[wp-hackers] WP-Manage: Automatic WP backups and upgrades with PHP

Alex Günsche ag.ml2007 at zirona.com
Fri Jan 19 18:17:02 GMT 2007 

On Fri, 2007-01-19 at 09:31 -0800, Aaron Brazell wrote:
> I was going to stay out as I had made my comments but there's just  
> something else I need to say. :-) All in the spirit of dialogue, right?

Absolutely! I totally appreciate the constructive critisism. :-)

> This tool assumes you're responsible for the upgrades, right? I'm not  
> clear on this.

Not nesseccarily. See, a common situation is the following: I have a
customer who wants a blog. It is very likely that he already has a
website and a hosting solution, but of course no shell access (which
would make those shell solutions interesting). So I make his blog with
all the odds and ends, and then the job is basically done. Now time goes
by and there are critical WordPress updates. I look around and I see
there are a couple of WP blogs around which I have once set online,
hence I would have to take care as a responsible professional. Now what
to do? Either I tell people that there is a critical update and I don't
care anymore or I do the upgrades for every single of them the classical
way (to be honest, I've got other things to do). Or -- with WP-Manage --
I send an e-mail to everybody and tell them to perform the three steps I
mentioned before (log in and make two clicks).

> If you are responsible for the upgrades then you have to manually  
> login (via FTP, SSH whatever) to change perms. Then you run the  
> script. Then you log back in and change perms again. Theoretically  
> you remember all the various passwords, but perhaps you don't and  
> have to fish around through emails or god forbid find the password on  
> the post it note taped to the bottom of your keyboard. My point is  
> that this is not really an efficient way even if it just is a right  
> click, properties, chmod 777.

No, you only change the permissions once, the moment you install
WP-Manage. Directly after that, you execute the upgrade routine (you can
even do this when no new version is available, it doesn't hurt). Then
the files will belong to the webserver and you won't need to touch them
ever again unless you want to modify some core files manually.
Everything else is handled by WP-Manage. Note that wp-content/ and
wp-config.php, as well as all other non-WP-files, are never touched by
WP-Manage, so your user can even install themes/plugins or upload stuff
as he likes.

> Being that I'm not clear if this is intended for the person  
> responsible for all the upgrades (i.e. you) or if it's left to Dr.  
> Mike's soccer moms to do, let's take the other approach. The soccer  
> mom's have to upgrade. Okay, so now how do you teach THEM to chmod  
> their directories and then chmod them back when they are done.

As I said, if you install the blog for them, you do this once when
installing. However, I do see that we might talk about different
situations. If you provide the hosting anyway, and you take care of the
updates (e.g. with one of those shell scripts), then WP-Manage is
pointless for you.

> I don't want to ruin your enthusiasm. I love options and I love  
> Brian's script and the idea behind yours. Anything that makes  
> automation better is the way to go in my book. I live this philosophy  
> and am always learning new things. So don't misunderstand me.

Not at all. :-)

> With the shell script, assuming you are the one responsible for all  
> these upgrades on different servers, why can't you just modify a  
> script (or write your own) that uses PHP's FTP functions. Then you  
> can automate the whole thing with a click of the button and you don't  
> have to worry about the soccer mom's screwing things up, or having to  
> go through and remember passwords, click around, maybe click on the  
> wrong things, etc. It eliminates the fallible human modus operandi  
> (which I'm thrilled to have used in a sentence for the second time  
> this week) that makes mistakes.

The problems with the permissions is that there are different
Users/Groups. If you as WP user have the user account user123 in group
ftp, and the webserver is apache:apache, then (a) the chmodding is
mandatory for the whole thing to work, and (b) PHP's ftp functions won't
work. This is because although they might be able to change the files'
permissions (given they already have write access to them), but they
will not be able to change the _ownership_, because that's a thing only
root can do. The only way to gain ownership of a file is to delete and
re-create it. And that's what WP-Manage does as soon you make the files
0666 and execute the upgrade routine.

Of course there are solutions like SuPHP (www.suphp.org) and others
which make scripts being executed with the ftp user's uid/gid. But when
you have those this case it's anyway not required to play around with
permissions.

However, I'm always looking for ways to improve my works and skills. So
as I said, all constructive critisism will help me, I'm thankful for any
input. :-)


Best regards
Alex

-- 
Alex Günsche, Zirona OpenSource-Consulting
work: http://www.zirona.com/ | leisure: http://www.roggenrohl.net
PubKey for this address: http://www.zirona.com/misc/ag.ml2007.asc

More information about the wp-hackers mailing list