September 08, 2010, 8:05 AM — by Daniel P. Dern - Many of today's web sites and other online applications aren't just about presenting a few facts, but are about providing content, from blog posts, comments, Tweet feeds, and short headlines to product information, audio, pictures, videos, PDFs, and more. This is increasingly true not just for media companies but also for a growing number of businesses, not to mention government entities (agencies, departments, cities, states, countries), transportation/travel, organizations, and more, along with SOHOs and professionals, families and even individuals.
Much of this content is meant to be put in by non-HTML-experts, who in turn aren't the site developers or administrators. And many designers and developers want higher-level tools than the HTML editors of yore to create and manage these content-intensive sites.
Enter content management systems for web sites, a.k.a., Web CMSs.
"Managing content means managing user accounts, managing the media, and managing the content itself, the article copy, the menus, overall design," says Mitch Pirtle, co-founder of Joomla!, one of the two best-known and popular web CMSs. (The other is Drupal; both Joomla! and Drupal are open source projects.) According to Pirtle, Joomla! users range from a world-wide company with 20,000+ staff to "a site for his two kids." Other Joomla! users include MTV Networks Quizilla, the IHOP restaurant chain, and Citibank (internally).
Here are some tips, advice, and best practices from several Joomla! developers, including Mitch Pirtle.
Create custom content types - "Joomla! lets you install a Content Creation Kit (CCK) to define custom types of content," says Pirtle. "You can create a type like STAFF, and then an admin or HR person who doesn't know HTML can click 'STAFF MANAGER' and have a form that lets them plug in data, and that information goes into the web site. Because it's used in a CCK, the site's search features -- there's a plug-in for search -- are automatically aware of this information."
Use the Joomla Framework, and its built-in features - "The Framework has Classes that provide filtering and 'scrubbing' for sanitizing user input -- fetching data from sessions and URLs, reformatting the data so it's safe going in and out of the database," says Pirtle. "We've seen third-party extensions have security issues, usually because they weren't respecting the API or using all the security features. For example, Joomla! has a database Class that has protections against malformed SQL and user input...but you have to use those features. Don't reinvent the wheel, our code has been written and reviewed by thousands of people, yours will be less optimal on your own."