One of the features is software portability: it can be used on both PHP4 and PHP5 versions, and is backward compatible with mysql 3.23. On PHP, it is independent of server settings magic_quotes_gpc. Objects cloning also works the same on PHP4 and PHP5 when using copyFromObject() method of LogicObject class.
You can install this software using any domain name, such as:
The recomended way to install this site is to configure Apache in such a way that /web directory from Katyshop package will be the root of the site and the rest of directories will not be accessible from HTTP (classes, config, data, docs, sql).
How to setup Apache so that /web directory will be the root of the site:
#<VirtualHost *:80> # ServerAdmin webmaster@dummy-host.example.com # DocumentRoot /www/docs/dummy-host.example.com # ServerName dummy-host.example.com # ErrorLog logs/dummy-host.example.com-error_log # CustomLog logs/dummy-host.example.com-access_log common #</VirtualHost>Create a new virtual host by copy-pasting this section and removing the comments (#). Edit each setting from this new section, but for the DocumentRoot, do not use the main directory of Katyshop (/docs/katyshop); instead, use the subdirectory web, like this: /docs/katyshop/web
Well.. if you don't get it how to configure a new virtual host, don't worry, it will work even without it, and if you run your site under Apache and you set the AllowOverride option to All, then .htaccess files from each directory will take care of security for you. And even if that still doesn't happen, I trust the code to crash nicely without breaking the database in case a user enters directly to one of these folders.
However, whatever HTTP server you are using, it is a good practice to protect these folders and prevent direct HTTP access to them:
If your web server could not help you and you are paranoid :) ... then you can break the directory structure of the site. Put the /web directory in your server's web root and place the rest of the directories somewhere else on the hard-disc. Then read below about IV) CONFIGURING THE WEB APPLICATION, how to link these folders back to the site. Please note in this case that /web/includes and /web/admin/includes are still not protected.
« topIn the /sql folder you will find the database creation script, called "create.sql". Create a new database using your mysql client application, use that database and run this script.
« topOpen /config/config.php with your favorite text editor and search for this string: "// *important*" (without the quotes). This will reveal the critical settings without which the site will not run.
The rest of the settings are more like preferences you can tweak as you wish.
However, there is an interesting section there about directories. As mentioned above, at II) UN-ARCHIVING THE WEB APPLICATION, * plan C) you can break the directory structure of your site. If you do that, edit this section and tell Katyshop, where did you place the rest of directories. Look at the beginning of configuration script in CONSTANTS section to find these settings.
After you finish configuring the "// *important*" settings, your site should be functional. At this point your database is empty, meaning including that you don't have administrators. So you must login using username and password you entered in SUPERADMIN section from config. You will find a link in the top menu bar, after you login, called "admin"; click on it to reach the administrative section of the site and create a regular admin account and use this new created account in the future. After that you should disable superadmin account from config, by setting "0" to it's "active" property.
That's it, enjoy! :)