This project is read-only.


Jun 12, 2009 at 7:44 AM
Edited Jun 12, 2009 at 7:45 AM

Hi everybody,

Please post suggestions and wishes of further enhancements of the MWPSK contrib to this discussion.

Thank you for your input

Jul 10, 2009 at 10:54 PM
Edited Jul 10, 2009 at 10:59 PM

A very simple modification can make the search function more intuitive.  By adding a text box in the header of the master page, this will allow users to directly enter search terms and perform the search removing an extra navigation step.


Jul 21, 2009 at 4:16 PM

My vote goes for AJAX enablement 

Partly due to some of the usability aspects around postbacks, but mainly from a theme perspective.

The rounded corners on the sections look much better than the square edges, but are currently implemented as images, by moving to AJAX we could make skinning much easier as we would remove the need to create these objects, also the page could scale easier if we used the rounded corner extension. I acknowledge that this may have a drawback with regards to some of the more advanced themes where the edges are not fixed colours but actual images.

Jul 28, 2009 at 12:12 AM


Any ideas on a shopping cart with payment gateway integration..

Mar 5, 2010 at 4:20 PM
Edited Mar 5, 2010 at 4:26 PM

I would like multiples roles, to control which users can access which pages.

The menu should only show the pages available to the current users role(s).

It would also be useful to let some roles have update access to pagex, and other roles have only read access - like the effect of the PowerUser on/off. But I would settle for being able to control access to the page with the role, and control update access with the PowerUser. That would be a step forward, but not the complete solution, because I would like some users to be able to update in some areas, and not in other areas.

Mar 5, 2010 at 4:24 PM

I would like the ability to migrate from xml storage to sqlserver, as the site grows and more functionality is required. And use database authorisation and roles.

This would avoid the need to drop mwpsk which users are familiar with, and change to another cms.

Mar 21, 2010 at 10:58 AM

I would like the ability to let users enter or edit content in a section on a page, and prevent them from editing another section on the same page.

And I want to allow users to edit the contents of a section but not delete that section, and not add a new section to the page.


This might be done like the "edit by power user" option on the page, but at the section level. Perhaps call it "allow contributors to edit content".

So a "Power User" could change content in a section, add a section, delete a section, to a page.

A "Contributor" could change content in a section, but not add or move or delete a section.

And a "Contributor" could be allowed to change one section of a page, but might not be allowed to change another section on the same page.


However, this could be taken a stage further, and instead of global "power user" and "contributor" levels, allow to give some users "power User" control of one page, and different users "power user" control of a different page.  Also give some users "contributor" access to some pages and different users have "contributor" access to other pages. 

Could this be done using roles? Optionally hold the role required for "power user" access on each page, and optionally hold the role required for "contributor" access on each section.


Comments or suggestions, anybody?

Apr 20, 2010 at 2:16 PM
Reduce vulnerability to javascript injection, XSS attacks, etc, by shipping the kit with ValidateRequest="true" by default, instead of turned off by default. That's trivial. But this would get some ugly yellow screen of death error messages, or the non-specific custom error page; but that's better than having your pages hacked to download malware or advertise porn sites. So it would be nice to trap this particular type of error so that a specific custom error page could be shown (or options to show nothing at all, or go to a login page?) Plus we could maybe log details of the attacker, or the accident prone user, whichever it is. It would be possible to lock out users if logged on? It would be possible to block IP addresses of repeat attackers? But I don't know what to do about the HTML editor. Remove the html view?
Jun 8, 2010 at 4:05 PM

Wonders if this is such a daft idea... Facebook intergration?