On Sunday 20 February 2011 03:38:38, Randy Brown wrote : > I found the answer to the first part of my question in pmwiki.php. > Apparently, here is what you can add to your config.php: > > ## This ensures the listed page variables are controlled by page > permissions $FmtPV['$LastModifiedSummary'] = '@$authpage["csum"]'; # > instead of '@$page["csum"]' $FmtPV['$LastModifiedBy'] = > '@$authpage["author"]'; > $FmtPV['$LastModifiedTime'] = '@$authpage["time"]'; > $FmtPV['$Title'] = 'FmtPageTitle(@$authpage["title"], $name, 0)'; > $FmtPV['$Titlespaced'] = 'FmtPageTitle(@$authpage["title"], $name, 1)'; > $FmtPV['$Description'] = '@$authpage["description"]';
Correct. > I'm still wondering about the relevance of where it's placed in config.php > and the potential for this security to be inadvertently overridden by > other recipes. The $authpage settings should be placed before any function or recipe calls the PageVar or the PageTextVar functions. You can place them near the beginning of config.php before you include other scripts. Thanks, Petko _______________________________________________ pmwiki-users mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-users
