NYCPHP Meetup

[Stewart Newfeld]

The next regular meeting if the NYC Joomla Users Group will be held on
Thursday February 20, 2014

Location:
Touro College ( ... more about Touro College
<http://joomlanyc.org/index.php/events/touro-college-our-meetings-host> )
Graduate School of Business
65 Broadway, Room 224 (map  <http://www.touro.edu/gsb/contact.html> )
between Rector & Exchange Place
New York, NY 10006

Chairperson: To Be Decided 
6:00 - 6:15 - Introductions 
6:15 - 8:00- Presentations 

Presentation 1: Web Applications and Software as a Service 

Description:  Software-as-a-Service, or SaaS, is the new buzzword these
days, and increasingly traditional applications are being replaced with
online solutions to sell products, manage projects, and automate an
increasing amount of our work.  So how does SaaS work, and how do we get in
on the game?

We'll take a look at how to implement a cloud-based service, using the
Joomla framework as a specific example of how to implement such services.
We'll examine the business model, technical requirements, and challenges
relating to deployment and continuous development of a successful web
application.

Presenter: Toby Patterson is the founder and lead developer of Moolah
E-Commerce ( http://moolah-ecommerce.com ), an hosted service that provides
an e-commerce solution for business services. Toby was a Joomla developer in
2009, and continues to work with Joomla and other frameworks in commercial
products.

= = = = = = = = = = = = = = = = = = = = = = = = = = = 

Presentation 2: A common Joomla Website Security Issue

Description:  This will be a short talk and demonstration of one aspect of
Joomla website security - securing uploaded documents such as .pdf files.
Just requiring a login to see certain menu items on your website is not in
itself sufficient to keep uploaded documents like .pdf files hidden.  Take
for example,  XCompany's Board of Directors with login credentials to see
the otherwise hidden Board of Directors menu.  Every year XCompany provides
the board minutes and a link to a file with a name of the same format:
www.XCompany.com/images/Annual_Report_2013.pdf.  Well, what happens if
someone who is no longer a board member in 2014 decides to take a guess and
look in the same directory she linked to last year, for the same file name
with only the year changed from 2013 instead of 2014? If it exists, she will
retrieve it unless something more than Menu ACLs are used to secure it.  A
couple of solutions to this problem will be discussed and demonstrated
including .htpasswd files, Anti-leaching scripts, and the Joomla DOCman
extension.

Presenter: Stewart Newfeld supports many websites that were created by other
developers, and security loopholes similar to the one addressed in this talk
pop up from time to time.

8:00-8:30 Lightening Round Question and Answers, Networking.  Advice on what
Joomla techniques and Extensions to use to do what you need done. 

 

Stewart Newfeld, President

New York City Joomla Users Group (NYCJUG)
Meetings 6-8:30PM every 3rd Thursday of the Month
Check our website:  <http://www.joomlanyc.org> www.joomlanyc.org

NYCJUG_Logo_Signature_Thursdays

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/joomla/attachments/20140208/41456da8/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.gif
Type: image/gif
Size: 13356 bytes
Desc: not available
URL: <http://lists.nyphp.org/pipermail/joomla/attachments/20140208/41456da8/attachment-0001.gif>