Since a little bit more then a year, we were using the services of CVSDude (which has now become Codesion) for the SVN repositories and Trac instances of ImpressCMS. When we first created ImpressCMS, we were using SourceForge: for these things but at that time, SourceForge features were not meeting our needs. Plus, they did not have Trac. This explained our choice of using CVSDude.

A year and a half later, many things have change. SourceForge did a hell of a good job implementing new features and improving their site usability. And they added Trac! In the meantime, CVSDude also added many new features, and then changed their plans, and their name. We have now reach a point where we are no more satisfied with CVSDude and we had to decide to go back to our first love .

Read the complete post here.

Now that most developers are using a Javascript library as a foundation, the time they gain can be invested into more sophisticated applications.ImpressCMS provides multi-language functionalities, and can be used in many languages, not all of them using the english alphabet. That introduces some very specific issues due to accents and other letter modifiers.

A list apart has a very interesting article in that regard, which describes how to fold accented characters. Doing that should make your autocomplete and your search return more and more interesting results.

The article is here : A List Apart : Accent Folding for Auto-complete

Sadly, there is only a YUI example, but I'm sure a jQuery implementation won't be that hard to do. An idea for ImpressCMS 1.4 perhaps?

Time once again to bore you with tiny little details and snippets of code. Some time ago, ImpressCMS announced it would only run on PHP5 and be removing support for PHP4. Well, PHP5.3.x is now released and many of the old functions have been deprecated, with many more to be removed in PHP6.0. ImpressCMS 1.3, in addition to focusing on code optimization and performance, will also bring PHP5.3 compatibility to the platform.

Some of the changes needed are pretty straightforward and have simple replacements and I'll talk about a few of them in this post.

Some time ago, a user of one of my sites asked me what was his password for the site, and my reply was: "click here to change your password".

He was annoyed by this answer. He expected me to tell him "your password is...", so I had to do some public relations and explain him:

1 - I was teaching him how to do things by himself, which is much more valuable.

2 - I didn't know his password. I didn't know the password of any user.

The second point sounds strange but it's true. Your password is a very sensitive information and we know that here at ImpressCMS, so we "hide" it in a way that no-one, even the owner of a site, can access any other person's password directly.

What's the danger?

Consider a site that doesn't protect your password properly. A hacker gains access to the site. He gets all user data, including their passwords, of 5,000 people. Of all these people, 100 have a Paypal account, and 20 of them are using the same password for both the hacked site and Paypal. 15 of them have cash on their accounts.

They are screwed.

No, we're not allowing this to happen in a ImpressCMS site if possible.

What's the trick?

ImpressCMS encrypts the password before saving it in the database, so the database doesn't contain your password, only the encrypted version. The wonder of our encrypting method is that is easy to encrypt anything using it, but it's terribly hard to decrypt it.

So, when you login in your site, we don't compare the password you wrote with the one we have, because we don't have any. We encrypt the password again and compare it with the encrypted version we have in the database. That's how we know you are really you, but we don't save your password anywhere.

Am I safe?

On ImpressCMS, you're as safe as we can guarantee. To be honest, we're not the only Open Source CMS that takes special care of your password, but this is actually good news. The Open Source community, despite working on free products, takes your personal data very seriously. More seriouly, by the way, than some big fat NASDAQ corporations. If you ever suffered phone SPAM or receive calls everyday from a phone company that its not yours (it happens to me), you know what i'm talking about.

What I can tell you is that ImpressCMS developers have run "the extra mile" to offer safer encryption methods for your password. In version 1.1 we moved from old MD5 to other, much safer, methods, such as SHA.

And if time proves this is not enough, we're ready to run the extra mile again.

Best regards.

Hi everyone,

Join me today at 4 PM GMT -5 for an ImpressCMS Persistable Framework Q&A Session:Topic: IPF Interactive Session
Date: Thursday, January 28, 2010
Time: 4:00 pm, Eastern Standard Time (New York, GMT-05:00)
Meeting Number: 573 783 666
Meeting Password: web123

-------------------------------------------------------
To join the online meeting (Now from iPhones too!)
-------------------------------------------------------
1. Go to https://inbox.webex.com/inbox/j.php ... MxMQ%3D%3D
2. Enter your name and email address.
3. Enter the meeting password: web123
4. Click "Join Now".

To view in other time zones or languages, please click the link:
https://inbox.webex.com/inbox/j.php ... MxMQ%3D%3D

-------------------------------------------------------
To join the audio conference only
-------------------------------------------------------
Call-in toll number (US/Canada): 1-408-792-6300

Access code:573 783 666