/  25
 
Create an interactive production wiki using PHP,Part 5:The open blog
An environment for open discussion
Skill Level: IntermediateDuane O'Brien(d@duaneobrien.com) PHP developerFreelance10 Apr 2007This"Create an interactive production wiki using PHP" tutorial series creates a wiki from scratch using PHP, with value-added features useful for tracking production.Wikis are widely used as tools to help speed development, increase productivity andeducate others. Each part of the series develops integral parts of the wiki until it iscomplete and ready for prime time, with features including file uploading, acalendaring "milestone" system, and an open blog. The wiki will also contain projectswhose permissions are customizable to certain users and will contain projects whosepermissions are customizable to certain users. In Part 4 we added some taskmanagement. Now you will create an open blog, which will allow users a place tohold public discussions.
Section 1. Before you start
This"Create an interactive production wiki using PHP" series is designed for PHP application developers who want to to take a run at making their own custom wikis.You'll define everything about the application, from the database all the way up tothe wiki markup you want to use. In the final product, you will be able to configuremuch of the application at a granular level, from who can edit pages to how open theblog really is.At the end of this tutorial, Part 5 of a five-part series, you will have an open blogworking in your wiki. You should not continue until you have completed the first fourtutorials.
The open blog © Copyright IBM Corporation 1994, 2007. All rights reserved.Page 1 of 25
 
About this series
Part 1of this series draws the big picture. You determine how you want theapplication to look, flow, work, and behave. You'll design the database andrough-out some scaffolding.Part 2focuses on the primary wiki development,including defining the markup, tracking changes, and file uploads. InPart 3, youdefine some users and groups, as well as a way to control access to certain aspectsof individual wiki pages and uploaded files. Part 4 deals with a Calendaring andMilestones feature to track tasks, to-dos, and progress against set goals. Here inPart 5, you put together an open blog to allow discussion of production topics andconcerns.
About this tutorial
This tutorial deals with creating an open blog for Criki. You have built the basic wikifeatures, and you have added task management for your users. An open blog isanother valuable feature that will allow your users a place to hold public discussions.Topics include:What is meant by "open blog"Blog workflow designBuilding out the blog database tableBasic blog features
Prerequisites
It is assumed you have completedPart 1,Part 2,Part 3, andPart 4of this "Create an interactive production wiki using PHP" series. And it is assumed that you havesome experience working with the PHP programming language and MySQL. Wewon't be doing a lot of deep database tuning, so as long as you know the basic insand outs, you should be fine.
System requirements
Before you begin, you need to have an environment in which you can work. Thegeneral requirements are reasonably minimal:An HTTP server that supports sessions (and preferably mod_rewrite).This tutorial was written using Apache V1.3 with mod_rewrite enabled.PHP V4.3.2 or later (including PHP V5). This was written using PHPV5.0.4
developerWorks® ibm.com/developerWorksThe open blogPage 2 of 25© Copyright IBM Corporation 1994, 2007. All rights reserved.
 
Any version of MySQL from the last few years will do. This was writtenusing MySQL V4.1.15.You'll also need a database and database user ready for your application to use.The tutorial will provide syntax for creating any necessary tables in MySQL.Additionally, to save time, we will be developing Criki using a PHP framework calledCakePHP. Download CakePHP by visitingCakeForge.organd downloading thelatest stable version. This tutorial was written using V1.1.13. For information aboutinstalling and configuring CakePHP, check out the tutorial series titled "Cook up Websites fast with CakePHP" (seeResources).
Section 2. Criki so far
At the end ofPart 4, you were given several items to complete. There was at leastone glaring security hole in the task management edit workflow. You were taskedwith finding a way to use wiki markup when writing task descriptions, withoutreproducing the wiki markup rendering code. And the tasks views contained usernames as text, which could have been made into links to the users' profiles. How didyou do?
Securing the task management edit workflow
There are two specific problems in the task management edit workflow to address.Alert code monkeys will have noticed them already. The first should be fairlyobvious. Consider this line from the tasks edit view in Listing 1.
Listing 1. Tasks edit view excerpt
<?phpif ($task['Task']['user_id'] == $user['id']) :echo $html->link('Edit','/tasks/edit/' . $task['Task']['id']);endif;?>
This displays the edit link for only the user to whom the task has been assigned.Now consider the task edit action in Listing 2.
Listing 2. Task edit action
function edit($id = null) {if(empty($this->data)) {if(!$id) {$this->Session->setFlash('Invalid id for Task');$this->redirect('/task/index');
ibm.com/developerWorks developerWorks® The open blog © Copyright IBM Corporation 1994, 2007. All rights reserved.Page 3 of 25

IBM Wiki tutorial with CakePHP No 5

Download this Document for FreePrint
This is a private document.

Info and Rating

gerhardsletten

Share & Embed

More from this user

Add a Comment

Characters: ...