[pmwiki-users] ZAP security vulnerability...
marc
gmane at auxbuss.com
Fri May 4 10:32:37 CDT 2007
Hans said...
> Thursday, May 3, 2007, 8:55:39 PM, The Editor wrote:
>
> > I don't like the target string approach. I'm not going to use it.
> > What do you do for forums that have multiple pages, created by users
> > automatically?
>
> I use a group.php i.e. local/Forum.php which has a lot of group
> customisations, and includes an entry to the pattern array:
>
> $FoxNameFmt[] = 'Forum.*';
>
> allowing posting to any page in group Forum.
> I could still exempt some pages from this with negative names:
>
> $FoxNameFmt[] = '-Forum.GroupFooter';
>
> So this supplements the permission string check.
> The string check is useful as authors can add it to pages.
> The pattern array is under admin control.
Neat.
I need to have another look at Fox soon as I need a lightweight forum-
ish-type-thing for a project.
--
Cheers,
Marc
More information about the pmwiki-users
mailing list