[pmwiki-users] password prompt problems perplex people - redux

Neil Herber nospam at eton.ca
Sun Mar 26 18:36:41 CST 2006


At 2006-03-26  02:31 PM -0500, The Editor is rumored to have said:
>Neil, this may be overly simplistic, and not what you want, but
>couldn't you just say something like
>
>(:if authid:)Current password not authorized for this action...
>(:if ! authid:)You must login to do this action...(:if:)

Hi Caveman

It's a good thing you don't smoke because you missed out on another cigar.

Authid contains the authenticated logon name - that is, the name part 
of a unique username/password pair. One way to set Authid is by using AuthUser.

But in my case, there is a shared read and a shared edit password and 
no username is required. In other words, I am not authenticating the 
users, I am just making sure they know the password appropriate for 
the action they are performing. And that is the problem - I can't 
think of a way to test the action they are requesting against the 
"kind" of passwords they have already supplied, because PmWiki 
doesn't associate a password with a particular action.

If I could test the passwords they had supplied for previous actions 
in the same session, I could do a test like this:

(:if [password=shared_read_password and 
password=shared_edit_password]:) then you need a better password for 
the action you are trying, so prompt for an admin password ...


Neil

Neil Herber
Corporate info at http://www.eton.ca/
Eton Systems, 15 Pinepoint Drive, Nepean, ON, Canada K2H 6B1
Tel: (613) 829-4668 





More information about the pmwiki-users mailing list