[pmwiki-users] Re: Re: Upload Enhancement for file deletion
Dan Weber
webmaster at drwhosting.net
Wed Dec 14 16:44:20 CST 2005
"Patrick R. Michaud" <pmichaud at pobox.com> wrote in message
news:20051214201154.GF32393 at host.pmichaud.com...
> On Wed, Dec 14, 2005 at 01:32:45PM -0500, Dan Weber wrote:
>> "sven saurwein" <saurwein at komit.at> wrote in message
>> news:43A0595D.4060608 at komit.at...
>> > I - once again for usability reasons- suggest putting lines
>> > 65 ...('Are you sure you want to delete ' + name + '?')...
>> > and
>> > 75 ...<del>...
>> >
>> > also in the XLSDV
>> I also added the change that the delete link does not show up when the
>> user
>> does not have upload privileges.
>> I'll add this script to a cookbook entry
> I just reviewed Dan's script -- my first comment is "excellent work" --
> you've written most of the things the way I would've done them.
> Congratulations on being able to follow the original code so well!
> However, there's a couple of *serious* flaws we'll have to address.
> Since all of the delete links are normal GET requests encoded in
> <a href='...'> tags, the first robot to come along and follow those
> links is going to delete all of the uploads.
> Oops.
> Password protection won't help, as many sites (e.g., pmwiki.org)
> run with uploads unprotected. Robot protection won't help, as
> we're bound to miss at least one robot, or a robot may cloak under
> a different user agent identifier.
> I think the output of (:attachlist:) will have to be a form with
> checkboxes and a submit button or multiple submit buttons.
> Robots typically do not follow links given in forms. Personally
> I favor checkboxes, since it's an automatic form of confirmation,
> and it also makes it easier to remove multiple things at once.
> The other problem is that the filename= parameter isn't currently
> being filtered in any way. So, anyone with upload privileges can do
> ".../pmwiki.php?action=delattach&filename=../../wiki.d/Private.GroupAttributes"
> and they'll have successfully removed a page from the wiki, with no
> backup available or trace of what happened.
> Oops.
> Lastly, I don't think the script should directly unlink items;
> instead it should probably rename them with a timestamp the way
> that PmWiki does for deleting pages. Otherwise a malicious person
> can completely eliminate lots of uploads. (This could be
> controlled by an appropriate $Enable option.)
> Pm
wow - Thanks Patrick, for outlining the problems. It shows that you have
more experience than me ;-)
I uploaded a new version to the cookbook page and to this post.
- Files are now selected with a checkbox
- Multiple files can be deleted at once
- Delete action is a post action through a form
- Filenames pass a basic filter for validation
