Home/ Questions/Q 8084843
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-05T17:55:16+00:00

I’m trying to setup a system to minimize complexity for people updating the site

  • 0

I’m trying to setup a system to minimize complexity for people updating the site as I will not be the main person updating daily content AND also provide clean URLs.

Since I am unable to use a DB, all of the content resides in one of two base folders (/private/content OR /private/utilities). For normal daily updates, the utilities (contains the page wrapper – header, nav, footer, etc.) folder wouldn’t need to be accessed. This minimizes the amount of visible code to the daily editor.

I’ve created an array ($allowedContent) that has the list of valid sections that are accessible. The code tests against that array to verify that the user is not attempting to access inappropriate content. With the code below, these requests would be successful. Everything else would fail.

My question is:
Is there anything that sticks out as a problem with this approach?

.htaccess

RewriteEngine On
#  Rules
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php

PHP

// parse the URL
$requestURI = explode('/', $_SERVER['REQUEST_URI']);
//print_r ($requestURI);

// a list of non-restricted dynamic content
$allowedContent = array("test", "hello", "foobar");
$allowAccess = false; // assume hackers :o

// determine the section
if (!$requestURI[1]) { // none defined - use root/home
    $section = 'home';
    $skin = true;
    $allowAccess = true;
} elseif ($requestURI[1] == 'popup') { // popup - no skin
    $section = $requestURI[2];
    $skin = false;
    $allowAccess = true;
} else {
    if (in_array($requestURI[1], $allowedContent)) { // verify that the requested content is allowed / prevent someone from trying to hack the site
        $section = $requestURI[1];
        $skin = true;
        $allowAccess = true;
    } else { // this would be either a 404 or a user trying to access a restricted directory
        echo "evil laugh"; // obviously, this would change to a 404 redirect
    }
}

Added code where content is called

// call the relevant content pieces
if ($allowAccess == true) {
    if ($skin == true ) {
        // call wrapper part 1
        include $_SERVER['DOCUMENT_ROOT'] . '/private/utilities/wrapperOpen.php';

        // call aside
        include $_SERVER['DOCUMENT_ROOT'] . '/private/utilities/header.php';

        // call aside
        include $_SERVER['DOCUMENT_ROOT'] . '/private/utilities/aside.php';
    }

    // call CONTENT (based on section)
    include $_SERVER['DOCUMENT_ROOT'] . '/private/content/' . $section . '/index.php';

    if ($skin == true ) {
        // call branding
        include $_SERVER['DOCUMENT_ROOT'] . '/private/utilities/branding.php';

        // call footer
        include $_SERVER['DOCUMENT_ROOT'] . '/private/utilities/footer.php';

        // call wrapper part 2
        include $_SERVER['DOCUMENT_ROOT'] . '/private/utilities/wrapperClose.php';
    }
}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    this would work.
    you coyuld also look into using xml to store data, but you need to keep watch over system memory usage and loading time if the files get too large. sosplit them up where possible.
    can’t you talk them into using a database? webhosting with database is cheap.

    • 0