dimayakovlev / getsimple-extended-cms Goto Github PK
View Code? Open in Web Editor NEWGetSimple Extended CMS
Home Page: https://github.com/dimayakovlev/getsimple-extended-cms
License: GNU General Public License v3.0
GetSimple Extended CMS
Home Page: https://github.com/dimayakovlev/getsimple-extended-cms
License: GNU General Public License v3.0
User input stored in pages XML files filtered by calling:
filter_var($string, FILTER_SANITIZE_FULL_SPECIAL_CHARS);
On output there is the problem with double encode HTML symbols. To fix this needs to review security, template and theme functions. To preserve problems with output of not filtered or filtered differently strings call one of two:
<?php echo filter_var($string, FILTER_SANITIZE_FULL_SPECIAL_CHARS); ?>
;<?php echo htmlspecialchars($string, ENT_QUOTES, 'UTF-8', false); ?>
;Since HTML symbols stored encoded and on save applied function xss_clean()
, there are no problems with tags in title, description and menu. Encoded symbols '<' and '>' will not be treated as HTML tags and will not broke anything in page but will not limit user with writing content. Anyway on output tags can be removed with function strip_tags()
.
All those changes needs to be tested well.
Auto opening metadata and component windows after save page.
State of windows can be stored in cookies or in page file.
Save application version in XML attribute for pages, users profiles and website data.
To enable Page Component uncomment # define('GSPAGECOMPONENT', true);
in gsconfig.php.
Needs to review plugin_function.php and change way of registering jQuery, jQuery UI and Fancybox.
These pages has header and footer sections that's not used. They are just empty.
So are any reasons to keep them?
Use / instead of global Pretty URL's pattern or individual Pretty URL's pattern defined by user for index page.
In function XMLsave()
XML string formatted before execution filter xmlsave
. To preserve formatted XML string function formatXmlString()
must be called after filter.
Image can be used in template or while sharing page other social media.
Menu Manager remove CDATA while update pages files.
Maybe add special type of pages with components and not enabling components for all pages.
Add button to close notification
If user want to disable HTML or Code editor while edit some pages, it must disable editors globally. Nice to have option to disable editors on page level.
This can be an option or shortcode.
Administrative panel is usable on devices with screens width more than 960px + scrollbar + browser borders.
Have no plans yet to adapt Administrative panel for mobiles but want to make it wider on desktops.
There are different PHP Warnings in DEBUG MODE. Need to check and fix.
Data for 403, 404 and 503 error pages are loading from special XML files stored in GSDATAOTHERPATH
without redirecting to standard pages. Enabling GSCANONICAL causes redirection to 403, 404 and 503 pages.
If a page has been deleted, children pages have a non-existent parent page. All of this children pages will not be shown in table of pages. This can be fixed by changing parent page for children pages on page deletion.
New actions:
page-clone
- executed if page data file copied successfully, after modifying cloned page object;page-clone-success
- executed if cloned page object saved successfully to cloned page data file;page-clone-error
- executed if error acquired while page cloning.Need a function to get parents pages with fields data. Like getChildrenMulti()
for children pages.
On cloning page needs to update data page fields author
, publisher
, creDate
and attributes revisionNumber
, appName
and appVersion
.
Create child page with one click from the Page Management.
Use changedata.php as one point to save submitted data.
Remove call of the function cdn_fallback()
from the function get_scripts_backend()
.
Not every theme use jQuery and jQuery UI.
Will be better if theme developer implement CDN fallback by itself or set own CDN URLs for jQuery and jQuery UI in $GS_script_assets
and after that call cdn_fallback()
.
For each page in the file pages.xml
there are fields url
and slug
. In these fields stored id
s of pages. Better to use field url
to store result of find_url()
function.
Add "Not published" page status. Page will be not available for all type of users.
Add button to the list of pages to create copy of page without opening it in the editor.
Select file template.php in dropdown list #theme-files on changing theme to edit.
If private pages highlighted with color in list, they attract user's attention.
Return of function find_url()
compared with $_SERVER['REQUEST_URI']
. If requested URL contains query string client redirected to URL formed by function find_url()
.
User can only edit files with lowercase extensions.
Change links in administration panel to this repository and wiki.
Option can be available on Settings page or in gsconfig.php.
Get ERR_TOO_MANY_REDIRECTS running GetSimple Extended CMS on the PHP Development Server on the Microsoft Windows with GSCANONICAL
setting enabled.
There is no issue with PHP Development Server on Linux. So problem in function find_url()
, because dirname
from pathinfo()
contains backslashes on Microsoft Windows witch don't replaced.
$_SERVER['REQUEST_URI']
: "/index.php?id=test-page"
find_url('test-page', false)
: "\/index.php?test-page"
Need to change text for count of pages, plugins, archives, backups and uploads to improve translation quality.
Save time of last changes in website pages and settings in website.xml file.
PHP Development Server can be used while develop website but it doesn't work with Pretty URLs. So Pretty URLs can be disabled automatically, no need to change settings manually.
Idea taken from Shawn's plugin sa hook components.
To enable execution Components on actions do:
define('GSCOMPONENTACTION', true);
in gsconfig.php file;If Fancy URLs option enable user can set custom permalink structure on page level to overwrite global website setting.
Data can be stored in page field permalink
.
There are two ways:
Address gh-11.
Need to think about implementation.
New supported tokens can be:
%parents%
- list all parents of the page;%lang%
- language of the page;%year%
, %month%
, %day%
- values from page creation date.Adding more tokens needs performance optimization. So good to store pages urls in cache.
Use <p class="backuplink"></p>
as on edit.php but no backup link.
Need to reduce number of colors and remove inline styles from elements.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.