Jump to content

Proposal to follow gmoore


Proposal to follow gmoore  

12 members have voted

  1. 1. Proposal to follow gmoore

    • Yes!!! Do it!
    • No way, that's just a mess
    • I don't care, stop asking!

Recommended Posts

Chainging too much of an engine could lead to future incompatibilities for the person doing it so, for example if you rename the directory modules with "mod" any modules relying in the previous structure will break and you will need to edit them by hand.

As I saw gmoore is thinking of (or already did?) change all admin modules directories and added an index.php file on each mod, I was wondering how I could try to help him in some manner.

My proposal would be that during the installation of the module, the directory of the module would be made somehow unique, like instead of admin_panel you would have admin_panel_56ae where the last 4 numbers are like a CRC of your license + the module name.

With such change each game install (with a different serial that's it) would have different modules directories.

That would have quiet some impact on the current code, and modules, but could be still done (as option) if you guys think it's of some value. Of course we could also add a default index.php files on each directory as well if you wish so :P

Let me know what you think.

Link to comment
Share on other sites

the .htaccess file at the modules directory level already prevent browsing of the directory. Only a couple of files (css, gif, png, jpeg) are viewable and only in a couple of modules. Personally I don't see the need for it, however as said, if you guys think it's something really useful I'm always open to debate it.

Link to comment
Share on other sites

Honestly, I appreciate the 'notoriety' but I am following some of the best practices I have used and been told to use before. I did not really expect the community to do what I do. I am however posting my ideas and comments, as I notice them, in the hopes people can benefit or ignore them. This may be ALOT of work and I want you focus on what makes the engine great. I willing to commit the time, I don't think you should have to. I work on the concept, trust nothing (even .htaccess, only because I don't trust a hosting company to mess with apache randomly). So I put several layers of things in there.

So I vote no, lol. But I REALLY appreciate you trying to help me!

(I won't even mentioned my rotating directory names concept, not implemented. Nor getting all code out of the web root directory. etc)


Edited by gmoore
Link to comment
Share on other sites

Every code may contain (and will contain) security issues, however parsed language like PHP tend to have yet more issues. Java and C# are a bit less sensitive to it. Also ASP.NET offers some good security tricks and practice which makes it in my opinion (I know Octarine will not agree) are already much better than PHP.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...