As much as everyone loves speculating about potential directory structures and file formats, theres other stuff to do. -Error avoidance. Module install and updates will happily go ahead and try to do things which are access denied and then think they are done. We need to check for access before doing these. One for each combinataion of alter/create and mysql/postgres to get started. -Error handling. Output to AJAX (as used in update.php, among other places) should never return HTML errors to the client; or the JS could be more forgiving. Either we need to work with PHP's error handling (I've just about given up on this due to PHP's lack of sanity) or make JS able to handle the PHP error spew. -- Neil Drumm http://delocalizedham.com/