Please describe some of the security measures you take to keep users from taking over the site. I'd be very afraid to use something like this on my site. Do files get put in an odd-named directory of your choosing so people will not know where their files go until they are approved? Is there even approval for files?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Right now, security can be as loose or tight as the admin wishes... for the most part... There are a few things I could do... like parse the user's entries or periodicly check for suspicious stuff. The File Manager will not let a user touch files out of their work area, which is a plus, but on the down side, there is no filtering of content. They could put some nasty things out there.
Currently, there is no approval for submission.
I would appreciate your (or anyone's) comments on tightening the security on this.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
If the server is protected that's all I would want... not submission approval. I like submission approval on news, announcements, and articles, but User Pages are (pesumably) to be viewed only by other registered users who will provide plenty of feedback if there is a negative site... xxx or hate or such. phpWebSite has an almost perfect UserPage application. How's the security there?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Please describe some of the security measures you take to keep users from taking over the site. I'd be very afraid to use something like this on my site. Do files get put in an odd-named directory of your choosing so people will not know where their files go until they are approved? Is there even approval for files?
Right now, security can be as loose or tight as the admin wishes... for the most part... There are a few things I could do... like parse the user's entries or periodicly check for suspicious stuff. The File Manager will not let a user touch files out of their work area, which is a plus, but on the down side, there is no filtering of content. They could put some nasty things out there.
Currently, there is no approval for submission.
I would appreciate your (or anyone's) comments on tightening the security on this.
If the server is protected that's all I would want... not submission approval. I like submission approval on news, announcements, and articles, but User Pages are (pesumably) to be viewed only by other registered users who will provide plenty of feedback if there is a negative site... xxx or hate or such. phpWebSite has an almost perfect UserPage application. How's the security there?