Using the Joomla Lightbox

Posted in Joomla!
2009-07-03 03:36:11 +0000 UTC

Displaying content in a lightbox in Joomla is pretty simple. All it takes is a minor template tweak and a few parameters for each affected link.

sh404sef URI XSS Vulnerability

Posted in Joomla!
2009-06-08 22:01:58 +0000 UTC

Not too long ago, while doing some routine pentesting of my site, I came across two vulnerabilities in the Joomla! component sh404sef.

Discordian Date Module

Posted in Joomla!
2009-05-21 03:44:26 +0000 UTC

I am pleased to present ddate for Joomla! Now you too can have the Discordian date displayed on your Joomla! website! This module allows for custom class suffix and custom output format, and mimics the Linux 'ddate' utility as close as possible (without the SubGenius options - sorry Bob).

jcloud Tag Cloud Module

Posted in Joomla!
2009-04-30 04:52:40 +0000 UTC

jcloud is a tiny little tag cloud module I wrote for Joomla! 1.5. Not very many features, but just what I needed - a tag cloud created from keyword metadata.

Custom Component Views in Joomla! 1.5

Posted in Joomla!
2009-04-30 04:12:32 +0000 UTC

Sometimes, the default Joomla! layouts for components just don't fit with the design of the template. Fortunately, Joomla! allows for custom component templates, without the need to hack core files. As an example, let's create a custom template for com_search.

Install Joomla! From SVN

Posted in Joomla!
2009-04-28 20:50:25 +0000 UTC

After downloading, extracting and installing Joomla! dozens of times, I figured there's probably an easier way than what I was doing - create a database in cpanel, log in through ssh, wget the latest package, extract it to the web root, and start installing. While the script isn't yet complete (and won't be mine to publish), here's a handy command line for getting the latest version of Joomla! 1.5 without having to go their site to figure out which version is the latest:

RS Monials

Posted in Joomla!
2009-04-23 00:19:40 +0000 UTC

While setting up a site the other day, I got a chance to poke around with a component called RS Monials. The first thing I did, without hesitation, is submit some quotes. No dice, they were escaped. Next came a <script> tag.

alert( document.cookie );

Always Load Mootools in a Joomla! Template

Posted in Joomla!
2009-04-04 16:32:18 +0000 UTC

When working on a template, sometimes you want to use Mootools to do some nifty effects. For example, here on my site I have Mootools doing some hover animations on the left navigation. This works well on content pages, but some pages don't load Mootools by default, like the search results page. To get Mootools to load no matter what page is showing, add this tag to the <head> section of the template, right after the jdoc header include:

<?php JHTML::_('behavior.mootools'); ?>

This method is preferred over statically adding a <script> tag, because if Mootools is already being added as part of the jdoc header include, it doesn't re-add the tag in your html source.