• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
SiteManagr - A simple open source CMS

#31
[eluser]neillyons.co[/eluser]
Hi there,

When deleting always submit a form using the post method.

Let me explain why.

At the moment Sitemanagr deletes posts by passing the post id to the delete function of the posts controller. Like so:

Code:
http://example.com/admin/posts/delete/2

This will delete the post if you are logged in and have the right privileges.

But...

If your site accepts comments for example and a user submits that link as an image; like so:

Code:
<img src="http://example.com/admin/posts/delete/2" alt="This will delete your post."/>

Then when you yourself as the admin user come to browse through the comments on your site the browser will attempt to fetch that image by sending off a request to that URL. But because you are logged in whilst the browser is doing this the post will get deleted.

Hope that makes sense.

#32
[eluser]viisik[/eluser]
nooby question,

can it be fairly said that a bigger CI sites of all kinds can be built and extended from this CMS - you take this cms as your initial basic architecture and build anything on it , without altering much the initial cms code

#33
[eluser]Dan King[/eluser]
[quote author="neillyons.info" date="1264656043"]Hi there,

When deleting always submit a form using the post method.

Let me explain why.

At the moment Sitemanagr deletes posts by passing the post id to the delete function of the posts controller. Like so:

Code:
http://example.com/admin/posts/delete/2

This will delete the post if you are logged in and have the right privileges.

But...

If your site accepts comments for example and a user submits that link as an image; like so:

Code:
<img src="http://example.com/admin/posts/delete/2" alt="This will delete your post."/>

Then when you yourself as the admin user come to browse through the comments on your site the browser will attempt to fetch that image by sending off a request to that URL. But because you are logged in whilst the browser is doing this the post will get deleted.

Hope that makes sense.[/quote]

Wow, yes that makes perfect sense. I see exactly what you mean, and I never would have thought of that. Thanks for pointing that out!

#34
[eluser]helmutbjorg[/eluser]
Just installed this cms. Thanks for sharing. Had some troubles importing that sql file into my database. For some reason it had a problem with the uppercase table name on line 402.

I changed
Code:
Line 402 FROM EVENTS

to
Code:
Line 402 FROM events

Also I noticed that the screenshots on your website look nothing like the application I have here? Am I missing something?

#35
[eluser]Dan King[/eluser]
@helmutbjorg yeah, a couple people have mentioned that issue with the uppercase table name causing errors. I'll update that in the next release. Glad you were able to work around it though!

As far as the screenshots, no, you're not missing anything. They were shots of the newer UI that I recently got rid of. I've updated the website with current screenshots.

#36
[eluser]Jameson.[/eluser]
Bravo on the design! it looks very nice, so nice in fact that it makes me wanna use it in my app Smile
Absolutely loved the way media and photo libraries work (if only we could access them from post edit page).
WYSIWYM editor instead of WYSIWYG? Bald but wise!

A couple of things (probably to fix) I noticed while poking Sitemanagr on localhost:

- a lot of "default NULL"s in DB scheme in places where NULL doesn't bring any additional meaning (like, for example, email state "active" - it's either active or it's not; email can't be neither active nor inactive, which NULL actually means)

- for all us foreigners UTF8 encoding in database would be preferrable

- lack of indexes: for example, to be able to effectively find comments for a post (after lots of them will have been created) you require to create index for `post_id` field in `post_comments` table

Looking forward to client-side part of the app now!

offtopic: really nice designs in your portfolio BTW

#37
[eluser]Sarfaraz Momin[/eluser]
Great work !!! building my first project using it. Will keep you guys updated about it.
@Dan King : There is a missing table merch_sizes on this url admin/items/inventory. Please look into it. I am getting the following error.

Code:
A Database Error Occurred

Error Number: 1146

Table 'sitemanager.merch_sizes' doesn't exist

SELECT DISTINCT (size) FROM merch_sizes s JOIN items_view m ON s.merchid = m.id WHERE m.slug LIKE '%'

#38
[eluser]st.programci[/eluser]
it is great Smile

i am not an advanced programmer, but am trying to learn CI for a few days. tuts of Jeffrey Way at tutsplus.com were great for an introduction after looking at basic docs of CI here.

and i am trying to find a cms like coding based on CI. i've found several, but none of them (even ExpressionEngine) were as good as yours. i think yours deserves better documentation and development. thanx..

#39
[eluser]st.programci[/eluser]
by autoloading form helper, and changing the code system can use smaller and cleaner codes.

below shows the new version of ./views/admin/auth/login_form.php

Code:
&lt;?php if($message != NULL)
    echo "<div id='login_msg'>$message</div>"; ?&gt;
<br/><br/>

<div id="login_form">
    <h1>Login</h1>
    &lt;?php    
    echo form_open('admin/auth/login');
    echo form_input('user', 'Username');
    echo form_password('pass', 'Password');
    echo form_submit('submit', 'Login');
    //show register option, if turned on
    //if($config['Anyone can register'] == 'on') echo anchor('?page=register', 'Create Account');
    echo anchor('admin/auth/lostpass', 'Lost your password?');
    echo form_close();    
    ?&gt;
</div>

code is an example taken from tuts. i modified it a bit. it works fine, but without css styling.

and, i think styles should not be hardcoded.

#40
[eluser]Gurik[/eluser]
hello
the CMS is very nice
but i could not find any controller for non admin pages
there is only admin interface for it ?


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.