Welcome & Whatis

News

Installation

Running CuteMarks

Ressources and Acknowledgements
SourceForge Logo

Installation

Get a cup of coffee, some cookies or whatever you need to feel comfortable. Sit down in your favourite char and relax a minute or so ,-)) Installation will probably take 15-30 minutes, depending on your experience and is quite easy to handle.

un-tar archive

You should start with untaring the downloaded archive to a location of your choice. This is likely to be somewhere in you web servers repository. You end up with a few folders below the cutemarks folder

  • \: This is basically where all PHP-scripts, reside
  • \doc: Guess what... <g>
  • \sql: Just a single sql script needed for creating the tables
  • \include: Library files that get included by the php scripts.
  • \templates: Every PHP script has a corresponding template, e.g. an index.php calls a index.tpl in the templates directory to display itself. Some more templates exist for special purpose, e.g. for displaying links and categories.

 

Database

Set up a MySQL database. Depending on your provider this procedure may vary so I cannot give any advice to it. There is no other database type than MySQL supported for CuteMarks right now. But you may accompany me in developing this tool and provide additional code for other databases ,-)) To configure cutemarks later on you need

  • The database server name or IP,
  • the dabase name,
  • the user name to access the database,
  • the user's password on the database server.

Because we just need to install two small tables it should also possible to use any already existing database.

Now you need to create the two tables in your database. Depending on your web environment you may perform this action using the mysql client from the command line directly or use a web based tool like phpMyAdmin.

In the first case you're likely to do something like

mysql -u username database_name -p -h datbase_server << sql/cutemarks.sql

 

CuteMarks configuration settings

There's a single place to do all the configuration settings: The file "config.inc" in the main directory. This file gets included in every script and sets the necessary configuration settings; it's content is very straigt forward:

  • Set the database settings according to the stuff you used above to create the database.
  • $tpl_path is the path relative to the main script directory where templates reside. You have to change it only if you want to rename or move the templates path.
  • $css_file names the style sheet that get's included when displaying any output. Read below for details. You can also use this default as a standard stylesheet is part of the distribution.
  • $welcome_msg is a header that get's displayed in the head of the public part of your link collection. Choose something you'd like to see here.
  • Please leave $lang_array. This is needed for a future enhancement, which will provide multi-language support.

You're done so far! If you've made everything all right you may point your browser to "index.php" or "admin.php" and should see something already. Please continue with the next section as you may want to prohibit other users from changing your bookmark collection <gg>.

 

Web-Server & securing scripts

First of all: There's no built in security checks for CuteMarks. Use the one's Apache provides. They are fine, they are secure, they are easy to handle. So there's no need to build something separate. Full stop. If you don't use Apache as a web server you should read this section as well to adopt the same security checks for your server.

  • The access to the ./templates and ./include directories should be prohibited completely. As this directory contains only files that will get included directly using the PHP scripts there's no need to have this directory accessible for anybody. A small .htaccess is part of the distribution which will server this needs. This includes especially the ./includes directory as the file confic.inc.php contains passwords and so on.
  • In the script directory all scripts that server administrative tasks, start with "admin...", so it's quite easy to protect them as well (cool idea, isn't it <gg>). E.g. you probably want to use something like this:

<Files "admin*">
   Order allow, deny
  Groupfile /path/yourGroupFile
  Userfile /path/yourUserFile
  requires user admin
</Files>

  • The file ./includes/config.inc.php contains some cleartext password information. Anybody having access to this file and being able to connect to the database may act as the database user and do everything he's allow to do. There various strategies to cope with this problem:
  • If you run a dedicated server alone there's no real need to protect anything as you're probably the only one having access to the server. If not...well there's probably a peck of trouble where restricting access to the CuteMarks database is only a minor problem<ggg>...
  • If this is a dedicated but shared server you have to restrict the access to the webserver and you only. Usually both of you share a common group, so a "chmod 660" should work well.
  • If you share a server with other people and can't assign the file a mod so the others cannot examine the file...consider changing your provider. No kidding: Not being able to protect your own files on a shared server is just...pointless.

Of course additionally you have to set the correct group file, user file and user name in the example . Please check your setup after configuration by pointing your web browser to any admin or include file and see if the request gets rejected or if you get asked for a user/pw!

 

Cleaning the directory after a successful installation

Finally you can delete any unnecessary files. This includes

  • The /doc directory
  • The /sql directory
  • The readme-file in the scripts directory