I am starting development of a significant new Web site implemented in Drupal, and have as my team five talented, but relatively inexperienced, developers with little existing knowledge of Drupal. This is my attempt to provide a quick orientation to Drupal from a developer’s perspective, based on my experience.
Theming
Unless you already have expert knowledge of Drupal Theming, start with an existing theme and customize it.
I think that the Zen theme is ideal for this. Zen is “the ultimate starting theme for Drupal,” semantically correct and standards compliant.
Two diagrams of Zen theme regions, id’s css classes:
- http://groups.drupal.org/files/zen-layout2.png
- http://ipwa.net/assets/homepage-diagram-zen.pdf
Another possibility is the Blueprint theme, based on the Blueprint CSS framework.
Drupal themes follow certain conventions. For themes built on the PHPTemplate engine (the most commonly used template engine, which just uses straight PHP), you will find the following:
- style.css is the stylesheet file.
- page.tpl.php is the overall “boilerplate” layout for the site.
- node.tpl.php controls how individual node types are displayed, affecting the $content variable in page.tpl.php.
- block.tpl.php controls how blocks are displayed.
If you want to customize the text/labels that are built into Drupal or output by other modules, don’t modify core Drupal code. Instead, use Drupal’s Locale module and create a customized version of the language you need.
Finally, don’t waste time developing your theme to work in the administraton area of Drupal. You can specify a separate theme for the administration area, and there are already several themes that come with Drupal that work well for this purpose. In my opinion, Garland is very clean, professional, and easy to use for administration. When developing your theme, concentrate on the public interface.
Drupal API
Most content in Drupal are referred to as nodes; content type and node type are roughly equivalent. Node attributes that you may need to know about are:
- nid: the node’s ID.
- vid: the version ID for the node.
- type: basically, the content type, such as a page or blog.
- uid: the author’s user ID.
- status: whether published/visible (= 1) or unpublished/hidden (= 0).
Use db_query() to execute a database query.
The global $user object contains the user’s information.
t() should be applied to all strings for input substitution and to work with Drupal’s localization infrastructure.
Use the percent character (’%’) on string placeholders in t() to automatically hook into Drupal’s theming mechanisms and call check_plain() on the string in the background. For example:
t(‘Hello %name.’, array(‘%name’ => ‘Adam’));
l() formats internal Drupal links.
For AJAX functionality, Drupal comes with JQuery out of the box.
Security
Drupal stores user input as it is entered, but uses filters when displaying the output. Filters can be configured by node type to display content in various ways, including plain text and HTML.
Also remember to use the t() function as described above, which provides automatic filtering. Using the db_query() function describe above automatically protects against SQL injection attacks. Its also good practice to wrap queries in db_rewrite_sql() before calling db_query(), so that modules can modify the SQL if neccessary, to account for user access permissions for example:
$sql = ‘select n.title from {node} where n.type = %s’; $results = db_query(db_rewrite_sql($sql), ‘page’);
Other security methods in the Drupal API to become familiar with include:
- filter_xss()
- valid_url()
- check_url()
- drupal_urlencode()
- drupal_eval()
SEO
For quick SEO, install and configure the following modules:
- Pathauto
- Nodewords
- XML Sitemap
General
Drupal has a full form API that you may want to become more familiar with early on.
Taxonomies, Drupal’s ability to create categories or controlled vocabularies, is extremely powerful and flexible. Learn the capabilities of taxonomies early.
Other modules to be aware of…
- FCKEditor: Easily adds the Javascript WYSIWYG editor to Drupal.
- Attachment (requires Filemanager): This provides a more robust alternative to the default Upload module, for uploading files associated with nodes along with titles and descriptions.
- Captcha and Captcha Pack: An easy and flexible way of injecting Captcha challenges of various types to Drupal forms.
- Print: Provides printer-friendly content views.
- SMTP: More flexible email configuration.
- Event: Provides an event content type and various calendar displays.
- Front: Allows you to create a splash page that is laid out differently than the theme template your site uses.
- Image: Provides an image content type as well as the ability to display images in galleries.
- Location: “Let your users set their address or tag your content to a physical snail mail location and integrate it to a mapping solution!”
- Autologout: Exactly what is sounds like; forces logouts after periods of inactivity, but does so in a way that prevents users from loosing their work.
- Auto save: Uses AJAX to automatically save a revision of a node that is being edited.
- JSTools: A collection of AJAX components.
- SWFTools: Allows easy embedding of Flash scripts, most notably, various media players.
- Content Construction Kit (CCK): Arguably the most powerful single Drupal module, CCK allows you to easily create new content (node) types through the admin interface with custom form fields, or add custom form fields to existing content types, among other things. Although I was initially skeptical of this approach, figuring I would soon “hit a wall” trying to make this module do my bidding, I was surprised by the power and flexibility of this module. My sense from the Drupal community is that this is becoming the preferred way to create new content types, instead of through custom modules, at least for some purposes.
- CCK specific modules: CCK comes with a solid set of field types, but if you need something more specialized (such as images, links, dates, or computed fields), you’re likely to find it on the Drupal site.
- Contemplate: Allows you to flexibly control teaser and body output of content types, and is often used in conjunction with CCK.
- Views: This is essentially an advanced, GUI based query builder for filtering and displaying lists of content in various ways. Like Contemplates, it is often used in conjunction with CCK, although it can be used with any Drupal content type (node).
- Devel: As you might expect, this module provides views that can help debug a site as its being developed.
- Content Taxonomy: Access your taxonomies within your CCK content type definitions.
- Taxonomy Context: Provides flexible ways of displaying taxonomy information as you navigate through taxonomies.
- Taxonomy Image: Associate images with taxonomy terms, so that for example, you can display icons with categories on your site.
- Taxonomy Theme: As the name applies, allows you to control the theme based on taxonomies.
Books for more detailed coverage of topics
- Pro Drupal Development, Second Edition
- Building powerful and robust websites with Drupal 6
- Learning Drupal 6 Module Development
- Drupal 5 Themes