[pmwiki-users] RSS Feed + Read Protected Groups
Tegan Dowling
tmdowling at gmail.com
Fri Jan 6 10:16:41 CST 2006
On 1/6/06, Patrick R. Michaud <pmichaud at pobox.com> wrote:
>
> On Thu, Jan 05, 2006 at 04:16:04PM -0800, Richard A. Millard wrote:
>
> > I was also hoping to set up a RSS feed of the Group.RecentChangespage
>
>
> > I have that Group password set using Eberron.GroupAttributes?action=attr
> ,
> > but I can't figure out how to allow Group.RecentChange to produce a
> RSS
> > feed, and still protect the rest of the Group behind a login
> password.
> >
> > Any suggestions would be appreciated!
>
> Sure thing! It's good that you have Group.RecentChanges set to "nopass",
> this is necessary for people to get the RSS feed w/o a password. But
> there's one other step you need to do -- in local/config.php you need
> to set
>
> $EnablePageListProtect = 0;
>
> Why is this needed? Well, even though the Group.RecentChanges page
> isn't read protected, all of the pages it's referencing *are* protected,
> and in the past most admins have expressed that they want the existence
> of such pages to be kept private and not "leak" out through things
> such as searches, page lists, and (of course) RSS feeds.
>
> By setting $EnablePageListProtect=0; you're telling the pagelist function
> to go ahead and list pages that are read protected. This doesn't allow
> others to actually view the page without a password(*) -- it just lets
> them
> see that the page exists.
>
> (In an RSS feed someone might be able to see partial page contents
> in the description/page excerpt. This can be disabled if you wish --
> let me know.)
>
If you want to keep $EnablePageListProtect=1; in your config.php, I believe
you could create a local/Eberron.php file containing just
<?php
// Page List Protection enabling -
http://www.pmwiki.org/wiki/PmWiki/PagelistVariables#EnablePageListProtect
// When set to 1, causes (:pagelist:) and (:searchresults:) to exclude
listing any pages
// for which the browser does not currently have read authorization.
$EnablePageListProtect = 0;
Anyone: Any problem with this?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: /pipermail/pmwiki-users/attachments/20060106/a204cfd4/attachment.html
More information about the pmwiki-users
mailing list