[pmwiki-users] Re-inventing the Wheel?
Patrick R. Michaud
pmichaud at pobox.com
Mon Aug 28 16:28:24 CDT 2006
On Mon, Aug 28, 2006 at 04:59:38PM -0400, Russ wrote:
> Hi Steve,
>
> I like PmWiki for the very reason that most of the sites I build with it
> look like anything BUT wikis.
> [...]
> I'm not sure why you would require two URL's to accomplish what you're
> looking to do.
Russ has a very good point. I can still provide the two-url
approach, but here's a way to do in local/config.php
much of what you want using only PmWiki's "built-in"
authentication mechanisms:
## prevent editing in general
$DefaultPasswords['edit'] = crypt('secret');
## see if the person has edit permission to the page
$pagename = ResolvePageName($pagename);
$is_editor = CondAuth($pagename, 'edit');
## decide what to allow/deny based on edit privileges
if ($is_editor) {
$Skin = 'skin-edit';
} else {
## not an editor, so use a normal skin and
## completely disallow edit, diff, and upload
$Skin = 'skin';
$HandleActions['edit'] = '';
$HandleActions['diff'] = '';
$HandleActions['upload'] = '';
}
So, someone coming to the site for the first time will
see the page using 'skin', and ?action=edit, ?action=diff,
?action=upload, etc. will all be disabled, in the sense
that someone adding them to the end of a page will result
in exactly the same thing they would get with ?action=browse.
But, access the page using ?action=login, and a password
prompt will appear. Enter the valid edit password, and
then the 'skin-edit' will be used, and all of the available
actions will be left as their defaults.
I've set up the above configuration (w/o CleanUrls, but it's the same)
at http://www.pmichaud.com/sandbox/twoskins/pmwiki.php,
using the default PmWiki skin for a non-privileged
user and the gemini skin for an editor. Note that
in the PmWiki skin the Edit/History buttons don't
have any effect, while Print still works. Use ?action=login
and a password of 'secret' to get to the editing skin
and have the full range of actions available.
I can still provide a two-url solution if you want, but
it can get a bit tricky with CleanUrls thrown in the mix.
Essentially a two-url solution is the same as the above,
except instead of testing for edit permission we look at the
url (available via the $_SERVER variables) and decide if
the site is being accessed as an admin or as a visitor.
(As proof that it *can* work based on url, note that
http://www.pmichaud.com and http://www.pmwiki.org are in
fact the same wiki but display with different skins.)
Hope this helps,
Pm
More information about the pmwiki-users
mailing list