Menu
▾
▴
Re: [PHPiCalendar-DEV] adding interface to upload new calendars - design discussion
|
From: Chad <ch...@ch...> - 2003-03-27 01:31:00
|
I would say most are not using webdav actually, and pretty much all can use ftp. -C On Wednesday, March 26, 2003, at 04:49 PM, blaine wrote: > On Wednesday, Mar 26, 2003, at 14:44 America/Vancouver, Mike Traum > wrote: > >> there will be only one user/password, which is configured in >> config.inc.php. afaik, this is a slight security problem, in that if >> something goes haywire with the server, it's possible that the text >> of config.inc.php could be obtained. That being said, it's the >> simpliest and I think sufficiently secure. >> >> Comments? > > I think an admin panel is a great idea; however, since most > phpicalendar installations will be using webdav, and therefore already > have some sort of Apache Basic (or digest) authentication enabled, it > would make more sense to use that (i.e., use the $REMOTE_USER > variable) --- perhaps a list of users who are allowed access to the > admin panel. > > Of course, there could always be an override password --- a username > isn't necessary. But in any case, it would be nice to be able to turn > this off, since it's always better to store passwords apart from the > web server's gaze than close to it ;-) > > b. > > > > ------------------------------------------------------- > This SF.net email is sponsored by: > The Definitive IT and Networking Event. Be There! > NetWorld+Interop Las Vegas 2003 -- Register today! > http://ads.sourceforge.net/cgi-bin/redirect.pl?keyn0001en > _______________________________________________ > Phpicalendar-devel mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phpicalendar-devel |
