FUDforum: comp.lang.php

Home » Imported messages » comp.lang.php » Nested PHP

Show: Today's Messages :: Polls :: Message Navigator

Re: Nested PHP [message #185319 is a reply to message #185318]

Tue, 18 March 2014 13:10

The Natural Philosoph
Messages: 993
Registered: September 2010

Karma:

Senior Member

On 17/03/14 23:31, Christoph Michael Becker wrote:
> The Natural Philosopher wrote:
>
>> Consider the problem
>>
>> I have page called /aby/xyz that I want accessible to one user and
>> totalluy invisible to another.
>>
>> At best htaccess makes it tricky and says 'not allowed' it wont ever say
>> 'page doesn't exist'.
>>
>> My users already live in a proper relational database.What is easier
>> than to write a slender shim that intercepts all access to the web
>> server, analyses them and decides who they are and what they can then
>> access? Using tables of privilege, proriory and area to give a
>> multidimensional; matrix of access. And the ability to return 'access
>> denied' or 'page not found' under my control if they try and access
>> something I don't want them to?
>
> Why not deploying the page controller pattern?
>
> ...
> <?php
> analyzeHit();
> if (!userAuthorizedToViewThisPage()) {
> header('HTTP/1.0 403 Forbidden');
> exit;
> }
> ?>
> <!DOCTYPE html>
> ...
>
> A front controller may be preferable (and it seems you're using
> something like that), but that also doesn't require to store PHP code in
> a database.
>
> Actually, requiring authorization for delivering certain content is
> quite common, but I doubt that there are (m)any sites storing PHP code
> in a database for that reason. The only reason I can see for storing
> PHP code in a DB, is to cater for user submitted code, what may be
> useful for e.g. CMSs.
>

in the end it was a balance of issues that decided it.

Probably the killer reason was that having to use the database anyway
to see whether or not the code would be executed, I was left with a list
of code and 'stuff to do with this code' that would go in the database,
and it seemed to be entirely within the basic database principle that
you don't stick the thing and its attributes in two different places
when there is always a 1:1 relationship... so the code followed the
'attributes of this code' into the database.

That made eval the way to execute it.

Since the code is preformed anyway, there is no more danger in this than
any other method. I.e. I am not using eval to allow some user response
to execute arbitrary code. It is simply a 'subroutine call into a
database'. And almost entirely equivalent to using include()

--
Ineptocracy

(in-ep-toc’-ra-cy) – a system of government where the least capable to
lead are elected by the least capable of producing, and where the
members of society least likely to sustain themselves or succeed, are
rewarded with goods and services paid for by the confiscated wealth of a
diminishing number of producers.

Report message to a moderator

[Message index]

		Nested PHP By: adrian on Mon, 10 February 2014 20:24
		Re: Nested PHP By: Jerry Stuckle on Mon, 10 February 2014 20:56
		Re: Nested PHP By: adrian on Mon, 10 February 2014 21:44
		Re: Nested PHP By: Jerry Stuckle on Mon, 10 February 2014 21:51
		Re: Nested PHP By: Peter H. Coffin on Tue, 11 February 2014 14:14
		Re: Nested PHP By: Jerry Stuckle on Tue, 11 February 2014 14:27
		Re: Nested PHP By: Peter H. Coffin on Wed, 12 February 2014 00:41
		Re: Nested PHP By: Jerry Stuckle on Wed, 12 February 2014 01:03
		Re: Nested PHP By: adrian on Wed, 12 February 2014 10:13
		Re: Nested PHP By: Tim Streater on Wed, 12 February 2014 10:33
		Re: Nested PHP By: Jerry Stuckle on Wed, 12 February 2014 11:30
		Re: Nested PHP By: adrian on Wed, 12 February 2014 12:52
		Re: Nested PHP By: The Natural Philosoph on Wed, 12 February 2014 13:11
		Re: Nested PHP By: Denis McMahon on Thu, 13 February 2014 06:55
		Re: Nested PHP By: Peter H. Coffin on Thu, 13 February 2014 18:02
		Re: Nested PHP By: Stefan+Usenet on Wed, 12 February 2014 12:14
		Re: Nested PHP By: The Natural Philosoph on Mon, 10 February 2014 22:09
		Re: Nested PHP By: Christoph Michael Bec on Mon, 10 February 2014 22:23
		Re: Nested PHP By: Tim Streater on Mon, 10 February 2014 22:27
		Re: Nested PHP By: Geoff Muldoon on Mon, 10 February 2014 22:30
		Re: Nested PHP By: Denis McMahon on Mon, 10 February 2014 23:06
		Re: Nested PHP By: Jerry Stuckle on Tue, 11 February 2014 01:46
		Re: Nested PHP By: adrian on Tue, 11 February 2014 10:11
		Re: Nested PHP By: Tim Streater on Tue, 11 February 2014 11:17
		Re: Nested PHP By: adrian on Tue, 11 February 2014 12:01
		Re: Nested PHP By: Tim Streater on Tue, 11 February 2014 12:45
		Re: Nested PHP By: Christoph Michael Bec on Tue, 11 February 2014 12:55
		Re: Nested PHP By: Denis McMahon on Tue, 11 February 2014 13:29
		Re: Nested PHP By: adrian on Tue, 11 February 2014 14:31
		Re: Nested PHP By: Denis McMahon on Tue, 11 February 2014 17:24
		Re: Nested PHP By: Jerry Stuckle on Tue, 11 February 2014 13:15
		Re: Nested PHP By: adrian on Tue, 11 February 2014 14:31
		Re: Nested PHP By: Jerry Stuckle on Tue, 11 February 2014 15:10
		Re: Nested PHP By: adrian on Tue, 11 February 2014 15:31
		Re: Nested PHP By: Jerry Stuckle on Tue, 11 February 2014 16:24
		Re: Nested PHP By: adrian on Wed, 12 February 2014 10:13
		Re: Nested PHP By: Jerry Stuckle on Wed, 12 February 2014 11:33
		Re: Nested PHP By: Ben Bacarisse on Tue, 11 February 2014 15:26
		Re: Nested PHP By: Ben Bacarisse on Tue, 11 February 2014 14:41
		Re: Nested PHP By: adrian on Tue, 11 February 2014 15:31
		Re: Nested PHP By: Ben Bacarisse on Tue, 11 February 2014 15:53
		Re: Nested PHP By: Jerry Stuckle on Tue, 11 February 2014 16:26
		Re: Nested PHP By: bill on Tue, 11 February 2014 12:12
		Re: Nested PHP By: Mr Oldies on Wed, 12 February 2014 14:33
		Re: Nested PHP By: Denis McMahon on Thu, 13 February 2014 06:47
		Re: Nested PHP By: Scott Johnson on Thu, 13 February 2014 13:01
		Re: Nested PHP By: Evan Platt on Fri, 14 February 2014 15:19
		Re: Nested PHP By: Scott Johnson on Fri, 14 February 2014 18:43
		Re: Nested PHP By: Arno Welzel on Sun, 02 March 2014 14:54
		Re: Nested PHP By: adrian on Sun, 02 March 2014 18:10
		Re: Nested PHP By: The Natural Philosoph on Mon, 03 March 2014 11:38
		Re: Nested PHP By: Arno Welzel on Mon, 17 March 2014 14:26
		Re: Nested PHP By: Jerry Stuckle on Mon, 17 March 2014 14:52
		Re: Nested PHP By: The Natural Philosoph on Mon, 17 March 2014 15:33
		Re: Nested PHP By: Peter H. Coffin on Mon, 17 March 2014 22:10
		Re: Nested PHP By: The Natural Philosoph on Mon, 17 March 2014 23:01
		Re: Nested PHP By: Christoph Michael Bec on Mon, 17 March 2014 23:31
		Re: Nested PHP By: The Natural Philosoph on Tue, 18 March 2014 13:10
		Re: Nested PHP By: Gabriel on Mon, 17 March 2014 15:18

Previous Topic:	Filling an array with random input doesn't quite work
Next Topic:	string length

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Sun Nov 24 01:13:02 GMT 2024

Total time taken to generate the page: 0.04432 seconds