[Vtigercrm-developers] Vtiger Consistency and Security
Paul Rogers
prrogers at gmail.com
Fri Jul 20 05:59:29 PDT 2007
It is far more secure to move all possible files outside the website
root folder. For example, instead of storing "install.php" and "include"
in the public "vtiger" folder it is wiser to move all publicly visible
files (such as "index.php") to a "public" folder. Then the web-server
configuration can point to the "public" folder and the scripts there can
require or include the other files using a back reference "../" or the
absolute path of the needed files. Then it is impossible for outside
users to access sensitive files from the URL.
Vtiger's code also appears to be very inconsistent and messy. Editors
such as Kate and Jedit have options such as "Clean indentation" and
regular-expression search and replace which make cleaning the code
simpler.
--Paul
More information about the vtigercrm-developers
mailing list