[pmwiki-users] identify current authorization level
Henrik Bechmann
henrik at bechmannsoftware.com
Thu Aug 3 14:35:07 CDT 2006
... FWIW it works like a charm in IE. Go figure.
Henrik Bechmann
www.osscommons.ca
www.bechmannsoftware.com
Webmaster, www.dufferinpark.ca
Dominique Faure wrote:
> On 8/3/06, Henrik Bechmann <henrik at bechmannsoftware.com> wrote:
>>
>> Patrick,
>>
>>
>> >>Try turning $EnableIMSCaching off and see if the $isEditAuthorized
>> appears correctly.
>>
>> Yes that works.
>>
>
> The best way to catch an action is to register your own handler for
> it. Please have a try with the following (untested) code:
>
> $HandleActions['logout'] = 'MyLogoutHandler';
>
> function MyLogoutHandler($pagename, $auth = 'read') {
> global $EnableIMSCaching;
> $EnableIMSCaching = 0;
> HandleLogoutA($pagename, $auth); # call the legit handler
> }
>
> Regards,
> Dom
>
>
>
>> I also tried the following (with $EnableIMSCaching set to true or
>> false):
>>
>> if (isset($_GET['action'])) $useraction = $_GET['action'];
>> elseif (isset($_POST['action'])) $useraction = $_POST['action'];
>> else $useraction = 'none';
>> echo 'useraction='. $useraction;
>> if ($useraction=='logout') {
>> $EnableIMSCaching=0;
>> }
>>
>> I use $useraction because $action seems to be set to 'browse' a lot,
>> and I
>> was trying to get behind it.
>>
>> But, this code never sees the "logout" value (or at least it never gets
>> echoed, even with $EnableIMSCaching set to false), presumably because
>> of the
>> redirect generated by the logout action. Not sure it would work anyway
>> without clearing the browser cache first. But is there some way of
>> determining that the redirect came from a logout, and forcing a refresh?
>>
>> I'm using Firefox, but the solution would have to be cross browser
>> compatible.
>>
>> Also, for future reference, a side effect of something
>> (include_once('local/config.php')??) is that the author
>> name is being lost between edit states, so the user has to re-enter
>> it all
>> the time -- not true before (I have $EnablePostAuthorRequired = 1;) [I'm
>> just working in a test environment of course]. I'm presuming that if
>> nothing
>> else I could jam all this into a function and call it from the
>> template, so
>> as to allow config.php to be called after farmconfig.php. But that's for
>> later...
>>
>> Is my quest here legitimate?
>>
>>
>> - Henrik
>>
>> Henrik Bechmann
>> www.osscommons.ca
>> www.bechmannsoftware.com
>> Webmaster, www.dufferinpark.ca
>>
>>
>> Patrick R. Michaud wrote:
>> On Thu, Aug 03, 2006 at 01:00:45PM -0400, Henrik Bechmann wrote:
>>
>>
>> I have the sequencing figured out.
>>
>> Here's my code in farmconfig:
>>
>> include_once('local/config.php');
>> $pagename = ResolvePageName($pagename);
>> $isEditAuthorized = (boolean)RetrieveAuthPage($pagename,
>> 'edit', false,
>> READPAGE_CURRENT);
>> echo ' value='.$isEditAuthorized;
>>
>> I think there may be two problems.
>>
>> 1. I'm not using (and don't want to use) authuser.php. My author
>> group is
>> quite content with the simple base password protection.
>>
>> Excellent -- I think running without authuser.php is better in
>> general. So,
>> that's one less thing to worry about.
>>
>>
>>
>> 2. $isEditAuthorized still returns true *after* logout (&action=logout)
>> per the above echo statement. [...] I'm just finding that clearing the
>> browser's cache fixes that, but I don't understand why, and I can't
>> ask my
>> users to clear their browser cache whenever they logout. Is the echo of
>> $isEditAuthorized returning true because the echo is part of a
>> cache, when
>> in fact $isEditAuthorized is false on the server?
>>
>> I'm pretty sure you're seeing the browser's cached version of the page,
>> before the logout occurred. On the server $isEditAuthorized is certainly
>> false.
>>
>>
>>
>> I have $EnableIMSCaching=1; in my farmconfig.php so that page
>> location is
>> preserved when the user returns to a page.
>>
>> Aha, this is very likely the issue. ?action=logout is issuing the
>> redirect,
>> and the browser thinks it already has the page in its cache and displays
>> that one (i.e., the one before the logout). Try turning
>> $EnableIMSCaching
>> off and see if the $isEditAuthorized appears correctly. If that works,
>> then maybe we can find a way to get ?action=logout to work with IMS
>> caching.
>>
>> Also, what browser are you using? Both IE and Mozilla/Firefox have their
>> own little caching quirks.
>>
>> Pm
>>
>>
>>
>>
>>
>
>
More information about the pmwiki-users
mailing list