Drupal Sucks

On first read, this is quite hilarious.
On second read, you better go through Drupal and through your post when you’re sober.

The author dismissed Drupal because it does not handle issues ‘out of the box,’ and then list complaints that apply to “serious sites, with custom features.” The thing is, the serious sites don’t need to handle issues out of the box, they can be customized with modules. By very virtue of being serious they should have administrators available to find or write new modules and to deal with the admittedly annoying yet solvable issues regarding overuse of the database and staging server / deployment issues. For example, the issue of logging in the databases (which is very convenient for low bandwidth sites, by the way) can be fixed for high bandwidth site in minutes with the installation of the logtofile module.

Drupal is all about add on modules by design. If you want a one size fits all blog that takes 5 minutes to set up, get word press. If you want to write custom applications quickly and don’t mind being limited to their conventions and limited code universe, use ruby on rails. But if you want to build a web application that strings together many problems that have already been solved by the multitude of Drupal module writers, with the ability to customize the source or add new modules when needed, Drupal is a great platform.

As a contributor to the core Drupal project and the maintainer of the large number of modules, I’m far from unbiased. And I definitely understand Mariya’s frustration on a couple of these points. However, a couple of the issues mentioned demonstrate a relatively shallow understanding of the system. For example:

“Views are stored in the database.” That’s correct — unless you click the ‘export’ button and put the definition of the View into a PHP .inc file. That mechanism allows newcomers to use a UI-driven builder to construct their data listings, then ‘lock them in’ as source-controlled code once they’re defined. It’s not perfect, but it’s certainly the worst example to pick on if you don’t like things stored in the database.

The search system that Mariya slagged on is also pluggable — for small sites, it works well but can be replaced by a Solr server just by installing the Solr software and dropping in the ApacheSolr module for Drupal. Obviously, the system that makes that stuff easy to rip out and replace transparently implies a degree of abstraction overhead. That’s a compromise that every system makes; for some sites, Drupal’s pros and cons won’t work well. For others, they’ll be a great fit.

And finally, the ‘template naming’ complaint that Mariya mentions, regarding auto-generated IDs, is a bit deceptive. HTML templates in Drupal control the markup for a given type of element — block.tpl.php for sidebar widgets, for example. The output for specific instance of one of those elements can also be overridden by using a template with a more specific name. For example, block-view-recent.tpl.php for a ‘recent items’ block generated by the Views module. One module that ships with Drupal allows users to whip up hand-rolled blocks containing static HTML, to populate sidebars and feature areas quickly. The blocks output by that module use numeric identifiers rather than human-readable ones, and that should certainly be fixed, but the limitation is specific to hand-rolled blocks from that module, not inherent to the templating system.

Drupal’s learning curve is a frequent topic of complaints: especially for those coming from simpler systems like Wordpress, or ‘just-the-foundation’ frameworks like Rails, it can be confusing and full of inexplicable legacy decisions. It would be nice, though, if the criticisms of it could stick to problems that *actually exist* — it’s easier to fix that kind.

>A CMS requiring a slew of third-party mods before it can be usable is useless to someone who can code a custom Rails CMS in a day or two. (Hint, hint. Build it in Rails.)

Instead of adding a voice to the problem, please spend 2 days custom building a Rails CMS and release it as an open source sane alternative.

Apologists are annoying. People that possess the power to create change, yet do nothing but whinge, deserve a special place in Hell. (Hint, hint. Put up or Shut up.)

“Code it in a couple of days” ahh yes, the mythical man weekend. Good luck with that.

Wow, where to start? I guess I’m a drupal apologist… I’ve been using it for 4 years, so I think I qualify. That said, let’s dispell the fud:

1.) “Databases are great for storing passwords, content, and countless other things. These things do not include “views”, i.e. templates. That’s right, templates. In the database. Drupal stores templates in the database.”

As you clarified, you actually mean drupal views, which are a FAR cry from “templates”… (For those who are wondering “views” is basically a query builder, so we’re storing the configuration for these queries.) However, it’s worth noting that the suggested use case on “views” is to export them as code into a module of their own for all the reasons you mentioned. The author of the module has done a lot of great work to make that as simple and straight-forward as possible.

2.) “Enter Drupal. This CMS, my friends, is so bloated that it takes days, if not weeks, for the layperson to learn their way around it. In fact, my Drupal clients are so confused by the interface that they still send me content and ask me to input it for them.”

If that’s the case, then you’ve obviously failed to grok quite a few of the things that Drupal does to make your clients life easier. We train clients on drupal in about 2 hours, and usually have little in the way of re-training afterwards. The $tabs variable in your templates (I mean specifically page.tpl.php and the like) is your friend. Navigate to the page you want to change, hit edit… change as necessary, hit save. Wow that was hard

Admittedly, creating content can be a bit more in depth, especially “pages” that need to be inserted into the menu system. That one use case aside, “goto create content, and add the new type of content you need” is straight forward enough for most customers. If you’ve done your job, it should be as simple as that.

“An example of Drupal’s bad usability is requiring a user to confirm changes twice before they’re saved”

I have no clue what you’re talking about… and I use drupal every day. Comments sort of do this, but you can turn it off… other then that the only things that do this are way high end admin things like “Views” that allows you to configure and test before saving.

“editing a blog post is under “Manage Content” and sidebar content is under “Site Building / Blocks”. What?”

As I mentioned you can just visit the blog you want to edit, and if you’d utilize the zen theme to build your custom templates on top of, you’d find wonderful little “edit block” roll overs on each individual block. (Yes learning curve for sure, but the community is not blind).

3.) “Drupal has a history of security vulnerabilities and is written in ugly spaghetti code”

Spoken like a true closed-source proponent. Entice people with a “custom” system that’s specific to their needs, is only maintainable by the person who wrote it, and OH BTW unless that person decides to give you the code, you’re screwed… I deal with this every day, and it’s a horrible way to take advantage of clients. That said, “history of security vulnerabilities” translates in reality to “Drupal actually reports when there’s a problem, unlike most close source alternatives, so you can trust that they’ll tell you when you need to upgrade, instead of leaving your butt hanging out there w/o telling you there’s a problem.” Bottom line, every software has security issues, the question at hand is how those responsible handle them. Pick your poison, I’d rather know there’s a problem than stick my head in the sand.

4.) “It also has poor maintainability. In other words, upgrading to a newer Drupal version breaks templates and other code you may have written for an older version. Fixing this, of course, costs time and money. Other frameworks also deprecate older APIs, but in my experience, the changes between versions of other frameworks are not so drastic, and there is often a helpful process built in to migrate your code.”

We should be more specific with this… namely upgrading to a new major version release can potentially (actually almost certainly) break existing themes and modules within your system… Which really isn’t that surprising when you consider that that new version has been under development for somewhere between 12-24 months, and is constantly being improved. Minor version releases (6.13 – 6.14) are very simple to upgrade, as are most modules. This is also why the drupal community supports back versions for QUITE a while after new releases.

5.) Trademark stuff… yeah, a little OT for the software topic, but whatever…

6.) “If you are on a low budget and do not plan on hiring a developer, give Drupal a whirl (I guess). However, if you find yourself needing an oxymoronic “Drupal programmer” to do extensive configuration, consider hiring a Ruby on Rails developer instead. Chances are, you can get a custom CMS at the same price and with half the frustration.”

We already know my opinion on close source solutions… needless to say, the words “custom CMS” always make me shudder. You better trust that dev completely… and I mean trust that he knows security, caching, scaling, search engines, etc, and also have a rock solid contract in place that guarantees anything he codes is your property not his… and most devs aren’t into that for very good reasons so… good luck.

7.) “Edit #3: Oh, and for the templates you do store in the filesystem, the naming conventions for overriding a particular item are horrendous. For example, block-block-5.tpl.php contains the auto-generated id in the filename. So if the node/block has a different id in a different environment (dev vs. production) you’re out of luck, and the template won’t work.”

Admittedly, there are a couple WTFs on the naming schemes… blocks especially. But the supposition that a block would have a different numeric convention on dev/production is akin to supposing that your node ids are going to change… this is just fear-mongering for those who don’t actually know the system, and is a real testament to either your ignorance of the system, or your dislike for it… take your pick.

Dismissing includes as antiquated is laughable at best.

Drupal’s real issues, for me, amount to the comments listed here about migration from development to live. I’ve gone to great lengths to solve many of those issues with elaborate hacks, but it still doesn’t feel worth it. Ultimately, development of modules is handled wonderfully (especially when you can just drush the new stuff in to production) but lacks elegance and isn’t easier than alt-tabbing around to drop in changes via FTP. In fact, it takes more clicks/commands. Muscle memory has it happening very quickly, now-a-days, but I wish it felt more like responsible development and less like I’m digging up my entire garden to plant a new bulb.

I think if you have a low-budget Drupal could be suitable for your needs, of course if your needs don’t involve hard customization!

What about Radiant CMS? It’s in Rails, so *you* can easily extend it. However, it also stores views in the database.

Well, I’ve been using Drupal for years, and probably will use something else for my next project, but not for any of the reasons sited above.

The fact that caching only works for anonymous users, and that Drupal has a hard time scaling without caching, is what’s likely to drive me away. Correct me if I’m wrong, though.

The other thing is that I’d rather be writing my extensions in Ruby than PHP.

But in Drupal’s defense, it is absolutely trivial to write new modules for. The architecture is great (again, for a PHP-based project), which is saying a lot from someone who tends to be critical of API architecture. In fact, the comment above about Joomla made me laugh. I started out on Joomla, and after working with it for weeks, decided that it was terrible and jumped to Drupal, which is much, much better designed.

My users (when they are site editors) have an “Edit” link on the top of every page, as was mentioned above, so I have to say that the complaints about it being hard for end users means that you configured the site badly. Sorry. Not Drupal’s fault. Other complaints have been addressed as well–I’m sorry that you’ve been having a hard time dealing with it, but it just doesn’t suck.

Not to say that your projects might not have been better done on Rails. Each project certainly has a toolset that matches its needs the best. But I feel that your slamming of Drupal just means that you ended up using it for a task it wasn’t appropriate for–or didn’t understand the best ways to configure it.

>A CMS requiring a slew of third-party mods before it can be usable is useless to someone who can code a custom Rails CMS in a day or two.

In other words, a system one doesn’t know is useless to someone who knows an other system with a similar purpose. Right. Use the system you know.

While I agree with some of this critique, here are some points I take issue with.

>Databases are great for storing passwords, content, and countless other things. These things do not include “views”, i.e. templates. That’s right, templates. In the database. Drupal stores templates in the database.

Views are not templates. Views are more analogous to database queries. Drupal does, in fact, store templates in the filesystem.

>Drupal has a history of security vulnerabilities and is written in ugly spaghetti code

Ironically, you’re writing this in WordPress, a PHP projec that, unlike Drupal, really *does* have security issues.

Drupal’s security response is great. When’s the last time an update-to-date Drupal site was hacked? The code isn’t object oriented, but is clean and a coding standing is upheld.

>Gripe #4: Drupal’s None Too Friendly

Drupal’s community is one of the friendliest, non-elitist out there. Really. The Drupal project has a higher percentage of women involved than any other open source project of a comparable size.

>There’s been quite a backlash over Drupal’s new trademark policy, which is rather contrary to the spirit of open-source software.

The backlash has been by folks who don’t realize that protecting trademark is standard practice for large open source projects. Look at the license of MySQL, for example.

Well duh, it’s written in PHP.

Having used Drupal for about 1.5 years now, I fully agree, although for slightly different reasons. Drupal sucks in a number of ways.

Problem is, there is no open-source CMS that doesn’t suck. I tried silverstripe and it also sucks, albeit differently.

Anybody had experience with dotCMS or something like that?

Any thoughts?

A good review, if a little negative. I think you have missed some basic points, although I see from your edits that you now realise that Views is not templating. Templating is done in the file system via tpl files. As for the logs, that is optional. Many of us just use Google Analytics instead.

You also fail to mention the Cache system which greatly increases speed.

Drupal is a great CMS, it is easy to use and can create content out of the box for a multitude of sites (see http://nickbits.co.uk/blog/2009/09/book-review-drupal-6-site-blueprints ). You may have to install additional modules, but it is so much easier than coding from scratch.

Sure you could code your own from scratch, but why? Drupal is faster, easier, safer, more secure. Like any tool, Rails, WordPress, etc. you just have to take the time to read the documentation and learn the basics.

Nick

A good programmer could program a basic CMS in any language in a day or two.