There were presentations on everything Drupal-related, from module development to theming, to security, usability, or building large, yet scalable enterprise websites with Drupal. Each of the two days opened with a keynote speech that drew an audience over 300 people into the room. Organizer Todd Nienkirk greeted us with the news that the number of attendees made Drupal Camp Austin the second largest Drupal Camp ever; an hour later, a few last-minute registrations pushed us up to #1.
In his "Whole Lotta Drupal" speech, Lullabot CEO Jeff Robbins named prominent websites that use Drupal, from whitehouse.gov and economist.com, to Grammy awards and record label websites. The most amusing part of his presentation were examples of fake Drupal sites -- clones of well-known web applications recreated with Drupal. Examples were Flickr.com clone Flippr.com (though that domain seems to be vacant at the moment), BaseCamp and Twitter clones, and, most notably, Thieveslist.com -- a clone of Craigslist. "You don't know if stuff on Craigslist is stolen, but on ThievesList you can be sure of that," said Jeff Robbins. He had replicated Craigslist look using taxonomy, Drupal's way of organizing your website's content into hierarchies of tags.
In the last 25 minutes of his talk, Jeff Robbins put together a Drupal e-commerce site before the audience's eyes, using a fairly basic Drupal installation, Ubercart module, and a few other modules, such as Image.
Jeff Robbins pauses his keynote speech to pose for my picture. More pictures from Drupal Camp Austin 2010 are in my photo gallery.
Sunday keynote speaker was Ben Finklea, CEO of Drupal SEO company Volacci, who gave advice on building a successful Drupal web development business. He started out by trying to dissuade freelancers from making the transition to a business owner. It starts out with you, freelancer, getting more work than you can handle, and hiring your first employee to help out. Suddenly accounting becomes more complicated, so you need an accountant; then you need to keep more and more projects coming in to make a payroll. Thus the process snowballs out of control, and one day you wake up a business owner. Congratulations -- you are now spending all your time finding customers and cleaning toilets in the office (since obviously you're not going to ask your $100/hour developers do that). As a result, you are doing none of the stuff you initially liked -- building websites.
For those who weren't so easily scared, Finklea had lots of advice: create processes (which he illustrated with New Client Setup process on Volacci intranet site, implemented in Drupal, of course), and find your niche. The niche-finding was the most interesting part of his speech. His Pedigree of Drupal diagram was modeled after the Pedigree of Man, and showed an ecology of niches occupied by Drupal companies of various specializations. For example, some of the companies diversify by "survival of the opposite" principle. Let's say company X offers cheap Drupal hosting, then company Y can set itself apart by offering high-end hosting at a much higher price. The companies in the Pedigree of Drupal tree occupy such niches as commercial support (Acquia), hosting (Neospire), training (Lullabot), online training (drupalize.me), SEO (Volacci), localization (iCanLocalize), and designing enterprise websites for various industries: legal (Duo Legal), publishing (Open Publish), even church websites (Mustard Seed).
Comparison of the most recent Pedigree of Drupal slide with the one Ben Finklea showed at Drupal Camp Austin 2009 demonstrated how much Drupal ecosystem grew in one year. There are maybe twice as many companies in the tree this year.
Ben Finklea's Pedigree of Drupal 2010. Click on the image for a bigger version. More pictures from Drupal Camp Austin 2010 are in my photo gallery.
Ben Finklea ended his talk with an ominous announcement: elephants are coming. Vignette, Accenture, Microsoft -- those companies are now using Drupal. "Get ready to see some very large scale enterprise Drupal implementations. What does it mean for you guys?" he asked small business owners and freelancers in the room. "We're screwed," said a guy in the audience. Ben Finklea awarded him a coupon for a book -- he gave these prizes to people who answered his questions correctly. That didn't mean he agreed that small Drupal web development firms were destined to go under. He wouldn't be surprised if some of those big companies will buy small Drupal shops, especially if those shops are good at something the big company wants to be good at, but doesn't have time to sit down and figure out. Another way this tide may lift the boats of small Drupal developers is that by embracing Drupal, those big companies are also bringing a lot of Drupal jobs.
The camp had many presentations on theming, usability, SEO, integrating Drupal with third party applications, and community building, but with three tracks going on simultaneously, I only attended those talks that were of interest for me as a developer.
<img> src attribute a request to delete all the users of the website. It will be executed when another user with sufficient administrative privileges logs in to the website and views that page. He also led the audience through an exercise of hacking a Drupal website. Many people in the audience were well-versed in security threats, and suggested ways to attack Drupal sites that the presenter had not thought of.
As a way of securing your website, both presenters emphasized the necessity of restricting and validating user input. You should always set the user input format to be Filtered HTML, and only give Full HTML privileges to trusted users. Assume that any text entered by a user is unsafe, and filter out the tags that can possibly contain malicious scripts. To minimize a damage an attacker might do, you should make truly destructive actions difficult to do. For example, don't delete anything important from the database -- it's better if a Delete command actually archives stuff, making later recovery possible.
Among other developer-oriented presentations, Rob Ristroph talked about debugging Drupal sites. He didn't focus so much on Drupal-specific debugging techniques (though he covered watchdog() and xdebug), as on analytical approach to debugging. 80% of debugging is thinking of good tests to isolate the bug. Just as important is to train your users to give you detailed bug reports. A salesperson or other nontechnical person can be extremely valuable to a company in getting informative bug reports from users.
Aaron Forsander. More pictures from Drupal Camp Austin 2010 are in my photo gallery.
Some sessions branched out into non Drupal-centered web development topics. Aaron Forsander presented jQuery in a manner accessible to newbies, with easy-to-understand examples and jazzy slogans, such as: "jQuery provides methods for moving around your web page. It's like a little dollar-shaped sports car. jQuery is like your little dollar sign-shaped portal to your server. Think $targate."
Diana Dupuis. More pictures from Drupal Camp Austin 2010 are in my photo gallery.
There was some debate as to whether a computer science degree is necessary, or even helpful for someone working with Drupal. I was a bit surprised to hear an opinion that a computer science degree might prejudice companies against you, as if you may be too much of an ivory tower intellectual to be happy with humble Drupal work.
These informal sessions gave you chances to ask questions you wouldn't find out from reading Drupal documentation -- the *why*, not *how* parts. For example, I was able to discuss my goals for my Drupal site with Level 10 folks hosting an Open Enterprise bird-of-feather session, and discover that certain Drupal distributions were not suitable for what I was doing. Opportunities to get this kind of invaluable advice were what made this camp so successful.