a content management system built on top of codeigniter4 .Functionality: blog creation with image upload, deletion and edit of blog. Also image upload for gallery. Login consists of login for one admin , with captcha.

andy brookes 5722dbe0d3 fixed duplication of display of header and footer when setUp evoked 2 years ago
PHPMailer 2c48130e8b cms start 2 years ago
app b48d91160d fixed duplication of display of header and footer when setUp evoked 2 years ago
bootstrapCss 2c48130e8b cms start 2 years ago
bootstrapS 2c48130e8b cms start 2 years ago
fontawesome 2c48130e8b cms start 2 years ago
public 2c48130e8b cms start 2 years ago
scss 2c48130e8b cms start 2 years ago
writable b48d91160d fixed duplication of display of header and footer when setUp evoked 2 years ago
.jshintrc 2c48130e8b cms start 2 years ago
Gruntfile.js 2c48130e8b cms start 2 years ago
README.md 8092bcec9e fixed issue if login fails, updated readme.md 2 years ago
builds 2c48130e8b cms start 2 years ago
composer.json 2c48130e8b cms start 2 years ago
composer.lock 2c48130e8b cms start 2 years ago
env 2c48130e8b cms start 2 years ago
license.txt 2c48130e8b cms start 2 years ago
spark 2c48130e8b cms start 2 years ago


 Salient Points:


The CodeIgniter team make available Ci4 with a MIT licence , I'm quite happy to have anything I've added to inherit that licence; which means all code from the CI4 team and what I've added cab be taken to be all under the same umbrella licence of MIT. Details of the licence is in web root , file licence

I'm on Arch Linux where php is currently :

[andrew@darkstar:~]$ php -v (08-16 11:29) PHP 8.0.9 (cli) (built: Jul 31 2021 08:10:26) ( NTS ) Copyright (c) The PHP Group Zend Engine v4.0.9, Copyright (c) Zend Technologies [andrew@darkstar:~]$

Everything seems to work with CI4.1.3 and php 8 fine so far

Getting Started

Download the Zip to your Desktop. In order to reduce upload size the vendor directory was removed. However its easy to put back. Open a shell window i.e. xterm or equivalent, CD into unzipped directory and type :

composer install.

Never run composer with 'sudo' nor root permissions. If you do you will likely get a blank page! Now to run “composer install" you need to have composer installed, or its already .

For composer use see : https://getcomposer.org/

If your on Linux you can from a terminal do something like :

sudo chmod 777 composer.phar sudo mv composer.phar /usr/local/bin/composer

that will put the executable file into your /usr/local/bin which then then can be evoked just using "composer" .

To fire up Ci4 from the same terminal window type “php spark serve”

You should back on the terminal window get feedback development server started. Enter into the address bar of your web browser of choice type: http://localhost:8080

Then you should get the landing page up .


The reason why the system works and that you can see the arbitary blogs , is that it doesn't need MySQl to work. Instead i use sqlite3 database , which is "serverless" meaning it doesn't require a db server to work. The database name is just "Art" and is located in the writable directory. Make sure that the writable directory has read & write permissions and so does the Art database file.

Sqlite db's sometimes are named with .db suffix. I found that with one datbase browser, nothing was visible until i clicked to open "all files". A light and simple database browser and editor is called sqlitebrowser: https://sqlitebrowser.org/ It should be in your repository if your on Linux.

As a brwoser I use Firefox (hey they need all the help they can get) and had a little trouble with web caching. It kept serving me the same page; that was before I edited custom.scss.

Either you are going to have to keep clearing the web cache via history or try , typing “ about:config “ into the address bar and disable web caching.

The system is written on top of CodeIgniter 4.1.3 and consists of a very light CMS system. if you look at the attached image , which once logged in is accessible from /orange

I.e full url i.e http://localhost:8080/orange

the links take you to forms where administrative tasks can be done will be visible. if not logged in access the admin page http://localhost:8080/admin will come up as page not found. You don't want web surfers getting access to the url , so its prevented using filters.

Now there is a little setting up to do , the system uses an sqlite3 database file and that needs populating with a admin user name and password. To to do that simply type /setUp at the url i.e full url is : http://localhost:8080/setUp Note the camel case with the U being a capital .

The password will be automatically encrypted . If it works you will simply get "done” returned

After that you need to go to app/config/ Routes.php and comment out lines 48 and 49 which are: $routes->get('setUp','Setup::setUpForm'); $routes->post('setUpDo','Setup::process');

that stops anyone else if they discover the url setting up .

You can then login going to http://localhost:8080/orange

you will probably think funny url ? well you want a weird url for login if possible so that its hard to guess. Its harder to hack a web site if hackers can find your admin login page. Now you should see a simple captcha.

Its my own simple login system. A quick point here; if you compare to WordPress where the login form can easily be accessed,user names easily obtained and WP has no captcha, then i suggest relatively speaking security is not bad here ! Login is under session with 5 attempts to further reduce risk from hackers.

if you want to change the url for the admin login page edit line 105 of app/config/Routes.php :

$routes→get('orange','Login::login'); change ‘orange’ to something else

PLEASE note there are some re-directs using whatever you change 'orange' to in the file app/Controllers/Login.php on lines 168 and 195 .

These are evoked on a failure on login.

The other points are that the system has as its front end bootstrap, and it uses flexbox . I have break points so its responsive to different device size windows.

Before I forget; on the landing page, that has the carousel on the right is the latest Tweets; its my daughters tweet account. The point is you can replace that embed code with your own, so surfers can see a couple of your latest tweets. Lets hope you update more than my daughter . “is she bothered ?” No

Now when you ran “composer install” that should have put twbs into vendor. The twbs directory will be Bootstrap in the form of Sass.

There’s 2 ways to tweak ; you can directly edit the bootstrap sass, or edit custom.scss and then run grunt.

A few words on grunt; to install grunt from a terminal run :

sudo npm install -g grunt-cli

that installs grunt globally on your system. Then change directory I.e from a shell (terminal windows) CD into root directory and run:

npm install grunt --save-dev

After editing either the bootstrap sass or the sass in the custom.scss (see image for location) run once :

grunt do1 grunt do2 grunt do3

That does the conversion of sass into css , concats 3 bootstrap css into one etc. Custom.css by the way part overrides the bootstrap.css

One file which is referenced in the view layout.php brings it all together and is called “style.css”

One you’ve run grunt as above times as above then run once :

grunt watch

After that any changes to custom.scss will be picked up and the processing done automatically. You might have to clear the browser cache as mentioned and also re-fresh browser! Feel free to edit Grunt.js so that the browser refreshes automatically

Regarding the contact form for people to get back to you, from the web and the process of surfers input into the contact form, the way I used it was to use my google account name and password in Sendmail.php .

I did that via lines 90 and 92 of app/controllers/sendmail.php

[line 90 ]$mail->Username = "*@gmail.com"; //Password to use for SMTP authentication [line 92]$mail->Password = "*****";

Line 90 (marked out here for privacy is my google email) now I had google email arranged as a “two step” so on line 92 the password was the one I created for web app via google 2 step dashboard

then on lines 94, 95 : $mail->setFrom('admin@yourdomain', 'john Doe'); $mail->addAddress('emailAddressWhereMeesageShouldBeSent', 'John Doe');

here admin@yourdomain simply comes up in email message. For the section "emailAddressWhereMeesageShouldBeSent " what i did was use my yahoo email account email. So basically i used my google account email and google mail sever to send myself an email to my yahoo email account. you can use your domain email account if you want and simply your own email account to receive the message.

The bane of our lives these days, are spammers, so before the input from a surfer gets sent to the email , defined in the controller Sendmail.php a bit of spam checking is done. On my live testing I didn't actually get much spam ( maybe that was due to not much traffic ?) any way , the spam checking is done via a Controller called SpamChecker.php located app/Andy/SpamChecker.php If you open up that file you will see a small array such as 'http','www','//', 'viagra','

Obviously spammers want to send you a link to their clients web site, so the first 3 values in the array reflect that. Then I've added key words from the spam i received. if any of that is input into the message text box of the contact form, the surfer gets re-directed to a "your a spammer page" and the message is not sent.

You can add your own key words as you see fit.


I left a couple of arbitrary blogs in the database, so you could play with how the edit or delete works. Another small point at the bottom of each page you will see a link, saying download in pdf. Surfers who visit your blog, and you write something interesting will want to download it ! If you try that yourself it would go to your local download.

Now a quick point regarding running the web app from your desktop and having it served from say Apache. When fired up using spark, the download struggles and doesn't really work. I've got it served from Apache local dev, and the download to pdf, in this case works fine.

Edit of blogs.

Now if you have done anything with html , you will know that some characters are best represented by their html entity for best rendering to how you want then to look; databases also don't like certain characters. So here's the problem, when you do an edit of a blog enter characters without thinking it could cause glitch. I don't want that to happen, so when you click submit the system does some regular expression filtering. You also don't want the sytem to be a control freak either, or there might be no formating. So i've included tags that a permitted including

(start and end of paragraph)


You might have come across Blade or twig on other systems. With CodeIgniter you can make use of "layouts" which is what i 've done.

So if you want to have another page called say something.php then the view contents would look like:

<?= $this->extend('layout') ?> <?= $this->section('content') ?>

Page content of the view goes here

<?= $this->endSection() ?>

CodeIgniter4 documentation is at : https://codeigniter4.github.io/userguide/

The CodeIniter forum is at : https://forum.codeigniter.com/portal.php

PS I apologise to anyone who previously downloaded when it was a chunky 90Mb , that was due to unseen junk in .files I've removed it so its now more a reasonable download size