Feature request: change internal method access to 'private' or 'protected'

exponentcms / exponent-cms

Content Management, Simple.

exponentcms.org

GNU General Public License v2.0

60 stars 24 forks source link

Feature request: change internal method access to 'private' or 'protected' #1375

Open exponentcms opened 4 years ago

exponentcms commented 4 years ago

We could tighten down security a great deal by making the 'internal' methods 'private' and/or 'protected' instead of 'public' (default for no access/visibility modifier)

exponentcms commented 4 years ago

This also means renaming some controller methods to conform with standard permission names or 'remove_permissions' to block their being called by a non-admin

exponentcms commented 4 years ago

This basically/mainly applies to the controllers...within expController, the method/variable MUST be 'protected' since 'private' will prevent the method/variable from being available to the other controllers.

exponentcms commented 4 years ago

[bulk edit]

exponentcms commented 4 years ago

Lighthouse URL: https://exponentcms.lighthouseapp.com/projects/61783/tickets/1331