On Thu, 2007-12-13 at 12:38 -0500, Tom Hogarty wrote:
Any ideas for how to best secure the mediawiki sidebar are much appreciated. I have included some info on my configuration below to provide some context for those who may be interested.
A simple solution would be to simply take the sidebar out of the default skin (whatever $wgDefaultSkin is set to). Edit the corresponding php file and conditionally take out the entire sidebar. For example, in skins/CologneBlue.php, you would change the function quickBar() like so:
if( $wgUser->isLoggedIn() ) { $s .= $this->menuHead( "qbbrowse" ); $bar = $this->buildSidebar(); $browseLinks = reset( $bar ); foreach ( $browseLinks as $link ) { if ( $link['text'] != '-' ) { $s .= "<a href="{$link['href']}">" . htmlspecialchars( $link['text'] ) . '</a>' . $sep; } } }
Similar things can be done with the other skins as needed.