Potential new CMSMS user

[DA]

Hi one and all ,

This may seem like a ramble , but it is not .

By way of a little explanation first . Being very new to CMS and also CMSMS , but not new to computers , been with them for many years , but in a totaly different area . Myself and a couple of other blokes have been talking for some time about doing an information site , but as usual our HTML , Java , etc , etc , is dismal to say the least , so I was elected to go in search for some thing that would allow us to put up a site , reasonably easily . Why we are doing this , with our workload , we are either mad , or stupid , what ever , but we are going to do it .
Now after three weeks of researching and reading myself into a cirlce , now totaly confused , and mind in a spin . I settled on two CMS's , CMSMS , and Joomla . As for the paid for packages , phew , I thought that M$ was bad enough .

I tried CMSMS 0.13 , and Joomla 1.0.10 .

With CMSMS , I liked its simplicity , but with function , I rather liked its permission setup for users . I lean toward the open ended system of , take a user , assign them their permissions , what they can do and not do , and away we go , even to the point of no grouping . I will be the administrator in our little group . As for the design and content inserting , etc , that is for the others to comment on .

Now with Joomla , for me anyway , their permission set up , without putting another module in there is rather poor . The other thing with Joomla was that I did not feel comfortable with it , bearing in mind that I am new to this , but had a better ' feeling ' with CMSMS . Call me nuts if you wish .
My main concern with Joomla is its security issues , yes I know too well , all things have security issues . But you go to their forum and the security forum is the biggest ( just kidding ) , but it is a rather large forum . Yes I also know that Joomla itself is good , and good code , but the issue is with the ' add-ons ' , writen by other people . To my mind they need to implement some sort of approval system , before they can be posted on the site , instead of user beware . It also seems that Joomla is being targeted by these ' Hackers '.

Question 1: How does CMSMS deal with this issue ? , are the addons approved or not , or is it a case of user beware here also . If that is the case , how come there is not a huge security forum here , actualy , I find very little to do with security here , compared to there .

Question 2: Instalation of CMSMS . I read some where in my researching , that install the CMS into its own folder with a HTML index page to redirect to that folder , for the index.php file , this is supposed to be for added security , true or false ? , but to my mind to do this , all your file pointers would be totaly out of whack , and would constitute a hell of a lot of work to re-alighn every thing .
Also on the intalation , is it better to unzip on the site , or unzip on your computer and upload via FTP ? . The reason I ask this is because when I uploded CMSMS to the site , for the life of me , I could not get 'thumbs 'in images to upload , tried many times , always errored out .

Question 3: Is it safe enough to start using CMSMS version 1.0 beta2 now , or is it still a little too unstable ? . I would prefer to start using the later version , rather than have to try and patch later on .

As I said before , our site will be an info site , but with public interaction , as in , forum , possible blog , news letters , have a page where they can put content on , etc , etc .

Thank you for your time , and if you can answer the questions for me , many thanks .

Have a good day

DA

[NickR]

Hi one and all ,

This may seem like a ramble , but it is not .

By way of a little explanation first . Being very new to CMS and also CMSMS , but not new to computers , been with them for many years , but in a totaly different area . Myself and a couple of other blokes have been talking for some time about doing an information site , but as usual our HTML , Java , etc , etc , is dismal to say the least , so I was elected to go in search for some thing that would allow us to put up a site , reasonably easily . Why we are doing this , with our workload , we are either mad , or stupid , what ever , but we are going to do it .
Now after three weeks of researching and reading myself into a cirlce , now totaly confused , and mind in a spin . I settled on two CMS's , CMSMS , and Joomla . As for the paid for packages , phew , I thought that M$ was bad enough .

Haha true, have a look at http://www.opensourcecms.com if you have not. What you have to do is make a list of features you want and mark the ones that are important and the ones that are nice to have and go through each one. I went through the whole lot of demos (partly out of my interest in this subject) and found lots were lacking in one area or another.

Now with Joomla , for me anyway , their permission set up , without putting another module in there is rather poor . The other thing with Joomla was that I did not feel comfortable with it , bearing in mind that I am new to this , but had a better ' feeling ' with CMSMS . Call me nuts if you wish .

Joomla to me just seems a bit clunky and bolted together, I think it shows its old age now against newer CMSs.

My main concern with Joomla is its security issues , yes I know too well , all things have security issues . But you go to their forum and the security forum is the biggest ( just kidding ) , but it is a rather large forum . Yes I also know that Joomla itself is good , and good code , but the issue is with the ' add-ons ' , writen by other people . To my mind they need to implement some sort of approval system , before they can be posted on the site , instead of user beware . It also seems that Joomla is being targeted by these ' Hackers '.

I share my friends server and he runs 2 Joomla installs (infact one was mambo before Joomla started up) and never had any security problems.  Joomla is very popular and because of this it attracts the attention of hackers (like Windows does).

Question 1: How does CMSMS deal with this issue ? , are the addons approved or not , or is it a case of user beware here also . If that is the case , how come there is not a huge security forum here , actualy , I find very little to do with security here , compared to there .

The code for CMSMS is very well written. Ted puts objects and classes to great use and a good solid API that means that everything is tightly controlled by the core object (because all functionality is inherited rather than bolted on) and means that any modules that are developed (core or 3rd party) cannot by pass (intentionally or mistake) the core system (that is security, data access, page generation, templates etc), they will simply just error.
This is one of the great benifits of object oriented coding, you basically make it compulsory for code to use your main system objects, there is no way to bypass it - you have to write good correct code or it does'nt run and errors, where as with functional programming, the only way to enforce the use of your core functions is by ensuring good standard of programming from the developers (ie not in code as with OO programming), they can write code that works by bypassing the core functions or not using them correctly, which is where security issues arise.

Question 2: Instalation of CMSMS . I read some where in my researching , that install the CMS into its own folder with a HTML index page to redirect to that folder , for the index.php file , this is supposed to be for added security , true or false ? , but to my mind to do this , all your file pointers would be totaly out of whack , and would constitute a hell of a lot of work to re-alighn every thing .
Also on the intalation , is it better to unzip on the site , or unzip on your computer and upload via FTP ? . The reason I ask this is because when I uploded CMSMS to the site , for the life of me , I could not get 'thumbs 'in images to upload , tried many times , always errored out .

Nope, the main index.php sits in your site root. The 'thumbs' is that the file in windows ? Could be the server you are ftping upto blocking the file, CMSMS cant make any use of this file AFAIK.

Question 3: Is it safe enough to start using CMSMS version 1.0 beta2 now , or is it still a little too unstable ? . I would prefer to start using the later version , rather than have to try and patch later on .

Depends how long you have to get a site up and running.
If you have only a few days, IMHO stick with 0.13, but if like me you have a fair few weeks and no strict deadline, then 1.0 betas are stable enough to learn and put together a CMSMS site.

Hope I have helped.

Nick

PS - Im a relativly new user to CMSMS (but been in the CMS field for years and a programmer for many years), so not an expert on CMSMS.

[DA]

Hi Nick , nice to meet you .

Thanks for the reply . Unlike you I went the other way with computers , systems , networking , net work security type stuff , I was happier draging cable about , building machines and so on , but now I am so much older ( smile ) , but not wiser , the young blokes do the dragging now . I still do some special building , but mostly security stuff now , maybe you could say I have semi-retired from that hard yakka stuff . Anyway , I digress .

Yep , had a look at http://www.opensourcecms.com , and came back to CMSMS and Joomla . I did not try them all , only a few , read the write up on them though and went from there .

I thought I read some where that Joomler is a NEW spinoff of Mambo ? , so I would not have thought that it was old . But anyway , I agree it was clunky and does not have a good feel , for me anyway .

You have answered one of my most greatest fears was the security issue , by explaining how CMSMS and Joomla differ in their coding . So by CMSMS coding the way they do , it basically insures the integrity of the addons , as against the way Joomla does it . Well as much as they can ensure anyway .

Yes I realise that the index.php is usualy in the site directory , but this bloke on the forum said he had Joomla in its own folder , with a index.html re-directing to the index.php . Now I do not remember if the index.php was still in the root directory , or in the folder with Joomla . But I have also lost track of the thread for that post , damn . It was stated that he did it this way for extra security .

The thumbs I am talking about is the thumbs.db file in the images/cms . I can not for the life of me get it to upload , it uploads about 20% of it , and then errors . I think it is for some of the icons , because when it is installed , some of the icons are blank , just a square box . This is in CMSMS version 0.13 . All else is no problem at all , this is why I asked to maybe extract it onsite . This is also why I askes about the latest beta version , I was hoping that it was good enough to start with . But if not , then we will have to go with the 0.13 version , but we are behind time now .

Thanks heaps for your help Nick . We will go with CMSMS .

Have a good day

Richard

[Dr.CSS]

Hi DA

Welcome to CMSMS, as for the thumbs.db this may be a file that ,if you are using it, windows made, it does that with all images, not sure it is needed for CMSMS as it keeps all of it's information in it's own Data Base.

[DA]

Hi Mark ,

Thanks for the welcome .

This file after extraction is in the images/cms folder . I use Cute FTP 7 , but the only way I could get it up there was with web shell , and it is called thumbs.db . It is a 46.0k file , so it must have some stuff in it .

DA

[Greg]

thumbs.db is not needed by CMSMS. thumbs.db is a windows file to store info when you view a folder as thumbnails.

Thumbs.db is Microsoft's way of caching thumbnail images of any image or movie file in a folder. The idea behind creating a thumbnail cache is to improve the speed of displaying thumbnails the next time you open the folder by caching a set of thumbnails for the image and video files in the folder. If you hadn't seen this file in your folders previously it's likely you didn't have Show hidden files and folders enabled. Deleting the Thumbs.db file simply deletes that cache, which is regenerated the next time you view the folder contents. It is possible to configure Windows to never cache thumbnails.

[Elijah Lofgren]

The thumbs I am talking about is the thumbs.db file in the images/cms . I can not for the life of me get it to upload , it uploads about 20% of it , and then errors . I think it is for some of the icons , because when it is installed , some of the icons are blank , just a square box . This is in CMSMS version 0.13 . All else is no problem at all , this is why I asked to maybe extract it onsite . This is also why I askes about the latest beta version , I was hoping that it was good enough to start with . But if not , then we will have to go with the 0.13 version , but we are behind time now .

As others have said, just ignore the thumbs.db file, Windows created it and it's not needed by CMSMS. 
The problem of missing icons was a bug in 0.13 (that I caused, sorry!). It has been fixed in the CMSMS 1.0 betas. There should be a new beta of CMSMS 1.0 out soon (beta3). I think the CMSMS 1.0 betas are actually more stable than CMSMS 0.13, just my opinion though.

[DA]

Hi Greg and Elijah ,

Thanks for the explanation .

Thanks Elijah , that explains the missing icons . When beta3 comes out I will put it on . I installed 0.13 last night .

Thanks everyone for your help , I am sure I will have many questions in the future ( smile ) .

Have a good day

DA