/-----------------------------------------------------------------------------\ | JAF CMS - ...just another flat file CMS | |-----------------------------------------------------------------------------| |-----------------------------------------------------------------------------| | Created by Salim "ph03y3nk" | | (Mail Contact : ph03y3nk@users.sourceforge.net) | | For JAF CMS (http://jaf-cms.sourceforge.net/) | |-----------------------------------------------------------------------------| |-----------------------------------------------------------------------------| | JAF CMS - ...just another flat file CMS, is a Simple PHP Content Management | | System (CMS). Consist of a powerfull set of PHP scripts, for small personal | | homepage without database needed. Tested on Apache server 1.3.23 and PHP 4. | |-----------------------------------------------------------------------------| |-----------------------------------------------------------------------------| | Copyright (c) 2004, Salim,SE. (ph03y3nk) | | | | ___ ___ | | /\__\ /\__\ | | /:/ _/_ /:/ _/_ | | /:/ /\ \ /:/ /\ \ | | /:/ /::\ \ /:/ /::\ \ | | /:/_/:/\:\__\ /:/_/:/\:\__\ | | \:\/:/ /:/ / \:\/:/ /:/ / | | \::/ /:/ / \::/ /:/ / | | \/_/:/ / \/_/:/ / | | /:/ / /:/ / | | \/__/July,2004.\/__/ | | -Salims Softhouse- | | | |-----------------------------------------------------------------------------| |-----------------------------------------------------------------------------| | This software is provided "as is", without warranty of any kind, express or | | implied, including but not limited to the warranties of merchantability, | | fitness for a particular purpose and noninfringement. In no event shall the | | authors or copyright holders be liable for any claim, damages or other | | liability, whether in an action of contract, tort or otherwise, arising | | from, out of or in connection with the software or the use or other | | dealings in the software. | | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | | This software is available under GNU GPL - The GNU General Public License | | v2. To use this software you must accept the license terms and conditions. | | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | | GPL - The GNU General Public License http://www.gnu.org/licenses/gpl.txt | | Permits anyone the right to use and modify the software without limitations | | as long as proper credits are given and the original and modified source | | code are included. Requires that the final product, software derivate from | | the original source or any software utilizing a GPL component, such as | | this, is also licensed under the GPL license. | | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | | You should have received a copy of the GNU General Public License along | | with this program, if not, write to the Free Software Foundation, Inc., 59 | | Temple Place, Suite 330, Boston, MA 02111-1307 USA | |-----------------------------------------------------------------------------| |-----------------------------------------------------------------------------| | Created 01/07/2004 |-----------------------------------| Updated 24/04/2006 | \-----------------------------------------------------------------------------/ //--------------------------------------------------------------------------\\ || || || OPTIONAL NOTES REGARDING TO THE SESSION HANDLING SECURITY || || || \\--------------------------------------------------------------------------// First things to do was you should try to login to your admin control panel, then try to edit the page or everything else. If you can do that, its mean that your servers configuration was just fine to handle jaf-cms session. You don't have to do anything else......happy on-line. (you may close this notes) But, if you can't edit your page or anything else (always returned to login page), then you should read this notes to the end. here we go...... //--------------------------------------------------------------------------\\ || || || Read this only if you can't go further in administrator control panel || || (always returned to login page) || || || \\--------------------------------------------------------------------------// In order to used administrator control panel, jaf-cms required to write a session file to be used for users authentication. There is 2 conditions as describe below : 1. You have authority to create directory at the same level with your website document root (eq. if u're using apache your document root is "htdocs") 2. You have authority to create directory under your website document root only. Lets asume that you put jaf-cms on root directory.....what's next ================ Condition #1 ================ so...you can create directory at the same level with your website document root. For security reason you should create session directory at the same level with your document root. for example you'll create a directory named "jafsession" to handle session. don't forget to make it write-able. +---------------------------------------------------------------+ | | | ===>htdocs (root directory) | | || || | | || ===>admin (admin directory) | | || | | ===>jafsession (session directory) | | | +---------------------------------------------------------------+ !!!!!!! Remember : we asume that you put jaf-cms on root directory !!!!!!! In order to overide servers "php.ini" session configuration, edit file under admin directory and you should uncommented (remove preceding double slash) the session path script code and pointing it to your session directory : +---------------------------------------------------------------+ | syntax : session_save_path("path/to/your/session/directory"); | +---------------------------------------------------------------+ You'll see script code like this one in jaf-cms php file : //session_save_path("../../jafsession"); /* uncommented this part if u need to */ Replace script code like this one : +---------------------------------------------------------------+ | session_save_path("../../jafsession"); | +---------------------------------------------------------------+ "../../jafsession" ==> it has mean to be pointed to session directory, two directory above current working directory (/admin). ================ Condition #2 ================ so...you can create directory under your website document root only. Do the same way (edit file under admin directory), just replace the session path to be pointed to your session directory path. for example you'll create a directory named "jafsession" to handle session under "admin" directory. don't forget to make it write-able. +---------------------------------------------------------------+ | | | ===>htdocs (root directory) | | || | | ===>admin (admin directory) | | || | | ===>jafsession (session directory) | | | +---------------------------------------------------------------+ Replace script code like this one : +---------------------------------------------------------------+ | session_save_path("./jafsession"); | +---------------------------------------------------------------+ "./jafsession" ==> it has mean to be pointed to session directory, under current working directory (/admin).