Once your application is complete, or even before that you’ll want to deploy it. There are a few things you should do when deploying a CakePHP application.
If you’re throwing your application out into the wild, it’s a good idea to make sure it doesn’t have any leaks. Check the Security to guard against CSRF attacks, form field tampering, and others. Doing Data Validation, and/or Data Sanitization is also a great idea, for protecting your database and also against XSS attacks. Check that only your webroot directory is publicly visible, and that your secrets (such as your app salt, and any security keys) are private and unique as well!
Setting the document root correctly on your application is an important step to keeping your code secure and your application safer. CakePHP applications should have the document root set to the application’s app/webroot. This makes the application and configuration files inaccessible through a URL. Setting the document root is different for different webservers. See the Advanced Installation documentation for webserver specific information.
Updating core.php, specifically the value of debug is extremely important. Turning debug = 0 disables a number of development features that should never be exposed to the Internet at large. Disabling debug changes the following types of things:
In addition to the above, many plugins and application extensions use debug to modify their behavior.
There are a few ways you can configure multiple applications to use the same CakePHP core. You can either use PHP’s include_path or set the CAKE_CORE_INCLUDE_PATH in your application’s webroot/index.php. Generally using PHP’s include_path is easier and more robust. CakePHP comes preconfigured to look on the include_path as well so it’s simple to use.
In your php.ini file, locate the existing include_path directive, and either append to it or add an include_path directive:
include_path = '.:/usr/share/php:/usr/share/cakephp-2.0/lib'
This assumes you are running a *nix server, and have CakePHP in /usr/share/cakephp-2.0.
ln -s app/Plugin/YourPlugin/webroot/css/yourplugin.css app/webroot/css/yourplugin.css