Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Libraries & Helpers Vunsy, the websites kernel ( Beta phase )
Vunsy, the websites kernel ( Beta phase )
  • El Forum
    Guest
  •  
#21
09-21-2009, 04:06 PM

[eluser]Blaze Boy[/eluser]
[quote author="Phil Sturgeon" date="1253586949"]Why would you need the root username and password to be stored anywhere, you dont need to use them at all.

By configuring the file/folder permissions and ownership you can create, edit and delete files using the php/apache user which is considerably more secure than running under the root.

Seriously, I do not know any other systems that require root details unless they are doing some very advanced things. I don't believe your system is doing anything that justifies such a security risk.[/quote]
OK Phil do you have a tutorial or an atricle or a blog post to make the idea clear for me and learn how to implement it ?
  • El Forum
    Guest
  •  
#22
09-21-2009, 05:44 PM

[eluser]omar-303[/eluser]
I think Blaze Boy means by root is "Super Administrator Account" not the Server root account, But anyway i think you should make an installer where you can specify the Username and Password, and they should be stored in the database after encrypting the Password.
  • El Forum
    Guest
  •  
#23
09-21-2009, 09:05 PM

[eluser]Blaze Boy[/eluser]
[quote author="omar-303" date="1253594667"]I think Blaze Boy means by root is "Super Administrator Account" not the Server root account, But anyway i think you should make an installer where you can specify the Username and Password, and they should be stored in the database after encrypting the Password.[/quote]
yes i mean by root is the root of the site not the system root , it's the user that has all permission on the site ( the adminstrator .. the designer ... the developer ) not the linux root password

mmmmm, alright i was thinking in that al the time ( an installer ) but i miss the creativity ... i'm wating for a god gift of creativity,
oh, and Omar ... happy feast Big Grin
  • El Forum
    Guest
  •  
#24
09-22-2009, 03:11 AM

[eluser]Phil Sturgeon[/eluser]
Glad to hear that is not the system root. Might be worth changing the name of that. ;-)

It is still very insecure to store passwords in the file system as anyone with access to the codebase (developers, designers, etc) will be able to log in as the System Administrator. If its in the database and encoded nicely this will not be an issue.

Installers are not "uncreative" they are standard. There is a reason people have been making installers for decades and its not because they lack creative flair.
  • El Forum
    Guest
  •  
#25
09-22-2009, 03:35 AM

[eluser]Blaze Boy[/eluser]
[quote author="Phil Sturgeon" date="1253628711"]Glad to hear that is not the system root. Might be worth changing the name of that. ;-)

It is still very insecure to store passwords in the file system as anyone with access to the codebase (developers, designers, etc) will be able to log in as the System Administrator. If its in the database and encoded nicely this will not be an issue.

Installers are not "uncreative" they are standard. There is a reason people have been making installers for decades and its not because they lack creative flair.[/quote]

hehehe, don't miss understand me Phil, i'm saying that installer needs some creativity and I AM in lack of some creativity in the mean time ..
and hmmmmmm, i'll see about root password issue.
really thanks guys about feedback...
  • El Forum
    Guest
  •  
#26
09-22-2009, 03:42 AM

[eluser]omar-303[/eluser]
Can you make the user able to specify the password on the first-login? it's easy enough to implement. I meant an Installer because you will need it in the feature specifying DB-details,Selecting website languages etc..
  • El Forum
    Guest
  •  
#27
09-22-2009, 12:55 PM

[eluser]Blaze Boy[/eluser]
[quote author="omar-303" date="1253630528"]Can you make the user able to specify the password on the first-login? it's easy enough to implement. I meant an Installer because you will need it in the feature specifying DB-details,Selecting website languages etc..[/quote]
i'll make it Omar i think that's fair enough .... btw what's your opinion about vunsy in the mean time ? it's really important to me ( without flattery ) i need your technical opinion Big Grin
  • El Forum
    Guest
  •  
#28
09-22-2009, 06:47 PM

[eluser]Blaze Boy[/eluser]
Omar ... i've added installer ... yahooooooooooooooooooo
but still need to store admin password in database
  • El Forum
    Guest
  •  
#29
09-22-2009, 09:03 PM

[eluser]omar-303[/eluser]
Good Job :bug:
Couple of hours and I'll give you some more reviews Wink
  • El Forum
    Guest
  •  
#30
09-23-2009, 12:07 AM

[eluser]Jameson.[/eluser]
I'm sorry, Emad, in current distribution Vunsy may be flexible (didn't manage to get there yet), but it is not usable. After installation I logged in and tried to edit my newly created site:
http://img6.imageshack.us/i/vunsy.jpg/
What does this dialogue do and how to fill it, we may only wonder (tooltips are not helping)

Also, this kind of admin sitemap presentation does not appeal to me at all:
http://img28.imageshack.us/i/vunsysections.jpg/

I understand this is the work in progress, so good luck with further development.

P.S. Why not create a demo site upon installation, not just one page? You know, like the one you showcased.




Theme © iAndrew 2016 - Forum software by © MyBB