Bump ... PM? Anyone?<br><br>---------- Forwarded message ----------<br><span class="gmail_quote">From: <b class="gmail_sendername">Tegan Dowling</b> <<a href="mailto:tmdowling@gmail.com">tmdowling@gmail.com</a>><br>
Date: Apr 28, 2007 4:05 PM<br>Subject: uploads security vs PmWikiDraw<br>To: PmWiki Users <<a href="mailto:pmwiki-users@pmichaud.com">pmwiki-users@pmichaud.com</a>><br><br></span>I typically secure uploads to my wikis by using the method, described on the page
<a href="http://www.pmwiki.org/wiki/Cookbook/SecureAttachments" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.pmwiki.org/wiki/Cookbook/SecureAttachments</a>, which uses an .htaccess file in the uploads/ directory, with the following two lines:
<br> Order Deny,Allow<br> Deny from all<br><br>and then the following in local/config.php:<br> $EnableDirectDownload = 0;<br><br><br>I find this conflicts with the use of the (wonderful!) PmWikiDraw recipe.
<a href="http://www.pmwiki.org/wiki/Cookbook/PmWikiDraw" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.pmwiki.org/wiki/Cookbook/PmWikiDraw</a>.<br><br>When I create a drawing <br>(named "drawingname" on a page in the wikigroup
<a href="http://www.myaddress.com/uploads/ExampleGroupname" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://www.myaddress.com/uploads/ExampleGroupname</a>), <br>the java drawing applet displays a warning:<br>Error:java.io.IOException:Server returned HTTP response code: 403 for URL: <a href="http://www.myaddress.com/uploads/ExampleGroupname/drawingname.draw" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://www.myaddress.com/uploads/ExampleGroupname/drawingname.draw</a><br><br>And although I can create the drawing, and it does save and upload successfully, it won't display the image -- I guess because the recipe doesn't use the display syntax ?action=download&upname=
file.ext ?<br><br>If I change local/config.php: to <br>
$EnableDirectDownload = 1;<br><br>and I remove the .htaccess file from the uploads/ directory, then the PmWikiDraw works ok.<br><br>SO is there some way that I can have both? Could I make $EnableDirectDownload = 1; conditional on the wikigroup I'm working in, AND somehow get the .htaccess file to be ignored there as well?
<br><br>Ideas?<br>