Site Blog

One of the more flexible aspects of e107 are themes, the Theme Manager of e107 V2 pre-release demonstrates more user control over layouts and styles while theme.xml allows theme creators to "preset" pages and preferred menu assignments, suggest plugins to install and recreate the layouts as they were originally designed. If that's not enough, most of that provides the ability for administrators to make on-the-fly changes at the push of a button.

Where prior versions of e107 themes use CUSTOMHEADER and CUSTOMFOOTER to apply layouts to CUSTOMPAGES, Version 2 introduces a new theme file, theme.xml, which allows the theme designer to assign pages to layouts but gives Theme Manager the ability to change those pages to different layouts or add pages to others. In theory, a site owner with a 10 page website could create an e107 theme with 10 layouts named One thru Ten and never show their visitors the same layout or graphics twice. Other related information that a designer can suggest through theme.xml are to allow administrators to install plugins that are currently available in the plugins folder and menu activations per layout so that a new site can be installed and easily matched to the preview image. "Use Preset" buttons are accessible through Menu Manager as well.

Theme Manager itself has evolved into a multi page design separating the front-end and administration themes. For front end themes with multiple layouts, the site owner can select the layout that should be used by default for unspecified pages and any other layouts can accept the input of specific page names, or patterns, with the same effect as naming pages in CUSTOMPAGES of theme.php. Themes with multiple stylesheets will have them displayed and available to select as the default front-end stylesheet.

Older and custom themes can still be used though some may need modifications to function properly. Many fancy features of premium themes also require that those plugins or functions to be installed but V2 pre-release is not different from the current version in this respect. For those interested in the overall development of the latest version of e107, developers are hard at work and uploading SVN updates when they are available, please check the V2 changelog for more details.

Since the release of v1.0 of the e107 website content management system I have been appointed as the dedicated Translation Team Leader. We have done very well, and I would like to say 'Thank you!'.

We have established an amazing growth from 12 language packs in the 0.7.x era to 23 language packs in v1.0.0. My personal motivation is: the more translations we have, the bigger possible audience for e107 we might attract! And so far it has been very rewarding for e107.

Also I try to reach as close to 100% perfection as possible for all language packs, in order to assure the quality is also good for users working in foreign languages. That means there is close and intensive communication necessary with the official e107 translators. We discuss missing language items, language interpretations, features, bugs etc. Currently I'm still awaiting final contributions of Latvian and Norwegian, I hope we can also add these to the list on short notice. Of course we want to grow further, so we have set our goals to also have Korean and Japanese as supported languages. We are still looking for official e107 translators for these languages. These and more jobs can be found at the e107.org jobs section.

You can read the latest published news article about our language growth here: http://e107.org/news.php?extend.886

In short, the list of e107 translation packages has doubled and is still growing. We would like to express our gratitude to our loyal members making this all possible, and a special thanks for all the efforts made by our expanding translation team. It's an excellent example of the potential of the community at the e107 website content management system.

EDIT: Norwegian language pack has been posted March 19, 2012.

As many of you would have noticed, there's been some major (over-due) changes around here.
We are very happy to finally reward the community with a new website design and a new logo.

The new logo retains some of the elements of the 'old cube' which we made-do with for many years, while adding some new elements.
It will be different for everyone, but personally, I like the 'expansion' aspect that it portrays - which I believe is fitting for the e107 CMS. There is another aspect which I find interesting in the logo, and that is that if you take each curved element, or combine, rotate some of them, etc. you could actually make something which resembles 'e107'. Maybe one day we'll animate this, because I'm sure I'm not explaining it very well. Comment to let me know if you see it.

As you will have noticed, we have also changed our version numbering. Some believed e107 was still in beta, due to the '0.7.x' format, and for some time we have planned to change this (when the time was right), as e107 is certainly mature and stable enough to be a 'v1.0'. Consequently, what was known as v0.8, will now be known as v2.0, and yes, we do still have plans to release that soon.

In version 1.0 of e107 we have introduced a new theme called 'core' which will be the default for new installations, and retired 'reline'.
"Core" also includes a reworked admin-theme, which takes a little getting used to (for those who were using Jayya) but we have grown to prefer it's layout and navigation, and we hope you do too.

The installation routine of e107 has also been reworked inside and out. (thanks to Daniel)


We hope you like the new design of e107.org. It actually combines content of what was previously four separate sites: e107.org, plugins.e107.org, themes.e107.org and e107coders.org.
Yes, I have finally retired the old e107coders.org site, which will be left online for legacy value (forums etc). There simply weren't enough hours in the day to maintain that old site, and for some years now I have dreamed of having everything combined together on e107.org as your see it now. As well as the plugins which were at plugins.e107.org - all the 0.7 plugins from e107coders.org have been imported also (about 350 of them - with dupes removed) as well as over 100,000 user accounts. (doing our best to avoid duplicates there too). So, if you had an account over there, you now have one here.

So many changes have been made, I'm sure I've missed something. But I'd like to close here in saying that all the many changes you observe before you now would not have been possible without the hard work and dedication of our development and design team. In particular, Miro, Stoev, Deso, Vesko and our new junior developer Daniel.

Thank you guys - you're all geniuses in your fields!

Anyway, here's to a great 2012 ahead for e107 and it's community.

Cheers!

Development of PHP scripts without a preconceived plan to manage them is asking for a headache. The goal of a framework is to make the process of writing web-based applications simpler. Due to e107 popularity, things got a bit out of hand during the development. It is time to iron some things out that slipped in during these past years. Currently the e107 devs just 'make things work' and 'make things a bit more secure', but old legacy code is still there and it's procrastinating security and performance improvements. The e107 devs see a need to get rid of old procedural code and provide permanent solutions for the e107 system.

An application designed around MVC is easier to manage because it is split into tiers, which allow for independent development. This promotes code re-usability by building models, which are reusable throughout the application. That is why we would like to embrace MVC and single entry point (Front Controller) in the e107 0.8 version.

What is MVC?

Model-View-Controller (MVC) is a software architecture, currently considered an architectural pattern used in software engineering. The pattern isolates "domain logic" (the application logic for the user) from input and presentation (GUI), permitting independent development, testing and maintenance of each.

MVC is often seen in web applications where the view is the HTML or XHTML generated by the app. The history of e107 was working with classes, but not really in an MVC efficient way. Working with MVC will bring better OOP (object oriented programming) standards closer.

What's in it for you?

Applying MVC will bring you more security enhancement (possible 'sandbox-ed' environment, possibilities to implement security mechanisms on different application layers/request stages, etc).
Please note that the code producing will not take so much time. The time consuming process is the design and analysis - the code preparation phase to implement all this.

To summarize all benefits for you: a better, safer and much more flexible CMS platform, that will provide plugin writers to integrate even better in e107, with an architecture ready for future developments. The catch? Well, it might take a while; but that's an old story.

Relevant links

http://en.wikipedia.org/wiki/Model-view-controller
http://www.phpro.org/tutorials/Model-View-Controller-MVC.html
http://www.mustap.com/phpzone_post_73_top-10-php-mvc-frameworks

Plugins can now contribute email addresses to the bulk mailout facility.

A typical example is a name and address list (separate from your list of site members).

For coders, this is achieved by adding an e_mailout.php file to your plugin directory. There are examples in the event calendar directory (which is probably about as simple as you can get, and not very useful!), and the newsletter directory. The core mailout selector is also a pseudo-plugin file in the same format, and is in e107_handlers/mailout_class.php - this is a good example of a more complex file.

For users, you can configure which plugins are active - this helps keep screen complexity down. So if you don't normally want to mail your subscribers to events, just untick the box on the mailout options page.

One mostly for coders, here - and unlikely to be used frequently, if at all.

Although the log display normally shows times to the nearest second, all the system logs (admin, user, rolling) in fact store times to a greater accuracy. This will depend on the server, but at least 10-20ms resolution is likely, and microsecond resolution may be available.

The 'detailed' display option on the system logs display combines entries on all three logs, and displays time as accurately as possible. This allows you to see the precise sequence of events, and also exactly how long certain operations take.

Not sure how useful this is going to be, but if it wasn't there, we'd never know!

Mostly a tool for coders, this one. Its a separate log intended for events where you don't need a permanent record. So you can add debugging entries which write to the rolling log, for example - useful for those situations where echoing variables to the web page would cause problems.

Some anomalies detected by the core code also write to the rolling log - for example, combinations of values which shouldn't occur (and might therefore indicate a hacking attempt).

The rolling log can be enabled on the options page of the System Logs - and you can determine how long events are kept for. I find 7 days to be a good value to use - events are auto-deleted after this time, so your log won't grow for ever.

Banning users becomes quite popular sometimes. Especially on e107 websites that have a massive community, the chance on abuse is luring and inevitable. The v0.7 ways on banning were sufficient, but the devs recognized some improvements should be part of v0.8.

It is possible to create 'Ban Types'. Each Ban Type can contain an optional message that will be displayed to the banned user. Besides that it is possible to make 'internal' notes; that won't be displayed to the banned ones. Visitors can be banned on IP address, Reverse DNS, email or host address. Wild cards can be defined for any of these as well. To ban a user by user name, one can go to the users admin page. New functionality for a temporary ban has been introduced. Each Ban Type can be bound to an exclusion period, which can be set in hours, days, weeks or (of course) indefinite.

Besides the blacklist method it is also possible to white-list visitors; by doing so you can prevent certain users from being excluded to access of your website. White-listing is possible on IP address or e-mail address which are explicitly permitted.
The whitelist takes priority over the ban list - it should not be possible for an address from this list to be banned. All addresses must be manually entered. Of course a certain responsibility comes with this administrative function. It should be handled with extreme caution.

Furthermore in e107 0.8 the banlist has been extended with an interface for banlist import/export. It should become more easy to import existing banlists into your specific (starting) e107 environment. This opens the possibility for sharing community banlists, copying banlists between your sites, etc. All in all the new banlist provides some nifty features to even better protect your e107 website.

Just a quickie to start off the New Year.

You now have more choice as to how your users log in. Depending on how you set the options, they can now specify either user name or email address in the login box (how many of your users just assume the site'll accept an email address there?)

The alt_auth plugin is almost invariably the solution when you want to add users to your site by validating them against some other database. In 0.8 its had a major facelift, although some features will still be recognisable to those using the 0.7 version.

You can still validate users against various sources, including LDAP, Active Directory, eDirectory, and an alternative database - no change there, except that there are now separate menus for e107 databases and other databases.

There are two new authentication methods. The first is fairly straightforward - Radius authentication. This requires PHP's Radius extension to be loaded.

The second method is perhaps a little more difficult to follow, since it is used only when you have imported your users into the local e107 database from a 'foreign' system. The problem with importing users is often that the other system uses a different method of 'hiding' passwords - e107 uses MD5 encoding by default, some systems use SHA-1, and others use a variety of 'salted' encodings (see an earlier post for a description for this). A few systems even store passwords 'in the clear' - a jolly good reason for changing. Alt_auth can now check these passwords using a specified alternate encoding, and once validated converts them to the e107 standard. The support for other password encodings is also available when accessing external databases.

Historically alt_auth was intended to be used as a slave - the other system was the 'master' and you couldn't edit certain things (in particular, passwords) on the e107 system. You now have an option to set e107 as the 'master' system - so once a user has validated once against the other system, its not needed any more (for that particular user). That user can change things as normal on the e107, and doesn't care about the foreign system. Think of it as a pre-authorised list of potential users. New users can also sign up as normal, so potentially very flexible.

The other main addition is the ability to copy user information from the 'foreign' database into the e107 user record - both 'core' and extended user fields can be copied, and there are some conversion options which could fairly readily be extended.

Finally, setting up the connection has become easier - at the bottom of each method's setup page is a test area, where you can attempt to log on to the foreign system with a user name and password of your choice. The test feature returns a pass/fail indication, and on a successful test also shows the data which would be used to update the user information. So you can check out your settings without enabling alt_auth.

In conclusion, its not easy to test this kind of thing (and bits aren't fully tested yet); thanks to Father Barry and Cameron K for their help.