I am receiving a HUGE amount of traffic to my site from people searching google for the com_migrator component that allows (kind of) the migration of content from Joomla 1.0.x sites to Joomla 1.5.0.  We feature high in google results for these queries because we blogged about “what you need to know about Joomla 1.5″ a while ago and the migrator component was mentioned there.

However, the new wiki page on docs.joomla.org has all the details, and the download links, so (after you buy some of our components ) pop on over to:

http://docs.joomla.org/Migrating_from_1.0.x_to_1.5_Stable

Following on from my blog post about security issues in Joomla 1.0.13 (and the forum thread) we are pleased to see/announce that Joomla 1.0.14 RC1 has been released by the Joomla Core Team.

Joomla 1.0.14 *is* stable as far as our professional opinion - stable to us means secure! While you may encounter some issues, those will only be minor compared to the greatly increased security your site will have by running Joomla 1.0.14RC1 instead of Joomla 1.0.13

If you are running Joomla 1.0.13 then we urge you to upgrade immediately to Joomla 1.0.14RC1

Remember that Joomla 1.0.14 is built on the stability of Joomla 1.0.13 and has only bug fixes and security changes to it - nothing new has been added. While we accept that a lot of files have been changed, we would rather our customers encounter smaller issues (maybe like session issues) than have their websites hacked/compromised. Joomla 1.0.14 RC1has been released to address specific security issues. Buried in a forum we find a commitment to other bug fixes in Joomla 1.0.15:

Please note that the main aim of this release is to address known security issues.
We will be trying to devote additional resources for a 1.0.15 to fix other bugs
and general annoyances over the next few months.  Don't have any timing on that -
it just depends on how it fits into everything else that's going on.

Upgrading from Joomla 1.0.14 RC1 to Joomla 1.0.14 will be a simple file replace just like the upgrade from Joomla 1.0.13 to Joomla 1.0.14

The announcement was:

 The Joomla! Project today announced the immediate release of
Joomla! 1.0.14 RC1 [Daybreak], the first and hopefully singular
release candidate for the 1.0.14 release cycle.  Several security
issues have been discovered and addressed for this release.
While the required changes are not significant, the number of
impacted files are significant and we need your help.
Before this release is declared stable we need to ensure that
it works as well for you as it does for us.

Official Announcement, Download Links and Upgrade Instructions

This weekend a silent release has been made of Joomla 1.0.13 by the core Joomla team. This release has several security fixes, a regression of the Itemid handling and a MAJOR change in the way passwords are stored in the database (more about this below)

On the same day the core team announced Joomla 1.5 RC1 in a blaze of publicity, Joomla 1.0.13 received no announcement of its own, no fanfare and no blog post.

The Joomla Team have come under quite a lot of critisim from within its own Q&T Testing Team regarding the timing of the release of Joomla 1.0.13, one Quality and Testing team member is quoted as saying that vulnerabilities may still exist in Joomla 1.0.13!!!

Due to recent popular demand we are publishing details about a service that we have been providing for some time now for existing customers, but now we are opening it up to all sites.

We offer a private and confidential service to customers that will reveal all known security vulnerabilities with your server and Joomla/Joomla Components.

For that we use professional industry standard software to scan your Joomla website for any unknown and known flaws - this tests the web pages.

We then use ScanAlert (A very expensive system) to do a one-time indepth scan of the server, domain and much more - this gives us a huge report - more details on scanalert can be found at scanalert.com, lastly we do a manual audit of your website, this means we manually review your websites PHP files, 3pd party components/modules/mambots, and also compare versions of these against known issues (Plus we use our full experience with Joomla to provide an indepth service)

If you have full root access to your server we can further secure the server against know attacks - an additional fee is payable for this service as different skill sets are required and can be more time consuming. Depending on the results of the audit this may be a recommended step - however the costs of this are not included in the audit fee.

We will provide you with a list of issues that we find, what you do with that information then is up to you - if you are on shared hosting there may be little you can do (apart from the obvious Joomla and Joomla Component audit recommendations). If you have a dedicated server we can secure your server and Joomla installations to meet the very strict PCI Certification scheme run by MasterCard and Visa card providers. We can work with you to fully secure your dedicated server and even provide monthly audits or monitoring if you wish.

To find out more, commission an audit or to talk to us further about this service please visit http://www.joomla-expert.com, call us in the UK on 0800 358 5499 or email us

Following the fantastic response to our Drop Everything support service we are pleased to announce a new Blue Flame Website dedicated to Joomla Support.

The Joomla! Experts is a site where you read about our Joomla Support services, including fixing hacked Joomla sites and you can commission us to work on your site.

The fees are clearly laid out and very affordable to most businesses and personal Joomla users alike. Do not be fooled by other instant Joomla support websites - we were the first company to provide such a service and we now have 3 full time Custom Joomla Developers dedicated to your success! - remember this is not a hobby for us, but our full time vocation.

The Joomla Experts website will undergo further development in the next few weeks, we hope to bring you a dedicated portal for commercial Joomla Support and consultancy. Watch this space for new features as we bring them online…

Judging by the latest logs from the SVN repository, Joomla 1.5 will include MooTools in its 1.5 release… Joomla 1.5, revision 6400 (a milestone in the making) has the following log entry: “JavaScript conversion to Mootools WIP”. (WIP = Work In Progress). Changed files in this revision includes lots of Joomla JS files, the khepri template, the contact component and the administrators media manager, so I think it is safe to say that MooTools will be a significant part of Joomla in the near future.

Torkil Johnsen » Joomla 1.5 to include MooTools

UPDATE: It seems my post has attracted the attention of Amy

Here is a note to explain best I can that the inclusion of mootools DOESNT (yet) mean Joomla 1.5 has AJAX support.

[quote from here] Mootools is about more than ajax, ajax in mootools is only a very small part of the library, in fact its the most least used part of mootools for a lot of people.

As an example of how (currently) moo is used, for the Pane Sliders in Joomla 1.5 the moo tools for Pack and Slide are used to produce the new sliders that are used for params tables etc…

Moo is about easy javascript, about being able to have nice slide in/out effects, about referencing DOM objects easily and manipulating them.

At the time of writing, the J1.5 SVN doesnt even have the mootools AJAX plugin JS. All it has is moo.fx.pack.js and moo.fx.slide.js so using moo for ajax (at the time of writing) is impossible anyway

I believe you are confused about mootools and ajax and about exactly what including mootools really brings to Joomla 1.5 - it is certainly NOT included by the core devs to provide ajax functionality and is certainly not a change in direction from the official line - yet !

If not then you are at risk from hackers! Make sure that you take time
out TODAY to upgrade your Joomla website to the latest version.

If you would like us to upgrade your website for you (For a small fee)
then please visit

http://www.phil-taylor.com/FixMySite/

It has been reported to us twice over Christmas that a certain backup and restore component for Joomla is “cloning” Joomla databases without reinstating all the properties of the databases’ primary keys correctly.

You will know when you have this problem as you will not be able to add any NEW content to your Joomla site and you may get error messages about duplicate primary keys.

If you take a look at your jos_content table, check the ID field and see if auto_increment is a property of the field - if not then you have lost all your auto_increments.

I have compiled a short list of SQL commands to reinstate the correct primary keys and properties based on joomla.sql, the default joomla installation SQL. This will NOT fix 3rd party components tables which must be done manually.

The following SQL Commands are applicable to Joomla 1.0.x only. Read the rest of this entry »

Joomla! 1.0.12 is available as of Monday the 25th of December 2006 1:00 UTC for Download here.

We suggest that all Joomla! users upgrade to this version.
If you need help and assistance in upgrading then we can help - Click here to read about our quick upgrade service
Joomla! 1.0.12 features:

• 140+ General Bug Fixes
• Several low level security fixes
• A full security audit of SQL queries
• SSL switchover support

Although this release contains several security fixes, as they are of a low level nature, this release is still being characterized as a Stability Release.  If you are running a version of Joomla! older than 1.0.11, you should upgrade immediately to at least Joomla! 1.0.11 as that release addressed several important security issues.  If you are using Joomla! 1.0.11, we recommend that you upgrade to 1.0.12 as it addresses several long standing bugs and several low level security issues.

Read the rest of this entry »

I was amazed when I logged into my Joomla site to find the warning that my Joomla version was exactly 100 days old today

Come on Joomla Devs - release Joomla 1.0.12, I know you are working hard on Joomla 1.0.12 (I see the tracker has been closed to new bugs, and core developers are crying out for bugs to be assigned them) and 1.5 but 100 days is a long time between security releases.

And any news on a feature freeze for Joomla 1.5? I see that function/method calls are still being changed daily by some core developers meaning Joomla 1.5 is still not a stable platform for the 3rd party developers! We (developers) are still having to change our extensions to call renamed methods.  Really is there any difference in calling a function initisalise instead of init ?? initisalise could be confused by some as initisalize ?

I, as many developers, cannot wait for Joomla 1.5 to stand still long enough for a beta or even a stable release — but I, as well as other developers, do not believe a stable version of Joomla 1.5 is very close.