cms
Health Uyari
- License — License: NOASSERTION
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Low visibility — Only 6 GitHub stars
Code Basarisiz
- rm -rf — Recursive force deletion command in bin/build.sh
- rm -rf — Recursive force deletion command in bin/prepare-release.sh
Permissions Gecti
- Permissions — No dangerous permissions requested
This is a modern, flat-file content management system (CMS) and Model Context Protocol (MCP) server for PHP. It uses JSON storage instead of a traditional database to manage website content and provides a REST API along with AI integration capabilities.
Security Assessment
The tool poses a Medium overall risk. It does not request explicitly dangerous permissions, and no hardcoded secrets were detected. However, the automated scan flagged the presence of recursive force deletion commands (`rm -rf`) inside build and release scripts (`bin/build.sh` and `bin/prepare-release.sh`). While these commands are typically standard practice for cleaning up directories during local development or packaging, they still execute shell commands and should be reviewed to ensure they cannot be maliciously manipulated. As a CMS, the platform inherently handles sensitive data, including user-generated content, flat-file JSON storage, and REST API authentication.
Quality Assessment
The project appears to be actively maintained, with its most recent code push occurring today. The license is marked as "NOASSERTION," though the documentation explicitly states it is commercial software requiring a paid license for production use. Despite the active maintenance, the tool suffers from very low community visibility and limited trust metrics, having accrued only 6 GitHub stars.
Verdict
Use with caution: although the project is actively maintained, the low community adoption, unasserted automated license detection, and potentially destructive shell commands in the build scripts warrant a manual code review before integrating.
A modern, flat-file CMS for PHP — no database required. JSON storage, Twig templating, REST API, full admin interface, and AI-ready with MCP integration.
Total CMS
A modern, flat-file Content Management System for PHP
Website • Documentation • Pricing
About
Total CMS is a powerful content management system built on PHP 8.2+ and the Slim 4 framework. It uses flat-file
JSON storage instead of a traditional database, making it simple to deploy and maintain.
- No database required — content is stored as JSON files
- 13 built-in collection types — blog, image, gallery, file, and more
- Custom collections — define your own content types with JSON schemas
- Twig templating — with 40+ custom filters and functions
- RESTful API — full CRUD with authentication
- Admin interface — form builder, data tables, media management
- CLI tools — manage content, run imports, and clear caches from the terminal
Requirements
- PHP 8.2+
- Composer 2.0+
- Apache or Nginx with URL rewriting
- PHP extensions: GD or ImageMagick, JSON, Fileinfo, OpenSSL
Installation
composer create-project totalcms/totalcms mysite
cd mysite
Point your web server's document root to the public/tcms/ directory, then navigate to /admin to complete setup.
For detailed installation and web server configuration, see the Installation Guide.
Twig Templates
{% set posts = cms.blog() %}
{% for post in posts %}
<article>
<h2>{{ post.title }}</h2>
{{ post.content|markdown }}
</article>
{% endfor %}
See the full Twig documentation for available functions, filters, and tags.
CLI
Total CMS includes a command-line tool for common tasks:
vendor/bin/tcms cache:clear
vendor/bin/tcms import:csv blog data.csv
vendor/bin/tcms jumpstart:export backup.zip
Documentation
Full documentation is available at docs.totalcms.co.
Support
License
Total CMS is commercial software. A license is required for production use. See LICENSE.md for terms.
Free 45-day trials are available — no credit card required. Visit totalcms.co for details.
Yorumlar (0)
Yorum birakmak icin giris yap.
Yorum birakSonuc bulunamadi