Search results
Simple SAML
This plugin allows users to log on to ResourceSpace using a SAML compliant single sign-on (SSO) Identity Provider (IdP)
Coding standards v1.3
The article provides coding standards for developers working on the ResourceSpace project. The standards cover various aspects of coding, including security, documentation, functionality, PHP version, MySQL strict mode, backward compatibility, file format, coding style, indentation, line length, control structures, function calls, function definitions, MySQL statements, readability of code blocks, returning early, and avoiding cross-site scripting vulnerabilities. The article emphasizes the importance of security and encourages developers to familiarize themselves with the OWASP guidelines, particularly the OWASP Top Ten. The article also provides guidelines for documentation, function calls, function definitions, and MySQL statements. The article recommends using Whitesmiths style indentation, using spaces to indent, not tabs, and using ASCII character LF to mark line ends. The article also recommends using generateURL() function to reduce the risk of cross-site scripting vulnerabilities.
The Complete Guide to Developing Your Brand Guidelines
Your brand characterises your business. Without it, your products and services become indistinguishable from those offered by competitors.
Access control
The article discusses access control and how it enforces policies to prevent users from acting outside of their intended permissions. Failures in access control can lead to unauthorized information disclosure, modification or destruction of data, or performing a business function outside of the limits of the user. The authentication process is handled by including the /include/authenticate.php file on every page that needs to be available to authenticated users. ResourceSpace provides access control using a group membership mechanism where a user can belong to only one user group at a particular point in time. Each user group has permissions to different parts/functions of the system, such as edit/view fields and download resources. The low-level function used to verify if a user has a particular permission is checkperm($perm).
Frequently Asked Questions (FAQs)
The most frequently asked questions about ResourceSpace, the free and open source Digital Asset Management system.