[thelist] Ideas for a redesign of two sites
Eetu Huisman
eh at iki.fi
Mon Aug 26 14:40:07 CDT 2002
Hello everybody!
I'm currently planning redesigns of two sites I'm currently responsible
for and I'd appreciate any ideas and/or suggestions by the very kind
folks on this list.
The first one is the site of the society of the students of mass
communication in the University of Tampere,
http://www.uta.fi/jarjestot/vostok/.
It's a tricky case: the current website serves it's purpose pretty well
but the code is really horrible. It wouldn't be too hard to recode it,
though. The hard part is that there would be a real need for a content
management system, but the university doesn't allow php and we don't
have an access to a database either.
If anyone has knowledge of any cgi (through cgiwrap), ssi and text-file
based cms which can be run by a normal user and which actually works (I
found a couple, but they were bad), it would be appreciated. I've got
some suggestions from the cms-list (http://cms-list.org), which is a
better place for this question anyway, but I suppose I/we could use all
the information available.
The second one is a personal hobby site, Chumbawamba Tab Archive
(http://chumbatabs.webhop.org). I like the current simplistic design
myself, but I've thought about making it less of a dead end by adding
more stuff, links etc. It could also become the first tableless design
I've made so I'd like to know if there are any common problems I should
try to avoid.
It also has an upload method which could be pretty vulnerable, so any
tips on making uploading files with PHP more secure also appreciated.
Currently it checks the file's size, type (which is easy to forge;
apache recognizes file types according to the extension...) and that the
file actually was uploaded. The uploaded files are included to the pages
between <pre> and </pre> so any markup used there is lost anyway, but
there are other possible security flaws, aren't there?
There's also a third site I'd like to have more opinions on, but I'll
come to that later when it's more of a finished project...
Eetu Huisman
More information about the thelist
mailing list