I’m a module-developer and wanna setup some testshops for my clients.
These shops should have full functionality (front- and backend).
Here a list of things, what I think is necessary or nice for this:
[ul]
[li]cron job for reinitalize a default application (source-code and database). Perhaps with counter of time left
[/li][li]database-field ‘aModules’ not editable
[/li][li]sandbox - don’t allow includes outside the main-path… or a special server for this?
[/li][li]disable smarty-php-code
[/li][li]disable file uploads (eg. images)
[/li][li]disable server requests to oxid/efire
[/li][li]disable send-mail
[/li][/ul]
I replaced all access data in the script by stuff like your_demo_shop etc… Would be cool to have it in a separate config file. Please check and tell me if you still find something suspicious. If you tell me that everything is ok, I would go announcing it.
Anyway - the SVN isn’t working with writing permissions at the moment. The boyz are working on it. In the mean time you can have a look at the script and try to get it running.