[pmwiki-users] Author cookies
Henrik Bechmann
henrik at bechmannsoftware.com
Sat Aug 12 00:45:33 CDT 2006
Patrick,
Just to confirm,
I find that adding
include_once('scripts/author.php');
$LogoutCookies = array_diff($LogoutCookies, array($AuthorCookie));
to farmconfig.php preserves the author name between sessions for all users.
But per my previous message, I think the ideal solution would be to give
each user the choice with a checkmark (also preserved in the cookie)
beside the name field of the edit form (and an accompanying
$EnableCheckMarkToPreserveAuthorNamesBetweenSession -- well, maybe
something a little shorter<grin>).
One man's opinion.
Thanks for the tip!!
All the best,
- Henrik
Henrik Bechmann
www.osscommons.ca
www.bechmannsoftware.com
Webmaster, www.dufferinpark.ca
Patrick R. Michaud wrote:
> Reply-To:
> In-Reply-To: <44D66848.3060303 at bechmannsoftware.com>
>
> [Subject was: Working solution for CMS style interface with IMS caching]
>
> On Sun, Aug 06, 2006 at 06:08:08PM -0400, Henrik Bechmann wrote:
>
>> All of this works as expected in Internet Explorer. The Firefox cache is
>> not as responsive however, and requires special procedures. Also, it
>> turns out that PmWiki deletes the Author Name cookie with the logout
>> operation (which I do not think is desirable in most situations).
>>
>
> Actually, it is desirable, and arguably it's the only correct
> answer. PmWiki is used in a large number of laboratory and classroom
> environments, where multiple people end up using the same machine
> to access a common wiki on a daily basis. In these situations,
> people think of "logout" as meaning "remove my association with
> this particular terminal" -- including their author name.
>
> In fact, many people would be very surprised if the "logout" action
> *didn't* cause their author name to be removed from the forms;
> "logout" should mean "I'm no longer here." Indeed, this is one
> of the reasons ?action=logout was originally created...to provide
> an easy way to clear the author cookie.
>
>
>> 2. IMHO the Author Name (as opposed to ID) should never be removed from
>> the cookie. It is not a security feature, but rather a convenience for
>> the author, such that he/she doesn't have to keep adding his/her name
>> from the same computer all the time (when $EnablePostAuthorRequired =
>> 1).
>>
>
> It's even more inconvenient for an author to try to remove his/her
> name from a machine if ?action=logout doesn't do it.
>
> Still, if the admin doesn't want ?action=logout to remove the
> author cookie, then use:
>
> include_once('scripts/author.php');
> $LogoutCookies = array_diff($LogoutCookies, array($AuthorCookie));
>
> which means that ?action=logout won't remove the author cookie.
> If there's enough people who think that author cookies should
> survive ?action=logout, we can create a special $Enable... variable
> for it, otherwise I'll simply cite the above code as a potential
> recipe.
>
> Pm
>
>
>
More information about the pmwiki-users
mailing list