Re: Security fix that started all this

["Joshua D. Drake" <..hidden..>]

Jason Rodrigues wrote:
> On Friday 08 September 2006 16:07, Tony Fraser wrote:
> > On Fri, 2006-09-08 at 15:43 -0400, Christopher Murtagh wrote:
> > >  The plan is to move all the files in users/ into a central database,
> > > and the same for user modified templates and css. The advantages this
> > > has are:
>
> Templates in the db are tricky, because now we have to provide a way to load 
> the templates into the DB.  The time to test/edit/debug a template also 
> increases, because of that extra step.
>
> CSS in the database is bad because you lose the ability to let Apache handle 
> it.  If you serve it with a .cgi, that's a fork(), exec, load, compile, read 
> data, send data.  And you have to make sure you get the nuances like 
> Content-type, content-length, and what not right.    Even if you serve it w/ 
> mod_perl, it's still much slower than letting apache handle it directly.

It would seem that instead we should have editing CSS/templates from the 
website->database but have a publish button that would call a procedure 
that pulls everything out of the database and publishes it to the 
filesystem.

Sincerely,

Joshua D. Drake


> Jason
>
> -------------------------------------------------------------------------
> Using Tomcat but need to do more? Need to support web services, security?
> Get stuff done quickly with pre-integrated technology to make your job easier
> Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> _______________________________________________
> Ledger-smb-devel mailing list
> ..hidden..
> https://lists.sourceforge.net/lists/listinfo/ledger-smb-devel


--

   === The PostgreSQL Company: Command Prompt, Inc. ===
Sales/Support: +1.503.667.4564 || 24x7/Emergency: +1.800.492.2240
   Providing the most comprehensive  PostgreSQL solutions since 1997
             http://www.commandprompt.com/