Holy $#@!, this lets anyone edit my website!
Yes it does. This is a feature, not a bug which enables you to add wiki-style editing to sections of your website.
NOCMS just overwrites the content on the page, how do I get content changes to render from my site for crawlers and SEO purposes?
NOCMS.org has an API that you can use to pull the changed content and update your pages locally. A backend script can be written in just about any programming language, but how it updates pages is largely dependent on your specific backend platform or CMS.
How can I secure the editing features to just my staff?
- Implement persistent changes to your website via our API (see previous question)
- Add a variable nocms_site = 'yoursitename-SECRETHASH' before the nocms.js script line AND to the server-side content update component
- Only render the nocms.js tags when a user who is authorized to make changes is viewing the site (or a staging site with the same nocms_site key
The Ruby-Sinatra demonstration application shows a basic security scheme - it only displays the editor when a user is accessing the site via a 'localhost' URL AND the server is not running in production. This enables editing of content from any developer machine or staging environment (with a simple tweak) but not on the production version of the site. Changes made from 'localhost' are saved at nocms.org and cached on the production server when they change.
I want to implement persistent changes on my website and add security. Is there a library for [insert your language/platform here] that allows me to do that?
There just might be. We are looking to the open source community to build server-side helpers for nocms.org. To help get started, we built the first library for Ruby. Here is a list of other platforms we would like to see supported and download links where applicable:
Did you build another nocms.org client? Let us know firstname.lastname@example.org
I already have jQuery in my page layout, do I need to include it again?
No. However, jQuery 1.4.2 or greater is required.
What is the nocms.org API?
What CAN'T I do with NOCMS?
- You cannot layout your pages with NOCMS - only simple page elements like <DIV> are editable
- You cannot create or delete pages with NOCMS - although NOCMS will be enabled on dynamically created pages if they exist
- Use nocms.org for private or personalized content. The site does NOT support HTTPS or have very many security features. It is designed for the same public content that is available over the web, nothing more.
What CAN I do with NOCMS?
- Enable editing of virtually ANY website, even static ones
- Edit in-page with What You See Is What You Get (WYSIWYG) rendering
- Enable site changes without deploying any new storage - api.nocms.org manages your content for you
- Upload images via imageshack for display on your pages
- Synchronize changes made via nocms.org with your backend CMS via our API
- Enable clients to easily tweak parts of their site without your involvement
- Design and test landing pages quickly and easily
What features might NOCMS add in the future?
- NOCMS.org may provide user accounts and authentication so that you can manage which users get to edit content and which just see the updated content on the page.
- We will work with the community to build more nocms.org 'clients' and have native support for many popular CMS's such as Wordpress, Drupal, Joomla, etc, etc, etc.
- We might enable you to address sections of the page other than elements with IDs - possibly including metatags, titles, etc.
- We might support wildcards in paths - so you could assign content to all #sidebars whose path is /products/*
- il8n Localization
- Handle change conflicts including allowing revert functionality - currently last-write wins