[pmwiki-users] identify current authorization level
Patrick R. Michaud
pmichaud at pobox.com
Thu Aug 3 12:52:28 CDT 2006
On Thu, Aug 03, 2006 at 01:00:45PM -0400, Henrik Bechmann wrote:
> I have the sequencing figured out.
>
> Here's my code in farmconfig:
>
> include_once('local/config.php');
> $pagename = ResolvePageName($pagename);
> $isEditAuthorized = (boolean)RetrieveAuthPage($pagename, 'edit', false,
> READPAGE_CURRENT);
> echo ' value='.$isEditAuthorized;
>
> I think there may be two problems.
>
> 1. I'm not using (and don't want to use) authuser.php. My author group is
> quite content with the simple base password protection.
Excellent -- I think running without authuser.php is better in general. So,
that's one less thing to worry about.
> 2. $isEditAuthorized still returns true *after* logout (&action=logout)
> per the above echo statement. [...] I'm just finding that clearing the
> browser's cache fixes that, but I don't understand why, and I can't ask my
> users to clear their browser cache whenever they logout. Is the echo of
> $isEditAuthorized returning true because the echo is part of a cache, when
> in fact $isEditAuthorized is false on the server?
I'm pretty sure you're seeing the browser's cached version of the page,
before the logout occurred. On the server $isEditAuthorized is certainly
false.
> I have $EnableIMSCaching=1; in my farmconfig.php so that page location is
> preserved when the user returns to a page.
Aha, this is very likely the issue. ?action=logout is issuing the redirect,
and the browser thinks it already has the page in its cache and displays
that one (i.e., the one before the logout). Try turning $EnableIMSCaching
off and see if the $isEditAuthorized appears correctly. If that works,
then maybe we can find a way to get ?action=logout to work with IMS caching.
Also, what browser are you using? Both IE and Mozilla/Firefox have their
own little caching quirks.
Pm
More information about the pmwiki-users
mailing list