I have started coding ModCMS today. The first thing that I’m working on is the package manager. I have come up with a basic layout for the XML file that will contain information on the modules, I am also working with SimpleXML to create an interface to display the information.
Currently, no actual modules and components exist, so just random test modules are being used. The ModCMS package manager will require SimpleXML as well as the ability to access remote files.
UPDATE: I really don’t think that this is a problem anymore. I think that this is a rather silly post. Please ignore it.
This post assumes that you know a few things about Unix-based operating systems. You will need to know about su and sudo as well as what the root or superuser is.
Some people know this, and some people don’t. On Ubuntu-based systems, by default, the root user has a complex, randomly generated password and is generally not used. The idea is to have a “sudo-capable” user that is able to do root tasks with the “sudo” command. It allows you to be root for one command and requests your password instead of the root password. That way, the root password isn’t shared. If a virus attempts to use sudo, it meets a password dialog.
If you try to use su, which basically gives you the terminal of another user, you have to type their password. If you try to use su to be root, you would have to know the complex root password. This isn’t so if you type “sudo su”. That gives you the root terminal without requiring the complex password.
I think that this is a minor security flaw as it defeats the point of the complex random password that is set to the root user by default.
The PHP function debug_backtrace ( ); is very useful, but it can be dangerous. A beginning developer trying to find a bug on a production-line website might be inclined to use print_r ( ); to show what debug_backtrace ( ); returns, as it returns data in the format of an array.
The function print_r ( ); displays things directly into the screen. That may not be very wise for a production-line website. After a little thinking, I came up with a secure way to view backtraces. It’s an easy one-line piece of code that can be inserted into a PHP (5) script.
