*

Recent

Author Topic: Change the Cache Path string in config.php  (Read 5081 times)

Frank

  • Sr. Member
  • ****
  • Posts: 257
  • Force: +4/-0
Change the Cache Path string in config.php
« on: October 19, 2011, 04:10:07 PM »
In config.php we have - with a trailing slash:

$cachepath='/home/hostingaccountname/cache/

This gave me heaps yesterday while creating a MOD that clears the cache without doing it via FTP.

Viz:

include = config.php etc - - - -
$cachepathdothis don't work, neither does this $cachepath/dothis

Would it not be better to add the forward slash to functions.php thus?

$file = $cachepath . '/' . $name ;

So that in future anything that wants to use $cachepath/dothis wont have the same problem?

Also would it not be better to have the cache folder in the root of FAS (So that any MOD writers will always know where it is) - and protect it with a .htaccess file that includes:

<Files *>
Order Allow,Deny
Deny from All
</Files>

That's what most do. ;)

kurt

  • Developer
  • Hero Member
  • ******
  • Posts: 634
  • Force: +16/-1
Re: Change the Cache Path string in config.php
« Reply #1 on: October 21, 2011, 12:23:37 AM »
What I had in mind, what I was going to do anyways, was to just have the cache fil rewritten when a change is made in the admin panel or user profile, by passing it a "0" for cache life variable. That would force a rewrite without needing intervention.

It was decided to try and have the cache directory set above the root folder if possible, for security reasons. Some hackers can bypass the .htaccess security fairly easily, this just made it a bit harder. A coder can easily access the cache folder though, just using the cachepath variable.

Frank

  • Sr. Member
  • ****
  • Posts: 257
  • Force: +4/-0
Re: Change the Cache Path string in config.php
« Reply #2 on: October 21, 2011, 06:37:53 AM »
Don't know mate, why kill all the cache when one could unlink say only sitesettings when one submits the settings form etc. and so forth.

And no-one else seems to worry about the cache  - and some of these people I know are security fanatics. ;)

The other thing is that the / in config.php should be moved to functions.php - because it's not practical to have it where it is.

For example - If you decide to kill single cache files - You'll never be able to create a path to the cache unless you hard-code it. :(

kurt

  • Developer
  • Hero Member
  • ******
  • Posts: 634
  • Force: +16/-1
Re: Change the Cache Path string in config.php
« Reply #3 on: October 22, 2011, 05:47:52 PM »
We don't want to unlink it(which is to delete it for those who don't know), that would force the script to rebuild it no doubt. But its so much easier just to over write the contents of the cache file.  Just tell it that the cache life is "0" right below where it saves the info in the admin script part of it, then tell it to re read the info, or just tell it to re read the info, but pass a "0" to it in place of the cache life variable. That tells the cache function to re read it if it is older than "0" seconds, forcing it to re read and re store the info in the cache file.

Security is something I never wish to discus in a public forum. Tends to give to much info to anybody hunting for holes to exploit. We try to keep things as absolutely secure as possible, and there are usually good reasons for what we decide. If you want to take that to PM, feel free. We're always interested in beefing things up.

I find it very practical to have the "/" where its at, that's why its there. It can be moved real easily though by people wanting to tweak their sites.

I can code the script to build the path to indiviual cahce files if need be, but again, we don't want to delete individual cache files, we want to over write the contents of them with the newer info. We may com out with a cron job people can use to delete old cache files, just to clean up the directory. That make sense?

Frank

  • Sr. Member
  • ****
  • Posts: 257
  • Force: +4/-0
Re: Change the Cache Path string in config.php
« Reply #4 on: October 23, 2011, 01:10:15 AM »
At the moment - Nothing makes sense - I've got too many things happening at the moment so I'm going to take a break from here.

;D