The server file system should be configured so that the web server (e.g. Apache) does not have permission to edit or write the files which it then executes. That is, all of your files should be 'read only' for the Apache process, and owned with write permissions by a separate user.

Note that this whole article is about "defense in depth." Drupal can run quite safely with permissions a little "looser" than they should be. But if an administrator account is compromised by an attacker or an attacker gains the ability to execute arbitrary code then the configuration below will limit their ability to further exploit your site.

If someone is attacking your site and is able to determine information about which version of Drupal or which specific modules or themes you are using it might make it easier for them to exploit a vulnerability.

This is not an important issue. There are other ways in which an attacker could determine information about your site. However, it's also a good practice to give a potential attacker as little information as possible. If you are one of the paranoid people who already keeps your site up to date and follows all the best practices listed in this section then the rest of this page may be interesting to you.

Directory Index Potential Problem

Drupal is an amazing tool for mapping. It integrates with a lot of libraries, technologies and third party services. There are solutions for simple maps but also for complex mapping needs.

There isn't one ideal solution, because it depends of the project. Although, there is always a path: input > storage > process > output, some modules may provide more than one of these steps.

If you're beginner, there is possibility to make simple-to-intermediate maps without any coding. This documentation section contains a description of main modules to help you on your selection.

Widely used approaches

There are several approaches:

• Location (D6, D7) & Gmap (D6, D7)
• Geofield & OpenLayers or Leaflet (all D7)
• Get Locations (Google Maps v3 solution for D6, D7), either by itself or with Geofield (D7) or Geolocation field (D7)

This snippet builds on another snippet about "Add an Edit this Block link". Instead of a link this goes further to have the edit link look like the tabs for View, Edit, etc. Here is the code to include in your theme's block.tpl.php file:

Use phpMyAdmin to perform the following SQL. This requires both the PostNuke site and the new Drupal site to exist in the same MySQL server instance.

Note that the Drupal site must be a fresh one with no existing content or users. If you do have such then you will need to add an increment to the ID's to avoid conflicting index numbers.

You will want to adjust or remove the database names drupal and postnuke. You may need to change the table prefix in these statements from "nuke_" to "pn_", depending on your version of PostNuke.

Project Page

Slideshow Creator

Installation

1. Just copy the folder to your sites/all/modules/ folder
2. Activate the module in your Drupal installation. Go to
   • administer > modules (on Drupal 4.7 or Drupal 6) or
   • administer > site building > modules (on Drupal 5)
   • modules (on Drupal 7) or
3. Go to
   • administer > input formats (on Drupal 4.7) or
   • administer > site configuration > input formats (on Drupal 5)
   • administer > input formats (on Drupal 6)
   • configuration > text formats (on Drupal 7)

   and add slideshow filter in any filter type your site has.

Usage

You can insert a slideshow in any node, adding the string:
[slideshow:VERSION, img=|IMAGE_URL|LINK|TITLE|CAPTION|TARGET|, img=|IMAGE_URL|LINK|TITLE|CAPTION|TARGET|]

where:
VERSION: REQUIRED the slideshow filter version: currently 2

then, for each image you want to insert, use:
IMAGE_URL: REQUIRED the image itself
LINK: if you want to provide a link to some page, put the URL here
TITLE: often the bold text over the image
CAPTION: often the text under the image