[Vtigercrm-developers] Vtiger Consistency and Security
jorge.torres.maldonado at gmail.com
Fri Jul 20 15:51:30 PDT 2007
Should'nt it be somethig more like adding at the beggining of any file
and a first general header file general.php only containing:
So main files such as index are the only ones including general.php
Well, thats just one idea,
On 7/20/07, Paul Rogers <prrogers at gmail.com> wrote:
> It is far more secure to move all possible files outside the website
> root folder. For example, instead of storing "install.php" and "include"
> in the public "vtiger" folder it is wiser to move all publicly visible
> files (such as "index.php") to a "public" folder. Then the web-server
> configuration can point to the "public" folder and the scripts there can
> require or include the other files using a back reference "../" or the
> absolute path of the needed files. Then it is impossible for outside
> users to access sensitive files from the URL.
> Vtiger's code also appears to be very inconsistent and messy. Editors
> such as Kate and Jedit have options such as "Clean indentation" and
> regular-expression search and replace which make cleaning the code
> Reach hundreds of potential candidates - http://jobs.vtiger.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the vtigercrm-developers