I am working on a cms and there are some simple parameters like number of posts per page, default color and style sheet, that are customizable by the user trough an UI. So what is the best way to store this settings in simple and secure way? Help is very appreciated.
A:
Store it in a database, if you're using PHP you should have access to either MySQL or SQLite.
conmulligan
2009-09-12 22:14:15
Yes, it can be stored in the DB, but it should be put into the $_SESSION array at login, so that you can save an extra query ever pageload. You don't want to be querying for the current theme/posts_per_page with every pageload. ;)
BraedenP
2009-09-12 22:21:19
+2
A:
Keep the options in a database or cookie, since they're user specific. You could also have several short configuration files and include the relevant ones on request.
For colour-schemes, I'd recommend using short css files detailing the colours used by each of the possible themes (each theme in its own stylesheet, fetched on request depending upon which theme the user has stored against his/her profile).
For number of posts per page...I think a cookie on the client's machine is sufficiently secure for your purposes. Failing that, store in a session, maybe? Or, again, in the database against the user's profile.
David Thomas
2009-09-12 22:14:21