The dangerous part is this one as my current interest is in making a framework for easy uploads. Problem to solve is the artist has the cool image she wants online. She wants zero hassle to do it so how does that happen.
The steps should be as follows:
Artist tells the site which image file she wants uploaded and it does it for her then stores it in the images folder. (After this step, the image is already accessible in the slideshow without doing anything else)
Then she uses the author page (pending) to give the information about this piece. That script edits the data file, adds the new content and then saves it. (After this step, the Name will be accessible in the Portfolio list)
OK, programmer cowboys. What do you suspect is wrong with this protocol ... other than it being the fastest possible way to destroy the Web site.
The first problem is securing the page that will prompt for the file to be uploaded. It's got to be in a password-protected directory or web monkeys will eat you alive and your site will have more bedbugs than a New York cathouse. (Imagery is such a lovely thing)
Right now I'm concerned enough that I delete the program when I am not working on it. Until I'm absolutely satisfied with the security, this isn't going to happen. It's not a huge task but you have to take the steps ... or the bad guys definitely will. If you ever see the log of access to a Web site, you'll see the swarm of them out there.
This isn't boogey man fear as you need to know these things if you will run a Web site as what they seek to find is someplace with write access. Then they can use your site as a node in whatever other nefarious stuff they do. I won't do the full write-up on file permissions but know this stuff or they will eat you.
So, with this in-place, I'll be satisfied she really wouldn't need anything from me unless there is some special thing she would like the site to do. (If you deliberately create dependencies in your code then you suck as a programmer)
It's cool to think about system design ... when multiple states won't go down if there is any error. The same principles apply but no carnage. Much better.
I've seen a man in front of a computer console at three in the morning absolutely soaked to the skin from sweat. He had made a change in a mainframe system and it was to some custom modification so he was the only one who could fix it but he had broken his own access and the system would not come up. The system was driving the entire University ... or would have been.
He had probably been at it for about an hour before he hit it and the system rose again.
If you know ASTOP on an Amdahl, you know the level of system death.
Yes, web pages are much better!
The steps should be as follows:
Artist tells the site which image file she wants uploaded and it does it for her then stores it in the images folder. (After this step, the image is already accessible in the slideshow without doing anything else)
Then she uses the author page (pending) to give the information about this piece. That script edits the data file, adds the new content and then saves it. (After this step, the Name will be accessible in the Portfolio list)
OK, programmer cowboys. What do you suspect is wrong with this protocol ... other than it being the fastest possible way to destroy the Web site.
The first problem is securing the page that will prompt for the file to be uploaded. It's got to be in a password-protected directory or web monkeys will eat you alive and your site will have more bedbugs than a New York cathouse. (Imagery is such a lovely thing)
Right now I'm concerned enough that I delete the program when I am not working on it. Until I'm absolutely satisfied with the security, this isn't going to happen. It's not a huge task but you have to take the steps ... or the bad guys definitely will. If you ever see the log of access to a Web site, you'll see the swarm of them out there.
This isn't boogey man fear as you need to know these things if you will run a Web site as what they seek to find is someplace with write access. Then they can use your site as a node in whatever other nefarious stuff they do. I won't do the full write-up on file permissions but know this stuff or they will eat you.
So, with this in-place, I'll be satisfied she really wouldn't need anything from me unless there is some special thing she would like the site to do. (If you deliberately create dependencies in your code then you suck as a programmer)
It's cool to think about system design ... when multiple states won't go down if there is any error. The same principles apply but no carnage. Much better.
I've seen a man in front of a computer console at three in the morning absolutely soaked to the skin from sweat. He had made a change in a mainframe system and it was to some custom modification so he was the only one who could fix it but he had broken his own access and the system would not come up. The system was driving the entire University ... or would have been.
He had probably been at it for about an hour before he hit it and the system rose again.
If you know ASTOP on an Amdahl, you know the level of system death.
Yes, web pages are much better!
No comments:
Post a Comment