Jump to content

web_craftsman

Members
  • Content count

    64
  • Joined

  • Last visited

Community Reputation

1 Neutral

About web_craftsman

  • Rank
    Regular Member
  • Birthday 08/23/1981

Profile Information

  • Gender
    Male
  • Location
    Ukraine
  1. web_craftsman

    CMS from scratch

    I am not looking for code critique. Only for what is mentioned above. User experiense when working with my CMS.
  2. web_craftsman

    CMS from scratch

    Hello. I just finished creating my own CMS. Built it on top of Yii2 php framework. Need critique. Whether it is user and seo friendly enough? Does it lack some important functionality for all types of web sites? link to the demo site Username: moderator Password: moderator Demo site is being rebuilt every 5 hours so be free to change anything you want. p.s. Even when moderator's admin language is "english", a bit of information at admin pages are displayed in Russian, and default language (first in all lists) is also Russian, sorry for that.
  3. web_craftsman

    How to indicate the proprietarity of software in my code

    Found example: http://stackoverflow.com/questions/6683814/is-this-good-php-commenting-practice
  4. Hi. I have written my web site engine (some cmf for specific area), with which I can create web products. How better to say in my code that it is not for open using by other people to create their new web products. For example, some web studio looks at the demo of my CMS, orders one copy of site, and then uses this coding base as it's own. Would putting a copirate info be formally enough? Or do I have to indicate some license? Which one then? There are a lot of open sourse licenses but not a lot of wide known proprietary licenses.
  5. web_craftsman

    how to filter meta tags from xss

    Jacques1, thanks, I will follow your advice
  6. web_craftsman

    how to filter meta tags from xss

    Web site content managers are supposed to know html
  7. web_craftsman

    how to filter meta tags from xss

    When people use all kings of WISYWIG editors they are working with raw html too
  8. web_craftsman

    how to filter meta tags from xss

    I will need to create a whole meta tag constructor for this, with all features like changing order, adding, deleting, it is a big piece of work and there is one crutial problem: It looks that seo specialists like to add some very specific meta tags, how could I guess what they need? For example, by googling there is info than meta tag could have the next attributes: name, content, scheme, http-equiv. It does not say about charset attribute, in which case it is a single meta tag's attribute. And after looking at web sites I very soon found meta tag like: <meta property="fb:app_id" content="966242223397117" /> So It looks a bit comlicated to create constructor for all cases
  9. web_craftsman

    how to filter meta tags from xss

    At my CMS I want to give site moderators ability to associate any meta information to a page. For meta keywords and description I have different fields but all other stuff are inserted like raw html , like this: <meta name="Generator" content="SomeCMS" /> <meta name="robots" content="nofollow" /> <link rel="canonical" href="http://example.com/content/poisk-i-upravlenie-kontentom" /> This html will be echoed to the page. Mainly only meta tags and link(rel=canonical) will be here. And now I think I have to make sure there is no xss attack in this code. So I need to filter it before saving to database. HtmlPurifier or http://github.com/voku/anti-xss don't work with meta tags. So what would you advise me? To parse text with regexp for meta tags and then check every metatag found for any style or on attributes or http-equiv="refresh"(to deny malicious metatag)?
  10. web_craftsman

    @see в phpDoc

    have you never heard about phpDocumentor?
  11. web_craftsman

    @see в phpDoc

    Hello. I can't understand a couple of things about @see format: 1. What is the meaning of this: Can I have an example where i should put :: ? 2. What is the meaning of :alias: in the next example from documentation? Looks strange for a description... 3. I do not understand when using FQSEN except using a full name (\yii\di\Container) am I allowed to use names according to the namespace of the current file and from use statements also?
  12. web_craftsman

    The most appropriative way of using data formats

    ckeditor or tinymce are not text formats. They are the editors which suggests you are using full html format. My question is about more complicated things like wordpress shortcodes. When you might need to assosiate some js or css code with a shortode and you can't insert this js code like inline to cached version of text, because jquery library are included lower at the page...
  13. web_craftsman

    The most appropriative way of using data formats

    any other ideas?
  14. Hi. The task is common: saving and displaying publications at the website. The information I enter is not only pure html but also some special shortcodes like BB-code. For example: <p><a href="[page:1]"></a> [b]Strong text[/b] ... [img:1] <-- some img I attached to this article </p> Obviously I have to save this information as It is, so it would be the same for editing process But I can't start regexp search for populating all this data per every request for displaying the data. So I can use a cache, though of couse I would have a double disk capacity taken with this approach. But how to do it in a better way? 1) keep additional column in table for this article's body field? Article id title body body_processed [b] <b> 2) use some additional cache table, and left join it all the time I get data from Article 3) Is there any other fortunate way to solve this task p.s. I am familiar with drupal and it is using something like 2) approach. But now I am not using cms and the framework I am using (Yii2) leaves this problem up to an end developer. Though it is a common problem for every web site which has a content managment into it.
×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.