Main

March 19, 2011

Learning from others mistakes - move configs out of your boot loader

I'm a keen believer of learning from other folks mistakes and attempting to not repeat them. Source code disclosure and even worse configuration disclosure which happened with tumblr. One thing to remember, if you keep your configuration for your app outside your webroot, you reduce the chances of you actually accidentally disclosing your configuration. Typically one could even do something like:


<?php
require_once dirname(dirname(__FILE__)) . '/bootstrap.php';


Rather than having everything in your index.php file. Separating your configuration directives out to a separate configuration file outside the webroot and modifying that when making changes.

One can use your version control pre commit scripts to check that you've not borked a the file - checking for php scripts being of a file type php script vs file is one way of doing this - foo.php contains a php script starting with "i?php" and bar.php has same code starting with " 

$ file foo.php 
foo.php: PHP script text
$ file bar.php 
bar.php: ASCII text

Posted by Jacques Marneweck at 10:34 PM | | Comments (0) | TrackBacks (0)

December 18, 2004

Version Control

What version control software are you using? I've used CVS as well as subversion for version control at work and for personal projects. I tend to prefer subversion currently as it has better ways of managing files than CVS does.

I am wondering if there are any decent ways of migrating hundreds of CVS controlled projects over to subversion and storing the data such as release tags, etc. with each file revision or is it normally better to do a clean import into subversion and then scrap the old cvs repositories?

Posted by Jacques Marneweck at 5:57 PM |

November 24, 2004

cvs to subversion migration

So I'm busy migrating CVS Repositories from SourceForge over to a locally self-hosted solution. One of my pet irritations with cvs2svn is that it insists on thinking each module is part of the same "project". Highly annoying.

Posted by Jacques Marneweck at 6:55 PM |

May 16, 2004

Moving your CVS Repository around?

A couple of open source projects moved hosts, and being able to continue developing little 'hacks' for the code in my checkedout version was simple enough as creating a new CVS/Root file and running

/usr/bin/find . -name Root -type f -exec cp -pr ~/new_cvs_root {} \;

Useful little snipbit.

Posted by Jacques Marneweck at 10:06 PM |

Afrigator