From the author: Greetings, friends. In this short overview article we will look at how the DLE admin panel works, where the entrance to the DLE admin panel is located and how to get to the admin panel. As you understand, the article is primarily aimed at those who have just begun their acquaintance with CMS DLE.

So, you have installed the DLE engine on your hosting or local server. How can I get into the DLE admin area now? It’s simple, to do this, just go to the main page of your site and add the line admin.php to the address, and then go to the new address. For example, the address of my website is dle.loc, respectively, the DLE admin panel is located at the following URL - dle.loc/admin.php

When we try to log into the DLE admin panel, we will quite logically see an authorization form where we must enter the administrator login and password that we created during the DLE installation stage. Let's log in. After successful authorization, we find ourselves in the holy of holies of our site - the DLE control panel.

It is worth noting that the DLE admin panel is built quite logically and intuitively. If you try to compare with the admin panels of other CMS, then the DLE admin panel will be a little more complex than the WordPress admin panel, but simpler and more understandable compared to the Joomla admin panel. The appearance of the DLE admin panel is also worthy of praise; working with the admin panel is quite pleasant and convenient.

In the upper right corner we can see data on our profile, where you can change your E-mail, name, password and other similar data. Also nearby there is access to the two most frequently used functions when managing a site - adding news and Editing news. Since DLE is a news engine, it is logical that news management functions are provided for easy access.

Let's try to add the first news, or article, if you will, to our site. To do this, click the Add news button and fill out the form provided to add news. Essentially, we just need to indicate the title of the article, select a category for it, and fill out a short and complete description of the article to be added.

Let's save the news and see if it appears on the main page of the site. The article has appeared and this is great, because you can add your other articles and news just as easily and simply.

Let's also change the name of the site. This can be done in the Script Settings - System Settings section. In the Site Name field, enter the desired name.

Now in the browser tab we will see what we need as the name of the site. As you can see, everything is really convenient, logical and understandable in the DLE admin panel. In the following articles we will get acquainted with other DLE capabilities, but this is where we will probably end the current article. If you want to get to know DLE more deeply and learn how to create websites on this engine, then be sure to pay attention to our course. Well, with this I say goodbye to you. Good luck!

For informational purposes only. The administration is not responsible for its contents. Download for free.

Dear friends,

We present to you a new version of our DataLife Engine v.13.1 NULLED script. In this release, you can expect the addition of support for automatic updating of plugins to new versions and a number of other improvements in the plugin system, new features have been added for more convenient work with additional fields, a new type of rating “Like and Dislike” has been added, an improved search for publications in the admin panel, and much more, read more about this and more...

The following changes were prepared and implemented:

1. Added the ability to automatically update the script in the admin panel within one version of the script, in cases where, for example, fixes for found vulnerabilities or other bugs are released. In cases where changes are made to the distribution within one version, for example, when patches for vulnerabilities are released, or other problems with the script are identified, it will be possible to update the script in the admin panel within this current version of the script.

2. Added the ability to automatically update plugins on the site. To do this, the plugin sets a URL to obtain information about the availability of a new version. At this URL, the plugin developer’s website should return an array in JSON format, which should contain information about the current version of the plugin, as well as a link to download the current version of the plugin. For example, the given URL should return the value ("version":"2.0","url":"https://dle-news.ru/test/test.zip"). After which, when checking for updates, the site administrator will be able to find out about the availability of new versions of the plugin and update the plugins in the admin panel in one click.

3. For the plugin management system, the ability has been added indicate the number of replacements that need to be made for each search criterion in the file. For example, you need to find and replace some code in a file that appears several times in this file, you can specify how many times this code needs to be replaced. To replace all occurrences of this code, you can leave this parameter empty, thereby the replacement will be made wherever the code you specify occurs.

4. For the plugin management system, the ability has been added automatic deletion of additional files downloaded along with the plugin in the archive if the plugin is removed from the site. To do this, the ability to choose whether to delete additional files or not is added to the plugin parameters. Thus, you can independently decide whether it is necessary to clear the server of additional files if it is deleted from the site, or whether they need to be left.

5. For the plugin management system, the ability has been added use the (THEME) tag in the names of folders located in ZIP archives. When loading an archive through the plugin system, this tag will be replaced with the name of the template used. For example, by placing the file /templates/(THEME)/test.tpl in the archive, your template file will be placed in the template used on the site. Thus, when using complex plugins that contain example template files, they can be immediately loaded into the desired folder containing the template used by the user.

6. For the plugin management system, the ability has been added use control characters of the preg_replace function, such as \\1, etc., in the “Search and Replace” action in the replacement string, which removes restrictions on the search and replacement of some codes in DLE.

7. For additional fields of the "Image" and "Image Gallery" types, added the ability to assign each image individually its own personal description, which is also used as an HTML alt attribute when displaying data in additional fields on the site.

8. For additional fields of the "Image Gallery" type, added the ability to change the sort order of downloaded pictures by simply moving them with the mouse. Once the images are uploaded, you can swap the images as you wish. Also, uploaded images can be transferred to other additional fields.

9. A new rating type “Like and Dislike” has been added for publications and comments. which keeps separate records of both the number of likes and the number of dislikes. For this purpose, new tags have been added for publication and comment output templates: (likes)- which displays the number of likes, (dislikes) - which displays the number of dislikes, as well as the tag text- which displays the text enclosed in the tag if this type of rating is enabled in the settings.

10. In the user profile settings in the admin panel, the ability has been added set a list of categories to which this particular user is allowed to add publications. This will allow, for example, journalists to maintain personal columns in which other journalists (or some of them) do not have the right to publish. Or vice versa - exclude a journalist from a specific news category if, for example, he is incompetent in it.

11. In the user profile settings in the admin panel, the ability has been added establish a list of trusted categories into which this particular user is allowed to add publications without moderation. Such personalization will allow for much more flexible delimitation of rights, without creating a bunch of user groups, including groups for each specific journalist.

12. For an advanced search for publications in the admin panel, in the publication editing section, the ability to select where to search has been added. You can search all content, or separately by headings, short description, full description and additional fields. Search algorithms have also been significantly improved to more accurately locate publications.

13. For an advanced search for publications in the admin panel, in the publication editing section, the ability to search simultaneously in several categories to choose from has been added.

14. Added the ability for the tag cloud using the characters "&" and "#", which allows, for example, to use the names of various brands in the cloud, for example, "H&M", etc.

15. In the script settings in the admin panel, the ability has been added permission for the site administration to log in to the site using social networks. When this setting is enabled, users in the administrators group can also log in to the site using their social network accounts.

16. In the admin panel, in the comments editing section, the ability has been added search for comments in the text. In this section, you can search for the comments you need to edit using any keywords. This makes editing comments more convenient.

17. In the admin panel, in the cross-reference management section, the ability has been added for mass actions on links, set the replacement “Only in static pages”, as well as “In static pages, news and comments”.

18. To preview banners in the advertising management section in the admin panel, Added connection of your template styles from the preview.css file. Thus, you can see a more correct design of your advertising code if it uses classes from your template.

19. Added for short news output template (shortstory.tpl) using tags text, which display the enclosed text in them if there are no publications according to these criteria. Thus, you can reassign the standard system message about the absence of publications in any particular section of the site, making it unique, for example, for each section of the site. These tags can also be used in templates that are used for custom display of publications using the tag (custom ...)

20. For the E-Mail template of the message that is sent when recovering a forgotten password, the use of new tags has been added: (%losturl%), which displays only the URL of the link to reset and generate a new password, as well as (%ipurl%), which only displays the URL of the link to reset the IP block. Thus, you can separately specify the design you need in the email for these links, for example, in the form of buttons. You can also, for example, refuse to display a link to remove IP blocking if you do not use this feature on your website.

21. Improved system for deleting categories in the admin panel. If the category being deleted contains subcategories that are also subject to deletion, then all actions for publications that contain the deleted category will be automatically extended to publications that also contain subcategories to be deleted. And the same actions will be applied to these publications in subcategories.

22. For the module "Filter by: IP, Login or E-Mail" the ability has been added adding blocked addresses or logins, or e-mails in whole lists at once, and not one at a time. This significantly speeds up the adding process if you already have a ready-made list of what needs to be blocked.

23. For the module "Filter by: IP, Login or E-Mail" the ability has been added editing existing rules. You can select and edit any rule without having to delete it and add it again.

24. For the module "Filter by: IP, Login or E-Mail" the ability has been added selecting several or all added rules at the same time, and mass unlocking these rules in one click.

25. Support has been added for the "Filter by: IP, Login or E-Mail" module use of IPv6 addresses that can be specified to block access to the site. The ability to specify IPv6 subnets for blocking has also been added.

26. Added the ability to specify IPv6 addresses in the user profile, from which authorization for the user is allowed. You can also specify not only a separate address, but also an IPv6 subnet.

27. For the module for custom sorting of publications on the site, displayed by the tag (sort), the ability to set sorting for each specific category, and not for all categories at the same time, has been added.

28. For links published in publications, the ability has been added using block elements in them, such as "p", "div", etc. This allows DataLife Engine to more accurately and correctly comply with HTML5 standards.

29. Added the ability to add new users in the DataLife Engine control panel, when working with the panel using smartphones.

30. Changes have been made to the operation of tree comments. If the maximum nesting for replies to comments has been reached, then in the case of a reply to the comment, these replies remain in the discussion thread at the maximum nesting. Previously, when the maximum nesting was reached, it was impossible to reply to a comment. Now the answer remains possible in any case.

31. For additional fields of the "Cross-References" type, added the ability to use double quotes and the ampersand character in values.

32. If for the E-Mail template of the message that is sent when recovering a forgotten password, the use of HTML format for this letter is set, then the links generated by the tag (%lostlink%) in this template will be generated in the form of ready-made HTML code, and not just text links.

33. The ability to install has been added to the script settings sorting posts by default by the number of comments. The same thing has been added for setting sorting criteria when viewing a catalog.

35. Changes have been made to the operation of additional fields, if the field has restrictions on adding by user groups. If the value of an additional field was added by a user who has the right to do so, and the publication is subsequently edited by a user who does not have the rights to fill in this field, then the value of this field is no longer cleared, but remains as it was previously filled in by the user who has the right to do so. right.

36. The limit on the number of characters in the Description meta tag for categories has been increased to 300 characters. The maximum length now corresponds to the maximum length set by the Google search engine for displaying this information in search results.

37. Improved search for similar news on the site. The display of similar news has become more relevant by sorting the found publications.

38. Improved support for IPv6 addresses of site visitors. In some specific cases, the full address might not fit into the database. The lengths of the fields are now reserved according to the RFC 4291 specification.

39. Improved generation of the og:description meta tag of the Open Graph protocol when viewing full news. Formation occurs more correctly when additional fields for publications are used as the main content.

40. Improved performance of the DataLife Engine security system, in order to more correctly check data on subdomains, on some hosting sites, it has a subdomain structure in the form of subfolders of the main domain.

41. Added support for the tel protocol: for links published on the site using BB tags.

42. Visual editors TinyMCE and Froala have been updated to the latest versions. A number of identified errors in these editors have been corrected.

43. Problem fixed, using in additional user profile fields fields of the "List" type, in which values ​​using the "|" symbol were used.

44. Problem fixed, in which, in the plugin management section, if the action on a file in the menu was changed, some symbols could incorrectly change in the values ​​​​specified in the fields.

45. Problem fixed, in which it was impossible to use tags for internal pages of the site, and only allowed use for external sites.

46. ​​Problem fixed, in which it was impossible to start updating the site to a new version if the site was in an encoding other than UTF-8 and the administrator’s login or password contained letters written in Cyrillic.

47. Problem fixed, in which a pop-up window about the receipt of new personal messages did not appear if the user independently logged out of his account on the site, and then logged in again after some time.

48. Problem fixed, in which editing comments in the script control panel did not work if the TinyMCE editor was enabled in the script settings.

49. Problem fixed, in which the number of days during which you can add comments to a publication was not displayed, if such limits were set in the script settings in the admin panel.

50. Problem fixed, in which an additional field of the “Downloadable file” type was not displayed on the site as a link to download a file, but was displayed as a simple tag.

51. Previously discovered and reported minor errors in the script have been corrected.

You can read about all the new features of DLE 12.1 in this article.

DataLife Engine v.12.1 Press Release will tell you about the addition to the advertising module, now the module supports the category function, in this version you can keep track of the number of views of advertising materials and other additions related to advertising management.

It is good that using canonical links is added in the code for all pages of the site, including navigation through sections, viewing the full news, etc. This is a trick to improve SEO optimization of projects, it will eliminate duplicate pages if incorrect links to your site are published somewhere on the Internet, or if for some reason it is necessary to disable control of incorrect CNCs.

For security purposes, a function has been added to automatically protect the site from flooding code or inserting frames on third-party sites. When you enable this setting, display of your resource will be automatically blocked if it is embedded in an iframe on someone else's site. This way you can protect your website from attacks such as clickjacking.

Another interesting feature for SEO site optimization is the expanded capabilities of the “Metatags” module; now you can set not only meta tags for pages, but also any separate title for the page and page description, which you can later display anywhere in your template.

(Recommended)
Hosting with free SSL certificate for the site, modern equipment on SSD - one of the leaders in quality and low price. In this article we read.

By the way, if you need a quality provider with a free SSL certificate, a favorable tariff plan and a secure provider, this promotional code provides a 5% discount on ordering a domain and/or hosting

A460-09C2-059C-5161

For example about free hosting no ads and conditions running DataLife Engine 12-9.x or any other CMS - this service will help you understand within a month whether hosting is suitable for you or not.

We offer download DLE different versions on http://www.site in the section for everyone without registering (licensed versions UTF 8 and Win 1251).

The main stage of development of version 12.1 has been completed, the release is in testing and pre-release preparation, but in the meantime we invite you to familiarize yourself with the information about what awaits you with the release of the new version.

The following changes were prepared and implemented:

1. Added support for categories in the advertising management module. You can create categories in this module and place your advertising materials in these categories. Headings are displayed at the very top, in front of the list of added advertising materials, in the form of folders. Within the categories themselves, you can also create additional subcategories in an unlimited number. Thus, if you have a large number of advertising materials, you can place them for ease of navigation through them in various sections and subsections.

2. Added the ability to count the number of views for advertising materials, added to the script control panel. Views are recorded only for real users who accessed the site using a browser. Bots crawling the site are not counted. View counting is enabled directly for each banner, so you can count views only for the advertising materials you need. You also have the opportunity to specify whether you want to count all banner views, or only count views from unique users.

3. For advertising materials in the admin panel, the ability to limit banner display has been added based on the number of views it has, and you can disable the banner when it reaches a specified maximum number of views.

4. Added the ability to count the number of clicks for advertising materials added to the script control panel. DataLife Engine automatically intercepts HTML tags published using the tags and automatically records clicks on them. These links do not require any special design; they can lead to any addresses you need. You also have the option to specify whether you want to count all clicks on a link, or only count clicks from unique users.

5. For advertising materials, the admin panel has added the ability to limit banner display based on the number of clicks on your banner, and you can disable banner display when the specified maximum number of clicks on it is reached.

7. Added use of canonical links, in the page code, for all pages of the site including navigation through sections, viewing the full news, etc. This feature allows you to increase SEO optimization of sites, and also allows you to avoid duplicate pages if incorrect links to your site are published somewhere on the Internet, or if for some reason it is necessary to disable control of incorrect CNCs.

8. In the category settings in the control panel, added the ability to set by default for a category whether it is allowed to publish news from this category on the main page of the site. These settings are in effect at the time of adding or editing a publication, and if publication on the main page is prohibited for a category, then the corresponding option is removed at the time of adding or editing a publication.

9. In the category settings in the control panel, added the ability to set by default for a category whether comments are allowed for posts from this category. These settings are in effect at the time of adding or editing a publication, and if comments are disabled for a category, then the corresponding option is removed at the time of adding or editing a publication.

10. In the category settings in the control panel, added the ability to set by default for a category whether ratings are allowed for publications from this category. These settings are in effect at the time of adding or editing a publication, and if the use of ratings is disabled for a category, then the corresponding option is removed at the time of adding or editing a publication.

11. In the script settings in the control panel, in the security settings section, the ability to enable automatic site protection from embedding into frames on third-party sites has been added. When you enable this setting, your site will be automatically blocked if it is embedded in an iframe on someone else's site. This way you can protect your website from attacks such as clickjacking.

12. The capabilities of the "Metatags" module have been expanded, This module has been renamed to "Titles, Descriptions, Meta Tags". Now in this module you can set not only meta tags for pages, but also a separate title for the page and a description of the page, which you can later display anywhere in your template. For this purpose, new global tags for templates have been added: (page-title) - displays the title you specify for the page, (page-description) - displays the description you specify for the page. It is also possible to use BB and HTML tags in the page description. Thus, using this module, you can, for example, create and display titles and descriptions for the tag cloud for each tag personally, etc.

13. Added new global template text tags, which display the text enclosed in them if a title for the page being viewed was specified in the “Titles, Descriptions, Meta Tags” module. And also added opposite text tags that display the text enclosed in them if the title for the page being viewed has not been set. Similar tags were also added for the description: text, which display the text enclosed in them if a description for the page being viewed was specified in the "Titles, descriptions, meta tags" module, text, which display the text enclosed in them if there was no description for the page being viewed given.

14. Support for new text tags has been added for the category menu template (categorymenu.tpl), which display the text enclosed in them if the category or news being viewed on the site does not belong to the category from the menu. This tag can only be used inside tags and is used, for example, to display some information (for example links) only for inactive categories from the menu.

15. Expanded capabilities for displaying publications based on the values ​​of additional fields in publications. When accessing the address http://yoursite/xfsearch/field name/field value/, publications will be displayed, as before, containing the specified value in this particular field, if the “use as cross-references” option is set for the field. When you access http://yoursite/xfsearch/field value/, publications containing this value for all additional fields will be displayed. When you access http://yoursite/xfsearch/field name/, all publications in which this specified field is filled in will be displayed.

16. The ability to assign a separate page named 404.html at the root of your site to display pages for which there is no content has been added to the script settings. If you enable this setting, instead of the standard system message “Unfortunately, this page is not available to you, its address may have changed or it has been deleted.”, you can display a separate, specially prepared page with a completely separate design. This innovation will be useful for webmasters who want to create a separate design for the 404 pages of their website.

17. The ability to assign an HTTP header has been added to the script settings, from where it is necessary to obtain user IP addresses. This innovation will be useful for sites that use various external proxy servers and do not have the ability to correctly reconfigure the server for them in order to obtain the correct real IP addresses of visitors. For example, when using the cloudflare service and others to protect against DDOS attacks and using a regular hosting plan without access to server settings. Now you can, in the script settings in the admin panel, tell the script where to get the IP address of site visitors from.

18. When deleting a category in the script control panel, the ability to choose what to do with publications that are in this category has been added. You can: “Remove this category from publications”, “Replace the category with another or other categories”, and also “Delete all publications in this category”. Moreover, if a category is deleted or replaced from a publication, only the category being deleted will be removed or replaced. For example, your publication is in the categories “In the world”, “News”, “Popular”, and you, for example, delete the category “In the world”, then for publications located in this category only the category “In the world” will be deleted or replaced, all other categories in the list of these publications will remain in place.

19. A new type of additional field has been added for publications: "Pure HTML and JS." When using this field, DataLife Engine will not interfere with the text written in it and will not filter the HTML code of this text, and also allows pure javascript code to be written in it. This field will be useful when you need to insert some code into the news that does not require a security check, for example, your own player, etc. Attention, given that the script will not filter the text from this field, when creating it, be sure to set restrictions on which groups are allowed to use it. Do not allow its use by ordinary users whom you do not trust, otherwise it may pose a security risk to your site.

20. For additional publication fields, which have the "Use as cross-references" option, the ability to specify a separator for link data has been added. You can specify either individual characters or HTML code as a delimiter. Previously, a comma was used as a list separator; now you can set your own personal separator for each field, which allows you to create a unique output design for each field in the template.

21. Added support for Yandex Turbo technology for regular RSS channels, without using the inclusion in the settings of the RSS stream type as "Yandex news", for this, support has been added for displaying the full news tag (full-story) for any type of RSS stream. The standard template /templates/rss.xml has also been updated, which demonstrates what a template with full Yandex Turbo support should look like. Similarly, the ability to customize an RSS template for Yandex Zen technology is fully supported.

22. Added the ability to reply to comments when viewing all the latest comments on the site, if support for tree comments is enabled in the script settings. Thus, you can, for example, quickly respond to comments received on the site without going into each news item, due to the fact that some heavy scripts have been transferred to delayed loading and independent of page rendering. These scripts are loaded into the browser in parallel with page rendering and are launched only after the page is completed in the browser. Which visually ensures faster page display.

24. Added an option for users who are not registered on the site, send complaints to the site administration about news and comments, just as such an opportunity existed previously only for registered users.

25. Added the use of schema org micro markup to display ratings with the "Evaluation" type. The use of this micro-markup allows for full news, when displayed in search results on Google, to also display the publication rating.

26. Added automatic detection of the orientation of photos when uploading them to the server, based on meta-information contained in graphic files. If the original photo was upside down, then when it is uploaded to the server, the script will also automatically rotate it to the desired position. This eliminates the need to additionally edit pictures on a computer if the camera was rotated when taking photographs.

27. Added the ability to automatically notify the site administration about the arrival of new news from users, which is under moderation (if this is enabled in the script settings), if the news was added from the script control panel. Previously, a notification was sent only if a post was added directly from the site.

28. If the user edits a publication in the control panel, which was previously published on the site, but according to the settings of his group, he is prohibited from publishing without moderation, or is not allowed to publish in all categories, then the site administration will also be sent a corresponding e-mail notification that this news is awaiting moderation.

29. Changes have been made to the operation of the Breadcrumbs module on the site. If news from a certain category is viewed, then for the category in which the user is directly located, this category will be displayed in the form of plain text and not a link. Only categories higher in the hierarchy will be displayed as a link, or a link to this category will appear if, for example, the user has gone further in navigating pages in this category. Thus, this innovation allows you to avoid cyclic links of pages to themselves.

30. For the "Cross-references" module in the control panel, added two new replacement areas for links. You can optionally specify a replacement only in static pages, and you can also select a replacement in static pages, news and comments.

31. For the "Search and Replace" module in the control panel, the ability to mass replace text in surveys for publications and in voting on the site has been added.

32. Added the ability to delete all publications, awaiting moderation from a specific user. To do this, in the user management section, click on the number of his publications and select the appropriate menu item.

33. Added the ability to delete all comments, awaiting moderation from a specific user. To do this, in the user management section, click on the number of his comments and select the appropriate menu item.

34. Formatted output of the number of different counters (views, publications, comments) has been added to the script's admin panel. The output of these counters is carried out in formatted form, separated by a space of hundreds, thousands, millions, etc. Which gives a more visual representation and perception of these numbers.

35. For templates for displaying comments and adding comments (addcomments.tpl and comments.tpl), support has been added for new tags text - displays text in the tag if the news belongs to the specified categories, as well as tags: text - displays text in the tag if the news does not belong the specified categories. Thus, you can set different formats for displaying comments and adding comments for publications from different categories.

36. Added support for word declinations for the tag displaying the number of votes, which were exposed for rating publications. For example, you can use (vote-num) review||a|s. Previously, this was not available for this tag, because... it contains HTML code, not just a number.

37. If the script settings enable the use of the site only via the HTTPS protocol, then cookies will also be sent to the server by the browser only via the HTTPS protocol and will be automatically blocked if the regular HTTP protocol is used.

38. Added control of incorrect CNC for static pages, the publication text of which is divided into several pages. If an incorrect page number is specified, an automatic 301 redirect will be made to the starting address of this page.

39. For RSS import of publications, support has been added for importing pictures from the enclosure tag containing the image for the publication. If the short description in the RSS stream is just text, and the picture is given in it as a separate tag, then when importing the short news, the picture for this publication will also be added to the very beginning.

40. Added support for redirects to receive full news when using RSS import of publications. If the link from the RSS feed is a redirect for further transition to the full text of the news on the source site, then DataLife Engine will automatically follow this redirect and take content from the final source. Thus, receiving complete news will be of higher quality than before.

41. Changes have been made to the operation of tags and. If the use and addition of comments is prohibited for a particular publication, then these tags will also hide the content in them.

42. If comments are allowed for publication, but at the same time, according to other settings, the user or group of users was prohibited from publishing comments, then a message about this will not be displayed at the end of all comments, but in the place where in your template you define the display of the form for adding a comment with the tag (addcomments), thereby you can determine the location of this message on your site.

43. For authorization using the Odnoklassniki social network, the ability to automatically receive the user’s E-mail has been added, provided that the application itself has received the appropriate rights from Odnoklassniki. Attention, by default Odnoklassniki does not provide rights to receive E-mail, and to obtain appropriate access you must additionally contact social media. network to allow receiving e-mail. If permission is received, DLE will also automatically import the e-mail address.

44. Improved system for calculating image proportions when creating small copies. This creates a more correct and high-quality reduced copy.

45. Improved search system for publications when enabled in the script settings, a simple search type. The new algorithm allows you to more accurately and correctly find publications.

46. ​​Improved system for controlling the appearance of duplicate pages, when viewing all the latest comments on the site.

47. Optimized processing of additional publication fields when displaying short publications, as well as during the operation of the module for displaying popular publications.

48. Visual editors TinyMCE and Froala have been updated to the latest versions. A number of identified errors in these editors have been corrected.

49. Added support for inserting hidden text tags for the TinyMCE editor, using the corresponding button in the editor.

50. When using the Floara editor for comments, added the ability to quickly download and insert images into comments. You can either click on the insert picture icon and select a file to upload, or simply drag the picture file from your computer into the editor field with the mouse, after which the picture will be automatically loaded and inserted at the cursor position in the editor.

51. Small changes have been made to the layout of the script control panel, aimed at eliminating some layout errors and improving interaction with the control panel.

52. The library for sending mail from the site has been updated to the latest versions, as well as a mobile device detection library.

53. Fixed an issue where the and tags were not processed in the post preview.

54. Fixed an issue where meta tags for social media were generated incorrectly. video and audio networks, if the video was published in additional. fields and consisted of playlists and descriptions of video and audio files.

55. Fixed a problem where, under certain situations and server settings, previewing publications might not work when adding publications from the site.

56. Fixed an issue where dynamic loading of comments did not work, if this is enabled in the script settings, and the tag (jsfiles) is placed at the very bottom of the site.

57. Fixed an issue where displaying the latest comments did not work, in case viewing of certain categories was prohibited for a certain group.

58. Previously discovered and reported minor errors in the script have been corrected.

This plugin system allows you to modify any functionality of the script at your discretion. Installing plugins on the site and updating plugins is done in one click, directly in the DataLife Engine control panel. If the plugin is developed for a new system, then users will no longer have to read installation instructions, edit something directly in the script files, etc. All they need to do is simply upload the plugin to the admin panel and that’s it.

The plugin system is built using virtual file system technology. You describe in the plugin which file and what actions need to be performed, based on this information DataLife Engine will create virtual copies of these files, with all the necessary changes and modifications, and will work with the created virtual copies without affecting the original files. At the same time, you can describe changes in almost all files, with the exception of a number of basic ones, for example root files, but they do not carry any functionality other than connecting other files. The functionality of the files responsible for AJAX functions can also be changed; for this purpose, they were completely rewritten to work through the controller. What benefits does this provide? Firstly, the original files always remain unchanged, so plugins can be easily modified, removed, updated, etc. Secondly, this system uses the minimum possible load on sites as a whole, because virtual copies of files are created only once, at the time of installing or updating plugins, after which DataLife Engine works with these modified files as with ordinary native files and there is no memory consumption for call points, storage and control of information about where and what functionality needs to be changed etc. The load on the server will increase only by the load that the plugin itself brings with it, and the plugin management system will not cause any additional load. Thirdly, there are no problems directly updating the script, the script can be updated to new versions, and your plugins will automatically be applied to new versions. In this case, different plugins can modify the same file without causing conflicts, provided, of course, that different plugins do not perform actions that are directly opposite to each other.

So, in the plugin management module itself, you can either create a plugin directly in the control panel or upload a ready-made plugin. Let's consider adding a new plugin directly in the control panel:

On the first tab you specify general information about the plugin. Its name, its brief description. To make it easier to differentiate from other plugins, you can give it an icon that it will use in the list of plugins. You also specify the version of the plugin itself, and the version of DataLife Engine with which it is compatible.

On the next tab, you directly specify the actions on the files that need to be performed. You can add one or more files on which you need to perform actions, and also assign one or more actions to each file that need to be performed. In the files you can perform the following actions:

1. Find and replace any code.

2. Find and add the required code above.

3. Find and add some code below.

4. Completely replace the contents of the file with your own.

5. Create a new virtual file that does not exist in the original DLE.

You can also add or delete files, change or delete actions on files at any time. For ease of perception and editing, all code is highlighted, and fields can be dynamically stretched.

Thus, the situation in which you previously manually edited the script files, and stored the changes somewhere in your notepad, and each time you updated the script, re-entered them into the script files, is completely a thing of the past with the new version. You can independently create your own personal plugin directly in the admin panel, describing once the changes you need in the script, and when you update the script to a new version, you will no longer have to worry about it, your changes will be automatically applied to new versions.

On the next tab you can add the necessary actions in the MySQL database that the plugin should perform in certain situations. You can specify a list of MySQL queries that must be executed when installing the plugin, when updating it, when disabling it, when enabling it, when deleting it. Moreover, for each action you can specify either one or a list of several queries to the database.

For an existing plugin, you can perform the following actions: You can disable it, in which case it remains on the site, but is completely ignored by the script, and all its actions on files are suspended. You can update it to a newer version, if available. Download the plugin to your computer to install it on another site. In this case, the file itself is downloaded in XML format, and this XML contains a description of all actions. Essentially, the plugin is an XML file that can be installed on a website in the admin panel.

Let's consider uploading a ready-made plugin to the site. You can download and install a ready-made plugin on your website. When you click the corresponding button, you can download either an XML file with the plugin. Or a ZIP archive with a plugin. This allows you to create very complex plugins that contain a large number of other additional files, both graphic and PHP files. In order, for example, not to describe all the actions directly in the plugin itself, you can create additional files and pack them into an archive, placing them in new places. It is important to know that the archive can only contain PHP files that are not included in the distribution, but only your additional files; if there are files included in the distribution, such downloading will be blocked. Modification of standard files must be described in the plugin itself. The file with the XML plugin itself should be located in the root of your archive.

If you download an archive with a plugin, and DataLife Engine will not have the rights to write the files in your archive. It will automatically request FTP access in order to download your archive. If accesses are not required, then everything will be copied automatically without them. In this case, these accesses will not be stored anywhere, but will be automatically deleted when they are no longer needed.

The new plugin management system also has a built-in system for logging errors in the plugin. If any action on the files cannot be performed, or any errors occur, you can easily see and correct them. For example, this is extremely convenient; if your plugin is not compatible with the next version of DLE, you will quickly see this, and you can easily adapt the plugin.

I greet everyone who devotes their precious time to these lines.

In this article I want to talk about ways to optimally configure the server and DataLife Engine content management system. Over 4 years of working with Internet sites and servers, I have learned that security comes before convenience and that attention needs to be paid to it. Reservation: I do not claim ownership of anyone's intellectual property! All material was collected on the Internet.

Below we will describe actions that will help distribute the server load, protect it from DOS attacks, limit access to the FTP protocol and correctly configure the DataLife Engine system.

Security and configuration of your server.

1. Setting up the server configuration using the front-end Nginx to Apache combination.

The advantages of such a scheme can be understood with a small example. Imagine that your Apache web server needs to serve about 1000 requests simultaneously, many of them connected to slow communication channels. In the case of Apache, we will end up with 1000 httpd processes, each of which will be allocated RAM, and this memory will not be freed until the client receives the requested content.

In the case of a scheme using a front-end server, we will receive significant resource savings due to the fact that after receiving a request, nginx transmits the request to Apache and quickly receives a response. As a result, Apache, after giving the response to nginx, frees the memory. Next, the nginx web server interacts with the client, which is precisely written to distribute static content to a large number of clients with little consumption of system resources.

For our bundle to work correctly, we need a module for Apache. This need arises for the following reason: requests to Apache come from the IP address on which nginx runs; accordingly, only the IP address of the nginx server will appear in the Apache log files. Also, without using this module, problems will begin with scripts that use the visitor’s IP address and the mechanism for restricting access by IP addresses using .htaccess will no longer work correctly.

Installing NGINX on popular OS.

Red Hat Enterprise Linux 4/CentOS 4
To install nginx on these operating systems, you need to connect an additional package repository.

Red Hat Enterprise Linux 5/CentOS 5
To install nginx on these operating systems, you need to connect an additional EPEL package repository.

ASPLinux Server 5 / Fedora
nginx is included in the standard distribution package.

If the repositories are connected or simply not required, run: yum install nginx

Installing Apache.

To install the Apache web server, just run: yum install httpd

Installing mod_rpaf.

1. Install the httpd-devel package:

yum -y install httpd-devel

2. Download and install mod_rpaf:
Enter the directory /usr/local/src

cd /usr/local/src

Load the file mod_rpaf-0.6.tar.gz into /usr/local/src

wget http://stderr.net/apache/rpaf/download/mod_rpaf-0.6.tar.gz

Unpack mod_rpaf-0.6.tar.gz

tar xzf mod_rpaf-0.6.tar.gz

Go to the directory where you unpacked it

Installing the module in the system

apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c

3. Next, you need to create a mod_rpaf configuration file - /etc/httpd/conf.d/rpaf.conf and add the following lines to it:

RPAFenable On
RPAFproxy_ips 127.0.0.1 xx.xx.xx.xx yy.yy.yy.yy

where xx.xx.xx.xx and yy.yy.yy.yy are the IP addresses of your server. If there are more than two IPs on the server, add them using the same analogy.

service httpd restart

4. In nginx, the following lines must be specified inside the http() block:

proxy_set_header Host $host;

If these lines are specified, there is no need to add them.

If nginx.conf is modified, nginx should be restarted:

/etc/init.d/nginx stop
/etc/init.d/nginx start

5. How to check if the installed module is working?
On any of the domains that are located on your server, place the test.php file with the contents:

" echo $_SERVER["REMOTE_ADDR"]; ?>"

Next, follow the link, where domain.tcom is your domain name. If an IP is displayed that is different from the IP of your server, the module is working correctly.

Setting up NGINX.

Below is the nginx configuration file for working as a front-end server. It is assumed that nginx will run on all interfaces on port 80, and Apache will run on interface 127.0.0.1 and port 8080. Save this configuration file in the /etc/nginx/ directory with the name nginx.conf.

user nginx;
worker_processes 10;
error_log /var/log/nginx/error.log debug;
pid /var/run/nginx.pid;

events (
worker_connections 20000;
}

http(
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main "$remote_addr - $remote_user [$time_local] $status "
""$request" $body_bytes_sent "$http_referer" "
""$http_user_agent" "http_x_forwarded_for"";
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 30;
send_timeout 900;
server_tokens off;
server (
listen 80;
server_name_;
server_name_in_redirect off;
access_log /var/log/nginx/host.access.log main;
location/(
proxy_pass http://127.0.0.1:8080/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 10m;
}
}

Apache setup.

In the Apache configuration file /etc/httpd/conf/httpd.conf, find the line:

and replace it with the line:

Listen 127.0.0.1:8080

Setting up mod_rpaf.

Add the mod_rpaf module to your Apache configuration file. To do this, add the following line to the /etc/httpd/conf/httpd.conf file:

LoadModule rpaf_module modules/mod_rpaf-2.0.so

Then add the lines to the same file:

RPAFenable On
RPAFsethostname Off
RPAFproxy_ips 127.0.0.1 192.168.0.1
RPAFheader X-Real-IP

Instead of 192.168.0.1 you need to put the server IP address.

2. Server configuration for protection against DOS attacks.

We enable caching of the main page in nginx for those who do not have cookies.

Add restrictions to nginx.conf:

limit_req_zone $binary_remote_addr zone=two:20m rate=2r/s;
server(
location/(
limit_req zone=two burst=5;
}
}
}

We use tail and awk:

tail -f /var/log/nginx/access.log | grep GET / HTTP/1.1" 503

Connect the log:

tail -f /var/log/nginx/access.log | grep GET / HTTP/1.1" 503 | awk "( print $1 )"

We get the IP of the machines:

iptables -A INPUT -p tcp -j DROP -s $IP

Enter the IP in the Firewall:

tail -f /var/log/nginx/access.log | grep GET / HTTP/1.1" 503 | awk "( print $1 )" | xargs -t -l iptables -A INPUT -p tcp -j DROP –s

Now let's set connlimit for iptables to limit bot connections. In the rules we set permission for 5 connections from one IP, and 25 from a class C subnet.

DDOS attack with 16,000 bots - Load average: 1.4 1.9 2.0

Restricting FTP access

For this we need the .ftpaccess file. It will help you block or allow FTP access from specified IP addresses. Someone may ask the question: “I have a dynamic IP, how can I use .ftpaccess correctly?” I only mean the answer: “If you need this security add-on, purchase a static IP from your provider. They won’t ask you for a lot of money for it.”

To create the .ftpacces file we need SSH access. You can use the winscp program. There can be a large number of settings in .ftpaccess, but we are only interested in one parameter. By writing these lines in the file you will completely block access from everyone:

Deny from all

After what is written above, no one will be able to access FTP. To add access permission to a specific IP, you need to specify the following parameters:

Allow from 127.0.0.1
Deny from all

Naturally, the address 127.0.0.1 is given as an example and needs to be replaced with your own.

Important! It is best to deny access via FTP to absolutely everyone and connect only via SSH.

Protecting the DataLife Engine content management system.

1. Install and configure.

2. Rename the admin panel file and make a fake one at the old address (www.sait.com/admin.php) when going to which the user will be blocked by banning his ip in .htaccess.

Renamed? Now we create a file ip.txt in the root directory to store IP addresses. We give it and .htaccess rights CHMOD – 777.

Create a file admin.php with the following content:

$ip = getenv("REMOTE_ADDR");

$log = fopen("ip.txt", "a+");
fwrite($log, "// ".$ip."\n");
fclose($log);

$f = fopen($_SERVER["DOCUMENT_ROOT"] . "/.htaccess", "a");
fwrite($f, "\ndeny from " . $ip);
fclose($f);

DataLife Engine Admin Panel

Text, for example: Your ip is in the logs, I will find you!

Be afraid, nonentity, ha-ha!

"
3. Let's add additional authentication in the admin center.

You must come up with another username and password (do not use your administrative account details). The second login and password must be completely different from the first. Have you decided? Great! Now let’s encrypt our password in md5 (you can do this on the website md5encryption.com).
Next, open admin.php (remember, we previously renamed it and, therefore, if you called it superadmin.php, you need to open this particular one) and after the line:

add:

$login="enter the invented login";
$password="and generated password in md5";
if (!isset($_SERVER["PHP_AUTH_USER"]) || $_SERVER["PHP_AUTH_USER"]!==$login ||
md5($_SERVER["PHP_AUTH_PW"])!==$password) (
header("WWW-Authenticate: Basic realm="Admin Panel"");
header("HTTP/1.0 401 Unauthorized");
exit("Access Denied");)

4. Disable php functions not used by the system.

To search for the php.ini file, create a file phpinfo.php with the text:

After searching, be sure to delete phpinfo.php!

disable_functions = allow_url_fopen, eval, exec, system, passthru, scandir, popen, shell_exec, proc_open, proc_close, proc_nice, get_current_user, getmyuid, posix_getpwuid, apache_get_modules, virtual, posix_getgrgid, getmyinode, fileowner, filegroup, getmypid, apache_get_version ap, ache_getenv, apache_note, apache_setenv, disk_free_space, diskfreespace, dl, ini_restore, openlog, syslog, highlight_file, show_source, symlink, disk_total_space, ini_get_all, get_current_user, posix_uname, allow_url_fopen

5. We create filtering for GET and POST requests, preventing injections into the database and obtaining data from it.

Create a .php file with a custom name and the following content:

//set to one if you want to enable query debugging
$debug = 0;

$bag_req = array("select", "eval", "echo", "UPDATE", "LIMIT", "INSERT", "INTO", "union", "CONCAT", "INFORMATION_SCHEMA", "OUTFILE", " DUMPFILE", "LOAD_FILE", "BENCHMARK", "SUBSTRING", "ASCII", "CHAR", "database", "HEX", "\\.\\/", "%00", "\\.htaccess ", "config\\.php", "document\\.cookie");
$request = serialize($_GET);


if($_GET)
{
foreach ($bag_req as $key => $value) (
{
Query found in array $value
$request";
}
}
}
if($_POST)
{
$request = str_replace("selected_language", "sl", serialize($_POST));
$urequest = urldecode($request);
$brequest = base64_decode($request);
foreach ($bag_req as $key => $value) (
if(preg_match("/$value/i", $request) || preg_match("/$value/i", $urequest) || preg_match("/$value/i", $brequest))
{
if($debug == "1") $do_debug = "
Query found in array $value, which blocks proper operation
$request";
die("BAD REQUEST $do_debug");
}
}
}
?>

We save it on the server in any directory of the DLE system. Open the file engine/classes/mysql.php and after:

if(!defined("DATALIFEENGINE"))
{
die("Hacking attempt!");
}

connect the created file:

include_once(ENGINE_DIR."/file_path/name.php");

6. When using free components for DLE, be sure to find out the opinion of a specialist about their reliability.

If you have any questions, please contact search engines - all material is freely available!
Anything to add? You are welcome to discuss!

Good luck to you and your projects!