securing and storing database queries

[fun2bnuts]

I have 2 problems keeping this from a completely successful install......which in my opinion is fantastic! I love it already, great stuff--- i was in the middle of adding many of these contributions to the standard osc.....so thankful i found this before i wasted anymore time with that!!

problem 1) is just something i am not familiar with doing, and i have ipowerweb as host.... i am lost at how to do the securing using the htaccess...(i don't think its apache so instructions not much help-- not sure if i can do this through the domain admin or what ... never had to do this before --haven't had a live shop yet)

problem 2) i had this happen in the osc i was working on too... when i set to true the store database queries option found in logging section.... i get these errors: (i think i set up something wrong...but no clue)

Code:

Warning: error_log(): open_basedir restriction in effect. File(/var/log/www/tep/page_parse_time.log) is not within the allowed path(s): (/home/******:/usr/local/lib/php:/tmp) in /home/******/public_html/catalog/admin/includes/classes/logger.php on line 49

Warning: error_log(/var/log/www/tep/page_parse_time.log): failed to open stream: Operation not permitted in /home/*****/public_html/catalog/admin/includes/classes/logger.php on line 49

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/*****/public_html/catalog/admin/includes/classes/logger.php:49) in /home/*****/public_html/catalog/admin/includes/functions/sessions.php on line 67

Other than my own inexperience showing itself in dayglo colors now, this project is top-notch! So many new features, so many more questions...lol
Thank you so much for allowing me a place to start that exceeds my previous finishing point... with only few minor additions, i will have the fully functional, professional quality site i had in mind.....only so much better! thank you... what a timesaver! (lol does my happiness show??!!)

[jpf]

Problem #1

Don't have to (but you cn still do) as ADMIN has it's own login/password and adminitative settings (plain OSC did not!). I do suggest that if you don't use the .htaccess file that to DO MOVE THE ADMIN from the default directory (can't hack what they can't find).

ie: Move /catalog/admin to a private or user domain (some host have this option) or some unguessable directory.

to ~yourdomainusername/some/un/gues/sabl/edire/ctory/
or else to /catalog/some/unguess/able/direct/ory/


Problem #2

Your host has some restriction in the php.ini or server file that prevents from using certain fuctions.... Turn it off or ask your host for you to be allowed the fuctions it requires... (they will shurly ask why....).

OR move to a less restictive hosting provider like AABOX.com or FuturePoint.com


Good Luck!

[fun2bnuts]

Thank you so much for replying, I got this accomplished now, thank you! well, problem 1 at least .....lol