 Okay, hello everybody My name is Micah I'm the web developer for the Electronic Frontier Foundation, and this is Ellie I'm Ellie Jones. I'm the director of nonprofit projects at chapter three So who is the EFF you ask does everybody know who the EFF is? Yay Well great In case there's somebody who doesn't we are a nonprofit law firm that protects digital civil liberties and we do things like make it so you could legally jailbreak your iPhone and so that you don't have a censored internet and We write some tools to make it so you your use of the internet is more secure and things like that so This is kind of a story about like the history of the EFF website a little bit Back in 2006 I Was the webmaster at the EFF and I moved the EFF website into triple five And we were kind of like early Drupal adopters. It was like a giant project. There were thousands of legal PDFs tons of flat files laying around a directories structure and We did that it was great, and then I left to go do freelancy things and Left EFF to its own devices with its triple five site and you know that we do this a lot in agencies We build sites and then we go away So I built a site and then I went away to do more Drupal stuff And then I came back a few years later because I'm still friends with people at EFF and they're like look We need to upgrade to Drupal seven things are a mess. So you get in there and it's just like I Had to face my own mess that I had made basically I had to eat my own dog food And look at this site that I built when it was my very first Drupal site ever so Yeah, so they were still in Drupal five and that's a common situation actually it's kind of like the dirty secret of The Drupal world especially in nonprofit world. There's a lot of sites out there. They're still on Drupal five Is anybody here still on Drupal five know anybody that's on Drupal five? Yeah, Drupal five is no longer supported So when I started working at EFF about a year ago, we were using convio as our CRM and We used it for a variety of things Basically for those that don't know convio is a CRM, which is a constituent relation manager Something like that but it contains the whole database of our contacts and we use it to Accept donations and to send bulk emails and to do action alerts, which is something that we do a lot of the EFF But it had problems It was really expensive Convio costs more than my salary so like every year and it's proprietary and we like to use free software when we can and You know as like an organization that is really into privacy and really into protecting people's data We don't like the idea that our whole like membership database is stored on a third party that can get subpoenaed and things like that and They have some security problems like we discovered that if you are a EFF member and you want to log in and change your Contact information or something or unsubscribe from a list or something and you don't know what your password is you can use their password reset function and it just emails you your password and In plain text and which means that they're not storing the passwords Encrypted and so we talked to them about it and they insisted that they were encrypting passwords even though that's not possible They also have some like weird limitations where they don't let you use a lot of special characters in your passwords And it can't be more than eight characters. I don't know why and then also convio For like action alerts, especially and for donate pages and stuff. It's very hard to Make it look exactly how you want to make it look And make it work exactly you want to make it work because you basically are able to define templates but not too much more and Seville CRM is kind of difficult too, but it's definitely It's possible because we're hosting it ourselves and we have programmers basically And our convio contract was close to running out. And so I actually got hired specifically to move us over To city CRM from a convio So the solution to both of these problems that were on old Drupal 5 and that we wanted to leave convio and start using city CRM Was to upgrade to Drupal 7 and start using city CRM and They needed each other because city CRM the latest version didn't work on Drupal 5 and So when we did this we decided to Do the upgrades all at the same time and that was in October and then We launched our Drupal site and then like a week or two later we launched city CRM and city CRM is actually on a different subdomain from our website because It has Different needs kind of like our main website Doesn't have like it's basically a lot of static content There's no like comments or anything and no one submitting forms. And so the entire thing could be cached behind a caching proxy like varnish Where city CRM like the donate pages needs to use sessions and it needs to do all this stuff And it just made sense to split them into separate sites and we're actually sharing the same code base and using a Drupal multi site With different modules enabled in each And so what is city CRM? It's a open-source CRM? software and Technically, it's a giant giant Drupal module and it's also a giant giant Juma module and a giant giant WordPress plugin So the idea is it just works with whatever your CMS is and Yeah, so it does all of the stuff that Kavya was doing or the other CRMs like Salsa, which we're gonna talk about more Do except you host it yourself in your Drupal site So let's talk a little bit about what happens if you're still on Drupal 5 a lot of times when you Start talking about getting off of Drupal 5 and upgrading people will say oh well You should upgrade from Drupal 5 to Drupal 6 and then from Drupal 6 to Drupal 7 I don't think that that I think if your site is quite small and very simple then that will work But for the most part Pretty much if you've been on Drupal 5 for this long You've probably built some things in crazy ways that are different than how you would want to do it on Drupal 7 So you're pretty much looking at building a Drupal 7 site in the best possible best practices Awesomest way and then migrating your data from your happy Drupal 5 database using a migration process so It's a little bit of a bummer at first you're like I can't use the upgrade path But in general I think it's good because it causes you to have to step back and reevaluate kind of what your best Practices are and what you want to do in the future And if you're using Drupal 5 you probably made that website a long time ago and things have changed since then So the approach that we took with the EFF was we tried to just keep what we were doing really minimal It's tempting when you're once you get past the thing where you're like okay now we're gonna Rebuild a site we're gonna make a new site in Drupal 7 and migrate stuff into it It's tempting to be like okay Let's also do a redesign and let's like reorganize all of our information architecture and etc Like that's a giant thing to undertake and I think you know It's kind of a a better approach to do the bare minimum to get your current information Architecture clean it up a bit if you need to get it into Drupal 7 and then you have your foundation for the redesign The beautiful wonderful phase to redesign you're gonna do later on So this is just an example of kind of just show you just the the minimal changes We had to make a new theme so it would have been like criminal not to spiff spiff things up a bit But we didn't so this is how it used to look and this is what we did to it So we kept the same basic feel like the sidebars the same the callouts are the same Not too shocking just trying to get the data in there Except that sign up for our mailing list thing it goes to CVCM instead of Kavya now So along the way we learned some things which is good to do We wrote a bunch of custom migration scripts They were nice migration scripts to get things from Drupal 5 to Drupal 7 and they were like drush integrated and everything but About three weeks after we finished the EFF migration we discovered that there's this awesome module called migrate module Which gives you these great tools for doing data migrations into Drupal so use that And probably one of the biggest mistakes we made was sort of more like a human communication mistake, which is the EFF site was really old and Because it had been through so many migrations and there's just tons of content on it And we were kind of cavalier about it We just sort of moved everything old into the new site and there was a lot of stakeholders at the EFF Like everyone's very involved in the website And I think that's the case with a lot of nonprofits that people are all very involved You're not going to get like a department that is just doing the web communication and no one else cares like everyone's kind of in there So we definitely ended up with a situation where like we moved everything over and there was this nice new redesign And people were looking at new at content that they hadn't seen in a few years or hadn't really noticed and There were definitely some problems there was like things that hadn't been there like hadn't been moved in from the first migration Yeah, there was a there was a lot of content missing that people were complaining about that Never made it to Drupal 5 Yeah, so actually we got like a flood of like problems that we had to fix and so we had to Set up a bug checker to handle it all like internally For our website. Yeah, so the lesson there is to do better content strategy before you start and get more People involved with like checking the content that you're moving over and testing the site before you push it live So a city CRM can do a lot of things, but it didn't do everything that we were using caveat for You can send bulk mailings to a city CRM, but you need to have an email server and so city SMTP is a service that basically They let people who use city CRM Just use their SMTP server to send massive amounts of emails and we've been working closely with them to Get our bulk mails To go a bit quicker because our mailing list has been growing and growing in size But it's way nicer to do that than try and just use your web server as an email server because then you have to deal with All of this drama that happens when you try and send bulk emails And then city CRM doesn't have an advocacy campaign section And so we're actually using salsa for the action alerts and we have it integrated into city CRM And I'll explain how that works more but the reason why city CRM doesn't have this and the reason why it's kind of a hard problem to solve is basically an action alert is a form that people come to and fill out and It contacts their representative It has to look up their representative based on their zip code and it sends an email and or a fax to their representative But Different members of Congress do things in different ways I think they all have publicly available fax numbers but only some of them have email addresses and a lot of them don't have email addresses and only have forms on their website and some of these forms have different fields that are required and sometimes and so like what salsa has done is they basically wrote scripts that Set that submit these forms on people's websites automatically But as soon as like some senator redesigns their website their script might break and then they have to fix it and it's and you know the people who are elected change every couple years and so it's like a full-time job is to keep this whole infrastructure working and It's something that you need that you can't really have like an open-source project that just here's an action alerts thing You need to actually have like an API that does the sending And then the other things are We accept donations Through CV CRM and so we needed payment processors and we're using authorize net and PayPal for that and those are fully supported in So The migration from convio into CV CRM was an API party. It was wild There was there was lots of good laughs, but really it was a nightmare because The convio API really Doesn't work for trying to get massive amounts of data out of convio Like you can't actually get more than 500 rows and any sort of requests to the convio API And there's they only let you have access to very specific pieces of information So we used a little bit, but we mostly didn't use it And what we found is that the Salesforce API does let you get access to everything and Convio has the service called common ground where they sync your convio database with your sales force a base And so we started using that and had our Convio data synced into sales force and then we use the sales force API to migrate it into CV CRM through the CV CRM API and We didn't release the sales API for this, but we use it every single hour now. I'll talk more about that later But in order to do this we had about 200,000 contacts to move into CV CRM and We had to basically just write this crazy huge sprawling script and Test it in a bunch of different ways and run it in different segments So you have to have contacts imported before you can import the donations and all sorts of stuff And we did all this and it took several months, but we finally managed to get all of the data into CV CRM Well, that's what we thought and then it turned out like a month later that we realized that random Like contacts that we knew were there were missing in random donations were missing and we tracked it down to common ground not actually working there was a lot of Data that was still in convio that never made it to sales force And so we had to like go and run reports in convio and write other scripts to import it And it was pretty it was totally a nightmare and it was an API party also at the same time But it was worth it because now we're using CV CRM And since we launched in October when we started with around 200,000 contacts We have over a million contacts now and we have we're hosting it ourselves. And so And we have you know, we're lucky enough to have web developers on staff at EFF and so we are able to just do whatever we want with it like if the Fundraising team need some special thing for some special fundraising campaign that looks all crazy and has counters and stuff We could like spend a couple days and build it for them and So that's pretty cool. Oh And so then recurring credit card donations this was a really tough problem because We had about a thousand recurring donors in convio and when we close our convio account And suddenly their credit cards will stop getting charged and we thought we were gonna have to like contact these thousand people and Ask them to re-sign up in CV CRM, which means a lot of them wouldn't sign up but we were we heard from a Someone at Rainforest Action Network actually that they have the exact same issue when they switched from convio to salsa and They were able to save their occurring donations. So we spent a lot of work trying to save ours and We eventually did by getting Figuring out who our payment processor was which was pretty hard to figure out and then getting them to send us the actual credit Card numbers and then recharging the credit card numbers through CV CRM But we only had credit card numbers and expiration dates and like convio user IDs We didn't have anything else and so we had to like figure out what CV CRM contacts they were and we had to like hack the Payment processors in CV CRM temporarily to disable checking the security code because we didn't have security codes And we had to write a selenium script that every day charged Credit cards for that day So the moral of this story is if you want to save recurring donors because you're switching from one CRM to another CRM If you have like a small number of recurring if you have like less than a hundred It's a lot less work to just call those hundred people and get them to do it Yeah, so This is how our EFF action center works basically the point of our action center is so that the people can stick it to the man and We're using salsa to host our action alerts and this green line is Get requests or HTTP requests and so what happens is when people go to take action They load our action learn on salsa and then they submit it to salsa and salsa contacts Congress and then on success They get redirected to Supporters that you have to work to a thank you page and the thank you page is actually a CV CRM donate page It lets you like share this stuff on Twitter and Facebook and also donate if you want and then the blue line is a A cron job that we run once an hour that use the salsa API to Figure out the latest people who have taken action and then import those people into CV CRM and Record in their contacts record that they took action And this has actually been working pretty well for us And so that way we're still just using CV CRM for everything and salsa for the action alerts But this is actually something that we want to Make it look like instead and the people and right now it's not really possible to be the people It's also said that we can do it we want to make it so that we host our own action alerts because We can do a lot of cool stuff with we could host our own action alerts and then use the salsa API to just say Here's a contact. Here's the message send message to Congress and Sometime when we have time and we're gonna work with salsa and start doing it this way instead And then, you know, it's like sauce hosting action alerts with salsa is similar to hosting them with cavio You're able to change the template, but you can't change all that much But if we hosted ourselves will be able to like add live counters of how many people have signed so far and like Pull data from other places to put on that action on our page and other things like that So The open source community is pretty awesome and and One of the things that we really like about city serum is that it's open source and we could Look at the source code and you know when bugs happen We could actually just patch the bugs and submit patches and everyone benefits and we can extend it really easily We could write Drupal modules that work with city serum, which we've done a lot of to make city serum work for us and We also go to code sprints and we hosted a code sprint like the week that we were launching city serum Actually, there was a code sprint and it was really cool because there were all these city serum developers and like we're like Oh crap How do we do this thing and then like some of the core developers are like oh here's how so that was cool and We hosted a meet-up recently and now we actually have like some stuff that we need in city serum And so we're giving the city serum project money to develop it for us and everyone will benefit from that and Well, so Part of the story is that EFF is really lucky and that it has some like hardcore nerds working there who are able to Connect all of these pieces But one of the themes here is that you know EFF has started working with city CRM and just becoming part of that community And if you are at a nonprofit and you don't have in-house development capacity, what do you do? There's a couple of things One thing is that you can hire a city CRM expert using that those URLs that are down there You can find a contractor to help you build out your city CRM installation And the other thing is that there's a lot of nonprofits getting together who? Collaborate to sort of pull their resources and pull their funding to get the features that they need for their websites built and I'll benefit from that at the same time a good example of that is the watershed now project Which you can Google and find out about City CRM has make it happen campaigns, which are pretty cool. It's a There if there are features that a lot of different organizations want in city CRM They estimate how much it'll cost to develop this feature and then Organizations could donate money towards this feature and so a good example of a make it happen campaign is we accept Donations through credit cards through authorized on that and through PayPal and we also want to accept it through Google check out But the way that it works now every donate page can only work with one payment processor Which is really annoying so that means we have for every donate page we have we have another one for PayPal and then if we were going to do Google Google check out we'd have to have three donate pages for every donate page and One of the make it happen campaigns is to have Let people choose what payment processor they want to use when they're donating on the same donate page And so that's actually one of the things that we're helping fund and then everyone will be able to start accepting lots of payment processes And it'll be great mistakes were made part two This is this one was actually my fault Micah told me that they were needing to build their EFF shop and I was like Oh, you should use triple commerce. It's awesome. It's new. It's great And it turned out that triple commerce was just kind of like too much for what they needed They really needed a small shop where people could kind of like buy a t-shirt or buy like What a first amendment rights metal card that you can carry in your wallet to set off the metal detectors of the TSA or fourth amendment rights, sorry so Eventually they just kind of ended up using uberkart instead after struggling with triple commerce a lot That's a good example of something where like it doesn't really tools that are great for business Which is like a giant shop with a giant free API framework for building a store They really just need something out of the box. They could open up that was like all right now We have products in a shopping cart at the end So here's some security stuff that we do on our website so our website is separated out into www.eff.org and Supporters.eff.org for Civisarum and the whole www part of our website is just a whole lot of static content There's like blog posts for your requests documents you can download and like lots of other information and As a privacy organization We decided it makes sense to not set cookies and people's browsers when they visit our website and so we did some stuff to totally disable cookies getting set and We did this in some varnish settings and also we changed our settings that PHP file for www.eff.org And this also has other benefits It means that if you can't have cookies set at that domain name Then you can't log in at that domain name Which means that even if we have like gaping security holes in some module and someone figures out how to hack it to get like a minister of Rights they can't do it because they can't get a minister to rights If they don't have a session and so they there's just no way of logging in so it's pretty cool But then that means how do we log into our site? We have a different domain name that we use to log into our site and that different domain name is all protected with HTTP basic authentication. So when you go to the domain name where cookies are allowed to get set It pops up a thing where you have to type in username and password So people actually have to type in two usernames and passwords to get in but It definitely makes things really nice and secure and I actually hear that a White house dot gov that uses Drupal does a very similar type of thing cookies don't get set on White House dot gov and instead They have to be using a specific White House VPN to log in they have to come from like the right IP address Or else you can't log in which just has like very huge security benefits for a lot of things and then We Oh, yeah so We are a big proponent of deprecating HTTP and making it so that everything goes over HTTPS and So our whole like everything at www.epf.org our supporters that epf.org goes is just through HTTPS If you go to HTTP you get redirected And but our website has been getting more and more traffic the more We the more popular we get and the more we grow and Drupal has had hard times handling all of this traffic And so we decided we needed to have a caching proxy and so we're using varnish, but varnish can't handle HTTP so we're also using pound which is a Server that that like handles that initiates HTTPS connections and then forwards that stuff on to varnish and then Varnish either serves cash copies or forwards that stuff on to Apache and so it's this big convoluted thing, but it works and It's pretty cool because we're able to actually like I don't know There's lots of scaling stuff that could happen like if we wanted to we can make it so that pound is just running on one server and then And varnish is running on that server and then Apache is running on lots of different servers and it could all work out and Then also we don't like it when people store more information about Visitors or about anyone then they need to store because all that information sitting around is Like it could contain lots of private information and it also could be an easy target for subpoenas And so we don't log IP addresses and for the longest time. We were just not logging IP addresses but now we are crypto logging IP addresses, which is a Crypto log is the software that I wrote that is It's it's not done yet. It hasn't officially been launched But if you actually want to look at it, there's the code. Is that a git.yepf.org? But it's basically Instead of logging IP addresses in your logs It it logs a hash and it's a hash of your IP address that's salted with some random data And the salt changes once a day So what this means in practice is that we don't log IP addresses and if someone's looking at our logs They can't figure out people's IP addresses from it But we still get to know the difference between unique bits unique hits and page views So yeah So I am gonna go off on a tangent about so but if a blackout day And how this works with so we see around but first Are there any questions that you have about any of this stuff so far? Do you want to walk up to the mic? How are you dealing with PCI DSS with authorized on that in city? So We are we're starting to deal with it We're not we don't have PCI compliance yet But we are in the process of going through all of the things to get PCI compliance Which is kind of annoying. I actually thought that we didn't have to use We didn't have to be PCI compliant if we were using Authorized on that but we do and so We've been implementing lots of stuff and we're looking into vendors to do security scans on our site and stuff We have like all sorts of security policy that we already have implemented But we need to like make it fit within PCI's requirements. So so that means you're using authorized net's aim Profile in city, right? Yes, I believe so where it's all embedded. It's not jumping out to authorize Yeah, when people so when people submit credit card numbers onto our website They're making a post request with the credit card numbers to our website and then we're using authorize.net API to charge the card We had to build a sim Custom module for that. We're using ourselves. We haven't submitted it back yet. I was just wondering how you were oh interesting Does that avoid PCI compliance? Yeah, because what we actually do is we we built the sim module And then what it does is when you get to the payment screen you jumped authorized net and then we post back After the fact, but that's the only way we were able to get around PCI DSS with the university interesting Do you want to show me that later? That would be useful. No, no As someone who's built many Difficult websites that integrated Drupal 7 and CVC are just extremely curious How much did you leverage? entities and views Drupal constructs within side CVC RM We built the site using panels for everything. So it's mostly The well for for the EFF org part of the site It's all panels panels everywhere and views content panes and occasionally custom content type panes using the C tools API and then I think Micah built the other Supporters that you have to work also uses panels everywhere on the same theme and some views and Yeah, so Well, so in terms of actually like integrating CVC RM with the rest of the site We don't do that much of that like the public-facing CVC RM stuff is like donate pages and the form to subscribe to our mailing list and like you know our salsa action alerts and we and we like did some custom stuff like we made a Drupal form where you can submit your email address and it looks up your contact in CVC RM and then sends you an email at the link to Change your data because CVC RM doesn't have any way of like letting people change their data out of the box But in terms of actually displaying information from CVC RM to people. We don't really do that. We Pretty much just the EFF staff does the displaying of information. So we haven't needed to do much of that stuff I'm out of curiosity when you're talking about Drupal commerce and not not really using that Kind of similar to his question How do you how do you decide when to use? You know Drupal commerce like if you're selling products and then and you obviously want to display them on your public page And not your CVC RM page. So do you have to have two separate? Purchasing options like you have a donation, which is CVC RM, and then your products is still commerce. I Think you'd have to just pick one or the other Well, so CVC RM doesn't have a store. It doesn't have a way of buying stuff It has a way of donating and getting premiums like you get a t-shirt if you donate enough money but it doesn't actually have an online store and So that's why we decided to use like Drupal commerce and uberkart So that we could have like a store with a shopping cart and you can decide to get your fourth amendment Tape so that when you know, it's packaging tape when people cut through your packaging tape to search your boxes They're cutting through the fourth amendment But If you like so what we we haven't actually done this yet, but we want to it's still like a ticket to do is A Integrate the store with CVC RM right now. It's not integrated, but we want to make it so that when people buy stuff through uberkart It just adds a like a record in their CVC RM context saying that they bought it Would that be the same or like event registrations as well? well event registrations You could do that directly through CVC RM and we haven't done we're like a We're just starting to test the CVC RM event stuff like we're gonna have Some events coming up at the ground Defcon and we're gonna have use CVC RM's event registration and have people Register through supporters study of hip.org So I'm not sure exactly how all that stuff works. So I haven't looked a whole lot at it yet But that's just a CVC RM feature You want to hear about the blackout day it was pretty fun So blackout day was January 18th and you probably remember it because the internet went dark and big websites like Wikipedia and Google participated in it and We at EFF have been doing a lot of work Against internet censorship for a long time and we've been doing work against sopa and PIPA since the bills were introduced and Quaika, which was the bill before it. There was a censorship bill that didn't make it and so we got a lot of traffic around that time and So blackout day was on a Wednesday and the Friday before that like around five o'clock we heard from Wikipedia that they wanted to link to our petition and But they warned us that we need to be able to handle millions and millions and millions of hits in the course of a couple minutes Which we can't handle and so We decide we basically just like spent from that Friday evening to the next Tuesday I'm Building something that could handle that and Wikipedia ended up not linking to us because I don't I don't think they have faith that we could do It in time, but we did but we got lots of other traffic but basically we built a big infinitely scalable system on the Amazon cloud with a load balancer and lots of Lots of servers sitting behind it and each server like I don't know so we needed to be able to handle submissions of Petitions and we also needed to be able to handle donations because our city like we Load balanced our city serum donate form and sent a thousand requests at it like immediately one after another and it crashed Apache Which isn't good because we were gonna get much more than a thousand hits immediately and so We actually programmed a Basically a html form that when you submit it it just stores a row in a MySQL database and and that's that was the petition And then we made another basically an html form. That's a credit card form for a donate form and when you submit it it It charges the credit card using the authorized on that API and then stores a row in a database this as like the person with this email address donated this much and We made it like very very very like streamlined We like had to do things like make it so we don't don't connect to MySQL until after people click submit because otherwise you have like millions of MySQL connections that are open not doing anything and In order to do the credit card processing stuff We actually just like looked at the city serum authorized net source code and ripped a bunch of stuff out and like read made it like a little bit simpler and used it and that was pretty cool because It's another way that happy being open source really helped us in this case. But anyways It was like 9 p.m. The day before blackout day and that was on the west coast which was midnight on the east coast when all of these websites were starting to black out and So our plan was to host our petition with salsa and As soon as salsa like if salsa couldn't handle it then we would fall back to hosting our petition ourselves with this big thing that we built and it took about an hour before salsa stopped being able to handle it and Their server just crashed and it just stopped working and I that was around the same time that minecraft.net Started redirecting their whole website to us, and I think that that's probably why I guess there's a lot of minecraft users out there So we fell back to our thing and our petition Didn't look super pretty and Mozilla was gonna start their blackout at like 8 a.m. And they were and when Mozilla is blacking out It was like if people installed firefox and didn't change their default homepage when they open firefox You'll see like a link to our petition and then also when people are trying to download firefox or thunderbird or anything Almost illa.org it would like just be replaced with the blackout with the link to our petition and um They were considering linking to the American censorship.org petition instead because it looks a lot better But then they're like but if you guys make your petition look a lot better Before we launch at 8 a.m. Which was 5 a.m. Our time Then we'll link to you instead so At like from midnight to like three I designed this thing which looks way nicer, and we also looked at The like how many people were submitting before this versus how many people were submitting after this I don't have a screenshot of what it looked like before, but it was much uglier, but um Like over twice as many people submit the nice form Compared to like how many people load it which was pretty cool And that's actually one of the reasons why we want to host our action list ourselves because we can't actually make them look like like this with this has fancy Ajax stuff and Or fancy jQuery stuff And we can't really do all of that stuff Hosted on salsa But we will be able to do this stuff if we hosted all ourselves but yeah in the end we sent over a million emails to Congress and We won so it's cool If you know someone who's still on Drupal 5 or you're still on Drupal 5 or you're stuck on something That's really difficult to work with like convio or can tear us and people are on The message here is you can totally do it. It's hard You're gonna have to write some data migration scripts, but you can do it. You can get your stuff into where it needs to be It's gonna be an API party, but it's gonna be fun because open source is here to help you and Yeah And also EFF is hiring a web developer right now So look at our website and apply if you want to work for EFF. It's pretty awesome place to work Are there any other questions also? The question it was would you would you plan more? We did actually we were lucky in that the architecture on the Drupal 5 site pretty much informed the architecture on The Drupal 7 site so we planned in that we looked at what was on the Drupal 5 site And what content we needed to move over and the only thing we really changed was that there was a giant taxonomy of issues That are like sort of like the topics EFF covers and the in the former site issues had been nodes and in Drupal 7 Issues became taxonomy terms. They were doing a lot of node reference stuff before and then we sort of switched it over So our plan was pretty much just like using the schema that we already had and then kind of adjusting it slightly I Think and we did write a development plan for part of it too. So I mean you can always plan more, but I think we did pretty good What strategy are you deploying that deals with Drupal accounts versus just like a regular individual? Sivvy account or all of your Sivvy accounts also Drupal accounts, or do you have some variation in it? So we have it so that Sivvy CRM doesn't create Drupal users. So Yeah, yeah, yeah, you could you could do that you can make it so when people When contacts are created in Sivvy CRM it creates a Drupal user for them and links the accounts and stuff But we don't want anyone logging into our site basically besides us and so we just don't make users for them and instead of Instead of that we made it so that people could still like update the information in their contact record by Doing this form that we made So is that one of the reasons you're separating on different domains? Here's an example. I would say let's say you had a Blog running or comments running on EFF.org and people feel that they've already gone in they've donated They've created an account, but they can't use that account to come they would have two accounts at your site That's that's currently your strategy. Well, we actually don't have comments on EFF.org which makes it so we don't have that problem EFF.org is all static for the people outside that look at it. So So we just avoid the issue by having nobody log into our website to Sivvy CRM or to Drupal like at all except for EFF staff and It's actually like it turns out to be Really nice like how convio used to store plaintext passwords Well, we don't have passwords for our members anymore, which It's a lot nicer to not have to have a giant database of passwords that would really suck if somebody hacked us and dumped that database Anything else? Okay, thank you for coming