New Feature: Playlist Center! Pick a topic and let our playlists guide the way.

Easy-to-follow video tutorials help you learn software, creative, and business skills.Become a member

Using best practices for online clubs

From: Drupal Gardens Essential Training

Video: Using best practices for online clubs

You can build a static traditional web site in Drupal Gardens, but what it's really good at is social sites-- that is, those sites that accept members and let them interact with each other through comments and blog posts and so on. A lot of this course is about how to make Drupal Gardens do what you want, but that's only half the story. If you're going to run a social web site, you also need to know how people interact with it. Then you have to plan to make that interaction easy, safe, and free of abuse. Here are five tips.

Using best practices for online clubs

You can build a static traditional web site in Drupal Gardens, but what it's really good at is social sites-- that is, those sites that accept members and let them interact with each other through comments and blog posts and so on. A lot of this course is about how to make Drupal Gardens do what you want, but that's only half the story. If you're going to run a social web site, you also need to know how people interact with it. Then you have to plan to make that interaction easy, safe, and free of abuse. Here are five tips.

First one is to pretend that you're a visitor. I switched over to another browser where I am not logged into the site. I just want to browse around it, make sure that all of the links work. For example, right there, I clicked on the contact link, and I get this Access denied. What that tells me is I have to go back and edit this block so that people who are anonymous users don't see it. I will show you very quickly how to do that. I will go back into my administrative interface, go up to Structure and Blocks, and scroll down to where that block is.

Sidebar A, it's that Need guidance block. Click configure, and then scroll down to the bottom and make it so that only authenticated users and everybody above that can see the block, and save the block. Now if I go back to my front page, I as the administrator can still see it. However, an anonymous user going to that page will see nothing. Very good. We corrected one problem right there, which we would have missed if we hadn't looked at the site as a visitor.

The second tip is to go through the sign-up procedure. Make sure that you understand how people are interacting with your site from the very beginning. To do that go on, again, as an anonymous visitor and click Login or Register. Actually go through the procedure with an e-mail address that you have, for example, on yahoo.com or gmail.com, something that's not really your central e-mail address. This way you'll have some understanding of what people are going through in order to become a part of your site, and that will help direct exactly how much you give to them without going through that procedure.

You'll start to understand how easy or difficult it is, and how much of a barrier it is to get to the content that you want to give them. The third tip is to check roles and permissions. I am going to go back to my administrative site here and click on People and then click Permissions. I mentioned this earlier in the course, but it's worth mentioning again. You should particularly look at what anonymous users and authenticated users can do, because remember, anonymous users is anybody who comes across your site, and authenticated users is anybody who signs up for an account.

In particular, watch out for anything that says it has security implications. If you give those permissions away, you might be allowing people to actually take over your site or destroy things that you've worked hard to create. Going back up to our list of People, take a look at the Roles column and make sure that you've given out the roles the way that you really want them to be. Let's say that califanjoe had gained your trust and became a blogger but then later on did something you didn't like. Well remember to come back here and take away that role. And you can remember how to do that by watching the video about adjusting user permissions.

The fourth tip is to make sure that people aren't abusing your site by checking over the content every once in a while. I'm talking about both the node content, which includes blog posts and news items, and comments that people add in response to those nodes. To find out about that, go up to the Content link here. Once in a while just look over the content that's come in. Make sure that you know what everything is, or at least that nothing looks peculiar. That's especially true if you've given permission to authenticated users to create any nodes, because as I mentioned before, automated spamming programs will go ahead and just create account after account and then start filling up your site with junk nodes.

Also look at the comments, both the published comments and those that haven't been approved yet. To learn more about that, once again, watch the videos about slowing spam and managing comments. The final tip takes a bit of explanation, but it's also an important one, so I am going to go through the whole thing. You need to adjust your text formats to prevent people from entering damaging content into your site. I will show you how that works, by going and adding content, and let's just say basic page.

When you create a node, you'll notice this little pop-up Safe HTML, and it lists of few other choices. If somebody chooses Full HTML and then switches from WYSIWYG to HTML, they can enter all kinds of damaging content. And I'd like to actually go through and enter some of this content, so you get a sense of what can happen. Now I am going to show you something that's not all that damaging, but it will give you a sense. I am going to call this "Dangerous stuff," and down here I'll enter in and then close out the iframe.

So what does that actually do? Let's go down and take a look. I will save it. And as you can see, it actually frames somebody else's site inside your content. Now, in this case it doesn't matter that much. It's just the Google site. It's not taking up the entire page and so forth. But you can see the sort of mischief that people can do. I am just going to go back now and delete that node. There are ways to allow more tags into your text formats than I've shown you here.

To learn more about that, see my other lynda.com course, "Drupal Essential Training." These five tips will get you started, but don't kid yourself. When it comes to dealing with people, there is a lot to learn. That's especially true on the Internet, where as the old joke says, you don't know who's a dog. New tricks show up every day, so I recommend you also stay in touch with other webmasters who can give you additional tip. One of the best sites that I've found to stay on top of Drupal vulnerabilities is crackingdrupal.com, which is led by longtime Drupal developer Greg Knaddison.

Above all, stay in touch with your users. Some of them will get to know your site better than you do, and they can alert you to any problems that pop up.

Show transcript

This video is part of

Image for Drupal Gardens Essential Training
Drupal Gardens Essential Training

65 video lessons · 11706 viewers

Tom Geller
Author

 
Expand all | Collapse all
  1. 29m 56s
    1. Welcome
      1m 39s
    2. Previewing the finished project
      1m 29s
    3. What's new in the late 2011 update?
      5m 28s
    4. What is Drupal?
      5m 8s
    5. What is Drupal Gardens?
      5m 57s
    6. Getting started with Drupal Gardens
      5m 35s
    7. Getting help
      4m 1s
    8. Using the exercise files
      39s
  2. 17m 40s
    1. Using the administrative overlay
      2m 54s
    2. Using the dashboard, toolbar, and shortcut bar
      5m 36s
    3. Touring the newly created site
      3m 55s
    4. Configuring the site
      5m 15s
  3. 59m 47s
    1. Creating and managing content
      11m 11s
    2. Creating and managing content types
      10m 35s
    3. Embedding YouTube videos and other media
      4m 5s
    4. Subscribing to RSS feeds
      4m 49s
    5. Categorizing RSS feeds
      5m 1s
    6. Managing tags and taxonomies
      5m 50s
    7. Creating dynamic pages with simple views
      4m 29s
    8. Creating complex information collections with Views
      8m 59s
    9. Creating image galleries
      4m 48s
  4. 37m 50s
    1. Working with blocks
      10m 26s
    2. Setting up rotating banners
      7m 45s
    3. Understanding menus
      7m 27s
    4. Setting up contact forms
      7m 7s
    5. Adding and removing functionality
      5m 5s
  5. 54m 54s
    1. Managing users
      6m 28s
    2. Adjusting user permissions
      6m 35s
    3. Managing comments
      7m 7s
    4. Slowing spam
      5m 20s
    5. Starting discussion forums
      9m 3s
    6. Creating blogs
      4m 41s
    7. Setting up mailing lists
      4m 50s
    8. Allowing users to rate content
      4m 21s
    9. Using best practices for online clubs
      6m 29s
  6. 44m 35s
    1. Getting feedback with webforms
      6m 14s
    2. Publishing RSS feeds
      6m 40s
    3. Taking advantage of social media
      9m 33s
    4. Emphasizing external links
      2m 44s
    5. Improving search engine optimization (SEO)
      7m 30s
    6. Internationalizing sites
      8m 6s
    7. Tracking site usage with Google Analytics
      3m 48s
  7. 34m 40s
    1. Understanding Drupal themes
      5m 44s
    2. Understanding the Theme Builder
      5m 25s
    3. Switching, saving, and copying themes
      7m 13s
    4. Introducing custom CSS
      6m 51s
    5. Refining selections in the Theme Builder
      5m 48s
    6. Exporting themes
      3m 39s
  8. 48m 31s
    1. Changing the site's color palette
      2m 32s
    2. Changing the site's main logo and favicon
      5m 22s
    3. Changing the column number and arrangement
      5m 7s
    4. Adding background colors and images
      6m 29s
    5. Changing element spacing and borders
      6m 11s
    6. Adjusting typography
      4m 24s
    7. Using fonts from outside sources
      5m 7s
    8. Inserting raw CSS code into themes
      6m 57s
    9. Adding visual effects with JavaScript libraries
      6m 22s
  9. 14m 18s
    1. Finessing theme design
      7m 51s
    2. Eight ideas for modifying themes
      6m 27s
  10. 23m 38s
    1. Monitoring sites
      4m 11s
    2. Duplicating and deleting sites
      4m 23s
    3. Adding custom domains
      3m 48s
    4. Using exported sites outside of Drupal Gardens
      3m 46s
    5. Hosting exported Drupal Gardens sites
      7m 30s
  11. 51s
    1. Goodbye
      51s

Start learning today

Get unlimited access to all courses for just $25/month.

Become a member
Sometimes @lynda teaches me how to use a program and sometimes Lynda.com changes my life forever. @JosefShutter
@lynda lynda.com is an absolute life saver when it comes to learning todays software. Definitely recommend it! #higherlearning @Michael_Caraway
@lynda The best thing online! Your database of courses is great! To the mark and very helpful. Thanks! @ru22more
Got to create something yesterday I never thought I could do. #thanks @lynda @Ngventurella
I really do love @lynda as a learning platform. Never stop learning and developing, it’s probably our greatest gift as a species! @soundslikedavid
@lynda just subscribed to lynda.com all I can say its brilliant join now trust me @ButchSamurai
@lynda is an awesome resource. The membership is priceless if you take advantage of it. @diabetic_techie
One of the best decision I made this year. Buy a 1yr subscription to @lynda @cybercaptive
guys lynda.com (@lynda) is the best. So far I’ve learned Java, principles of OO programming, and now learning about MS project @lucasmitchell
Signed back up to @lynda dot com. I’ve missed it!! Proper geeking out right now! #timetolearn #geek @JayGodbold

Are you sure you want to delete this note?

No

Thanks for signing up.

We’ll send you a confirmation email shortly.


Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

Keep up with news, tips, and latest courses with emails from lynda.com.

Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

   
submit Lightbox submit clicked
Terms and conditions of use

We've updated our terms and conditions (now called terms of service).Go
Review and accept our updated terms of service.