Notes From DrupalCon Barcelona 2007


NB: Notes in square brackets are mine.

OpenID (James Walker)

OpenIDs from, AOL, Sun, etc. = best security, features.

[SSL for login to OpenID provider, so don't need to worry about SSL login or account/password security in Drupal so much.]

[Have to trust the OpenID provider, but currently have to trust email provider anyway.]

[OpenID provider liability for security breaches?]

[Phishing should be dealt with by client-side tools that check the identity of the OpenID login site, eg Firefox (core or extension), cardspace, etc]

White/blacklisting for trusted OpenID providers.

Attribute Exchange for profile metadata: keys are URLs.

Simple Registration: not for verification of identity, but provides profile details for pre-filling registration forms.

Advanced Javascript (Konstantin Käfer)

  • Firebug

    • DOM tab => properties available to Javascript
    • Debug => backtrace from errors

  • Firebug Lite: for other browsers.

  • MS Visual Web Dev 2005 Express: free, debug JS in IE.

  • WebDevHelper: JS Console + XMLHTTP monitoring + backtracer for IE.

  • JS lint + TextMate bundle.

AHAH: uses iframe to load content. Can be used to submit forms - result in JSON ('data' element) can be read from the iframe. Drupal methods for AHAH in Form API: #ahah_

Theming in Javascript: use Drupal.theme('module'); override with Drupal.theme.prototype.module = function(){}

Form API 3 (Jeff Eaton)

Drupal 5: hook_forms, hook_elements, hook_form_alter

Drupal 6:

  • attach AHAH events to buttons.

  • $op removed.

  • separate validation and submit handlers for Preview, Delete, etc (each button).

  • No more special multi-step forms - can now be used in any forms by setting $form_state flag.

  • $form_state array passed into validate/submit handlers and can be modified.

  • Information in forms cached at each step in $form_state['storage'] and can be recalled later.

  • Set the $form_state['rebuild'] flag if needed for multi-step.

  • In hook_form_alter, add a validate function to the $form['#validate'] array, then check $form_state and add form elements in there if necessary.

External data (Ken Rickard)

Use $db_url array in settings.php to define multiple databases, and db_set_active to switch between them.

$header array in theme_table is an array with data, field and asc values.

Use hook_search for external data values.

Build node then use node_save to create node dynamically.

[we do this already for PubMed searches in Scintilla]

Summer of Code Showcase (Angela Byron)

List of projects

  • Drawing API: does basic drawing as SVG.
  • SMS Gateway: send messages to SMS networks, eg 'send to phone' button.
  • Version Control API: make Project module independent of CVS. Subversion backend to come.
  • Taxonomy Manager: nice dynamic interface.
  • Feed API: has time limit for feed fetching instead of number of feeds. Nice feed management interface.
  • Load testing: run load tests.
  • Automated staging toolkit: for testing sites on staging server, ie start from fresh state and automate installation etc. Drupal testing profile = script to check out modules etc.
  • Themes: 2 theming students (great idea). Multicolumn themes.
  • Update status module: Security tool; shows how many sites have modules installed and which versions.

  • Fuzzy search: expands search terms to return more results.

  • Jabber/XMPP: interface with Jabber networks, eg with subscriptions module. [Could be useful for Facebook apps.]

  • Autocomplete module for adding links while editing nodes: nice dynamic loading.

  • Public/private file handling improvements.

  • BitTorrent: provides admin interface for BT tracker and torrent node content type. Handles ratio, private torrents, etc. Web seeding. [Unfinished?]

Future of nodes (Jeff Eaton)


CCK widgets as Form API elements.

Basic 'thing' element like Rails? [objects]

nodeAPI features for other types of content.

Workflow-ng (Wolfgang Zeigler)

UI for configuring actions on certain events.

eg 'user has logged in' => redirect to a certain page.

Uses Token module for replacing patterns in strings.

Combine with Views and a CCK field for node status (eg Needs Work, Needs Review, Published) to create views for editors, reviewers, etc.

Actions + Triggers in Drupal 6 has similar function.

Flex (Christoph Rooms)

Flex Showcase built with Drupal backend.

Install Profiles (Boris Mann)

Supported by Hostmaster.

configuration, setup, modules, themes, content, any php functions.

Define list of modules to be enabled.

Overrides default setup, so can remove standard content types and configuration settings.

Bryght provides modifiable default profile for use by anyone. abstracts db_query to CRUD operations.

Profile wizards produce profiles from existing site.

Upgrades - sort of: use profile_name.module with hook_update.

Wizard for asking questions during installation? - might be better elsewhere

Allows anyone to make their own version of Drupal core installation, without forking the codebase

Future: packages/bundles - eg install 'wiki' package to an existing site.

Facebook API (Dave Cohen)

Allows a Drupal site to integrate with Facebook as an application.

Can create an account when a user adds the application in Facebook, but can't yet integrate with existing profiles on the Drupal site.

Database Abstraction with PDO (Larry Garfield)

PDO provides further abstraction for database interaction, making it easier to support more database backends.

Don't have to worry about specifying field types as PDO will escape strings appropriately based on variables (string, integer, etc).

Drupal with PDO will provide db_insert, db_update and db_delete, which will take arguments as arrays and make it easier to do long insert and update statements.

Difference of opinion between those who say as many database backends as possible should be supported and those who have to spend more time writing database code when they can't use MySQL-specific syntax.

Panels 2 API (Earl Miles)

Lots of hooks for modules to define panels blocks.

Style types for blocks (eg tabs, rounded corners).

Dynamic editing and configuration of panels.

Schema API (Barry Jaspan)

hook_schema in module.schema defines tables as arrays.

.install file is still needed (for now), calls drupal_(un)install_\schema from hook_(uninstall)

Use calls like db_add_field for updates.

Handles edge cases with creating fields etc.

Can describe and compare actual db schemas with those defined in hook_schema: generates schema definitions from live database, reports discrepancies.

Data migration, maybe: for transferring changes between versions of a site.

Aggregation (panel)

Extensible aggregation API.

Caching handled by parsers.

Primary parser fetches data into predefined structure.

Secondary parser adds options to the data.

Doesn't have to be XML feed.

Map feed elements to node fields.

Threaded fetching? Would be handled by parser.

State of Drupal (Dries Buytaert)

Results of survey: important things to develop

Need lots of usability testing [front and back-end] "rockstar usability guys"

Rich Internet Application Platforms (Shane Caraveo)


SnapDragon to integrate Firefox developer tools

Templates and macros for building Firefox extensions

XUL, XBL, CSS, Javascript etc