PostNuke

Site search

Search results

Number of hits: 18

Security Announcement: PostSchedule 1.0.5 SQL injection vulnerability   (News)

For .764 PGCalender or PostCalendar might be a solution, when using .8 crpcalendar, Eventliner or TimeIt may be worth to look at.

We do not support PostSchedule with this fix, you use it on you own risk. It may (or may not) fix the recent exploit, but there might be others in the code. If someone wants to have closer look at it, feel free.

Generated on April 29, 2008.

Community News   (News)

Calendars! Calendars! Calendars!
A long time we all lived with PostCalendar - a complex and powerful modules that included Smarty before it was included as templating engine into the core. But the complexity was also the reason why the original maintainers gave up their work and nobody really picked it up again. Robert Gasch attempted to dissolve the code jungle and turned to other projects. Other modules like Zerocal, cal-zone or the pgCalendar addon for Pagesetter never really took off in the shadow of the huge PostCalendar. For a long time nothing much happened until recently several new calendar modules started to grow:

1. Daniele Conca's crpCalendar started off as a simple list of events but it is slowly turning into a full fletched Calendar with day-, week- and month-views. Moreover it supports hCalendar microformats and Content via plugin so you can integrate calendar events into your Content articles.
Download: http://noc.postnuke.com/projects/crpcalendar/

2. TimeIt is attempt to clone PostCalendar with .8 technology. In the meantime version 1.1 RC1 is released which not only offers all the features postCalendar has but also event registration and user events.
Download: http://www.assembla.com/spaces/files/cxTPX-9PKr3lxaabIlDkbG

3. Eventliner is a new Calendar which also imports PostCalendar data and offers day-, week- and month-views.
Download: http://noc.postnuke.com/projects/eventliner/

Good News for Communities
Florian Schliessl released a new, cool community module called ContacList which handles lists of friends. Your user will be able to ask other others for friendship and see their friends birthdays. The module can also be used in other modules to make user profiles aso only visible for friends. TimeIt already supports ContactList so your users can add their events or register and make this information visible to their friends.
Download: http://noc.postnuke.com/projects/contactlist/

Totally Web 2.0
Mark West released a little plugin that allows you to include these little buttons for all kinds of link services like del.icio.us, mr. wong aso. into your modules.
Download: http://noc.postnuke.com/projects/pnwebservices/

Pagesetter Successor
Marco Kundert is still working on his Pagesetter clone. The module will have all the features that Pagesetter has but replace all the stuff that Jørn first implemented in Pagesetter which now has been included into the core by the core features. Guppy will be repleaced by pnForm, the workflows will be replaces by the core workflows aso. Moreover he aims at making Pagemaster easier to use for beginners. Gabriel Freinbichler is already running a test version on one of his sites and he seems to be quite satisfied with it.

Shops
There are at least 3 forks of pnCommerce out there, maintained by Rüdiger Hahn, Jim Hatfield and others the problem now is that they all are very busy with their system and that they need to integrate all forks again to have a common code base again. There were several attempts to reunite the code but AFAIK the project lacks somebody who is really willing and able to put some time into it - who works self-motivated and needs the shop for his own sites.

Robert Gasch is working on a commercial shop. I had the priviliedge to take a look at it and it seems to offer a lot of very advanced features. If you need a shop and you are willing to invest some money into it, you should contact Robert.

Media
Axel Guckelsberger seems to have 50 hour days. His latest project is MediaAttach - finally a real solution for a central media repository. It still has some legacy from it's predecessor pnUpper but it already offers a lot of great features for the handling of media and it is included in Scribite and Content.
Download: http://noc.postnuke.com/projects/mediaattach/

Certainly there is a lot more going on - so if you are working on a project, please leave a comment.

Generated on April 21, 2008.

New Shop, New Calendar - Postnuke Community gains speed again   (News)

New Community Modules
Have you seen Florian Schliessl's modules? The central module is pnProfile - an alternative profile module similar to the new core module or AdvProfile (which actually has become the new core profile module ;-) ). pnProfile offers dropdowns, textfields aso.
Demo: technobilder.de.

Another nice community module is Florian's UserPictures. It allows users to keep their own personal gallery.
Demo: technobilder.de

I personally very much like Florian's ClickedMe which displays all the people who checked out you profile. Every user can choose for himself if he wants to be seen or not.
Download: ClickedMe.

To cut a long story short: Florian has released a bunch other modules. A list can be found in his NOC profile.

PostBuddy is a module that copies a very popular function of mySpace aso - you can make people your friend and display a list of your friends in your profile. Cool, eh?

Has anybody tried pnConnections? It sounds like a cool module.

Shops!
Did you see that Bernd Plagge adopted pnCommerce and released a working version? Contact him, if you are interested in cooperating with him! pnCommerce could use some cool new templates.

And pnCommerce has a young competitor! The development team has released a first beta of ShoppingKart. They are very active and keen on making ShoppingKart a cool module. IMHO their templates also lack beauty - but it's a first beta. ;-)

New Calendar
Robert Gasch and a user named "bones" announced to start working on a successor for PostCalendar - I'm really looking forward for that one.

But the grandmother of all calendar modules also has a competitor: crpCalendar. A neat little modules that's made to display a list of event dates - if you don't have too many of them it could fit your needs.

What else?
Did you see that Treverj is working on a cool Postnuke based Web 2.0 community site? Read: Project Updates.

The Spanish community released a Karma Addon for pnForum. You only need dpGraph for it.

Mark West released a new version of EZComments and added Akismet support. Akismet is the spam detection API of Wordpress. So EZComments sends all comments and trackbacks through Akismet to find out if it's spam or not. If you are working on any module that's been spammed - check out the Akismet module API and integrate its features into you module.

InvalidResponse released a first final version of his ElementBB forum. It's a nice and slim forum with great templates. Check it out at his homepage.

Jørn Wildt released a new content module that keeps content in a book like way and is made for team work. It's called CoType and should also serve as an example for a .8 implementation.

Hilope's Scribite is not only a module that adds the WYSIWYG editor of your choice to Postnuke modules. If you look deeper into the possibilities of for examples Xinha you will certainly never work on any site without this module. BTW: The initial development of Scribite was sponsored by the German Postnuke foundation. ;-)

Forgive me if I forgot your cool new module - this article wasn't meant to be complete. I wanted to give a little overview o

Generated on June 7, 2007.

The Road to .8 - Where are we, and where are we going?   (News)

The modules included in .760 which are templated, and taken direct from the .8 CVS are as follows:

Admin
Admin Messages
Autolinks
AvantGo
Blocks
Censor
Credits
Ephemerids
Groups
Header_Footer
Legal
Mailer
Members List
Messages
Modules
Permissions
pn_bbcode
pn_bbsmile
pnRender
Quotes
Ratings
RSS
Sniffer
Typetool
Xanthia

This represents a significant percentage of the .8 code, but there is still more to do. The aim of this article is to try and outline some of what remains to be done before we can consider a release of .8.

Six Main Projects for PostNuke Development
We have identified six main sub projects vital for a release of .8. These projects cover wide areas, and each are at different stages of completion. The six projects, in no particular order, are:


Integration of Open Star object library and Database Utility
Integration of Open Star category management
Installer
Xanthia
User management
Finishing of content modules

This article also includes a little information on some of the other new code to be introduced with .8 this is at the end, where we look at EZComments and the Error Handler.
Integration of Open Star Object Library and Database Utility
The new Database layer reuses the existing pntables information to provide an
object representation of database rows. The advantage of this approach is that
it allows you to basically remove manually coded SQL statements and replace
with what's typically a 1-line statement. Some sample invocations of such code
are shown below:

[code]
$myObj =& DBUtil::selectObjectByID (, $id);
$myObj =& DBUtil::selectObject (, $where);
$myObjArray =& DBUtil::selectObjectArray (, $where, $sort);
DBUtil::insertObject ($myObj, );
DBUtil::updateObject ($myObj, );
[/code]
These functions all return an associative PHP array, or in the case of array
functions, an array of arrays. The fields in this array are cleaned up in
the sense that any field prefixes have been removed. This DB API also
gives you the ability to have generate associative (object) arrays, expanded
arrays with other table fields joined in (which means that you can save SQL
lookup calls) as well as store/retrieve dynamic attributes without altering
the underlying table structure. Together this provides a highly flexible API
which can take care of all storage & retrieval operations.

On top of the DB layer sits the Object Layer. Objects provide a component model
which features transparent persistence facilities. Objects/Classees are loaded
though the Loader API though
[code]
Loader::loadClassFromModule (, 'foo') //

Generated on November 3, 2005.

Moving on: Better PostNuke ShortURLs   (News)

PostNuke sites well, while making the URLs hard to post to people in email or in forums. For instance, a news link looks like this:
/index.php?name=News&file=article&sid=123&mode=thread&order=0&thold=0

For some time now, PostNuke users have cried out for better Search-Engine Friendly URLs, and for the past few years, the only thing available has been a theme hack first detailed by Karateka (possibly E. Soysal before that, the links in the article are dead) way back in 2002, since worked on by ColdRolledSteel (Craig Saunders), and consequently me.
The advent of the ShortURL hack has seen sites hosted on Apache servers with the URL Rewriting module (mod_rewrite) enabled get URLs like
/Article123.html

for the above link, where certain assumptions have been made about the default settings for mode, thread and threshhold. A big improvement, but not very descriptive, and it comes at the cost of heavy post-processing of the site's content for links. Also, Search Engines use link keyword relevance in their rankings, and Article123 doesn't say much about the link, except that it's an article with the id 123.
As Karateka pointed out at the time in his article, a problem in implementing friendlier URLs with virtual directories is that all paths in PostNuke are relative, ie relative to the site root folder where index.php is located, and fixing it then would have required extensive changes in the core. That is, a URL like /Example/view.html would result in the browser looking for all links relative to its present location, ie in the nonexistant subfolder called Example, and subsequently it would fail to find the linked stylesheets, images etc, and all links from the page would similarly fail.

Unfortunately this situation has not changed in the intervening years, but as PostNuke modules are becoming API-compliant, they reference the same system function to build their URLs, so fixing this function and other associated functions to use root-relative links(1) will fix all compliant module URLs. But that leaves all other links, like images, Javascript, and stylesheets. The move to templating with Xanthia (for themes) and pnRender (for modules) is also making it easier, since Xanthia templates use a Xanthia variable to reference the theme's image directory path. So fixing Xanthia and pnRender will fix most paths in Xanthia themes. The exception are stylesheet and Javascript link paths and any links in the theme header, for which new path variables need to be introduced, so some updating of Xanthia themes is required. This makes the transition period to PN 0.8 an ideal time to introduced these changes, since few Xanthia themes have been released so far, and core modules are only just being converted to pnRender.
I stopped work on ShortURLs some time ago (before pn0.75) on the advice that a core module was being developed; however I have seen no evidence of this to date, and there is no indication in the upcoming PN 0.76 or CVS that there is anything coming. I got curious a month or so ago, and was somewhat dismayed at what I found.

Since then no progress seems to have been made on PostNuke ShortURLs. In fact, the current Xanthia filter hack has regressed, becoming bloated with complex and wholly unnecessary Regular Expression rules, many badly written with duplication and a number of bugs, especially in the accompanying htaccess file, going from the 15 rules proposed by Karateka to a massive 89. So, I set out to try and fix it, but ended up revisiting the idea of a core implementation using virtual directories to more logically structure the URLs in a way that is not only Search-Engine Friendly, but more User-Friendly.

Along the way, I've also been sidetracked and made a direly-needed new themable tab system for the Administration area based on AlistApart.com's Sliding Doors technique and consequently overhauled most of the Admin templates and a few User templates too, partly out of necessity due to the new Adminpanel, partly because they badly needed it. Those of you who have tried the pn0.76 Release Candidates would know that the templated output in them leaves something to be desired, drab and somewhat unprofessional-looking due to all the styling and CSS-classes having been ripped out, leaving a basic grey and white look with overly large headings and no theme tables for backgrounds. Hardly what you would call of Release Candidate quality. So pnRender and its plugins have been fixed to allow the use of Xanthia-like theme-colour tags as well as a tag for root-relative paths needed for ShortURLs, and the opentable functions have been fixed so that proper themed borders can be used. In fact most of the changes are in fixed templates, plugins, and module files.

My proposed implementation still retain the Xanthia filter for backwards compatibility with older themes, modules and blocks, but has been wholly rewritten and pared down to 24 rules, including a rule to fix all links to be root-relative. As PostNuke is in transition to be fully pnAPI-compliant by PostNuke 0.8, the remaining ones can gradually be removed altogether as themes, modules and blocks are updated. There's also a version for AutoTheme.

This particular scheme is experimental and may be tweaked or improved upon. It seeks to reduce the reliance on the Regular Expression(2) post-processing for links and introduce more user-friendly URLs that have more relevance for people and search engines alike by using virtual directories to visually distinguish sections of the site by module and function, such as
/Example/View.html

and for the News articles introduce Category, Topic, and Title information in the link:
/Category/Topic/ArticleXXX-title-of-story.html

For instance for a news story in the category Computers and the topic Postnuke called "PostNuke Shorturls", you'd have the URL
/Computers/Postnuke/Article123-PostNuke-Shorturls.html

This is a clear, concise and informative link that tells the user and search engine alike something about the link before going there, while retaining backwards compatibility with links of the old ShortURL scheme. It more closely emulates the way we think and organise information, using the folder analogy where we have a clearly-labelled Computer category folder, under which we have the various sub-categories - Topics - with various articles. In this case, we're using a virtual file anchored by the word "Article", clearly identifying it as such, followed by the article number and title. There is backwards compatibility, so that older links for Article123.html will still work.

In this instance I've excluded the News keyword altogether for brevity in favour of the Category and Topic keywords which insinuate News anyway, though there is nothing against being consistent with all the other ShortURLs and having the Module appear first, as in
/News/Computers/Postnuke/Article123:-PostNuke-Shorturls.html

This is for the special case of the core News module though, a more generic method is needed overall for URLs with various unknown parameters passed in the query string. This implementation uses the scheme:
/Module/Function-Param1:Value1-Param2:Value2... -ParamN:ValueN.(p)htm(l)
where the Query string parameters are tagged onto the virtual filename grouped by colons and separated by hyphens, the idea being to use commonly-used characters we might normally use in a list to make it look as natural and readable as possible. It may be a less-commonly used character than the hyphen is needed, like the tilde ~ character, since some parameter values may use a hyphen, in particular usernames. This is not a problem if passed as the last parameter, where it may contain any character. So if the module developer kept this in mind, it might not be an issue. I'm not aware of it being one so far. The PostCalender ShortURL plugin deliberately places uname, if present, last.

The extension is not necessary, but used for convenience. The 3 types used are either one of html, htm, or phtml, the latter useful to distinguish when you want to link to real HTML files on the site. The extensions as well as the option to use ShortURLs or not is set in the Settings panel, though I've only offered the option of html and phtml, since frankly the MS DOS-holdover extension htm annoys me.
Older URLs are marked with a + before the Function name, as in
/PNphpBB2/+profile-mode:editprofile.html

so that the server can translate it correctly. If the directory doesn't actually exist, entering
/Example/

will redirect to the Example module main page (Apache only)
/Example/main.phtml

which in return gets rewritten invisibly to
/index.php?module=Example&func=main

Otherwise, if it does exist, the index file of the relevant directory will be opened.
Similarly, with
/HTML/filename.html

if the file exists, it will be opened, else PN will look for
/index.php?module=HTML&func=filename

It is still possible to tag on query strings like
/ModName/main.phtml?theme=seabreeze

or
/ModName/main-theme:seabreeze.phtml

will both be translated to
/index.php?module=ModName&func=main&theme=seabreeze

There are any number of possible ShortURL systems, the simplest being to simply chop the URL into virtual directories, like /News/123/ from the above News example as some do. Xaraya uses a variant of this for news, though it doesn't use mod_rewrite, so appears like
/index.php/news/123

Again, this is concise, but contains few meaningful keywords other than the module name News. You can combine the two methods for News and have
/News/Category/Topic/123/title-of-article

which works very well, but loses some of the elegance of the above philosophy, since the latter part breaks up the virtual file into 3 with no anchor words, which is not how we organise information.
For generic URLs, there are a number of methods; for instance Mambo, another CMS, use generic ShortURLs like
/component/option,com_newsfeeds/catid,5/Itemid,7/

for a News URL like
/index.php?option=com_newsfeeds&catid=5&Itemid=7

where the querystring values are grouped by commas and separated by forward slashes (virtual directories). It is a ShortURL, though in this case not shorter, and doesn't have any useful keywords, other than "newsfeed", and is not very human-readable. For a generic URL, this is somewhat unavoidable, but can be better than that.
This implementation also contain a way to customise ShortURLs on a per-module basis through a file called shorturls.php placed in the module folder (see the Example module), such as the News URLs, or 3rd party modules like PostCalendar, which instead of the full URL like
/index.php?module=PostCalendar&func=view&tplview=&viewtype=day&Date=20050405&pc_username=&pc_category=&pc_topic=&print=

with the above generic ShortURLs would be rendered as
/PostCalendar/view-viewtype:day-Date:20050405.html

but with customised URLs become
/Calendar/05-04-2005/day.html


The beauty is, though, once we've created the groundwork in the core of PostNuke, any implementation will be fairly easy.

1) Root-relative links: Links relative to the server site root (eg /nuke/filename.html), which stays static, as opposed to relative to the present file (eg filename.html).
2) Regular Expression (RegEx): A complex pattern-matching language that can look a bit like a mathematical formula, used in the Xanthia ShortURL filter at /modules/Xanthia/plugins/outputfilter.shorturls.php.


----------------------------------------------------------------
If this were Mambo, I'd charge you 80 Euros for all this (the price for SEF Advance), but because you're all such nice people (except that guy up the back, you know who you are :) ), I'll let you have it for free.

A PDF of the ReadMe included in the package, but with additional screenshots, is found here (570kb).

I've also written a more technical ReadMe on installing ShortURLs, included in the package under the docs folder, and also found here.

here's a test of the tab system using the Aqua theme. It also comes with an XP-styled theme and the default-CSS-based one. I hope you like it, because it took a lot of work to perfect.

OK, screenshots: Well, no point having screenshots of URLs, so here's some of the tab system and modified SeaBreeze and PostNukeBlue themes' Admin templates instead:

1. The main adminpanel in PostNukeBlue with the Aqua-themed tabs, hovering over the Settings panel.
2. Same as above, but with the Theme Override set under Modify Config and with a tabs.css stylesheets in the theme's style folder. The rounded corners are only visible in Mozilla/FireFox.
3. The Luna tab theme in SeaBreeze, hovering over the 3rd Party tab.
4. The Xanthia Admin tabs using Aqua tabs in PostNukeBlue, hovering on Theme Settings.


And finally, the downloads:
I started out fixing PN0.75, so there are 2 downloads: One for PN0.75, and one for PN0.76rc4. I'll update it once the PN0.76 final is released.
Please backup your site before installing these patches, since a lot of system files are replaced. The PostNuke 0.76rc4 ShortURL package is rather large, consisting of some 400 files in a 1Mb zip file. The PN0.75 package has some 170 files and is around 800kb. Most of the changes are drop-in changes that doesn't necessitate updating of modules, but there are some exceptions in the PN0.76 package, in particular the Settings and Polls modules, where you need to first go to the Module list, regenerate, and update. Specific patches for popular 3rd party templated modules like AutoTheme and PNphpBB2 are included, but only a limited number of 3rd party modules have been tested with this package. No changes are made to the database, but it is still a good idea to back that up as well. You have been warned.

PostNuke 0.75 ShortURL package (833kb)
PostNuke 0.76rc4 ShortURL package (1Mb)

Two of the updated core themes:
PostNukeBlue (249kb)
SeaBreeze (120kb)


Feel free to discuss this proposal in the forums.

Enjoy!


Martin Andersen 8/7/200

Generated on July 9, 2005.

PhpNuke2PostNuke : Your bridge to the PN World   (News)

provided there. This script works ONLY for MySQL 3.x schema. For other dbms (PostgreSQL, MsSQL, MySQL 4.x) you need modify the script.

++ UPGRADE SUMMARY ++
PhpNuke 7.0, 7.1, 7.2, 7.3, 7.4 -> PostNuke 0.726
PhpNuke phpBB2 Forums port 2.0.5 -> PNphpBB2 1.2d
PhpNuke Encyclopedia -> pnEncyclopedia 0.2.0
PhpNuke Event Calendar -> PostCalendar 4.0.1

A new version for 0.750 is coming soon. I'm looking for make this a project at noc. Please help me on this topic.

Download link
Support forum

Generated on September 14, 2004.

Brazilian Portuguese for 0.726 with over 60 modules!   (News)

supposed to "hit and run", because there might be some files which are heavily hacked -- yes, you can do that to translations, too :-)

That's because I used for quite some time pncUserHack (affecting NS-User, NS-NewUser and NS-Your_Account) and some News hacks. Also, Extended Topics and AT Lite Blocks might have different defines. But, anyway, that won't stop your site from working, of course. And bear with me, as this is a one man job.

But, please, send me your patches, so I can clean it up and release a FULL CORE COMPATIBLE TUpInUKIM, ok?

Here's the listing of modules included:
******************
* Módulos (63) *
******************
advanced_polls
All_Stories
Archive
Autolinks
Blocks
Censor
ChangePassword
ContentExpress
Credits
Downloads
dq_helpdesk
Encyclopedia
FeedBack
feproc
fetax
FormExpress
legal
MailBag
Members_List
Messages
Modules
News
NS-AddStory
NS-Admin
NS-Admin_Messages
NS-Banners
NS-Comments
NS-Ephemerids
NS-Groups
NS-Languages
NS-LostPassword
NS-MailUsers
NS-NewUser
NS-NewUser*
NS-Past_Nuke
NS-Referers
NS-Settings
NS-User*
NS-Your_Account*
pagesetter
Permissions
photoshare
phpBB_14
pn_bbclick
pn_bbcode
pn_bbsmile
pnTresMailer
PostCalendar
Quotes
Ratings
Recommend_Us
Search
seminars
shortnews
Stats
Topics*
UpDownload
Web_Links
xuser
* => modules duplicated in the pack due to hacks:
pncUserHack
ExtendedTopics

******************
* Blocks  (28) *
******************
admin.php
banners.php
big.php
category.php
emldaonline.php
ephem.php
error.php
finclude.php
fxp.php
i-featured_article.php
linklist.php
login.php
menu.php
online.php
past.php
phpBB_14.php
phplive.php
poll.php
progress.php
radio.php
recent_and_top_news.php
rss.php
rss2.php
stories.php
thelang.php
topic.php
user.php
whatsnews.php


Download link: http://prdownloads.sf.net/pnlanguages/pnlanguages-x_brazilian_portuguese-0726-tupinukim-A-beta.zip?download
Release notes (in Portuguese, pretty much the above info): https://sf.net/project/shownotes.php?release_id=239437
Project page: https://sf.net/projects/pnlanguages

Generated on May 20, 2004.

PostCalendar Security Advisory PCSA 2004-1   (News)

RELEVANT RELEASES
4.0.0

DESCRIPTION
PostCalendar is an online events calendar. Allowing for one time or recurring events and calendar sharing with multiple categories and PostNuke topics integration.
Vulnerable versions can be exploited through SQL injection within the search function.

SOLUTION
It is recommended that all admins upgrade their sites to v4.0.1 or apply the latest security fix package for v4.0.1 available right now from the locations listed below.

REFERENCES
No references are currently available on the net.

UPDATED PACKAGES
1. PostCalendar 4.0.1 Fullpackage (.zip format)
http://noc.postnuke.com/download.php/243/postcalendar-4.0.1.zip
MD5 checksum: 85f28144f36b1487366f654f4f800830
2. PostCalendar 4.0.1 fixed files only (.zip format)
http://noc.postnuke.com/download.php/244/postcalendar-4.0.1-fixpackage.zip
MD5 checksum: 4b5fd57053c8577eeefef50cd1d19279

ADDITIONAL INSTRUCTIONS
Just replace the files contained in this patch into your PostCalendar directory to have your PC patched. Remember that a backup/dump is always a good idea prior to any update.

CREDITS
This exploit has been originally found by Klavs Klavsen and the Security Forum Denmark (sikkerhedsforum.dk) and has been reported

Generated on January 6, 2004.

Web Accessibility - An introduction   (News)

Accessibility - In General
According to the German federal law on equality of treatment of handicapped
persons (BGG §4) ", constructions, means of transportation, technical
commodities, systems of information processing, accustic and
visual sources of information and communicative systems are accessible when they
are accessible and usable for handicapped persons unaidedly, in the usual way
and without special difficulty."
Basically, accessible web pages aren't only accessible for the average user
at his desktop pc with the latest browsers. Web-accessibility is not only considerate
of the various utilities that handicapped persons use to perceive a web page,
but also of users with older browser versions or with special access hardware.
Some figures to give an idea of the size of this group (statistics from Germany):

10% of the male population is color-blind. Web pages with low contrasts
(eg. black fonts on dark-blue background) is for them practically unreadable.
"Press the green button to verify" is meaningless to them.
5% of the population is blind or visually handicapped. They use special utilities
and hardware like Braille-displays or screenreaders.
11% of the population is older than 65.
5% of internet users don't use Windows, but MacOS, Linux, PDAs or cellphones.
Numerous sites, especially large ones, still have up to 20% users visiting them through 4th generation Netscape
browsers.

If you don't only aim at gamer kiddies with 19" displays, you should start
thinking about whom you exclude with your killer design. A blind person for example,
who cannot use a company`s internet pages, will choose another vendor. But what
can a blind person do when his registration office's internet site is not accessible?

 
The Legal Side
Since May 1st, 2002, the ordinance for accessible information technology
(BITV) became effective. All federal institutions are obliged to make their internet
sites accessible - in the sense of the word used in this article. Governments are called to work out
similar state laws which oblige state and municipal institutions to follow accessibility guidelines.
BGG and BITV are based on the EU action plan "eEurope 2002", initiated
in 1999 and finalised in 2000 by the European Council. eEurope aims at 3 main goals:

A cheaper, faster and more secure internet
Advancement of internet use
Investment into persons and abilities

The latter comprises the participation in information technology of as big
parts of the population as possible. Summarised under the term "eAccessibility",
access to eCommerce, eGovernment and so on is to be made possible. This was to be
implemented with the adoption of the Web
Accessability Initative's guidelines.
 
Guidelines for Practical Use
Already in 1999 the World Wide Web Consortium (W3C) released the Web
Content Accessibility Guidelines 1.0 and made it quasi-standard for accessible
internet design. Since then many of the rules have proved too restrictive,
irrelevant, incomprehensible or simply not representative of the state of technology
anymore. Some of them even turned out to be not internationally applicable.
For these reasons a version 2.0 is in the making. Since v. 2.0 is still in development, this
text will only relate to WCAG 1.
The Web Content Accessibility Guidelines 1 are split up into 3 priorities:
Priority 1: A Web content developer must
satisfy this checkpoint
Priority 2: A Web content developer should
satisfy this checkpoint
Priority 3: A Web content developer may satisfy
this checkpoint
If you violate a regulation of priority 1, many people will be excluded. A violation
of priority 3 regulations excludes only few. There are 14 main regulations, with
the priorities attached to all of their subcategories:

1. Provide equivalent alternatives to auditory and visual content.
2. Do not rely on color alone.
3. Use markup and style sheets, and do so properly.
4. Clarify natural language usage.
5. Create tables that transform gracefully.
6. Ensure that pages featuring new technologies transform gracefully.
7. Ensure user control of time-sensitive content changes.
8. Ensure direct accessibility of embedded user interfaces.
9. Design for device-independence.
10. Use interim solutions.
11. Use W3C technologies and guidelines.
12. Provide context and orientation information.
13. Provide clear navigation mechanisms.
14. Ensure that documents are clear and simple.

There is also a W3C-list of suggested Techniques
for Web Content Accessibility Guidelines 1.0.
 
Testing Accessability
Several tools exist for testing the accessibility of your website:
http://www.w3.org/WAI/WCAG1AAA-Conformance
http://bobby.cast.org/
http://www.cynthiasays.com/
As a result you receive 3 levels of conformance:
Conformance Level "A": All Priority 1 checkpoints
are satisfied
Conformance Level "Double-A": All Priority 1 and
2 checkpoints are satisfied
Conformance Level "Triple-A": All Priority 1, 2,
and 3 checkpoints are satisfied
Internet sites of German federal instititions have to fullfil Double-A conformance.
Recommended is Triple-A.
 
Not only for handicapped persons
A main problem with accessibilty is that a web site must cater to the needs of two different interest groups: On the one
hand, handicapped persons that already have to use the latest browser version
in cooperation with their hardware and utilities, and on the other hand, users
with old browsers.
This problem is however a perfect focus area for the idea behind CMS-es: The separation
of content and layout. It becomes possible to detect the user browser client, and in a manageable way offer
a classical HTML 3.0 page or a modern HTML 4.01 page, with the same content.
Practically speaking, modern web design means above all to do without tables for layout
use. Tables have always been a crutch when it comes to creating layout, and more so today than ever.
Modern layout is created via CSS. A nice example of how accessible
design can be created can be found at http://www.inknoise.com/experimental/layoutomatic.php.
This also shows that accessible web sites do not have to be plain text.
Tables should only be used the way they were originally intended: For example
as an address table with columns and rows, column heads and so on. Used this way, also
the tools of blind persons can make sense of them.
 
Accessibility and Postnuke
Making a Postnuke site accessible is practically impossible: While themes can
easily be created with CSS, you will fail at the modules, which excessively
use hardcoded tables. Not until the introduction of the Xanthia Templating Engine
in Postnuke 0.8 will it be possible to make your site accessible for everyone.
Then you can start developing accessible templates for all API-compliant modules,
something which is currently possible only with third-party modules that use smarty, like
PostCalendar or pnCommerce.
Until then the possibilities are limited when it comes to making at least some of your content
accessible: The AvantGo module - originally designed to make the News accessible
for PDAs - can also be used for accessibility. There seems to be an extended
version of the Avantgo named Extravantgo, but during my researches the download
page was inaccessible ;-)
German version of this article: post-nuke.net

Generated on October 8, 2003.

Interview: Sebastian Schürmann   (News)

What module(s) are you working on?

pnCommerce - online shop
pnunit/"Icarus Syndrome" - unit tester
CalZone Calendar
pnGalaxia - workflow engine (new for fall/winter)

Where do you live?

Munich, Germany - The world capital of beer.

What is your real-life job?

What is the real-life? I took the red pill and I entered the wrong door. No seriously, I make my money with the development of websites and dynamic web apps. together with Klaus Lamberty from mediagourmet.de. Nothing very uncommon ;-)

Tell me about your postnuke "career".

A 24 hrs deadline for evaluation & implementation of a website and Postnuke could did it; this was Spring 2002. The Rest is History until now, a good history as far as i can see.

I prefer it because it worked that day and it still does. Its documented ;-) Now were using it for most customer projects.

When did you start working on your own module?

Spring 2002, developing of a mass customization application for http://www.eckerl.de to make website customer able to configure individual sunblinds. The interesting thing is that pncommerce takes a direction where such a effort can be integrated in the shop.

What is your development like? Do other people help you? How do you work together? How big is the impact of the community on your development?

Depends, some things are underdeveloped ideas, others like pncommerce are more real modules.

pncommerce (Onlineshop)
To take pncommerce as a example its just the direct combination of contract work and OS development. And i see my self here in the position to help people a bit instead of people helping me. So my position in the quality assurance is a nice choice The unit tester is a direct result of this work and will be used soon. more infos see the pncommerce interview from the pncommerce team

CalZone: (Calendar)
I was unsatisfied with PostCalendar beginning of this year and i started using the CalZone module . I found the authors site Closed and got the files in the end from a Italian webpage (thanks so far). I left it unpublished because there seems to be noone interested. Additionally I don't see much sense in costing people more time because they have to test 2 or 3 Calendars to find the one with less bugs. Through the fact that we already refactored it for Smarty it was a nice learning by doing example, but the point that PostCalendar has most of my features (but better) keeps me away from releasing that code.

Sebastian told me that CalZone is not really ready for release, but that everyone who needs it could get it via email. It can be see at www.keller-club.info

pnUnit: (unit Testing)
Just One year Ago i heard the first time of extreme programming and test first development. The chance to get this technique into postnuke was fascinating and seemed to be a chance to reduce debugging times. The nice module API design from postnuke seemed to fit into that concept and i took a first try with PHPUnit from the pear repository.

A second try (called "The Icarus Syndrome") is close to be finished and published, now using the simpletest classes and a selfmade pnAPIwrapper object. The work which is still left is just to write a bunch of tests for the postnuke core distribution, so that a practical approach can be taken. Additionally I am using just a subset of the functions av. because my own knowledge is limited here. But test first design is addictive.

pnGalaxia (Workflow Engine)
As more I started hacking modules the topic workflow got into the spotlight of requirements. The WFMC documents describing a workflow-engine gave me a direction to think, the implementation into tikiwiki Groupware as Galaxia Workflowengine is the source of code. Its still aanalytical work, but with the deeper look into smarty which is used by tikiwiki to, makes a integration possible. One person joined me here. I think when the fall & winter will bring more results than screenshots ;). The Galaxia concept fits into postnuke which has all needed elements, and waits to be ported. Anybody who likes to help is welcome here. As soon as a working candidate can be presented it can be used by the Postnuke Team for evaluation.

The other (dark?) side:
I am using Postnuke for most customer Projects (we all must eat) but I try to publish the small and bigger working results of my daily jobs. The goal is a double usage of the work.
The Project complexity grows steady, so i am happy to do this projects with a group of people.

What is the biggest difficulty in your development? And why? Is it a Postnuke inherent problem?

My Own Bugs. Nothing is as unlimited as my own st.... G***: has nothing tondo with pn.

Missing Smarty implementation.
Really we have no direction (@pncommerce) what will be implemented how and why into postnuke. As I have seen in the pncommerce developer meeting. I think a simplification of the the application design could be achieved with Smarty. But as more people experiment with this technique, as more different implementations are done.

Missing exceptions.
An important way to control the program flow. But i don't feel that registering a session var is a good way to cope with this problems. Finish the announced pn API Functions, please ASAP ;)

Project external Communication & Guidance
Postnuke is on the border to a next level with .8. Much things could be done. But if Postnuke expects people to invest more time in more serious projects, id request more guidance. Timelines would be one thing id appreciate very much. Even the Xanthia port is undercommunicated. I know that management is a bad word in OS Projects: but 120 people in the
project need more guidance and people who do communications for them. The criticism on personalities helps the product in no way. We all must understand that. ;)


What features should the Postnuke .8 core have to simplify your work?

1. Exceptions, again
2. Postnuke wrapper Object for easier integration of OO Frameworks

Which route will Postnuke in your opinion go in the future?

I don't know, I'll follow the path as long as Postnuke isn't a limitation to my work. The way to a "Product" with a promoted name could be a good way.


Anything else you always wanted to say about Postnuke/your module?

1. Where is the Postnuke Europe developer meeting ?
2. Work together (!!!) please, accept that other peoples are eventually have other cultures because they simply live in other timezones and parts of the world. Integrate & communicate ! ;)
3. Love and Light ;-)

Generated on September 12, 2003.

Page 1 / 2 (1 - 10 of 18 Total)