Sign in sheet website

I spent way too much time tonight putting together a sign-in sheet website, called, generically enough Sign-in Sheet.

It took around 5 or 6 hours to make, and used a lot of canned resources, like Bootstrap and Bootswatch, Add This, Google Analytics, Google Adsense, and Mailchimp. This kind of dev is fun - lots of reward for not much work. The image is from Wikimedia Commons. The forms were done in LibreOffice Writer. It's not getting any kind of page ranking at all, but it's new.

There's no CMS. It's a front controller, and an .htaccess file copied from WordPress. These rewrite rules basically deliver the requested file, and any potential file-not-found errors are routed index.php in the root. Here's the .htaccess file:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /

RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

Options -Indexes 

The index.php file acts as a "router", and also does the basic layout. Here's the code:

$path = $_SERVER['REQUEST_URI'];

$page = array();
$page['heading'] = "Sign-in Sheet";
$page['description'] = "A free repository of common sign-in sheets and business forms for your company, organization, church, faith organization, or club.";
$page['keywords'] = "free, sign-in sheet, business forms, openoffice, open office, libre office, pdf";
$page['geo.placename'] = "Los Angeles, California";
$page['geo.region'] = 'US';

// now pick a page to load
switch($path) {
  case '/sign-in-sheet-appointment/': $file = 'tpl/AppointmentSignIn/index.txt'; break;
  case '/sign-in-sheet-email-list/': $file = 'tpl/EmailListLetter/index.txt'; break;
  case '/sign-in-sheet-meeting/': $file = 'tpl/EventSignIn/index.txt'; break;
  case '/sign-in-sheet-timesheet/': $file = 'tpl/TimeSheet/index.txt'; break;
  case '/sign-in-sheet-visitor/': $file = 'tpl/VisitorSignInSheet/index.txt'; break;
  case '/sign-in-sheet-sports/': $file = 'tpl/YouthActivitySignInSheet/index.txt'; break;
  case '/printers/': $file = 'pages/printers.txt'; break;
  case '/contact/': $file = 'pages/contact.txt'; break;
  default: $file = 'pages/index.txt'; break;

$parts = explode( '/', $file );
$templatePath = '/'.$parts[0].'/'.$parts[1];




Determining $templatePath is kind of ugly, unfortunately, but the rest of it is pretty clean and safe.

The only important thing to notice is that the URI path is not concatenated into the value of $file. We don't take external input and put it into our internal variables. Doing so is a potential security hole because we include $file.

Instead, we use the switch statement to isolate the input from the internal values.

So, it's safe to calculate $templatePath from $path, and include $file.


The main improvement to make is to break out the switch statement into another file, so it can grow to be a lot larger. Also, instead of adding the index.txt to each, set either a path or file, and guess the type of data. We have pages, or we have a directory with some templates, and index.txt, and other metadata.

This also needs a tool to generate the menus.

With these changes, it would be easy to make this a 100+ page site, without too many hassles.

Would it compete with Vertex42? Probably not. They're really good.