On Jan 24, 2006, at 2:48 PM, Moshe Weitzman wrote:
It would be nice to have a place to enter some temporary credentials, stored in $_SESSION and disposed of when the user logs out.
Interesting. Perhaps we should let users specify a different $db_url in settings.php that is used while updating. If not specified, we use the usual $db_url. How about this pseudo-code in update.php?
global $user, $db_url, $db_url_updating if ($user->uid == 1) { $db_url = $db_url_updating; }
It's an OK workaround, but I'd rather see fields where users can optionally supply a username/password. In our case, multiple people have admin rights on a db, and it would be bad form for one of them to hard-code their creds. You could add this to the update.php page, but it's not very global reusable from there. More importantly, the settings.php route doesn't protect you if someone can view that file in some way. Ideally, there should be no place where admin creds are permanently stored. One approach might be to create a "supply administrative credentials" permission. Then, when a page/module needs to do advanced stuff, it would use some sort of db_escalate function: function db_escalate($rights) [ if !user_access('supply administrative credentials') return; if current db connection has appropriate $rights, return; if new username/password have been supplied, add to $_SESSION if isset($_SESSION[username] and $_SESSION[password] reconnect to the db return form for changing creds, populated with $_SESSION ] Each advanced-rights page would show a new creds box, and the supplied creds would persist through that user's session. The function could also notify Drupal that the present connection won't work, and things might be disabled appropriately. Allie Micka pajunas interactive, inc. http://www.pajunas.com scalable web hosting and open source strategies