Författare:
Per Stenebo
Skapad:
2017-07-16 06:22:46
Ändrad:
2020-06-22 11:40:42
en

Notes

Manual page for the BendCMS application Notes.
Notes have replaced the app pageComments.

Features

  • A simple interface for plain text messages.
  • A common main post + replies structure.
  • Moderator interface to manage posts.
  • Permissions to write and reply are set per page in page config.
  • Permission to moderate are set site-wide.
  • Post text can be edited by the original poster for as long as the user session lasts (and by moderators/admins).
  • Post timestamps (created & updated) can be edited by moderators and admins.
  • Optional name field.
  • Optional email address field for system notifications (hidden for other users).
  • Notify site admin/webmaster upon new posts.
  • Notify main poster on new reply in the same thread.
  • Notify reply posters on new reply in the same thread.
  • Import of data created by pageComments.
  • Max userlevel to send notification email to webmaster (don't send email when you write on your own website).

Features that might be inplemented in the future

  • Interface to blacklist users.
  • Pagination (show content in sections if many posts. Dev note: Some code written, but I got stuck.
  • Show tech details for moderators, like file size, last modified timestamp, and such.
  • Encryption.

Security

Notes include two methods to verify that the user is a human and not some kind of robot (spam-bot). The first method is transparent for the end user (invisible form field) and the second is a form field that require user input. The second field is also hidden if user is logged in or if the user already have a recent post on the current page.

Automatic listing of files in data dir is hindered by a index file. The data directory should be protected from direct access in the server configuration, like a htaccess file on apache-like web servers.

Usage for site admins

Notes as guestbook on a page

Select sysLogic/notesFront.php as logic file in page config. That hides the divider bar between main content and notes. You can still have regular content like a page header and description text.

Notes as blog on a page

Select sysLogic/notesFront.php as logic file in page config. Just like guestbook above.

Set $pConf[n]['commentLevel'] (least userlevel to write main post) to a high level, like the level that the blogger have.

Set $pConf[n]['commentReplyLevel'] (least userlevel to write reply post) to a low level like 1.

Block new posts on a page

Set $pConf[n]['commentLevel'] and $pConf[n]['commentReplyLevel'] to higher value than the users you want to block.

Technology

The app are splitted in two parts, a frontend with user interface and a backend for data processing. The backend is called from the frontend using AJAX technique and is never used directly by the user. The data is stored in CSV text files, one file per page.

Data fields and the CSV format

Some metadata are stored together with the user supplied data in a csv file, fields are separated with semicolon (;). Each post have these fields stored:

postId: Page-unique autogenerated id-number.
parentId: id-number of the parent post if post is a reply, zero if main post.
createUTS: Unix timestamp when post where created.
updateUTS: Unix timestamp when post was last edited (editable inline if moderator).
ip: Poster (public) IP.
session: Poster PHP session id.
status: Post status as a index number related to $bVar['notesStatusArr'] in app config.
encryption: Post encryption as an index number related to $bVar['notesEncArr'] in app config.
name: Optional name field.
email: Optional poster email field.
subject: Optional subject field.
body: Body text.

Post ID

Each post have a autogenerated identification number used by the system, unique for each post on the same page.

Special menings of post id and parent post id (when sent from frontend to backend):

(postId < 0)        = Send current posts (if any)
(postId == 0)      = New post
(postId > 0)        = Edit post

(parentId == 0)   = Main post
(parentId > 0)     = Reply to post with postId == parentId

User permissions

A moderator is a logged in BendCMS user who is member of the moderator usergroup (+ site admins).

If user permission level is >= page commentLevel  "Least user level to comment page":
User can write main post, write reply post, view posts.

If user permission level is >= page commentReplyLevel  "Least user level to reply on comments":
User can write reply post, view posts.

If user permission level is >= site blacklistLevel and >= page access level:
User can view posts.

The user permission level is evaluated in both frontend and backend using the same session.

Files

App configuration: ~/sysConfig/notesConfig.php

Page config frontend: ~/pageConfig/69.php

Logic frontend: ~/pageLogic/sysLogic/notesFront.php

Head file (transfer variables from php to javascript): ~/head/notesHead.php

Javascript: ~/javascript/notes.js

Translations: /sysLang/notes_en.php and /sysLang/notes_sv.php

Page content frontend: ~/pageContent/69.php

Page config backend: ~/pageConfig/70.php

Logic backend: ~/pageLogic/sysLogic/notesBack.php

Page content backend: ~/pageContent/70.php

Data files in dir: ~/pageData/notes/

Kommentarer till sidan Notes