I'm writing my all-out killer PHP app of a lifetime. (Aren't we all, these days?) When I release the product, I plan to do what's universally accepted as the right way to do this.
* Should I provide a database.sql file that permits one to create this database manually or should the web interface automatically detect it's not there and prompt the administrator to create it?
* If so, what API is normally accepted as the way to create that database from the PHP page?
* What PostgreSQL account username do you think I need to use from my PHP app? Stick with "root"? Use an account name that matches the name of the app? Use "apache"? Use "nobody"? I know this is nitpicking, but I just want my app to look like most everyone else's.
* Would you recommend creating multiple accounts that my app uses for different things, and giving different security rights for each?
Note that I was planning on making my app simple to install. It has very few dependencies. The idea is to be plug and play. You drop it on your Linux PHP server's web folders and then connect to it. It detects that it has never been used and asks you to assign an administrator password. Then, it prompts you with a web-based wizard on how to set the rest of the app up and configure it, and then take you into using the app. From there on out, end users can start using the app if they have a login account that was created in the app. Also, at any time, I can hit install.php and redo the installation again, including drop the previous database and start over.
Preferred PostgreSQL User Account For Code?
Moderator: General Moderators
- John Cartwright
- Site Admin
- Posts: 11470
- Joined: Tue Dec 23, 2003 2:10 am
- Location: Toronto
- Contact:
In my experience the most user friendly applications detect whether or not the install/ directory exists or not.. if it does then you either
- Advise the user to delete the folder and/or provide link to step by step installation
or simply
- Redirect to the installation page if it exists
I would not recommend allowing the installation files remain on a live server, simply because anyone can access the file and simply reinstall your application..
- Advise the user to delete the folder and/or provide link to step by step installation
or simply
- Redirect to the installation page if it exists
I would not recommend allowing the installation files remain on a live server, simply because anyone can access the file and simply reinstall your application..
-
supermike
- Forum Contributor
- Posts: 193
- Joined: Tue Feb 28, 2006 8:30 pm
- Location: Somewhere in the Desert, USA
Thanks for the tip. Sorry I couldn't read this sooner. This was good advice. Yes, I will need to somehow disable the install pages once the installation has been setup, and make a .conf file with a true false option that has to be physically edited and switched before the install pages work again.Jcart wrote:In my experience the most user friendly applications detect whether or not the install/ directory exists or not.. if it does then you either
- Advise the user to delete the folder and/or provide link to step by step installation
or simply
- Redirect to the installation page if it exists
I would not recommend allowing the installation files remain on a live server, simply because anyone can access the file and simply reinstall your application..