[pmwiki-users] $HandleAuth['crypt'] = 'edit' not working ?

Christophe David pmwiki at christophedavid.org
Sat Mar 1 15:45:02 CST 2008


>> $HandleAuth['crypt']  = 'edit';
>> Even with this line in config.php, users seem to be able to use
>> action=crypt even when they have no "edit" rights.

> The ?action=crypt is handled somewhat specially, in that it
>  doesn't bother to check permissions on any page before being
>  able to run it.  There didn't seem to be much point in
>  limiting authorization for it, as it's not really information
>  that needs protecting (afaict).
>
>  That said, if we really feel that it needs authorization
>  controls, I can add it easily enough.

Thank you for the fast reply.

There is no real need for it, but it would be more consistent and
would probably prevent some avoidable head scratching ;-)

Christophe



More information about the pmwiki-users mailing list