[pmwiki-users] Page question

Mailinglists mailinglists at wso.net
Tue Jun 24 08:58:10 CDT 2008

Thank you for all the effort Peter. This solution would work, but it has the requirement of editing config.php, which is something I don't want the site admin to have to do. I'm going to try to implement the solution by Hans. It is less secure, but my needs are for simplicity over security since I'm not securing anything critical.

I'm going to try to implement it today and I'll let you know how it goes. If I hit unforeseen snags I may have to revisit some of these other suggestions.

Thanks again everyone.

At 06:25 AM 6/24/2008, you wrote:
>> Right now we have a "Client" page with a list of our client names. If you click on a name it is linked to a page that requires a password. Each client page has a unique password. We're not using AuthUser, just the default attr for each page.
>> But what we'd like to do is have the password prompt show up as soon as you click on the main "Clients" page and then depending on the password entered it would take you to that specific clients page.
>Here is the solution I suggested earlier, this time coded instead of
>pseudo-coded and (briefly and superficially) tested.  I believe it
>fits your specs exactly unless I am misunderstanding.
>===(snip config.php)===
># $ClientList should hold a list of each homepage for all clients
>$ClientList = array('ClientA.Homepage', 'ClientB.Homepage');
>Markup('GotoClientPage', 'inline',
>        '/\(:goto-client-page:\)/e',
>        'GotoClientPage(\$pagename)');
>function GotoClientPage($pagename)
>        global $ClientList;
>        $gotopage = null;
>        foreach ($ClientList as $homepage) {
>           if (CondAuth($homepage, 'read')) {
>              $gotopage = $homepage;
>              break;
>           }
>        }
>        if ($gotopage)
>           Redirect($gotopage);
>===(end snip config.php)===
>Then I created the following pages:
>   CONTENT: random content for client A
>   ATTR: read passwd=clienta, edit passwd=clientaClientA.HomePage
>   CONTENT: random content for client B
>   ATTR: read passwd=clientb, edit passwd=clientb
>   CONTENT: (:goto-client-page:)
>   ATTR: read passwd=clienta,clientb
>Now whenever someone navigates to Client.HomePage they will be
>prompted for a password.  If they enter clienta they will be sent to
>the ClientA.HomePage.  Similarly with the password clientb.
>I agree with others that an authuser solution is more elegant, but if
>you don't mind keeping the attributes updated on both the pages and
>the $ClientList definition in config.php then this should do what you
>are looking for.
>It has the further advantage of using the standard page-based
>passwords rather than something in config.php that has to be kept in
>sync to maintain security.  It has the disadvantage that if someone
>logs in with multiple passwords it will take them to the first one in
>$ClientList.  You may want to have a link to a
>Client.HomePage?action=logout somewhere (home pages?) so people can
>conveniently log out and in.

More information about the pmwiki-users mailing list