[pmwiki-users] read password information leak
Neil Herber
nospam at mail.eton.ca
Mon Mar 7 12:10:35 CST 2005
At 2005-03-07 11:51 AM -0600, Patrick R. Michaud is rumored to have said:
>I think that if this much security is needed, then the site admin
>should probably look to limiting access to refcount.php or using a
>farm/field. That said, I suppose I could write refcount to honor
>the $EnablePageListProtect variable, but this really opens the
>door to some confusing results.
Geez ... I should read first, then type!
Farmconfig now has:
if ($action == 'refcount')
include_once("$FarmD/scripts/refcount.php");
So I suspect the solution for me is
if ($action == 'refcount' and @$_SERVER['REMOTE_USER'] == 'Neil')
include_once("$FarmD/scripts/refcount.php");
Not sure of the exact syntax ...
Neil
Neil Herber
Corporate info at http://www.eton.ca/
Eton Systems, 15 Pinepoint Drive, Nepean, ON, Canada K2H 6B1
Tel: (613) 829-4668
More information about the pmwiki-users
mailing list