PHP Developers Network
http://forums.devnetwork.net/

Site Settings (Location)
http://forums.devnetwork.net/viewtopic.php?f=34&t=133048
Page 1 of 1

Author:  Hermit TL [ Thu Nov 24, 2011 9:52 pm ]
Post subject:  Site Settings (Location)

I'm looking for everyones opinions of where they prefer to store site settings. (Everything from sensitive settings, to what theme a user has selected.) Cookies, Text File on Server, MySQL database, ect.

In addition to providing your preference of where and how your store site settings; explain why; and include security advantages/disadvantages. (Thank you in advance for your time.)

Author:  s.dot [ Fri Nov 25, 2011 12:09 am ]
Post subject:  Re: Site Settings (Location)

I'm not sure I do it in the most secure way, but..

I place non-login (NOT email, database, etc info) details in a database row in it's own table. It's often in the main database that all the other queries go to. Thinking about it, I should place it in a separate database with a separate database login.

I either hardcode the login and extremely sensitive data in a regular .php file above document root in an ini file above document root. Occasionally I have hardcoded these values into an include file (such as a dbconnect.php).

Author:  maxx99 [ Tue Nov 29, 2011 5:03 am ]
Post subject:  Re: Site Settings (Location)

For all environment dependent configuration I use ini files (easy Zend Framework way :) )
Example:
Syntax: [ Download ] [ Hide ]
[production]
phpSettings.display_startup_errors = 0
phpSettings.display_errors = 0
includePaths.library = APPLICATION_PATH "/../library"

[staging : production]

[testing : production]
phpSettings.display_startup_errors = 1
phpSettings.display_errors = 1

[development : production]
phpSettings.display_startup_errors = 1
phpSettings.display_errors = 1

[general]


For general application configuration (which sometimes can be set from config planel i use XML files. Easy to handle generic setters and getters e.g. $config->getUserTimeout(); or $config->setUserTimeout(); when we have <UserTimeout>22</UserTimeout>. Really easy to maintain.

All user related stuff i keep in DB - in most cases in one DB with the rest of data.

Page 1 of 1 All times are UTC - 5 hours
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/