Taking PHP Below the Root

I'm sure most of us PHP guys have read all the security stuff about how we can best secure our code. Lots of quick sound bits that sound all that good but trying to implement them is another story.

One that I felt was a challenge is taking my PHP code below the webroot level. While many I am sure would be satisfied with getting the choice bits under, but I was thinking it would be best if you could get as much as possible. I could better control what scripts get accessed, etc.

I wanted to make it also so everything worked through one core script. This is for my framework WANDA, which is designed to host multiple programs, so another bit was to do some cleanup work on access and menus. to make the programs closer to plugin ready.

continued

To start, the directory tree:

BELOW WEB ROOT

  • WANDA
    the directory for all things WANDA below web root.
    • APP
      plug-in applications go there…
      • MAILLIST
        a WANDA application scripts directory is same as the access group name
        • INFO.PHP
          This is the application information script that contains this app's menu listing, submenu and access settings.
    • CONF
      WANDA configuration - database settings, etc.
    • INC
      Framework script libraries.

ABOVE WEB ROOT

  • WANDA.PHP
    this is the main program has minimal code to set the base directory for the bleow root page handler, then includes that.
  • WANDA (dir)
    above root data, thongs accessed by the browser and not by the server…
    • ICON
      Icons used in the appss
    • IMAGE
      images, PDFs, etc. that also accessed directly via browser
    • SCRIPT
      CSS, Javascript modules, etc.

Unless I need a temp files directory, this will cover it. In later posts I will go over the code I've developed to get everything working in their places.

~~LINKBACK~~ ~~DISCUSSION~~

Last modified:: 2020/11/22 08:55
   
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International