[geeklog-devel] Todo List for 1.5.0 release?
oliver at spiesshofer.com
Wed Oct 10 02:55:02 EDT 2007
I see what you mean. It could be an option. However, I rather build more
checks into the install script.
There can be tons of checks for existing directories, proper paths etc
that can be done to make sure that the data entered is correct. That
would eliminate the need for such a file and make it even more user
friendly and also more secure.
Joe Mucchiello wrote:
> At 12:24 AM 10/10/2007, Oliver Spiesshofer wrote:
>> I dont know what has been tested. The general issue with failed
>> installs and the necessity of going into the DB and amending things
>> here is the only drawback of the config system. The problem is with
>> the issue you had, that the rescue screen has to be saved somewhere
>> in a php file. If the folders are wrong, you wont find that either,
>> or the file will not find the db_configs to make changes.
> My thought was there would be a file:
> public_html/admin/install/rescue.php. The user can't follow a link but
> they had to get to the install.php file so they should be able to type
> in the rescue url.
> When you hit that url, it lets you modify some key config settings. It
> would be a big security hole, obviously. But geeklog already tells you
> to delete the install directory when install is complete. So it isn't
> that big a hole.
> Joe Mucchiello
> Throwing Dice Games
> geeklog-devel mailing list
> geeklog-devel at lists.geeklog.net
More information about the geeklog-devel