[csw-maintainers] Subversion on bender
Ben Walton
bwalton at opencsw.org
Sat Jul 25 03:24:04 CEST 2009
Excerpts from Philip Brown's message of Fri Jul 24 17:55:50 -0400 2009:
> sorry, misunderstanding. I thougth you meant "the PASSWORDS for database
> access, would be in a separate, non-checked-in file".
That's exactly what I meant. I'll be creating a file called
includes/dbconfig.php. This file will contain the host, database,
user and password info used for the connection to mysql. All files
accessing the database will then include this file. It's extra
overhead, yes, but completely negligible.
This new file won't be checked into the vcs and would need to be
created manually by anyone hacking on this stuff outside of the live
web tree.
Once this info is removed from each file and SQL queries are audited
for simple goofs (made easier by some braindead choices the php devs),
everything should be 'ready to go.'
On a different note, I'd like to propose a group called cswweb (or
similar) on bender with membership reflecting all those who've
expressed interest in modifying web content. The htdocs (and maybe
cgi-bin?) files for the opencsw vhosts should then be made chgrp
cswweb, chmod g+w. As it stands now, I'm not able to actually make
any of these changes.
-Ben
--
Ben Walton
Systems Programmer - CHASS
University of Toronto
C:416.407.5610 | W:416.978.4302
GPG Key Id: 8E89F6D2; Key Server: pgp.mit.edu
Contact me to arrange for a CAcert assurance meeting.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.opencsw.org/pipermail/maintainers/attachments/20090724/ea21a8f1/attachment-0002.asc>
More information about the maintainers
mailing list