ESPBS
Exceptionally Simple PHP
Blog Software
)
Sometimes simple is all that is needed. Use ESPBS if you require only a basic
blog web page with minimal features. ESPBS supports posting blog entries for everyone to
read, but it does not have features for readers to add comments. It supports basic
bbcode for bold, italics, and links, but you cannot add images or do any advanced
formatting.The entire ESPBS program is made up of just two simple PHP files. One file, "admin-blog.php", is for the blogger to create and edit posts, and the other file, "blog.php", displays the posts for the blog readers to see. ESPBS is free under the terms of the GNU General Public License.
Steps
The steps below assume you administer your web site with cPanel and run Apache on Linux with a MySQL database. If your web site uses something different, adjust the steps accordingly.
)
)
1) Create the DB and DB UserLog into cPanel to administer your web site and go to MySQL Databases tool. Then create a database named "database" and a user named "user". Remember the password for your new user and note the full database name and user name. You will need these three pieces of information later.
)
2) Give the DB User Necessary PrivilagesAdd the user to the database.
3) Download and Customize the Two PHP pages
Save the files below to your computer as "admin-blog.php" and "blog.php".
admin-blog.php
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --> <!-- ESPBS ~ Exceptionally Simple PHP Blog Software --> <!-- By Dem Pilafian --> <!-- Version 1.4 - June 26, 2009 --> <!-- Blog Administration Center (admin-blog.php) --> <!-- --> <!-- GNU General Public License: --> <!-- This program is free software; you can redistribute it and/or modify it --> <!-- under the terms of the GNU General Public License as published by the --> <!-- Free Software Foundation; either version 2 of the License, or (at your --> <!-- option) any later version. --> <!-- --> <!-- This program is distributed in the hope that it will be useful, but --> <!-- WITHOUT ANY WARRANTY; without even the implied warranty of --> <!-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. --> <!-- --> <!-- See the GNU General Public License at http://www.gnu.org for more --> <!-- details. --> <!-- --> <!-- Copyright (c) 2009 Center Key Software --> <!-- http://www.centerkey.com/php/espbs --> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --> <?php //////////////////////////////////// // ESPBS Configuration Settings // //Database Setup $db_database = "pilafian_database"; //set to the database name $db_username = "pilafian_user"; //set to the user name with access to the database $db_password = "REPLACE-WITH-PASSWORD"; //Output Formatting (HTML) $command_notification_begin_msg = "<table class=action> <caption class=action>Processing</caption> <tr><td><small>\nFrom: %s<br>\nCommand: "; $command_notification_end_msg = "</small></td></tr></table><br><br>\n"; $add_new_report_msg = "<table class=blog> <caption class=blog>Add New Report</caption> <tr class=head><th>Date</th><th>Message</th><th>Action</th></tr> <tr><form method=post action='admin-blog.php'><td> <input type=text size=7 name=date value='%s'></td> <td><textarea name=message rows=4 cols=65></textarea></td> <td><input type=submit name=action value='Add'></td></form></tr>\n</table> <small>Example of adding bold, italic, and a link: \n<b> The [b]classic[/b] movie [i]Casablanca[/i] is listed on [url=http://www.imdb.com/]IMDb[/url]. </b>\n</small><br><br> <input type=submit value='View Reports' onClick=\"window.location='blog.php';\" class=click>\n"; $current_reports_begin_msg = "<table class=blog> <caption class=blog>Current Reports</caption> <tr class=head><th>ID</th><th>Date</th><th>Message</th><th>Action</th></tr>\n"; $current_reports_row_msg = "<tr><form method=post action='admin-blog.php'> <input type=hidden name=id value='%s'> <td>%s</td><td><input type=text size=7 name=date value='%s'></td> <td><textarea name=message rows=3 cols=50>%s</textarea></td> <td><input type=submit name=action value='Update'> <input type=submit name=action value='Delete'></td></form></tr>\n"; $current_reports_end_msg = "</table><br><br>\n"; $table_missing_msg = "<b>The table 'blog' does not yet exist in the database.</b><br><br> Before continuing, you must have a database named '$db_database' and a database user named '$db_username'.<br><br> Click the button below to create the 'blog' table.<br><br> <form method=post action='admin-blog.php'> <input type=submit name=action value='Create Table'></form>\n"; //Make Data Safe (and fix magic quotes if enabled) foreach ($_POST as $Field=>$Value) $_POST[$Field] = htmlspecialchars(stripslashes($Value), ENT_QUOTES); //Date Conversion Function function dateToSortStr ($dateStr) { // "MM/DD/YY" --> YYMMDD (Note: Swap sort[0] and sort[1] to use "DD/MM/YY" format instead) $sort = explode("/", $dateStr); return($sort[2] . str_pad($sort[0], 2, "0", STR_PAD_LEFT) . str_pad($sort[1], 2, "0", STR_PAD_LEFT)); } //////////////////////////////////// ?> <html> <head> <title>ESPBS • Blog Administration Center</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <style type="text/css"> body { font-family: trebuchet ms, sans-serif; font-size: 90%; margin: 50px } table { font-size: 100% } th, td { vertical-align: top } a { color: darkslategray; font-weight: bold; text-decoration: none } a:hover { color: darkblue } a:visited { color: darkgray } input.click { cursor: pointer } table.action { background-color: darkslateblue } table.action tr { background-color: white } caption.action { background-color: darkslateblue; color: white; font-weight: bold } table.blog { background-color: seagreen } table.blog tr { background-color: darkseagreen } table.blog tr.head { background-color: seagreen; color: white } caption.blog { font-weight: bold; font-size: 120% } </style> </head> <body> <!-- - - - - - - - - - --> <!-- Administration --> <!-- - - - - - - - - - --> <div> <h2>ESPBS -- Blog Administration Center</h2> <?php //Process Action Command (and Connect to DB) printf($command_notification_begin_msg, @gethostbyaddr($_SERVER["REMOTE_ADDR"])); $dbh=mysql_connect("localhost", $db_username, $db_password) or die(mysql_error()); //db connect mysql_select_db($db_database); switch ($_POST['action']) { //parse action command case "Create Table": //create new table (only performed once) echo "CREATE TABLE"; $q = "CREATE TABLE `blog` (`id` INT AUTO_INCREMENT PRIMARY KEY, " . "`sort` VARCHAR(6), INDEX (`sort`), `date` VARCHAR(8), `message` TEXT)"; $result=mysql_query($q) or die("$q<br>\n" . mysql_error()); break; case "Add": //create a new blog entry echo "ADD "; $q = "INSERT INTO blog (sort, date, message) VALUES ('" . dateToSortStr($_POST['date']) . "', '" . $_POST['date'] . "', '" . $_POST['message'] . "')"; $result=mysql_query($q) or die("$q<br>\n" . mysql_error()); break; case "Update": //modify an existing blog entry echo "UPDATE "; $q = "UPDATE blog SET " . "sort='" . dateToSortStr($_POST['date']) . "'," . "date='" . $_POST['date'] . "'," . "message='" . $_POST['message'] . "' WHERE id='" . $_POST['id'] . "'"; $result=mysql_query($q) or die("$q<br>\n" . mysql_error()); break; case "Delete": //remove an old blog entry echo "DELETE "; $q = "DELETE FROM blog WHERE id='" . $_POST['id'] . "'"; $result=mysql_query($q) or die("$q<br>\n" . mysql_error()); break; default: echo "VIEW "; } echo $command_notification_end_msg; //Display Appropriate Data and Forms if (mysql_num_rows(mysql_query("SHOW TABLES LIKE 'blog'"))) { //table 'blog' exists in db $result=mysql_query("SELECT * FROM blog ORDER BY sort DESC"); //retrieve blog entries mysql_close(); printf($add_new_report_msg, date("n/j/y")); //display form to add a new blog entry echo $current_reports_begin_msg; //start display of existing blog entries while ($row = mysql_fetch_array($result)) printf($current_reports_row_msg, $row["id"], $row["id"], $row["date"], $row["message"]); echo $current_reports_end_msg; //end display of existing blog entries echo "<small>$q</small><br>\n"; //display SQL statement used to process action command } else { //table 'blog' does not yet exist in db echo $table_missing_msg; } ?> <!-- - - - - - - - --> <!-- Conclusion --> <!-- - - - - - - - --> </div> </body> </html>blog.php
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --> <!-- ESPBS ~ Exceptionally Simple PHP Blog Software --> <!-- By Dem Pilafian --> <!-- Version 1.4 - June 26, 2008 --> <!-- My Blog Page (blog.php) --> <!-- --> <!-- GNU General Public License: --> <!-- This program is free software; you can redistribute it and/or modify it --> <!-- under the terms of the GNU General Public License as published by the --> <!-- Free Software Foundation; either version 2 of the License, or (at your --> <!-- option) any later version. --> <!-- --> <!-- This program is distributed in the hope that it will be useful, but --> <!-- WITHOUT ANY WARRANTY; without even the implied warranty of --> <!-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. --> <!-- --> <!-- See the GNU General Public License at http://www.gnu.org for more --> <!-- details. --> <!-- --> <!-- Copyright (c) 2009 Center Key Software --> <!-- http://www.centerkey.com/php/espbs --> <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --> <?php //////////////////////////////////// // ESPBS Configuration Settings // //Database Setup $db_database = "pilafian_database"; //set to the database name $db_username = "pilafian_user"; //set to the user name with access to the database $db_password = "REPLACE-WITH-PASSWORD"; //Blog Setup $blog_number_posts = 7; //max entries to display //Output Formatting (HTML) $blog_row_str = "<div class=blog_date>%s</div>\n%s<br><br>\n\n"; //%s for date and message //BBCode to HTML function convert_bbcode ($bbcode) { //Turn text with bbcode into displayable HTML (supports: b, i, and url) return preg_replace ( array('/\[b\](.*?)\[\/b\]/is', '/\[i\](.*?)\[\/i\]/is', '/\[url\=(.*?)\](.*?)\[\/url\]/is'), array('<b>$1</b>', '<i>$1</i>', '<a href="$1">$2</a>'), $bbcode); } //////////////////////////////////// ?> <html> <head> <title>My Blog Page</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <style type="text/css"> body { color: dimgray; background-color: darkslategray; font-size: 90%; font-family: trebuchet ms, sans-serif; border: 10px solid silver; margin: 30px 100px } div.main { background-color: whitesmoke; border: 1px solid black; padding: 10px 30px; margin: auto } div.blog_date { color: darkslategray; font-weight: bold } div.footer { text-align: center; font-size: 80%; color: silver; margin-top: 15px } div.footer a { text-decoration: none; color: silver } </style> </head> <body> <!-- - - - --> <!-- Blog --> <!-- - - - --> <div class=main> <h1>My Blog Page</h1> Below are my posts about important stuff.<br><br> <?php //Database Connect $dbh=mysql_connect("localhost", $db_username, $db_password) or die(mysql_error()); mysql_select_db($db_database); //Database Search $result=mysql_query("SELECT * FROM blog ORDER BY sort DESC LIMIT 0, " . $blog_number_posts); mysql_close(); //Display Results while ($row = mysql_fetch_array($result)) printf($blog_row_str, date('F j, Y', strtotime($row["date"])), convert_bbcode($row["message"])); ?> <!-- - - - - - - - --> <!-- Conclusion --> <!-- - - - - - - - --> <div class=footer> <a href="http://www.centerkey.com/php/espbs/">Powered by ESPBS</a><br> Copyright © 2007 Me <a href="admin-blog.php"> </a> </div> </div> </body> </html>Each of the two PHP files has a "Database Setup" section:
$db_database = "pilafian_database"; //set to the database name
$db_username = "pilafian_user"; //set to the user name with access to the database
$db_password = "REPLACE-WITH-PASSWORD";
Edit the "Database Setup" section of both files to reflect the database name and the user name and password from the previous step. Save the updated files.
4) Upload Modified PHP Files to Your Web Site
FTP the "admin-blog.php" and "blog.php" files into the "public_html" folder on you web site.
)
5) Test the Blog Administration Center (admin-blog.php)In your web browser, open:
http://www.YOUR-DOMAIN.com/admin-blog.php
You should see the ESPBS -- Blog Administration Center web page. If not or you
encounter an error, go back and double check your prior steps.6) Create "blog" Table
Before you can create blog entries, you need a table in the database to hold the data. Click the "Create Table" button on the web page and a table name "blog" will be created for you.
)
7) Create a Blog EntryIn the Add New Report section, type the message, "This is a test". Then click the "Add" action button.
)
8) Test Your BlogNow click the "View Reports" button to see the blog entry you created. This is how your readers will see the blog post.
Your blog software is now up and running, but it still needs to be locked down so only authorized individuals can edit the blog.
Security
Follow the steps below to password protect the "admin-blog.php" web page.
1) Configure Access
Download the .htaccess file and modify the value for "AuthUserFile" as appropriate for your server.
.htaccess
# # HTAccess File # ============= # This file (.htaccess) configures user authorization for access to # protected files. It goes into the user's root level folder on the # web server. # # Modify the value of "AuthUserFile" as appropriate for your server. # <files "admin*.php"> AuthUserFile /home/pilafian/.htpasswd AuthType Basic AuthName "Administration Center" require valid-user </files>FTP the file into the folder just above the "public_html" folder, and rename the file to ".htaccess".
2) Encrypt Blogger Login
You need to create a user login for the blogger (note that this user is completely different from the database user you created earlier). Go to:
Enter a Username and Password of your choice and click the "Create .htpasswd file" button. Copy the generate line for use in the step below.
3) Upload Login Information
Download the .htpasswd file and replace the last line with line you created in the previous step.
.htpasswd
# # HTPasswd File # ============= # This file (.htpasswd) lists users allowed to access protected # files. The file goes into the web site's home folder (usually # named "public_html"). # # Each user's password is encrypted for security reasons. You can # encrypt a password at the following site: # http://www.htaccesstools.com/htpasswd-generator/ # For example, user "blogger" with a password of "espbs" needs the # line: "blogger:ZX0BqNC.rdMwc" # blogger:ZX0BqNC.rdMwcFTP the file into the "public_html" folder, and rename the file to ".htpasswd".
4) Test Access to the Blog Administration Center
Now attempt to open the "admin-blog.php" web page in your web browser. You should be prompted to login. Test that the user name and password work correctly.
Your simple blog should now be fully functional.
Comments and Suggestions
Do you have an idea on how to make ESPBS even simpler? Please tell us.
All the fields are optional. However, if you want a response, make sure to provide your e-mail address.
