Fork me on GitHub
DNN Apps - Demo-Zone
Discover DNN-Apps - simple and elegant, easy to customize
You are here: Home  >  Apps  >  RSS Feed

RSS Feed App for DNN

The following App helps you consume and present an RSS feed. The output can easily be adapted by creating another View in the App and modifying it to your needs. For the following demo I've used the DNN Community-Blog Feed, and the DNN-Connect Feed but it should work with just about anything. The Community Blog Feed doesn't have pictures though, the DNN-Connect does.

Here's a list of blogs and downloads / demos

  1. Initial blog - using the built in DNN Razor Host: on DNNSoftware - on DNN-Connect - demo - download
  2. First blog moving it into the 2sxc Razor Host: on DNNSoftware - on DNN-Connect - demo - download
  3. Third blog - demo - download
  4. Fourth blog about DNN-Search - demo - download
  5. Fifth blog about various views - demo - download
  6. Sixth blog about multi-language - demo - download
2/18/2017 DNN 9.0.2 Security Bulletin Released more →

2/18/2017 12:49:00 AM

The DNN and Evoq release 9.0.2 contains one critical security fix: ·         2017-05 (Critical) Revealing of Profile Properties   Full details of all the above issues can be read at http://www.dnnsoftware.com/platform/manage/security-center As always we recommend you upgrade as soon as possible, particularly when the release contains any “critical” fix. Also, we recommend users check the Security Analyzer page in the PersonaBar to help them audit their sites’ security settings. Acknowledgements We would like to thank the following for responsibly disclosing issues to our security team, and allowing us the time to resolve them: -- Sebastian Leupold -- Christopher Hammond

more

2/17/2017 DNN Prompt: Making DNN Admins Power Admins via the Command Line more →

2/17/2017 3:11:00 PM

At DNN Summit I learned of a new tool created by Kelly Ford called “Prompt”. I first saw it in a session that Peter Donker gave and it immediately caught my attention. Since then I’ve learned more about it and want to share some initial thoughts on it.

more

2/17/2017 9.0.2 Release and Security Patch more →

2/17/2017 2:10:00 AM

Today we are releasing the 9.0.2 version of both DNN Platform and Evoq. This release addresses an important security issue that reveals user’s details. Along with the 9.0.2 release, we are also providing a security patch to help fix this problem in older versions of DNN and Evoq. What’s the vulnerability? It was brought to our attention that one can potentially uncover the following user’s details on a typical DNN or Evoq install: 1. Email Address 2. Display Name 3. User Name Can additional profile properties be uncovered? Only when you are using Custom “Registration Form Type” as opposed to the Standard type. In this case, only the profile properties defined in “Registration Fields” can be uncovered. Can you elaborate a bit more about this custom mode? A typical DNN or Evoq contains close to 20 profile properties, such as first name, last name, city, region, country, phone number, etc. In theory, one can configure the registration form to have any or all of these fields. However, most sites only have a handful of registration fields in order to simplify the process for users. This vulnerability will allow anyone to uncover most of the registration properties present in the form. Using the standard configuration, only the three items noted earlier are discoverable. Can date of birth be uncovered? Date of birth is not defined as a profile property in general, with exception of Evoq Engage, where it’s present as a profile property. Since the date of birth was defined as “Date” type, it cannot be uncovered. What about the Password? Passwords cannot be uncovered. What about Street Address? It depends on whether you have been using custom registration mode and that you have those properties (street, city, region, country, etc.) present in the registration form.  What’s the minimum data that can be uncovered? The Email address. The custom mode requires a minimum profile property of Email to be present for registration.  Can a Super User be created with this vulnerability? No. It is not possible to make any changes to a site with this vulnerability. Only limited profile properties outlined above can be displayed. Is this vulnerability present in 3rd party modules? Our testing indicated that it was present in at least one 3rd party registration module. We have notified the vendor and are awaiting them to do a new release. We cannot reveal the name of the module here. If you are using a 3rd party registration module, then we strongly suggest that you contact the vendor and inquire about this vulnerability. I am a vendor of such a module, what should I do? Contact DNN Corp’s security team to obtain more details about the vulnerability so you can provide an updated module. The security team can be reached by email: security@dnnsoftware.com I have created a custom module, WHAT SHOULD I DO? Contact DNN Corp’s security team to obtain more details about the vulnerability so you can provide an updated module. The security team can be reached by email: security@dnnsoftware.com Which versions are affected by this? Per our testing, this vulnerability is present in 6.2 and above. Does it affect both DNN Platform and Evoq? Yes, it affects both. What’s the risk if I don’t patch or upgrade? An unauthorized use can obtain profile properties such as Display Name, User Name, Email Addresses, etc. of ALL your users, including Super Users. It is important that you apply the patch or upgrade to the latest versions. Should I upgrade to 9.0.2 and ALSO apply the patch? No. Only one is sufficient. The patch is not required once you have upgraded to 9.0.2 or above. The latest release at the time of writing is 9.0.2. Our recommendation is to always upgrade to the latest version.  What does the patch do? The patch updates the registration system to correct the vulnerability. It also creates a test page under Host to verify whether that you are patched. WHAT versions are supported by the patch? DNN and Evoq version 6.2 till 9.0.1. Does the patch fix 3rd party modules? No. If you are using 3rd party registration module, you should contact the vendor. Will the vulnerability in 3rd party module automatically be fixed after upgrade to 9.0.2? Our testing indicates that the 3rd party modules should get automatically resolved. However, you should contact the vendor just to make sure.  9.0.2 certainly fixes the problem when no 3rd party registration module is being used. How can I access this host page in 9.0.0 and 9.0.1? Login as a Super User (not Admin), click “DNN Security Hot Fix 1” link under Manage menu in the Persona Bar. I don’t understand what I am seeing under this new Host page, can you explain? As noted earlier, the patch creates a page under Host menu. Depending on your site’s configuration, there can be three possible outcomes: 1. You are patched. This is to indicate that we feel your site is patched. However, if you use a 3rd party registration module on your site, then we are not in a position to say for sure. If you are not using a 3rd party registration module, then we are pretty confident that you are patched. 2. You may not be patched. The moment we detect that you have a custom registration page defined and that the page contains a non-standard DNN’s registration module, we flag that as “may not be patched”. We also list the sites where we find use of non-standard registration module. In this case, you should contact your module vendor. 3. You may not be patched. There is another situation where you might not be using a custom registration page, but a 3rd party module might have modified the default entry in the ModuleControls table for “Register” record. We flag this as “may not be patched” as well, and you should contact the vendor as well. ​ Can I uninstall this patch after the fact? You may. However, the fix applied still remains in affect.  What happens if my site breaks after application of this patch? We suggest that you apply this patch in a test environment, run some tests and then apply in production. If your site still breaks, then we recommend that you post a comment here. Also, remember to take a backup of your production site before applying the patch.  Can this patch be overwritten if I upgrade DNN or Evoq at a later day? As long as you upgrade to DNN or Evoq 9.0.2 and above, you will remain protected. However, if you upgrade to an older version (e.g. 8.5), the patch will be overwritten. We recommend you visit the above host page again to reapply the patch automatically. In any case, you still run the risk if you are using a 3rd party registration module. You should contact the vendor and confirm. I am an Evoq customer, how can I get more details Evoq customers can contact DNN Support by either emailing dnnsupport@dnnsoftware.com or opening a ticket here: http://www.dnnsoftware.com/services/customer-support/success-network/tickets I am a DNN Community user, how can I get more details There are a few ways to interact further: 1. Use comments in this blog 2. Ask a question in the forums: http://www.dnnsoftware.com/forums What if I have further security related questions You are more than welcome to reach out to DNN’s Security team by sending an email to security@dnnsoftware.com   HOW DO I APPLY PATCH? Patch is a standard DNN module, that can be installed as any other DNN extension. You must be a Super User to do that though. WHERE CAN I DOWNLOAD 9.0.2 FROM? You can download Install and Upgrade package of DNN Platform 9.0.2 from GitHub Repository. Evoq customers can download from here.  WHERE CAN I DOWNLOAD Patch from? You can download the "DNN Security Hot Fix 1"  from GitHub Repository. Here is the direct link:  https://github.com/dnnsoftware/Dnn.Platform/releases/download/v9.0.2/DNNSecurityFix1_01.00.00_Install.zip

more

2/15/2017 New Video - Setting up your DNN9 Site more →

2/15/2017 5:24:00 PM

Over the past couple of weeks I've jumped back into recording some DNN tutorials and have been posting them on YouTube. I'll be working on building out many many more videos over the next few months, but one I cranked out last night is near and dear to me. When I visit a website on the public internet, and I can easily tell it is DNN, a number of things tend to annoy me. Primarily things that every web site manager should know and change when using DNN.

more

DNN Connect Feed

DNN Prompt: Making DNN Admins Power Admins via the Command Line

DNN Prompt: Making DNN Admins Power Admins via the Command Line

2/17/2017 3:21:00 PM

At DNN Summit I learned of a new tool created by Kelly Ford called “Prompt”. I first saw it in a session that Peter Donker gave and it immediately caught my attention. Since then I’ve learned more about it and want to share some initial thoughts on it.

more →

Playing with DNN and ADFS

Playing with DNN and ADFS

2/6/2017 12:40:00 PM

The goal of this paper is to provide you with an overview of what ADFS is and how it can be integrated with your DNN website.

more →

DNN module development with Angular

DNN module development with Angular

12/16/2016 8:39:45 AM

I finally finished my long promised blog series about writing DNN modules with Angular 1.x. This blog series should set you in the position to start DNN module development with Angular even if you haven't done a module for DNN yet! 

more →

Welcome to the FREE DnnMinimalist!

Welcome to the FREE DnnMinimalist!

11/16/2016 4:14:00 PM

To add to the 2 other free themes for the Dnn CMS (DnnBootster and DnnMDesign), welcome to the FREE, Open Source DnnMinimalist Theme.

more →

2sic Geeks Blog

Migration einer SharePoint Website auf eine andere Websitevorlage

Migration einer SharePoint Website auf eine andere Websitevorlage

5/31/2016 1:13:01 PM

Im Microsoft SharePoint ist es grundsätzlich nicht möglich, bei einer bestehenden Website die Website-Vorlage auszutauschen. Der einzige Weg dies zu erreichen, ist eine neue Website mit der gewünschten Vorlage zu erstellen und den gewünschten Inhalt irgendwie übernommen. In diesem Beitrag zeige ich, welche Möglichkeiten es gibt und wie dieser Schritt mit zwei PowerShell-Scripts sehr einfach […] more →
SEO für JavaScript-Applikationen mit AngularJS

SEO für JavaScript-Applikationen mit AngularJS

10/19/2015 8:14:03 AM

Bisher haben wir unsere Applikation immer so gebaut, dass ein Crawler den wichtigen Inhalt auch im Quelltext vorfindet. Das führt insbesondere bei modernen Webseiten (z.B. durch die Nutzung von AJAX und dynamischem Austausch von Inhalten) zu Mehraufwand, weil sichergestellt werden muss, dass neben dem Client auch der Server das HTML rendern können muss. Es gibt […] more →
Ansicht-Filter in SharePoint 2013 Task-Listen funktionieren nicht mehr nach SharePoint-Updates vom März 2015

Ansicht-Filter in SharePoint 2013 Task-Listen funktionieren nicht mehr nach SharePoint-Updates vom März 2015

4/13/2015 9:09:46 AM

Die Microsoft/SharePoint Updates vom März 2015 verursachen, dass in Aufgabenlisten in sämtlichen Ansichten die Filter nicht mehr angewendet werden. Der Fehler tritt in Standard- und Benutzerdefinierten Ansichten/Views auf, egal nach welchem Feld gefiltert wird. Betroffen sind SharePoint Foundation 2013 und SharePoint Server 2013. Das Problem tritt auf, nachdem das letzte Windows Update KB 2956175 vom […] more →
Responsive und Retina Bilder mit DotNetNuke

Responsive und Retina Bilder mit DotNetNuke

12/9/2014 10:38:04 AM

Wer bereits responsive Webseiten umgesetzt hat, weiss, dass Bilder eine Herausforderung darstellen. Bisher gab es nur das img-Element, bei welchem die Grösse eines Bildes über den src-Tag in Stein gemeisselt ist. Allen Besuchern musste unabhängig von der Auflösung des Gerätes das gleiche Bild übermittelt werden (es sei denn, man hätte das Problem mit JavaScript umgangen). […] more →
Use INCLUDEPICTURE Field-Code in Microsoft Word for cool Letterheads and workaround some issues

Use INCLUDEPICTURE Field-Code in Microsoft Word for cool Letterheads and workaround some issues

8/15/2014 3:55:31 PM

In Microsoft Word you can do very cool stuff using Field Codes (Formulas). For example you could create a condition to show a Picture and with a few of them you’ll have a nice Picture Randomizer for your Document Header and Footer. After you finished such an amazing Field Code you probably want to reuse […] more →
DNN: Allow Non-Admins to do Page Management

DNN: Allow Non-Admins to do Page Management

8/8/2014 8:42:37 AM

In DNN 5.0 the artificial differences between Regular and Admin pages was removed. All Modules showed in the Admin-Menu can now also be placed on any custom page and basically everyone could use them. This article gives you instructions how to allow Non-Admins to access the DNN Page Management and workaround some limitations. Erik Van […] more →
Possible SharePoint Issues after Windows Updates on the Web Server

Possible SharePoint Issues after Windows Updates on the Web Server

8/7/2014 2:46:20 PM

After Windows Updates ran on a Windows Server 2008 R2 with WSS3 SP3 we ran into a few issues caused by the Configuration Cache. This post shows you lessons learned and recommendations in case you have similar issues, especially if the Configuration Wizard crashes the entire SharePoint Farm. Many Errors but no useful details After […] more →
SharePoint 2013 PDF in neuem Fenster öffnen

SharePoint 2013 PDF in neuem Fenster öffnen

7/16/2014 12:13:11 PM

Oft werde ich gefragt, wieso Office-Dateien (Word, Excel, PowerPoint) im jeweiligen Office-Programm öffnen aber PDFs im aktuellen Browser-Fenster/Register öffnen. Leider kann das auch heute noch nicht einfach konfiguriert werden. Je nach Browser und PDF-Reader kann das vielleicht auf dem Client konfiguriert werden, aber spätestens seit Firefox und Chrome mit eigenen PDF-Viewern einen neue Vielfalt möglicher […] more →
2serve . 2invent . 2create is 2be.