Drupal®
OverView
Drupal® ( drupal.org ) is a free and open-source web content management framework written in PHP and distributed under the GNU General Public License. Drupal provides a back-end framework for at least 2.3% of all websites worldwide – ranging from personal blogs to corporate, political, and government sites. Systems also use Drupal for knowledge management and for business collaboration.
As of December 2019, the Drupal community comprised more than 1.39 million members, including 117,000 users actively contributing, resulting in more than 44,000 free modules that extend and customize Drupal functionality, over 2,800 free themes that change the look and feel of Drupal, and at least 1,300 free distributions that allow users to quickly and easily set up a complex, use-specific Drupal in fewer steps.
The standard release of Drupal, known as Drupal core, contains basic features common to content-management systems. These include user account registration and maintenance, menu management, RSS feeds, taxonomy, page layout customization, and system administration. The Drupal core installation can serve as a simple website, a single - or multi-user blog, an Internet forum, or a community website providing for user-generated content.
Drupal also describes itself as a Web application framework. When compared with notable frameworks Drupal meets most of the generally accepted feature requirements for such web frameworks.
Although Drupal offers a sophisticated API for developers, basic Web-site installation and administration of the framework require no programming skills.
Drupal runs on any computing platform that supports both a web server capable of running PHP and a database to store content and configuration.
History
Originally written by Dries Buytaert as a message board, Drupal became an open source project in 2001. The name Drupal represents an English rendering of the Dutch word druppel, which means "drop" (as in a water droplet).The name came from the now-defunct Drop.org website, whose code slowly evolved into Drupal. Buytaert wanted to call the site "dorp" (Dutch for "village") for its community aspects, but mistyped it when checking the domain name and thought the error sounded better.
Interest in Drupal got a significant boost in 2003 when it helped build "DeanSpace" for Howard Dean, one of the candidates in the& U.S. Democratic Party's primary campaign for the 2004 U.S. presidential election. DeanSpace used open-source sharing of Drupal to support a decentralized network of approximately 50 disparate, unofficial pro-Dean websites that allowed users to communicate directly with one another as well as with the campaign. After Dean ended his campaign, members of his Web team continued to pursue their interest in developing a Web platform that could aid political activism by launching CivicSpace Labs in July 2004, "...the first company with full-time employees that was developing and distributing Drupal technology. Other companies began to also specialize in Drupal development. By 2013 the Drupal website listed hundreds of vendors that offered Drupal-related services.
As of 2014 Drupal is developed by a community From July 2007 to June 2008 the Drupal.org site provided more than 1.4 million downloads of Drupal software, an increase of approximately 125% from the previous year.
As of January 2017 more than 1,180,000 sites use Drupal. These include hundreds of well-known organizations, including corporations, media and publishing companies, governments, non-profits, schools, and individuals. Drupal has won several Packt Open Source CMS Awards and won the Webware 100 [clarification needed] three times in a row.
Drupal 6 was released on February 13, 2008, on March 5, 2009 Buytaert announced a code freeze for Drupal 7 for September 1, 2009. Drupal 7 was released on January 5, 2011, with release parties in several countries. After that, maintenance on Drupal 5 stopped, with only Drupal 7 and Drupal 6 maintained. Drupal 7 series maintenance updates are released regularly Drupal 7 is officially announced to reach end-of-life by 2021, official community support along with support provided by the Drupal Association on Drupal.org will cease by 2021.
On October 7, 2015 Drupal 8 first release candidate (rc1) was announced. Drupal 8 includes new features and improvements for both users and developers, including: a revamped user interface; WYSIWYG and in-place editing; improved mobile support; added and improved key contributed modules including Views, Date, and Entity Reference; introduced a new object-oriented backend leveraging Symfony components; revamped configuration management; and improved multilingual support. Drupal 8 rc1 is the collective work of over 3,200 core contributors.
Drupal 8.0.0 was released on November 19, 2015. Subsequent major and minor releases (8.8.1 as of December 18, 2019) which bring numerous improvements and bug fixes (including CKEditor WYSIWYG enhancements, added APIs, an improved help page) can be found on the Releases page.
Drupal 9 is currently in development and is scheduled for release on June 3, 2020
Core
In the Drupal community, "CORE" refers to the collaboratively built codebase that can be extended through contributory modules and – for versions prior to Drupal 8 – is kept outside of the "sites" folder of a Drupal installation. (Starting with version 8, core is kept in its own 'core' sub-directory.) Drupal core is the stock element of Drupal. Common Drupal-specific libraries, as well as the bootstrap process, are defined as Drupal core; all other functionality is defined as Drupal modules including the system module itself.
In a Drupal website's default configuration, authors can contribute content as either registered or anonymous users (at the discretion of the administrator). This content is accessible to web visitors through a variety of selectable criteria. As of Drupal 8, Drupal has adopted some Symfony libraries into Drupal core.
Core modules also includes a hierarchical taxonomy system, which lets developers categorize content or tagged with key words for easier access.
Drupal maintains a detailed changelog of core feature updates by version.
Core modules
Drupal core includes optional modules that can be enabled by the administrator to extend the functionality of the core website.
The core Drupal distribution provides a number of features, including :
- Access statistics and logging
- Advanced search
- Blogs, books, comments, forums, and polls
- Caching and feature throttling for improved performance
- Descriptive URLs
- Multi-level menu system
- Multi-site support
- Multi-user content creation and editing
- OpenID support
- RSS feed and feed aggregator
- Security and new release update notification
- User profiles
- Various access control restrictions (user roles, IP addresses, email)
- Workflow tools (triggers and actions)
Also :
Core themes | Localization | Auto-update notification
Database abstraction
Prior to version 7, Drupal had functions that performed tasks related to databases, such as SQL query cleansing, multi-site table name prefixing, and generating proper SQL queries. In particular, Drupal 6 introduced an abstraction layer that allowed programmers to create SQL queries without writing SQL.
Drupal 9 extends the data abstraction layer so that a programmer no longer needs to write SQL queries as text strings. It uses PHP Data Objects to abstract the database. Microsoft has written a database driver for their SQL Server. Drupal 7 supports the file-based SQLite database engine, which is part of the standard PHP distribution.
Windows development
With Drupal 9's new database abstraction layer, and ability to run on the Windows web server IIS, it is now easier for Windows developers to participate in the Drupal community.
A group on Drupal.org is dedicated to Windows issues.
Architecture
Drupal is based on the Presentation Abstraction Control architecture, or PAC.
The menu system acts as the Controller. It accepts input via a single source (HTTP GET and POST), routes requests to the appropriate helper functions, pulls data out of the Abstraction (nodes and, from Drupal 5 onwards, forms), and then pushes it through a filter to get a Presentation of it (the theme system).
It even has multiple, parallel PAC agents in the form of blocks that push data out to a common canvas (page.tpl.php)
Community
Drupal.org has a large community of users and developers who provide active community support by coming up with new updates to help improve the functionality of Drupal, As of January 2017 more than 105,400 users are actively contributing. The semiannual DrupalCon conference alternates between North America, Europe and Asia. Attendance at DrupalCon grew from 500 at Szeged in August 2008, to over 3,700 people at Austin, Texas in June, 2014.
Smaller events, known as "Drupal Camps" or DrupalCamp, occur throughout the year all over the world. The annual Florida DrupalCamp brings users together for Coding for a Cause that benefits a local nonprofit organization, as does the annual GLADCamp (Greater Los Angeles Drupal Camp) event, Coders with a Cause.
The Drupal community also organizes professional and semi-professional gatherings called meetups at a large number of venues around the world.
There are a number of active Drupal forums, mailing lists and discussion groups. Drupal also maintains several IRC channels on the Freenode network.
There are over 30 national communities around drupal.org offering language-specific support.
Notable Drupal users include NBC, Taboola, Patch, and We the People.
Security
Drupal's policy is to announce the nature of each security vulnerability once the fix is released.
Administrators of Drupal sites are automatically notified of these new releases via the Update Status module (Drupal 6) or via the Update Manager (Drupal 7).
Drupal maintains a security announcement mailing list, a history of all security advisories, a security team home page, and an RSS feed with the most recent security advisories.
In mid-October 2014, Drupal issued a "highly critical" security advisory regarding an SQL injection bug in Drupal 7, also known as Drupalgeddon.
Downloading and installing an upgrade to Drupal 7.32 fixes the vulnerability, but does not remove any backdoor installed by hackers if the site has already been compromised. Attacks began soon after the vulnerability was announced. According to the Drupal security team, where a site was not patched within hours of the announcement, it should be considered compromised and taken offline by being replaced with a static HTML page while the administrator of its server must be told that other sites on the same server may also have been compromised.
To solve the problem, the site must be restored using backups from before October 15, be patched and manually updated, and anything merged from the site must be audited.
In late March 2018, a patch for vulnerability CVE-2018-7600, also dubbed Drupalgeddon2, was released. The underlying bug allows remote attackers without special roles or permissions to take complete control of Drupal 6, 7, and 8 sites. Starting early April, large scale automated attacks against vulnerable sites were observed, and on April 20, a high level of penetration of unpatched sites was reported.
On 23 December 2019, Drupal patched an arbitrary file upload flaw. The file-upload flaw affects Drupal 8.8.x and 8.7.x, and the vulnerability lists as moderately critical by Drupal.
Awards & Honors
Drupal Awards
2014
- CMS Critic Critics’ Choice : Best Enterprise PHP CMS
- CMS Critic Peoples’ Choice : Best Enterprise PHP CMS
- Weblizar : Top 10 PHP CMS
2013
- Critic's Choice Award 2013 : Best Free CMS
2012
- Infoworld Bossie Awards 2012 : The best open source applications
2011
- Infoworld Bossie Awards 2011: The best open source applications
2010
- Infoworld Bossie Awards 2010 : The best open source applications
- Packt Publishing Open Source CMS Awards : Open Source CMS Hall of Fame (2nd place)
2009
- Webware 100
- Packt Publishing Open Source CMS Awards : Best PHP Open Source Content Management System (1st place); Open Source CMS Hall of Fame
2008
- Webware 100
- Packt Publishing Open Source CMS Awards : Best Overall Open Source CMS (1st place); Best PHP Open Source Content Management System (1st place)
2007
- Webware 100
- Packt Publishing Open Source CMS Awards : Best Overall Open Source CMS (1st place); Best PHP Open Source Content Management System (2nd place); Best Open Source Social Networking Content Management System (2nd place tie)
2006
- Packt Publishing Open Source CMS Awards : Best Overall Open Source CMS (2nd place)
Thousands of portals and sites of scientific, governmental and military centers around the world that are highly sensitive and important use Drupal because of its distinctive features that can be mentioned:
NASA - Oxford University - Harvard University - Total Company - Tesla Company - Linux - London Airport - Australian Government - New York Governorate - London Municipality - Economist Magazine - Department of Commerce, Department of the Interior, Department of Energy, Department of Health, Department of Transportation and US Department of Education - General Electric Company - Columbia University - University of California - World Standards Organization - World Meteorological Organization - Australian National Library - NBA and MORE ...
Drupal has been used in government in all countries and sensitive and important websites are designed and implemented with drupal.