The MU forums have moved to WordPress.org

adduser hack (11 posts)

  1. strixy
    Member
    Posted 17 years ago #

    I was thinking about a little hack for a multiple blog system using wordpress. I came up with this idea.

    How about a multi-blog system that abuses linux's adduser and /skel directory feature? Such as...

    A user registration page feeds a script that triggers 'adduser'. Adduser copies wpmu files from the /skel directory. A database and user is created in mysql by username. The $dbname (eg $wpmu_username) and $username is added to the home/user/public-html/wp-inst/config file. The user, post registration, is redirected to their home index.php where they install their instance of wp as usual.

    This would give the users access to other system resources, such as FTP (defaulted to their home directory and their images, css, index files for template creation/editing), *email*, LDAP, etc... owing to the fact that they are /users. This would also allow a system admin to limit the users disk space at account creation.

    This will give URL's of domain.com/~username.

    Which can be, relatively, easily converted to user.domain.com with a little apache2/sites-enabled/wpmu file.

    I don't know if this is possible, I'm a designer; not a programmer. But it seemed to me that I should mention the idea. Maybe someone else can see how this could work and then jump on it. Or, maybe its not possible at all. Who knows. But there's the idea anyway.

    I'm off to see if I can make this work. If anyone has any ideas or would like to help out, I'm mike#strixy.com.

  2. donncha
    Key Master
    Posted 17 years ago #

    It's a good idea in theory but you need a special version of PHP, suPHP, so that Apache can change user. It does bring security benefits because the underlying OS handles permission issues but by being careful it should be impossible for any user to modify or access other user's files.

  3. strixy
    Member
    Posted 17 years ago #

    So far, so good. I need someone to check the security of my php code (i'm a rookie here), and with a few tweeks and some testing I should have something done by tomorrow or next week - depending.

  4. strixy
    Member
    Posted 17 years ago #

    The hack works 100%. I now have a multiple blog site with user self registration, self configuration, independent template selection, and individualized ftp access for image/template uploads. I still have to do the subdomain hack, a kickin' sitedesign, and a few other special features I thunked up last night.

  5. blog-sg
    Inactive
    Posted 17 years ago #

    Hi strixy,

    I am interested in the multiple blog hack. Where is your site? Can I try?

  6. strixy
    Member
    Posted 17 years ago #

    HA! That's funny. It's a mess right now. I hacked it out in about 7 hours over the weekend. Let me clean it up and lock it down first.

  7. strixy
    Member
    Posted 17 years ago #

    For a little hack, this sure turned into one major project! I think I may have bitten off more than I can chew. So many things in the admin pages could, potentially, cause system wide chaos. I've started eliminating them, but for every one I code out, another pops up while testing.

    For updates and info, you can visit my site Broadcast This!

  8. allpedal
    Member
    Posted 17 years ago #

    strixy, I just read all of what you've been doing and can't wait to try it out.

  9. strixy
    Member
    Posted 17 years ago #

    Well allrighty then. I'll put a snapshot release together tonight.

  10. strixy
    Member
    Posted 17 years ago #

    Version 0.50 is now available for download. (Cringe) It's more a how to than a click and go. In fact, it's all how to with no click and go at all. Be sure to read the README.

  11. allpedal
    Member
    Posted 17 years ago #

    I will download it and play away!

About this Topic

  • Started 2024 years ago by strixy
  • Latest reply from allpedal