[pmwiki-users] Author cookies

Henrik Bechmann henrik at bechmannsoftware.com
Sat Aug 12 00:45:33 CDT 2006


Just to confirm,

I find that adding

$LogoutCookies = array_diff($LogoutCookies, array($AuthorCookie));

to farmconfig.php preserves the author name between sessions for all users.

But per my previous message, I think the ideal solution would be to give 
each user the choice with a checkmark (also preserved in the cookie) 
beside the name field of the edit form (and an accompanying 
$EnableCheckMarkToPreserveAuthorNamesBetweenSession -- well, maybe 
something a little shorter<grin>).

One man's opinion.

Thanks for the tip!!

All the best,

- Henrik

Henrik Bechmann
Webmaster, www.dufferinpark.ca

Patrick R. Michaud wrote:
> Reply-To: 
> In-Reply-To: <44D66848.3060303 at bechmannsoftware.com>
> [Subject was: Working solution for CMS style interface with IMS caching]
> On Sun, Aug 06, 2006 at 06:08:08PM -0400, Henrik Bechmann wrote:
>> All of this works as expected in Internet Explorer. The Firefox cache is 
>> not as responsive however, and requires special procedures. Also, it 
>> turns out that PmWiki deletes the Author Name cookie with the logout 
>> operation (which I do not think is desirable in most situations).
> Actually, it is desirable, and arguably it's the only correct
> answer.  PmWiki is used in a large number of laboratory and classroom
> environments, where multiple people end up using the same machine
> to access a common wiki on a daily basis.  In these situations,
> people think of "logout" as meaning "remove my association with
> this particular terminal" -- including their author name.  
> In fact, many people would be very surprised if the "logout" action 
> *didn't* cause their author name to be removed from the forms;
> "logout" should mean "I'm no longer here."  Indeed, this is one
> of the reasons ?action=logout was originally created...to provide
> an easy way to clear the author cookie.
>> 2. IMHO the Author Name (as opposed to ID) should never be removed from 
>> the cookie. It is not a security feature, but rather a convenience for 
>> the author, such that he/she doesn't have to keep adding his/her name 
>> from the same computer all the time (when $EnablePostAuthorRequired = 
>> 1). 
> It's even more inconvenient for an author to try to remove his/her
> name from a machine if ?action=logout doesn't do it.
> Still, if the admin doesn't want ?action=logout to remove the
> author cookie, then use:
>     include_once('scripts/author.php');
>     $LogoutCookies = array_diff($LogoutCookies, array($AuthorCookie));
> which means that ?action=logout won't remove the author cookie.
> If there's enough people who think that author cookies should
> survive ?action=logout, we can create a special $Enable... variable
> for it, otherwise I'll simply cite the above code as a potential
> recipe.
> Pm

More information about the pmwiki-users mailing list