[pmwiki-users] Protecting other actions... userauth, etc.

Patrick R. Michaud pmichaud at pobox.com
Wed Jul 20 13:20:41 CDT 2005


On Wed, Jul 20, 2005 at 12:23:28AM -0500, Chris Cox wrote:
> My main motivation is concealing the Author information.  I have already
> renamed RecentChanges and AllRecentChanges to obfuscate those, but
> I'd like to protect diff or anything else that might reveal the
> usernames used on the system.

Starting with 2.0.beta50 (just released), you can do:

   $HandleAuth['diff'] = 'edit';

to require edit permissions in order to view the page history.

In previous versions of PmWiki (prior to 2.0.beta50), you can do:

   if ($action=='diff') {
     $page = RetrieveAuthPage($pagename, 'edit', true, READPAGE_CURRENT);
     if (!$page) Abort('?unauthorized');
   }

and get basically the same effect.

> Ideally, I'd love to be able to password protect
> RecentChanges, AllRecentChanges and action=diff... possibly
> some others.
> 
> Any hints?

RecentChanges and AllRecentChanges are just normal wiki pages,
so you can protect them using ?action=attr, same as any other
page.

Pm




More information about the pmwiki-users mailing list