Content Options

When creating new content, we have the Input format section presented as follows (if the Input format link is minimized, click on it to bring up the full version):

T Input format i7 Filtered HTML

• Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>

• Lines and paragraphs break automatically.

PHP code

• Vou may post PHP code, Vou should include <?php ?> tags.

Full HTML

• Lines and paragraphs break automatically.

More information about formatting options

By default, the Filtered HTML option is selected. Unless you have a good reason to use one of the other options available, stick to this. Especially be wary of allowing any user to add PHP to their content, as this could put your site at serious risk. Remember that even Filtered HTML is not entirely safe, as users could still add links to malicious web addresses to their pages, which amounts to the same thing as having it on your site.

Here's an example of how a user could gain information about your site (assuming the PHP code option is enabled) before making an attack. In the body text of a page, add the following snippet of code to your page: <?

_Chapter 6

Ensure the PHP code option is enabled, and after supplying a Title for the page, click Preview. You should see something like this:

Home » create content » Submit page

This prints out all my server information...

■Ei*ml M I'j [avid Mirw n , JBOC-C-1-17 <B: 13.

PHP Version 5.0.4

Wrriowi MT HO RAT» S.1 I". IN 2500

Build ta*

Mar 31 S»5û2:tt3t

Qtnlgur* Command

« alp I ihalogo cori1si.it Ji '-tnablt-f napf hoHnJld- '-wl Ivfld-i fared-

$«rv«r API

.^aciw 2j0 Handltr

vlrkial Hrwtory Support

frwbfcd

Oonlauralon HI* (php.lnl) Pali

CttfllllEiOWStol-vJri

PHP API

20031224

PHP E "tori don

200+1030

Ittid Eilindon

220040*12

ObUO En IIJ

Tlii«ad Saisi;;

enabled

IPvi Support

enabled

P»fllî*n»d PHPSt^amc

I'll', Ik. hit-. it1, canprei; Jib, comprît f l-dp2

P*il i-tored Strain SooMGtTran cfior+c.

Icp.udp

While the server information in this screenshot may not be clear enough to read, it is certainly clear enough for someone viewing the page online to find out everything about your server. In this case, it is better to be safe than sorry, and you should leave the default option for this type of setting as Filtered HTML. All this goes to reiterate a point we discussed earlier when we looked at users and permissions:

Make sure you only give trusted users just enough permissions to fulfill their roles—and no more!

Before continuing, I should mention that in the following chapter we will discuss how to create custom input formats, because the default options might not always be suitable for the site's requirements.

Following on, Authoring information has only two options. The first names the author of the content, and the second gives the date on which the content was first created. Naturally, modifying the content will not change the Authored on date. If, however, you were modifying a page that has already been created, then you would come across a logging option (this may also be available when the content is first created).

Basic Content

For example, a typical log message might be something like the following:

For example, a typical log message might be something like the following:

If you are wondering why I have not bothered to add a date to this log message, it is because Drupal will make this clear when viewing revisions of the content automatically. Wait until we have discussed revisions before taking a look at the effect that log messages have on their content.

This log facility is quite simple, but should suffice for most people's needs. It is possible that a new, more sophisticated system of logging will be introduced for Drupal in the future, so keep an eye out for that.

The Publishing options can be tricky to get right, depending on how things are set up. This is what they look like at the moment:

T Publishing options

F Published f~ In moderation queue F Promoted to front page f Sticky at top of lists V Create new revision

As you will see in the following section on Administering Content, it is possible to decide whether content of certain types coming from certain users needs to be moderated before it can be allowed on to the site for general consumption. If this is the case, you or a designated user will have the ability to go through a moderation queue in order to confirm that any and all the content meets the site's requirements.

In the previous screenshot, the content being added is being published directly without the need for moderation. Enabling the second option, In moderation queue, would force the content to be approved before publication. The third option has been selected, and this will cause the content being created to appear on the front page of the website when it is first published (unless you have set a specific node to be displayed here already).

It is unlikely that by default you would want, for example, new book pages to appear on the front page ahead of say blogs from industry experts; so enable this option only for the content types that should steal some of the limelight.

The fourth option, Sticky at top of lists, causes the node to remain at the top of its list regardless of how many other postings there are. This is extremely useful for posting important messages to forums. For example, if there is some confusion about how to do something on a given forum, write a note explaining how things are done, and select this option to pin it to the top of the forum. In this way you ensure that it is the first thing everyone sees when they access that forum.

The final option, Create new revision, causes Drupal to create a new version of the content if it is being updated or revised. This means that you maintain the old version of the content as well as making a new version. This is useful if you want to keep track of what changes are being made to your documents. If a new revision has been created and tracked, then the next time you look at the content (assuming you have sufficient permissions) you will notice a new revisions tab on the page as follows:

Revisions for Book Page (Corrected)

view edit outline revisions

The revisions let you track differences between multiple versions of a post. Revision Operations

2006-04-05 14:45 by David Mercer

New version; with fixed title current revision

2006-04-05 14:44 by David Mercer

Original version; with spelling mistake in the title revert delete

Using this revisions page, it is now possible to work with your content quite easily. For example, you can decide which revision should be the active one (displayed to others) by clicking on revert, or you can delete revisions altogether. Notice that the log message that was added to the content type is also displayed at the bottom of each revision. From this you can see that they are actually quite important for maintaining good version control in content that is often modified. In this case, the log message for the revised version of the book page content mentions a change in the title.

Moving along, the next section, Comment settings, simply allows you to determine whether other users will be able to add comments to the content or not, as shown here:

T Comment settings

Disabled Read only Read/Write

Basic Content

The first option, Disabled, is useful if you are posting content for which comments are not appropriate—perhaps, like me, you are averse to criticism about your poetry, or something similar. The second allows only those with administration rights to post comments to this content, although other users can view the comments, and the final option allows all users with sufficient permissions to pass comment on your wonderful poetry (or whatever).

The following set of options deals with adding content to a menu. The next screenshot shows how a typical about us page might be added to the Navigation menu:

T Menu settings

Title:_

|about us

The name to display for this link.

Description:_

|l_earn about our Philosophy!

The description displayed when hovering over a menu item.

Parent item:_

| Navigation

Weight:

Optional. In the menu, the heavier items will sink and the lighter items will be positioned nearer the top.

In this case, a fairly hefty weight has been assigned to this page as we only ever want it to be shown after the actual content posts so that is doesn't detract from the main focus of the website. If you now take a look at the main menu and hover the cursor over the new about us link, you'll see the following:

Navigation

Q content

0 forums

0 blogs

13 about us

Learn about our Philosophy!

If you ever wish to remove or edit this menu item again, simply look at the same Menu settings section, and there will be a new checkbox, automatically available, to delete it.

The final option available concerns the use of file uploads; it is easy to work with and we have already seen it in action, and so we'll discuss it no further here. That about wraps it up for default content options—there's plenty more to learn, however, so keep your thinking cap on as we venture into the world of content administration.

_Chapter 6

Make Money Writing

Make Money Writing

This Report Will Show You How To Make Money By Providing Writing Services To Other Internet Marketers. Learn how to make money by writing the right way. Grab your copy of this report now and learn. Why writing is a great way to earn money. How to compete with cheap writers, even if you charge a lot more money.

Get My Free Ebook


Post a comment