Here's my 2nd script, a simple CMS that allows users to edit html files directly. The html page must have special tags inserted into it

an area that can be eddited is delineated like this:
<vscmsedit?name=area1&rows=25&cols=80>
....editable html
</vscmsedit>

(name, rows and cols are used as parameters for a text area in the interface)

also areas delineated like this won't display in the interface:
<vscmsquiet>
.....invisible html
</vscmsquiet>

any other html in the file being edited is visible in the interface, this way the user can see where the change is being made, and get a nice sense of being in the back-end of their site

(edit note 3/7: added session variables, authentication and URL parsing option)

<?php
include 'config.php';

session_start();
header("Cache-control: private");

// AUTHENTICATION
if (isset($_POST['pw'])) 
{
$pw = $_POST['pw'];
$_SESSION['pw'] = $pw;
}
elseif (isset($_GET['pw']))
{
$pw = $_GET['pw'];
$_SESSION['pw'] = $pw;
}
elseif (isset($_SESSION['pw']))
{
$pw = $_SESSION['pw'];
}

if ($pw == $adminpass)
{
$breaks = array("\r", "\n", "\r\n");
// make a sting into an array splitting at line breaks
function makeArray($rawContent)
{
global $breaks;
$rawContent = str_replace($breaks, "\n", $rawContent);
$content = explode("\n", $rawContent);
return $content;
}
// makes url into html hyperlink
function makeLink ($str){
$target = $_SESSION['target'];
$str =  preg_replace("/[^(http:\/\/)]w{3}\./i", "http://www.", $str);
return  preg_replace("/(http|ftp):\/\/(\S+\.[a-z]{2,3}\S*)/i", " <a href='$0' target='" . $target . "'>$2</a>", $str);
}
// makes html hyperlink into url
function unMakeLink ($str){
return  preg_replace("/<.*a href=('|\")(\S+)('|\").*>.+<\/a>/iU", "$2", $str);
}


// generate edit page interface
if(isset($_POST['edit']))
{
session_start();
header("Cache-control: private");
$_SESSION['parseURLs'] = $_POST['parseURLs']; 
$_SESSION['target'] = $_POST['target']; 
//set file to write
$file = $_POST['file']; 
$_SESSION['file'] = $file;
// open file 
$fh = fopen($file, 'r') or die('Could not open file!'); 
// read file contents 
$rawContent = fread($fh, filesize($file)) or die('Could not read file!'); 
// make sting into an array
$content = makeArray($rawContent);
// read array into edit interface page
$i = 0; 
while ($i <= count($content)) 
{ 
	// skip lines that should be invisible
 	if (substr($content[$i], 0, 12)  == '<vscmsquiet>')
	 {
	 	while (substr($content[$i], 0, 13) != '</vscmsquiet>')
	 	{
		$i++;
		}
		$i++;
	 }
	 // put editable lines into form textarea(s)
	 elseif (substr($content[$i], 0, 11)  == '<vscmsedit?')
	 {
	 // get textarea name rows and columsns
	 parse_str(substr($content[$i],11,-1));
	 $i++;
	 	echo "<form method='post'>" .
		"<textarea name='" . $name . "' id='" . $name . "' rows='" . $rows . "' cols='" . $cols . "'>";
			while (substr($content[$i], 0, 12) != '</vscmsedit>')
	 		{
			// remove html <br> tags
			$htmlBreak = array("<br>", "<br />");
			$show = str_replace($htmlBreak, "\n", $content[$i]);
			// convert url's to href links
			if ($_SESSION['parseURLs']){
			$show = unMakeLink($show);
			}
			// write contents in textarea
			echo $show;
			$i++;
			}
		echo "</textarea><br />";

 }
 // write the rest of the lines into the html page
 else
 {
      echo $content[$i] . "\n";
	  $i++;
 }
}  
// form submit ?> <Br> <input type="submit" name="write" id="write" value="Submit changes"> </form> <?php } // write new contents into the file elseif(isset($_POST['write'])) { session_start(); header("Cache-control: private"); ?> <html> <body> <?php //set file to write $file = $_SESSION['file']; // open file $fh = fopen($file, 'r') or die('Could not open file!'); // read existing file contents $rawContent = fread($fh, filesize($file)) or die('Could not read file!'); // make array $content = makeArray($rawContent); // display existing file contents for debugging echo "<textarea name='content' id='content' rows='30' cols='100'>"; foreach ($content as $line) { echo "line - " . $line . "\n"; }
echo "</textarea><br>"; // fixes a bug that would either add empty lines at end of file or delete last line $offset = 0; if ($content[count($content) - 1] == "") { $offset = 1; } // loop to create array of new file contents $i = 0; $j = 0; $newContent = array(); while ($i < (count($content) - $offset)) { $j++; // get submitted content and add to array if (substr($content[$i], 0, 11) == '<vscmsedit?') { $newContent[$j] = $content[$i] . "\n"; // get edit area name parse_str(substr($content[$i],11,-1)); // make sring into array $areaContent = explode("\n", $_POST[$name]); foreach ($areaContent as $line) { $j++; // insert html <br> tag $show = str_replace($breaks, "<br />", $line); // convert url's to href links if ($_SESSION['parseURLs']){ $show = makeLink($show); } if (substr($show,-6) == "<br />") { // write new content into array $newContent[$j] = $show . "\n"; } // insert <br> at end of lines where user didn't press return elseif ($show != "") { $show = $show . "<br />"; $newContent[$j] = $show . "\n"; } } // skip lines in existing file until end of edit area is reached while (substr($content[$i], 0, 12) != '</vscmsedit>') { $i++; } } // write existing unchanged lines into new array else { $newContent[$j] = $content[$i] . "\n"; $i++; } }
// display new file contents for debugging echo "<br /><textarea name='content' id='content' rows='30' cols='100'>"; foreach ($newContent as $line) { echo "line - " . $line; }
fclose($fh); echo "</textarea>"; // open file for write $fh = fopen($file, 'w') or die('Could not open file!'); // conver array into a string $rawContent = implode($newContent); // write to file fwrite($fh, $rawContent) or die('Could not write to file'); // close file fclose($fh); ?> <br /> Page Updated Successfully<br /> <br /> <a href="index.php">edit another page</a><br /> <br /> <span class="small">VSEL v1.0 &copy;2006 <a href="http://ekittell.com" target="_blank">Eric Kittell</a> </body> </html> <?php } // get which file user would like to edit, path relative to location of index.php else { ?> <html> <body> <form method="post"> <input type="radio" name="file" id="file" value="../home.html">home<br /> <input type="radio" name="file" id="file" value="../chart.html">chart<br /> <input type="radio" name="file" id="file" value="../bio.html">bio<br /> <br> Parse URLs? <input input type="checkbox" name="parseURLs" id="parseURLs" checked> Open URL in <select name="target" id="target"> <option value="_blank">new window <option value="_self">same window </select> <br /> <Br /> <input type="submit" name="edit" id="edit" value="Go to edit page"> </form> <br /> <span class="small">VSEL v1.0 &copy;2006 <a href="http://ekittell.com" target="_blank">Eric Kittell</a> </body> </html> <?php } // AUTHENTICATION FAILED } else { echo "Wrong password"; } ?>
    Write a Reply...