News
Apr 16, 2009 - Site Fully Database Driven
This site is now fully database driven with a basic admin system. It is not updated that regularly, but I had some spare time so took the opportunity to put my skills into practice.
News items can be added, edited and deleted.
Gallery images can be added, edited and deleted split into albums.
The news admin uses a set of buttons that allow you to insert HTML tags into the textarea. This is based on JS Quicktags.
Security aspects have been considered even though they are not particularly required on the site. These include using the PHP functions htmlentities, sprintf and mysql_real_escape_string and session tokens on the forms to combat Cross-site request forgery (CSRF).
The following resources proved useful:
phpsec.org/projects/guide/1.html
www.phpfreaks.com/tutorial/php-security
www.sitepoint.com/blogs/2005/05/09/validate-your-input
ha.ckers.org/xss.html
The site is XHTML 1.0 Strict compliant. The sitepoint article titled
"New-Window Links in a Standards-Compliant World" proved useful.
The .htaccess file has been improved to Redirect old indexed pages to new ones, Redirect non-www to the www version, Redirect index to root, Rewrite test.php to test.htm, and a couple more specific ones...
The following resources proved useful:
www.webweaver.nu/html-tips/web-redirection.shtml
corz.org/serv/tricks/htaccess2.php
www.moreniche.com/tutorials/htaccess-seo-basics.php
Other improvements include the addition of a favicon, robots.txt file, more header images, better Meta data, latest projects and a link to my StumbleUpon profile.
Hosting has been moved over to my Lunarpages account where unlimited add-on domains are possible.
Future work includes re-organising the scripts to fix the issue of "Cannot modify header information - headers already sent by ..." when uploading images. (sorted 17/05/09)
Also I plan to refresh my knowledge from University of object-oriented programming (OOP) and put it into practice.