Thursday, August 23, 2012

Creating a monthly archive block with Drupal 7 views


The level of experience that makes things easy in one version of Drupal can make tasks jarring in another. In Drupal 6, I have expertise with every level of views -- the normal stuff, like fields, filtering, and rewriting, plus more advanced features like arguments. With the Views Custom Field module, I can even use PHP to make views even more customizable. Getting that same level of familiarity with Drupal 7 views will be a challenge, but it's a fun challenge.
First views project in D7: Creating a monthly archive block for my right column. A pre-packaged version ships with the views module, but creating my own served as a crash course for Drupal 7 views. I started from the D6 tutorial at Chris Shattuck's blog, and referred to the pre-packaged version to fill in the gaps.
The goal of this tutorial is to create a block you can stick in a side column that displays linked months with a post count, and a page for each month so your visitors have somewhere to go when they click the linked months. Without further ado, here you go.

Thank to http://www.webbykat.com/comment/108 

Monday, August 13, 2012

Nearly 1 in 3 Chinese online shoppers are victims of fraud as annual losses add up to $4.7bn

Companies like Taobao are doing their part to legitimize ecommerce in China, but the industry remains something of a wild frontier. Chinese consumers lost $4.7 billion (RMB 30 billion) to fraud from June 2011 to June 2012, a new report claims.

The China Electronic Commerce Association has found that 32 percent of the estimated 194 million ecommerce-savvy Chinese Internet users purchased from fraudulent websites during the period, as reported by Xinhua (translation). A conservative estimate put losses at RMB 30.8 billion.

Though the government is taking steps to combat rampant ecommerce fraud, industry insiders claimed the problem continues to grow over time. Even so, a growing number of Chinese citizens put their faith in buying over the Internet. The number of online shoppers has increased by 33 million since the 2010-2011 period.
70 percent of the more than 60 million deceived customers over the past year spent between $79-314 (RMB 500-2000) on their transactions, the report said.

The tricks used by scammers include basing a fake site on a template from a genuine vendor and then SEO-optimizing the counterfeit business. Fake sites are also known to have very similar URLs to the real brands and sellers. Many sites also have hundreds of bogus reviews for their products and services.
According to one police officer, fraud has jumped up significantly since 2010. Criminals employ advanced masking techniques that make it hard for law enforcement officials to track them.

Crooks and business are continually working to outsmart each other. Taobao, the Chinese equivalent to eBay, recently stepped up its security efforts with revamped mobile and desktop safeguard software.
The stakes of the ecommerce market should only continue to rise. A burgeoning middle class in China that can afford not just to go online but to shop there is expected to make the country the world’s largest e-commerce market in just a few years. One analysis from earlier this year said the size of the market will top $360 billion by the end of 2015.
  
About the Author
Josh Ong is the China Editor of The Next Web. He's a native Californian, turned transplanted Beijinger. Follow him on Twitter and Sina Weibo or email him at josh@thenextweb.com.

Thursday, August 9, 2012

Solving the Problem of Software Security

For today’s businesses the use of software application is a must, and so is improving your software security. There are a number of methods to be considered for application security enhancement, but it is the right mix of approaches that may become your key to business processes reliability and competitiveness. 

A recent Quocirca report underlines the scale of the application security challenge faced by businesses. The average enterprise tracks around 500 mission critical applications, in financial services organisations it is closer to 800 (figure 1).
The security challenge arises because more and more of these applications are web-enabled. Furthermore, businesses are increasingly relying on software provided as a service (SaaS) and apps that run on mobile devices, both of which are, by definition, exposed to the internet (figure 2).

Businesses worry about application security for three reasons. First, security failures leave them vulnerable to hackers and malware, secondly auditors expect application security to be demonstrable and third, customers, with who they share business processes via applications, are also increasingly likely to seek security guarantees. Fixing security flaws up-front wherever possible also makes sense because of the cost involved at doing so after software if deployed. There are both products and services opportunity for resellers to help their customers achieve these goals.

There are a number of approaches that can be taken to improve application security. For in-house developed software, better practice can be ensured through training of developers, many businesses will need assistance to achieve this. For commercially acquired software, due diligence during procurement is necessary, seeking assurances from independent software vendors (ISV); resellers that sell application software could do this for their customers as part of their value add. However, these measures can never ensure that software is 100% secure. For this reason there are three other approaches that should be considered:

1. Application scanning: scanning software eliminates flaws in the first place. There are two approaches, the static scanning of code or binaries before deployment and the dynamic scanning of binaries during testing or after deployment. Static scanning is pervasive, looking at every line of code. Scans can be conducted as regularly as is deemed necessary. Whilst on-premise scanning tools have been relied on in the past, the use of on-demand scanning services has become increasingly popular as the providers of such services have visibility in to the tens of thousands of applications scanned on behalf of thousands of customers. Such services are often charged for on a per-application basis, so unlimited scans can be carried out, even daily.

By Bob Tarzey, Quocirca \\ August 2012
Read more: http://www.executivebrief.com/mobility/problem-software-security/