[pmwiki-users] identify current authorization level

Henrik Bechmann henrik at bechmannsoftware.com
Thu Jul 27 10:47:59 CDT 2006


Hagan,

Progress. I've put the following test code in farmconfig.php:

function isEditAuthorized() {
 global $pagename;
 $pagename = ResolvePageName($pagename);
 $page = RetrieveAuthPage($pagename, 'read', false, READPAGE_CURRENT);
 echo ' value='.$page['=auth']['edit'];
 if ( @$page['=auth']['edit']) {
  echo ' true';
  return true;
 }
 echo ' false';
 return false;
}

and in my page template:

<!--function:isEditAuthorized-->

Which prints "value=1 true" on the page after the user has logged in for 
editing, and "value=0 false" before logging in.

Apparently because the function is called after all initialization, this 
allows the page name defaults and possibly some other prerequisites to 
be set before calling Resolve... and Retrieve...

So it looks like I'll be able to call this function from within my PHP 
code to decide on layout, BUT...

...there is one more problem.

I want isEditAuthorized to return false after action=logout on the page, 
so that the author can revert to the user page layout (no author menus, 
etc). But action=logout apparently does not clear the [=auth][edit] 
value until the next attempt to login (caching?).

Is there some way to detect that a logout has taken place? In 
HandleLogoutA which seems to be called for the logout action, there is a 
  session_destroy() statement. Is there something I can test from 
isEditAuthorized that is required for edit authorization but that would 
have been destroyed with session_destroy()?

Thanks again,

- Henrik

Henrik Bechmann
www.osscommons.ca
www.bechmannsoftware.com
Webmaster, www.dufferinpark.ca



H. Fox wrote:
> On 7/26/06, Henrik Bechmann <henrik at bechmannsoftware.com> wrote:
>> Thanks Hagan,
>>
>> I copy the lines to farmconfig.php [...]
>
> farmconfig.php doesn't seem like the right place.  The lines need to
> be *after* e.g. httpauth.php, authuser.php, etc...
>
> Hagan
>
>




More information about the pmwiki-users mailing list