General discussion

Hi,

I've downloaded Drupal and going through configuration topics. So far i'm thinking i don't have to write any code to build a site using Drupal. I think i may be wrong and you can comment me on this, caz i'm trying to understand how this CMS does help me. After read some of the configuration topics, i understood that i need to have a site already developed before using Drupal. Am i right?

how do one enable the search module ?

can anybody help me what must i do to get this out of the page ?

A CMS should ideally provide three main functions for me.

• Store and retrieve information in a flexible manner.
• Ability to create a heirachical site structure for this information.
• Intelligent menu that stays "active" correctly in different sections.

Flexinode combined with taxonomy appears to fulfill the first request brilliantly.

My second request for a heirachy is currently partly possible. If I store my information as flexinodes (for the enormous flexibility it brings), I can of course create a structure for them by linking them to a menu, but it would also be nice to be able to link flexinodes as part of a book structure ... I don't think this is possible at the moment?

My third request of a menu that functions (stays "active") correctly, is fulfilled to an extent by the menu module. However, if I view a node that is not linked to any menu, then of course my menu fails to work (that is, to stay "active"). This is only possible at the moment manually through a php script that creates a menu by checking the url (that is, an aliased url) ... thus my script might say, if the url is "/biography/" then keep the "biography" tab active ... I can then view an unlinked node with a url containing "biography" and know that the tab will correctly display as active).

I think a properly functioning menu makes navigating a site far easier, especially for new visitors. It can be quite disconcerting for some people to visit, say, a forum, where as soon as they click on a post, the forum tab becomes inactive (Drupal.org avoids this problem by simply having tabs that are never "active", which in my opinion makes the tabs far less useful).

I have the following details from my webhost about an email exploit which has to be coming from Drupal, I think:
-lai /tmp | grep {mysite username}
196609 4 drwxr-xr-x 2 {mysite username} {mysite username} 4096 Sep 26 06:44 .tka
158 4 -rwxrwxrwx 1 {mysite username} {mysite username} 757 Aug 8 18:12 dc.txt
187 20 -rwxrwxrwx 1 {mysite username} {mysite username} 19258 Aug 8 18:23 r0nin

I recently had a Drupal site defaced. A little bit of carlessness on my part but I noticed that they seemed to have a script specifically designed to deface drupal installations. First the server was compromised with an upload script, then they upload a file called drupal_view.php, from there it looks like they deface the site. Unfortunately I have to say I'm running and older version of Drupal, but I've kept up with the advisories and gone so far as to remove or hand edit files (like xmlrpc) when they come under question. Anyone out there run across this type of attack?