gizmola

I think we need to go back to what you're looking for. What I got right now is that you want users to be able to add pages to the site. There is some wiki - like features you are envisioning. We need clarity on what that means. Blogs, CMS's etc. all for the most part handle this by having a database structure that supports it. For example, there is a "Content creation Kit" addon to Joomla named K2 that is used by a lot of Joomla users these days as a drop in replacement for the article system that comes with Joomla. I reverse engineered the database structure they use and I think it might help you think about this some more to see how someone else accomplished this. K2 adds tags and nested categories that in Joomla 1.5 were not part of the base system. Here's the database schema diagram: If you look at the core columns for the table jos_k2_items you get an idea of how you could approach something like this. There is a parent category foreign key, a title, alias (which is a version of the title that can be used as the url to the content) and then you have introtext and fulltext for the actual content stored as text columns. There are a set of meta columns so that individual meta keywords and descriptions can be stored for the page. There is a seperate table jos_k2_attachments that stores information about external assets needed by the page, like videos, images, pdf's etc. The 1-M relationship between the table allows the system to track any number of these assets which can then be referenced in the article. This should give you an idea of how to structure a database, although there is a lot of extra columns you wouldn't necessarily need if you wanted to keep things simple. You want some sort of status column in the table to indicate whether the page is visible to the public, inactive, or deleted. Let's assume you now need an index of all the available pages generated -- pretty easy to SELECT from the jos_k2_items and get a list of all the active articles, with an order by created or by category or however you would like. You'd want a page controller that given a url like: /page/article_title.html will find the item, assemble an html version from the various database columns and present it. In terms of markup supported you would need to decide what you want to support. You could look at the various wiki markups, or use bbcode, or even a subset of html. In almost all cases the parsing is based on using regular expressions to convert this markup into the html you will allow. You don't want to allow any javascript or meta refresh or anything else that facilitates XSS. You need forms that allow people to enter or edit new pages that then call mysql routines to store rows in the database, etc. You indicated you had some experience with this, so I'm going to leave that to you. You also need a form, which typically would be embedded to allow you to upload the images you referred to. Just about everything you need to know about how to do that in PHP is well documented on the php manual here: http://us3.php.net/manual/en/features.file-upload.php. If you read that you'll be able to handle uploads and store them. The markup system will need to intelligently understand how to convert an embedded image into an img tag that points to the location of the asset in webspace. That's all I can think of at the moment, and this is already getting to be a novel.

It's really odd that these types of questions seem to come in waves. Somehow I missed yours, but I just answered a very similar problem. You definately want to read this: http://omegadelta.net/2010/11/23/when-you-thought-the-db-was-utf-8-but-it-wasnt/

Hi Natash, If a.html is not a valid page, then the webserver will already issue a 404. I'm guessing here that these pages might actually point to content? If so, then what you want to do is have them issue a 301, which is read as "permanently moved." Google looks at this and honors it, so you don't lose people who basically get a big error page. If you want a customized 404 page you can implement this in your htaccess with: ErrorDocument 404 /error404.php And of course you will need to make the error404.php file and have it look and say what you want it to.

Your issue is most likely the one described in this great blog post: http://omegadelta.net/2010/11/23/when-you-thought-the-db-was-utf-8-but-it-wasnt/ MySQL is not alone in having a default character set for the client library. You want this to be correct end to end, but if you don't explicitly tell mysql that you want the client switch to utf8, otherwise it will use whatever the default is, which is often latin1. This is such a common problem that they recently added mysql_set_charset and that page has notes on the previous methods of handling this. I'm guessing here that you have a mismatch and that your application probably does not set the client character set for your mysql connections.

You are such a stickler. Asking for xml and expecting actual get the xml.

You seem to be confused about what pixels are used for. Pixels are not equivalent to "area". When you have dimensions for height and width, those dimensions are in pixels. Your pseudo code doesn't make any sense. There are several different libraries (exif, gd, imagemagick) which have routines that can be used to open most common image files and return you information including the height and width in pixels.

Sounds good. Hopefully you'll share some of your html/css on the road to learning PHP.

While I certainly don't owe you an additional reply, I'd suggest you go back and carefully re-read my reply to you. You reacted emotionally and took personal insult. I'm great at insulting people and if I wanted to insult you I would have written an entirely different reply. It's like you only read the first part, where I lightheartedly pointed out that the code you provided was a horrible idea, and you lost your mind. I could care less if you ever come back to this site, and really don't feel any need to ban you. This site has some ridiculous amount of users, and gets thousands of questions every day. This is simply the best PHP help community there is, and most certainly the most patient, so you're only hurting yourself. Nobody is pushing "bullshit CMS" systems on people. What they are doing is seeing people who don't know the most basic things about the language come in and ask for all the features of a CMS. Considering that these CMS's typically have man years of code in them. I wrote a CMS with another guy at a company that was used to host 50 websites, had it's own ad serving module, user system, cluster management, and modular forum system, and served up a quarter million page views a day, so I know something about the topic. It's non trivial and nothing I can sketch out for you or anyone else in skeleton form. I have no problem with people wanting to reinvent the wheel, so long as they approach it in pieces, and bring something to the table. You didn't, I called you on it, and where we go from here is entirely up to you.

Just for the record, you don't have to do anything to the > date, because it's already going to be the first second of that day.

There is no way to answer this when we don't know the structure of the tables involved and the relationships between them.

Mod rewrite is for rewriting urls, not for rewriting the html pages you send to people. If you want the url's of yoour pages to be in the rewritten format, you need to do that in your code.

Having your code blocks be delimitted with is just a disaster waiting to happen. This is why people usually use bbcode conventions.

You can have multidimensional arrays in php very easily. With that said, it's really not clear what you're asking for here or why.

No, the php file routines all work with file system paths. Webspace is a function of the web server application. When PHP deals with files it deals with the operating system filesystem, and has no interest or understanding of webspace. So let's say on your host, your webroot is: /users/username/htdocs/ You can specify that /users/username/datafiles is the place where you will read/write these .txt files and using php's file handling routines like fopen etc, you can access them and return their contents in whatever way you want, while at the same time leaving no possibility for the user to access the files via a url. As for crazy names... yes it might be highly unlikely for someone to guess the filenames. The basic term for that is "security through obscurity". You can use that phrase to explore the idea further if you'd like. I would not recommend on counting that when you have a completely viable option to put the files outside the webroot. PHP is not a seperate process from apache. If apache is down there is no webspace. If php explodes, apache will generate errors and you'll typically get exceptions and blank pages. When people inadvertantly leak information, it's usually because of some logic error, and not having the server properly configured not to display errors and log them instead to an error log on the server.

Hey FishSword, There are libraries out there that can do some of the files you're talking about but not all, and of course there is an issue with versions of those files and the many formats over the years when you're talking about the microsoft suite. I know some things about doing this, and I can tell you that it is not a trivial task, and very much related to the operating system of the machine(s) used to render the thumbnail image. Here's a couple approaches you can consider: -Based on the extension of the file, load a program that can process the native file format. Then print that to pdf and use imagemagick or some other program that can convert .pdf's to images. Then resize to thumbnail. -Based on the extension of the file, load a program that can process the native file format and put the application into full screen mode, then call an operating system macro that can capture the framebuffer/printscreen the page to an image, and then thumbnail the image.

You spent an entire weekend working on this, and you came up with 3 lines of PHP? As a cracker, i will sure love coming to your site knowing that you'll let me make a php file and stuff it full of whatever code I want and then you'll go and run that code for me. Sure will save me time trying to actually exploit your server as I'll have my root kit installed in record time. You need to step back for a minute and look for a basic "database driven website" tutorial or book, and learn some of the basics. FWIW, a wiki has 3 basic properties: - a minimal markup language that people can use to add page content, so they don't need to know a scripting language or html - the ability of people to add/edit (within the confines of the wiki markup supported) pages, where the most frequent implementation is that the data for the pages is kept in some form of database. - when changes are made to a page, those pages are tracked so that there is a complete history and ability to see or revert to prior versions of the page. I don't see that you're looking for the key features that differentiate a wiki -- it just sounds like you want a CMS. Since you brought up Joomla and Drupal, someone else must have suggested those to you because they match what you're looking for. I'm not trying to pick on you, but after 10 years of answering questions here, myself and the other vets have seen every variation of this type of question. It's just not interesting to us -- you have to bring more to the table than your desire for something that you have absolutely no chance of creating yourself.

What you've done is bizarre, and it doesn't seem you understand public key crypto. Private keys are not to be disclosed. Based on your description I have no idea whose key is being used for what or where. Here's the 2 basic use cases for public key/private key crypto: - I sign something with my private key and give you my public key. You will be able to decrypt the data using my public key, and in doing so, you know that the data came from me. - You have my public key and want to send some data securely to me, so you encrypt the data with my public key. I am the only one who will be able to decrypt the data because only I have the private key. Everything that is based on pk crypto is a variation of these 2 uses. There is no use case that involves passing a private key to someone. So a few things: -webserver is hacked. Well I have full access to your filesystem and the mysql database as root. What is it that I can't do? When I asked what you were trying to do, I was hoping for a list of goals/objectives, rather than a description of what you think you've accomplished.

spiderwell's solution will get you the space character. Often this is what people really want, but if you indeed want "whitespace" that includes tabs and newlines, then add "\s" character class instead. "/^[A-Za-z0-9\s]+$/"

What he means is that if the file is in webspace it will be accessible if someone knows or guesses the url to the file. Neither disabling a default directory listing or adding an index.xxx file will stop that from happening, just as having an index.php does not stop you from making a file called foo.php and accessing it via http://yoursite.com/somedir/foo.php. With PHP there is no reason that you need to have files in web space. They can exist outside of webspace and then you don't need to worry about an exploit that inadvertantly discloses their contents.

No, the less you ask for the better. People don't like to make new accounts, and the less barrier to entry the better. That is why you see so many sites supporting login via openid or facebook these days. Rather than have a seperate "Check username" button, use ajax to send the username once the field loses focus, or you can even do an incremental lookup and update the screen next to the username, where you currently have the button.

Hey Nuv, When you do a a mysql_query, you should check for a result. The problem could be that you have a mysql_error. See the link in my signature below about this. The other issue with your code, is that for an empty result set mysql_fetch_array() will return false. So what would be better for your first condition would be to call mysql_num_rows() and check if its return value is > 0.

Sure. A decent editor that supports PHP should offer color syntax highlighting where errors like that will jump out at you. In this case you'd need one that has function definitions for the standard libraries.

Are you using a database? Did you look at the database using mysql and find the offending comment? Probably, like Pikachu2k suggested, you have some sort of xss or sql injection based exploit that is screwing up your page. You can always capture its source code and look at the markup in a text editor. If it's one entry in the database, then you can easily use the mysql command line to remove that comment.

This is one of the somewhat annoying things about simplexml, but you need to call attributes() on the node, and it returns you an associative array with the keys being the attribute names. You also have to cast it to whatever variable type it should be in most cases. I'll do something like this: $t = $xmlmusic->nodename->attributes(); echo (string)$t['type'];

Yes it is simple. explode Notice that you need arguments and a COMMA between them.