[TYPO3-hci] BE vs FE

Waldemar Kornewald wkornew at gmx.net
Mon Jul 31 21:23:38 CEST 2006 

On 7/31/06, Bernhard Kraft <kraftb at kraftb.at> wrote:
> > I don't really get what the advantage of this separation is. It makes
> > everything more complicated, but for what reason? Security? Add a
> > simple flag (other CMSes already do this). What else?
>
> If you mean why BE and FE user records are separated: That's an not so easy question.

Yep, that was what I meant. I fully understand that the backend is
only for admins, but why those different user records? This makes it
impossible to simply grant an existing FE user BE access and the UI
separates FE and BE users too much.

> there are many extension programmers which do not know about SQL-injections and do not
> properly escape values which are taken from GET or POST vars ...
>
> so when there would exist a table febe_users compared to fe_users and be_users currently and
> it would have a flag "is_beuser" and you would have an extension with a statement like:
> [...]
> then he could easily become a BE user.

Well, a role or group could do. Roles are in a different table and
normally, an end-user accessible plugin won't manipulate roles. So,
it's really strange why this separation was done. Would it be very
difficult to revert this for V4.5? Our project really needs one single
user DB and since the separation is unnecessary this should be
removed, anyway.

> For me TypoScript templates are the central concept :)
>
> Pages are just plain containers ... you can't switch any behaviour using
> them - except creating hierachial structures ... the real magic happens in
> TypoScript - believe me :)

Somehow I have my doubts when I read the word "Script"... :)

> > I understand that a page tree is a nice abstraction, but manipulating
> > your site in-place is even better because there is no need to abstract
> > anything.
>
> Again: See FE-Editing topics.

Well, as I said in a later mail, I'm not totally against BEs because
FE-editing requires special skins and complicates skin development
significantly.

> > Also, the current "items" concept (page list-view) is nice,
> > but isn't normally a plugin needed to store items?In many cases it's
> > probably better to allow plugins to add special actions to the website
> > (when logged-in) and let plugins manage items. For example the news
> > plugin could add a "manage news" button and take care of all news
> > items. Where this data is actually stored should not be exposed to the
> > user, but you should still be able to say that your news plugin should
> > use the same data store as the news plugin on some other page (so you
> > can have a news summary on the front page and a separate archive
> > page).
>
> Do you mean that every extension should be able to add it's own buttons to
> the page-module (or the FE in your case) - I hope you do not expect that
> every extension brings it's own listing modules for records it uses with
> it ... this would be a lot of redundancy.

Please take a look at Skeletonz. It does what I'm talking about and it
doesn't seem to introduce a  lot of redundancy. Unfortunately,
Skeletonz is not mature and professional enough and it requires a VPS
or dedicated server to run (like Zope...). We want something that has
simple hosting requirements.

> I find your ideas quite interesting but I think the BE should stay a major part
> of TYPO3 - pherhaps more attention should be brought to FE editing and it should be
> improved in some ways to make it more adoptable to each specific situation (it had to
> change some parts of the core for myself to get it working like I wanted to :( )

Indeed, FE editing could be improved, but I'm not a friend of all
those little buttons that appear on every page. I prefer if you can
use your login to access certain site sections (e.g.: the admin-only
section with ideas, non-public documents, and so on...). Having a page
with lots of buttons is disturbing. Some CMSes have one button which
can turn all those extra buttons off and on.
Hmm, you should also be able to quickly switch between FE and BE for
the currently opened page, so FE and BE get more connected. IMHO, they
are too separated.

Bye,
Waldemar Kornewald

More information about the TYPO3-team-hci mailing list