Log message #109017

# At Username Text
# Aug 7th 2008, 07:40 lqdice__ it would be nice if it could just enumerate the folders if i give access to the file.. so if the file gets moved they still have access to it etc..
# Aug 7th 2008, 07:39 lqdice__ it would be nice if it could
# Aug 7th 2008, 07:39 Kitara lqdice__: both not working
# Aug 7th 2008, 07:39 lqdice__ alkemann: for each folder?
# Aug 7th 2008, 07:39 alkemann lqdice__: well the best would proably be to do an acl tree
# Aug 7th 2008, 07:39 primeminister achew22: you still here?
# Aug 7th 2008, 07:38 lqdice__ alkemann: well if you think about it, if I give access to some file, i need to show the entire directory tree.. so its just tricky
# Aug 7th 2008, 07:38 lqdice__ Kitara: you can do 'users/login' too i believe..or try '/users/login' .. one of them wont keep the plugins there
# Aug 7th 2008, 07:38 alkemann yea, wasnt that what u were asking?
# Aug 7th 2008, 07:38 Kitara alkemann: that is for after the login right ?
# Aug 7th 2008, 07:37 alkemann Kitara: $this->Auth->loginRedirect
# Aug 7th 2008, 07:37 Kitara still, does'nt work
# Aug 7th 2008, 07:37 alkemann lqdice__: what has the one to do with the other
# Aug 7th 2008, 07:37 lqdice__ looks good
# Aug 7th 2008, 07:37 Kitara lqdice__: $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login'); like this ?
# Aug 7th 2008, 07:36 lqdice__ Have any of you guys used the tree behaviour and added security around it .. basically I am trying to make a file explorer online but i need to limit the access to certain files for certain users
# Aug 7th 2008, 07:36 lqdice__ Kitara: there are vars that lets you specify where to send when you login, where the login page is ,etc.. its in the books
# Aug 7th 2008, 07:35 alkemann Kitara: take another look at the api
# Aug 7th 2008, 07:35 Kitara is there a way to make AuthComponent redirect to /users/login instead of /plugin/users/login ?
# Aug 7th 2008, 07:34 lqdice__ if the server is not configured properly you will have a lot of potential holes
# Aug 7th 2008, 07:34 lqdice__ what does this have to do w/ ht access though ?
# Aug 7th 2008, 07:33 alkemann lqdice__: "configured properly" off course. goes without saying. but many, too many, arent. I know that this is possible on two of the places that I have had things in the past
# Aug 7th 2008, 07:33 stevieboy lqdice__: i know... but you know... i love cake magic
# Aug 7th 2008, 07:33 stevieboy alkemann: well, no. i'll check it. thx for the hint.
# Aug 7th 2008, 07:33 lqdice__ stevieboy: the book contains the built in utilities.. maybe you can find something.. but use plain PHP if there isnt anything, nothing wrong w/ that
# Aug 7th 2008, 07:33 alkemann slartibartfast76: you wouldnt have had to do that if u had used $html->link instead of hardcoding them :P
# Aug 7th 2008, 07:32 lqdice__ alkemann: not if your user is configured properly.. you MAY be able to do a ls but you wont be able to d/l or see anything if the user you are logged in as doesn't have permissions to anything outside of your folder
# Aug 7th 2008, 07:32 alkemann stevieboy: xml parser probably uses something like that. have u looked at it?
# Aug 7th 2008, 07:31 alkemann lqdice__: u can download a script, put it on ur server and u can then do "cd .." out to htdocs root and enter other ppls htdocs. (ok thats paraphrasing, I havent actually done it myself)
# Aug 7th 2008, 07:31 stevieboy i can use fgets and so on
# Aug 7th 2008, 07:31 stevieboy text
# Aug 7th 2008, 07:31 lqdice__ stevieboy: what kind of file
# Aug 7th 2008, 07:31 stevieboy some sweet magic?
# Aug 7th 2008, 07:31 stevieboy is there anything in cake for reading files?
# Aug 7th 2008, 07:30 alkemann i like him cause he is most proud of the country im from :P
# Aug 7th 2008, 07:30 lqdice__ its pretty much all around the net.. even on the big boys sites
# Aug 7th 2008, 07:30 alkemann nice name slartibartfast76 :)
# Aug 7th 2008, 07:30 lqdice__ how is url rewriting not secure?
# Aug 7th 2008, 07:30 slartibartfast76 alkemann: thanks for the hint. I have deletet den htaccess files an unkomment the line in the core. But I still have rewritet URLs in the links of the Application. And get 404 error if I click on them.
# Aug 7th 2008, 07:26 alkemann well. in reality the question is this : do u want a pretty your or a secure webapp ? and by pretty I mean do u mind the index.php part of domain.com/index.php/apples/edit
# Aug 7th 2008, 07:25 lqdice__ get a diff webhost ;P