[snip] > > For those that want to extend roller I think it would be nice to split up > roller up into 3 projects and a 3rd party library folder that can easily be > integrated into Netbeans and Eclipse. I haven't used Eclipse for a couple of > years so I'll give the Netbeans example. > > * A lib directory for all the 3rd party jars > * A Java Library Project for classes common to > both weblogger and planet > * A Web Project for weblogger that pulls in the > 3rd party jars it needs from the lib folder and > is dependant on the common Java Library Project > * A Web Project for planet that pulls in jars and > depends on the library project as well. >
+1 Or some kind of improved (more standard) project layout anyway (Maven 2 projects would be fine) We have a lot of problems setting up roller for debugging with new developers. [snip] > The good news is Roller offers something that WordPress doesn't: Security > > http://www.techcrunch.com/2008/06/11/my-blog-was-hacked-is-yours-next-huge-wordpress-security-issues/ > > ;0) I think this confidence is misplaced. We've only being doing an integration project with Roller (so we've deliberately tried to stay out of the roller source code), and we have found enough security problems for us to be concerned. We haven't been looking for problems, nor have we conducted anything like a code audit. I hate just being a critic, so I've created https://issues.apache.org/roller/browse/ROL-1727 with an attachments that include what we are doing for cross-site-scripting protection. See http://mail-archives.apache.org/mod_mbox/roller-dev/200804.mbox/[EMAIL PROTECTED] and http://mail-archives.apache.org/mod_mbox/roller-dev/200805.mbox/[EMAIL PROTECTED] for some background on this. Nick IMPORTANT: This e-mail, including any attachments, may contain private or confidential information. If you think you may not be the intended recipient, or if you have received this e-mail in error, please contact the sender immediately and delete all copies of this e-mail. If you are not the intended recipient, you must not reproduce any part of this e-mail or disclose its contents to any other party. This email represents the views of the individual sender, which do not necessarily reflect those of education.au limited except where the sender expressly states otherwise. It is your responsibility to scan this email and any files transmitted with it for viruses or any other defects. education.au limited will not be liable for any loss, damage or consequence caused directly or indirectly by this email.
