Hi, Sorry this is a long(ish) post - I'm hoping you can bear with me - while I explain what I trying to do in relation to my CMS. :-)
I have created a content management system based around PHP and MySQL. I want to have conventional looking directory paths for my web pages - and would like to do it in the following way: I have a small file that contains a content id number and some includes to provide functonality, header and footer stuff, e.g. include configuration and functionality code include header code $contentid=243; include footer code (That of course is not real code - it is just to give you an idea of what I'm talking about.) When a person adds a new page they choose the section they want to add their page to (via pull done menu) - they add their content and click submit to create a new page. The categories they add their page to using the form, are represented by real directories on the server. My ideas is that - after the user submits their new content - I copy the file with the example code above into the appropriate directory, change the file name to something appropriate (and safe), and change the content id to reflect the new record created in the database. That way I have a real file, a real filepath (that means something to users), and content that can be pulled from the database. Regardless of the fact that there are a million other ways of creating a CMS; assuming I'm doing it this way - what would be the safest way to copy the file into a web directory? Would it be a good idea to make the owner and group for the directories on the server the same as the apache owner (which is what PHP runs as)? If I did this the permissions would be let me write the file to disk - but I'm not sure how secure it would be? Your thoughts would be appreciated. All the best, Jim p.s. I can't use .htaccess to fancy stuff with apache - because there is a problem with .htaccess on the server which I have tried and failed to fix - or get anyone else to fix - so that is not an option. It is not an issue I want to revisit, I've spent too long trying to fix it. -- My new free eBook: 'Accessible Web Typography - an introduction for web designers' at http://www.scotconnect.com/webtypography/ Pat's Guide to Glasgow West End: http://www.glasgowwestend.co.uk Flathunting: http://www.glasgowwestend.co.uk/flathunting/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
