Here's my 2nd script, a simple CMS that allows users to edit html files directly. The html page must have special tags inserted into it
an area that can be eddited is delineated like this:
<vscmsedit?name=area1&rows=25&cols=80>
....editable html
</vscmsedit>
(name, rows and cols are used as parameters for a text area in the interface)
also areas delineated like this won't display in the interface:
<vscmsquiet>
.....invisible html
</vscmsquiet>
any other html in the file being edited is visible in the interface, this way the user can see where the change is being made, and get a nice sense of being in the back-end of their site
(edit note 3/7: added session variables, authentication and URL parsing option)
<?php
include 'config.php';
session_start();
header("Cache-control: private");
// AUTHENTICATION
if (isset($_POST['pw']))
{
$pw = $_POST['pw'];
$_SESSION['pw'] = $pw;
}
elseif (isset($_GET['pw']))
{
$pw = $_GET['pw'];
$_SESSION['pw'] = $pw;
}
elseif (isset($_SESSION['pw']))
{
$pw = $_SESSION['pw'];
}
if ($pw == $adminpass)
{
$breaks = array("\r", "\n", "\r\n");
// make a sting into an array splitting at line breaks
function makeArray($rawContent)
{
global $breaks;
$rawContent = str_replace($breaks, "\n", $rawContent);
$content = explode("\n", $rawContent);
return $content;
}
// makes url into html hyperlink
function makeLink ($str){
$target = $_SESSION['target'];
$str = preg_replace("/[^(http:\/\/)]w{3}\./i", "http://www.", $str);
return preg_replace("/(http|ftp):\/\/(\S+\.[a-z]{2,3}\S*)/i", " <a href='$0' target='" . $target . "'>$2</a>", $str);
}
// makes html hyperlink into url
function unMakeLink ($str){
return preg_replace("/<.*a href=('|\")(\S+)('|\").*>.+<\/a>/iU", "$2", $str);
}
// generate edit page interface
if(isset($_POST['edit']))
{
session_start();
header("Cache-control: private");
$_SESSION['parseURLs'] = $_POST['parseURLs'];
$_SESSION['target'] = $_POST['target'];
//set file to write
$file = $_POST['file'];
$_SESSION['file'] = $file;
// open file
$fh = fopen($file, 'r') or die('Could not open file!');
// read file contents
$rawContent = fread($fh, filesize($file)) or die('Could not read file!');
// make sting into an array
$content = makeArray($rawContent);
// read array into edit interface page
$i = 0;
while ($i <= count($content))
{
// skip lines that should be invisible
if (substr($content[$i], 0, 12) == '<vscmsquiet>')
{
while (substr($content[$i], 0, 13) != '</vscmsquiet>')
{
$i++;
}
$i++;
}
// put editable lines into form textarea(s)
elseif (substr($content[$i], 0, 11) == '<vscmsedit?')
{
// get textarea name rows and columsns
parse_str(substr($content[$i],11,-1));
$i++;
echo "<form method='post'>" .
"<textarea name='" . $name . "' id='" . $name . "' rows='" . $rows . "' cols='" . $cols . "'>";
while (substr($content[$i], 0, 12) != '</vscmsedit>')
{
// remove html <br> tags
$htmlBreak = array("<br>", "<br />");
$show = str_replace($htmlBreak, "\n", $content[$i]);
// convert url's to href links
if ($_SESSION['parseURLs']){
$show = unMakeLink($show);
}
// write contents in textarea
echo $show;
$i++;
}
echo "</textarea><br />";
}
// write the rest of the lines into the html page
else
{
echo $content[$i] . "\n";
$i++;
}
}
// form submit
?>
<Br>
<input type="submit" name="write" id="write" value="Submit changes">
</form>
<?php
}
// write new contents into the file
elseif(isset($_POST['write']))
{
session_start();
header("Cache-control: private");
?>
<html>
<body>
<?php
//set file to write
$file = $_SESSION['file'];
// open file
$fh = fopen($file, 'r') or die('Could not open file!');
// read existing file contents
$rawContent = fread($fh, filesize($file)) or die('Could not read file!');
// make array
$content = makeArray($rawContent);
// display existing file contents for debugging
echo "<textarea name='content' id='content' rows='30' cols='100'>";
foreach ($content as $line) {
echo "line - " . $line . "\n";
}
echo "</textarea><br>";
// fixes a bug that would either add empty lines at end of file or delete last line
$offset = 0;
if ($content[count($content) - 1] == "")
{
$offset = 1;
}
// loop to create array of new file contents
$i = 0;
$j = 0;
$newContent = array();
while ($i < (count($content) - $offset))
{
$j++;
// get submitted content and add to array
if (substr($content[$i], 0, 11) == '<vscmsedit?')
{
$newContent[$j] = $content[$i] . "\n";
// get edit area name
parse_str(substr($content[$i],11,-1));
// make sring into array
$areaContent = explode("\n", $_POST[$name]);
foreach ($areaContent as $line)
{
$j++;
// insert html <br> tag
$show = str_replace($breaks, "<br />", $line);
// convert url's to href links
if ($_SESSION['parseURLs']){
$show = makeLink($show);
}
if (substr($show,-6) == "<br />")
{
// write new content into array
$newContent[$j] = $show . "\n";
}
// insert <br> at end of lines where user didn't press return
elseif ($show != "")
{
$show = $show . "<br />";
$newContent[$j] = $show . "\n";
}
}
// skip lines in existing file until end of edit area is reached
while (substr($content[$i], 0, 12) != '</vscmsedit>')
{
$i++;
}
}
// write existing unchanged lines into new array
else
{
$newContent[$j] = $content[$i] . "\n";
$i++;
}
}
// display new file contents for debugging
echo "<br /><textarea name='content' id='content' rows='30' cols='100'>";
foreach ($newContent as $line) {
echo "line - " . $line;
}
fclose($fh);
echo "</textarea>";
// open file for write
$fh = fopen($file, 'w') or die('Could not open file!');
// conver array into a string
$rawContent = implode($newContent);
// write to file
fwrite($fh, $rawContent) or die('Could not write to file');
// close file
fclose($fh);
?>
<br />
Page Updated Successfully<br />
<br />
<a href="index.php">edit another page</a><br />
<br />
<span class="small">VSEL v1.0 ©2006 <a href="http://ekittell.com" target="_blank">Eric Kittell</a>
</body>
</html>
<?php
}
// get which file user would like to edit, path relative to location of index.php
else
{
?>
<html>
<body>
<form method="post">
<input type="radio" name="file" id="file" value="../home.html">home<br />
<input type="radio" name="file" id="file" value="../chart.html">chart<br />
<input type="radio" name="file" id="file" value="../bio.html">bio<br />
<br>
Parse URLs? <input input type="checkbox" name="parseURLs" id="parseURLs" checked>
Open URL in <select name="target" id="target">
<option value="_blank">new window
<option value="_self">same window
</select>
<br />
<Br />
<input type="submit" name="edit" id="edit" value="Go to edit page">
</form>
<br />
<span class="small">VSEL v1.0 ©2006 <a href="http://ekittell.com" target="_blank">Eric Kittell</a>
</body>
</html>
<?php
}
// AUTHENTICATION FAILED
}
else
{
echo "Wrong password";
}
?>