The XOOPS Project, world’s leading Open Source CMS (Content Management System), has released recently the newest version of its award winning software – XOOPS 2.3.1.

The Project Leader, Mr. Jiang Taiwen, stated that this release is significant for two reasons: (1) it is merging the two existent XOOPS branches of 2.0 and 2.2 and (2) it is building a bridge towards the next generation of XOOPS – version 3.0.

The major improvements are addition of Extended Profile and Private Messages modules, and standardizing on one Extended DHTML editor as the default across all XOOPS modules. The administrators will also enjoy the addition of EXM Admin GUI.

There are always two perspectives to a “Content Management System” – the developer’s side, and the user’s side. And XOOPS 2.3 is breaking some more new grounds in both areas for the XOOPS community.

"I did a little searching and found some relevant posts on this question.

The plural of CMS is CMSs. The possessive plural is CMSs’.

That’s my story and I’m sticking with it."

-John DeRosa, Plone advocate, The plural of CMS, November 10, 2008

Adding to its list of multi language support, the Bitrix Site Manager is now available in German and French languages too

Bitrix Inc., Erne Consulting AG, and Stark-iT have collaboratively released the German and French language versions of the Bitrix Site Manager. The versions are available immediately as the full German pack and the French pack for the Professional Edition of the Site Manager.

Erne Consulting AG, a premium customer, is one of the leading developers of software solutions for the healthcare vertical. After evaluating a wide range of content management systems, the Erne Consulting AG team chose Bitrix Site Manager as a platform for their own portal. However, at that time, the solution was not available in German and French, the native language of the company’s employees. In spite of this hindrance, Erne Consulting still decided to deploy the highly robust and scalable Bitrix Site Manager.

It is estimated that there are nearly 1,700 applications in the content management system (CMS) market. In an ideal world, I would love to cover all of them here at CMS Report.  Since your time and my time is finite, I have instead chosen to limit the number of CMS applications focused here to no more than 30 applications. Since the list of applications included under "CMS Focus" is meant to include today's content management systems, it is logical to assume the list will change over time in order to stay relevant.

The CMS applications listed in this section are not necessarily the most popular nor are they always true content management systems.  Instead the content manage systems that make up my top 30 are what I consider Web content management "game changers".  A number of the applications on this list are CMS that I've personally worked with.  Other applications on the lists are supported by a community of developers, project leaders, or users just have the right stuff to make their CMS successful and get noticed.

Konductor is now accepting 500 submissions to join the pre-release of their new content management system. It includes Dreamweaver integration for use during the design process, and an AIR based user application for the actual content management. You can find more information below:

• http://www.konductor.net/blog/
• http://www.youtube.com/watch?v=Ej2obn24mdE

You can learn more about the Konductor pre-release from this post on their blog.

Curently as a release candidate, dotCMS 1.6.5 is shaping up to be feature packed.  While you may want to wait for the official release, there is no reason to wait on finding out what's new with dotCMS.

The new 1.6.5 version includes almost 200 improvements and fixes.  Highlights include:

• Widgets
• Major Performance Improvements
  • Now uses enterprise ready JBoss Cache.
  • Velocity Files cached in memory across cluster for speedier parsing.
• Simplified Configuration, Maintenance, Installation and Upgrades
• webDAV file access
• User Interface Improvements / Simplified Inline Editing
  • Less user confusion:  new user interface cleanly distinguishes content from widgets/dynamic pulls.
• PDF export
• Web Form Improvements
  • Online webform builder allows end users to create forms without knowledge of HTML.
• Other Improvements:
  • Google Maps Macro.
  • TinyMCE WYSIWYG upgraded to 3.1.
• Over 120 bugs squashed.

Redmond Developer: "Alfresco Software Inc. is taking direct aim at Microsoft SharePoint with the release of the Alfresco Labs 3 open source enterprise content management (ECM) system. The new version adds support for Microsoft Office SharePoint protocols, allowing Alfresco to serve as a fully compatible SharePoint repository.

Any organization using Microsoft Office can directly leverage the native Alfresco repository in the same way SharePoint repositories are used today, the company says. Alfresco President and CEO John Powell says organizations now have a choice of document repositories, even if they want to use SharePoint Server as a front-end."

Complete Story

Tim Wilson, the site editor for Dark Reading, recently posted an article about recent at the AARP.org website.  In the colorfully titled article, "Porn Operators Hijack Pages on AARP Website", Wilson interviews Jeremy Yoder of MX Logic about why AARP.org's site was vulnerable.  In brief, the explanation given is that the site deployed a number of Web 2.0 features including user profile submissions which the site didn't properly filter out JavaScript redirected code.  Yoder than explains that the site's security or lack of security was due to it using a custom or in-house built content management system.

The AARP site is particularly susceptible to this sort of multi-pronged attack because it appears to be driven by a home-grown content management system, Yoder says. "It appears to be a custom system that's missing some baseline-level security capabilities. This site is accepting JavaScript code submissions, which are something that most off-the-shelf content management systems would have no trouble blocking."

AARP may have fallen into the trap that snares many sites when they seek to add Web 2.0-type capabilities, Yoder explains. "They choose their content management system based on its features, without giving much thought to its security capabilities," he says. "That can be a big mistake, especially if you are a site with a lot of visibility that might make a good target, like AARP."

Organizations that seek to build collaborative capabilities into their Websites should consider using systems that have been vetted by others, rather than a custom system, Yoder advises. "An open source solution has the benefit of a community behind it," he says. "WordPress has absorbed a lot of attacks, but now it's a lot stronger because of it."

This article brings back a lot of memories on past discussions we have had here at CMS Report.  A couple years ago, I posted an article that focued on a SitePoint article titled, I Have Never Met a Boxed CMS I Like.  The SitePoint article argued that a custom CMS would be a better option due to the fact that boxed CMS, whether open source or propriety, are too generic to be of value.  I argued that boxed systems cost less in both money and time, yet offered you more features than a custom CMS could provide.  After my post, a number of people commented for and against boxed systems.  Ironically, no one really talked about whether custom or in-house CMS were less or more secure than boxed systems.

In the world of IT, two years can make quite a difference.  It was not long ago that most Web applications would promote their security as an added feature to their product.  However, I think as time has moved on we realize that a secure site is not a feature of a CMS, but a basic requirement of the application.  In this respect, I can't help but think Yoder is correct that boxed CMS, whether open source or I'll argue a well-supported propriety package, is likely to be more secure than a custom CMS.  I think Sepeck's comment still holds true to why an "out of the box" CMS is the way to go.

If you want to 'write your own' then you are going to want to be locking your customer into you as a solution. I have met more developers convinced that they knew more then 'those other guys' about 'everything important' that end up leaving the customer with a virtually unsupportable system or so completely reliant on them, that when they leave, the customer has to spend as much or more on fixing or upgrading their sites later.

The 'out of the box' systems exist to fill a need because no one person (or small team for that matter) can be an expert on everything (web, rss, mail, design, information architecture). No one person should be able to lock a customer into them as a solution. That doesn't build a healthy eco-system for their customers or themselves.

The more eyes you have on the code behind the CMS, the more likely there is for someone to catch a potential security vulnerability.  When someone does find a way to hack into your system, the more hands you have working on the code the quicker the issue will likely be resolved to provide a security patch.  It isn't always true that boxed systems are more secure than a custom in-house CMS, but I'll argue that the odds are in the favor of the boxed CMS.