[Pmwiki-users] extreme passwords

Patrick R. Michaud pmichaud
Thu Mar 25 22:03:09 CST 2004


On Wed, Mar 24, 2004 at 11:06:45PM +0100, Ruediger Marwein wrote:
> 
> I encoutered a problem when using read and write passwords at the same time.
> read for normal people and write for admins. globally, by using session-auth

You're correct that this behavior is pathological and probably needs
to be changed.  This was discussed a little bit back in January, with
me suggesting that perhaps the read password should simply be a form
of "access" password that is required whenever no other password has
been supplied.

> Also relying on this: What happens if I [[include]] pages which have 
> different read passwords than the current page and (to let it explode) have 
> a SideBar which is also read-protected on the same page, too.
> The function seems to be run three times. So what happens?

For [[include:]] pages the last parameter to RetrieveAuthPage is set to 
"false", which essentially says "don't prompt for a password".  If
the user has supplied credentials that allow access to the included
page, fine, otherwise the [[include:]] is replaced with an empty string.

Pm



More information about the pmwiki-users mailing list