phpwiki-talk

[Phpwiki-talk] Locking non-admin users

[John K. <jo...@ke...>]

[PHPWIKI1.3.2]

Hi,

Can I use this array in lib/main.php to control what non-admin visitors can do?

John

function is_safe_action ($action) {
     if (! ZIPDUMP_AUTH and ($action == 'zip' || $action == 'xmldump'))
         return true;
     return in_array ( $action, array('browse',
                                      'info', 'diff', 'search',
                                      'edit', 'save',
                                      'login', 'logout',
                                      'setprefs') );
}


-- 
------------------------------------
     0113 2289316 / 07944 755613
jo...@ke... / www.kershaw.org
  AOL johnkershaw / Y! john_m_kershaw
------------------------------------

Re: [Phpwiki-talk] Locking non-admin users

[Jeff D. <da...@da...>]

On Wed, 24 Jul 2002 11:04:49 +0100
John Kershaw <jo...@ke...> wrote:

> [PHPWIKI1.3.2]
> 
> Can I use this array in lib/main.php to control what non-admin visitors
> can do?
> 
> function is_safe_action ($action) {
>      if (! ZIPDUMP_AUTH and ($action == 'zip' || $action == 'xmldump'))
>          return true;
>      return in_array ( $action, array('browse',
>                                       'info', 'diff', 'search',
>                                       'edit', 'save',
>                                       'login', 'logout',
>                                       'setprefs') );
> }


Yes, probably, I think.
If you remove an action from that list, that action will be globally
disabled for non-admin's.
(However, the links/buttons for it won't disappear.
So, if, e.g., you disable 'edit' and 'save' this way,
the 'EditPage' button will still appear --- but if someone
tries to click it, it won't work.   To get rid of the buttons,
you've got to edit the templates.)