Article
Content Management Made Easy - with Editize!
Utilizing Editize Within a Content Management System
The fundamental idea behind using Editize is to allow the end user to format their content, and submit that content for storage in a database. Rather than updating static Web pages, Editize updates the database, thereby automatically updating every page that uses that particular data.
Whenever a user requests a given page, the Web server retrieves the appropriate data from the database, and inserts it into the Web page before returning the page to the user. The resulting Web page will then display the nicely formatted content. This interaction is briefly summarized in the graphic below:
The Data
There are many types of data that could be stored in, and many features that are common to, Content Management Systems. In general, the more often the data changes, the more suited it is for inclusion in the system.
For the purpose of this tutorial, we'll examine a very simple system that could be used to update the main content area of a Web page, and display the date on which the page was last updated.
In order to restrict this process to authorized users, we'll include a database-driven user authentication system.
Our user authentication table contains 4 fields:
The content will be stored in a content table with these fields:
The User Login Page
The user login page Looks like this:
First, we need to create a page that allows the user to sign in, and gain access to the administration page. The following PHP code is an example of such a page. Please note that this code submits the data to a page called authuser.php:
<HTML>
<HEAD>
<TITLE>Login</TITLE>
</HEAD>
<BODY>
<H1>Login to Secret Area</H1>
<FORM METHOD="post" ACTION="authuser.php">
<P><STRONG>Username:</STRONG><BR>
<INPUT TYPE="text" NAME="username"
SIZE=25 MAXLENGTH=25></p>
<P><STRONG>Password:</STRONG><BR>
<INPUT TYPE="text" NAME="password"
SIZE=25 MAXLENGTH=25></p>
<P><INPUT TYPE="SUBMIT" NAME="submit"
VALUE="Login"></P>
</FORM>
</BODY>
</HTML>
The Validation Page
Once the user submits the data, authuser.php will validate the information according to the values stored in the authuser (user authentication) database table. authuser.php is listed below:
<?
if ((!$username) || (!$password)) {
header("Location: http://localhost/login.html");
exit;
}
//The code above will check to make sure the username
and password were not left blank, if either are blank
the user will be sent back to the login page.
$db_name = "testDB";
$table_name = "authuser";
$connection = @mysql_connect("localhost", "baggins",
"adventure")
or die("Couldn't connect.");
$db = mysql_select_db($db_name, $connection)
or die("Couldn't select database.");
$sql = "SELECT * FROM $table_name
WHERE username = \"$username\" AND password =
password(\"$password\")
";
$result = mysql_query($sql)
or die ("Can't execute query.");
$num = mysql_numrows($result);
if ($num != 0) {
// Since $num holds the number of returned rows, we
know that a match was found if it is not = 0 and we
then set a cookie for the authorized user.
$cookie_name = "authorize";
$cookie_value = "ok";
$cookie_expire = "";
$cookie_domain = "";
setcookie($cookie_name, $cookie_value, $cookie_expire,
"/" , $cookie_domain, 0);
// This cookie will be valid for the browser session
$display_area = "
<p><strong>Secret Menu:</strong></p>
<ul>
<li><a href=\"secret_page1.php\">secret page 1</a>
<li><a href=\"secret_page2.php\">secret page 2</a>
</ul>
";
// * Note that you could also display a different
menu depending on which user signed in.
} else {
header("Location: http://localhost/login.html");
exit;
}
?>
<HTML>
<HEAD>
<TITLE>Secret Area</TITLE>
</HEAD>
<BODY>
<? echo "$display_area"; ?>
</BODY>
</HTML>