GVS is now part of Acquia. Acquia logo

Home

Recent Blog Posts

Greg's picture

Token Module: How I Learned To Use the Token API and Stop Re-Implementing Dynamic String Replacement

Submitted by Greg on Thu, 2008-07-24 11:47
in

Greg Knaddison

Growing Venture Solutions

July 2008

Greg's picture

Web Application Security in Denver

Submitted by Greg on Mon, 2008-07-21 14:00
in

Web Application Security is a growing interest for me. Some activities I attended last week seem to show that it's a growing interest in general. Last Wednesday night the OWASP Denver chapter hosted a meeting about about 50 people at Raytheon Polar Services in Southeast Denver. After the free pizza and administrivia, the meat of the presentation was from the two major developers of Grendel Scan.

The Open Web Application Security Project - Denver

As chapter organizer David Campbell said, OWASP could also stand for Owning Web Applications while Sipping Pints. All I can say is that if you're a developer you should go to at least one OWASP meeting. You'll learn enough that you'll be scared - which is the right place to start. Then you can harness that fear and learn enough to be empowered to protect your code. If you're a manager, you need to give your employees time off so they'll go to this.

Then, you shold look for tools that can help your developers and QA folks in their work.

Vulnerability Assessments With Grendel Scan

Grendel Scan is a vulnerability assessment tool written by David Byrne and Eric Duprey, employees of TrustWave and Echostar respectively. It is a surprisingly powerful tool given that they've only been working on it for about a year. The 1.0 version will be released at the upcoming DefCon and I think it will instantly become pretty popular. In my initial testing it found weaknesses while providing relatively few false positives. Unfortunately, the version currently

But, as the authors of Grendel stressed several times, scanning tools are just a start. What you really need is a complete end-to-end consciousness of security issues.

HP / SpiDynamics - Live Hacking Workshop

Greg's picture

DrupalCamp Colorado - Great Sessions, Sponsors, Prizes

Submitted by Greg on Tue, 2008-07-08 10:40
in

We're just under 3 weeks away from DrupalCamp Colorado 2008 which will be held July 26th and 27th. We're accepting more presentations and already have several great sessions to vote on.

I want to highlight a few notable things about this DrupalCamp.

Remote Presenters Welcome

Thanks to the work of Kevin Reynen we are welcoming remote presenters to the camp. If you can't make it to Colorado but want to share your message, this is your opportunity.

Great Sponsors and Prizes

Greg's picture

Why You Should Use Pathauto (or at least Path Aliases for Many Pages)

Submitted by Greg on Thu, 2008-07-03 14:29
in

I recently saw a comment about Pathauto and started writing a really long reply that seemed more valuable to share here.

Basically one of the questions people have is "Why should I use Pathauto? If I don't care about SEO is there any other reason?"

This is a valid question to me. There is some indication that users don't look at the URL bar. During the Usability testing at UMN we never noticed people looking at the URL bar in the eye-tracking data. But some people certainly do look at the URL bar - people who like "hackable urls" do

Hackable URLs

I use it extensively to create "hackable URLs" that are valuable to a user. A "hackable url" or "index alias" is the feature on a site where you have a post and then users can remove the title down to the previous URL element and get the other posts from that month, one more layer for the year, and one more for that user since forever. See - fun! I even made a movie about it:

Site Credibility Prior to the Click

I frequently get URLs sent to me via email and IM. Compare these two URLs:

http://drupalcampcolorado.org/node/38

vs.

http://drupalcampcolorado.org/content/our-sponsors

Which one are you more likely to click on? Which one helps you understand what content you are going to get before you even get there?

Easy to Remember URLs

Greg's picture

Entrepreneurial Standards Benchmark Survey

Submitted by Greg on Thu, 2008-06-26 10:48

I recently took the Benchmark Survey from the Entrepreneurial Standards Forum. I have to say, I was surprised by the ease of the survey and the value of the analysis provided inside of the interface.

About the Entrepreneurial Standards Forum

The Entrepreneurial Standards Forum is a non-profit that aims to help entrepreneurs get their businesses started. So often businesses will focus on the wrong things, but they don't know that they were focusing on the wrong things until it is too late and they are already out of business. The Benchmark Survey has the data to be able to say which factors are important to success.

One great value in the survey is that it is meant to be taken at multiple points (or at the same time with different viewpoints). So, I took it from the perspective of this business 2 years ago. The survey itself was fairly painless - just a few simple background questions and a few business questions that tickled my brain a little. The results are very valuable and easy to understand.

results from es2f benchmark survey

This screenshot has some information removed from it, but you can still understand what it's getting across: your answers compared to the answers of previously successful entrepreneurs. Very powerful stuff. If you are interested in how your business compares, register and take the survey.

Greg's picture

Should I use the www in my website address?

Submitted by Greg on Mon, 2008-06-09 13:36
in

I recently received the following email and thought it would be good to share my answer.

To your knowledge is it acceptable to drop the use of www. before your web site?

This is not only acceptable, there are some people who feel that it's valuable to stop doing it in general.

However, the answer really depends on the context of the question.

Using www. in Email Clients

Send an email to yourself with the following text:

1) example.com
2) www.example.com
3) http://www.example.com
4) http://example.com

For me, the third and fourth are automatically formatted as clickable links but the first and second are not. So, the third and fourth are more likely to be noticed and clicked on by users of email software like mine. This is, of course, dependent on how and where people read their emails and varies wildly.

Also, as your eye scans through a body of text the second one is easier to recognize than the first one. However, some people feel that for emails the third format is disruptively long.

WWW or not For Search Engines

Another consideration has to do with search engine performance. If you have some links to your site that point to both versions this can confuse the search engines about your site. Most search engines have figured this out or provide tools to tell them which one is the "right" one, but it's best not to have the problem at all. You can use a "301 redirect" to forward the users (and search engines) to your preferred version and prevent the problem in the first place. If you are unsure how to do this, your website developer should be able to help you.

Final Decision on WWW or not?

Greg's picture

Hive Live Podcast Transcript - Social Publishing for the Enterprise

Submitted by Greg on Sat, 2008-04-05 15:18
in

This is a pseudo transcript I took of the Hivelive podcast from ColoradoStartups.com. When I read about HiveLive I was really curious because they are basically a hosted provider of a "social publishing platform" and it just so happens that I'm a developer who uses an Open Source "social publishing platform".

John Kembel's history:

  • design consulting firm (like ideo)
  • dodots - thin client browser/widgets before Dashboard was cool
  • hivelive: "enterprise social software"
    • tap into power of social networks
    • marketing communication vehicles
    • amplify lead generation, insights, support
    • flexible, cost effective, on demand, platform

2006 Founded Hivelive

  • Existing solutions are social software packages (blogs, wikis, forums)
  • They were either overly generic or inflexible
  • They didn't allow sharing
  • HiveLive is a unified platform - permissions and content richness "not just blogs/wikis/forums" for sharing

Existing Solutions vs. HiveLive

  • One common approach is to stitch together lots of technologies
  • People take a blogging platform, a separate wiki, a separate forum, social networking and try to build build unified package
  • The results are not good
  • So, don't staple together a bunch of solutions
  • HiveLive: Start with social networking, add on "hives" to share information

Why is social networking important to businesses?

  • humans are social
  • communities where socialization is part, but rather than being the focus, the business is the focus
  • tie business to customers - delivers lead generation, loyalty, insights, support all in one trust based relationship

HiveLive Competitors?

  • Hivelive is different in that they use building block rather than integrating point solutions
  • Configuration is via "clicking not coding"
Greg's picture

Drupal Security?

Submitted by Greg on Wed, 2008-03-05 09:37
in

Check the presentation formatted version of this page.

Greg Knaddison

Growing Venture Solutions

2008/07/27 14:00

DrupalCamp Colorado

Greg's picture

Pathauto 5.x-2.1 Released

Submitted by Greg on Thu, 2008-02-21 09:37
in

The Pathauto module is a rather popular one for Drupal. In November Pathauto 5.x-2.0 was released which included a restructuring of several features to add new features and enhance scalability. There have been almost 50 bugfixes and features added between 5.x-2.0 and 5.x-2.1. See the release page for full details.

I wanted to blog about this for a few reasons.

Pathauto Configuration/UI Changes

First, there was a change to the UI in the way that feed aliases are handled to better support the use of Views for taxonomy feeds. I've udpated this in the upgrade guide (which, especially for folks upgrading from 5.x-1 or 4.7, should be required reading). There were also several improvements to the UI to simplify it and help people figure out which token is the right one to use. This was a major problem with the 2.0 release so I hope that the 2.1 will be easier to use. There is still room for improvements but...

Comaintainer and Maintenance Status

Second, this release is likely to be the last for a while. Now that this 5.x branch is more stable I plan to spend some time working on the 6.x branch to get a stable release of that. I'd also love a co-maintainer which mikeryan has offered to help which would take the module full circle to its author. I'm broadcasting this here to be a responsible maintainer given that I have less bandwidth in the coming months to dedicate to Pathauto because...

Prediction Market Module

Greg's picture

Modules I have Developed, Maintained, or Contributed

Submitted by Greg on Tue, 2007-12-18 10:32
in

I like building modules.

This is a list of modules which I have contributed code to with the number of commits to each project.

There are many other modules and themes I have built which are not publicly available because they are only used on a specific site.

Examples of specific modules/configurations I have built for private sites include:

  • A webservices module that integrates with the CCK Address Field and CCK LatLon modules to get LatLon data for Addresses
  • A grant application workflow that validated and moved applications through a review process where different judges would rate the grants.
  • User integration between Drupal and a third party user database.
Syndicate content

GVS projects
Certified to Rock

CertifiedToRock.com was created to allow community members and employers to get a sense of someone's involvement with the Drupal project.

GVS is now part of Acquia.

Acquia logo

Contact Acquia if you are interested in a Drupal Support or help with any products GVS offered such as the Conference Organizing Distribution (COD).

We Wrote the Book On Drupal Security:

Cracking Drupal Book Cover