On Jan 22, 2008 3:57 PM, Jason Pruim <japruim@xxxxxxxxxx> wrote:
> Hi everyone,
Hi, Jason!
> Been doing some reading on security and have decided that I should be
> storing my include files outside of the document root... Which I
> understand how to do it, but what I'm wondering, is say I write the
> Next Killer App (tm). How would I port that code easily off of my
> server and put it into a downloadable file for the millions of people
> who will download and run the Next Killer App (tm)?
Absolutely. It's called a README file. Lots of well-designed
applications keep the includes out of the web root, as they should.
They're just included in a directory in the tarball, zip file, or
whatever is being used to package and distribute the code, with
installation instructions in the README or INSTALL file (or a similar
counterpart).
> Err... That doesn't make it very clear...
Yes it did. Leave it alone, it'll grow.
> Is there a program for
> Macintosh or Unix that I could use to grab all the source code from
> where ever I have it set? Or would I need to make my own? Or should I
> just quit being lazy and grab it my self? :)
There's always SVN and CVS for file structure and system
architecture, but a zip file or tarball would suffice. And you
certainly don't want them downloading the files from the actual
location on your server, since that defeats the purpose of placing
them outside of the web root.
Just one example of this is how WHM AutoPilot handles the
situation. There's a database directory named mib_data that is
included in the zip file with all of the web files. The
README/INSTALL document tells you to place that folder outside of the
web root (for example, if on a cPanel or same-structure server, make
it ~/mib_data/). Very easy to understand and deploy.
--
</Dan>
Daniel P. Brown
Senior Unix Geek and #1 Rated "Year's Coolest Guy" By Self Since
Nineteen-Seventy-[mumble].
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
