TAd
|
 Posted:
Mon Oct 11, 2004 1:26 pm |
|
Thank you Raven, and yes I do : P
I followed and read in great length the other links you have posted here, and was not sure where exactly to put my 2 cents in at  So I believe I will add this here, a consolidation of all the posts relevant to this project would be very nice 
Hello,
I am a relatively new comer to this forum, as well as to php-nuke. While I am able to create, and edit code, I am still a beginner. So, I am unable to give expert opinions on the core and the inner workings related to the php, and php-nuke itself. I believe I am able to give some opinions based on my workings with php, php-nuke, the add ons, the blocks, the patches, updates and security fixes.
I am a gamer, I am a husband and a father of 3, I have a full time job as an engineer. Like many others I have limited free time, and in entertaining myself in my hobbies, I have to weigh the time involved, with the time to complete a task. When I left my old clan (gaming) Myself and others started a new clan, and went off in a new direction. We needed a website! I had spent hundreds of hours editing, adding to, and modifying our previous website which was not php-nuke based. Why did I decide to go with php-nuke? The simple fact that I could within hours have the very basic fundamentals needed to communicate via the web with fellow gamers and enthusiasts.
From a user point of view there are some issues that hit home right away with your standard install (I started with 7.3, and then upgraded to 7.4). Let me first start with the following line that had been used to answer many questions I had in regard to why this or that was not set up a certain way...
That would not be a secure way of doing that.
There would be security issues.
Time and time again I found that the problems did not lay in the modules or add-ons, but in the core itself. Leading people to create work arounds imo.
Why can you not upload a photo when submitting a news story?
Why can you not decide per "area" what blocks are seen, and what ones are not?
Why must there be a seperate login for Admins and for regualar users?
Why are the forums (phbb) and nuke databases for users not integrated?
Why does it seem like people want to be the first to make public, new code/add-ons/blocks at the price of having something that is at best, patched together, and not fully intergrated, or possibly not secure?
Why are 7.1, 7.2,7.3,7.4,7.5 MORE important than 7.1 Final. Final meaning that all known bugs are now non-existant.
Why must a user that very possibly has 0 knowledge of php, php-nuke,nuke file structure, mysql, etc. be told that in order to correct a bug, or an error must now edit code?
Just a few questions that I am able to come up with in a few moments.
The issue of security should be #1 without a secure code, many hours upon hours will be (and have been) spent on one of 2 things, correcting errors in code, restoring backups of your site, if you realized the importance of backups. Most new people to websites would most likely not think of that. How many people still using windows to this day do not have Antivirus software? How many people using windows to this day have never visited the update section on Microsoft’s website?
From a new user perspective, why do I have a website, why do I choose one type of site over another?
I have a website to enjoy similar interests, to convey my thoughts, or the thoughts of the community, what ever size, and or interest that may be.
What is important to myself, along with many others I would think is the following.
The ability to have a website up in a fairly short amount of time, allowing you to select, deselect options that you want/do not want as you "become familiar" with what you and your community use. The ability to maintain it with minimal effort, patches should be easy, and should include only the files that need patched. I know this is difficult, but a one stop area to locate the patches(to the core) and base modules, and or add-ons.
When you are able to for instance, post articles, intergrate the options available into the code. Many options, one example of a lack of options is the Content area of php-nuke. (I do not use sections, while others may) I can create new content, and place my info there, then I create a new one, and yet another, hmm, I should move that one up to the top, that is important..... How do I do that? there is no option? I ask, well, you can go to MySQL admin tool and change the ids to move them around. (I know how to do this) but the average user? Your other option and a fairly poor one, to plan out your entire site, and all your pages, and then create them in order.... Good luck! There will always be something you missed, or something new that comes along, and there it is, out of order on the FRONT PAGE! Arghhhh.  
Security. Nuff said. Anything that is “popular” will draw traffic, and some of it not wanted. I want to be safe in knowing that if I sleep for a few hours, I do not come back to a website that I cannot log onto, where I no longer exists in the Admins database. Granted, nothing will ever be 100% secure, but to continue to develop releases with the same security flaws is just crazy. To depend on 3rd parties for security patches is simply bad practice. Who will the next release be for, if they have been hacked and are no longer using the portal you worked hard to create? I would suggest that security patches be part of an autoupdate system, Anyone can fix it, but should be directed to a body, for review, and approval, at that point, then released to the “update server” at which time the end user could then install the security patch. Currently the very basic ability of “right click disable” is left to a hack, where it is then all or nothing. Is it possible to set this as a per webpage basis? Now that is what I would call a core option w00t! Instead of a separate log on password and username for Admins, how bout taking a leap, and going to SSL, where an admin can set a path to an SSL certificate, and it verifies the admin upon user sign in?
Themes, are important, more than anything when you are entering a website, the one thing that sets every site apart at face value, without reading the content, is the overall look and feel. The ability to import themes that are new or older ones (backwards compatible) is a priority for myself.
An auto update, with the Option to either Auto patch all files, OR to download them locally, as an individual may want to do it by hand especially in those circumstances where they have modified the code.
Forums, I know this will not be a popular request, but from my short time I have come to realize that while I appreciate greatly the "ports" available for php-nuke, some are by far more widely used than others. Forums is one that I rarely see NOT used on a website. I would suggest a core integration of forums. to eliminate all the problems that arise from adding this particular feature on at a later date. I understand that is a large task, however I believe that having an integrated, bug free, forums would entice many users into this release. From the avatar issues, and the 2 database for one user. It simply leads to many problems and I truly feel that leaving this to a third party to port also means that you are risking the security, of what I believe to be one of the fundamentals of a website.
Images-Galleries etc. I also feel this is important, and some module, or add-on should be included with the core package as well. Mainly due to the same reasons as the forums. I see images all over the internet, and to provide some way to view/display/share your images in a secure manner is also an area that is in need of attention.
Modules and Add-ons. Currently, in order to add many of these, it is all manual, and many times requires modification to the core code.
An idea. And possibly not one that could be implemented, or is not liked in general is this.(I hope that I can present it well enough to make my thoughts on this understandable)
Core files to have a Generic Included file.
EX. mainfile.php
mainfile.inc.php
Modifications for add-ons and modules would add appropriate lines to the mainfile.incl.php which in turn would be included in the mainfile.php
This would allow for an “Update” area in the admin section. You download an add-on or a module, and unzip it. You goto the CP and click on an update icon.
It would prompt you for the path to the “root” folder for the addition.
It would prompt you for the path to the .sql injection file (if needed)
[Edited to make sense]
Upon install, it would first inject the sql, and relay any errors, giving you the choice to stop install, continue anyway, or abort, deleteing what it had done.
The Core files would then be replaced, if needed.
The modifications to be inserted would then be copied into the mainfile.incl.php file.
[Edited to make sense End]
Any modifications that would normally be done to the core files would be copied to the nameoffile.inc.php and any additional files would be copied to their respective folders based on your selection of the “root” update folder. And lastly any core files (for an approved update) would be replaced.
If something of this nature were to be implemented, unless I am incorrect in my thinking that most alterations of the source code are done with the addition of add-ons and modules, would eliminate the worries of an auto update feature, as the majority of the modifications would be contained in the separate file( nameoffile.inc.php), and not within those of the source code.( nameoffile.php) While also making security fixes much easier to implement on an auto update basis for the same reasons.
In conclusion, I could go on for a very long time, but I do not want to come off like I am complaining, if I am incorrect in my writings I do not want to continue to make an ass of myself, and most of all I would like to be able to clarify anything here that I may have very easily not made clear. I like php-nuke, and while I may have bombarded everyone with my dislikes, and or areas that I feel need improving, I still like the entire concept as a whole, it is free, and nothing, even purchased programs are perfect. I do believe there is room to improve, and that does not mean that an organization has to move from a version 7.3 to 7.4 to do so. Security, feature rich, options for the things that you will use, and the ability to keep things up to date are very high priorities.
I am looking forward to being apart of this, even if this is my only contribution, and I appreciate greatly the ability given by Raven, and others as well, to give me the opportunity to voice my feelings, concerns, and wants for a project of this caliber.
Best regards,
TAd |
Last edited by TAd on Mon Oct 11, 2004 2:27 pm; edited 3 times in total |
|
, and after returning I have seen many changes. One question I have, as others may also have, is what is PHP-Portal? What are the conceptual ideas behind this project as of now? Any information would be much appreciated!
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
