Tuskfish CMS Developer Guide (v2)
11 April 2022 4538 views | Documentation v2
Contents
Introduction
Tour of the file system
Overview of the architecture
The cache
Site preferences
Search
RSS feeds
The theme and template system
- Themes
- Assigning themes to pages
- Switching themes conditionally
- Cloning an existing theme
- Templates
- Assigning data to templates
- Rendering templates
- Bootstrap
- Modifying a Bootstrap template to work with Tuskfish
Anatomy of a typical page
Security
- How secure is Tuskfish CMS?
- Single admin system
- Explicitly minimised attack surface
- Rigorous multi-level validation
- Prepared statements and bound parameters
- Optional two-factor authentication
- No only password recovery
- Single origin code
- If you do find a problem
Sessions
Validating and escaping data
- Developing in a hostile environment
- Validate don't sanitise
- Escape data at the point of use
- Character encoding
- Character restrictions
- Mitigating SQL injection
- Mitigating XSS attacks
Metadata and pagination
Creating blocks
File operations
- Uploading a file
- Appending to a file
- Downloading a file
- Deleting a file
- Clearing a directory
- Deleting a directory
- File type restrictions on uploads
Logging errors
Webserver hacks: Rattle and hum
Useful tools and resources
Development road map
Copyright, all rights reserved.