Simple Content Management System (CMS) Blog Using Codeigniter with Hierarchical Model View Controller (HMVC) Architectural

Simple Content Management System (CMS) Blog Using Codeigniter with Hierarchical Model View Controller (HMVC) Architectural

This is my source code training references from Udemy Course by Frank John about build simple Content Management System (CMS) Blog using Codeigniter v.3.x with Hierarchical Model View Controller (HMVC) Architecture.

Tools Used

• Firefox
• Xampp
• HeidiSQL
• Visual Studio Code
• Git
• Composer

Codeigniter Feature Used

• Migration
• Extending Core Model
• Templeate
• Hierarchical Model View Controller (HMVC)
• Basic CRUD (Create Read Update Delete)
• Form Validation
• Authentication

Third Party Library

• Bootstrap
• jQuery

Updates

• Constants:
I added some constants to the file application/config/constants.php to manage the database conection settings
• Navbar:
I updated the navbar because originally the link Add Post was showed when you are noy logged and of course, you can ended trying to add a new post without been a registered user of this web application. Then the Blog controller could be updated to validate that there is a registered user logged in the system before allow to add a new post or any other admin action.
• Footer:
Seeeing the simple footer I just add a couple of link to the Udemy catalog of Codeigniter's courses.
• Categories:
Look like there is no page related to the process of the sidebar that should allow to visitors to get all articles ordered by categories

Security issues

Be carefull with the explanations of this course. In a building process of a quite simple and basic web application like this one, I don't understand how this kind of important security issues were not thinked and more when Frank John as instructor with almost 10 years of experience of webprogramming, should try to made a good plan of the comtent for this kind of courses, not mmatter that should be taken by beginners of this tecnology, because at the end we are teaching bad practices and behaviours.

• There is no query string validation:
If you go to the View Post link (your_url/view_post), Authors page link (your_url/view_author_profile) or Author Post page (you_url/view_authors_posts/) and erase the number asigned to each author and erase it, you should have a 404 page not found error that sadly was not managed by the application. This security issues are pretty basic to be covered as part of a Frontend explanation.
 
Besides, if you are dealing with a good PHP framework like Codeigniter, that is named as an easy way to learn about MVC, you might use it!. The pretty URL must be a tool to learn for any beginner user, then I recommeded that go and read the URL Helper page of the Codeignuter documentatiom.

References

• Codeigniter Tutorial by Frank John

Last updated