Build a CMS Step 4c
Making the menu editable
Our Control Panel will now give us the option of updating our menu, username and password. The menu file contains a list of the pages that should appear, separated by commas.
Files and Folders
Updated data folder
Updated contents of the data folder
admin.php ▾
<?php
session_start();
include ("inc/functions.php");
$pageid = "";
$loggedin = false;
if (isset ($_SESSION['admin'])) {
if ($_SESSION ['admin'] === true) {
$loggedin = true;
}
}
include ('inc/header.php');
if ($loggedin === true){
$adminpage = 'control-panel';
if (isset ($_GET['adminpage'])) {
$adminpage = filter_input(INPUT_GET, "adminpage", FILTER_SANITIZE_STRING) ;
}
include ("admin/" . $adminpage . ".php");
}
else {
echo "You must be logged in to access this page: <a href = 'index.php?page=loginp'>LOGIN</a>";
}
echo "<a class = 'adminbutton' href = 'index.php?page=logout'>Log Out</a>";
include ("inc/footer.php");
?>
index.php ▾
<?php
session_start();
$loggedin = false;
if (isset ($_SESSION['admin'])) {
if ($_SESSION['admin'] === true) {
$loggedin = true;
}
}
include ('inc/header.php');
//The default page is 'home'
$pageid = 'home';
//Use the $_GET statement to check the query string
if (isset ($_GET['page'])) {
$pageid = filter_input(INPUT_GET, "page", FILTER_SANITIZE_STRING) ;
}
if (file_exists ('data/pages/' . $pageid . '.txt')) {
$pageblockstring = file_get_contents ('data/pages/' . $pageid . ".txt");
$pageblockarray = explode (',', $pageblockstring);
foreach ($pageblockarray as $item) {
$item = trim ($item);
$pos1 = strpos ($item, ":");
$blockid = substr ($item, $pos1 + 1);
if (file_exists ('data/blocks/' . $blockid . '.txt')){
$content = file_get_contents ('data/blocks/' . $blockid . '.txt');
echo $content;
if ($loggedin === true){
echo "<a class = 'edit-block' href = 'admin.php?adminpage=add-update-block&block=" . $blockid . "' >Edit Block</a>";
}
}
else if (file_exists ('data/blocks/' . $blockid . '.php')) {
include ('data/blocks/' . $blockid . '.php');
}
}
}
if ($loggedin === true){
if ($pageid !== 'login' && $pageid !== 'logout') {
echo "<a class = 'adminbutton' href = 'admin.php?adminpage=add-update-page&page=" . $pageid . "' >Edit Page</a>";
}
echo "<a class = 'adminbutton' href = 'admin.php?page=control-panel'</a>Control Panel</a>";
echo "<a class = 'adminbutton' href = 'index.php?page=logout'>Log Out</a>";
}
else if ($pageid !== 'login'){
echo "<a class = 'adminbutton' href = 'index.php?page=login'>Login</a>";
}
include ("inc/footer.php");
?>
Pages
about.txt ▾
TEXT-BLOCK:about,TEXT-BLOCK:holiday-hours
contact.txt ▾
TEXT-BLOCK:contact,TEXT-BLOCK:holiday-hours
home.txt ▾
TEXT-BLOCK:home,TEXT-BLOCK:holiday-hours
login.txt ▾
TEXT-BLOCK:login
logout.txt ▾
TEXT-BLOCK:logout
admin
add-update-block.php ▾
<?php
$blockid = "";
if (isset ($_GET['block'])) {
if ($_GET['block'] !== ""){
$blockid = filter_input(INPUT_GET, "block", FILTER_SANITIZE_STRING) ;
$blockid = trim ($blockid);
}
}
if (file_exists ('data/blocks/' . $blockid . '.txt') || $blockid === "") {
$content = "";
if (file_exists ('data/blocks/' . $blockid . '.txt')) {
$content = file_get_contents ('data/blocks/' . $blockid . '.txt');
}
if ($_SERVER ["REQUEST_METHOD"] == "POST" ) {
if (isset ($_POST['content'])) {
$content = $_POST['content'];
}
if (isset ($_POST['title'])) {
$title = $_POST['title'];
}
//Check if this is a new block
if ($blockid === ""){
$blockid = createRecordKey ('blocks', $title);
}
if ($blockid !== "") {
file_put_contents ('data/blocks/' . $blockid . ".txt", $content);
}
}
?>
<h3>Update block: <?php echo $blockid; ?></h3>
<div class = 'content-column'>
<form method = 'post' action = 'admin.php?adminpage=add-update-block&block=<?php echo $blockid; ?>'>
<?php
if ($blockid === ""){
echo "<label for= 'title'>Block Title</label><br>";
echo "<textarea id = 'title' name = 'title' rows = '1' ></textarea><br><br>";
}
?>
<label for='text'>Block Content</label><br>
<textarea name = 'content' rows = '10' ><?php echo $content; ?> </textarea>
<br><br>
<input class = 'submitbutton' type = 'submit' name = 'submit' value = 'Submit' />
</form>
<br><br>
</div><div class = 'sidebar-column'>
<a class = 'adminbutton' href = 'admin.php?adminpage=control-panel'>Control Panel</a>
<a class = 'adminbutton' href = 'admin.php?adminpage=remove-block&block=<?php echo $blockid; ?>'>Remove block</a>
<a class = 'adminbutton' href = 'index.php'>View Website</a>
</div>
<?php
}
add-update-page.php ▾
<?php
$pageid = "";
if (isset ($_GET['page'])) {
if ($_GET['page'] !== ""){
$pageid = filter_input(INPUT_GET, "page", FILTER_SANITIZE_STRING) ;
$pageid = trim ($pageid);
}
}
if (file_exists ('data/pages/' . $pageid . '.txt') || $pageid === "") {
$content = "";
if (file_exists ('data/pages/' . $pageid . '.txt')) {
$content = file_get_contents ('data/pages/' . $pageid . '.txt');
}
if ($_SERVER ["REQUEST_METHOD"] == "POST" ) {
if (isset ($_POST['content'])) {
$content = $_POST['content'];
}
if (isset ($_POST['title'])) {
$title = $_POST['title'];
}
//Check if this is a new page
if ($pageid === ""){
$pageid = createRecordKey ('pages', $title);
}
if ($pageid !== "") {
file_put_contents ('data/pages/' . $pageid . ".txt", $content);
}
}
?>
<h3>Update page: <?php echo $pageid; ?></h3>
<div class = 'content-column'>
<form method = 'post' action = 'admin.php?adminpage=add-update-page&page=<?php echo $pageid; ?>'>
<?php
if ($pageid === ""){
echo "<label for= 'title'>page Title</label><br>";
echo "<textarea id = 'title' name = 'title' rows = '1' ></textarea><br><br>";
}
?>
<label for='text'>page Content</label><br>
<textarea name = 'content' rows = '10' ><?php echo $content; ?> </textarea>
<br><br>
<input class = 'submitbutton' type = 'submit' name = 'submit' value = 'Submit' />
</form>
<br><br>
</div><div class = 'sidebar-column'>
<a class = 'adminbutton' href = 'index.php?page=<?php echo $pageid; ?>'>View Page</a>
<a class = 'adminbutton' href = 'admin.php?adminpage=control-panel'>Control Panel</a>
<a class = 'adminbutton' href = 'admin.php?adminpage=remove-page&page=<?php echo $pageid; ?>'>Remove page</a>
<a class = 'adminbutton' href = 'index.php'>View Website</a>
</div>
<?php
}
control-panel.php ▾
<?php
$username = file_get_contents ('data/username.txt');
$password = file_get_contents ('data/password.txt');
$menu = file_get_contents ('data/menu.txt');
if ($_SERVER ["REQUEST_METHOD"] == "POST" ) {
if (isset ($_POST['menu'])) {
$menu = $_POST['menu'];
file_put_contents ('data/menu.txt', $menu);
}
if (isset ($_POST['username']) ){
$username = $_POST['username'];
file_put_contents ('data/username.txt', $username);
}
if (isset ($_POST['password'])) {
$password = $_POST['password'];
file_put_contents ('data/password.txt', $password);
}
}
?>
<h2>Control Panel</h2>
<div class = 'left'>
<div class = 'manage-heading'>Pages</div>
<div class = 'content-column'>
<?php
$array1 = scandir ("data/pages");
foreach ($array1 as $item) {
if ($item !== "." && $item !== "..") {
$pageid = str_replace('.txt', '', $item);
$pageid = trim ($pageid);
echo "<a href = 'admin.php?adminpage=add-update-page&page=" . $pageid . "'>" . $pageid . "</a><br>";
}
}
?>
</div><div class = 'sidebar-column'>
<a class = 'adminbutton' href = 'admin.php?adminpage=add-update-page'>New Page</a>
</div>
<div class = 'manage-heading'>Page Blocks</div>
<div class = 'content-column'>
<?php
$array1 = scandir ("data/blocks");
foreach ($array1 as $item) {
if ($item !== "." && $item !== "..") {
$item = trim ($item);
$pos1 = strpos ($item, '.');
$blockid = substr ($item, 0, $pos1);
$extension = substr ($item, $pos1);
if ($extension === '.php') {
echo $blockid . "<br>";
}
else if ($extension === '.txt'){
echo "<a href = 'admin.php?adminpage=add-update-block&block=" . $blockid . "'>" . $blockid . "</a><br>";
}
}
}
?>
</div><div class = 'sidebar-column'>
<a class = 'adminbutton' href = 'admin.php?adminpage=add-update-block'>New BLock</a>
</div>
<div class = 'manage-heading'>Menu</div>
<form method = 'post' action = 'admin.php?adminpage=control-panel'>
<div class = 'content-column'>
<label for= 'username-id'>Menu</label><br>
<input id = 'username-id' type = 'text' name = 'menu' value = '<?php echo $menu;?>'/>
<br><input class = 'submitbutton' type = 'submit' name = 'submit-menu' value = 'Submit' />
</div>
</form>
</div>
<div class = 'manage-heading'>Username and Password</div>
<form method = 'post' action = 'admin.php?adminpage=control-panel'>
<div class = 'content-column'>
<label for= 'username-id'>Username</label><br>
<input id = 'username-id' type = 'text' name = 'username' value = '<?php echo $username;?>'/>
<br><br><label for= 'password-id'>Password - Letters, Numbers and/or special characters: '-$!?\#*' </label><br>
<input id = 'password-id' type = 'text' name = 'password' value = '<?php echo $password;?>'/>
<br><input class = 'submitbutton' type = 'submit' name = 'submit-settings' value = 'Submit' />
</div>
</form>
remove-block.php ▾
<?php
echo "<div class = 'content-column'>";
$blockid = "";
if (isset ($_GET["block"])){
$blockid = filter_input(INPUT_GET, "block", FILTER_SANITIZE_STRING) ;
}
if ($_SERVER ["REQUEST_METHOD"] == "POST" ) {
if (isset($_POST ['removeflag'])) {
$removeflag = trim($_POST['removeflag']);
if ($removeflag === "REMOVE") {
if (file_exists ("data/blocks/" . $blockid . ".txt")) {
$oldfilename = 'data/blocks/' . $blockid . '.txt';
$newfilename = 'data/trash/' . $blockid . ".txt";
rename ($oldfilename, $newfilename);
//Remove this block from all pages
$array1 = scandir ('data/pages');
foreach ($array1 as $item1) {
if ($item1 !== "." & $item1 !== "..") {
$item1 = trim ($item1);
$pageid = str_replace ('.txt', '', $item1);
$pageblockstring = file_get_contents ('data/pages/' . $pageid . '.txt');
$pageblockarray = explode (',' , $pageblockstring);
foreach ($pageblockarray as $id => $item2) {
$item2 = trim ($item2);
if ($item2 === 'TEXT-BLOCK:' . $blockid) {
unset ($pageblockarray [$id]);
}
}
array_values ($pageblockarray);
$pageblockstring = implode (',', $pageblockarray);
file_put_contents ('data/pages/' . $pageid . '.txt', $pageblockstring);
}
}
}
}
}
}
if (file_exists ("data/blocks/" . $blockid . ".txt") ) {
echo "<h2>Remove block: " . $blockid . "</h2>";
?>
<form method = 'post' action = 'admin.php?adminpage=remove-block&block=<?php echo $blockid ;?>'>
<h3>Are you sure you want to move <?php echo $blockid ; ?> to the Trash Bin?</h3><br>
NO: <input type = 'radio' name = 'removeflag' value = '' checked />
YES <input type = 'radio' name = 'removeflag' value = 'REMOVE' />
<br><br><input class = 'submitbutton' type = 'submit' name = 'submit' value='Remove'/>
</form>
<?php
}
else {
echo "This block has been removed";
}
echo "</div><div class = 'sidebar-column'>";
echo "<br><a class = 'adminbutton' href = 'admin.php?adminpage=control-panel'>Manage Website</a>";
echo "</div>";
?>
remove-page.php ▾
<?php
echo "<div class = 'content-column'>";
$pageid = "";
if (isset ($_GET["page"])){
$pageid = filter_input(INPUT_GET, "page", FILTER_SANITIZE_STRING) ;
}
if ($_SERVER ["REQUEST_METHOD"] == "POST" ) {
if (isset($_POST ['removeflag'])) {
$removeflag = trim($_POST['removeflag']);
if ($removeflag === "REMOVE") {
if (file_exists ("data/pages/" . $pageid . ".txt")) {
$oldfilename = 'data/pages/' . $pageid . '.txt';
$newfilename = 'data/trash/' . $pageid . ".txt";
rename ($oldfilename, $newfilename);
foreach ($menuarray as $id => $item) {
if (trim ($item) === $pageid) {
unset ($menuarray[$id]);
$string = implode (",", $menuarray);
file_put_contents ('data/menu.txt', $string);
}
}
}
}
}
}
if (file_exists ("data/pages/" . $pageid . ".txt") ) {
echo "<h2>Remove page: " . $pageid . "</h2>";
?>
<form method = 'post' action = 'admin.php?adminpage=remove-page&page=<?php echo $pageid ;?>'>
<h3>Are you sure you want to move <?php echo $pageid ; ?> to the Trash Bin?</h3><br>
NO: <input type = 'radio' name = 'removeflag' value = '' checked />
YES <input type = 'radio' name = 'removeflag' value = 'REMOVE' />
<br><br><input class = 'submitbutton' type = 'submit' name = 'submit' value='Remove'/>
</form>
<?php
}
else {
echo "This page has been removed";
}
echo "</div><div class = 'sidebar-column'>";
echo "<br><a class = 'adminbutton' href = 'admin.php?adminpage=control-panel'>Manage Website</a>";
echo "</div>";
?>
Inc
footer.php ▾
</main>
<footer>
<br><br>
<br><br><br>Copyright © The Nip Shoppe<br>
</footer>
</body>
</html>
functions.php ▾
<?php
function createRecordKey ($folder, $newname) {
$newkey = "";
if ($newname === '') {
echo "<div class = 'error'>Missing Name</div>";
}
else {
if (strlen ($newname) > 50) {
echo "<div class = 'error'>Title must be less than 50 characters</div>";
}
else {
$newkey = str_replace(" ", "-", $newname);
$newkey = strtolower ($newkey);
$newkey = html_entity_decode($newkey, ENT_QUOTES);
$newkey = preg_replace('/[^A-Za-z0-9-]/', '', $newkey);
$newkey = preg_replace('/-+/', '-', $newkey);
if ($newkey === "") {
echo "<div class = 'error'>Invalid Record Name</div>";
}
else {
// CHECK THAT THIS RECORD DOESN'T ALREADY EXIST
$filename = "data/" . $folder . "/" . $newkey . ".txt";
if (file_exists ($filename)) {
echo "<div class = 'error'>'" . $folder . "' record with this name already exists</div>";
$newkey = "";
}
}
}
}
return $newkey;
}
?>
header.php ▾
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>CMS-Step 4c</title>
<link rel= 'stylesheet' type='text/css' href= 'inc/style.css'>
<?php
if ($loggedin === true) {
echo "<meta name = 'robots' content = 'nofollow, noindex'> ";
}
?>
</head>
<body>
<header>
<a class = 'return' href = '../../build-a-cms-step-4c'>← Return to CMS Step 4c</a><br>
<?php
$string = file_get_contents ('data/menu.txt');
$menuarray = explode (",", $string);
foreach ($menuarray as $item) {
$item = trim ($item);
echo "<a class = 'menuitem' href = 'index.php?page=" . $item . "'>" . ucwords (str_replace ('-', " ", $item)) . "</a>";
}
?>
</header>
<main>
style.css ▾
@font-face {
font-family: Chelsea_Market;
src: url('../data/fonts/ChelseaMarket-Regular.ttf');
}
@font-face {
font-family:Open_Sans;
src: url('../fonts/data/OpenSans-Regular.ttf');
}
body {
font-family: "Open_Sans", sans-serif;
text-align: center;
color: black;
margin: 0 auto;
text-align: center;
width: 1100px;
max-width: 100%;
padding: 0 20px;
box-sizing: border-box;
}
h1 {
font-family: 'Chelsea_Market', cursive;
margin: 10px auto;
}
h2 {
text-align: center;
color: #3e4871;
}
h3 {
font-size: 16px;
color: #0d4a4d;
}
b {
color: purple;
}
a {
text-decoration: none;
color: purple;
}
a:hover {
color: purple;
}
img {
max-width: 100%;
}
label {
font-size: 14px;
font-weight: bold;
}
.error {
color: red;
padding: 20px;
font-size: 18px;
}
.return {
font-size: 12px;
}
textarea {
width: 100%;
max-width: 100%;
}
/** HEADER */
.header {
text-align: center;
display: block;
margin: auto;
padding: 20px 0;
}
a.title {
color: black;
}
a.menuitem {
display: inline-block;
margin: 0 10px;
padding: 3px 7px;
text-decoration: underline;
font-size: 14px;
}
/** MAIN */
main {
text-align: center;
display: block;
margin: auto;
margin-top: 30px;
width: 1000px;
max-width: 100%;
}
/** COLUMNS */
.content-column, .sidebar-column , .half-column-1,.half-column-2, .manage-column, .third-column {
display: inline-block;
box-sizing: border-box;
max-width: 100%;
vertical-align: top;
}
.content-column {
width: 65%;
text-align: left;
}
.sidebar-column {
width: 35%;
text-align: center;
}
.third-column {
width: 33%;
}
.half-column-1, .half-column-2 {
width: 50%;
}
.full-column {
text-align: left;
width: 100%;
padding: 20px;
}
/** Admin */
.manage-heading {
background-color: #3e4871;
padding: 5px;
margin: 20px auto 10px auto;
color: white;
text-transform: uppercase;
text-align: center;
font-size: 14px;
}
a.adminbutton, input.submitbutton {
background-color: #3e4871;
color: white;
padding: 5px 7px;
border: 1px solid black;
margin: 10px auto;
width: 140px;
display: block;
}
input.submitbutton{
background-color: purple;
border: 1px solid black;
border-radius: 3px;
margin-bottom: 20px;
width: 100px;
}
.edit-block {
border: 1px solid #bbb;
width: 120px;
max-width: 100px;
padding: 5px 7px;
margin: 10px auto;
}
/** Menu building */
.resource-blocks {
border: 1px solid #bbb;
cursor: pointer;
padding: 5px;
word-break: break-all;
font-size: 14px;
margin: 3px auto;
display: inline-block;
vertical-align: top;
}
button.slot {
color: white;
margin: 5px;
padding: 7px 12px;
font-size: 14px;
cursor: pointer;
text-align: center;
text-decoration: none;
background-color: blue;
display: inline-block;
border-radius: 2px;
font-style: normal;
width: 160px;
}
.jssort1 {
display: inline-block;
padding: 5px;
border: 1px solid #bbb;
margin: 3px 5px;
max-width: 100%;
font-size: .9em;
cursor: pointer;
background-color: #eee;
min-height: 40px;
vertical-align: top;
}
.jssort1.pink {
background-color: #eac0c7;
}
.hidden {
display: none;
}
.highlighted {
border: 2px solid blue;
}
/** FOOTER */
footer {
font-size: .8em;
margin: 40px auto;
}
/**BREAKPOINTS */
@media only screen and (max-width: 600px) {
.content-column, .sidebar-column {
width: 100%;
text-align: center;
}
}