By Matt 2k views

Mahal CMS

A closed source content management system with extensive image privacy features.

Status: Stable.
Linux distro: Debian
Dependencies: Apache with mod rewrite, PHP 7+, cURL, JSON, 2 MYSQL Databases, SMTP Server, Laravel.


Built in Core PHP & Laravel, Mahal CMS started as a simple way to publish my photos & is now a full featured CMS with extensive privacy options.

Authors have full control over what they share on a page, where they share to & exactly how much of it they share.

Recent updates

  • Friday 15th December 2023 Fixed Facebook Oauth login/sign up
  • Thursday 19th May 2022 Adjust/fix "Sort Order" positioning glitch. Fix incorrect naming convention of images (image vs images) using $total_photos. Fix misaligned styles. Increase content font size. Fix invisible text in dark theme.
  • 10th April 2022 Made shortcut to save pages (CTRL+S)
  • 9th April 2022 Fixed minor security issue in tags. Made /tag/ 404 if it doesn't exist.
  • 8th April 2022 Shortened the private access request, auto generated URL.
  • 8th April 2022 Fixed broken contact form, upgraded security & added CC feature.
  • 8th April 2022 Used ENT_QUOTES to fix bug on edit page in admin.
  • 5th December 2021 Fixed bug where private pages are previewing on tags.
  • 4th Sept 2021 Fixed long words overflow causing mobile theme to break.
  • 1st Sept 2021 Fixed bug where related author suggestions were not displaying when "show padlock" setting is selected.
  • 23rd Aug 2021 Started work on automated root page categories.
  • 20th Aug 2021 Admin update: Redirection system no longer requires page ID (supports raw URLs). Included current redirects on page edit for convenience.
  • 11th Aug 2021 Re-wrote Private Link Share feature from old harcoded system.
  • 11th Aug 2021 Fixed map Zoom bug in Admin.
  • 10th Aug 2021 Made a check for numeric page ID's (not allowed)
  • 10th Aug 2021 Re-wrote maps function from old hardcoded system.
  • 2nd Jul 2021 Created URL redirection system. Old URL now redirects to new URL automatically.
  • 2nd Aug 2021 Upgraded page views readabililty. E.g 1000 views reads as 1k views, 1000000 views reads as 1m views.
  • 1st Aug 2021 Added ability for visitors to change sort order of photos. Authors can also select default sort order for their page.
  • 21st July 2021 - Fixed VPN detector
  • 20th July 2021 - Added honeypot to Contact form & made security challenge easier.
  • 19th July 2021 - created secure contact form that can be added to any page with a simple checkbox.
  • 10th July 2021 (Fix) Relaxed MYSQL table length rules.
  • Added MP3 file upload support & ability to stream/download MP3's from pages.
  • Created automated tag system, e.g
  • Modified routing behavior for certain 404 errors
  • 2019

    Saturday 2nd March
    • Fixed modal display issue when trying to log in on dark theme.
    • Started designing logo's for my other website.
    • Began converting flat file database to MYSQL.
    • Began developing front-end Admin.
    • Display count of images in all galleries.
    • Added private galleries for users with permission (i.e family/friends).
    • Abandoned the Blog due to starting other projects.


    Tuesday 18th December
    • Fixed incorrect mathematical caclulation which caused focal length to display incorrectly.
    • Rounded focal length (up) to nearest whole number.
    • Fixed bug in horizontal navigation which caused display issues when 3 folders deep.
    Wednesday 15th Aug (night)
    • Upgraded old photo galleries to new theme.
    Wednesday 15th Aug
    • Added a check for duplicate time entries before inserting Location data.
    • Added a convenience link to Locations for users with permission.
    • Changed back to getCurrentPosition() as watchPosition() seems to create duplicate entries.
    • Locked down /members while under development.
    Tuesday 14th Aug
    • Changed from getCurrentPosition() to watchPosition() which seems to greatly improve GPS location accuracy. Note: Doesn't apply to Wi>
    • Changed photo gallery rows & sizes to be calculated by PHP.
    • Added the ability to set gallery row count manually per page.
    Friday 10th - Saturday 11th Aug
    • Added ability to see time spent at a Location.
    • Added reliable way to get country of a user in Locations.
    • Changed the way time updates are ordered to stop conflicts.
    • Updated Map views (Today, Yesterday & All) to show time spent at location & corrections to address when you click the marker.
    • IP address is now visible on Dbase page. Note: Only for Desktop users.
    • Updated styles.
    • Made Send button instead of detecting location automatically & added delay before refresh.
    Monday 6th Aug
    • Fixed duplicate entries bug in Locations.
    • Changed from UNIX Time as an ID to AI ID for Locations.
    • Added the ability to manually enter address/location if detection is inaccurate.
    Sunday 5th Aug
    • Re-wrote Javascript calls for Locations:
    • Improved API calls for Country where data is sometimes stored in weird feilds.
    • Added a fall back so if country is not detected, it won't crash.
    • Made Locations wait for the Google response before sending blanks to the database.
    • Updated "Database (All)" page in Locations to show a ID number to assist with troubleshooting specific false detections.
    • Added street view link to "Database (All)" page.
    Saturday 4th Aug
    • Upgraded Locations from PHP5 to PHP7. Changed to MYSQLi.
    • Made PHP7 the default for the Server.
    • Updated old private pages to be compatible with PHP7.
    Friday 3rd Aug
    • Simplified the way Locations make API calls to Google to increase reliability.
    • Updated styling.
    • Adjusted Zoom preset for [Map] & [Satellite].
    • Changed from password protected directories to Laravel authentication on all private pages.
    • Added Phone/Mobile detection to Locations.
    Thursday 2nd Aug
    • Signed up for Google Premium Developer Account to continue using Google Maps API.