in reply to Re^3: Holding site variables
in thread Holding site variables

Just ensure that the untrusted dev user has no permissions to access the live file (ideally the whole live tree) and that's all you need.

Currently, the one other person who has access, has an FTP account that gives them access to 

/site/test/

[download]
so they don't have any access to the live branch.

My question was more about the methodology of defining the site-wide variables.
Is putting them in a module and declaring them with our a sensible way to do it?

Replies are listed 'Best First'.
Re^5: Holding site variables
by hippo (Archbishop) on Mar 21, 2024 at 16:24 UTC

    It's not a terrible approach - I use something similar for a particular set of projects but with 2 important differences:

    1. I put them inside a package so they are properly namespaced (you might be doing that already, but there was no package statement in the code shared so far). See also the recent discussion in Common subs and Global Variables about why global variables aren't always the best idea.
    2. I use constants for items of data which won't change during a run.

    Example (but with the package inlined just for ease of illustration):

    #!/usr/bin/env perl
use strict;
use warnings;

package MyStuff {
    use constant BODPLAN => 'Have a separate dev server';
    # ... more constants here
}

print "Bod's plan: " . MyStuff::BODPLAN . "\n";

    [download]

    🦛

[reply]
[d/l]
      inside a package so they are properly namespace

      Yes - they are in a namespace with package. Sorry, I forgot that bit as I typed the example instead of copying and pasting as I don't want to reveal actual names for security reasons.

      use constants for items of data which won't change during a run

      None of this configuration will change during a run, so there's a case for constants for all of it.

      I just never think to use constants...not sure why!
      Could you explain what the advantage here is in using a constant?

      I understand that they can make it clearer that they will be constant and that the avoid "magic numbers". But in this case every variable in this namespace is constant so clarity is not an issue IMHO

[reply]
[d/l]
        Could you explain what the advantage here is in using a constant?

        Sure - it's the most obvious advantage: you won't be able to change them accidentally. If you do so it will give a compile-time error. Here is my previous example with just one extra line to demonstrate:

        #!/usr/bin/env perl
use strict;
use warnings;

package MyStuff {
    use constant BODPLAN => 'Have a separate dev server';
    # ... more constants here
}

print "Bod's plan: " . MyStuff::BODPLAN . "\n";

MyStuff::BODPLAN = 'Use globals everywhere!';

        [download]

        If you try to run that (or even compile it) it will error out. If you don't use constants you will not get that level of protection.

        🦛

[reply]
[d/l]
Re^5: Holding site variables
by Danny (Chaplain) on Mar 21, 2024 at 16:48 UTC
    My question was more about the methodology of defining the site-wide variables. Is putting them in a module and declaring them with our a sensible way to do it?
    I would probably at least access them via a blessed hash object or getter methods.
[reply]

In Section Seekers of Perl Wisdom