We’re going to look at our new homepage and from there move on to look at some of the main concepts of PHP-Nuke: blocks, modules, themes, and site security. Along the way, we’re going to create the super user, a user with absolute power over our site; we will edit our first piece of content in PHP-Nuke, and begin the construction of the Dinosaur Portal.
Your New Homepage
Navigate to your site’s homepage in your browser. For our newly installed PHP-Nuke site, this will be http://localhost/nuke/. You should be presented with the following screen, which we saw at the end of the last article:
Considering that we’ve not really done anything, this is impressive. I’m sure you won’t be able to resist clicking on some of these links and seeing what PHP-Nuke has in store for us. Currently, the system is ’empty’, so it has a rather cold and eerie feeling about it. Rest assured that it will start to warm up over the next few articles as we add content to the site.
By the way, if you are impressed with the features you’re seeing right now, let me tell you that there are others that haven’t yet been activated. Also, there are many other add-ons that we can find from various PHP-Nuke resource sites across the Internet.
Let’s now talk about some of the PHP-Nuke bits that we see on the front page.
First of all, there’s the look of the page. There is the banner at the top, a site logo, and a horizontal navigation bar:
The page ‘body’ begins below the navigation bar. You can see a three-column layout with a big chunk of information in the middle column. The page layout of a PHP-Nuke site need not always look this; the arrangement of the elements, the choice of color, text styles, and images is controlled by the theme. A different theme can be selected for the site, and immediately, the look and feel of your site is changed.
The elements that you see in the left- and right-hand columns are known as blocks:
Blocks in PHP-Nuke are little nuggets of information positioned at the sides or sometimes at the bottom of a page. They often provide ‘navigation’, linking to other parts of the site, and provide a report or summary of the content that is available either on your site or, possibly, on another site. Typically, many blocks are displayed on a single page.
An important block is the Modules block in the left-hand column:
This block shows a list of the active modules on your site, and is the standard navigational element of a typical PHP-Nuke site. Each entry in the above list is a link to a module on your site, and by clicking on the links the visitor is able to move between the modules.
PHP-Nuke is a modular system. Each module is like a mini website in itself, performing different tasks and working with different types of content. The PHP-Nuke ‘core’ provides a central mechanism for handling these modules, so that they work together sharing data and user information, and ensuring a consistent look and operation throughout your site.
In short, the modules define your site.
The good thing with PHP-Nuke is that you can add and remove modules as needed, selecting the best range of features to suit your site and its visitors. We will discuss the standard PHP-Nuke modules over the next few articles.
When viewing a page on a PHP-Nuke site, the module currently in play can be known by looking at the URL of that page. For example, if you are looking at the Downloads module, the URL will be something like this:
The part of the URL after the ? character is the query string. The query string contains variables that are separated by the & character. In the above URL, the query string contains a single variable, name, which has the value Downloads. PHP-Nuke switches between modules according to the value specified in the name variable. The other query string variables determine what else is to be displayed on that page, such as the required news story for example. (Handling these query string variables appropriately has traditionally been a security weakness in PHP-Nuke, but that is true for many other web applications).
The output of the module being currently viewed is displayed in the middle column of the web page.
A Fistful of Default Modules
Let’s have a quick overview of what some of the standard modules offer:
- Home: Shows the homepage of the site. There isn’t actually a Home module but some particular module is associated with the homepage. The homepage actually has the URL index.php, rather than modules.php?name=XXXX.
- Downloads and Web Links: Allow you to create and maintain categorized lists of downloadable resources or links to other sites. Possibly you have already seen the Downloads module in action when you downloaded PHP-Nuke itself from a PHP-Nuke powered site. This is another ‘interactive’ module—visitors can submit their own downloadable resources or links here.
- Recommend Us: Allows the visitor on your site to send a message to their friends suggesting that they come and visit your site.
- Search: Allows the visitor to search the contents of your site.
- Statistics: Provides site statistics like the number of visits to your site, the different browsers used by visitors, and the most-viewed stories on your site.
- Stories Archive: Contains an archive of past stories that have appeared on the site, arranged by month of publication.
- Submit News: Allows visitors to submit a news story to the site through a form, after which the story goes straight onto the site provided it is acceptable. The story is then said to be published.
- Surveys: Displays the results of polls that have appeared on the site. Polls can be attached to stories and other pieces of content.
- Topics: Provides a different view of the stories, this time arranged by their topic.
- Your Account: Allows visitors to your site to register and create their own accounts. All visitors that register at your site can have their own area, which is accessed through this module. They can customize their own area, including their own Journal.
That’s not even all of the modules, but it’s enough to give you an idea of the breadth of the functionality that PHP-Nuke offers and the kind of experience that your visitors can look forward to.
Coming back to the homepage, have a look at the message in the middle that says:
For security reasons the best idea is to create the Super User right NOW by clicking HERE
It’s not everyday that we’re invited to create a super user, so I think we should get on with that, especially as the word NOW is in upper case; that always suggests a sense of urgency.
Clicking on the word HERE in that message will take you to the page http://localhost/nuke/admin.php; and we can begin creating our super user.
Creating the Super User
PHP-Nuke enables visitors to your site to create their own user account, and add and maintain their own personal details. The user account is required to identify them for posting news stories, making comments, or contributing to discussions in the forums, among other activities. By registering on the site and creating a user account, the visitors are given greater freedom on the site. However, their freedom has limits.
We are about to create a special type of user, the super user. This is a registered user of the site who has almost total freedom on the site and absolute power over it. The super user can access, add, remove, and modify any part of the site, and can configure and control anything on the site. Given the nature of this power, there comes the obvious responsibility of ensuring that the identity of this user is kept a secret.
Anyone obtaining these account details will be able to do almost anything to your site, and that could be worse than it sounds, so you must ensure that these details do not fall into the wrong hands.
The super user is a site administrator, in fact, the site administrator. We will use the term administrator and super user interchangeably. It is also possible to create other, less powerful, site administrators who can manage various parts of the site, such as approving bits of content submitted by visitors.
We shall now create the super user account. As with any user account on PHP-Nuke, it will consist of a username (‘nickname’, as it is also known in PHP-Nuke) and a password.
On the page http://localhost/nuke/admin.php, you will be presented with a form asking you to choose a super user Nickname, the HomePage of that user, a contact Email address and a Password. The password should only contain alphanumeric characters (letters and numbers). This is how the form looks:
The super user account is not the only type of user account that can be created with PHP-Nuke. Visitors to your site can register and create their own user accounts, which make them Registered Users of your site. When creating the super user there is an option to create a registered user with the same details, although obviously that user doesn’t have the extended power of the super user. This does mean that when you log in with this administrator account, you will enjoy all the personalization benefits of the standard user account.
We will create the nickname and password for the super user account now.
Do not use nicknames like admin, super user, or root for the super user; these would be the first guess of any miscreant attempting to break into your system. Also, make your password difficult to guess; make it long with a mixture of digits and letters, both upper and lowercase (definitely do not use the word password as your password!). Making the password secure is another vital step toward the overall security of your site.
In the page, we will enter dinoportmeister for the nickname, and use the password Pa2112cktXog. You can enter your own nickname and password here if you like, but make sure you remember them!
Your email address needs to go into the Email field, this is another required field. The HomePage field does not have to correspond to the address of this site; this is for informational purposes only.
The option to create a normal user with the same data will do just that, it will create a user with the same username and password as the administrator account. However, the two accounts are distinct, and changing the password for either account will not affect the other.
Click Submit and the super user is created.
Becoming the Administrator
After you have created the details for the super user, you still have to log yourself in with these details. On the admin.php page, you will find a form for entering the administrator username and password. Hopefully you haven’t forgotten them already!
After entering the details here, click the Login button and you will pass over to the other side: the administration area of the site.
The admin.php page is where you need to log in to access the administration area. Whenever you want to log in as an administrator to perform some site maintenance, you do so from this page. Logging in from any other place on the site will log you ‘normally’ into the site, as if you were a standard visitor to the site, even if the administrator username and password is accepted.
If you think about it, this suggests that unless it has been specially customized, any PHP-Nuke site has an administrator login page at admin.php. This means that anyone intent on accessing the administrator area of that site does not have to look far to find the administrator login (of course, getting the right username and password combination is another matter). To counter this, from PHP-Nuke 7.6 onwards, if you want to rename the admin.php file, you can do so by storing the new name of the file in the $admin_file variable in the config.php file. This relocates your administrator login page.
Once you have entered the administration username and password, you will get your first taste of the administration area:
That might be more than you were expecting. We are presented with two towering graphical menus; the Administration Menu and the Modules Administration menu, the main navigation tools for the site administrator. (In versions of PHP-Nuke earlier than 7.5, these menus were one—the Administration Menu).
We’ll dig into more detail about these menus in the next few articles. This is the place where you will spend most of your PHP-Nuke life, so you will need to get comfortable with it.
Before we go any further, click the Home link in the Modules block to return to the homepage of your site.
A New Welcome
When you return to the homepage, you will notice that some extra text has appeared at the bottom of the welcome message:
[ View: All Visitors - Unlimited - Edit ]
This text is evidence of the super user’s extra powers. If you click on the Edit link, you can begin changing the site. The presence of the Edit link is an example of ‘in-position’ editing, whereby as you browse the site you can quickly edit or delete the content you see. This link is not available to normal users of the site and is a pretty neat feature of PHP-Nuke.
When you click the Edit link, you will be taken back to the administration area.