[pmwiki-users] NewPageBoxPlus update. Was: spam despite edit restriction
Hans
design5 at softflow.co.uk
Sun Nov 26 09:06:12 CST 2006
Sunday, November 26, 2006, 2:14:04 PM, Hans wrote:
> Maybe I need to include a variable SDV($EnableAutoSave, false);
> as default, to disable the auto saving option, and let admins decide
> when they need to enable it.
I uploaded an updated version of newpageboxplus.php
http://www.pmwiki.org/wiki/Cookbook/NewPageBoxPlus
I added variable
SDV($EnableAutoSave, false);
and the condition for automatic saving of new pages is now:
if (@$_REQUEST['save'] AND ($EnableAutoSave==1 OR CondAuth($pagename,'edit'))) {
so for auto saving you need to be logged in with 'edit' permission,
or $EnableAutoSave = true; needs to be set in alocal configuration
file.
Are these security measures reasonable and sufficient?
Please comment.
Hans
More information about the pmwiki-users
mailing list