search

WolfgangFahl / PDFEmbed

"Fork" of Mediawiki PDF Embed extension
GNU Lesser General Public License v3.0
7 stars 7 forks source link

undefined variable $user in PDFEmbed.hooks.php on line 125 #25

Open matthias-oe opened 9 months ago

matthias-oe commented 9 months ago

Hello again :-) same setup as in issue "embed_pdf_no_permission #23"

If we use the visual editor and try to save our changes, we get (at least on an articles with two embedded PDFs) an error: Something went wrong, Invalid reply from Server. This error is forced by a warning i could find in the Serverresponse using the developer tools: Warning: Undefined variable $user in /var/www/html/extensions/PDFEmbed/PDFEmbed.hooks.php on line 125

Under some circumstances, the $user seems to be null. Again. I don't understand the need of additional rights check in PDFEmbed. Is there a possibility to disable those checks completly?

Best regards

pa4080 commented 9 months ago

I think the need for extra rights checks arises from the possibility of PDF files containing potentially harmful scripts, posing a risk to users who access the content within these files.

matthias-oe commented 9 months ago

I added a local workaround:

//  new config parameter checkGroupPermissions via LocalSettings.php 
$wgPdfEmbed['checkGroupPermissions'] = false;

dont do all those additional right checks in PDFEmbed.hooks.php:

$checkRights = isset($wgPdfEmbed['checkGroupPermissions']) ? $wgPdfEmbed['checkGroupPermissions'] : true;
if ($checkRights)
{ ... }