Content Management Systems

[altivo]

So now I have better access to the AlphaServer DS10 at work. It seems that the library directors were quite serious when they "gave" it to me. I've tried to volunteer it for a couple of projects but to no avail. For the moment it's up and running but the only work it has is SETI@Home. That's an interesting use, but I'd like to do more with it. I mentioned yesterday that I finally put a video card into it (it had none, since it was set up as a rack mounted server) so now I have direct keyboard and display access. Xwindows is working fine. It has Apache and Postgres up and running, and I'm thinking of doing a demo website project to show the libraries what we could be doing. Today I made a tiny hole in the library firewall to allow web connections to the DS10 from the outside, and I just checked now to make sure it actually worked. It does. I took some precautions already to wall the machine off from the rest of the library network, but I probably should lock it down more if I do much with this idea.

The libraries have engaged in a lot of buzz-word talk about library blogs and RSS and so forth, but I think without any real comprehension of what such things are, much less what they can (or can't) do. Suppose, for instance, that we offered on-line book discussion groups? Or gave people the ability to review and recommend things to one another? I realize this would mean that someone has to monitor the content, but it might be an interesting thing to try. I've been looking at various content management systems, like Mambo or Joomla, or maybe a wiki-based system though I think most of those are probably too intense for our average user to grasp the mechanics. SMF (Simple Machines Forum) is another possibility, and a BBS-like setting like that might attract some of the teens we have who are avidly devouring Japanese manga but not much else.

Anyone have experiences or recommendations to share? Are these management systems for user-contributed content stable and secure enough to actually use in a public environment rather than just an intranet?

As if that weren't enough, I'm also wrestling with the production library system to try to implement a better acquisitions procedure. We've been doing all our order tracking and processing for books and periodicals outside the catalog system, even though it has facilities that we could use for these purposes. We'd have to pay extra to use the accounting portion, but the simple tracking of what's been ordered from whom, when, and whether it has been received is included in what we're already entitled to use. So far we haven't used any of that capability because staff thought it would be "too hard" to do. So I've set out to prove that it's not any harder than what we do now, and that it has specific advantages. Talk about voluntary masochism. But I think it would make some of my job easier in the end if I get this changed over...

Comments

[duncandahusky.livejournal.com]

Speaking as a non-programmer, I can say that Mambo can do some neat stuff (that what the MFF Registration system runs under), but if I understand correctly it's lagging on the development curve. I know that rustitobuck and giza are Drupal evangelists (the latter runs the Anthrocon site with Drupal). Both the michiganfurs.com and Midwest FurFest forums run SimpleMachines, and having administered the MFF Forums for about a year now I can say that it has a lot of nice features, is easily skinnable, and is very easy to use.

[altivo.livejournal.com]

I've seen Simple Machines running at Furrag.com and like it there. Alex had repeated security issues with phpbb and they seem to have all gone away since he switched.

Drupal is on my list of possibilities as well. While I am a programmer in the old sense of the word, and can write solid code in several languages, that hardly applies in these days of threaded interpreted object-oriented gobbledy gook. Most of it looks like write-only code that can never be maintained from my perspective.

The fact that this is an Alpha CPU but the site might later need to be ported to something else definitely means I want a platform that is hardware-independent.

[duskwuff.livejournal.com]

Most web stuff nowadays is entirely hardware independent, as a result of being written in an interpreted language (PHP, Perl, Python, Ruby…). If it runs on an Alpha, it'll run on anything.

[altivo.livejournal.com]

Yep, I'm aware of that. Just uncomfortable with most of those languages.

[duskwuff.livejournal.com]

Python is worth picking up. Massively useful for generic system-maintenance stuff (it's the new Perl).

Also, if you know Perl already, PHP is extremely similar.

[altivo.livejournal.com]

I know some perl, I've used it on and off for various purposes. I've just grown sour on new languages. It seems fifty are being invented every year, and forty eight of those will be dead in two years, leaving behind reams of useless documentation and a lot of dead code. So... I'm never in a hurry to adopt new languages.

My experience with stuff written in php is that it always seems to have dreadful security issues.

You can probably tell that as a computer professional I wrote in machine assembly language: System 370, Z-80, 8080, and VAX.

[duskwuff.livejournal.com]

Well, Python's not quite brand new... it's nearly old enough to vote (Python 0.9 was released in 1991). So it's got some decent staying power, at least.

[altivo.livejournal.com]

But it qualifies as a write only language in my opinion. ;p

[duskwuff.livejournal.com]

Oh, come now. It's not that bad at all. Here's a snippet that I wrote last night:

def auth(address):
    for line in file("relay.acl"):
        if address.startswith(line.strip()):
            return True
    return False

[hrrunka]

I picked Joomla for my astronomical society's new website. Joomla's a fork off Mambo, and as sometimes happens, the development enthusiasm seems to have gone with the fork.

The society's forum was running under phpBB2, and we were having terrible trouble with spammers trying to join. After switching to SMF the level of spammer-joining dropped dramatically even though the URL remained the same.

[altivo.livejournal.com]

Would you mind letting me have the URL for your site? I'm interested in what can be done with Joomla. I looked at it once before, but couldn't find intelligible instructions for customizing it. Hopefully it's better now.

I think Joomla wants MySQL, and my Alphas have Postgres running instead, so I'd have to look into swapping that out.

SMF does seem much more secure against spammers and hackers for the moment. I had thought it was php that was the weakness, but apparently not. I wonder though if it's just that phpBB is so widespread that more attacks have been scripted, just as Windows gets far more attackers than Linux does.

[hrrunka]

Start from http://www.orpington-astronomy.org.uk and follow links from there to the forum and gallery.

You could be right about the database question... :/

Yes, phpBB is so widely used that it makes an easy (and easily findable) target. I suspect at least some of SMF's spammer-proof-ness is born of obscurity. It's also possible that recent versions of phpBB have addressed the problem, so that recent versions are less prone...

[altivo.livejournal.com]

I think Joomla can be adapted to use another database, but that involves even more customization and you'd have to reapply the changes every time they upgrade.

I'm also looking at Drupal.

Thanks for the link, I'll check it out.