From: Steve W. <sw...@wc...> - 2000-07-05 00:08:03
|
On Wed, 5 Jul 2000, Arno Hollosi wrote: > I just committed the following changes: > > - some bug fixes > - added GetAllWikiPageNames($dbi) for mySQL > - dumpserial & loadserial now rawurlen/decode() the filename > - added support for locked pages All now live on http://phpwiki.sourceforge.net/phpwiki/ too > Editing locked pages doesn't work yet. > This is because $ScriptURL points to admin/index.php3 instead of > the main index.php3. I ugly hack would be to str_replace /admin/ with "" > But we aim for better solutions, don't we? > Note: if ServerAddress is set manually and not by the if/else clause, > then editing works. Comment out the part from wiki_lockpage and try it out. Hrm. I was reading Ari's code over the weekend (Ari simply emailed me a login/passwd to the server, very generous!) and he (she?) uses $PHP_SELF now... dunno if that will be any help here. Ari also uses $PATH_INFO for the page name instead of the CGI variables, so right off when we want to change from using CGI srings to pathinfo we have a conversion function we can borrow. > Also, ###LOGO### doesn't work from inside admin/ when using templates. > This is because there's no absolute path used in the default config. Oh, did you add templating to the admin forms? (looks...) Oh, you must mean when you edit a locked page... that won't herald the end of the earth fortunately ;-) > So, lock pages works more or less. > It's not 100% secure though -- to make it water-proof one would have > to test in save_page as well. But I didn't bother right now. I mean, > what are the odds, that someone is going to do some URL hacking? Famous last words ;-) And besides I don't know how much louder I can scream "it's BETA!" sw ...............................ooo0000ooo................................. Hear FM quality freeform radio through the Internet: http://wcsb.org/ home page: www.wcsb.org/~swain |