Is there a way to prevent access to files in the server (pdf files, for instance). I intend to use sessions (REQUEST.SESSION) to control that. Is it possible? If not, what's the better option in this case? AccessRules also don't seem to work.
You should remove the 'View'-Right for Anonymous and only admit it to a special role. This can be done easily with a script...
I'm using postgresql to store my users data (not acl_users folders) can I define roles to users registered this way and logged through REQUEST.SESSION?
I'd like to use Session (REQUEST.SESSION) data as a parameter to another method (a Zsql Method for example). How can I do that in dtml? <dtml-with SESSION mapping> doesn't work. I guess I should use getSessionDataByKey, but I didn't figure out exactaly how.
<dtml-call "REQUEST.SESSION.set('test','hello world')"> <dtml-var "SESSION.get('test')">
Yes, that prints "hello world", but how do I send "hello world" (assign it to a variable) to a ZSQL Method as a parameter? Thank you.