Feindura - Flat File Content Management System

Last update: Apr 23, 2022

feindura - Flat File Content Management System

Copyright (C) Fabian Vogelsteller [frozeman.de] published under the GNU General Public License version 3

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not,see http://www.gnu.org/licenses/.


AUTHOR

Fabian Vogelsteller http://frozeman.de

STAY IN TOUCH

http://feindura.org http://twitter.com/feindura http://facebook.com/feindura.cms

DESCRIPTION

feindura is lightweight flat file based content management system for webdesigners, written in PHP and ideal for small and medium websites. And it's just beautiful.

BACKEND

The CMS has an easy to use interface with a simple structure, which can be fast understood by the users, even with less technical understanding.

NECESSARY KNOWLEDGE FOR THE IMPLEMENTATION

HTML/CSS and a little bit of PHP

FEATURES

for a full list see: http://feindura.org/page/features/

  • no database required
  • easy to use backend-interface through the use of mootools
  • multi-language backend interface (currently english, german, french, italian and russian)
  • website statistics
  • uses CKEditor
  • no templating, just create your design like you want it and say where to put what (menu, content, etc)
  • upload images and files
  • backup system
  • plugin system (adds additional functionality to pages like contact form and image gallery)
  • add-on system
  • HTML5 ready

FUTURE FEATURES

  • modul system (like search)

REQUIREMENTS

  • PHP >= 5.1 (PHP as FastCGI)
  • apache with mod_rewrite modul if you want to have Pretty URLs like: "domain.com/page/welcome"

APPROPRIATE USES

It's not tested yet, but it should work well on websites with up to 100 vistiors per Minute. Your pages should not exceed more than 2000 pages, because then the flat file system becomes slow.

INSTALLATION

Just copy the feindura folder on your webserver in a folder, like e.g. "/cms/". Impelement the feindura class in your websites index.php and use the feindura class methods to get your websites content from feindura.

IMPLEMENTATION

To implement feindura in you're website copy the /cms/ folder in your website's folder and add the following lines on the beginning of your index.php, before the header is sent, which means before any HTML tag:

#PHP

After this you can refer to the feindura class an it's methods through the $feindura->... instance.

Read http://feindura.org/page/getting-started/. For details and more methods, see the feindura class - documentation http://feindura.org/docs/[Implementation]/Feindura.html.

NOTE

Javascript Frameworks

All javascript frameworks, except Prototype, should work with the frontend editing mode. If Prototype is detected the frontend editing will be automatically blocked .

MooTools

If you want to use the MooTools framework in your website and you have activated the fronend editing mode, you should include the script at the end of your page (before the closing tag) as follow.

<\/script>'))">

GitHub

https://github.com/frozeman/feindura-flat-file-cms
Comments
  • 1. Unicode page names do not work

    Hello! I discovered Feindura only recently, when I was looking for a CMS for my small page. It looks nice and well designed to me, however I found some disadvantages which prevent me from using it for my tasks. I thought it would be useful to report them. First of all, I want to build a multi-language website with the Russian as a primary language. However, Feindura does not let me choose the 'latin' page name for a page with a name in Russian. I believe, it would be convenient to have an ability to edit a link to the page by hand in such cases (although, the Unicode URLs are allowed nowadays as well, if I'm not mistaking). The second disadvantage is the flash-based file upload only. It is inconvenient for the users like me, that do not use Flash-plugin. I wrote some of my thoughts about this problem in the 'Ideas' section here: https://getsatisfaction.com/feindura/topics/flash_free_file_upload

    Unless these two issues are fixed or I find a way to work-around them, I cannot use Feindura for my web-site. Which is a pity, because I like Feindura look&feel very much!

    Regards, Vladimir

    Reviewed by v2e at 2012-09-22 16:08
  • 2. GeneralFunctions::replaceSnippets() breaks content with images

    the regexp to replace the <img class="feindura..." also matches img tags without a class attribute. If my page contains

    <p>
    some text
    <img src="image1.jpg" />
    <img src="image2.jpg" />
    some more text
    </p>
    and some more text
    <p>
    <img class="feindurasnippet" />
    </p>
    after snippet
    

    the resulting page after replacing the snippet is

    <p>
    some text
    <<content of snippet>>
    </p>
    after snippet
    
    Reviewed by brandy007 at 2013-01-17 16:14
  • 3. Add Template support

    Add the abbility to eg. create a site Stub (maybe within a Category) and than be able to use that in a Page as a Template.

    An example :

    I have a Page with a Discography. Everytime a new Album is released the Author has to update the Site.

    I create a new Site in Category 'Layout Elements' with the Template for a Album entry. If the Author has to add a new Album he then can select the Template in the editor and change all needed Content.

    Any recommendation how to implement that Feature?

    Reviewed by Mutz at 2012-01-13 07:20
  • 4. Pagination plugin and disabled cookies in the frontend

    Hello, Fabian, I just develop a pagination plugin for Feindura you could take a look at https://github.com/victorgavilan/feindura-flat-file-cms in the plugins folder.

    If you like I can do a pull request to include it in the master feindura repository.

    Another thing that I would like you take a look is the cookies branch in my fork repository of feindura. There I have added the posibility for the user to disabled the use of sessions and cookies in the front end. This is useful in some european countries where there is not allowed to install cookies without the autorization of the user that visit our site.

    If you think it is right and want to include this changes into feindura I could do another pull request to the master or development branch.

    Reviewed by victorgavilan at 2014-09-23 19:14
  • 5. Disable Captcha on ContactForm

    I'd like to see a option to disable the captcha in a contact form. It fails do appear where I installed it, and I don't need it. All others field are pretty easy to enable or disable in the settings. A option for the captcha would be great!

    Reviewed by danrl at 2011-10-13 06:54
  • 6. Spanish plugins translation

    Hello, here is the Spanish translations for the plugins and also some fixes in the previous backend translation.

    I also fix a little bug in the ZenPHP library.

    Reviewed by victorgavilan at 2014-09-12 16:30
  • 7. Strict Standards: Non-static method StatisticFunctions::getCurrentCategoryId() should not be called statically

    Hello Developers, with me is need for assistance and I have installed the latest version of Feindura.

    It was a demo site package. I have renamed only the directory "feinduraDemoSite" in "Feindura". Now I have this error in the frontend.

    Strict Standards: Non-static method StatisticFunctions::getCurrentCategoryId() should not be called statically, assuming $this from incompatible context in /www/htdocs/xxxxxxxx/feindura/cms/library/classes/FeinduraBase.class.php on line 325
    
    Strict Standards: Non-static method GeneralFunctions::replaceLinks() should not be called statically, assuming $this from incompatible context in /www/htdocs/xxxxxxxxx/feindura/cms/library/classes/FeinduraBase.class.php on line 1150
    
    Strict Standards: Non-static method GeneralFunctions::replaceSnippets() should not be called statically, assuming $this from incompatible context in /www/htdocs/xxxxxxx/feindura/cms/library/classes/FeinduraBase.class.php on line 1151
    

    Who can help. Unfortunately I'm unable to continue.

    Thank you in advance.

    Reviewed by ghost at 2016-01-26 16:52
  • 8. chapta -> captcha

    I just saw a typo while browsing the source of a HTML file.

    Plugin ContactForm generates class="chapta_..." but I think you meant Captcha?

    "Completely Automated Public Turing test to tell Computers and Humans Apart"

    Reviewed by danrl at 2011-10-13 06:50
  • 9. date timezone get selected wrong

    Warning: date() [function.date]: It is not safe to rely on the system's timezone settings. You are required to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Europe/Berlin' for 'CET/1.0/no DST' instead in .../cms/library/classes/StatisticFunctions.class.php on line 307

    Reviewed by frozeman at 2012-03-06 10:34
  • 10. use mostly ajax in the feindura interface

    change the feindura interface to ajax. when changing things, like set the age status etc, always reload the by ajax, rather then reloading the whole page.

    could be done easily? loading the view, an putting it in the content div.

    create a function called: loadContent()?

    Reviewed by frozeman at 2011-10-14 20:45
  • 11. Reflected cross site scripting found (XSS)

    • Fiendura version: 2.0.7 • PHP Version: 5.6.35 • Apache Version: 2.4.33 • Operating system: microsoft windows v10

    VULNERABILITY TYPE: cross-site scripting.

    Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it.

    An attacker can use XSS to send a malicious script to an unsuspecting user. The end user's browser has no way to know that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source; the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. These scripts can even rewrite the content of the HTML page.

    STEPS TO REPRODUCE:

    1: login in Fiendura. 2: Go for creating a new page by clicking on the new page. 3: In the tags parameter, type the malicious javascript /default.aspx#"><img src=x onerror=prompt('0');> 4: The malicious javascript will be reflected in the browser.

    PROOF OF CONCEPT:

    Vulnerable URL: http://127.0.0.16/index.php?category=0&page=new Vulnerable parameter: Tags Malicious script: /default.aspx#"><img src=x onerror=prompt('0');>

    1: enter the malicious javascript in the Tags parameter. new11

    2: after entering the payload an XSS prompt will be reflected on the browser. new12 Submitted: Ritesh Kumar Reference: https://www.owasp.org/index.php/Crosssite_Scripting_(XSS)

    Reviewed by riteshgupta1993 at 2018-08-15 10:59
  • 12. Problems with Upgrade

    Hi,

    I am trying to upgrade to the new version, but i get serveral issues.

    1. Some functions being called should be declared as static in GeneralFunctions.class.php
    2. When I try to upgrade the content the script stops working. In XAMPP it is showing the following logs

    [Fri Jun 24 15:35:02.431980 2016] [core:notice] [pid 6168:tid 256] AH00094: Command line: 'c:\\xampp\\apache\\bin\\httpd.exe -d C:/xampp/apache' [Fri Jun 24 15:35:02.433980 2016] [mpm_winnt:notice] [pid 6168:tid 256] AH00418: Parent: Created child process 516 [Fri Jun 24 15:35:02.875980 2016] [ssl:warn] [pid 516:tid 268] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name [Fri Jun 24 15:35:03.136980 2016] [ssl:warn] [pid 516:tid 268] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name [Fri Jun 24 15:35:03.262980 2016] [mpm_winnt:notice] [pid 516:tid 268] AH00354: Child: Starting 150 worker threads.

    On my WebSpace I can not see any logs, but the script is also interrupted. Can I call the update manually?

    I am updateing from 2.0.4 Build 1025 → 2.0.7 Build 1028

    Reviewed by hansmuth at 2016-06-24 14:03
  • 13. editing snippets in browser

    I have 2.0.7 installed on MS Server 2003, and all works well...except: when in the admin panel and I expand the snippets or css divs, and select a file to edit, the page refreshes but nothing else happens and I never have the option to edit the file. Help?

    Thank you for your time and a wonderful product.

    Jeremy Spaulding

    Reviewed by Jamspal at 2015-07-22 16:54
  • 14. Feindura demo-site CSS broken in small windows

    The header of the demo-site has no background color to the right of the window edge.

    To reproduce, open the demo-site, resize the browser window to be much smaller than the site and scroll to the right.

    I think the attached image makes it all clear.

    bug

    Reviewed by houseofsuns at 2015-05-31 10:41
  • 15. XSS is Possible in URL function

    Hi,

    XSS is possible in URL function that is available here: https://github.com/frozeman/feindura-flat-file-cms/blob/527920f665ba0ace68e5f22a1ddc7de078108504/library/classes/XssFilter.class.php#L410

    The vector is: javascript://www.xss.com?%0aalert%281%29

    The regular expression you are using happily parse the above vector and attacker can execute JavaScript. The easiest fix would be instead of having a-z and A-Z in regular expression ... It should be something like http or https ...

    Reviewed by soaj1664 at 2014-05-03 19:55
  • 16. not working on hoster one.com

    i got a problem. if i delete the htaccess it works, if i put it back it wont.

    so the settings made in the htaccess wont work on the hoster one.com.

    What can i do now

    Reviewed by compie67 at 2014-01-12 18:15
May 9, 2022
Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS

Grav Grav is a Fast, Simple, and Flexible, file-based Web-platform. There is Zero installation required. Just extract the ZIP archive, and you are alr

May 19, 2022
FlatPress is a lightweight, easy-to-set-up flat-file blogging engine.

[flatpress.org] [Support forum] [Wiki] [GitHub] [Mastodon] [Twitter] [Changelog] [Contributors] Welcome to FlatPress! FlatPress is a lightweight, easy

May 27, 2022
Pico is a stupidly simple, blazing fast, flat file CMS.
Pico is a stupidly simple, blazing fast, flat file CMS.

Pico Pico is a stupidly simple, blazing fast, flat file CMS. Visit us at http://picocms.org/ and see http://picocms.org/about/ for more info. Screensh

May 25, 2022
HTMLy is an open source Databaseless Blogging Platform or Flat-File Blog prioritizes simplicity and speed written in PHP
HTMLy is an open source Databaseless Blogging Platform or Flat-File Blog prioritizes simplicity and speed written in PHP

HTMLy is an open source Databaseless Blogging Platform or Flat-File Blog prioritizes simplicity and speed written in PHP. HTMLy can be referred to as Flat-File CMS either since it will also manage your content.

May 25, 2022
Pico is a stupidly simple, blazing fast, flat file CMS.
Pico is a stupidly simple, blazing fast, flat file CMS.

Pico is a stupidly simple, blazing fast, flat file CMS.

May 23, 2022
Pico is a stupidly simple, blazing fast, flat file CMS.
Pico is a stupidly simple, blazing fast, flat file CMS.

Pico is a stupidly simple, blazing fast, flat file CMS.

May 24, 2022
Herbie is a simple Flat-File CMS- und Blogsystem based on human readable text files

Herbie is a simple Flat-File CMS- und Blogsystem based on human readable text files

Apr 23, 2022
The repository for Coaster CMS (coastercms.org), a full featured, Laravel based Content Management System
The repository for Coaster CMS (coastercms.org), a full featured, Laravel based Content Management System

The repository for Coaster CMS (coastercms.org) a Laravel based Content Management System with advanced features and Physical Web integration. Table o

May 5, 2022
Core framework that implements the functionality of the Sulu content management system
Core framework that implements the functionality of the Sulu content management system

Sulu is a highly extensible open-source PHP content management system based on the Symfony framework. Sulu is developed to deliver robust multi-lingua

May 27, 2022
Fully CMS - Multi Language Content Management System - Laravel
Fully CMS - Multi Language Content Management System - Laravel

Fully CMS Laravel 5.1 Content Managment System not stable! Features Laravel 5.1 Bootstrap Authentication Sentinel Ckeditor Bootstrap Code Prettify Fil

May 3, 2022
Flextype is an open-source Hybrid Content Management System with the freedom of a headless CMS and with the full functionality of a traditional CMS
Flextype is an open-source Hybrid Content Management System with the freedom of a headless CMS and with the full functionality of a traditional CMS

Flextype is an open-source Hybrid Content Management System with the freedom of a headless CMS and with the full functionality of a traditional CMS. Building this Content Management System, we focused on simplicity. To achieve this, we implemented a simple but powerful API's.

May 18, 2022
Soosyze CMS is a minimalist content management system in PHP, without database to create and manage your website easily
Soosyze CMS is a minimalist content management system in PHP, without database to create and manage your website easily

Soosyze CMS is a content management system without a database. It's easy to create and manage you

Apr 18, 2022
A small CMS for SaaS - A tiny content management system
A small CMS for SaaS - A tiny content management system

Fervoare CMS A tiny content management system Project created in 2012 and ported to GitHub in 2021. Getting started Assuming you have installed a LAMP

Jan 29, 2022
Baicloud CMS is a lightweight content management system (CMS) based on PHP and MySQL and running on Linux, windows and other platforms

BaiCloud-cms About BaiCloud-cms is a powerful open source CMS that allows you to create professional websites and scalable web applications. Visit the

Feb 2, 2022
Simple, modular content management system adapted for launch pages and one-page websites

Segmint Segmint is an easy-to-use flat-file landing page framework, allowing quick and efficient prototyping and deployment - perfect for freelancers

Dec 13, 2021
Simple Content Management System (CMS) Blog Using Codeigniter with Hierarchical Model View Controller (HMVC) Architectural
 Simple Content Management System (CMS) Blog Using Codeigniter with Hierarchical Model View Controller (HMVC) Architectural

Simple Content Management System (CMS) Blog Using Codeigniter with Hierarchical Model View Controller (HMVC) Architectural This is my source code trai

Oct 28, 2021
Monstra is a modern and lightweight Content Management System.
Monstra is a modern and lightweight Content Management System.

Monstra is a modern and lightweight Content Management System.

May 3, 2022
Coaster CMS a full featured, Laravel based Content Management System
Coaster CMS a full featured, Laravel based Content Management System

The repository for Coaster CMS (coastercms.org) a Laravel based Content Management System with advanced features and Physical Web integration. Table o

May 5, 2022