Re: [amfphp] Welcome again

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hi,

To start, I just changed the lists' parameter; the "reply" should now go to
the list.

1) For coding standard I agree on PEAR. It's not the most beautifull
standard and with my java-background, it's not what i am used to, but let's
do it...

2) Segregation and having multiple gateways is very important to me. I like
to have several gateways for each "project/customer" it's own gateway. The
"registration" of handler classes gives a clear view on what can be done
with it. As an addition, you can create methods to describe the services to
the outside world (compare to ?wsdl in the Webservices paradigm, for
example: http://www.cosme.nu/services/dns.php?wsdl). In this way, a
developer knows what calls he can do. You can also do this by "scanning"
each directory for PHP-files with a given signature, but from my
java-background, the first one is cleaner.

3) The registration makes the implementation of the server-component, needed
for the "Service-browser" (see also C:\Program Files\Macromedia\Flash
MX\Help\Flash\serviceBrowserHelp.htm" much easier

Klaasjan

----- Original Message -----
From: "Justin Watkins" <ju...@24...>
To: <amf...@li...>
Sent: Tuesday, January 28, 2003 8:28 AM
Subject: Re: [amfphp] Welcome again

> I think the first thing we should do is agree upon some standards, code
> and documentation.
>
> I'm ok with any guidelines but, i happen to prefer code standards with
> more white space.  As for documentation, I'm willing to do a ton of
> writing and have no preference to a specific format.
>
> I'm still kind of new to the php world so I don't know what the most
> common tools, formats, standards tend to be.
>
> And to Klaasjan, I'd really like to hear what makes registering the
> service with the gateway more secure.  The only scenario that I can
> even imagine is that if you have multiple gateways setup under the same
> web root, you can restrict certain classes to certain gateways which
> really isn't much of a form of security more like a segregation.  I
> would argue that this approach is a crutch for a lack of better
> seperation.  I'm not saying kill that feature, just trying to
> understand where you are coming from so I can have a better idea.
>
> Security is something that we want to be concerned with.  MM didn't
> really get it right.  Java in a shared hosted environment is dangerous,
> especially java with escalated privilages running as an admin account
> as most NT CF machines are.  Did you know that you can grab the
> coldfusion amininistrator password in clear text of any cold fusion
> server that you have access to (prior to the latest update they say,
> but I haven't verified).  Well if that isn't the kicker you can even
> change the password without ever having to supply any credentials.
>
> Justin
>
>
>
> -------------------------------------------------------
> This SF.NET email is sponsored by:
> SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
> http://www.vasoftware.com
> _______________________________________________
> amfphp-general mailing list
> amf...@li...
> https://lists.sourceforge.net/lists/listinfo/amfphp-general
>