Keith Devens .com
Keith Devens .com |
Thursday, March 18, 2010 | |
| Would that which we have achieved have been possible if Providence had not helped us? – Adolf Hitler (in a speech at Regensburg on June 6th, 1937) | ||
|
| ← Testing non-CMS site administration | August 6, 2001 PDB → |
Dennis Pallett (http://www.nocertainty.com) wrote:
Keith (http://keithdevens.com/) wrote:
Thanks Dennis. I poked around the source for a while trying to figure out how it did everything. After some minutes, I just decided to look and see if MT left any cookies indicating that a user was logged in, and they do. I'm about to post an explanation of what I did.
Sparticus (http://iamsparticus.co.uk) wrote:
If you're using Firefox (which I guess you are) then you can either download the webdeveloper extension, which'll tell you all the cookies set by a page, or you can look in tools -> options -> privacy -> cookies and search for cookies left by the site that look suspicious.
Sparticus (http://iamsparticus.co.uk) wrote:
Oh and to make it more portable you might want to change the '/weblog/mt.cgi' of the a href attribute to '<$MTCGIPath$>mt.cgi'.
That'll work for all installations of MT, regardless of where MT's installed too.
Keith (http://keithdevens.com/) wrote:
Ooh, neat. Thanks, I hadn't thought of that.
Julien Couvreur (Dumky) (http://blog.monstuff.com) wrote:
You could switch from a server-side detection of the "user" cookie to a client-side one...
This way you can still serve completely static html with MovableType, in exchange for requiring javascript on the client and a couple lines of javascript to parse the document.cookie data.
Mikey H (http://www.mediajunk.com/public/) wrote:
Thanks for that ... but ... does anyone know where I can find a button that I can add to my web browser bar to edit an MT page?
Many thanks,
-- M
Keith (http://keithdevens.com/) wrote:
You could probably do something with a Javascript bookmarklet that would bring you to Movable Type's edit screen for the current page. I don't now have time to figure out how that would be done, but I'm confident it wouldn't be very hard.
timtak (http://eigodaigaku.com) wrote:
Nice.
But I don't seem to have been able to get it to work.
Perhaps I am not parsing the page. I have added an .htaccess that tells my sever to parse the page.
My ISP, ipowerweb.com seems to have recently prevented my ftp client from seeing files which start with a dot. I am downloading the free ftp client you recommend (smartftp).
Tim
timtak (http://eigodaigaku.com) wrote:
Dear Keith
I added some echo's to the code, and the "hello" is displayed, but the "we are in" is not.
Any suggestions?
Thanks...
<?php
echo "hello";
if(isset($_COOKIE['user'])){echo "we are in"; ?>
<a href="http://blogurl.com/cgi-bin/mt.cgi?
_mode=view&_type=entry&id=<>&blog_id=<MTBlogID$>">(edit)</a>
<?php } ?>
Tim
(I brok the URL too, to stop it messing up your site layout)
Keith (http://keithdevens.com/) wrote:
Um, maybe you're not logged in?
219.127.61.37 wrote:
Hmm..perhaps you are right. My blog does not seem to be responding right now. But I could have sworn that I was logged in before.
Thanks
Tim
timtak (http://eigodaigaku.com) wrote:
No, I just checked that, I do seem to be logged in. I just cleared all my cookies from IE. Then logged in, and pressed the view site button. The hello, but not the "we're in" is there.
http://www.eigodaigaku.com/archives/en/000151.html#more
Ah well...it would have been very useful. Perhaps I will just add and edit button that is visible to everyone. Or perhaps I can do somethign to check for my IP.
Tim
Comments closed.
Generated in about 0.099s.
(Used 8 db queries)
Saturday, April 10, 2004
Permalink
The 'user' cookie contains the MT login information, so I guess that's a start. You might want to dig around the MT files, and try finding the authentication mechanism to reverse-engineer it. Or you could search the support forums, to see if anyone else has tried this.