On 6/27/07, Patrick R. Michaud <[EMAIL PROTECTED]> wrote:
On Wed, Jun 27, 2007 at 04:49:24PM -1000, Sivakatirswami wrote: > OK, we are planning to "ditch" Apache Basic Authentication and > use PMwiki password protection (not AuthUser, just simple passwords) > > What will the CURL URL access strings be now? > > something like > > (wild guess, but to give an idea of what we might expect:) > > http://my.wiki.org/ProtectedGroup.DataPage?action=login&password= "bananas" If you're using curl as a command-line tool, try the -d option: curl -d authpw=banana http://my.wiki.org/ProtectedGroup.DataPage This generates a POST request for the page, exactly as if someone had filled in the authorization form. This can also be done with the password as part of the url, but be aware that the password will appear (in cleartext) in the server logs as part of the request string. If you're okay with that, then you can do a local customization like: if (@$_GET['authpw']) SDV($_POST['authpw'], $_GET['authpw']); This allows passwords to come from url strings as well as forms. Then a url like the following should work: http://my.wiki.org/ProtectedGroup.DataPage?authpw=bananas No need to go through a separate "log in" step, just provide the password as part of the request.
When I requested this, around a year ago, PM provided the following, which I keep (commented out) in my template wiki, and include here in case a variation is needed or desired: ## allow append ?action=login?authpw=password to url # if (!isset($_POST['authpw']) && @$_GET['authpw']) # $_POST['authpw'] = $_GET['authpw'];
_______________________________________________ pmwiki-users mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-users
