Advertising sustains the DA. Ads are hidden for members. Join today
Drupal 7
- Understanding Drupal 7
- Drupal 7 system requirements
- Installing Drupal 7
- Updating Drupal 7
- Administering Drupal 7 site
- Contributed modules for Drupal 7
- Theming Drupal 7
- Extending Drupal 7
- Multilingual guide for Drupal 7
- Multisite Drupal
- Version numbering scheme for Drupal 7 core and contributed modules
- Upgrade to Drupal 7
- Setting up cron for Drupal 7
- Configuring clean URLs in Drupal 7
- Migrating to Drupal
- Security in Drupal 7
- Backing up and migrating a Drupal 7 site
- Managing Drupal 7 site performance and scalability
- Managing users in Drupal 7
- Monitoring a Drupal 7 site
- Drupal 7 nodes, content types, and fields
- Organizing content with taxonomy in Drupal 7
- Drupal 7 site building best practices
- Accessibility tools and best practices for Drupal 7
- Drupal 7 SQL guidelines
- Mobile guide for Drupal 7
- Working with menus in Drupal 7
- Creating custom modules in Drupal 7
- Drupal 7 contributed themes
- Converting Drupal 6 modules to Drupal 7
- Creating Drupal 7 distributions
- Drupal 7 distributions
- Drupal 7 APIs
- Drupal 7 core
- Site building and development HowTos for Drupal 7
- Testing
Security in Drupal 7
Drupal 7 will no longer be supported after January 5, 2025. Learn more and find resources for Drupal 7 sites
Securing your site
Writing secure code
Writing secure code in Drupal 7.
- Overview
- Avoid using data from $form_state['input']
- Create forms in a safe way to avoid cross-site request forgeries (CSRF)
- Database access
- Do not use /e in preg_replace() - use preg_replace_callback() instead
- File uploads, downloads and management
- Directories
- Handle text in a secure fashion
- Handling Private/Personally Identifiable Information
- Session IDs
- Use of hash functions
- Using PHP with eval() or drupal_eval()
- When to use db_rewrite_sql or ->addTag()
- Use Drupal Unicode functions for strings
- Safely Impersonating Another User