[pmwiki-users] detecting default password changed

Peter Bowers pbowers at pobox.com
Fri Aug 22 05:47:34 CDT 2008


On Fri, Aug 22, 2008 at 10:28 AM, adam overton <a at plus1plus1plus.org> wrote:
> i noticed that when a user creates a new group, the group attributes page
> doesn't exist yet -- it's only created once the user goes to change the
> password and clicks 'save'...
> so i'm guessing (:if exists Group.GroupAttributes ... should work...
> that almost seems too easy though... anyone foresee any problems with that

It would give you a high percentage of accurate "hits" but there are
many different ways that checking for the existence of this page could
result in something OTHER than what you are looking for:
(1) Someone sets the password and then clears the password - page
still exists but no password
(2) Someone sets the password to the same as the site-wide one (this
is going to be a problem in any case)
(3) Someone sets the read password or the upload or the attr password,
but the edit password is not set.  (Does read cascade to edit at the
group level first or does pmwiki look for a site edit password before
it cascades?  Not sure...)
(4) What you've described here doesn't look at all into the
possibility of a page-level password rather than a group-level
password.
(5) Potentially others as well...?

So if you're looking for a 95% sure solution then checking existence
is probably enough.  And that may be good enough if all you're doing
is giving a helpful message to remind users.  If you are looking for
100% then you probably need to keep looking...

-Peter



More information about the pmwiki-users mailing list