[Xerte-dev] Re: 1.9 thinking

[David Goodwin]

On 5 Jul 2012, at 09:14, Pat Lockley wrote:

> isn't it more secure to run with less rights?


Yes


> 
> Maybe when running update prompt for another password?
> 

You could.


> At Nottingham they wouldn't let web site accounts have certain rights full stop.
> 


Is XOT moving to use SQLite ? If so, the issue of rights becomes a non-issue.

David.


> On Thu, Jul 5, 2012 at 9:09 AM, David Goodwin <david at palepurple.co.uk> wrote:
>> It ought to be possible to catch that error, should it occur - and write something out to the user like :
>> 
>> "As of XOT version x.y the database user $db_user needs CREATE and ALTER rights to the $db_name database."
>> 
>> David.
>> 
>> 
>> On 4 Jul 2012, at 23:18, Pat Lockley wrote:
>> 
>>> Ok, this might cause a few curveballs as the documentation says the database.php account is select,insert,update,delete but no alter or create rights?
>>> 
>>> On 4 Jul 2012, at 22:57, David Goodwin <david at palepurple.co.uk> wrote:
>>> 
>>>> 
>>>> On 4 Jul 2012, at 22:30, Pat Lockley wrote:
>>>> 
>>>>> How do i add something to it?
>>>> 
>>>> Just add a new function at the bottom of 'upgrade.php' - increment the number each time -
>>>> 
>>>> i.e. function upgrade_1(), function upgrade_2(), function upgrade_3() etc etc.
>>>> 
>>>> The script checks the 'config' table each time it runs to know which was the last update applied.
>>>> 
>>>> If there are any functions defined with a higher number (E.g. upgrade_4()) then it'll run them in order, and update the config table afterwards.
>>>> 
>>>>> 
>>>>> Does site details need a "version" number?
>>>>> 
>>>> 
>>>> It already exists - in the 'config' table, which upgrade.php will create if it doesn't already exist.
>>>> 
>>>> thanks
>>>> 
>>>> David.

Pale Purple Ltd.  (Company No: 5580814)
'Business Web Application Development and Training in PHP'

http://www.palepurple.co.uk   
Office: 0845 0046746     Mobile: 07792380669 

Follow us on Twitter: @PalePurpleLtd