Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
Re: Request: 4.6.1 When saving an article with embedded PHP, ...
etc wrote #302105:
A debug warning on the public side remains the best option for me.
Makes sense. We have this already… so, no change, right? Won’t help the OP when saving but, as you say, so many ways to save an article and so many ways to inject php.
I meet this “team” articles situation quite often.
Me too. And I know Destry does.
Separate owner and author requires a new field and some careful logic alterations, plus a multi-edit to ‘grab’ ownership for accounts with suitable privileges. Same for Images, Files & Links?
Multiple authors for an article: should it be done properly with a link table or can we hack this in a naughty way by allowing a comma-separated list of AuthorIDs? Then it just requires us to change equality tests into ‘in’ tests, plus a few other miscellaneous corner cases. Not sure how this affects the <txp:author> and <txp:authors> tags yet. We’d need a way of iterating over the authors of an article / passing off to a Form.
Maybe we should split this part of the discussion into a new thread?
The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.
Txp Builders – finely-crafted code, design and Txp
Offline
Re: Request: 4.6.1 When saving an article with embedded PHP, ...
Bloke wrote #302106:
Separate owner and author … Same for Images, Files & Links?
Nope, at least not yet imo. For me, articles is a thing apart. Though don’t know exactly what I mean. :-)
Multiple authors for an article: should it be done properly with a link table or can we hack this in a naughty way by allowing a comma-separated list of AuthorIDs? Then it just requires us to change equality tests into ‘in’ tests, plus a few other miscellaneous corner cases. Not sure how this affects the
<txp:author>and<txp:authors>tags yet. We’d need a way of iterating over the authors of an article / passing off to a Form.Maybe we should split this part of the discussion into a new thread?
Yes, it’s more a core dev topic.
Offline
Re: Request: 4.6.1 When saving an article with embedded PHP, ...
re: own thread
Since topic-wise it was tangent, and it sounds like there is value in pursuing it, moving it to it’s own topic makes sense.
Pending the split
re: images, files, and links
Like etc, this has most often effected me in relation to articles. But I suspect that for others images may be a similar issue (photo sites – perhaps needing to leave credit to the photographer who left an agency), then files perhaps – if for some reason there was need to keep a credit to an author. Links seem minor – no copyright / authorship to speak of.
Offline
Re: Request: 4.6.1 When saving an article with embedded PHP, ...
maverick wrote #302157:
re: images, files, and links
These have no “body” with eventual <txp:php> inclusion, which is the origin of the OP issue. Altering their authors privs has no repercussion on the public side, contrarily to articles.
Offline
Re: Request: 4.6.1 When saving an article with embedded PHP, ...
Makes sense. I’ve only dealt with ownership issues re: articles. The rest was theoretical speculation in conceptual terms of owner vs. author issues. I should have brought my head out of the clouds and look at the reality on the ground.
etc wrote #302170:
These have no “body” with eventual
<txp:php>inclusion, which is the origin of the OP issue. Altering their authors privs has no repercussion on the public side, contrarily to articles.
Offline