We do this on a pretty extensive basis. We have something on the order of 300+ Contribute users working on around 150 sites. Some of those are purely static content. Many incorporate some mixing of CF and static content.
There are a lot of gotchas. First off, Contribute doesn't "not touch" all the CF code. What it does is put a little yellow shield where the code goes. If that happens to be in an editable region, it's perfectly possible for a user to delete the entire code block. There are two work-arounds that we've come up with. The first is that all your cf code that actually does anything important should be in CFC's or custom tags. That way, all you're including within a contribute page is a call to the actual code. So, should someone delete it accidentally, it's an easy fix. The other is to have pages that include contribute-editable pages. So, for example, your index.cfm might look like this (abbreviated): <html> <head> <title>My Page</title> <body> <cfinclude template="editablecontent1.html"> <cf_mycustomtag code="complex" protected="definitely"> </body> </html> Then, editablecontent1.html is what the user would be able to edit (see the lack of any editable region in this page?). Of course, in this scenario, you need to create an index page to all the pages that they can edit, because if they actually go to index.cfm, they're not going to be able to edit " editablecontent1.html". Does that make sense? Secondly, Contribute has issues if you don't have the html/head/body tags in each page. So, if you've grown accustomed to doing the very common <cfinclude template="head.cfm"> approach - where the head.cfm includes html and head tags, you'lll need to rethink that approach. You'll still want to "templatize" as much as you can. But, carefully. Here's an example barebones template of how we're doing it in one site: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd";> <html><!-- InstanceBegin template="/Templates/allpages.dwt.cfm" codeOutsideHTMLIsLocked="false" --> <head> <!-- InstanceBeginEditable name="doctitle" --> <title>4-H Youth Development UW-Extension</title> <!-- InstanceEndEditable --> <!-- InstanceBeginEditable name="head" --> <cfset pageSection = "home"><!-- InstanceEndEditable --> </head> <body> <div class="header"><cfinclude template="#fourhrootpath#/cfincludes/header.cfm"></div> <cfinclude template="#fourhrootpath#/cfincludes/nav.cfm"> <cfinclude template="#cffourhrootpath#/cfincludes/breadcrumbs.cfm"> <!-- InstanceBeginEditable name="Content" --> <!--- Content goes here ---> <cfmodule template="#fourhrootpath#/customtags/displayhighlight.cfm"> <!-- InstanceEndEditable --> <cfinclude template="#fourhrootpath#/cfincludes/footer.cfm"> </body> <!-- InstanceEnd --></html> In terms of security, contribute plays reasonably well with CF security models. And, you can get relatively granular with your contribute security models, as well. On 1/7/06, Dawson, Michael <[EMAIL PROTECTED]> wrote: > > We currently have an intranet (secured, of course) that supplies > information to students, employees, faculty and a few other misc-type > users. Currently, the authentication is browser-based using IIS. > > We are planning on rebuilding the site using a web-based form rather > than IIS security. We also want to allow different people to publish > content using Contribute. We decided that we don't want/need to > build/buy a CMS since our intranet doesn't really justify it. > > I would say about 40-50% of the site will be custom-coded ColdFusion > scripts and the remainder will be static content, or at least, content > that is maintained using Contribute. Some of the "static" pages may > have an element, or two, that is dynamic (using a CF script). I know > that Contribute will not touch any CF code. > > The pages built with Contribute may need to be hidden from certain > users, but the "entire" page will be either hidden or visible. The > custom pages we hand-code may have only parts of the page hidden from > certain users. The thought is that the Contribute pages will be pretty > much viewable by anyone, with possibly a few exceptions. > > Also, the Contribute pages, and dynamic pages, will more than likely be > in separate directories on the server as well as within separate > sections of the site. We want to make it easy for users to post content > yet still keep the overal site security we build for all pages. > > Has anyone, on this list, ever built anything such as this, using > Contribute and CF? > > Any problems with relying solely on the application.cfm/cfc for security > to pages? > > Any "gotchas" we should remember? > > Thanks > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:228824 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
