A few months ago, I found this on mediawiki.org (but I can't remember on which page) :
I found it on meta for 1.6.5 (and, most likely, it works with 1.7.1):
http://meta.wikimedia.org/wiki/Help:User_rights#Questions
function isAllowed($action='') { if ( $action === '' ) // In the spirit of DWIM return true;
/* Special Cases */ global $wgTitle; //Allow them to edit talk pages if ($wgTitle->isTalkPage() && strcmp("edit", $action) == 0) return true;
//No special cases relevant. Use established rules stored in DB. $this->loadFromDatabase(); return in_array( $action , $this->mRights ); }
I don't know which one of $action == 'edit' (see previous post) or strcmp("edit", $action) == 0 is the most secure, sounds like both might be unsafe.
Anyway, I would, at least, change the code above to :
$this->loadFromDatabase();
if ($wgTitle->isTalkPage() && strcmp("edit", $action) == 0 && in_array('talk', $this->mRights)) return true;
return in_array( $action , $this->mRights );
*If I were you, I would wait for most competent advices than mine about the safety of this kind of modification*
Alexis