Piwigo Bugtracker

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0002413Piwigoconfigurationpublic2011.08.22 18:512011.08.23 12:43
Reporterplg 
Assigned Toplg 
PrioritynormalSeverityfeatureReproducibilityN/A
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version2.2.4 
Target Version2.3.0RC1Fixed in Version2.3.0RC1 
Summary0002413: move gallery_url configuration parameter from database to local configuration file
Descriptionhttp://piwigo.org/forum/viewtopic.php?id=16774 [^]

This parameter is dangerous. Users think that by changing this URL, they will either get a new domain name or have their homepage elsewhere, this is just not true and misleading. Each time I see this parameter modified (with an exception for www.photos.tarrajat.fr) it breaks the gallery.

I think that moving this parameter to configuration file makes it more secure. Why? because modifying the configuration file is not "as easy" as modifying a field in the web interface, and the local configuration parameters becomes only for "advanced users".
TagsNo tags attached.
browserany
Database engine and version
PHP version
Web serverApache 1.3.x
Attached Files

- Relationships
related to 0000721closedrvelices Get rid of $conf['gallery_url'] from #config 

-  Notes
(0005417)
svn (reporter)
2011.08.22 19:14

[Subversion] r11978 by plg on trunk

-----[Subversion commit log]----------------------------------------------------
feature 2413 added: move gallery_url configuration parameter from database to
local configuration file.
(0005421)
rvelices (developer)
2011.08.23 12:25

Didn't you forget to remove a line from install/config.sql ?
(0005423)
svn (reporter)
2011.08.23 12:42

[Subversion] r11987 by plg on trunk

-----[Subversion commit log]----------------------------------------------------
feature 2413: forgotten to remove the gallery_url parameter in config.sql
(0005424)
plg (manager)
2011.08.23 12:43

Thank you rvelices :-)

- Issue History
Date Modified Username Field Change
2011.08.22 18:51 plg New Issue
2011.08.22 18:51 plg Status new => assigned
2011.08.22 18:51 plg Assigned To => plg
2011.08.22 18:51 plg browser => any
2011.08.22 18:51 plg Web server => Apache 1.3.x
2011.08.22 18:52 plg Relationship added related to 0000721
2011.08.22 19:14 svn Checkin
2011.08.22 19:14 svn Note Added: 0005417
2011.08.22 19:23 plg Status assigned => closed
2011.08.22 19:23 plg Resolution open => fixed
2011.08.22 19:23 plg Fixed in Version => 2.3.0RC1
2011.08.23 12:25 rvelices Note Added: 0005421
2011.08.23 12:25 rvelices Status closed => feedback
2011.08.23 12:25 rvelices Resolution fixed => reopened
2011.08.23 12:42 svn Checkin
2011.08.23 12:42 svn Note Added: 0005423
2011.08.23 12:43 plg Note Added: 0005424
2011.08.23 12:43 plg Status feedback => closed
2011.08.23 12:43 plg Resolution reopened => fixed


Copyright © 2000 - 2015 MantisBT Team
Contact
Powered by Mantis Bugtracker