# |
Aug 7th 2008, 07:43 |
alkemann |
and the way it works if you only have access to a leaf, you dont have access to the root |
# |
Aug 7th 2008, 07:43 |
lqdice__ |
its going to be a lot of files |
# |
Aug 7th 2008, 07:42 |
alkemann |
why force ppl to click more times then they need to? |
# |
Aug 7th 2008, 07:42 |
lqdice__ |
alkemann: but what i mean is .. if i give someone access to /Programs/SomeProgram/Version 2.0/Windows_Install.exe they should at the first page see /Programs then have to click through like a regular directory |
# |
Aug 7th 2008, 07:41 |
alkemann |
$html->link('/files/thing.png', 'thing'); |
# |
Aug 7th 2008, 07:41 |
alkemann |
. /files |
# |
Aug 7th 2008, 07:41 |
SteffenGoertz |
how can i link to files in the webroot/files direcotry |
# |
Aug 7th 2008, 07:40 |
alkemann |
lqdice__: well files too. thing is that u dont need an acl tree = file tree cause the default is deny for all and there is inheritance in the acl |
# |
Aug 7th 2008, 07:40 |
lqdice__ |
it would be nice if it could just enumerate the folders if i give access to the file.. so if the file gets moved they still have access to it etc.. |
# |
Aug 7th 2008, 07:39 |
lqdice__ |
it would be nice if it could |
# |
Aug 7th 2008, 07:39 |
Kitara |
lqdice__: both not working |
# |
Aug 7th 2008, 07:39 |
lqdice__ |
alkemann: for each folder? |
# |
Aug 7th 2008, 07:39 |
alkemann |
lqdice__: well the best would proably be to do an acl tree |
# |
Aug 7th 2008, 07:39 |
primeminister |
achew22: you still here? |
# |
Aug 7th 2008, 07:38 |
lqdice__ |
alkemann: well if you think about it, if I give access to some file, i need to show the entire directory tree.. so its just tricky |
# |
Aug 7th 2008, 07:38 |
lqdice__ |
Kitara: you can do 'users/login' too i believe..or try '/users/login' .. one of them wont keep the plugins there |
# |
Aug 7th 2008, 07:38 |
alkemann |
yea, wasnt that what u were asking? |
# |
Aug 7th 2008, 07:38 |
Kitara |
alkemann: that is for after the login right ? |
# |
Aug 7th 2008, 07:37 |
alkemann |
Kitara: $this->Auth->loginRedirect |
# |
Aug 7th 2008, 07:37 |
Kitara |
still, does'nt work |
# |
Aug 7th 2008, 07:37 |
alkemann |
lqdice__: what has the one to do with the other |
# |
Aug 7th 2008, 07:37 |
lqdice__ |
looks good |
# |
Aug 7th 2008, 07:37 |
Kitara |
lqdice__: $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login'); like this ? |
# |
Aug 7th 2008, 07:36 |
lqdice__ |
Have any of you guys used the tree behaviour and added security around it .. basically I am trying to make a file explorer online but i need to limit the access to certain files for certain users |
# |
Aug 7th 2008, 07:36 |
lqdice__ |
Kitara: there are vars that lets you specify where to send when you login, where the login page is ,etc.. its in the books |
# |
Aug 7th 2008, 07:35 |
alkemann |
Kitara: take another look at the api |
# |
Aug 7th 2008, 07:35 |
Kitara |
is there a way to make AuthComponent redirect to /users/login instead of /plugin/users/login ? |
# |
Aug 7th 2008, 07:34 |
lqdice__ |
if the server is not configured properly you will have a lot of potential holes |
# |
Aug 7th 2008, 07:34 |
lqdice__ |
what does this have to do w/ ht access though ? |
# |
Aug 7th 2008, 07:33 |
alkemann |
lqdice__: "configured properly" off course. goes without saying. but many, too many, arent. I know that this is possible on two of the places that I have had things in the past |
# |
Aug 7th 2008, 07:33 |
stevieboy |
lqdice__: i know... but you know... i love cake magic |
# |
Aug 7th 2008, 07:33 |
stevieboy |
alkemann: well, no. i'll check it. thx for the hint. |
# |
Aug 7th 2008, 07:33 |
lqdice__ |
stevieboy: the book contains the built in utilities.. maybe you can find something.. but use plain PHP if there isnt anything, nothing wrong w/ that |
# |
Aug 7th 2008, 07:33 |
alkemann |
slartibartfast76: you wouldnt have had to do that if u had used $html->link instead of hardcoding them :P |
# |
Aug 7th 2008, 07:32 |
lqdice__ |
alkemann: not if your user is configured properly.. you MAY be able to do a ls but you wont be able to d/l or see anything if the user you are logged in as doesn't have permissions to anything outside of your folder |
# |
Aug 7th 2008, 07:32 |
alkemann |
stevieboy: xml parser probably uses something like that. have u looked at it? |
# |
Aug 7th 2008, 07:31 |
alkemann |
lqdice__: u can download a script, put it on ur server and u can then do "cd .." out to htdocs root and enter other ppls htdocs. (ok thats paraphrasing, I havent actually done it myself) |
# |
Aug 7th 2008, 07:31 |
stevieboy |
i can use fgets and so on |
# |
Aug 7th 2008, 07:31 |
stevieboy |
text |
# |
Aug 7th 2008, 07:31 |
lqdice__ |
stevieboy: what kind of file |
# |
Aug 7th 2008, 07:31 |
stevieboy |
some sweet magic? |