Home General support

Setup.php should be removed after installation

Oceanwatcher Member
in General support
After an installation that went totally problemfree, I checked if it was possible to restart the setup.php script. And it came up again, ready to go. NOT GOOD!

First of all - there should be a detection that tell you ZenPhoto has already been installed. Second - it should say in the documentation that setup.php should be removed after installation.

What other files should be removed?

Comments

  • Chilifrei64 Member
    I agree that it should probably be removed from the directory after install and we should put it in the install instructions. but this (atleast from what I have seen) is really not a big concern. I have re-ran setup and even upgrades on current db's already with comments and other stuff in it and it did not harm my install. The setup only adds the table if it isnt there and the upgrade only updates if it hasnt been updated.. otherwise the setup and upgrade really dont do anything.. once again.. atleast what I can tell
    Beyond that, you still need the password to run the setup.

    but yeah, I would say remove the files incase a security vulnerability comes up...
  • trisweb Administrator
    It does not need to be removed. It is as secure as your control panel, which is actually *more* powerful since it has the capability to add and delete images.

    Dan is right, setup and upgrade really can't do anything harmful to your installation or your server.

    Regardless, they are password-protected and secure, so you don't need to worry about them! You're welcome to remove them if you really want to, but there's no reason even that would make anything more secure... so it's actually NOT BAD! :) Trust me, I know what I'm doing.

    Of course, there should be a detection that checks if the tables are already present and stable just so people know they've already installed and don't think they need to delete any setup files... ;-) I'll add that to the list.
  • Oceanwatcher Member
    Good to know! The usual thing from other software has been to remove it, that is why I was so surprised that there was nothing about this in the instructions.

    Anyway - the install was very easy, upload via ftp a breeze. Things are working. Looking forward to test next release!
Sign In or Register to comment.