9 Feb
2005
9 Feb
'05
10:07 p.m.
Patrick Ulmer wrote at 2005-2-8 10:45 +0100:
I have protect my folder by using acl_users. But now I must allow access by anonymous to one DTML-Document. This document uses <dtml-in> to get data from my MySQL-Database. To allow acces I have to set the following security properties:
1. DTML-Document: View 2. Z-SQL-Method: Use Database Methods 3. Parent Folder: Access contents information
Is that right? 1 is for viewing HTML. 2 and 3 for access Database. I'm not realy sure, why I must set 3? Can somebody explain it?
It allows you to access the parent folder. Without it, you get an "Unauthorized" when you handle the parent folder in any way in an untrusted context. -- Dieter