How to self-update PHP+MySQL CMS?

后端 未结 6 687
独厮守ぢ
独厮守ぢ 2021-01-31 04:53

I\'m writing a CMS on PHP+MySQL. I want it to be self-updatable (throw one click in admin panel). What are the best practices?
How to compare current version of cms and a ve

6条回答
  •  南方客
    南方客 (楼主)
    2021-01-31 05:29

    Based on experience with a number of applications, CMS and otherwise, this is a common pattern:

    • Upgrades are generally one-way. It's possible to take a snapshot of full system state for a restore upon failure, but to restore usually entails losing any data/content/logs added to the system since the upgrade. Performing an incremental rollback can put data at risk if something were not converted properly (e.g. database table changes, content conversions, foreign key constraints, index creation, etc.) This is especially true if you've made customizations that rollback scripts couldn't possibly account for.
    • Upgrade files are packaged with some means of authentication/verification, such as md5 or sha1 hashes and/or digital signature to ensure it came from a trusted source and was not tampered. This is particularly important for automated upgrade processes. Suppose a hacker exploited a vulnerability and told it to upgrade from a rogue source.
    • Application should be in an offline mode during the upgrade.
    • Application should perform a self-check after an upgrade.

提交回复
热议问题