[pmwiki-users] Re-inventing the Wheel?

Patrick R. Michaud pmichaud at pobox.com
Mon Aug 28 16:28:24 CDT 2006


On Mon, Aug 28, 2006 at 04:59:38PM -0400, Russ wrote:
> Hi Steve,
> 
> I like PmWiki for the very reason that most of the sites I build with it
> look like anything BUT wikis.
> [...]
> I'm not sure why you would require two URL's to accomplish what you're
> looking to do.  

Russ has a very good point.  I can still provide the two-url
approach, but here's a way to do in local/config.php
much of what you want using only PmWiki's "built-in" 
authentication mechanisms:

    ## prevent editing in general
    $DefaultPasswords['edit'] = crypt('secret');

    ## see if the person has edit permission to the page
    $pagename = ResolvePageName($pagename);
    $is_editor = CondAuth($pagename, 'edit');

    ## decide what to allow/deny based on edit privileges
    if ($is_editor) {
      $Skin = 'skin-edit';
    } else {
      ##  not an editor, so use a normal skin and
      ##  completely disallow edit, diff, and upload
      $Skin = 'skin';
      $HandleActions['edit'] = '';
      $HandleActions['diff'] = '';
      $HandleActions['upload'] = '';
    }


So, someone coming to the site for the first time will
see the page using 'skin', and ?action=edit, ?action=diff,
?action=upload, etc. will all be disabled, in the sense
that someone adding them to the end of a page will result
in exactly the same thing they would get with ?action=browse.

But, access the page using ?action=login, and a password
prompt will appear.  Enter the valid edit password, and
then the 'skin-edit' will be used, and all of the available
actions will be left as their defaults.

I've set up the above configuration (w/o CleanUrls, but it's the same)
at http://www.pmichaud.com/sandbox/twoskins/pmwiki.php,
using the default PmWiki skin for a non-privileged
user and the gemini skin for an editor.  Note that
in the PmWiki skin the Edit/History buttons don't
have any effect, while Print still works.  Use ?action=login
and a password of 'secret' to get to the editing skin
and have the full range of actions available.

I can still provide a two-url solution if you want, but
it can get a bit tricky with CleanUrls thrown in the mix.
Essentially a two-url solution is the same as the above,
except instead of testing for edit permission we look at the
url (available via the $_SERVER variables) and decide if
the site is being accessed as an admin or as a visitor.

(As proof that it *can* work based on url, note that 
http://www.pmichaud.com and http://www.pmwiki.org are in 
fact the same wiki but display with different skins.)

Hope this helps,

Pm




More information about the pmwiki-users mailing list