Timeshare security

From PeacockWiki

(Difference between revisions)
Jump to: navigation, search

Trevorp (Talk | contribs)

Next diff →

Revision as of 11:23, 20 September 2005

[edit]

Overview

Page security in timeshare revolves around the Auth object (in lib/auth.php). An instance of this object is available from all smarty HTML (*.smarty) templates in the form of a variable 'user' ($user).

[edit]

Notes

As it is intended most processing is done in smarty, there is one known disadvantage in the syntax of smarty tags. 

 {generate_data_object var="statusreport" query="statusreport" id=$smarty.get.id}
 {$user->define_manager('write', $statusreport->get('group'))}

Smarty does not handle the second '->' (in $statusreport->get('group') ). This is easily solved by a simple workaround. Assign the value to a smarty variable in a seperate command 

{generate_data_object var="statusreport" query="statusreport" id=$smarty.get.id}
{assign var="group" value=$statusreport->get('group')}
{$user->define_manager('write', $group)}
Retrieved from "http://wiki.peacocktech.com/wiki/Timeshare_security"
Personal tools