Chris Wilson over at Slate claims that the new Whitehouse.gov move to the Drupal content management system is the "triumph of hope over experience," basically slamming Drupal as not up to the task for a variety of, well, silly, ignorant reasons. He points to a migration of Recovery.org to Sharepoint as evidence.

At Freelock, Drupal has become our main platform for developing sites. And we've built some pretty cool ones, we know it quite well. But we didn't start out as Drupal fan-boys--before using Drupal, we'd worked with Joomla, Word Press, MediaWiki, PostNuke, lots of custom-built code, and even a bit of Sharepoint, among others. We've ended up doing 80% of our current work in Drupal simply because of its technical strengths, and how well it fits into our process. It's strong as a content management system, but its real strength is its flexibility. We can scale it down to the simplest sites and up to the most sophisticated. We can finely deploy just what the client needs, and turn off what they don't. It has matured to the point that some of its earlier growing pains are much less of an issue than they were even a short 3 years ago. There's still plenty of room for improvement, but it stacks up well against just about any other content management system or framework out there.

Drupal certainly has its weaknesses. The problem with Wilson's article is that he points to things that are either no issue whatsoever, no longer an issue, or not an issue if you know how to set it up.

To set the record straight, basically everything he writes in this article is, if not wrong, misleading. He starts out with:

If the administration had conducted a few polls among the swing demographic of Web site administrators, it would have realized that Drupal is pocked with political landmines. To wit: Drupal represents everything the Obama team does not want to project. Allow me to elaborate.

I'm sure Wilson is trying to be humorous, but... he could at least be funny! The rest of the article just brings up points I can clearly refute. So... let's go!

Drupal knows best. It's not that Drupal thinks you're evil. It just thinks you're ignorant. In a basic setup, the software is suspicious of everything you try to do. Should you, say, go completely rogue and try to add some Javascript in the body of a page—a 14-year-old technology that controls interactive components like buttons—the platform will have none of it. The message: "That's dangerous stuff, and you probably don't know what you're doing."

Ok. First of all, yes, Javascript is a mature technology--it's been around a while. Yes, it controls interactive components. It also can be used maliciously, to do things like attack banking web sites, sniff out credentials, put fake buttons and forms on the page to try to trick you into entering data, and much, much more. Out of the box, Drupal assumes you're going to have people editing content on the site. And it also assumes that some of them might be, if not malicious, at least possible to trick into loading something malicious. How many people do you know have had their computers infected by a virus? Do you realy want that virus to be able to have another way to spread?

Yes, this is a feature designed to control users. But it puts the site administrator in charge of this. The site administrator can, with a couple clicks, disable the filtering and put Javascript into any page she wants. It basically allows administrators to prevent malicious code from appearing on their site, while granting more ability to their users to contribute content. The very essence of social media sites.

Better to outlaw something altogether, Drupal figures, than simply ask you if you really want to use it. If Drupal ran the Food and Drug Administration, it would ban high-fructose corn syrup. This is just the sort of straitjacketed paternalism that half the country is convinced the Democrats are hell-bent on imposing on us all.

Um, no. It does not ban Javascript, or high-fructose corn syrup for that matter. It just gives you some controls that make it easy for you to keep vandals out of your site. And it turns them on by default. Quite a sensible thing to do, if you ask me! So, Mr. Wilson, what's next?

Drupal is impenetrable. Even the software's defenders admit that it is hostile to newcomers—or at least indifferent to their plight, as a University of Baltimore study found. The apologists will tell you that, once you scale the learning curve, it gets much easier. This is probably true, but a lot of ordinary, code-fearing people who just want a simple Web site are getting left behind. If Drupal were an employee of the federal government, it would be the person who answers the phone at Immigration and Customs Enforcement who is unable to help you and unable to tell you who can. If you suspect government is the problem, not the solution, this sort of bureaucratic sprawl is your worst enemy.

Let me get this straight: a study conducted by people working with and on Drupal, to actually test how new users find the site indicates it's indifferent to their plight? That's like saying a publication that asks its readers for feedback about its recent stories doesn't care what its readers think! The whole point of a usability study is to find out where people struggle, and identify ways of making the software better. Both links Wilson provides are to usability studies published on Drupal sites.

But to speak more to the point: yes, Drupal is challenging to install for the new user. But we're talking about a site that's .... already installed. That's why you hire a professional. It's like saying a particular design of a house is hard to build. Maybe for you it is, but not for the professionals who do it every day. Drupal comes equipped with some very powerful tools that have a bit of a learning curve to figure out how to use. It's hard because it... wait for it... doesn't make a lot of choices for you, but rather leaves it up to you to decide how to structure the site. Drupal gives you tons of choices, and lets you decide what to turn on. It doesn't hold your hand through the process. And regarding the employee wisecrack, the opposite is closer to the case--Drupal is the accommodating person who always answers "Yes, we can... do that." Whatever that is, you can add it. Need a structured workflow? Add a module. Need e-commerce? Ubercart's a download away. Need to put a story on a Google Map? Yes, we can do that.

Drupal hates change. Want to modernize Drupal by upgrading to a newer version? Ask these guys how that worked out for them. If Drupal were a piece of legislation, it would be the farm bill: desperately in need of an overhaul but unlikely ever to get one because entrenched interests keep the forces of reform at bay.

And what alternative handles updating any better?

Managing updates to server programs, especially when there's a mix of updates to both files and the structure of the database, is always a challenging proposition. While Drupal used to be a nightmare to upgrade, it has greatly matured in the past year. Drupal itself is far better at updating than Joomla, which until recently didn't provide any defined way of upgrading a contributed add-on at all! Drupal provides a structure for all the add-ons to specify how to update themselves. A lot of effort has gone into making sure the modules everybody uses will be available and upgrade cleanly when Drupal 7 is released.

When you have thousands of contributed modules available from a wide range of developers with little oversight, there are definitely corner cases where upgrading is problematic. And you will find upgrade quirks, things that break here and there, with any upgrade of any software out there--it's the nature of software. But Drupal does a great job of providing tools to make upgrading a snap. We regularly update dozens of Drupal installations in an afternoon--most of the time spent testing to ferret out anything that breaks.

Drupal is disorganized. Instead of displaying your pages in folders that you can browse, like you do on your personal computer, Drupal provides a nightmarish content list. To find what you're looking for, you have to search for it. And unlike most content management systems, Drupal doesn't have a convenient way to prevent two people from accidentally editing the same page at the same time. This is exactly the kind of rudderless confusion that small-government types have always said defines the federal government.

Yes Drupal provides a somewhat lame content list. No, Drupal does not organize your pages for you. But again it gives you plenty of tools to organize the content however you want, and lots of alternatives to the content list. You can put your content into a category tree much like folders on your computer. Or you can apply tags to group content. Or you can create different kinds of content to handle in different ways. Instead of giving you a pre-defined structure for your content, it lets you define multiple structures, and what kinds of contents use each structure. You can have events organized by date, and also by location. You can organize lodging by price, distance from your current location, any particular set of amenities, and the type of lodging. You can create topic pages that group together products, reviews about a product, articles that feature the product, and a slideshow of pictures of the product in use--complete with a button to add it to a shopping cart. You're not stuck with just one lame way of doing it.

As for preventing two people from editing the same page, that's flat out wrong, too. Drupal out of the box will prevent you from overwriting the changes of somebody else. Several people can open a page for editing, and the first one that hits "Save" wins--everybody else will get a message that the page has changed when they go to save. That's a result of practical experience--because the alternative, checking out the content so that nobody else can even edit it, inevitably ends up with people forgetting to check it back in. If you go with a checkout approach like many other content management systems, you'll find lots of people who managed to leave a page without checking it back in, so nobody else can make a change. But if you want that behavior in Drupal, Yes You Can have it, too, by installing the "checkout" module.

Drupal is righteous. The open-source movement has done wonderful things for the Web. But at its core, it remains a religion. If you went to DrupalCon in Paris last month, then you would have almost certainly come across proselytizers of one the movement's fundamental tenets: Drupal doesn't break Web sites. People with Drupal break Web sites. Most problems with Drupal stem from people who "don't get it" or aren't using it correctly. This is probably true, but it's not much consolation when you spend 45 minutes trying to upload a photo.

Now I know Wilson is feeling threatened, to drag out religion in this! But he's mistaking a couple different parts of the movement. "Open Source" is all about the practical aspects of a way of developing software that results in better quality. The Internet is built on open source software--the most popular web servers, email servers, and the software that turns domain names into computer addresses all are built using open source software. If there's anything dogmatic about it, it's that it came out of the more idealistic "Free Software" movement, which is built upon the ideas of free speech, free exchange of ideas, and the American frontier spirit of helping each other out. Ben Franklin would be proud.

Our clients don't spend 45 minutes trying to upload a photo. They click "Create page," and in the page image section, click Browse to find the picture to upload, Upload to upload it. Then they write the content to go with it, and save.

They don't have to even bother resizing the photo, if they don't want to--Drupal will resize, crop, put a fuzzy border around it, add a watermark, and put it in a slideshow with no further effort. And repeat the same steps for all the photos they add to the site.

So I have to just clarify something here: there's a huge difference between developers/administrators who are trying to set up a Drupal site, and users who are logging into a Drupal site to manage their content (or whatever the site is built to do). Drupal can be set up so users find it simple to manage their site. If you can figure out how to do things in Facebook, you can figure out how to do things in a well-configured, set up Drupal site. But just because you can use Facebook effectively, doesn't mean you would have any idea how to set Facebook up.

If your goal is to create a simple web site, you don't want it to do anything particularly fancy, you'll never build another site again, and you don't want to pay anybody to put it together for you, Drupal is not for you. But if you want to do something beyond what Wordpress can handle, have something more maintainable than Joomla, and have some good Drupal help available, it should be on your short list. And if you need good Drupal help, we're available!

John,

Great post and well articulated defense of both Drupal and open source.

We do a lot of work with Joomla but I must say I am getting quite excited about an upcoming project that we plan to use Drupal for.

It's cool to read such a glowing report from someone who has also worked with Joomla and Wordpress.

Thanks

Permalink

Right on, John.

I was waiting for him to mention something about backward masking lurking within Drupal.....

"....and by playing Drupal in reverse one can clearly hear the saying, 'Satan sleeps at my house!'"

What a ridiculous article.

I really hope it was for shock-value or something equivalent.

Is anyone really that thick?

Oh wait, that's right. This is the internet. Silly me.

I'm always looking for something better than I've used before. I've been reading a lot about Drupal lately and it does look good, but when you've got several sites running that work, even if they work in a clunky way, it's the evil you already know. Maybe I'll switch one out, try Drupal and see what happens.

Add new comment

The content of this field is kept private and will not be shown publicly.

Filtered HTML

  • Web page addresses and email addresses turn into links automatically.
  • Allowed HTML tags: <a href hreflang> <em> <strong> <blockquote cite> <cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h1> <h2 id> <h3 id> <h4 id> <h5 id> <p> <br> <img src alt height width>
  • Lines and paragraphs break automatically.
CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.