Bloxxen
What is Bloxxen?
Bloxxen is a Perl script which can be used by website administrators to add guestbook and blogging functionality to their sites. Bloxxen is free to use, I only ask that the file header remains intact. The header references the homepage, providing a link for anyone seeking more information.
Why Bloxxen?
I wrote Bloxxen because I was in need of a powerful blogging script, and I could not find what I was looking for on the world-wide web. I tried many of the freely available blogging scripts before frustration overcame me. Many of the features of Bloxxen are simply not found in other scripts. Before setting forth to write Bloxxen, I had two primary goals I wished to acheive. The first: 100% of all text must be read as an input from either the administrator (as configuration parameters), the user (as blog data), or the server (as CGI/SSI errors). This would allow Bloxxen to be completely language independant. The second: 100% of all HTML generated must be read as an input from the administrator (as configuration parameters). This would greatly reduce the control Bloxxen would have on the formatted output blog.
Does Bloxxen have issues that I should be aware of?
All blogging scripts, including this one, write data to a harddisk. This write operation is operating system dependant and cannot therefore be guaranteed or warranted to work properly. Bloxxen does include features that reduce the likelyhood of file corruption, when enabled.
I have made no attempt to make the Bloxxen Engine compliant on all operating systems or on all servers. I have used Bloxxen on Windows XP with the Abyss Web Server without problems. I have not tried the Bloxxen Engine with the Apache Web Server, nor have I tried it on Unix, Linux, or Mac OS operating systems. Alas, I do not have these systems available to test.
Unscupulous fellows can enter malicious data into the blog, which could cause undesirous side-effects with the server. It is recommended that the administrator use the security features built into their server as well as those built into the Bloxxen Engine to prevent these sorts of occurances.
What are the main features of Bloxxen?
Besides the obvious features like being able to specify a blog title, paths, filenames and extentions, Bloxxen:
is completely language independant. The only text or HTML tags printed to pages are those found in the template files, the configuration files, and the user entered blog data file.
allows defining the content type to be used when generating HTML pages.
uses seperate templates for displaying the header, footer, form, comments (new posts) and responses. The templates use special keywords that are substituded with Bloxxen data.
may be used to maintain any number of blogs on a single server, each using the same Bloxxen Engine. This is accomplished by having a seperate configuration file and optionally separate template files for each blog.
allows embedding blogs within other HTML pages using server side includes.
allows each blog to use a seperate file lock during read and write access to its data file, reducing the chance of file corruption by ensuring only a single user can access the file at a time. If a file is found to be locked, the lock attempt is retried 10 times before failing and displaying an error. This lock feature may be disabled.
backs up a configurable number of copies of the data file, so that if a corruption occurs during writing, backup copies are preserved.
automatically strips HTML from all posts. This is a security feature that prevents users from entering malicious HTML.
limits the ammount of memory used by CGI to prevent Denial of Service Attacks which could occur when posting large ammounts of data into the blog. This is also a security feature.
allows configuring the maximum size of all fields in the entry form. This is another security feature that prevents entry of large ammounts of data.
allows setting up a list of words to filter from posts. Filtered words are automatically replaced with an appropriate substitute.
provides 3 types of optional passwords which can be used to block automatically generated spam. This is another security feature that prevents automatic posting that could otherwise potentially use up large ammounts of disk space.
allows configuration of a list of formatting commands that may be used when posting. These map to HTML tags so that limited administrator defined HTML support is permitted (i.e. [b]text[/b] maps to <b>text</b>).
allows setting up form buttons to insert formatting commands into the post.
allows easy editing of blog data files by administrators only. The blog data file is kept in a tab delimitted text file, with each entry on its own line. Simply open the file in any text editor and make modifications as necessary. Administators may add new posts in this fashion if desired or if pubic posting is disabled, or delete spam when detected.
maintains all data for a blog in a single data file, so keeping track of data is simple.
allows manual entry of any HTML code into the blog data file by administrators only. For instance, administrators can setup links to photos if desired.
allows for easy archiving by simply moving old entries to a new blog data file and creating a new configuration file and optionally new templates if desired to display the data.
prevents duplicate submits by saving the last post in a temporary file for comparison.
allows the user to preview their posts before submitting.
converts multiple blank lines to single blank lines in entries to provide easier viewing and reduced storage.
retains tabs and multiple spaces in the data file.
allows limiting the number of entries to display in the blog.
allows displaying the blog comments and responses in ascending or descending order. Comment order and response order may be configured separately.
allows defining the format of the date and time display in the blog, by saving the raw date information in the blog data file.
allows the user the enter their name (required), email address, and a URL address.
captures users IP address, and saves this in the blog data file.
on responses, prefills in the subject field.
provides appropriate error messaging for improper entries in the form.
Where can I download Bloxxen?
How do I setup Bloxxen?
The download file comprises three script files and several template files. The first two scripts, example.pl and example2.pl, are examples of configuration files which must be modified prior to use. The third script, bloxxen.pl, is the Bloxxen Engine, and requires no changes. There are several configurable security items in the engine that can be modified if desired. These will be discussed along with the configuration file in the following section.
All of the script files must be copied to the server's CGI folder. A blog data file folder will need to be created where the server has write permissions setup, and all of the template files should be copied there.
Their are two modes in which Bloxxen can be used. It can be called using server side includes as follows:
<!-- #exec cgi="/cgi-bin/example.pl" //-->
The above statement can be embedded within any HTML page to display the blog. The Bloxxen Blog uses this feature.
If your server does not support server side includes or you wish to use Bloxxen as a standalone script, it can be called directly as follows:
<a href="/cgi-bin/example2.pl">Blog</a>
Note that using Bloxxen with server side includes will not call the header and footer template files when displaying the blog, whereas the standalone version does.
How do I configure Bloxxen?
Bloxxen includes a configuration file example.pl which is setup for using Server Side Includes. The other configuration file example2.pl is setup for a standalone blog. The differences are quite minor and will be discussed below. You should choose the appropriate configuration file for each type of blog you will be using and rename it appropriately. For instance you might have news blog with a configuration file named servernameNews.pl.
You may wish to at this point create the configuration files you will be using, and open them as we discuss their contents. At a minimum, the first two parameters listed must be modified. All other parameters may be modified if desired.
$blogurl | The URL for the blog must be modified. This is used for redirection after posting a new blog entry. If using server side includes, this should be set to http://www.servername.com/.../filename.html, where filename.html is the file that includes the server side include reference. If calling the script file directly, this should be set to http://www.servername.com/cgi-bin/example2.pl, where example2.pl should be replaced with the name of the configuration file you are editing. Be sure to use "/" instead of "\" or you will get a CGI error. |
$blogpath | The absolute path of the folder where the blog data file will reside must also be modified. Be sure to use "/" instead of "\" or you will get a CGI error. Separate folders may be setup for each blog, or you may choose to put the data files for each blog in the same folder, but with different names. Which leads us to the next item. |
$blogfile | The name of the blog data file. An _0 will be appended to this name when saving. Do not include the _0 as part of the parameter. |
$blogext | The extention of the blog data file. Bloxxen does not care. |
$title | The title of the blog to be displayed. The title will be available to all template files. |
$ssi | A flag to indicate that server side include mode is being used. This is only needed to prevent the header and footer templates from being used to display the blog file. Set it to "0" if you are using a standalone blog. |
$allowposts | This flag enables the Bloxxen Engine to accept posts. If "0", an attempt to manually post to the blog is disallowed. This prevents remote users from manually posting to your blog when posting no link is provided. The would typically be disabled for archive file access. |
$numbackups | The number (n) of backup copies of the blog data file to keep. Backup copies will be appended with _1 ... _n, where _1 is always the newest backup copy and _n is always the oldest backup copy. |
$displaynum | This is the number of entries to be displayed in the blog. A "0" will display all entries. |
$commentascendingorder | a flag indicating the order that comments (new posts) are displayed. Ascending order displays the smallest index (oldest entry) at the top of the log. |
$responseascendingorder | a flag indicating the order that response are displayed. Ascending order displays the smallest index (oldest entry) at the top of the log. |
$enablefilelocking | Bloxxen uses a file lock (temporary file) to ensure that only 1 user is reading from or writing to the data file at any instant. The file is locked only during file access, and is deleted immediately after use. It may be possible in extreme circumstances that the lock file is not deleted properly. In this case, the blog will cease to work until the file is manually deleted. For this reason, the file locking feature may be disabled. In most cases, file locking is probably not really necessary. File corruption can occur only if two users post a new entry at the exactly the same instant, which will normally occur on only on very active blogs where many users could be online at the same time. If locking is disabled, the blog display could be corrupted if the blog was being displayed the same time a post was occuring. This would only be temporary, until the display was refreshed. I normally do not enabled locking. |
$lockfile | The name of the temporary file lock. The lock file will be preceded with a tilde (~) character when saved to represent a temporary file. |
$headertemplatefile | The file name of the header template. |
$footertemplatefile | The file name of the footer template. |
$blogtemplatefile | The file name of the display blog template. |
$commenttemplatefile | The file name of the comment entry template. |
$responsetemplatefile | The file name of the response entry template. |
$formtemplatefile | The file name of the form template. |
$dateconfig | The date may be displayed in any of a number of ways. This is accomplished by configuring a format string, where:
%YR% = 4-digit year
%yr% = 2-digit year (padded with 0)
%MO% = month name
%mo% = month of the year
%dy% = day of the month
%DY% = weekday name
%HR% = 24 hour format
%hr% = 12 hour format
%mn% = minute (padded with 0)
%sc% = second (padded with 0)
%am% = A.M. or P.M.
So as an example, the string
"%DY%, %MO% %dy%, %YR%, %hr%:%mn%:%sc% %am%"
would be displayed as
Monday, November 8, 2004, 9:01:02 P.M.
and
"%DY%, %mo% %dy%, %yr%, at %hr%:%mn%"
would be displayed as
Monday, 11/8/04, at 21:01
|
$contenttype | The content type must be defined to generate HTML pages. It is recommended that unless you are sure of the type of content required, that this field remain unchanged. |
$newline | The text code to replace any carriage returns in the form with. The text may not contain HTML tags. |
$tabchar | The text to replace any tabs in the form with. The text may not contain HTML tags. |
$multispacechar | The text to replace each multiple space in the form with. The text may not contain HTML tags. |
In Lieu of a fancy string table, you will need to add error strings for several errors that may occur. These string may not contain HTML tags. All errors strings will be displayed at the start of the page.
$nonameerror | When the user previews or posts comments and responses where the "Name" is missing. |
$bigtexterror | When the user previews or posts comments and responses where the "Comment"exceeds $maxblogkbytes (see below). |
$blockederror | When the user previews or posts comments and responses where the "Spam Blocker" check fails. |
$lockederror | Whenever the blog data file is accessed, and the file is locked by another user. |
$badcallerror | Whenever a CGI call to the Perl script is made with unsupported parameters (i.e. /cgi-bin/example.pl?Admin). |
There are several security items in the Bloxxen Engine that are also configurable by administrators. You may wish to at this point open the bloxxen.pl file as we discuss its contents. It is important to keep these items in this file, and not move them to the configuration file. This will prevent calling the engine directly using a remote configuration file in an attempt to get around Bloxxen's security.
$maxblogkbytes | This defines the maximum number of bytes that may be entered in the comment section of the entry form. For security reasons you do not want the user to be allowed to enter large ammounts of data. |
$passwordrequired | A flag to indicate that a password is required. A "0" disables this requirement. Passwords will be dicussed in more detail in the Security section. |
$passwordtype | The type of password required. Enter "0" for automatic passwords. Enter "1" for manual passwords. Enter "3" for private passwords. |
$privatepassword | The password to be used when the $passwordtype is set to private. |
$maxfieldlength | This defines that maximum width used for the name, email, url, subject, and password fields of the entry form. Again, this is for security reasons as well as for a managable display. |
$filterwords | This is a comma seperated list of words that the administrator does not want displayed in any of the fields in the blog. Each of these words will be replaced with #$%&. |
$htmlsubstrings | A comma seperated list of complementing pairs of tags. All input data is stripped of HTML on entry. If the user wants to add HTML style formatting to an entry, he must use one of the select tags which are mapped to HTML tags. It is a security risk to allow users to embed HTML tags unchecked. You do not want the user to be able to enter malicious HTML code in your form, for instance, displaying of pornographic material or injecting of viruses. |
$CGI::POST_MAX | This is a CGI parameter that limits the ammount of memory used by CGI. If this limit is exceeded it sends an error message to Bloxxen to display. This will prevent attempts to upload large data blocks into the form that could overrun the server. |
$CGI::DISABLE_UPLOADS | This is a CGI parameter that prevents malicious users from attempting to upload data files which are not supported by Bloxxen. |
How do I use the templates?
100% of the HTML code displayed is under complete control of the blog administartor, whether it is embedded within template files, is permitted via HTML substring mapping, or is manually entered into the blog data file. There are a great many ways in which the data may be displayed, all of which are, unfortunately, beyond the scope of this project. The template files permit simple access to configuration and blog file data through the use of keywords. The template can be simple display routines, or complex web pages.
There are six templates currently used by Bloxxen. The convention for template extention is to use ".blx" to represent a Bloxxen template:
Header | The Header template is used as a header for all generated HTML pages (i.e. form page, preview page, error pages, etc). It is not used when displaying the server side include blog. It must include the <html>, <head>, </head>, and <body> tags. It is recommended that it also includes the content type and the title of the blog, both defined in the configuration file. This template is required. |
Footer | The Footer template is used as a footer for all non-server side include pages generated also. It must include the </html> and </body> tags. This typically will include contact and copyright information also. This template is also required. |
Blog | The blog template is used to display the blog data file contents and is used by the Bloxxen Engine when it is called with no parameters. It is therefore also required. |
Comments | The Comments template is used to display new posts only. It is therefore required. |
Responses | The Responses template is used to display responses to other posts. Responses to new posts are not distinguished from responses to responses. It is not required if users are not allowed to post responses to comments. |
Form | The form template is used to display the entry form. It is not required if posting is not allowed (i.e. for archive pages) |
Templates are only useful if they can access Bloxxen data and parameters to display. The following keywords are available to all templates:
%title% | returns the $title parameter to the template |
%contenttype% | returns the $contenttype parameter to the template |
%bloxxen% | returns the name "Bloxxen" to the template |
%version% | returns the version of the Bloxxen Engine to the template |
%fullurl% | returns the full URL to the configuration file |
Additional keywords are available, but only to designated templates:
Keyword | Template | |
%blog% | Blog | returns each blog data file entry in the format of the Comments Template |
%form% | Blog | returns the entry form in the format of the Form Template |
%privatepassword% | Blog
Form | returns the private password for display |
%date% | Comments
Responses | returns the date in the format of $dateconfig |
%index% | Comments
Response | returns the blog entry index as found in the blog data file, and determined at the time of posting. |
%name% | Comments
Response
Form | returns the blog data file entry name. It is used by the form if needed during preview. |
%email% | Comments
Response
Form | returns the blog data file entry email. It is used by the form if needed during preview. |
%ifemail%
%endifemail% | Comments
Response | conditional keywords between which is stripped from the display if no email address exists in the blog data file. |
%url% | Comments
Response
Form | returns the blog data file entry URL. It is used by the form if needed during preview. |
%ifurl%
%endifurl% | Comments
Response | conditional keywords between which is stripped from the display if no URL address exists in the blog data file. |
%ip% | Comments
Response | returns the blog data file entry IP address. |
%subject% | Comments
Response
Form | returns the blog data file entry subject. It is used by the form if needed during preview. |
%comment% | Comments
Response
Form | returns the blog data file entry comment. It is used by the form if needed during preview. |
%reference% | Form | returns the index of the post being responded to. |
%maxfieldlength% | Form | returns the $maxfieldlength parameter |
%autopassword% | Form | returns a random number for use with automatic passwords |
%manual1% | Form | returns a random number for use with manual passwords |
%manual2% | Form | returns a second random number for use with manual passwords |
%responses% | Comments
Response | returns all the responses from the blog data file for a comment in the format of the Responses Template |
How do I setup a form?
It is not my intention to provide a tutorial on HTML forms here. There are plenty of reputable guides on the internet. The best way to describe setting up a form, is to go through the example form form.blx provided.
The are 5 types of form fields expected: text, password, hidden, submit, and textarea.
There are only 4 allowed non-password named text fields (excluding the textarea field). These are: name, email, url, and subject. Each of these fields has a correspoding template keyword that should be used in place of the value field to prefill the form when it is redisplayed after previewing or an error. The display size of each field should be set no larger than $maxfieldlength but may be set smaller if desired. The following shows each of these fields in their typical configuration:
<input type="text" name="name" value="%name%" size="%maxfieldlength%">
<input type="text" name="email" value="%email%" size="%maxfieldlength%">
<input type="text" name="url" value="%url%" size="%maxfieldlength%">
<input type="text" name="subject" value="%subject%" size="%maxfieldlength%">
The comment textarea is the portion of the form where the comments are entered. It has a correspoding template keyword that should be used in place of the value field to prefill the form when it is redisplayed after previewing or an error. The text area has several parameters that may be setup such as height, width, rows and cols, but for Bloxxen the minimum configuration is as follows:
<textarea name="comment">%comment%</textarea>
When responding to a post, the index of the entry that is being referenced is pass to Bloxxen in the form as a hidden field. It must have its value prefilled with the corresponding template keyword as follows:
<input type="hidden" name="ref" value="%reference%">
Passwords are discussed later in the Security section.
The password field may be setup in the form as a hidden field for auto passwords, or as a password field for private passwords, or as a text field for manual passwords. If the password is not hidden, its size should be set no larger than $maxfieldlength but may be set smaller if desired. The auto password must prefill in the value with the corresponding template keyword, the others should probably not. The manual password has 2 other hidden fields that must be prefilled with the corresponding template keyword.
Private password:
<input type="password" name="password" size="%maxfieldlength%">
Auto password:
<input type="hidden" name="password" value=%autopassword%>
Manual password:
<input type="text" name="password" size="%maxfieldlength%">
<input type="hidden" name="manual1" value=%manual1%>
<input type="hidden" name="manual2" value=%manual2%>
There are 12 submit types which display as buttons on the form. 10 of these are for providing formatting buttons to aid the user in inserting format codes at the end of the form. The format codes should match the $htmlsubstrings. The other two buttons are for previewing and submitting the form. The value field for these buttons can be set to anything that is appropriate for the function they perform.
<input type="submit" name="preview" value="Preview">
<input type="submit" name="submit" value="Submit">
<input type="submit" name="formatcode0" value="[0]">
<input type="submit" name="formatcode1" value="[1]">
<input type="submit" name="formatcode2" value="[2]">
<input type="submit" name="formatcode3" value="[3]">
<input type="submit" name="formatcode4" value="[4]">
<input type="submit" name="formatcode5" value="[5]">
<input type="submit" name="formatcode6" value="[6]">
<input type="submit" name="formatcode7" value="[7]">
<input type="submit" name="formatcode8" value="[8]">
<input type="submit" name="formatcode9" value="[9]">
Let's talk security
It is important to block any security holes that may exist in the system when allowing a user to post data to your server. Posting data is a write operation that could cause a variety ill effects if not properly controlled. The most dangerous types of writes that we need to concern ourselves with are spam, executing code (such as trojans, viruses, and embedded scripts), and denial of service attacks. Bloxxen takes efforts to prevent all of these types of writes.
Spam can take the form of advertisements, links, pornographic images, etc. Unscrupulous hackers have developed automatic spammers that search the internet for blogs (forms) and attempt to post their wares. A common method used is to read the field names and types from the form, and create their own POST methods by filling in the fields automatically. These auto spammers, if not blocked, can automatically post to your blog over and over again. To prevent this, the Bloxxen engine optionally uses a password field that auto spammers should not be able to guess the appropriate contents of. The Bloxxen Engine has 3 types of passwords that may be used in an attempt to block these auto spammers. Each type has its own advantages and disadvantages, so it important to understand these in detail before determining which type to use, or whether to disable auto spam blocking altogether.
Automatic passwords save a random number with each post into the blog data file. When the form is displayed, the most recent post's automatic password is retrieved and made available to the form template using the %autopassword% keyword When the user posts the form, the password is sent to the Bloxxen Engine, which reads the automatic password from the blog data file and compares this to the one posted with the form. If they match, viola, they're in, and the data is posted to the blog data file with a new automatic password. Otherwise an error is displayed.
The advantages of automatic passwords are:
The field is hidden, so the user never sees or even knows the password is there..
Because the password is automatic, it should always work, so no users are prevented from posting manually.
Because the password is impossible to guess, generic auto spammers will be blocked.
It is more work for Bloxxen specific auto spammers to break in, because they must either try thousands of auto passwords until the get in, or they must read the blog data file and parse it to get the auto password.
The disadvantages of automatic passwords are:
Does not block Bloxxen specific auto spammers entirely.
If another post occurs while the user is filling in the form, their post will be blocked because the automatic password was changed on the last post. To reduce the chances of this occuring, administrators should not display the form template in the blog directly because the password could potentially sit around a long time while the user reads the blog, increasing the chances that someone else might have posted in the interim.
Maunual passwords generate 2 random numbers between 1 and 10, both of which are made available to the form template using the %manual1% and %manual2% keywords. It is expected to be obvious to the user that they must enter the sum of the two random numbers displayed. When the user posts the form, the random numbers are sent to the Bloxxen Engine, which are added and compared to the password entered. If they match, viola, they're in, and the data is posted to the blog data file. Otherwise an error is displayed.
The advantages of manual passwords are:
Because only simple math is needed to solve the password, virtually anyone that can post to the blog.
Because the password is impossible to guess, generic auto spammers will be blocked.
Because the field is of "password" type, most auto spammers will skip your blog, and look for more easy prey.
The disadvantages of manual passwords are:
Because all the information needed to crack the password is available in the form, it is rather easy for Bloxxen specific auto spammers to break in. They need only post any 2 numbers and their sum.
Private passwords require the administrator to enter a password in the $privatepassword configuration parameter, and then every user must be made aware of the password somehow so that they can enter it each time. This can be done either privately for a limited access blog, or done publically, by posting the password somewhere on the blog or the form so that the user can find it. It is not recommended to prefill the password field as this would make it easy for Bloxxen specific auto spammers to find the password needed. The actual password can be accessed for displaying in the blog or on the form by using the %privatepassword% keyword.
The advantages of private passwords are:
Generic auto spammers cannot guess the password, and cannot, theoretically breakin, as it would not be feasible for them to attempt to try every random password.
Because the field is of "password" type, most auto spammers will skip tour blog, and look for more easy prey.
The disadvantages of private passwords are:
The blog has limited user access, because the password is private. Even if it is published in the blog or on the form, the user must still be smart enough to find it and enter it, which it a larger burden on the user.
In Summary:
| | Best | Average | Worst |
Usability | Auto | Manual | Private |
Specific Spam Blocking | Private | Auto | Manual |
Generic Spam Blocking | Private
AutoManual | --- | --- |
A few points to note are that all of the password types are effective against generic auto spammers. Bloxxen specific auto spammers do not currently exist as far as I know, and may never, so it is questionable as to whether or not you need to consider this. Also none of these passwords will not stop manual spammers who come to your blog and fill it out just like your expected users.
To limit manual spammers ability to post spam to your blog, Bloxxen has implemented several features. These same features will also apply to any Bloxxen specific auto spamming posts that may get through.
HTML is stripped automatically from all posts so that images cannot be setup to be displayed, and executing code such as Javascript cannot be embedded. The administrator should not add $htmlsubstrings that would re-enable these abilities to the user.
Bloxxen also allows the administrator to set up $filterwords that will be replaced in the data when posted. This allows the administrator to decide what types of words they will allow from their users. It is expected that the primary use for this is to remove vulgar words and perhaps advertisements for Viagra and such. It is not intended to be used for censorship.
Some spammers may wish to post trojans or viruses to disrupt your system. To limit this, All fields in the form are limited in size using $maxfieldlength and $maxblogkbytes in order to prevent large ammounts of data being entered in the form. The Bloxxen Engine during processing ensures that these sizes are adhered to. These parameters should not be made too large, though it is not clear what too large is, so the size should be balanced with the maximum size of data you expect your valid users to post.
Denial of service attacks can take the form of users entering multi-megabyte data packets into your form in hopes that your server will bog down processing the data. The $CGI::POST_MAX limits how much memory the CGI processor will attempt to process before aborting and returning an error to Bloxxen. The value should be set larger than $maxblogkbytes, but set small enough so that your system can manage the memory requirements without concern. The $CGI::DISABLE_UPLOADS parameter will prevent illegal uploads to your server through the CGI.
Bloxxen's security net along with the security features of your particular server should place a significant deterrent on automatic as well as manual spammers.
What is the format of the data file?
The blog data file is a tab delimited text file than can be read and edited with any text editor that is compatible with the $contexttype defined. The actual seperator is "}" + tab + "{". This allows tabs to be embedded within the comments. The data file logs each entry on a separate line, with the most recent entry at the start of the file. Each entry contains the following fields in order:
index
reference
name
email
URL
year
month
day
weekday name
hour
minute
second
subject
comment
IP address
auto password
New entries read the first index from the file, increment the value and save it as the new index. Responses save the original index in the reference location.
How do I archive posts?
Archving is handled manually by copying any block of the blog data file entries with exception of the first, to another file. The first entry is needed for future indexing. This archive data file is accessed by a new configuration file that should have $allowposts disabled. Additionally the Templates should not provide links that allow posts, as an error would be generated.
Who is using Bloxxen?
The Rumblefische Blog
|