Drupal Resources

Drupal Resources

Drupal Security Advisories

Project: Custom PermissionsVersion: 8.x-1.x-devDate: 2017-November-08Security risk: Moderately critical 13∕25 AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:AllVulnerability: Access bypassDescription: 

Custom Permissions is a lightweight module that allows permissions to be created and managed through an administrative form.

When this module is in use, any user who is able to perform an action which rebuilds some of Drupal's caches...

Project: Permissions by TermVersion: 8.x-1.x-devDate: 2017-November-08Security risk: Moderately critical 14∕25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:DefaultVulnerability: Access bypassDescription: 

The Permissions by Term module extends Drupal by adding functionality for restricting access to single nodes via taxonomy terms.

The module grants access to nodes that are being blocked by other node access modules and that...

Project: Automated LogoutVersion: 7.x-4.x-devDate: 2017-November-01Security risk: Moderately critical 14∕25 AC:Basic/A:Admin/CI:Some/II:Some/E:Proof/TD:AllVulnerability: Cross Site ScriptingDescription: 

This module provides a site administrator the ability to log users out after a specified time of inactivity. It is highly customizable and includes "site policies" by role to enforce log out.

The module does not sufficiently filter user...

Recent Article

This articles features links and information from the Peerless design Security presentation from various Drupal Camps in the Eastern US. Audio from New Jersey's impromptu presentation can be found on the Drupal Camp NJ site for 2014. The PDF version contains all info removed to accommodate time constraints. The entire presentation is available in a white paper available here.

Drupal Weekly Drop

Issue 315 - November, 9th 2017
Issue 314 - November, 2nd 2017
Issue 313 - October, 26th 2017

Planet Drupal

How to update Drupal 8 core?

Let's see how to update your Drupal site between 8.x.x minor and patch versions. For example, from 8.1.2 to 8.1.3, or from 8.3.5 to 8.4.0. I hope this will help you.

  • If you are upgrading to Drupal version x.y.z

           x -> is known as the major version number

           y -> is known as the minor version number

           z -> is known as the patch version number.

...

Over the years Drupal distributions, or distros as they're more affectionately known, have evolved a lot. We started off passing around database dumps. Eventually we moved onto using installations profiles and features to share par-baked sites.

There are some signs that distros aren't working for people using them. Agencies often hack a distro to meet client requirements. This happens because it is often difficult to cleanly extend a distro. A content type might need extra fields or the logic in an alter hook may not be desired. This makes it difficult to maintain sites built on...

While the Drupalcon webseite has a good few pointers to the well-known major tourist attractions, as locals we'd like to share our knowledge about some of our favourite places with you! So here a few recommendations:

Viennese Wine and Heurige

If you stay for the weekend after the Con, you can join the Vienna Wine Hiking day, which I can highly recommend. There are 3 possible easy hikes through the vineyards with lots of options to stop for tasting gorgeous wine directly...

What our clients are saying