I am trying to make a URL that goes directly into the Edit page of the Admin interface, but have some security issue.

I want to use this to access the edit page:

Code: Select all

http://MYDOMAIN/couch/?act=edit&tpl=124&p=1026&nonce=1a0440d910ce8eac7f645826fe22edfc

so I am using this:

Code: Select all

<cms:if k_user_access_level ge "4" >
'<em><a href="http://MYDOMAIN/couch/?act=edit&tpl=124&p='+feature.properties.id+ '">edit</a></em>'
<cms:else />' '
</cms:if>);

Which gives me a fine URL:

Code: Select all

http://MYDOMAIN/couch/?act=edit&tpl=124&p=857

(the ID is correct), but the URL leads to an authentication error:

Security tokens do not tally for executing this action. Please try again.

I guess the "nonce=" part is the problem. Is there a correct way of doing this?

[trendoman]

Hi @normis, can you try this?

Code: Select all

<cms:pages masterpage='template.php' id='857' >
       <p><a href="<cms:admin_link />">Edit Page</a></p>
</cms:pages>

More tricks here https://www.couchcms.com/forum/viewtopi ... =20#p19795

It works!

You guys are amazing here

I have a pretty non standard couchcms implementation, I think. I will show it when it is finished. It used to run on a CSV "database" so to say, and I will migrate all my Leaflet points into Couch.

I have a webpage that shows a map of hiking trails in my country. The points now come from the couch database via GeoJSON output. Works nicely so far.