit the winning design to fit with the site structure.

Well?! What are you waiting for? Get designing.

Bookmark to:

I’ll warn everyone now that this is a fairly geeky post. If you’re not into core development, source code management or *gasp* command line… feel free to run screaming.

Still here? Excellent. Come, let’s geek out a bit.

What is Git?

Git is a source code management system. Though, if you read it’s description, it doesn’t say that. Don’t listen to them! It’s a subversion-like system for managing source code. It was written by Linus for the Linux kernel after their fallout with Bitkeeper. It is similar to Bitkeeper in some ways, but it’s very unique as well.

Git is very unix-y still. Just like CVS and Subversion are by default. It’s still too new to have a lot of fluffy GUIs like Tortoisesvn or the like. However, for a regular console jockey, this isn’t an issue.

Uhh… Why?

But you already have subversion. It works well. You’ve been using it since CMSMS first started. Why would you want to use something else?

I totally agree. Subversion is still the right tool for the CMSMS universe. It offers the lowest barrier to entry and reliability. However, I don’t necessarily think it’s the best tool for myself as a developer, and I have several reasons for this.

1. I can branch as much as I want. Branching and merging is not painful. Not nearly as painful as it is in svn. In fact, branching is so painful in subversion that I barely use it… and in a large scale system with a lot of users, that’s not a good thing. Committing everything to trunk even if it’s broken is just wrong.
2. It pretty much seemlessly integrates with svn. There is an added piece in git that allows you to basically push and pull from an upstream respository. This basically means you can use git on your local machine and not screw it up for everyone else. You branch/merge/etc to your hearts content, and then push it all up to the subversion server when you’re done.
3. It’s distributed. The more people that use this, the more people I don’t have to give subversion commit access to. It’s very painless for me to get patches via email and merge them in and commit to subversion. It means I can watch the patches coming in and make sure that we’re not allowing junk to get into the core. And end users can screw around with the code as much as they want… it never has to touch the main repository.
4. It’s disconnected. I can branch and merge as much as I want without being online. For a person like me who lives on a laptop and codes whenever they get a free moment, it’s essential. No more waiting to get online to switch from trunk to 1.2 or another branch, etc. I can even diff against another version without touching the internet… this is huge.
5. The history is totally pulled off to everyone’s machine. The more people that use git, the more backups we have of our project history. Everytime you clone, you have the whole history on your local machine. And distributed backups are the best kind.

Anyway, for those who don’t know, I develop almost entirely on my Macbook Pro. I run apache/php/mysql locally, and usually run several versions of CMSMS at once. I’m obviously a perfect test case for this, and other results may vary.

More after the break….

(more…)

Bookmark to:

CMS Made Simple has made it to the final stage in the Packt CMS Awards! And that in both classes where CMSMS could be voted for: Overall and Best PHP Open Source CMS. Voting is now open until October 26th for the five finalists in each category. Please vote for CMS Made Simple and help spread the word!

Thanks for everyone who voted to take us this far!

The link to vote: http://www.packtpub.com/article/2007-open-source-cms-award-finalists

Bookmark to:

Yes. You’ve read correctly.

There will be a 1.2 release of CMS Made Simple before 2.0 comes out. It should be in beta within the next couple of weeks. 1.2 will attempt to address some of the major glaring features that people have asked for and will be the LAST release of the 1.x series of CMS Made Simple (except for any security flaws that come up).

Beta testing will be exteremely important in this release, as we don’t intend to have a 1.2.1, and with the exception of security fixes, we’ll avoid it at all cost. We need to focus our efforts on 2.0 from now on. We expect, and hope that the user community can once again contribute with testing of this release to make it stable, and usable.

Here are the major things that will be in 1.2:
a) Frontend Wysiwygs
Some modules (News 2.5) support text areas in the front end. Modules will now be able to provide a wysiwyg on the front end instead of just a plain text area.

b) News 2.5
Has an ‘extra’ field for additional information (maybe an image) Supports frontend article submission

c) Allow gid == 1 (the admin group) to have all permissions, not just uid == 1 (The first user)

d) Fixes to pagination issues (particularly in the admin log)

e) Defaults for new pages
There will be a new page or tab in the global settings menu that allows you to set the defaults for newly created pages (set the default metadata, cachable, show in menu, etc).

f) A security enhanced content editor
People without ‘Modify Page Structure’ permission will not be able to change the ’show in menu’, ‘page alias’, or active flags of a content item

g) Additional Editor Groups
Along with ‘user’ additional editors, you’ll be able to select groups as additional editors

h) Enhancements to debug mode to assist with debugging issues

i) An enhanced module manager that will not allow you to install modules that are not compatible with your version of CMS Made Simple…. and that will ‘optionally’ only show the latest version of a module.

j) A replacement file manager

k) More batch operations in Content >> Pages. Including the ability to export pages to pdf.

l) Batch operations in Layout >> Templates, and Layout >> Stylesheets

As well, the development team as been making an extra effort to close off some of the glaring bugs in the forge. We can’t get to them all, but hopefully many of the bigger ones can be closed for 1.2

The feature list of 1.2 is pretty much locked in at this time. We’ve had extensive discussions about the topic over the past few weeks, and this is the set of features we thought we could implement in a reasonable period of time without dramatic overhauls to the way things work, so additional feature requests are probably off of the table for this release.

As you can probably see, this will be a considerable step forward for CMS Made Simple, and its stability is paramount. I’ll keep you posted, but would like to take this time to call for volunteers for beta testing. Our testing team can only do a limited amount, and can’t possibly test all the permutations and combinations of problems that you can.

[addendum]

The beta cycle for this will be short…. 1 week per beta…. and we want to have no more than one or two betas. So please, test, test, and test…. 1.2 would be perfect for all of the sites that are ‘in development’ but won’t be rolled out for a while.

Bookmark to: