Log message #109027

# At Username Text
# Aug 7th 2008, 07:43 lqdice__ thats why i didnt think ACL would be right for this
# Aug 7th 2008, 07:43 lqdice__ right
# Aug 7th 2008, 07:43 alkemann and the way it works if you only have access to a leaf, you dont have access to the root
# Aug 7th 2008, 07:43 lqdice__ its going to be a lot of files
# Aug 7th 2008, 07:42 alkemann why force ppl to click more times then they need to?
# Aug 7th 2008, 07:42 lqdice__ alkemann: but what i mean is .. if i give someone access to /Programs/SomeProgram/Version 2.0/Windows_Install.exe they should at the first page see /Programs then have to click through like a regular directory
# Aug 7th 2008, 07:41 alkemann $html->link('/files/thing.png', 'thing');
# Aug 7th 2008, 07:41 alkemann . /files
# Aug 7th 2008, 07:41 SteffenGoertz how can i link to files in the webroot/files direcotry
# Aug 7th 2008, 07:40 alkemann lqdice__: well files too. thing is that u dont need an acl tree = file tree cause the default is deny for all and there is inheritance in the acl
# Aug 7th 2008, 07:40 lqdice__ it would be nice if it could just enumerate the folders if i give access to the file.. so if the file gets moved they still have access to it etc..
# Aug 7th 2008, 07:39 lqdice__ it would be nice if it could
# Aug 7th 2008, 07:39 Kitara lqdice__: both not working
# Aug 7th 2008, 07:39 lqdice__ alkemann: for each folder?
# Aug 7th 2008, 07:39 alkemann lqdice__: well the best would proably be to do an acl tree
# Aug 7th 2008, 07:39 primeminister achew22: you still here?
# Aug 7th 2008, 07:38 lqdice__ alkemann: well if you think about it, if I give access to some file, i need to show the entire directory tree.. so its just tricky
# Aug 7th 2008, 07:38 lqdice__ Kitara: you can do 'users/login' too i believe..or try '/users/login' .. one of them wont keep the plugins there
# Aug 7th 2008, 07:38 alkemann yea, wasnt that what u were asking?
# Aug 7th 2008, 07:38 Kitara alkemann: that is for after the login right ?
# Aug 7th 2008, 07:37 alkemann Kitara: $this->Auth->loginRedirect
# Aug 7th 2008, 07:37 Kitara still, does'nt work
# Aug 7th 2008, 07:37 alkemann lqdice__: what has the one to do with the other
# Aug 7th 2008, 07:37 lqdice__ looks good
# Aug 7th 2008, 07:37 Kitara lqdice__: $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login'); like this ?
# Aug 7th 2008, 07:36 lqdice__ Have any of you guys used the tree behaviour and added security around it .. basically I am trying to make a file explorer online but i need to limit the access to certain files for certain users
# Aug 7th 2008, 07:36 lqdice__ Kitara: there are vars that lets you specify where to send when you login, where the login page is ,etc.. its in the books
# Aug 7th 2008, 07:35 alkemann Kitara: take another look at the api
# Aug 7th 2008, 07:35 Kitara is there a way to make AuthComponent redirect to /users/login instead of /plugin/users/login ?
# Aug 7th 2008, 07:34 lqdice__ if the server is not configured properly you will have a lot of potential holes
# Aug 7th 2008, 07:34 lqdice__ what does this have to do w/ ht access though ?
# Aug 7th 2008, 07:33 alkemann lqdice__: "configured properly" off course. goes without saying. but many, too many, arent. I know that this is possible on two of the places that I have had things in the past
# Aug 7th 2008, 07:33 stevieboy lqdice__: i know... but you know... i love cake magic
# Aug 7th 2008, 07:33 stevieboy alkemann: well, no. i'll check it. thx for the hint.
# Aug 7th 2008, 07:33 lqdice__ stevieboy: the book contains the built in utilities.. maybe you can find something.. but use plain PHP if there isnt anything, nothing wrong w/ that
# Aug 7th 2008, 07:33 alkemann slartibartfast76: you wouldnt have had to do that if u had used $html->link instead of hardcoding them :P
# Aug 7th 2008, 07:32 lqdice__ alkemann: not if your user is configured properly.. you MAY be able to do a ls but you wont be able to d/l or see anything if the user you are logged in as doesn't have permissions to anything outside of your folder
# Aug 7th 2008, 07:32 alkemann stevieboy: xml parser probably uses something like that. have u looked at it?
# Aug 7th 2008, 07:31 alkemann lqdice__: u can download a script, put it on ur server and u can then do "cd .." out to htdocs root and enter other ppls htdocs. (ok thats paraphrasing, I havent actually done it myself)
# Aug 7th 2008, 07:31 stevieboy i can use fgets and so on
# Aug 7th 2008, 07:31 stevieboy text