Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
#13 2023-03-15 22:41:12
- lindabb
- Member
- Registered: 2023-02-17
- Posts: 111
Re: restrict author
Thank you so much, you guys the best.
I appreciate your help, it worked exactly as I wanted.
however , there is one thing kind of security issue, I understand even user doesn’t have permission to update, but the idea to hide others’ articles from viewed by others.
if I have
http://localhost/textpattern/textpattern/index.php?event=article&step=edit&ID=10&_txp_token=abdccd9fb542dc52a187720f9fc1c6b3
now change the id to 1 or 2, or 3 (or any existing id) author still can view the article by id.
http://localhost/textpattern/textpattern/index.php?event=article&step=edit&ID=2&_txp_token=abdccd9fb542dc52a187720f9fc1c6b3
Maybe need some restriction on view too
Thank you for your kind support
Offline
Re: restrict author
Yes, absolutely. The plugin’s only a cheap hack to show what’s possible (the help text mentions this).
It would need extending slightly to prohibit viewing from the Write panel too.
The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.
Txp Builders – finely-crafted code, design and Txp
Offline
Re: restrict author
This version should do it. Not tested particularly extensively so YMMV:
# mrd_for_your_eyes_only v0.1.0
# Users can only view their own content
# Stef Dawson / Dale Chapman
# https://stefdawson.com/
# ......................................................................
# This is a plugin for Textpattern - http://textpattern.com/
# To install: textpattern > admin > plugins
# Paste the following text into the 'Install plugin' box:
# ......................................................................
H4sIAAAAAAAAE+VW227bOBB991dMhaCygcCx7NRJZXiBoH4J0O0C2+ZZYMSRTZQiVZKyKxT5
9x3qFqm5LNp9XAE2bzNnDs8MKbE4WsY/bHwZB4rlGGxsvFzGQW54kmmTVLo0CVZoE61k5Vev
4uCIxgqt/OhdHCzm0Xzh++s4YKU7aFOD0Oizwwx27GS1ggvqSIQPB1bkrHaNFp19UhpR+6zi
4OBcYeOLC0u+vHadpzq/qB2iOOBoUyMK14ZfEZs7S3QgZQo8RTgKPIE7oDCgTwpSrRwq13LV
hmNNj6De+Za27aoC26lVa5ZJtrft3KI1O6AsapKXfhDN4XmJJpO/VIqAit1L5OdQ1uxyVjXs
LOJTcnP4pB0CAYE96FJycrel6SwLI45C4h5B4hElMGmQ8QoMWmdE6iwgF06oPejsKThkwlh3
DppWzElYjyosmJKLnJaZqchCOjRAs8isIJb3VcGsRU5iMo8Id39/nLc6pJo3cl1eUQIN7gWl
yiQpk/KepV+n4fO6hOcQMp4LlVD+yEGwcLaZ/Js7bZGaFB8hjBOpRN+lX/Q7ECJne+w7idfu
d6FIOOza/wQkhfratUOgSVaq1Bf7C9U2PcMj5fbMuoL+vbKzyY8J0LOX+p5JOHPfi8TX4Kae
PfNd2ALXnyWzh2m/7GN5A5HB1KPBdrv1dKxL/F84gwbWPwZdaRQEcPNpBzf1Cb7dEWhYo4dB
E+oBUFKxeUBKOjOGVdOGZ9Nv9lqDdwp2gyYxTdzZi5Gbu+Np3MnDS7KNZB9I97JmjWid300X
UZVSbsZrfzLSrN1azzf0SE29wfaPccWNjepKgtpoUExjm7pIGptBnfQ2oxTS3poUdgdmKGNP
uk7bvrDT8HYXdv49xqPV0Pl5RSzLkDaBkk/DriR8Kh1+dwVzdBYUDYPb3TaY+6vFuEQoN4ox
2/QxHoYV9CpvwcOBX2/whe70Lh2JRWbSQ1t8w4S9smN4+3aM9msSNLUZno8xSADBf0WAQUJ/
Ckf0nsy9oXw/HujxuflWCoOJf5PY6aw/KP4ev25ebYlhp//9642+P3Jefxes6BvoenGVrpcL
tn6/vsyi5Spi0TJj2TpdXr9fZxHZPfwD/MqbXz4JAAA=The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.
Txp Builders – finely-crafted code, design and Txp
Offline
#16 2023-03-16 14:16:22
- lindabb
- Member
- Registered: 2023-02-17
- Posts: 111
Re: restrict author
Thank you so much Stef ,
Worked as expected !
Thank you for your hard work and support.
Offline