Htdocs structure

[scottryan]

Hey guys,

  I am new to php and website programming, but loving it.  I am currently programming a site locally using xampp.  My file structure is currently like this.... xampp=>htdocs=>website=>secure

 

I have my root site or index.php in website folder.  I am currently programming in the secure folder doing login, member page ..etc.  I am having a problem when logging out redirecting to the previous folder (website) to get to my index.php page. 

 

I am working with a friend that is a c# programmer which is used to .asp .net ..MS stuff.  He started the "secure folder", is this common practice when making a application?  What should my folder structure look like? 

Any comments are appreciated.

 

Thanks, Scott

[ttocskcaj]

It all depends on who you talk to! lol

To get to the previous folder just do something like ../index.php

 

What programming style are you using?

OOP or procedural?

I normally use OOP and have a structure like this example

 

.htaccess

library/

library/user.class.php

application/

application/account.php

application/index.php

config/

config/config.php

 

I use the .htaccess to and mod_rewrite to redirect all the urls to application/

eg example.com/index.php would really be example.com/application/index.php

 

 

[thehippy]

Common practise varies on the environment and on  experience of the developer I find.  I've been following a Zend Framework structure a lot lately.

 

/home/myusername/application

  /config

  /controllers

  /models

  /library

    /Zend

    /...bunch of other libs too

  /views

  /layouts

  /cache - Not a ZF convention but I like putting it here

    /session

    /compiledView

    /app

  /resources - Put stuff like fonts for image creation here, again not a ZF convention

/home/myusername/public_html - Contains only what needs to be public, only php file is my index.php for most sites

  /css

  /js

  /images

 

Personally I don't like to put anything in a public directory, even a subdirectory with strict access control in the off chance the web server config is improperly edited and the access control disappears.  Its a bit of paranoid thinking, then again how valuable is your privacy? What's the cost if that information is leaked to the wrong people? Are there legal repercussions for disclosing that information?  Its simple enough to keep most scripts and data out of a public folder and avoid some possible trouble down the road.

 

As for your redirecting problem, how are you redirecting when a user logs? Something like the following?

 

<?php 
session_start();
if( loggedIn($user) )
{
  destroy_cookie();
  destory_session();
}

header("Location: http://www.yoursite.com/"); 
exit;
?>

[Anti-Moronic]

I'll echo the post above - the Zend Framework setup is pretty easy to layout when you get used to it. However, even in this people tend to use different structures, not even sure convention is what ZF use in documentation on their website. Seen all kind of structures.

 

Another thing as mentioned above, it is good practice to have your 'core' application outside the http root. Only include 'assets',images,js,css etc available via http.