[Mediawiki-l] Users can not 'talk'
Alexis Moinet
alexis.moinet at fpms.ac.be
Thu Sep 14 07:44:06 UTC 2006
> A few months ago, I found this on mediawiki.org (but I can't remember on which page) :
I found it on meta for 1.6.5 (and, most likely, it works with 1.7.1):
http://meta.wikimedia.org/wiki/Help:User_rights#Questions
function isAllowed($action='') {
if ( $action === '' )
// In the spirit of DWIM
return true;
/* Special Cases */
global $wgTitle;
//Allow them to edit talk pages
if ($wgTitle->isTalkPage() && strcmp("edit", $action) == 0)
return true;
//No special cases relevant. Use established rules stored in DB.
$this->loadFromDatabase();
return in_array( $action , $this->mRights );
}
I don't know which one of $action == 'edit' (see previous post) or strcmp("edit", $action) == 0 is the most secure, sounds like both might be unsafe.
Anyway, I would, at least, change the code above to :
$this->loadFromDatabase();
if ($wgTitle->isTalkPage() && strcmp("edit", $action) == 0 && in_array('talk', $this->mRights))
return true;
return in_array( $action , $this->mRights );
*If I were you, I would wait for most competent advices than mine about the safety of this kind of modification*
Alexis
More information about the MediaWiki-l
mailing list