Protected Content Directory - acli/ATutor GitHub Wiki
ATutor’s Protected content directory feature, mentioned in Step 4 in the installation wizard, refers to placing its “content” directory outside of its document root and accessing the contents in that directory through get.php via a PATHINFO element. Unlike WordPress and Mediawiki, ATutor’s get.php supports only PATHINFO; there is no alternative syntax to access the protected content via a query term.
There is scant information on what ATutor’s “protected content directory” is, or what will cause ATutor’s installer to conclude that “protected” content directories are not supported. Searching on Google only turns up references to symbolic links, SSL, or Windows; none of these applied to my setup.
Delving into my logs and into the code finally shed some light onto the matter, and in my specific case involved a three-way nginx–PHP–ATutor interaction that the ATutor developers never considered.
One thread mentioned get.php, but the explanation turns out to be technically incorrect. In a sense, this points out to a serious lack of documentation as the source of the real problem.
The installer checks for this support by calling get.php as “get.php/?test” and checking if get.php receives the “test” query term. As removing the slash (so that get.php gets called as “get.php?test”) make the “test” pass, this boils down why the slash is in the test. There were two possibilities:
- The / was never intended; this was a typo.
- The / was intended and is there specifically to check for PATHINFO support.
The implications of this finding is that ATutor’s “protected content directory” feature is the same as PATHINFO support. So making sure that ATutor uses a “protected content directory” is the same thing as making sure that the webserver used supports PATHINFO.
When people see the mysterious “It has been detected that your webserver does not support the protected content directory feature” message, they are not likely to find any useful information on the problem, and since the root cause is unknown, they are unlikely to find any solutions. Knowing that “the protected content directory feature” is in fact PATHINFO will help people immensely on running ATutor on non-Apache and/or non-Unix-based systems.
This lack of information extends to the code level, as I originally thought the test URL was wrong. Strategically placed comments that actually mentions the reasons for certain actions helps other people immensely.
In addition, the developers should consider providing ways to enable the “protected content directory” feature other than the use of PATHINFO.