Dropping support for CiviCRM Standalone (from v3.2)

Published
2010-03-02 08:33
Written by
lobo - member of the CiviCRM community - view blog guidelines
As some of you might know, CiviCRM Standalone came out of a project we did with US PIRG. The project lead was Wes Morgan who also was supporting the standalone version along with a few other features he worked on in Civi (SQL Import, REST API etc). Wes has moved on from PIRG and his new position does not allow him the time to maintain and improve the standalone version. The core team does not have the energy or resources to maintain the standalone version either. There is one high priority issue of upgrading the OpenID library and adding support for Yahoo!/Google login. We need to fix this for 3.2 if we want to continue supporting standalone. If you are currently using standalone and want to support it and be the maintainer, please contact us on CiviCRM's IRC channel. We suspect it will be 50 hours per release to maintain and support CiviCRM Standalone. Some of the responsibilities include:
  • Patching the code to allow Yahoo!/Google openid's to be used for 3.2. This is important and will be your first project.
  • Fixing high priority issues and security fixes for the next minor/major release.
  • Responding to forum posts and user issues on a regular basis (5-7 times a week)
  • Testing the upgrade / install path for all major CiviCRM releases.
  • Working with the community of users and adding features if/when needed.
  • Regular meetings with the core team members to discuss issues and potential solutions.
If we do not find a maintainer, we will not have a standalone release for CiviCRM v3.2. We will document a migration path to Drupal for current CiviCRM Standalone users
Filed under

Comments

Anonymous (not verified)
2010-03-02 - 09:59

This is realy a sad news!

But I may life with the drupal version.

http://ourpowerbase.net/2009/05/taking-the-wraps-off-the-powerbase-project/
Based on civiCRM it looks like a standalone solution, but they are a bit behind on their installer package.

civiwoman (not verified)
2010-08-26 - 22:40

In reply to by Anonymous (not verified)

He this is really very bad News

Joomla is absolute no option due to its huge security risks.
http://secunia.com/advisories/search/?search=joomla&sort_by=date&sort_by=date
Most of there problems in the code don't get fixed and the sourcecode needs to be edited which takes you the chance to update to the next version

Drupal isn't much better and also has huge security problems
http://secunia.com/advisories/search/?search=drupal&sort_by=date

What about a combination with more secure CMS like ezPublish or TYPO3?

We hoped to get the stand alone version as it would have been much much easier to maintain, than Drupal or even Joomla.

We will have to look to a better and more secure solution!

Actually, every item in the Secunia security advisory page for Joomla also has a patch provided to solve the issue. So your statement about code problems not getting fixed is generally incorrect.

This is one of the chief benefits of opensource, having a global user community for testing unlike proprietary code whose testing resources can be limited. Of course, as a Joomla integrator, one must select components from reputable developers who have sustainable business models to support proper maintenance and updates.

Having the standalone as an option would be good, as I frequently run into situations where the organization already has a considerable investment in their existing Web site and only need a CRM solution to run in parallel.

Of course, we can setup a minimal Joomla or Drupal site with CiviCRM installed, but it does seem like an extra layer of complexity.

Cheers!

Considering not many orgs are using CiviCRM as a standalone version, I don't think it's that bad to drop it, especially if the time spent on maintaining the standalone version is going into fewer bugs and and more features.

A couple of months ago I implemented CiviCRM for a membership association (I'm their contract web developer). Since I'm a big proponent of WordPress -- and that was the framework I had in place for them before I chose CiviCRM -- I would love to see the standalone version continued. It was my first experience with CiviCRM, and my client is enjoying CiviCRM's simplicity compared to solutions such as Sugar CRM. I would hate to add the extra layer of complexity of adding Drupal/Joomla just to continue using CiviCRM.

Thanks for all your hard work.

Hi,

I first looked at the standalone version, but decided to install the drupal, that is basically a shell around civicrm and take care of the ACLs (more advanced than for the standalone).

If you only use civicrm and no drupal specific things, it adds about 30 minutes in your install time, and probably takes a few mb on the hard disk, but shouldn't be an issue these days.

X+

Keith Bloom (not verified)
2010-03-12 - 15:08

I use the standalone version and recently adapted it to successfully use secure SSO through an ExpressionEngine CMS login challenge without using the OpenID wormhole. I suspect the same basic methodology could apply to other smaller, yet secure open-source CMS solutions, e.g. Mod-X, allowing for flexibility in development options for web designers/developers not married to "Drumla." I am not excited about going rogue alone, but I feel pretty strongly that aligning all success options for a CiviCRM sell with one or the other mega-CMS application may box out interest from smaller organizations and businesses (or even medium-sized ones) not ready/willing to change wholesale from already entrenched and capable open-source based CMS platforms. Perhaps I am just not aware that a Civi/Drumla installation can coexist productively and share secure (SSO) access controls with another full-featured, legacy open-source (LAMP) CMS, with that pre-existing application as SSO host. If this is the case, then please point me to where I can see such an installation in action.

Ugh. March madness of an entirely unexpected sort.

Hi Keith,
Drupal has core support for external authentication. You'll want to take a look at the following functions:
http://api.drupal.org/api/function/user_external_login_register
http://api.drupal.org/api/function/user_external_load
Note that they've improved a lot in D7.

For a guide on how to hook these take a look at:
http://www.centurionwebdev.com/content/authenticating-users-external-service-drupal-6

There's dozens of existing implementations of this:
http://drupal.org/project/cas
http://drupal.org/project/cosign
http://drupal.org/project/facebook_auth
http://drupal.org/project/googleauth
http://drupal.org/project/winliveid
http://drupal.org/project/shib_auth
http://drupal.org/project/certificatelogin
http://drupal.org/project/oauth
http://drupal.org/project/friendconnect
http://drupal.org/project/oscommerse_auth
http://drupal.org/project/ldap_integration

For others out there Drupal will give you more control over User Permissions than the standalone version. It also has OpenID in core if that's what you used previously. CiviCRM needs a shell of some sort to operate within. If you just need CiviCRM and nothing else than you are best off choosing the most supported shell for CiviCRM.

It is not cleaned up for prime time as yet, but I am updating installation this afternoon from 3.0.3 to 3.1.3, so I will clean up and note diffs along the way.

I have been meaning to document it anyway, and in light of this development, I am not urgently needing to do so.

SSO is essentially a pass-through using a modified set of login and auth scripts that use login challenge from ExpressionEngine to validate user and boot standalone CiviCRM session array alongside a similarly protected ExpressionEngine session. The site in progress is mddccua.org. CiviCRm is the business back-end of their member relationship and event marketing and management operations, ExpressionEngine is the public facing community forum and association publishing platform.

Keith

Anonymous (not verified)
2010-04-20 - 14:37

I just found CiviCRM yesterday, and spent the whole day fighting (unsuccessfully) to get standalone version up and running, and then I discovered it was being dropped!!! What a waste of a day!

Please post this notice on the Downloads page so others can just bite the bullet and install drupal/joomla versions without wasting time on standalone version! Of course I would prefer not to have to install an additional application that I have to maintain, but I guess I have to look a CiviCRM as an excellent add-on module for Drupal!

P.S.- CiviCRM is far superior and much more polished than SugarCRM and vTiger so I look forward to digging in and seeing what it really can do!

Anonymous (not verified)
2010-05-06 - 07:34

I am willing to help with support but I do not have the time to do it alone or be the lead.

of folks who are interested in maintaining and supporting standalone. At this point in time, we do not have anyone willing to lead it, so standalone tarball will not be part of the 3.2.alpha series

lobo

Ben (not verified)
2010-11-30 - 17:41

Hi there,

Very sad to see the standalone version has been dropped... Shouldn't the Drupal and Joomla interfacing be done via the API or as a plug-in to the standard standalone version? That way there's just one codebase to maintain, and more people can use CiviCRM?

Just a thought...

In the mean time, I'll have to look for an alternative CRM...