Various Core Upgrades about equalify HOT 6 CLOSED

Another suggestion may be to use an ORM like Doctrine rather than manually defining SQL, this would make altering and maintaining the database easier and less error-prone as it is handled by PHP rather than SQL directly, and will give you a number of things like data sanitization for free, but it would be a pretty big change. Just my to cents.

from equalify.

My general questions:

• Why are require authentication before initiating CRUD functions? The platform is designed to be run mostly locally by users who are in control of it.
• Why would you suggest moving HTML out of PHP files and use Twig? I built one version with handlebars, but our HTML was so simple we ended up not needing it. 

from equalify.

@TolstoyDotCom - I created a roadmap of sorts to give you an idea of what I'm trying to do: https://github.com/orgs/EqualifyEverything/projects/2 .. I'm mainly curious how your work can fit in with the requirements I suggested.

from equalify.

@bbertucc: someone might accidentally make their installation publicly-accessible, or do it intentionally so others can use it. That might result in a hacker compromising their server or PC or information disclosure of some kind.

One reason to separate HMTL from PHP is because being like Wordpress is generally a bad idea. Plus, it's easier for themers to deal with and it's easier to read. Also, you might at some point want to output to XML, JSON, etc and in that case all you'd need to do is provide a new template.

from equalify.

hacker compromising their server or PC or information disclosure of some kind.

Could this just be resolved by adding into the config or README file? We could write something like: "Equalify is designed for local use. If you create a publicly accessible deployment of Equalify, we highly recommend adding authentication to prevent security issues."

Since we have limited resources, I'm trying to focus open-source work on delivering the basic functions of Equalify. Authentication is an add-on via our cloud version and core authentication might complicate that.

you might at some point want to output to XML, JSON, etc and in that case all you'd need to do is provide a new template.

Is there any framework/platform that could serve as a model for how we'll structure the templating? I'm trying to wrap my head around how the data model will associate with twig.

from equalify.

This issue has been approved with @TolstoyDotCom working on it. I've converted the items into tasks, which we can tick off as we commit to core.

from equalify.