Geeklog Forums

Im getting to where i feel fairly confortable with modifying geeklog and thats normally where i begin to screw things up. I was looking at the sql database and i noticed the passwords for users have been encypted which makes sense but at the same time the databse password itself is in the config.php file plain as day. There isnt anyway for someone to get to that file is there? Is there a way to ensure no one can get to that file?

Also i changed the html filter for root to off becuase i got tired of adding html commands to the admin settings in the config file for things like youtube videos and games and stuff, but to make sure i understand it correctly this would only affect users that are set to ROOt right, Not all users? The term of all Users on the permissions screen just makes me think that gives them permission to everything. Is there a break down of the user permissions im a little confused on what "logged-in Users" setting gives permissions to as well.

Your config should be safe as long as you setup your directory security correctly.

As far as the filter is concerned it only affects the root. There is a seperate user filter called $_CONF['user_html'].

---

One of the Geeklog Core Developers.

Is there any documentation as far as seting up the security on that directory?

and thanks i was familiar with the user setting but i just wanted to make sure who all were really considered in the root group

Only the installation instructions, the FAQ, and about half a gazillion forum posts

bye, Dirk