Drupal Resources

Drupal Resources

Drupal Security Advisories

Project: Universally Unique IDentifierDate: 2019-May-29Security risk: Moderately critical 14∕25 AC:Complex/A:User/CI:All/II:Some/E:Theoretical/TD:DefaultVulnerability: Access bypassDescription: 

This module provides an API for adding universally unique identifiers (UUID) to Drupal objects, most notably entities.

The module has a privilege escalation vulnerability when it's used in combination with Services+REST server.

This vulnerability is...

Project: TableFieldVersion: 7.x-3.x-dev7.x-2.x-devDate: 2019-May-29Security risk: Moderately critical 13∕25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:DefaultVulnerability: Access bypass and Cross Site ScriptingDescription: 

This module allows you to attach tabular data to an entity.

Access bypass

There's no access check for users with an "Export Tablefield Data as CSV". They can export data from...

Project: Menu Item ExtrasDate: 2019-May-22Security risk: Moderately critical 10∕25 AC:Basic/A:User/CI:None/II:Some/E:Theoretical/TD:DefaultVulnerability: Cross Site Request ForgeryDescription: 

This module enables you to handle fields for Custom Menu Links.
The module doesn't sufficiently check requests to one of the module controllers if the user has permission 'administer menu'.
This vulnerability is mitigated by the fact that...

Recent Article

This articles features links and information from the Peerless design Security presentation from various Drupal Camps in the Eastern US. Audio from New Jersey's impromptu presentation can be found on the Drupal Camp NJ site for 2014. The PDF version contains all info removed to accommodate time constraints. The entire presentation is available in a white paper available here.

Drupal Weekly Drop

Issue 391 - June, 6th 2019
Issue 390 - May, 30th 2019
Issue 389 - May, 23rd 2019

Planet Drupal

On the evolution of web content approaches and technology perspectives

Change is in the air!

In more ways than one, our world is in the throes of change. We live in an era where politics and governance, economy and international relations as also business and technology are all careening through an edge-of-the-seat roller coaster ride, from one ‘cutting edge’ to another.

Ideas, values, systems, processes, frameworks - what held...

Another DrupalCon is in the books and our team had a fantastic time gathering with so many members of the worldwide Drupal community in Seattle. Getting together in person with a large portion of our team is always a treat, but it makes it all the sweeter when our team has the chance to share their expertise by presenting at DrupalCon.

Long, long ago, before we had indoor plumbing, penicillin or `civix generate:module`, a humble drupal module was born.

It tried its best to be helpful by employing an (at the time) cutting edge technique known as CRM_Utils_Migrate_Import to dump a motley collection of custom fields, profiles and options into your CiviCRM database.

Along with other cutting edge techniques (such as lobotomies), the process of automatically adding custom fields, profiles and options has been improved and now can be done with managed entities and our lovely api.

The...

What our clients are saying

I have seen the first layouts and they are awesome...
...we just want you to know that we are appreciative!
...continued to monitor it closely and is still always available to help me if I have any questions
...your punctuality, your casual and open personalities, and both your hard copy and online portfolios speak very highly of you and your business as well
...provided us with excellent, expert service in a professional and personable manner.
I love directing our customers to our new site knowing that they are going to be able to find exactly what they are looking for...
...able to translate technical information in an accessible way...
I would highly recommend her for any position requiring IT design and development
Thanks so much for everything!
... incredibly impressed with what you brought to the table
I realized that I had picked the right company to work with soon after beginning a project with Peerless Design, Inc.
A great experience and a much improved website.
...I have no doubt we will have the best site in the 2010 election of any PA candidate
...able to take my abstract ideas and add their expertise to bring them to life in a way that was better than I could have imagined!
I'm so happy we chose to work with PEERLESS Design.
...can do anything any other designer can do and generally quicker, cheaper and better.
I would highly recommend her for any position requiring IT design and development
" PDI provides us prompt, effective and efficient service in maintaining our Drupal based website."
... they also made suggestions which showed me that they fully understood what I wanted to accomplish.
...took my less than mediocre site and completely revamped it into a beautiful, professional, and easy-to-navigate site
...a pleasure to work with, combining patience (for my busy schedule and at times overwhelmed brain) with her strong motivation and energy to keep me going
...very responsive to our questions and needs
...dedicated, competent and driven to get the job done and done well.
...creative, independent, responsive...
I had a very tight deadline and budget, and they met it, seemingly with ease.