Re: [htdig-dev] htdig multiple site search/index question

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

On Fri, 1 Apr 2005, umesh rawar wrote:

> We will be giving them separate form where they can
> search the letters from set2letters only.
> set1letters user are allowed to search their letters
> from set1letters only.
>
> So to this change, I did following changes.
>
> 1) modify htdig.conf for start_url
> set start_url to http://localhost:8080/apps/letter/
> So it should index
> 	/apps/letters/set1letters
> 	/apps/letters/set2letters

In the start_url you are using 'letter' and in the directory names you 
are using 'letters'. Is this just an email typo? If not, then there is 
likely a problem with the above configuration. Aside from that, this 
should work if there is something at the start_url that will allow htdig 
to follow links to the content in the set1letters and set2letters 
directories.

> 2) set the restrict and exclude properties for first
> set of users as following
> 	<form action="http://localhost/cgi-bin/htsearch"
> method="post" target="_blank" name="lettersearch">
> 	<input type="hidden" name="config" value="htdig">
> 	<input type="hidden" name="exclude"
> value="/set2letters">
> 	<input type="hidden" name="restrict"
> value="/set1letters">
>
> 3) set the restrict and exclude properties for second
> set of users as following
> 	<form action="http://localhost/cgi-bin/htsearch"
> method="post" target="_blank" name="lettersearch">
> 	<input type="hidden" name="config" value="htdig">
> 	<input type="hidden" name="exclude"
> value="/set1letters">
> 	<input type="hidden" name="restrict"
> value="/set2letters">
>
> Will this configuration work?

The above looks reasonable. I would suggest that once you have the files 
indexed you drop in a couple test pages with the above settings and use 
those to verify that queries return the results you intend.

> Am I missing anything?

This is not a secure approach, if that is relevant. It would be trivial 
for someone who knows about either search form to craft an HTTP request 
that would allow them to search both letter sets . Especially with the 
exclude attribute added, which tells anyone who looks at the page source
what you are trying to hide from them.

Jim