Hi,
I want to perform some actions (namely importing some Tiddlers automatically) only when they are NOT synchronized on the server.
Is there a way to find out by the reveal- or the listwidget, whether a user has set the password or not.
Best wishes Jan
What server and saving mechanism?
What does synchronized mean to you in this context?
Hello Saq,
thanks for your reply.
I am still using the php-saver. It would be good to make this work, whenever autosave is active.
Best Wishes Jan
Dear Saq, dear all,
Some time ago I asked for a trick to prevent from happening, when the wiki is updated on the server.
I guess that this was hard to solve because it is hard to determine in TW whether the password set is correct. I would like to intercept actions whenever the server-password is set … even if it is not correct.
Does it make the task easier?
Best Wishes
@JanJo that does indeed make it easier but I still have no idea what server and saving mechanism you are using. I searched on tiddlywiki.com for php-saver and did not find anything helpful.
Most probably the password is being saved in local storage and there is intentionally no way for wikitext to be able to access it. Does your server require a username? That is probably stored in a config tiddler and its presence could be queried.
Tw reciever is the only php saver I am aware of.
Hi Saq, in fact the frontent is the (old?) Tiddlyspot-saver which uses a backend called store.php which can be found here: http://bidix.tiddlyspot.com/. It uses a cookie you access by <$password name=“upload”/> .
I would like to have a reveal or listfilter expression which can determin wheter the field is empty or not.
Sorry that I was not more clear about this.
Best wishes Jan
The $password widget doesn’t use cookies. Rather, it uses your browser’s “local storage” to hold the password input as an unencrypted value. For security reasons, the only way to retrieve this value is via a TWCore javascript function, $tw.utils.getPassword.
The TWCore “upload saver” (see $:/core/modules/savers/upload.js) that is used by the “TiddlySpot” saver (which is compatible with BidiX’s server-side store.php handler) contains this line of code:
password = $tw.utils.getPassword("upload")
Of course, it would be relatively simple to write a javascript macro to fetch this value so it could be accessible to a $reveal widget or $list filter. Normally, I would just post the javascript macro code to show how to do this. However, such code would also open a big hole in the TWCore “password vault”, exposing all unencrypted passwords for potential “harvesting” by unvetted 3rd-party wikitext code.
Hello Eric,
Many thanks, the js-trick works and I can show the password - but somehow I did not get it to work in the reveal-widget.
I already had thought of the security-problem of the stored password …which is very present to me because I have to use my wiki quite often on public PCs (like in my school). For this would like to have a mechanism to erase the password easily by clicking a button or even better automatically after a defined time.
So thanks for this hint.
Best wishes Jan