-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
James Mohr wrote:
Sorry about the top post ....
Personally, I would like to see them add an programmable authentication module. For example before editing or even displaying a page, it calls a function like is_authorized() which returns 1 or 0. By default the function returns 1. You can then add any code to check all sorts of security related issues.
regards,
jimmo
I think this fucntion is already exist (for editing/moving/creating page), and is called Title::userCan (includes/Title.php). As far as I understand, you can hook it (or just edit it) and return false if it is not some public namespace or a talk namespace and the user doesn't have the necessary permission.
- -- #define Name RotemLiss #define Mail mailSTRUDELrotemlissDOTcom #define Site www.rotemliss.com
#define KeyFingerPrint 4AFD 8579 A449 4267 BED9 38E5 6EF8 5B1F EBDE 7AC0