Having done this myself in the last several months, My advice is don't do what we did, which is modify the code to permit multiple users. Turns out that's a rabbit hole and will introduce:
code complexity (adding new simple features will often become difficult)
bugs (due to increased complexity)
security problems (a huge amount of time was spent ensuring clients cannot access each other's data)
performance issues (tables with ~5,000 rows will suddenly grow to ~5,000,000 rows. Performance issues that weren't even noticeable suddenly created ~20 second page load times)
If we could do it again our approach would be something like:
Put each client on a subdomain (maybe even allow them to supply their own full domain name), allowing you to have a separate apache virtual host for each one. Buying a license to something like cPanel is worth serious consideration, and investigate how to automate or semi-automate creating new accounts.
Have a separate database for each client. Each with a different database password. This will provide excellent security and excellent performance (all the databases (and their tables) will be small).
It's up to you whether the actual php source code should be shared between all of these clients, or have a separate copy for each one. A global directory for the files is perfectly reasonable, and will make updates easy, while a separate copy will make customisations easier. Perhaps a hybrid is the right approach here.
One day we might even end up tearing out most of the work done in the last six months, to start again with this approach.
At first glance it seems like this will increase server load, but in reality if you have enough clients for load to even be a consideration, then you will want to be able to spread clients across multiple servers. And that's a piece of cake if it's well segregated.
发布评论
评论(1)
我自己在过去几个月中完成了这项工作,我的建议是不要做我们所做的,即修改代码以允许多个用户。事实证明这是一个兔子洞,并且会引入:
如果我们可以再次这样做,我们的方法将类似于:
将每个客户端放在一个子域上(甚至可能允许他们提供自己的完整域名),允许您为每个客户端拥有一个单独的 apache 虚拟主机。购买 cPanel 之类的许可证值得认真考虑,并研究如何自动或半自动创建新帐户。
为每个客户端都有一个单独的数据库。每个都有不同的数据库密码。这将提供出色的安全性和出色的性能(所有数据库(及其表)都会很小)。
实际的 php 源代码是否应该在所有这些客户端之间共享,或者为每个客户端都有一个单独的副本,这取决于您。文件的全局目录是完全合理的,并且将使更新变得容易,而单独的副本将使定制变得更容易。也许混合是正确的方法。
有一天,我们甚至可能会放弃过去六个月完成的大部分工作,重新开始这种方法。
乍一看,这似乎会增加服务器负载,但实际上,如果您有足够的客户端来考虑负载,那么您将希望能够将客户端分散到多个服务器上。如果隔离得很好,那就小菜一碟了。
Having done this myself in the last several months, My advice is don't do what we did, which is modify the code to permit multiple users. Turns out that's a rabbit hole and will introduce:
If we could do it again our approach would be something like:
Put each client on a subdomain (maybe even allow them to supply their own full domain name), allowing you to have a separate apache virtual host for each one. Buying a license to something like cPanel is worth serious consideration, and investigate how to automate or semi-automate creating new accounts.
Have a separate database for each client. Each with a different database password. This will provide excellent security and excellent performance (all the databases (and their tables) will be small).
It's up to you whether the actual php source code should be shared between all of these clients, or have a separate copy for each one. A global directory for the files is perfectly reasonable, and will make updates easy, while a separate copy will make customisations easier. Perhaps a hybrid is the right approach here.
One day we might even end up tearing out most of the work done in the last six months, to start again with this approach.
At first glance it seems like this will increase server load, but in reality if you have enough clients for load to even be a consideration, then you will want to be able to spread clients across multiple servers. And that's a piece of cake if it's well segregated.