[pmwiki-users] identify current authorization level

Thu Aug 3 14:03:22 CDT 2006

On 8/3/06, Henrik Bechmann <henrik at bechmannsoftware.com> wrote:
>
>  Patrick,
>
>
>  >>Try turning $EnableIMSCaching off and see if the $isEditAuthorized
> appears correctly.
>
>  Yes that works.
>

The best way to catch an action is to register your own handler for
it. Please have a try with the following (untested) code:

$HandleActions['logout'] = 'MyLogoutHandler';

function MyLogoutHandler($pagename, $auth = 'read') {
  global $EnableIMSCaching;
  $EnableIMSCaching = 0;
  HandleLogoutA($pagename, $auth); # call the legit handler
}

Regards,
Dom

>  I also tried the following (with $EnableIMSCaching set to true or false):
>
>  if (isset($_GET['action'])) $useraction = $_GET['action'];
>  elseif (isset($_POST['action'])) $useraction = $_POST['action'];
>  else $useraction = 'none';
>  echo 'useraction='. $useraction;
>  if ($useraction=='logout') {
>   $EnableIMSCaching=0;
>  }
>
>  I use $useraction because $action seems to be set to 'browse' a lot, and I
> was trying to get behind it.
>
>  But, this code never sees the "logout" value (or at least it never gets
> echoed, even with $EnableIMSCaching set to false), presumably because of the
> redirect generated by the logout action. Not sure it would work anyway
> without clearing the browser cache first. But is there some way of
> determining that the redirect came from a logout, and forcing a refresh?
>
>  I'm using Firefox, but the solution would have to be cross browser
> compatible.
>
>  Also, for future reference, a side effect of something
> (include_once('local/config.php')??) is that the author
> name is being lost between edit states, so the user has to re-enter it all
> the time -- not true before (I have $EnablePostAuthorRequired = 1;) [I'm
> just working in a test environment of course]. I'm presuming that if nothing
> else I could jam all this into a function and call it from the template, so
> as to allow config.php to be called after farmconfig.php. But that's for
> later...
>
>  Is my quest here legitimate?
>
>
>  - Henrik
>
>  Henrik Bechmann
> www.osscommons.ca
> www.bechmannsoftware.com
> Webmaster, www.dufferinpark.ca
>
>
>  Patrick R. Michaud wrote:
>  On Thu, Aug 03, 2006 at 01:00:45PM -0400, Henrik Bechmann wrote:
>
>
>  I have the sequencing figured out.
>
>  Here's my code in farmconfig:
>
>  include_once('local/config.php');
>  $pagename = ResolvePageName($pagename);
>  $isEditAuthorized = (boolean)RetrieveAuthPage($pagename,
> 'edit', false,
>  READPAGE_CURRENT);
>  echo ' value='.$isEditAuthorized;
>
>  I think there may be two problems.
>
>  1. I'm not using (and don't want to use) authuser.php. My author group is
>  quite content with the simple base password protection.
>
>  Excellent -- I think running without authuser.php is better in general. So,
> that's one less thing to worry about.
>
>
>
>  2. $isEditAuthorized still returns true *after* logout (&action=logout)
>  per the above echo statement. [...] I'm just finding that clearing the
>  browser's cache fixes that, but I don't understand why, and I can't ask my
>  users to clear their browser cache whenever they logout. Is the echo of
>  $isEditAuthorized returning true because the echo is part of a cache, when
>  in fact $isEditAuthorized is false on the server?
>
>  I'm pretty sure you're seeing the browser's cached version of the page,
> before the logout occurred. On the server $isEditAuthorized is certainly
> false.
>
>
>
>  I have $EnableIMSCaching=1; in my farmconfig.php so that page location is
>  preserved when the user returns to a page.
>
>  Aha, this is very likely the issue. ?action=logout is issuing the redirect,
> and the browser thinks it already has the page in its cache and displays
> that one (i.e., the one before the logout). Try turning $EnableIMSCaching
> off and see if the $isEditAuthorized appears correctly. If that works,
> then maybe we can find a way to get ?action=logout to work with IMS caching.
>
> Also, what browser are you using? Both IE and Mozilla/Firefox have their
> own little caching quirks.
>
> Pm
>
>
>
>
>