creating a simple cms with php and mysql

[awelch]

Hi,

I want to create a very simple cms containing:

page.php - a page template - that retrieves pageheading and content from the database based on the querystring pageID

I guess I need a database table containing pageID (pkey auto inc), page heading (ntext), content(ntext)

pagemanager.php - a page to display a list of pages existing in the database

insertpage.php - a page to insert a new page into the database, using FCKeditor to edit the text / upload files and images.

updatepage.php - a page to update pages.

Password protection for the admin side of things.

I'm new to php but I want to try to build this thing from the ground up rather than using something premade like drupal- i don't need the functionality. I'm making a very simple site and want to learn.

Can anyone lead me in the right direction for tutorials / advice on where to start concerning my project.

Thanks

Andy

[JamesColin]

Hi,
http://www.php-mysql-tutorial.com/wi...and-mysql.aspx
http://css-tricks.com/php-for-beginn...st-simple-cms/
http://www.devshed.com/c/a/PHP/Build...-in-PHP-MySQL/

Good luck, it's good to want to learn, personally I use Drupal and love it, but I've learnt a little PHP&MySQL before knowing about Drupal.

[Shrapnel_N5]

Hi, awelch
You've got good aim.
It is a good way to learn things. You can have your CMS just in a few lines of code.

I'd suggest to start from insertpage.php, then proceed to pagemanager.php, then to updatepage.php (after you notice it is pretty same with insertpage.php, you most likely join em into one) and to the page.php at the end.

let's make insertpage.php of two parts: a form and a handler.
insertform.php will contain an html form and insertpage.php as simple code as this (if you choose MySQL):

PHP Code:

<?PHP
$table="cms";

if($_SERVER['REQUEST_METHOD']=='POST') { 
  $heading=mysql_real_escape_string($_POST['heading']);
  $content=mysql_real_escape_string($_POST['content']);
  $query="INSERT INTO `$table` SET heading='$heading',$content='content'";
  mysql_query($query) or trigger_error(mysql_error());
  header("Location: http://".$_SERVER['HTTP_HOST']."/admin/pagemanager.php"); 
  exit; 
} 
?>

note /admin/pagemanager.php. i assume it will be place for it, and after you insert page, you must be relocated to manager page.

[stonedeft]

This is a good start rather than using open source CMS. I find it easier to do my own CMS than using open source as I have control over the flow of my codes. Besides it's very painful to dissect other people's codes. It took me almost 2 months to grasp core files of Wordpress and almost 5 months on Joomla. I have to admit most of my CMS functions comes from wordpress, Joomla and vbulletin

As a start you need to learn basic mysql queries , update, insert, delete, select. tizag.com is good place to learn basics, very straight forward tuts

You may also need a text editor. I love fckeditor www.ckeditor.com

and last a templating system. I always use btemplate more lightweight than smarty www.massassi.com/bTemplate/

Goodluck and happy coding.

[awelch]

I started to adapt the code from: css-tricks.com/php-for-beginners-building-your-first-simple-cms/

but a lot of people in the comments were complaining that the guy's code wasn't very good.

I understand how he has create a class with a bunch of functions to do different things, and I like that approach and could continue hopefully to extend it to include update, delete, (by pageID) etc etc.

I wantt to know if anyone has looked at the guy's code and would care to comment?

Is it worth me learning and adapting his code and method or would it be better to take a dif approach?

Thanks

Andy

[Shrapnel_N5]

Yes it can be.
Any code can be worth to learn. In other hand, nobody's perfect. Any code can have mistakes. Even mine

This one is easy and short. Ok to learn. Just one thing i cannot agree is no use of templates in this code.
Password protection can be easily added.

[elviajero]

Quote:

Can anyone lead me in the right direction for tutorials / advice on where to start concerning my project.

Ok, you are doing this not only because you want to learn-practice php & Mysql... then as your goal is your CMS I suggest you to:

• Plan things ahead to avoid future problems
• Plan your cms around security
• Make it portable and simple (you will need that in the future)
• Focus on RECOVERY and MIGRATION. Many of us webmaster have faced servers down and migrations from one company to another, plan your cms around this, you will need it.
• Keep in mind TEMPLATE features. Build your cms around this feature allowing you to use different templates with one click or modifying your prefs, instead of building it around a page that build itself making the requests.

I have made cms myself for my private use. Nothing to envy to the other cms!!! in fact mine are little apps with all the functionality without needing 3MB of code.

Good luck!!!

[elviajero]

one more thing, focus on not making it TOO PERSONAL, you might find a future buyer interested in your app.

[chrisranjana]

Start with something small and slowly add on the features.

[inverse.chi]

I would recommend using a framework such as codeigniter to help speed up this process and use a MVC pattern to help split up your code.

[macfoto]

You might also want to check out the Sitepoint book "Build Your Own Database Driven Website Using PHP and MySQL". It covers how to use PHP, MySQL and how to begin making a CMS.

[mkoenig]

Thats a great idea, i created my first cms about 5 years ago. Even if you don't make a successful one you will learn soo much. You can then take that code with you in the future, and improve upon it.

[AllyZen]

This is so interesting.
I have always hand coded and just recently have been employed at a place that uses Joomla. I am not going to knock Joomla as it's great for what it is but I am used to starting a site from a blank textpad and adding only what I need as I go.
With Joomla its the other way around, you get too much code that you dont need and you spend ages sifting through it all.
If you want to modify any code you have to jump through a few hoops to find where it is or you might have to change stuff in more then one spot just to do a simple task. I spend more time in Joomla looking for stuff than I do anything else.
Anyway just hand coding what you want straight away is much easier.

[PHPycho]

If you want to take idea about CMS with the small footprints .
Definitely you can go with Frog CMS.
Which is small & lightweight.

[varul]

If you want to start your website by CMS software, use any one of the following as per your requirement.

DBPrism – first open source CMS based on Oracle XMLDB repository.
Flux CMS – XML/XSLT based, easy to use, extensible and suitable for developers to fill specific needs.
Freephpcms – easy to use, extensible and suitable for developers to fill specific needs.
Apache Lenya – Java/XML based CMS that comes with revision control, multi-site management, scheduling, and workflow.
Rubricks – CMS for Ruby on Rails fans, boasts simplicity and speed.
Clever Copy – A scalable website portal and news posting system.
Fundanemt – focused on usability and aimed at small and medium sized websites.
Dragonfly CMS – feature-rich open source content management system, based on PHP-Nuke 6.
Joomla - – popular, award-winning CMS that will help you build powerful online applications.
Silva – built on top of Zope, enables you to export to Word, stream media, store content as XML, and manage hierarchical and traditional websites.
YACS – build your online blogging communities.
ContentNOW – simple to use, flexible, multilanguage, modular CMS.

[Shrapnel_N5]

"based on PHP-Nuke" and "enables you to store content as XML" sounds like funeral music to me

[Ryan Mortier]

I would recommend this book by Kevin Yank: Build Your Own Database Driven Website Using PHP & MySQL, 4th Edition

This book teaches you how to build a CMS from the ground up.

www dot sitepoint.com/books/phpmysql4/

[rguy84]

I am going to start something like this also. One of the earlier replies talked about being security-minded. Can somebody maybe powst some tips what to consider/keywords to search for or links to articles that cover it?

[r937]

Quote:

Originally Posted by rguy84

Can somebody maybe powst some tips what to consider/keywords to search for or links to articles that cover it?

1. http://en.wikipedia.org/wiki/Sql_injection
2. http://en.wikipedia.org/wiki/Cross-site_scripting

[artcoder]

Instead of writing the CMS from scratch. I recommend using an open-source CMS. This can be Joomla, Wordpress, or Drupal. The article "Which CMS is best" talks about all three. I would go with either Joomla or Wordpress.

[Shrapnel_N5]

artcoder, it depends on goal
if one need to run their own site, I'll be first, who wote for ready-made CMS
if one wants to learn PHP language - writing CMS is very good practice dummy to train on

rguy84, just take in account that your first CMS won't be secure at all. It is ok. First things never be perfect. Many security issues learned only from own experience.

[Shrapnel_N5]

Anyway here is some security tips in brief, which I've already posted:

• don't pass filenames over address string. or sanitize it
• avoid SQL injection by following simple rules when build SQL query*
• never use eval()
• avoid XSS thing by stripping from user input all HTML tags
• avoid CSRF thing by putting security code into any html form which uses POST method.

[frank1]

ok u will find tons of tutorials for it
BUT
my simple advice...
just dont go for simple logic...
total procedural oriented simple php...10 lines codes....

make a mind frame to use best technique from the initial phases....like making single channel entry(use of functions),data santization,abstraction and making generic function and all...
if u start with that frame it will save lot of ur time later...
otherwise u will spent 6 months in simple php...and then relaize that i could have done in this way....and so on...
the simple things may block the innovation in initial phases....

and slowly moves to object oriented...with out which u wont be complete php programmer in php market(debatable but pratical truth...)

[Ryan Mortier]

Quote:

Originally Posted by frank1

ok u will find tons of tutorials for it
BUT
my simple advice...
just dont go for simple logic...
total procedural oriented simple php...10 lines codes....

make a mind frame to use best technique from the initial phases....like making single channel entry(use of functions),data santization,abstraction and making generic function and all...
if u start with that frame it will save lot of ur time later...
otherwise u will spent 6 months in simple php...and then relaize that i could have done in this way....and so on...
the simple things may block the innovation in initial phases....

and slowly moves to object oriented...with out which u wont be complete php programmer in php market(debatable but pratical truth...)

Can you recommend any comparisons to what you are talking about. Sorry about my ignorance, I am quite new at PHP programming and have never programmed anything in my life, although I have this inevitable addiction towards programming so I've been teaching myself. Can you recommend any books on OOP with PHP?

[frank1]

Quote:

Originally Posted by Ryan Mortier

Can you recommend any comparisons to what you are talking about. Sorry about my ignorance, I am quite new at PHP programming and have never programmed anything in my life, although I have this inevitable addiction towards programming so I've been teaching myself. Can you recommend any books on OOP with PHP?

ok one simple comparision
few years ago i use to do
$data = mysql_real_escape_string ($_POST['data']);
//or any such function
now a days i do
$data=input_sanitizer($data,type);
and make a function and pass all input through single channel...
just an example and look simple but those different method have huge difference ,later having more than 100 of advantages....
u can add any santizing method(even later),u can make it more generic.....list goes on...

second
identify repeating codes and make it function file as soon as possible...like image_functions.php may be for validation as well ...and so on...

(ok i have reached around 100 such points...if i didnt wrote book i will definately post it somwhere online with examples...)

so things like these are often overlooked by intial staters and they just go for results....and later realaize...if i had known this ...ago....?...had i done this rather than this that time...and so on......
important thing to bear in mind...these are not step wise development...if one is capable...she can start using from any method ..points...it just limited to own personal thought,knowledge....

so start good habits from startup and think long term...

about oop book again,must of the php book i have found doesnt teach to make apps using oop php rather they teach u fundamentals of oop and how it is implemented in php....
so u can grab any book to get basics of oop...even c book may work....
then go to some framework straight away...if u become capable to do that it would save lots of ur time
for eg code igniter,cakephp....
coding in these framework can be termed as programming in oop php(ok not all....but definatley an oop php coder)