Besides writing code with security in mind in the first place, it is all about establishing the right security process and acting quickly.
The TWiki community has a well established security alert process, summarised at TWikiSecurity. The security team acted very quickly on the last incident, as documented in the timeline.
Like other web based software, TWiki is safe to use on public sites if site administrators establish the right security process and act quickly on an incident.
TWiki is a "structured Wiki" since its inception. In addition it is a platform to create web applications.
As with any Wiki, you get some structure with Category topics. For example, if you add a CategoryXml to any page that talks about XML, you can click on the CategoryXml link to find all other pages about XML.
TWiki has several other features which enable users to give structure to content. A TWikiForm[1] can be attached to a page. When you edit a page you get additional HTML widgets on the screen, like for example the "Subject" line and the "Post anonymously" checkbox here on/. A set of pages that share the same type of form is one type of structured content, it is analogous to a table in a relational database.
Giving structure to unstructured content is very important in a corporate environment. The more structure you have the easier it is to run reports and find content of interest by browsing and
searching. TWiki has several other innovations supporting structured content:
Name spaces (called TWiki webs)
Parent/child relationship with bread crumbs [2]; done automatically in the background, with the ability to re-parent topics
Use TWiki Templates [3] to create a set of pages that share a common format
Powerful queries can be done with interactive search [4], embedded Search [5] and formatted search [6]
Server side include of other TWiki pages and web pages, selective with patterns if needed [7]. Useful also to create a large composed document with an automatic TOC, such as the TWiki reference manual [8]
RenderListPlugin [9] where the org chart of an organization is defined in one page, and then a subset of the org chart is shown in team home pages, focused around where the team is in the org chart
SpreadSheetPlugin [10] where complex calculations can be done on content pulled dynamically from elsewhere, and visualized with the ChartPlugin [11]
In addition, there are many more features supporting structured content, such as relational databases integration [12], keeping track of action items with global queries and email notifications [13], special Plugin to query forms [14], and more.
These features allow users with moderate skill sets to create web applications with various degrees of complexity.
Slashdot Mirror
The TWiki community has a well established security alert process, summarised at TWikiSecurity. The security team acted very quickly on the last incident, as documented in the timeline.
Like other web based software, TWiki is safe to use on public sites if site administrators establish the right security process and act quickly on an incident.
As with any Wiki, you get some structure with Category topics. For example, if you add a CategoryXml to any page that talks about XML, you can click on the CategoryXml link to find all other pages about XML.
TWiki has several other features which enable users to give structure to content. A TWikiForm[1] can be attached to a page. When you edit a page you get additional HTML widgets on the screen, like for example the "Subject" line and the "Post anonymously" checkbox here on /. A set of pages that share the same type of form is one type of structured content, it is analogous to a table in a relational database.
Giving structure to unstructured content is very important in a corporate environment. The more structure you have the easier it is to run reports and find content of interest by browsing and searching. TWiki has several other innovations supporting structured content:
In addition, there are many more features supporting structured content, such as relational databases integration [12], keeping track of action items with global queries and email notifications [13], special Plugin to query forms [14], and more.
These features allow users with moderate skill sets to create web applications with various degrees of complexity.
[1] http://twiki.org/cgi-bin/view/TWiki/TWikiForms
[2] http://twiki.org/cgi-bin/view/Codev/HowToShowParen tTopics
[3] http://twiki.org/cgi-bin/view/TWiki/TWikiTemplates
[4] http://twiki.org/cgi-bin/view/TWiki/SearchHelp
[5] http://twiki.org/cgi-bin/view/TWiki/TWikiSearch
[6] http://twiki.org/cgi-bin/view/TWiki/FormattedSearc h
[7] http://twiki.org/cgi-bin/view/TWiki/TWikiVariables #VarINCLUDE
[8] http://twiki.org/cgi-bin/view/TWiki/TWikiDocumenta tion
[9] http://twiki.org/cgi-bin/view/Plugins/RenderListPl ugin
[10] http://twiki.org/cgi-bin/view/Plugins/SpreadSheetP lugin
[11] http://twiki.org/cgi-bin/view/Plugins/ChartPlugin
[12] http://twiki.org/cgi-bin/view/Plugins/DatabasePlug