J2Ee Hosting, Sun Java Developing, Domain Name Hosting Blog » Blog Archive » Affordable web hosting - 808Part VCase StudiesAdding an HTML Editing ToolThis simple

Affordable web hosting - 808Part VCase StudiesAdding an HTML Editing ToolThis simple

808Part VCase StudiesAdding an HTML Editing ToolThis simple Weblog is quite adequate for many purposes, but it has one big disadvantage: You can t write up your daily entries using the Web itself. Instead, you must create each entryusing a text editor like emacsor Notepad and save it to your Web server s docroot. This canbe a significant issue over time, especially if you are not allowed telnet/ssh/FTP access toyour server or aren t comfortable with the process. HTTP is the next logical step for manyusers, and is probably no less unsafe than using FTP. This process has one big problem: You need to give read/write permissions to the HTTP user(usually Nobody) in a particular directory. This is an inherently insecure process, and we donot recommend it in the long run. We ll describe the HTTP tools here so that you can becomecomfortable with the new aspects before moving on to a better solution, which is using adatabase instead of separate include()files for each entry. We ll also try to keep the secu- rity problems to a minimum, employing a password and letting you send mail to yourself if an unauthorized person tries to log in. The files you need for an HTML-based file-writing tool are: .login.php .logentry.php .logentry_handler.php .password.incPut password.incin a directory outside the Web tree, such as /home/htmluser. This willensure that your passwords cannot be read via the Web without being processed by PHPfirst. The directory must be world-executable and the document must be readable by thehttpduser (Nobody). If you have root access on this server, you could chownit to belong tothe httpduser; if not, you may have to make the file world-readable, which is a securitybreach. Be sure to use a password different from your system user password, just in case it s compromised. Listings 43-8 through 43-10 are the files you need for an HTML form to edit Weblog entries. Listing 43-8:Weblog entry login screen (login.php) Weblog login screen

Supply a username and password.

USERNAME:

PASSWORD:

BLOG ENTRY:
<br />If you are in need for cheap and reliable webhost to host your website, we recommend <a href="http://mysql5.armadillowebhosting.com">http web server</a> services. </p> <p class="postmetadata alt"> <small> This entry was posted on Friday, January 25th, 2008 at 8:18 am and is filed under <a href="http://domain.b5websitehosting.com/category/domain/" title="View all posts in Domain" rel="category tag">Domain</a>. You can follow any responses to this entry through the <a href='http://domain.b5websitehosting.com/domain/affordable-web-hosting-808part-vcase-studiesadding-an-html-editing-toolthis-simple/feed/'>RSS 2.0</a> feed. You can <a href="#respond">leave a response</a>, or <a href="http://domain.b5websitehosting.com/domain/affordable-web-hosting-808part-vcase-studiesadding-an-html-editing-toolthis-simple/trackback/" rel="trackback">trackback</a> from your own site. </small> </p> </div> </div>   <h3 id="respond">Leave a Reply</h3> <form action="http://domain.b5websitehosting.com/wp-comments-post.php" method="post" id="commentform"> <p><input type="text" name="author" id="author" value="" size="22" tabindex="1" /> <label for="author"><small>Name (required)</small></label></p> <p><input type="text" name="email" id="email" value="" size="22" tabindex="2" /> <label for="email"><small>Mail (will not be published) (required)</small></label></p> <p><input type="text" name="url" id="url" value="" size="22" tabindex="3" /> <label for="url"><small>Website</small></label></p>  <p><textarea name="comment" id="comment" cols="100%" rows="10" tabindex="4">