[Pmwiki-users] Users and accountability

[Knut Alboldt]

At 21:33 19.11.2004, you wrote:
>I have a wiki here at work. We will have different people editing pages, 
>but we need to know who edited/added pages. If I was to give out the 
>password to everyone on the staff, one of them may play a joke and 
>change/do something stupid to the site. So we need accountability, is this 
>feature possible?
>--

if you're using wiki in a company, i think you will have a countable no of 
user's (not like in the internet, where you possibly want to have everybody 
as an editor).
I'm also running pmwiki in the office (apache, php as cgi)  and I did the 
following:
The url of the pmwiki is htaccess-protected, so this is handles by apache, 
not by pmwiki by adding this to the url's dir in the file .htaccess:

Order allow,deny
Allow from All
AuthType Basic
AuthName "Name of the wiki goes here"
AuthUserFile /path-to-the-apache-passwd-fiel-goes-here
Require valid-user

With apache's htpasswd I defined every possible user.
So everyone has to logon before even reading the wiki-pages (user and 
password).

Then I added the following to config.php:

# if possible: get the author from php authentification or server 
authentification
if (@$_SERVER['PHP_AUTH_USER']) {$Author = 
strtoupper($_SERVER['PHP_AUTH_USER']);}
elseif (@$_SERVER['REMOTE_USER']) {$Author = 
strtoupper($_SERVER['REMOTE_USER']);}

In the office, the elsefi will be used to  setup the author's name.
Now every edit will get the Author's name in the textfield. If you set this 
field readonly (add the attribute readonly for the field author in the 
$PageEditFmt-variable:
<input readonly type='text' name='author' width='10' value='\$Author' />
then the author's name is displayed but cannot be changed.

Caveats:
- if you want to protect single pages, you need to protect the pages in the 
usual wiki-way. I don't know if this runs with the apache-password

Maybe that helps.