[pmwiki-users] Password protect page with editors' password action

Alex Eftimiades alexeftimiades at gmail.com
Sun Jul 15 16:28:32 CDT 2012


Problem solved. I was logged in as an editor. I needed to be logged in  
as attr. I changed that and will add an if (CondAuth...) around the  
inside of the handler.
Thanks so much for your help. I plan to touch this up and publish it  
as a cookbook tonight. I would it be OK if I site you? You played at  
least as much a role as I.
Alex

On Jul 15, 2012, at 2:11 PM, Peter Bowers wrote:

> ---offlist---
>
> Check carefully what's actually happening - it protected AND
> unprotected without difficulty on my system before I sent it to you...
>
> Try viewing your page files with a text editor and look for the
> "protected:" and the "passwdread:" lines to see what's actually
> happening behind the scenes...
>
> -Peter
>
> On Sun, Jul 15, 2012 at 7:56 PM, Alex Eftimiades
> <alexeftimiades at gmail.com> wrote:
>> Thanks a lot for the script. I was trying to debug it. It does  
>> switch to
>> protected mode, it just does not seem to switch back. I am going to  
>> continue
>> to work on this, and keep you posted on the updates. I found that  
>> you can
>> replace crypt('test') with '@_site_edit' and get the desired result  
>> of
>> password protecting a page with the editors password. It does not  
>> however
>> switch back to unprotected mode. Worst case scenario might be to  
>> have two
>> buttons: Protect and Unprotect. However, in that case editors would  
>> have no
>> way of knowing if a page was protected or not without logging out.  
>> It seems
>> like there ought to be a way to do this.
>>
>> Like I said, I will continue to work on this, and gladly publish a  
>> cookbook
>> if it works out.
>>
>> Thanks for the help, and let please keep me posted if you can make  
>> any
>> progress,
>> Alex
>>
>>
>>
>> On Jul 15, 2012, at 1:36 PM, Peter Bowers wrote:
>>
>>> On Sun, Jul 15, 2012 at 12:53 AM, Alex Eftimiades
>>> <alexeftimiades at gmail.com> wrote:
>>>>
>>>> I have been trying to make a button that password protects a page  
>>>> with
>>>> the
>>>> editors' password, or un-protects it if it is already protected.
>>>>
>>>> I tried putting this at the bottom of config.php, but it just  
>>>> seemed to
>>>> mess
>>>> up my pages:
>>>> $HandleActions['switchauth'] = 'switchauth';  # if url contains
>>>> action=myaction call HandleMyAction timely
>>>> $HandleAuth['switchauth'] = ' ';              # authorization  
>>>> level $auth
>>>> for HandleMyAction
>>>>
>>>> function switchauth($pagename, $auth) {     # parameters  
>>>> (signature) of
>>>> handler function required by PMWiki
>>>> #  Lock(2);
>>>> $pagestuff = RetrieveAuthPage($pagename, 'attr', false);
>>>> $old=$pagestuff;
>>>> if($pagestuff['protected']==true){
>>>>   $pagestuff['passwdread'] = 'test';
>>>>   $pagestuff['protected']=false;
>>>> }
>>>> else{
>>>>   $pagestuff['passwdread'] = 'test';
>>>>   $pagestuff['protected']=true;
>>>> }
>>>> UpdatePage($pagename, $old, $pagestuff);
>>>> Redirect($pagename);
>>>> #  Lock(0);
>>>> }
>>>>
>>>> Can someone please help me?
>>>
>>>
>>> Try this:
>>>
>>> ===(snip)===
>>> $HandleActions['switchauth'] = 'switchauth';  # if url contains
>>> action=myaction call HandleMyAction timely
>>> $HandleAuth['switchauth'] = 'attr';              # authorization  
>>> level
>>> $auth for HandleMyAction
>>>
>>> function switchauth($pagename, $auth) {     # parameters (signature)
>>> of handler function required by PMWiki
>>>   Lock(2);
>>>   $pagestuff = RetrieveAuthPage($pagename, 'attr', false);
>>>   $old=$pagestuff;
>>>   if($pagestuff['protected']=='true'){
>>>       // (Ideally we would strip out the exact passwd rather than
>>> blanking
>>>       //  the whole thing.)
>>>       $pagestuff['passwdread'] = ''; // set it to no passwd (loses
>>> any other passwd - sorry)
>>>       $pagestuff['protected']='false';
>>>       #echo "DEBUG: UNprotecting<br>\n";
>>>   } else {
>>>       // (Ideally we would append the passwd rather than replacing  
>>> what
>>> may
>>>       //  have existed before.)
>>>       $pagestuff['passwdread'] = crypt('test');
>>>       $pagestuff['protected']='true';
>>>       #echo "DEBUG: Protecting<br>\n";
>>>   }
>>>   UpdatePage($pagename, $old, $pagestuff);
>>>   #echo "DEBUG: Updated<br>\n";
>>>   Redirect($pagename);
>>>   Lock(0);
>>> }
>>>
>>> $FmtPV['$protected'] = 'PageIsProtected($pagename,"edit")';
>>> function PageIsProtected($pagename, $level)
>>> {
>>> global $PCache, $PasswdVarAuth, $FmtV;
>>> $page = $PCache[$pagename];
>>> if (!isset($page['=passwd'][$level])) {
>>>   $page = RetrieveAuthPage($pagename, 'ALWAYS', false,  
>>> READPAGE_CURRENT);
>>>   if ($page) PCache($pagename, $page);
>>> }
>>> $protected = @$page['protected']; // either "true" or something else
>>> return ($protected);
>>> }
>>>
>>> ===(snip)===
>>>
>>> Note that if someone sets another password on a page (pmwiki allows
>>> multiple passwords) and then this action is used on that page then  
>>> the
>>> additional password will be lost.  I've referred to that problem in
>>> the comments -- not a big deal to fix, but I don't remember if a  
>>> space
>>> or something else is the separator between multiple passwords.
>>>
>>> Since you've got the convenient $page['protected'] in there I went
>>> ahead and used that to set the {$protected} PV and used it in
>>> Site.PageActions like this (accesskey is pretty non-standard):
>>>
>>> ===(snip)===
>>> (:if auth attr:)
>>> * %item rel=nofollow class=switchauth accesskey="s"%
>>> [[{*$FullName}?action=switchauth | (:if1 equal {$protected} "true":)
>>> Unprotect (:else1:) Protect (:if1end:) ]]
>>> (:ifend:)
>>> ===(snip)===
>>>
>>> If this ends up working for you, please publish it as a recipe in  
>>> the
>>> cookbook -- it seems like something that someone else may be able to
>>> use in various contexts...
>>>
>>> -Peter
>>
>>




More information about the pmwiki-users mailing list