Patrick_Taylor - 11:40 pm on Jan 20, 2013 (gmt 0)
The admin has to be able to write files from a form on a password protected page. It's the only way my CMS can work. If someone hacks past the password protection they can delete the whole website, I realise that (the same applies to WordPress). What I am trying to understand is whether a valid user will always be able to write new files to the server without setting up any special permissions.