plugin:phprestrict
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
plugin:phprestrict [2016-09-14 15:04] – [Discussion] 81.67.68.4 | plugin:phprestrict [2019-09-04 14:38] (current) – [Configuration and Settings] MadOverlord | ||
---|---|---|---|
Line 6: | Line 6: | ||
email : trebor@animeigo.com | email : trebor@animeigo.com | ||
type : action | type : action | ||
- | lastupdate : 2016-06-07 | + | lastupdate : 2016-11-23 |
- | compatible : 2016-06-26, Detritus | + | compatible : 2016-06-26, 2017-03-04, Detritus, Elenor of Tsort, Frusterick Manners |
depends | depends | ||
conflicts | conflicts | ||
Line 20: | Line 20: | ||
===== Installation ===== | ===== Installation ===== | ||
- | Install | + | Search and install |
===== Examples/ | ===== Examples/ | ||
Line 44: | Line 44: | ||
* **2016-06-07** | * **2016-06-07** | ||
* 1.1; minor cleanups, added disabling of revision history. Fixed problem with extra level of folder nesting in the GIT repository (newbie mistake) | * 1.1; minor cleanups, added disabling of revision history. Fixed problem with extra level of folder nesting in the GIT repository (newbie mistake) | ||
+ | * **2016-11-23** | ||
+ | * Pointfix: Disabled execution of <PHP> content on history pages (which would permit execution of old/ | ||
+ | * **2019-09-04** | ||
+ | * Bugfix: was not handling processing properly when the list of paths included a completely blank path. | ||
===== FAQ ===== | ===== FAQ ===== | ||
+ | ===== Forum ===== | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
===== Discussion ===== | ===== Discussion ===== | ||
Line 57: | Line 63: | ||
2016-09-14 (MadOverlord) : I don't know if is possible, and it is a bit out of scope. The whole point of the plugin is that it lets you restrict who can use PHP by specifying where PHP is allowed and then using the ACL to restrict who can edit those pages. If you let a bad-actor have access to PHP, having them be able to execute phpinfo(); is the least of your problems! | 2016-09-14 (MadOverlord) : I don't know if is possible, and it is a bit out of scope. The whole point of the plugin is that it lets you restrict who can use PHP by specifying where PHP is allowed and then using the ACL to restrict who can edit those pages. If you let a bad-actor have access to PHP, having them be able to execute phpinfo(); is the least of your problems! | ||
- | 2016-09-14 (Wild Dagger) : Thank you for the quick response, how can we help to translate the plug-in? | + | 2016-09-14 (Wild Dagger) : Thank you for the quick response, how can we help you to translate the plug-in? |
+ | |||
+ | 2016-09-14 (MadOverlord) : I do not understand what you mean by ' | ||
+ | |||
+ | 2016-09-14 (Wild Dagger) : [[https:// | ||
+ | |||
+ | 2016-09-14 (MadOverlord) : If you wish to add support in the settings for another language, just submit a pull request to add a land/ | ||
+ | |||
+ | 2016-09-14 (Wild Dagger) : Thank you MadOverlord :) What do you mean about " | ||
+ | |||
+ | When i enable the option (in Release 2016-06-26a " | ||
+ | |||
+ | * A simple user with Read permission (ACL): | ||
+ | * ? | ||
+ | * ? | ||
+ | * ? | ||
+ | * ? | ||
+ | * ? | ||
+ | * ?do=edit -> **__works__** (__show the source code__) | ||
+ | * I have not tested the revised options | ||
+ | |||
+ | 2016-09-14 (MadOverlord) Wild Dagger : I believe you may have given the user additional permissions. For the default (non-logged in user) with read access, when I try ?do=edit, I get " | ||
+ | |||
+ | 2016-09-14 (Wild Dagger) Thank you for all these details, I'll enable 'View source' |
plugin/phprestrict.txt · Last modified: 2019-09-04 14:38 by MadOverlord