[pmwiki-users] Preventing users from editing the "Author"-field

Patrick R. Michaud pmichaud at pobox.com
Fri Jun 5 16:37:19 CDT 2009

On Fri, Jun 05, 2009 at 10:54:55PM +0200, Tom wrote:
> I have the following lines in the config.php-file:
> include_once("scripts/httpauth.php");
> $Author = $idinfo[2];
> ....
> $idinfo[2] contains the distinguished name of the user fetched from 
> Active Directory
> (using VBScript to fetch the information from AD when the user has 
> authenticated using their user-id and password).
> But I want make sure that the user is not able to change this value, 
> either by removing the Author-field from the
> page or by "locking" the field.

Simply setting $Author as you've done above should be enough to force
the author name to always be the one fetched from the Active
Directory.  The user can try to change it in the edit page form,
but changing it there will have no real impact.

If you want to also prevent the field from being display in the
edit form, remove it from the Site.EditForm page.

A few more details are at http://www.pmwiki.org/wiki/Cookbook/RequireAuthor .


More information about the pmwiki-users mailing list