Separating the Admin Functions to a different page? :: Zikula Community

Get Zikula 1.3.3!New core, modules & more

Quick Links

Donate Today!Support your Software

Documentationlearn, share & develop

Watch

GitHub Core

Show your support for Zikula! Sign up at Github account and watch the Core project!

GitHub Modules

Forum Activity

alfonsomarin created topic »Fillters in Clip« 03:41 AM
damon responded to »Can the Updated Version Check be Turned Off (Z 1.3)« 03:19 AM
frw responded to »Bug in the SMTP mail transfer protocol - Port 25 - Zikula 1.2.9« 22. May
mdee responded to »Short URL questions« 22. May
mesteele101 responded to »Problem in Database Connection« 21. May
Herr.Vorragend responded to »Clip Documentation and Doubt« 19. May
mazdev responded to »zikula 1.3.3. and IE9« 19. May

» Visit forum | » View latest posts

Zikula Blog

Anatomy of Open Source Projects on Mar 07
Continuous Review on Mar 01
Not Invented Here on Feb 24
How to Contribute Your Code at Github on Jan 13
10 Steps to Coding-Nirvana: Tips for Successful Module Writing on Nov 12
Submitting Bug Report Tickets That Get Results on Aug 17
Cozi Tricks #1: Syntax Highlighting on Aug 07

Separating the Admin Functions to a different page?

Print topic

**unknown user**

Rank: Registered User

Registered: Mar 16, 2002

Last visit: Jan 31, 2004

Posts: 43
Posted: Jan 29, 2004 - 01:45 PM

Perhaps this has been asked before; I haven't found reference to it.

I want to use Postnuke as the base of an Ecommerce site, for which I want to hire a PHP coder to design, etc.

One of my concerns is "separation of church and state" in that I would feel safer if I could keep the administrative functions external of the primary page base. Even a separate URL altogether.

This may be contrary to Postnuke's design, however.

I figured I would post here and see what input anyone had on this topic.

And rentacoder.com is "okay" -- there must be other sites.

Thanks!
**unknown user**

Rank: Helper

Registered: Mar 16, 2002

Last visit: Oct 21, 2009

Posts: 712
Posted: Jan 30, 2004 - 05:03 AM

Hi Forrie,

I tried to write a long response, and the sytem settings timed me out. Grrr....

In "short form" the Administration of PN is already separated. Only those with Admin level permissions can access them. I "think" you have probably used a locally loaded version and have become confused by the "Administration" link showing up when you log in. Try registering as a normal user and you will see it that link has disappeared. (At least that is how the default setup is configured).

Hope my assumptions are on-target and this helps you.

Warm Regards,
-=dave=-
**unknown user**

Rank: Registered User

Registered: Mar 16, 2002

Last visit: Jan 31, 2004

Posts: 43
Posted: Jan 30, 2004 - 05:08 AM

Sorry about the timeout - I've had that happen...

I should have been more clear about what I was thinking. One idea was to not have the admin user log in through the front-end... but to have the administrative functions totally moved to another URL, that you could restrict in various ways.

This would be good from a security perspective, I would think, if there weren't any possible privileged actions you could take from the front-end.

Forrest
markwest

Rank: Team Member

Registered: Mar 18, 2002

Last visit: Oct 21, 2009

Posts: 6606
Posted: Jan 30, 2004 - 12:39 PM

Thats from a user perspective... From a developer perspecive then the admin functions are already seperated. While the URL may not be different (this is actually irrelevant) the admin functions of all pnAPI compliant modules are already seperated. A module contains the files pnadmin.php and pnadminapi.php; these form the admin interface and are totally inaccessable to the average user.

-Mark

--
Visit My homepage and Zikula themes .
**unknown user**

Rank: Registered User

Registered: Mar 16, 2002

Last visit: Jan 31, 2004

Posts: 43
Posted: Jan 30, 2004 - 06:38 PM

Okay, further I think I had in mind not allowing an "admin" user to log in through the front-end interface... somehow creating a "back end" URL that could be further restricted.
markwest

Rank: Team Member

Registered: Mar 18, 2002

Last visit: Oct 21, 2009

Posts: 6606
Posted: Jan 31, 2004 - 12:01 AM

That would break the concept of the permissions system within PN. Under your setup (which is the way PHP-nuke works) then your either an admin or not. With PN permissions you can devolve control of certain areas or modules to trusted people. While your site may not need that its a requirement that many PN users have.

-Mark

--
Visit My homepage and Zikula themes .
**unknown user**

Rank: Registered User

Registered: Mar 16, 2002

Last visit: Jan 31, 2004

Posts: 43
Posted: Jan 31, 2004 - 05:53 AM

I see. I wonder, though, if there may be a way to tweak it such that access to certain accounts can be restricted... allowed from only certain IP space, etc. That seems like a reasonable compromise here.

I think it's a bad idea to enable access to admin from the front page - what happens if there's an exploit? If the admin page is hosted elsewhere, restricted by firewall filters, it will certainly be more secure. But I digress
HalbrookTech

Rank: Developer

Registered: Dec 31, 1969

Last visit: Jun 01, 2010

Posts: 6859
Posted: Jan 31, 2004 - 06:42 AM

PostNuke, when the modules are well coded, is pretty secure, and they are quick to fix security issues when they do arrise. What you are proposing would require a rewrite, not only to PostNuke itself, but to every module you want to use. PostNuke is not designed for the type of security you want to use.

--
Home Page | Find on Facebook | Follow on Twitter