Dear Hans, as I see it, upload permissions should be taken from the standard permissions. More options leads often to more confusion. :-)
Your plan sound reasonable. I'm really looking forward to using it. Do you intend to allow multiple attachements in one fox form? Martin Zitat von Hans <[EMAIL PROTECTED]>: > Thursday, March 27, 2008, 7:16:10 PM, Hans wrote: > >> One way which might work would be to use a fox form for all the >> data input and page creation and posting, and use the redirect= >> parameter with a full url which includes all the parameters needed to >> upload a file. But I am not sure if this is actually possible or >> allowed > > I think this was a wrong suggestion. > Uploads through url don't work, because for very valid security > reasons. > > I will add uploads capability to Fox, it is fairly simple. > I have to decide still how to integrate it into Fox's multi-target > model, and how to handle the security. > I probably implement uploads for one target page only, for a start. > So Fox can upload via using the file input control, and post content > etc at the same form submission. > For security i can either leave uploads to be protected via standard > 'upload' permission, i.e. one needs upload permission in order to > upload, or I add a new $FoxUploadAuth variable, set by default to > 'uploads'. Quite certainly the $FoxAuth setting should not govern > upload permission as well. > In addition 'upload' can become a pege permission, like 'add', > 'delete', 'replace' etc., so an upload target page needs to have > a permission set via FoxConfig or $FoxPagePermissions. > > Any ideas or feedback on this? > > > ~Hans > > _______________________________________________ pmwiki-users mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-users
