Re: [Phpwiki-talk] secure data?

[Reini U. <ru...@x-...>]

Jim Cheetham schrieb:
> One of the wikis I have set up is for a restricted set of admins - it's 
> under https, requires a client ssl certificate, and also requires users 
> to log in before viewing. Reasonably secure ...
> 
> As a consequence, I'm considering allowing our service passwords to be 
> stored in there. My backend is MySQL, but the db isn't available to any 
> external IP, so I can put up with that. However, page change 
> notifications are emailed out with the complete page source. Plain email 
> isn't secure enough :-(
> 
> Can I have a page edit notification mailout that *doesn't* send the page 
> content? Preferably for a subset of pages marked "sensitive" but 
> possibly for all?
> 
> Perhaps the answer is to not use email notifications, and to rely on RSS 
> instead ... but that means I need another application somewhere :-(

just comment out the diff section in sendPageChangeNotification()

         if (mail($emails,"[".WIKI_NAME."] ".$subject,
                  $subject."\n".
                  $editedby."\n".
                  $difflink."\n\n".
                  /*$content*/))

-- 
Reini Urban
http://xarch.tu-graz.ac.at/home/rurban/