The Joomla project has just released Joomla 3.4.6 to address a Critical Vulnerability.
The vulnerability is also present in discontinued Joomla 2.5 and 1.5 series (Joomla 1.0 is ok). If you still have sites running off these old Joomla versions you must patch them appropriately.
For these old versions, a simply file replacement is all that is needed.
2020Media will happily undertake this replacement for any Joomla user, whether they are a customer or not. Please let us know if we can help by contacting us.
A new resource for customers – the Website File Explorer. Here’s how it came about.
What it does
The item lists the files and folders in a customers webspace, giving information such as file size, modification time, folder structure and size, all in a responsive, attractive layout.
The single-file script can be placed in a web directory and loaded in a browser. It uses scandir to locate all the contents recursively, then filesize to get the properties of each item.
Responsive, Dynamic, Modern
The script also displays a nice icon for each type of file, and the last modified timestamp.
Folders are shown initially closed but a simple click expands them dynamically to reveal the contents.
Putting the Customer in Control
The script is used as a report for our web hosting customers, to give them more information about their accounts.
Most hosting control panels show disk quota and usage, but we were asked by customers to break down the usage in detail, so that they could get an idea where the space was being used. From personal experience we know webspace gets used over time for all sorts of random things – obsolete projects, testing space, a handy spot to dump that file you need to transfer one time only….
We had been providing this information manually, using the linux ‘du‘ command. This has useful parameters such as –human-readable and –max-depth which made it ideal. However translating this function into a customer-facing tool in a safe and secure way meant a different approach – in our case using PHP.
We continue to use ‘du’ “under the hood” to provide a daily report to customers via our customer portal. Automatic warnings are generated in case a customers is getting close to their quota.
How big is that Folder in the Window?
One interesting thing we found is the different ways that file and folder sizes are calculated. There is also some differences in parameters for du (apparent sizes, rather than disk usage) that had to be taken into account when comparing PHP’s method of calculating file space usage with Linux’s (and our FTP server software).
We display the results in human-friendly units based on one Kilobyte being 1024 bytes.
Remove the .txt extension and upload to your webserver.
Caution: This script will display the names (at least) of all files in your site. Therefore caution should be used before putting it in a public location. Our use of this script is tightly locked down so that it is safe and secure to use.
We would not recommend this script is used at all where register_globals is active (e.g. older php versions).
With thanks to the original creator, Hal Gatewood and user khanvani on fiverr.com
Form Builder – First phase implementation of a new forms framework which will be designed to allow for easy customization of core forms.
Administrator Status Page – Provide CiviCRM site administrators with a single place to check for configuration problems including cron status, file permissions, MySQL permissions, invalid or sub-optimal PHP settings, etc. These statuses can also be queried via API to allow for automated status checks.
Administer Settings improvements – Provides a unified and searchable administrative interface for all configurable settings. Makes it easier for extensions to add settings to this interface.
Installer improvements – Streamlined install process for WordPress sites. Initialize newly installed sites with localization settings (language, currency, etc.) based on the users locale. 2020Media provide pre-installed CiviCRM so we’ll take care of this for you!
Payment processing improvements
Webform CiviCase integration enhancements (sponsored by Compucorp Ltd.) – Add case roles to a case in webforms and allow users to specify a case when creating an activity.
CiviMail Inline (pending code contribution from Veda Consulting) – Improves usability when composing and editing mailings based on templates by allowing the designer to create editable and non-editable regions.
Offline recurring payments (pending code contribution from Veda Consulting and API from JMA Consulting) – Manage recurring contributions that are initiated outside of CiviCRM. Ensures that these Direct Debit or Standing Order payments are allocated to the correct contacts, and that the recurring details are fully accessible to CRM administrators.
Navigation / Menu Improvements (pending collaboration with Compucorp Ltd.) – Modernize the main navigation menu, provide vertical side-bar display options, include icons.
The target date for a stable release is Early October 2015.
We’ve just released a new control panel ‘gem’ – our name for useful tools the enhance our customer’s service.
The bandwidth reporting gem gives customers a live view of their website’s bandwidth usage.
2020Media’s new Bandwidth Gem
The rest of this blog post is about how we created the functionality so non-techies can stop reading now!
Looking inside the code
This functionality was made possible because of mod_cband. mod_cband is an apache module that monitors and controls individual website bandwidth usage. It handily includes an xml output. We set parameters of the website and the server it’s hosted on. The script then loads the xml file from the relevant server and pulls out the data for the chosen site. There are three useful values:
Quota
Total used
Time until refresh
‘Quota’ is the hosting plan bandwidth quota – for example 10GB per month. Mod_cband does not allow calendar month periods, so we use 4 weeks (a hidden bonus on our hosting plans as customer effectively get up to 3 free days of bandwidth a month!). The ‘Time until refresh’ is a countdown to the time when the bandwidth ‘Total used’ is reset back to zero. Note the XML does not include the period over which the bandwidth is measured, but for 99% of sites we use 4 weeks so this is not a problem.
Taking this data, we can then create some pretty graphs to illustrate the website’s usage. We use the Google Chart API – Google chart tools are powerful, simple to use, and free. Try out our rich gallery of interactive charts and data tools. Using javascript librarys you can send some values and get back a lovely bar chart, timeline or as in our case, a pie chart.
The resulting graphic includes nice rollovers and is extensively customisable (although of course there are always one thing you want to do that isn’t supported!).
We also wanted to show customers how long their site had left before the quota was reset. In the xml feed, this comes out of mod_cband as “Time to Refresh”:
<time_to_refresh>3W 0D 01:03:17</time_to_refresh>
Not the ideal parameter to work with! However we can do some conversions and math on it, to work out the start date and end date of the period.
$wdhms = convertdate($refresh); // converts time_to_refresh into seconds
$totaltime = 2419200; // number of seconds in 4 weeks
$today = time();
$timeused = $totaltime - $wdhms;
$startdate = ($today - $timeused);
$enddate= ($today + $wdhms);
Then we use another Google Javascript library to display this in a calendar format. We chose datepicker as it’s well documented and fits in well with the javascript based pie-chart used in the bandwidth representation.
The datepicker setup is very similar to the piechart:
beforeShowDay: function(date) {
var date1 = $.datepicker.parseDate($.datepicker._defaults.dateFormat,"<?php echo date('m/d/Y',$startdate);?>");
// Date format MM/DD/YYYY
var date2 = $.datepicker.parseDate($.datepicker._defaults.dateFormat, "<?php echo date('m/d/Y',$enddate);?>");
return [true, date1 && ((date.getTime() == date1.getTime()) || (date2 && date >= date1 && date <= date2)) ? "dp-highlight" : ""];
}
Div tags are used to layout the information as in the screenshot above. These will flow nicely on small screen devices, as we aim to make all our customer-facing websites fully responsive.
Future plans
We aim to add this reporting functionality across other services such as broadband.
News, tips and reviews from one of Britain's leading web hosting companies
The Joomla project has just released Joomla 3.4.6 to address a Critical Vulnerability.
