[pmwiki-devel] UpdatePage question / wiki permissions & security
Patrick R. Michaud
pmichaud at pobox.com
Mon Nov 27 09:04:22 CST 2006
On Mon, Nov 27, 2006 at 08:16:55AM -0500, Crisses wrote:
> Does UpdatePage check for whether the current user has edit
> permissions on a page?
No. The idea is that the script calling UpdatePage will have
already done that.
> If not, what would the procedure be?
# change 'false' to 'true' if you want a password prompt
$page = RetrieveAuthPage($pagename, 'edit', false)
if (!$page) { Abort("You don't have permission to edit $pagename"); }
# create the new page to be saved
$new = $page
$new['text'] = 'new text';
# Update the page
UpdatePage($pagename, $page, $new);
> What are the procedures for checking permissions?
Either use RetrieveAuthPage() as above, or CondAuth()
if a simple permission check is all that is needed:
if (!CondAuth($pagename, 'read')) {
## browser doesn't have read permissions
## ....
}
> I'd like to add the correct information to
> the Cookbook/DebuggingForCookbookAuthors page.
That'd be great, thanks!
Pm
More information about the pmwiki-devel
mailing list