Website with CMS, best practices, questions and htaccess password protection

[eluser]zoeuf[/eluser]
Hello.

I am looking for information and "best practices" to create a complete website including a CMS.

Today, I have this website without CI, in the context of adding features, I decided to completely recode the website with this framework.

I'm fairly comfortable with CI, I trained myself to create a mini CMS in order to manage my current website.


I'm looking for a way to separate the data displayed to users and the CMS part of my website. What is the best way to do?

In my website, I have, for example, some articles.
I imagined create two controllers for those items : Articles.php and Cms_articles.php.
The views are then separated in two directories : one for the front-end and the other for the CMS.
Example: front/articles_display or cms/articles_display.

Is this the best way to manage my project?


Another question. On my current site, the CMS part is protected from access by a password in a htaccess file.

I don't know how to do that in the CI architecture. Is that possible?

Thank you.

Guillaume.

[eluser]smilie[/eluser]
Hi,

Concept is basically oke. I presume, you will have some user / session check that no admin can access admin part.

Regarding htaccess, you can still implement it even with CI - it has nothing to do with framework.

Cheers,
Smilie

[eluser]zoeuf[/eluser]
Ok, thanks for your reply.

Let me re-introduce my point about htaccess password.

On my current website I get my public php files on the main dir, and a subfolder named "bo" like "back-office". There are a .htaccess file on it and when I click on a link "bo/index.php", a password is required. I enter it, and I get an access to administrate my website content.

With CI architecture, I can't protect one folder. The BO controllers are in my controller directory with the other public controllers. (articles with bo_articles, for example).

I'm looking for a solution to implement the password with htaccess. May be there is a way to protect only the bo_ controllers by the modification of the htaccess file, but I'm not very comfortable with htaccess syntax.

The backup solution will be a simple php login for administration, and a $_SESSION stored but, I think htaccess is more secured than this last solution.

Thanks !

[eluser]tkyy[/eluser]
for clients that want a custom cms i have found myself actually creating 2 completely seperate applications: an application that focuses on performance (output caching, etc) that just displays data and another application to edit the data that can get away with using more expensive queries.

the reason for this is just performance as i said- i don't even want a database-driven session going on in the page-display application.

both applications run using the same database, but the display application rarely interacts with it unless it is rendering pages for the first time. as a user changes a page from the administrative page, the cache files are deleted and they are regenerated as users hit the display application.

[eluser]zoeuf[/eluser]
Yeah !
One of my backup solution was the development of two CI projects.
One for the display of DB datas and the other for the data management.

But I'd rather like to solve my problem before use this.
Thanks for exp sharing.