[geeklog-devel] Brainstorming: Admin Toolbox?
Tony Bibbs
tony at tonybibbs.com
Mon Jul 12 16:40:50 EDT 2004
Dirk Haun wrote:
>Gentlemen,
>
>I see a need for a set of scripts to do maintenance tasks and such (for
>example, I just wrote a tiny script that does an OPTIMIZE TABLE on all
>the tables). It would be nice if there was a simple way to plug these
>sorts of scripts into Geeklog without having to make them full-blown plugins.
>
>Ideally, I would like to be able to just drop my script into some
>predefined location and have Geeklog pick it up automatically. An admin-
>only plugin "lite", so to speak.
>
>I could imagine a link, say, "Site Maintenance" or "Admin Toolbox" (Hi
>Tom), in the Admin block, which then presents a list of all the availble
>mini-plugins (with a short description?).
>
>
K, I think an simple interface should be implemented. Also, I'm a bit
partial to an OO-design so how is this as a stubbed out class:
<?php
class GeeklogScriptlet {
var $_author = null;
var $_shortDesc = null;
var $_longDesc = null;
var $_version = null;
function userCanRunScript()
{
if (!SEC_inGroup('Root')) {
return false;
}
return true;
}
function GeeklogScriptlet()
{
$_author = 'John or Jane Doe';
$_shortDesc = 'Short Description goes here';
$_longDesc = 'Long Description goes here';
}
function getAuthor()
{
return $this->_author;
}
function getShortDesc()
{
return $this->_shortDesc;
}
function getLongDesc()
{
return $this->_longDesc;
}
function getVersion()
{
return $this-_version;
}
function runScript()
{
// All the work of the script goes here.
}
}
?>
>I'd like this to be
>- easy to install (one file per mini-plugin, one location)
>
>
Using the class above, you could put all scripts in one directory
outside the webtree or in a database. Then you would create an main
admin page e.g. /admin/runScriptlet.php?name=GeeklogScriptlet.
Naturally the class above is meant to be abstract so people would
inherit from it and change as needed. This
will allow the security to be done once, etc.
My vote would be to put the contents of the script in a database to
avoid permission issues on the files. Plus by doing this we do advanced
security checks. For example, given this sort of stuff can potentially
do harm, we should notice if this is the first time the script has been
called and ask if they are sure they want to enable the script. We
should also give them a chance to review the code at that time.
--Tony
More information about the geeklog-devel
mailing list