Hi,
I just thought I'd offer my comments on this:
But, for those of us who travel for a living, and have to cary laptops, and our time is VERY VERY LIMITED, while trying to establish something on the web, it can be very frustrating, not having any good built in security right into the script.
The script is much more secure with proper server side protection then it ever could be with cgi protection. I left it unimplemented because I feel you will be better protected behind an .htaccess file then through some built-in CGI mechanisim. There's no reason anyone should be able to go to any url inside of your admin directory, so why let them?
Security may be a pain, but it is neccessary. I don't want to fool people into thinking their links.db, or worse yet their email.db file, is safe by making the security 100% CGI based.
As for password protection for modify.cgi, I don't believe in it personally. I feel human judgement when looking at the original and the new record side by side is better then any password system could ever offer. I know a lot of people have asked for this, but all I can say, is give the add-ons a shot.
My main goals with Links is that it could run anywhere, be stable, be secure, and easy to customize.
I don't want to add in a lot of features without making sure they fit the overall design goal. I can't please everyone, and don't want to just "make the feature an option" as that adds to the bulk and complexity of the code.
I get the most satisfaction out of seeing all the different things people have done with Links. It's really amazing going through the Sites in Action list.
You won't ever see new updates to Links on a weekly or even monthly basis. First, it doesn't cover the bills enough for that to make sense.
Second, I want people to be confident that the program they are getting is stable software, and it won't require you to update it every other week. Also, lack of releases doesn't mean the program is not still being developed.
As for Links SQL, I'm really impressed with how it's turned out. It's a 100% rewritem and now works under mod_perl for really quick performance. It uses a custom module for easy access to all the links data which will make developing custom apps very easy. I'll be putting up a demo and some documentation for it this weekend. I'll also be putting up some more technical specs on how it's put together.
Cheers,
Alex
I just thought I'd offer my comments on this:
Quote:
For someone who wants to use Links on a Comercial site, and Links being the main feature/tool of the site, ONE HAS TO WORRY ABOUT SECURITY. Yes its easy to say, use .htaccess blah blah blah. But, for those of us who travel for a living, and have to cary laptops, and our time is VERY VERY LIMITED, while trying to establish something on the web, it can be very frustrating, not having any good built in security right into the script.
The script is much more secure with proper server side protection then it ever could be with cgi protection. I left it unimplemented because I feel you will be better protected behind an .htaccess file then through some built-in CGI mechanisim. There's no reason anyone should be able to go to any url inside of your admin directory, so why let them?
Security may be a pain, but it is neccessary. I don't want to fool people into thinking their links.db, or worse yet their email.db file, is safe by making the security 100% CGI based.
As for password protection for modify.cgi, I don't believe in it personally. I feel human judgement when looking at the original and the new record side by side is better then any password system could ever offer. I know a lot of people have asked for this, but all I can say, is give the add-ons a shot.
Quote:
SHOULD NOT THE FACT THAT THERE ARE DOZENS OF MODS/HUNDREDS WITH ADDED FEATURES AND FUNCTIONALITY TELL YOU SOMETHING?My main goals with Links is that it could run anywhere, be stable, be secure, and easy to customize.
I don't want to add in a lot of features without making sure they fit the overall design goal. I can't please everyone, and don't want to just "make the feature an option" as that adds to the bulk and complexity of the code.
I get the most satisfaction out of seeing all the different things people have done with Links. It's really amazing going through the Sites in Action list.
Quote:
Moreover the speed at which The Genius brings a new update/Product could be a bit faster or soonerYou won't ever see new updates to Links on a weekly or even monthly basis. First, it doesn't cover the bills enough for that to make sense.
Second, I want people to be confident that the program they are getting is stable software, and it won't require you to update it every other week. Also, lack of releases doesn't mean the program is not still being developed. As for Links SQL, I'm really impressed with how it's turned out. It's a 100% rewritem and now works under mod_perl for really quick performance. It uses a custom module for easy access to all the links data which will make developing custom apps very easy. I'll be putting up a demo and some documentation for it this weekend. I'll also be putting up some more technical specs on how it's put together.
Cheers,
Alex
