The Joomlashack Blog
Urgent Joomla 1.5 security vulnerability discovered
- Written by Tom Elliott Tom Elliott
- Published: 13 August 2008 13 August 2008
From the Joomla.org website:
The Joomla! community is pleased to announce the immediate availability of Joomla! 1.5.6 [Vusani]. This is a quick turnaround security release to address a high level security issue and it is recommended all users upgrade immediately.
A flaw in the reset token validation mechanism allows for non-validating tokens to be forged. This will allow an unauthenticated, unauthorized user to reset the password of the first enabled user (lowest id). Typically, this is an administrator user. Note, that changing the first users username may lessen the impact of this exploit (since the person who changed the password does not know the login associated with the new password). However, the only way to completely rectify the issue is to upgrade to 1.5.6 (or patch the /components/com_user/models/reset.php file).
For more information about this exploit, click here to visit the Joomla Security Blog.
Our latest Joomla 1.5 ready template: Earthblog by Joomlashack
- Written by Tom Elliott Tom Elliott
- Published: 05 August 2008 05 August 2008
The "Earthblog" Joomla! template is a great template for technical sites, blogs, communities, churches, portals, and so many more.
This template has a variety of time saving extras such as matching JCalPro themes and a super-lightweight mootools slider module to attract readers to your featured content!
When you purchase the Earthblog template package, you'll get all the preset styles shown in this demo as well as the Fireworks graphic source files used to create this template. To make things even easier for you, we've separated the entire CSS structure from presentation in a separate commented file that can easily be modified.
EarthBlog is a Joomla 1.5 native template only. Check it out today!
Read more: Our latest Joomla 1.5 ready template: Earthblog by Joomlashack
Our latest Joomla 1.5 ready template: Earthblog by Joomlashack
- Written by Tom Elliott Tom Elliott
- Published: 05 August 2008 05 August 2008
The "Earthblog" Joomla! template is a great template for technical sites, blogs, communities, churches, portals, and so many more.
This template has a variety of time saving extras such as matching JCalPro themes and a super-lightweight mootools slider module to attract readers to your featured content!
When you purchase the Earthblog template package, you'll get all the preset styles shown in this demo as well as the Fireworks graphic source files used to create this template. To make things even easier for you, we've separated the entire CSS structure from presentation in a separate commented file that can easily be modified.
EarthBlog is a Joomla 1.5 native template only. Check it out today!
Read more: Our latest Joomla 1.5 ready template: Earthblog by Joomlashack
Joomla 1.5.5 Released: Duplicate Title Bug Squashed
- Written by Tom Elliott Tom Elliott
- Published: 05 August 2008 05 August 2008
The pace of improvements to Joomla 1.5 seems to be quickening this summer, as we're seeing new versions in weeks now.
The latest is Joomla! 1.5.5 [Mamni]. The Joomla Project refers to it as a "quick turnaround release to address the Duplicate Title error from 1.5.4
This release also contains "important SEF URL improvements and fixes for com_content in addition to a number of bug fixes and improvements."
Be sure to upgrade today, especially if you upgraded to version 1.5.4.
Need a template for your Joomla 1.5 site?
Joomla Training in New England
- Written by Barrie North Barrie North
- Published: 31 July 2008 31 July 2008
Our own Barrie North is running Joomla Training and education across New England. If you want:
- Expert instructors with teacher certification AND deep Joomla expertise
- One-on-one hands-on time to implement what you learn
- Optional ongoing education and support to create a successful Joomla website
- Small class sizes so you can ask questions one-on-one
- An included copy of the best selling "Joomla - A User's Guide"
.... then you need to attend this training.
Joomla 1.5 rolls on to to version 4
- Written by Tom Elliott Tom Elliott
- Published: 24 July 2008 24 July 2008
The Joomla Project recently announced the release of the latest version of our favorite CMS, Joomla 1.5.4, codenamed "Naiki."
Quoting from the news item on Joomla.org, here are some of the bug fixes announced with this release:
- Several Search component fixes, including the removal of HTML tags as possible search results
- Banners can handle Flash items
- Polls and Latest and Most Popular articles listed in the Administrator now support GMT dates
- Several OpenID improvements
- Several critical security improvements
The Joomla Project recommends upgrading your version asap. Download and upgrade today!
Need a template for your Joomla 1.5 site?
Creating a Parent / Child Relationship in a Menu
- Written by TJ Baker TJ Baker
- Published: 24 July 2008 24 July 2008
In order to use a Suckerfish Dropdown menu, or Dropline menu, it is first necessary to set up your menu to have 'Parent / Child' relationships. The 'Child' item is the one that you will see 'drop down', or as a 'sub menu' item.
This tutorial covers how to make it happen.
(this example uses Joomla 1.5 - although the backend looks a bit different in 1.0, the concepts are the same)
Step 1: Access the Menu Manager
Select the menu you wish to set up parent / child relationships in. In this example, we are going to use the Main Menu
No parent / child relationships
This image shows a menu with no parent / child relationships.
Access the Menu Parameters
Once you've accessed the menu, click on the menu item you wish to make a 'child' item in your menu. You will see the 'Parent Item' parameter on the left side of the screen. This is where you will assign a parent item, thus making the menu item we are editing the 'child' item.
In this case, we are going to set the parent item to be 'What's New in 1.5?" - see below
Select the 'Parent Item'
Select the item you wish to be the Parent Item. In this exaample we are setting the 'What's New in Joomla 1.5?" link to be the parent of the 'Joomla! Overview' link.
Save the Changes
Click on Save to apply the changes.
Parent / Child relationship is set!
You'll see after saving that the parent / child relationship has been set. Child items are shown indented with a connection to the parent item. You can do this for as many links as you need, as many levels deep as you need. Although, the template must accomodate the levels. Joomlashack's templates will accomodate up to 3 child items.
Step 2: Set up the Menu Module
Access the menu module by going to the Extensions -> Module Manager, and select the menu module you wish to use. In our example, we are using the already existing 'Main Menu' module. So we click on the module name to open it.
Setting it up.
Upon opening our menu module, you will see some parameters that must be set properly for the menu to operate as a suckerfish or dropline menu.
Set the 'Details'
In the Details area of the module settings (top left), set the parameters as seen above, and listed here:
Show Title = No
Enabled = Yes
Position = Whatever position you are setting up the suckerfish / dropline menu to be displayed in. Check your template documentaiton, found in the template demo, for the location to use suckerfish / dropline menus in.
Set the 'Parameters'
In the Parameters area of the module settings (top right), set the parameters as seen above, and listed here:
Menu Name = mainmenu (choose the name of the menu you wish to use to populate the suckerfish / dropline menu with -- in our case, we've set up the 'mainmenu' to have the parent / child relationships and will be using that menu)
Menu Style = List
Always show sub-menu items = Yes
You do not need to change any of the other parameters, unless otherwise noted in the docuementation for the template.
Preview your site to see your work!
If all settings have been done properly, you should now have a fully functional Suckerfish or Dropline menu set up, with the Joomla! Overview being the child item of the What's new in 1.5? parent.
Repeat the First Step to set up more items for the menu.
As stated above, this tutorial uses Joomla 1.5, however, the concepts are the same for Joomla 1.0 - it's just a bit different in where and how you do things.
If you have any questions or need further assistance, please visit the Community Forum and post to an appropriate thread.
How to embed a YouTube video into an article in Joomla
- Written by Steve Burge Steve Burge
- Published: 23 July 2008 23 July 2008
Update: we highly recommend the OSEmbed extension for embedding code in Joomla.
OSEmbed is the easiest way to embed anything in Joomla. You can add YouTube videos with just a URL. Plus you can also add Facebook posts, X / Twitter tweets, Flickr images, Vimeo videos and over 60 other types of media.
OSEmbed really is the best way to embed YouTube videos and everything else.
Read more: How to embed a YouTube video into an article in Joomla
How to use the GeSHi plugin in Joomla
- Written by Steve Burge Steve Burge
- Published: 22 July 2008 22 July 2008
Joomla! comes with a plugin/mambot called GeSHi that comes in quite handy if you have a site in which you share code snippets with your readers. I recently tried to use GeSHi on a Joomla! 1.5 site, and I found that it works differently in Joomla! 1.5 than it does in Joomla! 1.0. Read on to see how to use it in both.
What is GeSHi?
GeSHi stands for "Generic Syntax Highlighter", and it is used to highlight code snippets in different web languages like PHP, HTML, and CSS. It also converts tags in those languages so that they will not render like regular tags.
For example, if you want to share some HTML code, you have to use something like GeSHi, or the browser will treat your HTML code like regular HTML code.
The following code is done without GeSHi:
<p><strong>Without GeSHi</strong></p>
The following code is done with GeSHi:
<div class="code">
<pre xml:"php">
<p><strong>With GeSHi</strong></p>
</pre>
</div>
Not that in the code with GeSHi, you can see the HTML tags, and in the code without GeSHi, you cannot see the HTML tags. The words "Without GeSHi" are rendered like regular HTML
How to use GeSHi in Joomla! 1.0
To use GeSHi in Joomla! 1.0, you use the following HTML code:
<div class="code">
<pre xml:"php">
<pre lang="html">
<!-- your HTML code here -->
</pre>
</pre>
</div>
You can change 'lang="html"' to other languages like 'lang="php"' so that GeSHi highlights it according to the language you are using.
How to use GeSHi in Joomla! 1.5
GeSHi has a very slight difference in Joomla! 1.5. Here is an example:
<div class="code">
<pre xml:"php">
<pre xml:html>
<!-- your HTML code here -->
</pre>
</pre>
</div>
Note that instead of 'lang="html"', you use 'xml:html'. That is the only difference. I'm not sure why they did it that way, but they did so if yo plan on using GeSHi for Joomla! 1.5, you need to be aware of this.
Questions/Comments
As always, questions and comments are welcome.
How to view just your component in Joomla! 1.5
- Written by Steve Burge Steve Burge
- Published: 22 July 2008 22 July 2008
Here is a neat little trick I picked up last Friday at the Joomla! 1.5 bootcamp in Austin led by Johan Janssens.
In Joomla! 1.5, if you simply want to display your component without any modules and without your template styles, all you have to do is add "?tmpl=component" or "&tmpl=component" to the end of the URL, depending on whether or not there are already other parameters on the end of the URL.
For example, if you just want to view the component on the home page of the new community.joomla.org site, you simply add "?tmpl=component" to the URL like this: https://community.joomla.org/?tmpl=component.
This trick is really useful for template designers because you can isolate the HTML used in a specific component, so you can determine how best to set up your CSS for styling that component.
Enjoy!