01143: using CondAuth in config.php allow edit rights
Description:
Hello,
I suspect finding a bug
When I write :
if (CondAuth($pagename,'edit')) { blabla }$DefaultPasswords['edit'] = crypt(password);
I don't need password to edit the pages !
When I write only :
$DefaultPasswords['edit'] = crypt(password);
or
$DefaultPasswords['edit'] = crypt(password); if (CondAuth($pagename,'edit')) { blabla }
then I need password to edit the pages... that seems to be ok.
I desactive my farmconfig.php and all in the config.php either this 1 or 2 lines
I don't explain that ! Is it a bug ?
Thanks for pmwiki
Yes, if you call CondAuth before setting any passwords, it will (1) return the default PmWiki state (edit allowed) and (2) will cache the authorization to speed up subsequent calls without requiring to re-open the same disk files. This is an expected and documented behavior, please see at the bottom of the page LocalCustomizations (order of customizations in config.php) for more information. --Petko September 20, 2009, at 12:29 PM
OK, the problem is that I can't use if (CondAuth($pagename,'edit')) { blabla } in farmconfig.php because this file is load before config.php...
Is it any solution to use that ?
Thanks
Thomas
Yes, you can manually include config.php from farmconfig.php, and call CondAuth and other functions below.
# near the end of farmconfig.php
include_once("local/config.php");
if (CondAuth($pagename,'edit')) { blabla; }
OK, Thanks