On 04/09/07, Daniel Cannon cannon.danielc@gmail.com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Rob Church wrote:
On 04/09/07, Platonides Platonides@gmail.com wrote:
b) Alllow everybody to upload images anonymous. $wgGroupPermissions['*' ]['upload'] = true;
This won't work; the upload form is hard-coded to require a logged-in user.
How do you figure?
if( !$wgUser->isAllowed( 'upload' ) ) { if( !$wgUser->isLoggedIn() ) { $wgOut->showErrorPage( 'uploadnologin','uploadnologintext' ); } else { $wgOut->permissionRequired( 'upload' ); } return; }
are the relevant lines. It would appear that if the user has the upload right it will never check if the user is logged in or not. Is there something I'm missing?
That must have been changed somewhat recently, then.
Incidentally, if a user who isn't logged in does have upload rights, there may be issues with the upload log, since the logging table doesn't have a log_user_text counterpart to store the IP address.
Rob Church