[PHPTAL] Cache / Compilation behavior
Iván -DrSlump- Montes
drslump at pollinimini.net
Thu May 8 11:43:27 CEST 2008
What about using an .htaccess to deny access on the output directory?
In the ideal case scenario it should be outside the document root of
the web server (not accessible from the internet).
Iván
On Thu, May 8, 2008 at 11:09 AM, Kornel Lesinski
<kornel at aardvarkmedia.co.uk> wrote:
> On Thu, 08 May 2008 02:43:45 +0100, Brice Burgess <bhb at iceburg.net> wrote:
>
>
> > Having users set proper permissions on a "working" directory crosses
> eyes... let alone the introduces the possibility of a security risk as "777"
> is the lowest common denominator here!
> >
>
> 0700 is the lowest, if you make this directory owned by web server process.
>
>
> If you're very concerned about having PHP files writeable, you can force
> PHPTAL to compile everything beforehand (e.g. in Makefile or install script)
> and then make these files read-only, e.g.:
>
> foreach($all_template_files as $file)
> {
> $phptal->setTemplate($file);
> $phptal->prepare();
> chmod($phptal->getCodePath(), 0400);
> }
>
> but I don't recommend this, because PHPTAL will panic if you later change
> source files and it won't be able to recompile them.
>
> --
> regards, Kornel
>
>
>
> _______________________________________________
> PHPTAL mailing list
> PHPTAL at lists.motion-twin.com
> http://lists.motion-twin.com/mailman/listinfo/phptal
>
More information about the PHPTAL
mailing list