On Mon, 12 Nov 2007 16:06:23 -0300, "Greg Knaddison" <greg@pingvox.com> wrote:
On Nov 12, 2007 1:02 PM, Larry Garfield <larry@garfieldtech.com> wrote:
An undocumented feature (which anything done manually in settings.php
is) is not a feature. Even if we had an about: page somewhere that let people directly edit the variables table (which would depend on the variable-defaults hook that some were working on for D6 but weren't able to finish), we would be remiss if we didn't document all of the settings there. Then we're right back where we started, just on a different, larger page.
This seems like a weakness in the plan, not a fatal flaw. Our ability to get query data via the dev_query variable is an existing instance of this idea and of the problem that you cite.
dev_query is controllable via the UI, just in the devel module. The only reason it's in core is because it's not possible to inject using devel. It's also developer-only. Normal site users should never have that running during production.
Same story with allow_insecure_uploads in upload.module. These are features without UI or documentation.
See, I never even knew that existed. Now I wonder if it would have solved a problem I had 8 months ago had I known about it, but since it was hidden I probably wasted a lot of time because of it. That's an example against an about:Drupal page. :-) --Larry Garfield