It seems that by default, the general idea used by yii is to place everything in a web accessible directory, which is maybe a DocumentRoot for a VirtualHost or something, and then use an .htaccess file with a ‘deny all’ apache config instruction in it to try to protect a single directory under DocumentRoot, called ‘protected’, under which all the model, view, and controller scripts reside, so that you have a directory structure, for example, like this:
/var/www/myapp/
[indent]assets/
css/
images/
themes/
protected/
[indent]models/
views/
controllers/
[/indent]index.php
[/indent].
.
etc.
What I would prefer to have is something more like this:
/usr/local/yii/workspace/myapp
[indent]models/
views/
controllers/
html/
[indent]assets/
css/
images/
themes/
index.php
[/indent][/indent]
…or maybe like this:
/usr/local/yii/workspace/myapp
[indent]mymodule/
[indent]models/
views/
controllers/
[/indent].
.
html/
[indent]assets/
.
.
index.php
[/indent][/indent]
…and make the html directory the DocumentRoot. That way, no php code (except for index.php itself) is anywhere under under my DocumentRoot at all. I mean, every folder in the /usr/local/yii/workspace/myapp path is in the OS group www-data, and that path and every file under it is accessible by the apache user, so code run by apache in index.php would have access to it as far as filesystem permissions and so forth go, but it’s not anywhere under any DocumentRoot. This way I can feel slightly more secure, and I only need the one httpd.conf; I don’t need to worry about any .htaccess files, or any of the potential issues related to their use.
Can this be accomplished simply by setting Application::basePath to "/usr/local/yii/workspace/myapp"? Or does basePath have to be relative to the folder containing index.php? Could basePath be set to "../"?
Sorry if I missed something in the guide or in the forums.
Thanks for any help,
-Shavais