ThomasP wrote:
On Sun, December 9, 2007 2:52 am, Dean Staub wrote:
First, Thank you Thomas for your work on the new module. It is a huge
improvement over the former system - well done.
I do however have a few small problems that I need to get to the bottom
of. I have for example the latest version of ZAP installed and I can't
get it to work.
It says "You are not authorized to submit this form." and the test
button function does nothing. How do I get around this?
Another issue is I can't seem to access the Attribute pages when I am
logged in as Admin. I understand this is not usually necessary, but in
the case of Zap which adds a privilege to the attributes page I cant set
it to no password (or clear it) This may have come from previous
settings in the Attributes pages prior to installing your module.
Hi, thanks.
I remember to have scrapped the "attr" level altogether (since no
attribute pages had sense in my module), but one can simply reintroduce it
as the the pure editing of the attribute pages will have no adverse effect
on the functioning of module. One will have to establish some action-level
mapping like
attr => admin
(if you have a single admin setup), or rather something more elaborate
otherwise (unless you want every admin to access attribute pages).
The form submitting in ZAP will demand some more effort, as I have not
used it myself before. A good starting point is to download the debug
function from my profile page and use the built-in logging calls to look
at what privilege is actually requested and denied. I can walk you through
this in case you come across a stumbling stone.
More or less the following:
- download debug.php, put in cookbook dir
- activate it in the local/config.php
- set as the event that you want to observe "USAU"
- go to the TryAccessingPage() in userauth2.php and uncomment every
logging that might be interesting
- sprinkle the code (after the append calls) with flushUA2ErrorLog()
calls. [This would have usually been cared for by an exit handler.]
I'm sure that this will lead us to the right info.
Thomas
_______________________________________________
pmwiki-users mailing list
pmwiki-users@pmichaud.com
http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Hi Thomas, thanks for your response.
I have found some time to follow your instructions above.
The results of your debug output are as follows for the error accessing
a zap function;
2007-12-12 09:18:56 EST USAU Someone trying to access page
Site.ZAPConfig at level read.
2007-12-12 09:18:56 EST USAU Site.ZAPConfig is a content page: yes
2007-12-12 09:18:56 EST USAU Access to Site.ZAPConfig at level read
granted.
--------------------------------------------------------------------------------
2007-12-12 09:19:22 EST USAU Warning: Someone asking for permission
for unknown level 'zap'. Refused.
and for accessing the attribute page I get;
2007-12-12 09:49:16 EST USAU Someone trying to access page
Site.ZAPConfig at level attr.
2007-12-12 09:49:16 EST USAU Site.ZAPConfig is a content page: yes
2007-12-12 09:49:17 EST USAU Access to Site.ZAPConfig at level attr
NOT granted.
2007-12-12 09:49:17 EST USAU Current cache utilization: 26 perm
queries, 0 user recs, 1 group recs, 0 ip range recs.
2007-12-12 09:49:17 EST USAU In total 1 uncached perm record loads, 1
uncached perm queries.
I'm sorry, I am no expert at php, just a bit of a hacker, otherwise I
would invest some time into trying to solve it myself.
(I have a single admin setup)
If you could lead me in the right direction here, I would be most
greatful to test any ideas you have.
Also just a note about your Debug.php script, I had to also add the line
$EnableDebug = 1; for it to work (I didn't see it mentioned on your
profile page :-) )
Dean
This email and any attachments are confidential. They may contain
legally privileged information or copyright material. You should not
read, copy, use or disclose them without authorization. If you are not
an intended recipient, please contact us at once by return email and
then delete both messages. We do not accept liability in connection with
computer virus, data corruption, delay, interruption, unauthorized
access or unauthorized amendment.
begin:vcard
fn:Dean Staub
n:Staub;Dean
email;internet:[EMAIL PROTECTED]
tel;work:03 5828 6285
x-mozilla-html:TRUE
url:http://www.staub.id.au
version:2.1
end:vcard
_______________________________________________
pmwiki-users mailing list
pmwiki-users@pmichaud.com
http://www.pmichaud.com/mailman/listinfo/pmwiki-users