Posting to Wordpress through iPhone
Just downloaded Wordpress for iPhone…using it now to post something to my blog. This app has basic features that help post to your Wordpress blog.
Archive for 'content management systems'
Pittsburgh Drupal Meeting August 26!
This Wednesday the 26th will be the next Pittsburgh Drupal user group meeting at Brillobox! I hope to see all of you there, going to be a good time. Link Clark puts on an awesome show.
The tentative schedule is this:
6:00-7:00 Food, Drinks, hanging out
7:00-7:30 Discuss developments in Drupal Pittsburgh planning
7:30-8:00 Show and tell
8:00-9:00 Presentations
If you have any questions, feel free to visit the Drupal Group Pittsburgh site to learns a bits more.
Configuring Drupal to Use an External SMTP Server
Many of you Windows folks who are already running Drupal already know how to use SMTP with Drupal…mostly because Windows hosted servers typically don’t run Sendmail. So why Tony, why, even though you are running a Linux box, Drupal and sendmail, do you want to use an external SMTP server?
Simple…it seems that not all of my emails get delivered. Why is this? You know how when you create a contact form in PHP and you have to Spoof the headers to say the email is coming from that person…even though it is not? Well, a ton of spam destroying boxes out there don’t really like that. In fact, chances are PLENTY of your emails being sent are not evening making it to the intended recipient.
What I really need is a reliable email delivery service that I can extend off of Drupal so i know that my emails are being delivered. I ran across (thanks to a good buddy of mine) DNS Exit with provides a slick mail relay outbound service. *The service can be also used as Smart Host for your MS Exchange server that having problems to send emails to AOL/Yahoo/Hotmail addresses.
So anyways, the service cost some money, but it is worth it in the end if you want to be sure that your emails are getting delivered.
So now that is ready to go, the next step is to turn on SMTP Authentication Support in Drupal. The module allows Drupal to bypass the PHP mail() function (and also doesn’t require you to configure sendmail to use SMTP instead of sendmail). This module requires you to also grab a copy of Phpmailer, which contains all of the classes needed to send an smtp message. All of the instructions are in the readme file…but as an overview here is what you have to do:
1. Copy the files included in the tarball into a directory named "smtp" in
your Drupal sites/all/modules/ directory.
2. Download the PHPMailer package (the URL is listed in REQUIREMENTS section f the README.txt file) and place it in a directory named "phpmailer" in
your <drupal-root>/sites/all/modules/smtp directory.
3. Login as site administrator.
4. Enable the SMTP Authentication Support module on the Administer -> Site
building -> Modules page.
5. Fill in required settings on the Administer -> Site configuration -> SMTP
Authentication Support page.
That is pretty much it. Now that will cover all core emailing tools, but you know how Drupal is…so easy to let you write your own PHP code. You may be using a custom form that doesn’t use the core Drupal mailing routines. If that is the case, well I’ve come to your rescue. Below is a quick and dirty SMTP mail doo-hickey (some call it a mailing class…this one is from Sendmail:
function SendMail($ToName, $ToEmail, $FromName, $FromEmail, $Subject, $Body, $Header)
{
$SMTP = fsockopen("yourdnsrelayprovider.com", 25); <–Sometimes port 25 is blocked
$InputBuffer = fgets($SMTP, 1024);
fputs($SMTP, "HELO mydomain.com\n");
$InputBuffer = fgets($SMTP, 1024);
fputs($SMTP, "MAIL From: $FromEmail\n");
$InputBuffer = fgets($SMTP, 1024);
fputs($SMTP, "RCPT To: $ToEmail\n");
$InputBuffer = fgets($SMTP, 1024);
fputs($SMTP, "DATA\n");
$InputBuffer = fgets($SMTP, 1024);
fputs($SMTP, "$Header");
fputs($SMTP, "From: $FromName <$FromEmail>\n");
fputs($SMTP, "To: $ToName <$ToEmail>\n");
fputs($SMTP, "Subject: $Subject\n\n");
fputs($SMTP, "$Body\r\n.\r\n");
fputs($SMTP, "QUIT\n");
$InputBuffer = fgets($SMTP, 1024);
fclose($SMTP);
}
?>
So now, all you have to do for it to work is call the function like this:
$ToName="To Name";
$ToEmail="To@email.com";
$FromName = "My Name is…";
$FromEmail = "MyFrom@email.com";
$Subject = "I’m testing emails with PHP";
$Body = "Hi Strongbad, this is just a test message.";
echo $ToEmail;
SendMail($ToName, $ToEmail, $FromName, $FromEmail, $Subject, $Body, $Header);
Pittsburgh Drupal Group
I’ve been a strong proponent of using either Joomla or Wordpress as the basis of any content management platform. I’ve done some work in the past with Drupal but found it to be a little clunky and cluttered for my taste. However last night I was able to attend the Pittsburgh Drupal Group held at Brillobox and I’ve gotta say that Lin Clark, possibly the smartest girl in Pittsburgh, really showed me some cool stuff that has got me thinking…maybe i should dabble a little more.
Out of the box, the Drupal administration section is hard to grasp. So many options, so many links, so much terminology. However after attending the meeting i was able to see that there are quite a few modules that can be plugged in to change the look and feel of the administration section of Drupal.
If you really want to see what Drupal has to offer AND you life in the Pittsburgh area, I strongly suggest heading to the Pittsburgh Drupal User Group (Meet Up) website to keep updated.
I think the next step for me, obviously is to see how I can take Drupal and run with it to be an SEO powerhouse to promote my chiseled jaw secrets :)
FCKeditor Vulnerability
For those of you using FCKeditor, make sure you have things locked down! The section of the editor that lets you upload files may be exposed and not secure. What does this mean?
- You can use the page to upload a malicious script (asp, aspx, php), such as a root kit
- You can use the root kit to gain local access to the server box and destroy things
- You can upload images and files to be used for a Warez storage site
It is easy to find this file, all you have to do is type in the path to the upload page in Google and you will find a ton of websites using the editor.
fckeditor/editor/filemanager/browser/default/browser.html
If your site is getting indexed, make sure you update your robots.txt file to include a disallow for indexing for that path.
Also, if you are using local NT username and passwords, you must instill a strict password policy. You may want to even place directory level security if you are using IIS. Using simple usernames and passwords will only get you into more trouble!
