Menu
▾
▴
RE: [Phpwebsite-developers] Ideas for current phpWebSite version
|
From: Geoff S. <ge...@ho...> - 2001-04-15 01:29:28
|
Jason: Right now the config.php file is in the phpwebsite directory. On my servers that is the public directory which is also the home directory. The owner of the website has ftp access to their home directory and therefore to the phpwebsite directory (since they are the same directory). They can fry their phpwebsite installation if they want to. But, I want to protect their data. On some of my hosting contracts, the owner manages the website, but, I manage the database. So, I don't want the website owner to have access to the database userid and password. In that situation, I need to put the config.php file in a different directory so that the website owner can't obtain the database userid and password. Jason said: If a user has FTP access, you should have them locked down to not being able to get out of their own directory. If thats what you were talking about. I've got my Freebsd server locked where only my account can SSH in, no one can telnet. Users can ftp but they are chrooted into their home directory and can't get out of it. Not sure if thats what your talking about but thats how I have mine setup...no one will ever view mine... Geoff said: > Are we going to put the database prefix variable update into the next > release? > > Also, I have one more suggestion: > > I'd like to see the config.php file addressed via a variable so that it > can be placed somewhere other then the main phpwebsite directory. > > There's actually a good reason for this: It contains database userids > and passwords. I'd like to put the config.php file elsewhere so that if > a use has ftp access, they still can't get to the config.php file and > to the database Userid and password. > > Geoff > > > > -----Original Message----- > From: php...@li... > [mailto:php...@li...]On Behalf Of > Brian W. Brown > Sent: Friday, April 13, 2001 2:22 PM > To: php...@li... > Subject: Re: [Phpwebsite-developers] Ideas for current phpWebSite > version > > >> 1) Moving all the plugin admin files under the admin directory and >> under that either have just one directory "plugins" or have "plugins" >> and then a sub directory for each plugin. Either way works for me. I >> think this is > a >> MUST before we can declare a final 1.0 sometime in the future. > > Hmmm... not sure about this. Please discuss this with Matt and Adam and > see what > they think. > >> 2) Moving all the admin files that are in the main installation >> directory under the admin folder to get that all cleaned up. > > Yes. > >> Also, once the calendar is made a plugin, we can remove all the extra > files >> in the main installation directory for that also.... > > And yes. > >> We just have way too many files in the main installation directory and >> I think it needs cleaned up anyone agree with me on this??? > > Talk to Adam about this, I tend to agree, but discussion will need to > occur in > regards to where to consolidate. > >> I'm willing to do all the work on this but I didn't want to start >> doing it until it was decided by the group. > > Thanks for the offer. Everything is fine by me as outlined above. > > -- > Brian W. Brown > Internet Systems Architect, ESS > Student Development > Room 269, John Thomas Hall > Appalachian State University > Boone, NC 28608 > > vox: 828-262-7124 > fax: 828-262-2585 > > > _______________________________________________ > Phpwebsite-developers mailing list > Php...@li... > http://lists.sourceforge.net/lists/listinfo/phpwebsite-developers > > > > _______________________________________________ > Phpwebsite-developers mailing list > Php...@li... > http://lists.sourceforge.net/lists/listinfo/phpwebsite-developers Jason Campbell Xplozive Media Technologies www.xplozivemedia.com phpWebSite Developer _______________________________________________ Phpwebsite-developers mailing list Php...@li... http://lists.sourceforge.net/lists/listinfo/phpwebsite-developers |
