Tendenci – The Open Source AMS Blog
Community Blog for Open Source AMS Makers
Ever wanted to create an event, show it to everyone, but
only give access to a privileged few? Create events and protect the event with a unique password for each one. These events will display as regular events
do but the event can only be registered for and details can only be viewed if
you’re equipped with the super secret password.
Tendenci now gives you the ability to create private events. Private events are the same as any regular old
event — with one added bonus — it’s hidden. The only way to view the event details and have the ability to register
for the event is if you know the exact URL .
Only administrators and the creator of the event have the
ability to view the event within the calendar. I’d show you a screenshot, but it’s private … shhh.
If your site is currently using the memberships module and the corporate memberships module and has both members associated with corporate memberships and individual members not associated with a corporate membership, then this update applies to you. The expiration methods for individual and corporate members may now be set differently.
Here is an example of the old functionality:
The membership application has the ability to tie a member into a corporate membership:
Both A and B renewed on 1/1/2008. Assuming the grace period is 30 days, A‘s expiration date would be set to 11/1/2008 (the same as its associated corporate membership C‘s expiration date) and B‘s expiration date would be 1/1/2009 (one year from the renewal date)
Now you can choose the expiration method for the memberships that are not bound to the corporate memberships. For example, if you select to expire annually on November 1st, the expiration date of B would be 11/1/2008 (the next November 1st from the Renewal date).
To update your membership expiration method for the individual memberships not bound to corporate memberships, edit your Membership Application and on Step 4, set the individual expiration method to expire by the method you prefer. If you are unsure of whether or not you have a membership application that ties into corporate memberships then go to Step 2 and see if the Show check box is checked for Corporate Membership ID.
Please refer to the screen shots below:
On Step 4 – Setting the individual membership for memberships applications tied into corporate memberships
On Step 2 – Checking to see if you are tying the membership application to a corporate membership
Hey Tendenci lovers!
Before you add a CMS page you will need to confirm whether the page is public or private. This is put in place mainly to make sure you really want to syndicate your content to all RSS readers.
If you are still wondering why… Here it is in short:
When RSS (syndication) first came around it was a new technology. A new technology that took time to get popular. When information was syndicated in the past, it was not a big deal because the average end-user was not subscribed to the site.
Now that RSS has grown in popularity we have a much bigger audience. There are a lot more eyes looking at our content both via the website and through feed readers.
Publishing sensitive information for the world to see can cost a company thousands. Another not-so-cool feature of syndication is that the majority of feed readers cache. This is the equivalent of sending out "bad" email; you can’t take it back.
Thanks for reading!!!!
We are taking extra steps to emphasize the importance of syndication and it’s affects.
CMS pages now require our clients to choose whether or not the content on the page is for public or private viewing before entering content.
Have you been to Tendenci training
lately? It’s fun, it’s free and can really help with the success of
your Web site! Plus you get to meet Schipul-ites in person and
interact with other Tendenci users.
We have 6 really great classes for you to attend over the next six weeks:
You can also take a look at the rest of our training classes by visiting our Schipul education calendar here.
Tendenci now gives you the ability to email all, paid, or
non-paid registrants for your event. Simply select the appropriate group and your registrants will receive your
custom formatted email.
Hey all you totally awesome Tendenci users… If you use the photo albums module in Tendenci and are interesting in funding functionality for a bulk export of your albums, please contact Kim Lange at Schipul – The Web Marketing Company at 281.497.6567 ext. 514.
The basic export would include exporting your album to a zip file (no photo information will be included in the export). You
would not have to download your images individually. It cost about 2k
to add this functionality to the photo albums module.
We wanted our clients to know that security researchers discovered cross site scripting vulnerabilities in numerous Tendenci modules yesterday. Specifically a munged URL could be used in spam creating a link that looked legitimate. When a user clicked that link it would have then redirected them to a different site as intended by the bad guy.
The vulnerabilities have been patched and our programming team is continuing to test our security functions.
The timeline was we were contacted by security researcher Russ and Secunia yesterday morning. The patches were posted live on the server farm within hours.
Our biggest take away is a sense of gratitude for security researchers who help us keep our products and the Internet secure. It can be a thankless task so to be clear our position is THANK YOU!
FAQ:
Q: Did we lose any data?
A: No.
Q: Did any of our secure content get accessed?
A: No.
Q: Did any spammers take advantage of the cross site scripting vulnerabilities to redirect users?
A: We are researching this. So far we have only seen the safe tests run by the security researchers.
Q: What else do I need to do?
A: Nothing at this time. We have security as our top priority and will continue to do so.
Thanks,
Jennifer Brooks
UPDATE:
We are very pleased to read Russ’ post about our quick response to the Cross Site Scripting vulnerability, entitled ‘Fastest Fix in the West: a vendor’s excellent response’. We are amazingly passionate about Security, our software and our amazing Clients – so this recognition means a lot. Here’s an excerpt of his post:
Rare is the occasion when one who researches and responsibly reports
web application vulnerabilities is met with an open, immediate,
consumer oriented response from a vendor. But so it was when I let the
folks who develop Tendenci, a Schipul offering, know about a few XSS
issues… To Schipul I say well done, extremely well done, and thank you…. (read the rest of the post)
Good news Tendenci users! You can now merge or append usergroups.
Merging usergroups allows you as an admin, to take users from one group and add them to another. You have the option to delete the group entirely.
Append usergroups allows you to merge usergroups while keeping the source group.
You will need a site authentication string to do the merge.
Check out the help files.
What happened?
The software update to help make our email compliant, caused a slight change in the way newsletters were created. This required one extra step to make all paths to your images absolute paths instead of relative paths.
If you have experienced trouble with your Newsletter images displaying this week, The programming team has fixed this for you. Yay! Thank you Programmers!
What did the Programming Team do?
A snippet of code has been added that will automatically turn your relative image paths into absolute image paths for you. This change is automatic so your Tendenci Newsletter images will now display properly in preview mode and in your inbox. The code was accidentally overlooked on the first update, so we apologize for any inconvenience that it may have caused.
What is the difference between the paths?
A relative path is a path to an image or a page that does not include your full website address. You will use relative paths when you are linking to images or pages that live within your Tendenci site. This is an example of a relative path to an image:
An absolute path is a path to an image or a page that does include your full web address. You will use an absolute path when you are linking to images or pages outside of your Tendenci site. This is an example of an absolute path to the same image:
For more information on uploading images and creating newsletters, please visit our Tendenci help files.
