Configuration files

[ghost]

Huge is self explanatory indeed. as a novice in web programing a really learn and understood many concept and techniques of authentication in the framework. despite that these script: config.php, environment.php and config.development.php are still yet to be understood. as it was commented; config.php will use the code in code.development and the get() in environment, i dont really understand HOW and WHY this code are connected and their important especially the environment.php. NOTE: i have already install the framework and is working fine but i want to use the idea, techniques and concept of huge in building another project. thank you.

[cristopher]

Hello

Huge is a good start if you want to create something from 0 without using large frameworks like laravel.

As the creators explain, it is ideal for making models, sketches and concepts, that's why it is so simple.

You must understand that when you work you have 2 environments: 1.- localhost 2.- youServerOnline

When you work on your pc testing changes you must configure HUGE to use config.development.php, in the server use config.php

you must learn to add in environment apache constant (Apache configs) as indicated in the file application / core / Environment.php line 13.

the environment variable is called APPLICATION_ENV

[ghost]

Thank you very much for the respond Mr. christopher, i peak some terms in this your respond and went on research about them and got to know many things again. i mean ENVIRONMENT VARIABLE, APACHE CONFIG and the likes. but i come to know that the best practice is keeping a configuration file outside in the root folder which is not found in huge-master, the config.development is in the application folder. pleas sir can you again say something of important to me about this or related. thank you for your anticipated consideration.

[cristopher]

To be honest I don't move the config file to another directory.

I only assign read permissions, not write permissions to the file.Also in some cases I have created 2 configuration files, one with the general configurations and the other with the data of access to the database and mail.

A good way to protect yourself is to follow a "big shot": Wordpress. Wordpress has the data in a single file called wp-config.php

https://www.wpwhitesecurity.com/protect-wordpress-wp-config-php-security/

Greetings friend (sorry for my English, i speak spanish)

[losttheplot]

...the best practice is keeping a configuration file outside in the root folder which is not found in huge-master, the config.development is in the application folder.

As long as the config file is not located in the public directory, and as long as your vhost 'document root' is specifically pointing at the public directory, and as long as your overall filetree permissions are configured accordingly, I don't see the problem with the config file being in the application directory. The 'document root' setting should ensure that nobody is able to access anything outside the public directory ...but I always stand to be corrected.

[ghost]

Thank all for your responses, i really got the idea.