[pmwiki-users] detecting default password changed
adam overton
a at plus1plus1plus.org
Fri Aug 22 20:39:34 CDT 2008
great
figured there may be some other concerns.
for my situation, luckily i just need a helpful tip for those new to
the site, nothing more, so 95% should do the trick...
thanks!
adam
On 22 Aug 2008, at 3:47 AM, Peter Bowers wrote:
> On Fri, Aug 22, 2008 at 10:28 AM, adam overton
> <a at plus1plus1plus.org> wrote:
>> i noticed that when a user creates a new group, the group
>> attributes page
>> doesn't exist yet -- it's only created once the user goes to
>> change the
>> password and clicks 'save'...
>> so i'm guessing (:if exists Group.GroupAttributes ... should work...
>> that almost seems too easy though... anyone foresee any problems
>> with that
>
> It would give you a high percentage of accurate "hits" but there are
> many different ways that checking for the existence of this page could
> result in something OTHER than what you are looking for:
> (1) Someone sets the password and then clears the password - page
> still exists but no password
> (2) Someone sets the password to the same as the site-wide one (this
> is going to be a problem in any case)
> (3) Someone sets the read password or the upload or the attr password,
> but the edit password is not set. (Does read cascade to edit at the
> group level first or does pmwiki look for a site edit password before
> it cascades? Not sure...)
> (4) What you've described here doesn't look at all into the
> possibility of a page-level password rather than a group-level
> password.
> (5) Potentially others as well...?
>
> So if you're looking for a 95% sure solution then checking existence
> is probably enough. And that may be good enough if all you're doing
> is giving a helpful message to remind users. If you are looking for
> 100% then you probably need to keep looking...
>
> -Peter
More information about the pmwiki-users
mailing list