Hi Mauno,
Thanks for that information.
With Drupal you get a status report similar to the one from Moodle (Site Administration > Server > Environment), but instead of checking only if the minimum requirements are met it tells you whether you are using an outdated version of Drupal (see screenshot).
What if Moodle provided similar information? IMO you can't blame people for not acting on information their Moodle installation doesn't provide them.
Cheers,
Frank
It's a good idea - some kind of a regular check of updates.
So far moodle (Martin) has sent email for registered sites about security updates - yet no new system will help those sites that use old code from past years and have never upgraded or dare not upgrade or don't know how to do it or administrators are worried about loosing some data if sites have some modifications.
Frank, can you check if there are any tracker issues for this kind of improvements?
There seems to be something along those lines in the making (initiated by Petr Škoda):
- Security overview report (MDL-17222)
- META: Security overview report STABLE (MDL-18039)
- Provide a feedback for the admin in order to explain him/her what to do to fix the security problem rised up by the security report (MDL-18078)
- Security overview report (MDL-17222)
- META: Security overview report STABLE (MDL-18039)
- Provide a feedback for the admin in order to explain him/her what to do to fix the security problem rised up by the security report (MDL-18078)
http://tracker.moodle.org/browse/MDL-18039 is still open...
This update check could be done for example with a simple form that posts current version(s) from some check file or files or database to moodle.org and gets back the current version(s) of latest files from moodle.org (some small script) and after comparison of versions suggestion of upgrading could be shown.
In practice code of moodle is upgraded weekly so if people are not using CVS only major changes could be used for this form feedback (security bug fixes etc)...
The security report should already be available:
"If you have Moodle 1.9.4 and later, you'll find a new Security Report under Admin -> Reports -> Security"
http://docs.moodle.org/en/admin/report/security/index
I think the current status report for the Moodle environment (Site Administration > Server > Environment) already has all the relevant information and must only be tweaked a little to give a warning if the Moodle version is too old (and insecure).
A Drupal installation even sends an automatic e-mail to the site administrator if there's a security update available so one can't miss it.
"If you have Moodle 1.9.4 and later, you'll find a new Security Report under Admin -> Reports -> Security"
http://docs.moodle.org/en/admin/report/security/index
I think the current status report for the Moodle environment (Site Administration > Server > Environment) already has all the relevant information and must only be tweaked a little to give a warning if the Moodle version is too old (and insecure).
A Drupal installation even sends an automatic e-mail to the site administrator if there's a security update available so one can't miss it.