> yes, you are quite right. Andy can you patch inc/auth.php: > > - $evt = new Doku_Event('AUTH_LOGIN_CHECK',$ACT); > + $evt = new Doku_Event('AUTH_LOGIN_CHECK',$evdata); fixed. > Andy: What were your intentions passing a modifiable username&password > along with the event, anyway? > > I don't see a good use-case for rewriting username&password from within > an event hook. It will only inspire coders to /inject/ passwords via > "AUTH_LOGIN_CHECK". Yet passwords should be handled via an > inc/auth/*class.php Well, I didn't have any particular use case in mind, but usually all other BEFORE events get passed the data on which a decision to interrupt the default action is made as event data, so I found it logical to pass this data there. So yes, it probably shouldn't be used, but makes the event interface a bit cleaner I'd think. Or am I missing something? Andi -- splitbrain.org -- DokuWiki mailing list - more info at http://wiki.splitbrain.org/wiki:mailinglist