To use SSI or not to use SSI
I'm going to be reworking a 600+ page website and am considering using server-side includes for headers and footers.
I don't know very much about SSI, so I'm wondering whether this is the most feasible way to go about site simplification. I know that it will be infinitely easier to change and upload 40 or so headers (yeah, I'll need about that many) as opposed to changing the header on 600+ pages. But, I'm wondering if the rendered pages go into the cache as regular HTML pages do, or if the server gets hit every time a page loads? Would external .js files be easier on the server and still accomplish the same simplification?
TIA
mairving posted this at 16:41 — 18th February 2002.
They have: 2,256 posts
Joined: Feb 2001
To me, it is even easier to do this with PHP. Just create your headers and footers and call them anything that you want. Then to call the headers do this:
<?php
include(\"header.inc\");
Page contents here
include(\"footer.inc\");
?>
Of course, your host has to support PHP. Also if you have directories, you would have to have the path to your root.
Mark Irving
I have a mind like a steel trap; it is rusty and illegal in 47 states
Dami posted this at 19:47 — 18th February 2002.
She has: 88 posts
Joined: Sep 2001
I'd love to be able to use PHP, but my boss is concerned about security and she is adamently against open source.
Busy posted this at 21:22 — 18th February 2002.
He has: 6,151 posts
Joined: May 2001
I've used .js for something similar to what your doing, but if the viewer has javascript turned off your stuck.
SSI is ok but has problems on older browsers, your only foolproof bet is something like PHP
tell your boss to look at many of the top sites, she'll find more and more sites are run from databases using php etc and because you cant view php code, setting them as variables on the page is safe as houses.
Suzanne posted this at 21:49 — 18th February 2002.
She has: 5,507 posts
Joined: Feb 2000
Also, SSI is about as open source as you can get... And MS is rife with security leaks!
If you really want to go very secure, without extra hits to the server, use JSP, on an oracle server. Set the pages to sit in a servlet area, so when called, they are built, and then served as whole pages to all other calls until the data changes. It's so not open source your boss will be thrilled. Of course, she'll also have to approve a fairly hefty budget for the project.
mairving posted this at 21:58 — 18th February 2002.
They have: 2,256 posts
Joined: Feb 2001
Your boss has been brainwashed. Some people believe that the more that you pay for something, the better it is. Tell her that the majority of web sites are run on Apache, an open-source webserver. The others are run by Code Red and Nimbda.
Mark Irving
I have a mind like a steel trap; it is rusty and illegal in 47 states
Gurudev posted this at 22:50 — 18th February 2002.
They have: 61 posts
Joined: Nov 2001
Who is your boss? Is it Bill Gates by any chance?
Dami posted this at 22:30 — 19th February 2002.
She has: 88 posts
Joined: Sep 2001
We won't go into my boss' idiosincracies...there isn't enough web space.
Thanks for the responses. I'll keep mentioning to her how using PHP on pages that have no need for any special security really isn't a bad thing.
Sparklebug posted this at 22:48 — 19th February 2002.
They have: 54 posts
Joined: Oct 2001
I've been thinking about these issues myself - whether to go with SSI. Unfortunately we cannot use PHP as our web hosts are NT only and do not support PHP at all. Given this, would you go with SSI as next best and simplest?
Busy posted this at 23:01 — 19th February 2002.
He has: 6,151 posts
Joined: May 2001
if you look thru some PHP tutorials you'll find using passwords etc on the page is normal, as no PHP coding can be seen by anyone.
if your setup supports php, try this:
<?php
$password = \"sat\";
$username = \"sun\";
Please enter you name and password<br>
<form method=\"post\" action=\" echo$PHP_SELF \">
Password: <input type=\"password\" name=\"yourpw1\" value=\"\" size=\"10\"><br>
Name : <input type=\"text\" name=\"yourname1\" value=\"\" size=\"10\"><br>
<input type=\"submit\" value=\"submit\">
<input type=\"reset\" value=\"reset\">
</form>
if ($yourpw1 == \"$password\" and $yourname1 == \"$username\"){
echo (\"welcome to php, check the source of this in your broswer\");
} else {
echo (\"oops you made a typo, try again\");
}
?>
save it as testing.php or something, you'll see the password is mentioned in the source of it (sat and sun) but when the page is viewed, even without the right name and p/w you cant view them.
P.S. I didnt test the code so hopefully it should work lol
mairving posted this at 23:26 — 19th February 2002.
They have: 2,256 posts
Joined: Feb 2001
Well, if for some reason PHP wasn't working, then you would see all the files as plain text. For connecting to a database, I usually create a config file that is in the root of my WebServer. This config file contains something like this:
<?php$basedir =\"/home/username\";
include (\"$basedir/config/dbconnect.inc\");
?>
Then in the dbconnect.inc file, I have all of my database info, username, password, dbname, dbtable. Since the root of the webserver is /home/username/public_html/, these can't be viewed from the web.
To make it clearer, here is the directory structure;
Webserver root - /home/username/public_html/
Config file - /home/username/public_html/config.inc
dbconnect file /home/username/config/dbconnect.inc
Works like a charm as long as you have
<?phpinclude(\"$DOCUMENT_ROOT/config.inc\");
?>
in all of your pages.
Mark Irving
I have a mind like a steel trap; it is rusty and illegal in 47 states
mjames posted this at 23:39 — 19th February 2002.
They have: 2,064 posts
Joined: Dec 1999
I've used both .js includes and server-side includes and I prefer SSI greatly. With .js, a good deal of people who have that disable won't be able to see large portions of your site. I would try to SSI as many parts as possible if you are going to use them so it means less work for you. There isn't much slowness as a result of using SSI, from what I have found.
On my site, I use about five or six different includes to make my life easier and they really do. Obviously, the easiest thing at the end would be to have a dynamic, DB-driven site, but SSI is the next best thing.
Save Hours with SSI: http://www.sitepoint.com/tribune/134/article27.php
AdamRSX posted this at 03:18 — 23rd February 2002.
They have: 11 posts
Joined: Feb 2002
I use ssi on about 375 or so car pages.... should I change to php? would it work better? it would involve a lot of changing tho
ROB posted this at 21:03 — 23rd February 2002.
They have: 447 posts
Joined: Oct 1999
not to mention the majority of those webservers also run an open source operating system, open source databases and countless open source utilities and applications.
Abhishek Reddy posted this at 23:21 — 23rd February 2002.
He has: 3,348 posts
Joined: Jul 2001
It depends really on your content and the rate of the site's growth.
If you're up to your neck in updating pages as their content changes regularly, then you'd be better off with PHP. If you have dynamic content, driven by a database and a PHP script, it'd be possible have an infinite number of pages to display. But SSI usually does the job if the content is static.
Also, if your site is growing, then you'd end up having to change more, should you decide to convert it to PHP later.
AdamRSX posted this at 23:50 — 23rd February 2002.
They have: 11 posts
Joined: Feb 2002
I only use ssi for the header and footer, so eveyrthing should be just fine.. you can use ssi infinitely, can't you?
Abhishek Reddy posted this at 03:50 — 24th February 2002.
He has: 3,348 posts
Joined: Jul 2001
Yeah, you can use SSI infinitely.
It'd be a good idea to make your nav an include too. Usually, it's that, headers and footers which are included. But as I said, whether or not PHP would be more useful depends mostly on your content.
Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.