7 Jun
2007
7 Jun
'07
2:44 p.m.
Quoting Karthik <narakasura@gmail.com>:
One of many scenarios where this will prove to be a hindrance:
1. I create a page using the PHP filter containing sensitive information. 2. I forget to select the PHP input format. 3. I notice this and edit the page again and select the correct format. 4. I think all is well.
Anybody who can view revisions will be able to see my sensitive information.
* Create a content type ``sensitive data''. * Create a role ``sensitive user''. ** Set the Create and Edit ``sensitive data'' for this role. * Assign a user the ``sensitive user'' role. Now only the ``sensitive user'' user can see the page to see the revision. Did I miss something? Earnie