[pmwiki-users] RSS & password-protected pages
Patrick R. Michaud
pmichaud at pobox.com
Wed Oct 18 08:45:26 CDT 2006
On Wed, Oct 18, 2006 at 12:28:38PM +0200, Mike wrote:
> Patrick R. Michaud wrote on 18.10.2006 07:03:
> > While the PHP code does know the cleartext passwords that have been
> > entered for a session, it doesn't really know which one is the
> > "correct"
> > one. Still, we could possibly have a custom {$AuthPw} variable that
> > returns the last password enetered, and maybe that would be good
> > enough.
>
>
> I think I figured it out after all:
>
> session_start();
> if (!empty($_POST['authpw'])){
> $_SESSION['storeauthpw'] = $_POST['authpw'];
> }
> $FmtPV['$AuthPw'] = $_SESSION['storeauthpw'];
>
> does the trick quite well!
This works, although one could run into issues with certain
passwords triggering some unwanted behaviors in $FmtPV.
Perhaps the following instead, which returns the last password
entered:
$FmtPV['$AuthPw'] = 'reset(array_keys((array)@$_SESSION["authpw"]))';
Pm
More information about the pmwiki-users
mailing list