[pmwiki-users] authuser

Patrick R. Michaud pmichaud at pobox.com
Tue Mar 21 09:49:26 CST 2006

On Tue, Mar 21, 2006 at 10:46:18AM -0500, Rene Paquin wrote:
>    Yes that does fix it.  Thank you.  However i notice that with the
>    following configuration when I log in as rene/testing I can access the
>    admin area.  I shouldnt be able to do that am I correct? 
>    ## Enable authentication based on username.
>     ## Define usernames and passwords.
>     $AuthUser['rene'] = crypt('testing');
>    $DefaultPasswords['edit'] = 'id:*';
>    $DefaultPasswords['read'] = 'id:*';
>    $DefaultPasswords['admin'] = crypt('admin');
>    include_once('scripts/authuser.php');

Depends on what you mean by "access the admin area"?  Normally
the Site.* pages are publicly readable.  Also, once you enter the 
admin password ('admin'), you have admin privileges until you 
log out or change a page's password somewhere -- even if you 
log in as another account.


More information about the pmwiki-users mailing list