[pmwiki-users] Security for uploaded files (continued)

Hans design at softflow.co.uk
Wed Dec 21 12:14:57 CST 2005


Wednesday, December 21, 2005, 5:00:21 PM, Tegan wrote:
> The single (known to me) exception to this is the case where I
> want to specify a background image for some part of the site
> (header, body, etc) in the skin's .css file via a line like 
> background: url("/uploads/Site/image.jpg");

I suggest you keep the background image file either in
pub/local/images/ (you need to create that folder) or in the skin's
folder. files in pub/ and its subfolders are publicly viewable.
since you (as admin) need to specify css settings to use a background
image it does not need to be in the uploads/Site/ folder.
you can load the background image via a $HTMLStylesFmt declaration in
config.php (or a group.php file) and use variables for the url path
like:
background:url(\$PubDirUrl/images/mybgimage.jpg) if it is in
pub/images/
or
background:url(\$SkinDirUrl/images/parch-green.jpg)
if it is in pub/skins/myskin/images/

Best, 
~Hans                           






More information about the pmwiki-users mailing list