On 1/5/06 11:53 AM, Theodore Serbinski wrote:
So let me start it off, the new directory structure should:
1. Improve the security of a Drupal install by keeping all files private, except for an index.php, no module or include files should be accessible from a web browser
And what then of contrib modules that use images / custom stylesheets / etc?
2. Core modules and includes should be completely seperated from extra downloaded modules and themes. This should make backing up things easier, as you only have to back up your "custom" folder instead of all of the main Drupal ones
this is already possible (i think) via multisite - i.e. sites/example.com/modules can house site-specific modules.
3. The new structure should be multisite friendly. There should *not* be one files folder, but rather multiple ones, for multiple sites. You don't want that pr0n site on your multsite sharing the same images as your core business website, do you? ;-)
again, you can certainly set sites/example.com/files (we do this for bryght sites)... the only caveat is that you can't force it from being overridden in core now ... but since drupal won't be able to create new folders if you're careful about file system permissions - you can probably get away with it... -- James Walker :: http://walkah.net/ :: xmpp:walkah@walkah.net