[pmwiki-users] Cookbook path

DaveG pmwiki at solidgone.com
Sun Feb 10 18:43:32 CST 2008



Petko Yotov wrote:
> In most installations, the /cookbook/ directory is read-protected: 
> cannot and should not be accessed from the internet. It is a security 
> risk to have this directory world-readable. I believe even PmWiki places 
> there a .htaccess file denying the access.
Hmm, I didn't quite realize that. I'm creating a new edit icon bar, so 
the cookbook requires some images, which I'd put into a sub-directory 
inside cookbook, to make installation by the user easier. If that's 
still a security risk, then I guess the install will need to include 
extracting to the cookbook directory, and probably the pub directory.

> Should you access your script from the url, try to use a $HandleActions 
> variable:
> 
> $HandleActions['foo'] = 'MyFooFunction';
> function MyFooFunction($pagename, $auth="admin")
> {
>   $page = RetrieveAuthPage($pagename,$auth,1, READPAGE_CURRENT);
>   # here your code
>   echo $result;
> }
> 
> Now, if you call your page with: http://site/pmwiki.php?action=foo
> then the function MyFooFunction() will be executed.
I don't need this for this cookbook, but I did wonder how to do it, 
thanks! :)



More information about the pmwiki-users mailing list