[ Pobierz całość w formacie PDF ]
.A simple but significant issue is being able to prefix table names in the database so asto avoid clashes between systems sharing the same database.The framework shouldbe designed to handle this.Major gains can be made if the simple properties of data objects are determined fromthe database instead of having to be coded.This cuts down on coding, and avoidsa source of errors and inconsistencies.Going further, data objects can have the SQLfor basic operations generated automatically, reducing development effort, andeliminating a source of errors.The CMS framework can provide an acceptable solution to the problem of keepingcertain items in order.For example, a menu has a particular order that may bealtered by a site administrator.Relational databases do not handle ordering easily.They typically work on the basis that order arises naturally out of the data, andcan be achieved by sorting.This is true, but when a specific ordering is imposed bynumbering, say menu items, repeated changes lead to a situation where the numbersneed to be resequenced.There is no direct way to do this using a relational databasebecause all operations are done on result sets rather than being done sequentially.Amethod of solving this problem with reasonable efficiency for all but the very largestsets of data is provided below.Keeping up with ChangeVery few systems are static, especially when they are web related.A lone site canbe maintained by editing its various components.But a CMS framework is justifiedby situations where multiple sites use more or less the same software.Questions ofefficient maintenance quickly arise.The CMS architecture advocated here involves a minimal framework, with much ofthe functionality added as extensions to the basic framework.To make this easy, theframework includes an installer, and extensions have to be packaged in a particularway to support the work of the installer.[ 93 ]Database and Data ObjectsInevitably, the time will come when a new version of an extension needs to beinstalled.The framework helps in this by providing three distinct functions suchas installation, deletion, and upgrade.The upgrade procedure is exactly the sameas installation except that a box is ticked to tell the installer to expect the extensionto be already present.Whenever it handles an installation or upgrade, the installerinvokes an optional piece of code in the extension, the install or upgrade code.These two may well have some very similar functions, which suggest that the bestimplementation could involve a common abstract parent class.So one question we need to answer in this chapter is what database facilities areneeded to make the task of an extension's upgrade code easier? The answer, ingeneral, is to make it simple for the extension to obtain information about the currentdatabase.That involves providing methods for finding out whether a particular tableis presently installed, and whether a table contains a particular field.It also involvesbeing able to add a field if it does not exist, or altering its specification if it does.While these functions could be implemented using more basic building blocks, theyare sufficiently frequently needed that it makes sense for them to be a basic part ofthe CMS framework.Database SecurityWebsites get cracked.Databases are critical to CMS operation, and malicious exploitsare often directed at CMS databases.A CMS needs to connect to its database as a "user", who has quite extensiveprivileges.As discussed in Chapter 2, some progress can be made to limit thisvulnerability by providing the option of using two databases: one for the mostcritical information, and another for more general information.But in both cases,the connection to the database must have the ability to perform all possible actionswithin that database, otherwise, the concept of a CMS that can be managed throughits own web interface is defeated.As far as possible, the CMS should keep secret the credentials for connecting to thedatabase.More can be achieved in this direction with a custom built framework thanone which is released for general use.In the general case, we know very little aboutthe hosting environment and all the code is accessible to the public, including thosewith ill intent.This means that schemes such as encryption are of limited use, sincea cracker may be able to use the CMS's own decryption routines to obtain access tohidden data.[ 94 ]Chapter 5The database itself should be secured by restricting where connections can comefrom.Usually, it is feasible to limit database access to one or more servers that areknown to be serving web pages, and refuse access to any other client.Constraints ofthis kind are important, but outside the remit of the CMS.The best known vulnerability that does fall within the scope of the CMS is SQLinjection.This is easily illustrated by thinking of a community site where each userhas a profile that can be accessed using that user's chosen name
[ Pobierz całość w formacie PDF ]