Hello,
I have been asked to build a website for my government and they want to be able to manage the information content on it. Now i am new to xml but would like to experiement with it and build an xml driven site. I am asuming that they do not have any html knowlege so i am thinking about createing and online a content editor that will create xml web pages.
Now i have 2 questions
1. What kind of a security risk can this cause as in instances like this create pages requires me to have umask(0777) which means anyone can access it. What other measures can i use within this method of approach to provide more of a security. Note that the information is not of such a sensitive nature but i dont want no mishaps none the less(would be embarrasing rather than a national security breach).
2. Now i could have gone the normal route and did a database content driven site but i would like to present the xml as a smaller economical option for the purpose of being able to create web page content and probably use the database for a more large scale purpose like if the wanted a forum or some backend storage info facilitiy or collecting data etc.. However i am going to present to options.
For the type of task and the simplicity at the moment for the website im thinking to go XML i have heard that you can use xml and mysql together however i havent found sufficient information on using it any point in the right direction wud be appreciated.
I have ever done a database "content" driven site before so any other advice on would also be good...im researching it as well
'
Kendall
Building an XML based website
Moderator: General Moderators
- Christopher
- Site Administrator
- Posts: 13596
- Joined: Wed Aug 25, 2004 7:54 pm
- Location: New York, NY, US
1. The only problem with 777 type permissions is if someone other than you gains access to the system (ssh,FTP,etc.). Then they can overwrite the file. If you set write permissions to a specific user or group then someone gaining access to the system would need to also need access to specific accounts as opposed to anonymous FTP or the webserver user (nobody).
2. In PHP, XML is probably better as a source format that is converted into a database or PHP code. XML is slower to initialize and search than the other options. I don't think many people would consider XML simpler that other methods.
2. In PHP, XML is probably better as a source format that is converted into a database or PHP code. XML is slower to initialize and search than the other options. I don't think many people would consider XML simpler that other methods.