Following the events at MtGox I was thinking if it wasn't a good idea to create a Panic Button in the admin area so the site can be shutdown methodically and checked for leaks afterwards.
For this I would start by creating a table, let's say "system" (name it whatever you want), with 2 fields: key - varchar(8) Primary key / value - tinyint(1) default 0
Add to that table 'halt',0
Create a static html page to tell your visitors your site is halted, like system_halted.html
Right after your mysql_select_db perform the following check:
<?php
$q = mysql_query("SELECT `value` FROM `system` WHERE `key` = 'halt'");
$r = mysql_fetch_assoc($q);
if($r['value'] == 1){
header("Location: system_halted.html");
exit();
}
?>
In the event of danger then call this function (adjust it accordingly to your system configuration):
<?php
function panic_button(){
//Uncomment the line bellow if you use monit to check for bitcoind
//exec("/etc/init.d/monit stop &");
//Stop bitcoind
exec("/path/to/bitcoind/bitcoind stop &");
//You can add here some commands you may wish to perform along
//exec("mv ~/.bitcoin/wallet.dat /some/other/place/");
mysql_query("UPDATE `system` SET `value` = 1 WHERE `key` = 'halt'");
}
?>
Note, this is just a rough sketch, the user httpd under which php runs probably have no permissions to stop services or move wallets, so you probably would need to call another script able to sudo, and the bitcoind stop could be performed using a post request from the localhost.
The whole idea is to develop a system halt that can be easily triggered and perform all halt functions at once, starting by saving the coins (mysql junk you can undo after, bitcoin transactions once in the blockchain no).