11
Dave_L
Re: Look better, and more sexure
  • 2007/5/31 17:38

  • Dave_L

  • XOOPS is my life!

  • Posts: 2277

  • Since: 2003/11/7


Quote:
nachenko wrote:
This gonna sound weird, but i don't think protector should be in the core as it it now. The problem is XOOPS_TRUST_PATH. Its's a great idea, but it makes installation more complicated for newbies, and sure there will be servers that won't allow users to create this "trust path". Unless someone finds the way to automate this process and continue installation even in case of failure, I should not include it.


It's recommended that XOOPS_TRUST_PATH be outside the web root for optimal security. But it can be inside the web root, if you find that more convenient or if your hosting service requires it. If it's inside the web root, then it's best to include an .htaccess file or equivalent method to block web access. GIJOE confirmed this is possible in this thread: http://xoops.peak.ne.jp/md/d3forum/index.php?topic_id=2364

With that in mind, perhaps XOOPS_TRUST_PATH should default to a directory inside the web root, e.g. XOOPS_ROOT_PATH/trust, and the user could change it later if he's able to do so.

12
Anonymous
Re: Look better, and more sexure
  • 2007/5/31 18:18

  • Anonymous

  • Posts: 0

  • Since:


Just a thought here, and something that I've said in the past:

If you can't write to a directory parallel to your website root then move the website in its entirety into a sub-folder, i.e......

From:
/website_root

To:
/website_root/subfolder

All you need to do then is change the XOOPS_ROOT_PATH and XOOPS_URL in mainfile.php accordingly and the website will work straight off.

You can then make your XOOPS_TRUST_PATH parallel to the new subfolder thus:

/website_root/trust

You can call the /subfolder and /trust folders anything you like

I've done this and mapped a subdomain to the subfolder, i.e.

http://website.mydomain.org.uk/ is mapped to http://www.mydomain.org.uk/subfolder.

HTH

13
macmend
Re: Look better, and more sexure
  • 2007/5/31 18:51

  • macmend

  • Quite a regular

  • Posts: 285

  • Since: 2004/2/27


I am fascinated by the fact that everyone has latched on to the security issues which are good geeky stuff and very important. However equally important on XOOPS is the unfriendly GUI both front end and admin side.

Look at the popularity of Ubuntu and OS X tiger ease of use, intuitive controls and good "click-feel" I just made this term up but its like food manufacturers talk about "mouth feel"

The interface is what makes you feel good about using XOOPS as the cms for your site but also what gives ease and pleasure of use to those who come to the site.
Free Mac Support

Ordinary Wisdom

apache server with php sshexec turned on
xoops version 2.0.18.1 & 2.3.1
php version 5.2.5
mysql version 5.0.45

14
Anonymous
Re: Look better, and more sexure
  • 2007/5/31 19:05

  • Anonymous

  • Posts: 0

  • Since:


I hear what you say.......... but can't help thinking that comparing website software to a couple of OSes is a tad unfair

There are some good themes out there for XOOPS but all have to use the XOOPS theme.html to some extent or another, or rather, the block definitions within it.

Have you considered taking something like the new Morphogeneis 2 theme and seeing what you could do with it on the design front?

I'd love to have a go but know my limitations in this regard so tend to leave it to the graphics experts

Having said that, I'll have more time in a week or two so might "have a play with it"

15
nachenko
Re
  • 2007/5/31 19:09

  • nachenko

  • Quite a regular

  • Posts: 356

  • Since: 2005/1/18


Quote:

macmend wrote:
I am fascinated by the fact that everyone has latched on to the security issues which are good geeky stuff and very important. However equally important on XOOPS is the unfriendly GUI both front end and admin side.


The forntend is a problem of the designer. I know my sites have good look-feel for the user, and every new site I do is better.

The admin... well, I think I'm gonna use XOOPS EXM for next project, and replace the logos on the head to put just the usual "Powered by XOOPS".

16
skenow
Re: Look better, and more sexure
  • 2007/5/31 19:12

  • skenow

  • Home away from home

  • Posts: 993

  • Since: 2004/11/17


The zeta reticuli theme includes template overrides for cbb - you might give that a try, too. The XOOPSwiki is using it, so you can preview it first, if you would like

Many themes do not change any of the templates (layout, as you called it), but only focus on the styling of the elements. The possibilities are quite endless, as kris_fr, defianceb0y, snow77 and many others are demonstrating. I've seen some pretty amazing things done with ajax lately, too.

17
macmend
Re: Look better, and more sexure
  • 2007/5/31 20:36

  • macmend

  • Quite a regular

  • Posts: 285

  • Since: 2004/2/27


I am sorry I took a look at xoopswiki which looks great, but the forum...it looks terrible..bad line up, not clear, what I would call an unapproachable feel.

Up against smf, IPB or VB CBB is not really that good.

Design and the way things look are very very important.

As I said really its not about the themes, I have had some great help on my sites from bassman themes

Its about the core visual structure of XOOPS....its really not that attractive when compared to other cms

So with all this criticism why do I still use it? Its easy to set up and use and I have ridden the learning curve on it...believe me I tried Joomla and had some problems, I just thought I dont want to spend hours trying to sort this out so I built a XOOPS site instead. So for all my desire for changes I still like it. I just wished it had a better design and greater security.
Free Mac Support

Ordinary Wisdom

apache server with php sshexec turned on
xoops version 2.0.18.1 & 2.3.1
php version 5.2.5
mysql version 5.0.45

18
skenow
Re: Look better, and more sexure
  • 2007/5/31 22:30

  • skenow

  • Home away from home

  • Posts: 993

  • Since: 2004/11/17


Quote:

macmend wrote:
I just wished it had a better design and greater security.


Design preferences are personal

CBB templates are not part of the XOOPS core

Templates can be changed, for mocules and for XOOPS

There are many security issues outside of XOOPS
- Apache has mod_security (not part of Apache core)
- Default php settings are not completely secure (need to harden php.ini: register_globals, safe_mode, disable_functions, allow_url_fopen)
- Default mySQL settings are not completely secure (need to harden my.ini and default user settings)
- Many hosting services do not maintain secure file and folder settings, especially on shared servers

Even the Mac has add-on virus software (not part of the OS)

We are anxiously waiting for your redesigned XOOPS UI.

Login

Who's Online

295 user(s) are online (223 user(s) are browsing Support Forums)


Members: 0


Guests: 295


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits