I'm familiar with CMS's and have used them many times, but this is a static site built before open source CMS's became prevalent. They currently edit it by editing the html and then uploading it by ftp to the server. I'm trying to think if there is an easier way that I can set up to make it easier on them. Maybe a password protected form where they can enter in paragraphs in the text field and hit submit and it will save the text to a file that the html page will read and pull the text from it. I don't know if there is any way to do this without using a database, but thought I would check.
-
Senior Member- Nov 2004
- 808
-
Senior Member
- Aug 2005
- 801
i suspect you'd need some sort of database if you go the form route...
short of converting the site to a cms, you could probably use server side includes to pull in a text file that they change/update, similar to:
<?php include('name of text file'); ?>
(changing the file extension to php)
however, if you end up with a quite few text areas they want to update, it's more sanity-preserving to go with a cms anyway...
i've just plain decided that there's no such thing as 'static' anymore...just more dynamic and less dynamic...ie, cms solutions (joomla, wordpress, etc) and server side includes, the minimum...i really, really like only having to change stuff once!
...
-
drive me to Firenze
- Jan 2004
- 2439
Something I just started doing....
If the area they want to edit is for News Updates, you could have them create an external free news blog, and then just bring the RSS news feed in with a bit of code. Blogger is with google/gmail now, so any client that has a gmail account could potentially use it to manage their company's news feeds without having to edit any html pages directly. I'd suggest they create a new Gmail account just for the business if they go this route. This is the only way I can think of doing it without major coding or implementing a full on CMS or paid software of sorts. I used these scripts to make it happen:
http://www.feedforall.com/free-php-script.htm
Aside from that, the way they are doing it now would probably still be best if it is not for news updates. Maybe just have pages they are updating associated with a template (if using dreamweaver or similar where this is possible), and lock areas they are not updating so they don't mess it up.
I'm all ears though if there are other methods, I just starting doing this RSS feed thing because it's working for my client's needs - who also would like to be able to update their static websites without having to implement a full on CMS - mostly due to budget restraints.
Comment
-
Senior Member
- Nov 2004
- 808
The amount they need to update is so small that it wouldn't be worth implementing a cms at this point. I just tried out the php include, which helps. Now when they open up the included php file, it will only have that section, and the rest of the page's html will be inaccessible. It would still be nice if they didn't have to download the file, edit, and re-upload it.Originally posted by flutterby nut View Posti suspect you'd need some sort of database if you go the form route...
short of converting the site to a cms, you could probably use server side includes to pull in a text file that they change/update, similar to:
<?php include('name of text file'); ?>
(changing the file extension to php)
however, if you end up with a quite few text areas they want to update, it's more sanity-preserving to go with a cms anyway...
i've just plain decided that there's no such thing as 'static' anymore...just more dynamic and less dynamic...ie, cms solutions (joomla, wordpress, etc) and server side includes, the minimum...i really, really like only having to change stuff once!...Comment
-
Senior Member
- Jan 2008
- 184
I don't know enough about this to offer any advice, just wanted to ask a question...
Are these (see below) suitable for what you want to do? I was looking for something that would let me edit the content on just one webpage, without having to have a blog or Wordpress site:
http://tinymce.moxiecode.com/index.php
http://www.cushycms.com/
I'm just wondering if these are really as easy to use as they say, because this seems much more convenient than having to download, update and ftp for frequent changes.
Has anyone had any experience with these, or similar programs?
CallieComment
-
Senior Member
- Apr 2007
- 395
Originally posted by MikeTheVike View Post
You could do the following (no database required), provided you have a basic working knowledge of PHP. Let's assume the name of your existing page that requires an editable content area is called foopage.php:- Create your password protected directory—let's call it /edit.
- Create your form—let's call it index.php—and place it in /edit.
- Create a plain text file that contains the content that is to be edited & used as an include—let's call it foopage_content.txt.
- CHMOD both /edit and foopage_content.txt to make sure they are writable.
- Use PHP to read the contents of foopage_content.txt and load it into the <textarea> of your form.
- Use PHP to process the form & write the edited text back to foopage_content.txt.
Re what Callendale said: A print design friend of mine also recently mentioned that her company uses CushyCMS. It looks like the CMS part is hosted remotely and allows them to use their company branding so it looks like it's thiers. There was another one that used to get menitioned fairly regularly on the DW forums... I think it might have been Flyspeck, but I'm not sure. I've never used either of them, so I can't vouch for how well they work.
DigiComment
-
Senior Member
- Apr 2007
- 395
Callie,
Here's what a friend in another forum had to say about CushyCMS recently: http://forums.about.com/n/pfx/forum....cdes&tid=25513
Hope that helps a little.
DigiComment
-
Banned
- Feb 2005
- 5892
Use file_get_contents() to extract the contents of the file then echo it on the page. If you include the file its possible that the user could write PHP and affect the site as a whole. You will also need to use file_put_contents() for writing the textarea info to the file.Comment
-
Senior Member
- Apr 2007
- 395
Do you really think that's an issue with the form in a password protected area? I know there are 1001 security concerns with PHP, especially in a shared hosting environment over an unencrypted connection, but I just don't see Mike's client inadvertently writing PHP that would sabotage his own site.Originally posted by tZ View Post
I'm not trying to start an argument, I'm just wondering if you're aware of something that I'm not.
DigiComment
-
Banned
- Feb 2005
- 5892
Very basic example. You will need to make certain that the directory which the text file resides is world writable.
HTML Code:<?php $root = $_SERVER['DOCUMENT_ROOT']; $fileName = 'my_text_file.txt'; if(isset($_POST['submit']) && isset($_POST['content'])) { file_put_contents($root.'/'.$fileName,$_POST['content']); echo 'file saved'; } $content = file_exists($root.'/'.$fileName)?file_get_contents($root.'/'.$fileName):''; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Untitled</title> </head> <body> <form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post"> <fieldset> <legend>Alter File</legend> <ol> <li> <label for="content-field">Content:</label> <textarea id="content-field" cols="70" rows="20" name="content"><?php echo $content; ?></textarea> </li> <li> <input type="submit" name="submit" value="submit"> </li> </ol> </fieldset> </form> </body> </html>
Comment
-
Banned
- Feb 2005
- 5892
Yep, people are idiots. The last thing I want for someone to run a query that would wipe out the entire application. Say if someone gets into the admin panel that isn't suppose to be there. Maybe not all that much of a concern here, but in more db intensive apps surely. Another example would be including ?> which would end the script and result in a error. There isn't any reason to make the contents of a textarea PHP interpretable.Originally posted by digizan
if the variable name for the query object and tables could be determined the entire app could be destroyed.
$db->query('DROP TABLE table1;');
$db->query('DROP TABLE table2;');
$db->query('DROP TABLE table3;');
$db->query('DROP TABLE table4;');
Proper permission management may prevent this, but that still doesn't eliminate the possibility to affect the functionality of the site through the textarea.
The simple answer is just to echo the contents of all user input areas as plain text. That way the state of the application is separate from the content contained within it. This eliminates the possibility of anyone being able to affect the application state. Regardless of the size application its just good security.
Besides, user input is normally content not code even if it contains code. Therefore, it should be treated like content not code.Last edited by tZ; 05-26-2009, 08:02 PM.Comment
-
Senior Member
- Apr 2007
- 395
-
Senior Member
- Apr 2009
- 407
-
Senior Member
- Nov 2004
- 808
-
Senior Member
- Nov 2004
- 808
tZ, I see your point. I highly doubt the client will mess it up, all they are doing is adding paragraphs of text. But I'll give your way a shot just in case...Originally posted by tZ View Post
I had a couple questions about your code, I don't know much php. I'll just put comments next to the parts I don't understand...
HTML Code:<?php $root = $_SERVER['DOCUMENT_ROOT']; $fileName = 'my_text_file.txt'; if(isset($_POST['submit']) && isset($_POST['content'])) { file_put_contents($root.'/'.$fileName,$_POST['content']); echo 'file saved'; } $content = file_exists($root.'/'.$fileName)?file_get_contents($root.'/'.$fileName):''; //what is this doing, pulling the current content? ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Untitled</title> </head> <body> <form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post"> //can you explain the stuff in the action=""? <fieldset> <legend>Alter File</legend> <ol> <li> <label for="content-field">Content:</label> <textarea id="content-field" cols="70" rows="20" name="content"><?php echo $content; ?></textarea> // what is the php echo $content doing? </li> <li> <input type="submit" name="submit" value="submit"> </li> </ol> </fieldset> </form> </body> </html>
Comment
-
Today, 03:45 AMCommented to Need HELP !!Bkurala, most of us here are either professional designers or on our way to becoming that. Sometimes we make assumptions that turn out to not take special situations like yours into consideration. So...
-
Today, 03:33 AMCommented to Where to place the TM trademark symbol on this:http://www.nolo.com/legal-encycloped...trademark.html
and
http://www.brighthub.com/office/entr...les/49756.aspx
As stated earlier, a trademark is not a copyright.... -
Today, 03:14 AMCommented to Hey HeyWelcome.
-
Today, 03:09 AMCommented to Noobie Needs helpThe part in my first message that says "or whatever value" was meant to tell you that you'll need to adjust the amount of spacing to whatever you want, whether that's -10 or -20 pixels or ems...
-
Today, 03:09 AMCommented to Critique of Memory Book CoverOut of curiosity - why not scrapbook the cover of a "scrapbooky" memory album?
-
Today, 03:09 AMCommented to RIP: The Necrology ThreadJAMES RIP
-
Today, 03:08 AMCommented to RIP: The Necrology ThreadSlim Whitman? I loved that guy!!! Mars ATTACKS!
-
Today, 03:06 AMCommented to What's for lunch?Beef and Barley Soup & Bananas
Comment