Limiting Smarty Template File Access


Web Designer Access With Smarty Templates

One of the main reasons you may have chosen the Smarty template engine with PHP is that you want to separate the logical coding from the design coding. For example, the logic may be coded by your trusted developer, but, you want the flexibility with your options for the web design. Since you may outsource the design work to one or more people, your system could adapt into one for which you would limit file access to each individual with restricted access.

Smarty templates is perfect for this situation since you could create a folder with the file permissions of 750 for the designer. With Linux, it is done with the simple command chmod 750 myfolder. These permissions mean that the designer can edit and upload files, but, the files will not run in the browser because the 'world' does not have this permission.

However, the logic '.php' file that exists in another can be executed in the browser and will be in a folder with the usual, adequate permissions of 755; which is the default for any new folder you create in a public_html directory or www. With that said, Smarty will compile the templates as you expect and you will see the output you would expect.

Checklist:
Logic Coder(.php files): 755
Design(.tpl) files: 750

Now that you have made arrangements for the designer to have designated folders for which to keep working files, you could run a simple cron job to track any changes that have occured in the folders. This way, you can keep tabs on work progress and security. You could use a tool to view the changes from previous work too.

Regardless of all the arguments about using a template engine like Smarty, separating logical coders from designers is one large benefit that can have multiple advantages for increasing productivity and file security. If everything you read thus far in this article is not enough to convince you of Smarty's advantages, I will add a few more examples where it can have value.

Case #1 Outsourcing Design

From a web development point of view, more than 90% of all websites are completed by a company within 80 km. This number was published in the 'Web Design Business Kit' from Sitepoint. This means, being local has its advantages since people want to be close to those who do their work.

Now, for the advantage. There are many new companies who come and go in the web design business and many low-balling companies that work on the cheap. With this mind, you can remain competitive by coding high performance web pages and applications, while outsourcing the design work. Now, you can maintain a high performance website while cutting costs on design.

Case #2 SEO

Now that a project is up and running, you always have the option to outsource the SEO work to another person or company; especially if the modifications are made within the '.tpl' files.