[pmwiki-users] $PostVars & conditional redirects

Patrick R. Michaud pmichaud at pobox.com
Sun Mar 19 11:17:00 CST 2006

On Sun, Mar 19, 2006 at 11:43:54AM -0500, The Editor wrote:
> Hi all:
> This is a more pressing problem for me. I posted it earlier, but it
> may have gotten lost in the shuffle.
> I'm trying to do some custom login scripts for various sections of my
> site and I have it all looking nice, but I see this mysterious
> "$PostVars" line just above the login form.  Here's my page. (I just
> modified Site.AuthForm).  Any suggestions?

Short answer:  $PostVars is used to make sure that edits aren't lost
when someone is prompted for a password (e.g., after a session times
out).  You can safely ignore it in viewing the page; PmWiki adjusts
it to be the right thing when someone is really being prompted for
a password.

Long answer:  PmWiki uses PHP sessions to keep track of login
credentials.  Unfortunately, PHP sessions have a built-in "timeout",
which is usually around 20 minutes.  What this means is that if someone
is editing a page and takes longer than 20 minutes to submit it
(either for a preview or save), then PHP will have automatically
logged them out while they are editing, so when they submit they're
prompted for the password again.  Of course, you don't want to lose
their edits, so this is what the $PostVars does -- it preserves the
state of their last post in hidden variables in the authorization
form so their changes aren't lost.

> '''$[Password required]'''\\
> Some of my text...
> (:if $AuthId:)More text(:if:)
> (:messages:)
> (:if enabled InvalidLogin:)* $[Name/password not recognized]
> (:if:)
> (:input auth_form:)
> (:if enabled EnableAuthUser:)||$[Name]||(:input text name=authid:)||
> (:if:)||$[Password]||(:input password name=authpw:) (:input submit
> value='OK':)||
> (:input end:)

Looks fine to me.

> Also, how can I do something like
> (:if auth @somegroup:)some text

We don't have a way to do this yet.  I'm trying to decide the appropriate
conditional name to use.

> P.S. I tried (:if ! auth read:)(:redirect Group.Login:)(:if:) as a
> alternate workaround, but it seems to automatically redirect even when
> I am authorized to read. Wasn't conditional redirects added in the new version
> of PmWiki

Yes, conditional redirects are supposed to work, so there must be
something else happening here.  Can you set up a test on pmwiki.org?


More information about the pmwiki-users mailing list