[Solar-talk] Oddity

[Paul M Jones]

On Oct 3, 2007, at 10:53 AM, Kilbride, James P. wrote:

> Okay,
> So in getting started it says, "Although this file may be in the  
> document root, for security reasons it should not be in the  
> document root." but then in the next page it says:
>
> $ cd /home/username/public_html
> $ mate Solar.config.php
> Hold on a second.. the config files in the document root in my  
> public html folder. So which is it? We've turned on rewrite by now  
> so is that why it doesn't matter? Except your rewrite rules ignore  
> anything that is really in the directory so it wouldn't ignore that  
> file would it?
>
> Is this just a simple difference of 'opinion'?

The example is for the simplest possible case, and only for example  
usage, so that you can call Solar::start() without any params and  
have it work (it looks in the webroot for Solar.config.php by default  
in the current release).  But you're right, I can see that would be  
confusing.

The "official line" is to **not** keep configs in the web root.  Have  
Solar.config.php somewhere else, and call Solar::start('/path/outside/ 
webroot/Solar.config.php') to load it.

On the next release, Solar will **not** look in the webroot by  
default; you will have to tell it where the config file is (like in  
the example above).  At that time I will change the docs to reflect  
that more clearly.

Sorry for the confusion, let me know if that helps or not.



--

Paul M. Jones  <http://paul-m-jones.com>

Solar: Simple Object Library and Application Repository
for PHP5.  <http://solarphp.com>

Join the Solar community wiki!  <http://solarphp.org>

Savant: The simple, elegant, and powerful solution for
templates in PHP.  <http://phpsavant.com>