[pmwiki-users] tweaking the operation of Site.AuthForm

Neil Herber nospam at eton.ca
Wed Mar 22 13:24:15 CST 2006

At 2006-03-22  01:45 PM -0500, The Editor is rumored to have said:
>You could try
>initially logging in using your edit password with the author name and
>make sure your read permissions include either password (ie, you may
>need read = pass1, pass2). That way you can read or edit without
>having to be prompted for a new password, and you will always have the
>Author variable available.
>But it seems strange that when prompted for the new password, that it
>doesn't bring up your custom login page, and re-ask for your author
>name--so perhaps I don't fully understand exactly what you are

Hey, thanks Caveman. You pointed out a bug in my UI that I didn't 
even know was there.

In the config file I had:
$DefaultPasswords['edit'] = crypt('editpass');
$DefaultPasswords['read'] = crypt('readpass');

and I assumed that there was a hierarchy of passwords like so:
read - just lets me read
edit - lets me edit and read
attr - lets me set attributes, edit, and read

But I hadn't thought this model through because it breaks down with 
"upload". Upload doesn't cascade nicely into the others. So having 
realized that, I changed config like so:
$DefaultPasswords['edit'] = crypt('editpass');
$DefaultPasswords['read'] = array(crypt('readpass'), crypt('editpass'));

which is what you suggested, and it works perfectly. I prefer this to 
having a fixed hierarchy because it lets me configure the hierarchy 
however I wish, including making the "upload" password enable reading 
and editing, or maybe just reading, or whatever. I think this Michaud 
guy must know what he is doing.  ;-)

However, this does not solve my original problem which is:
1) user logs on to read, gives name and pw
2) user then tries to edit, gets new pw prompt, but "name" is not 
pre-filled with the name the user just entered

In other words, I want to pre-fill the name field with $Author, but I 
don't know how.

The wiki is running in an environment with 2 shared passwords - one 
for reading (which everyone knows) and one for editing (which only a 
few know). I use Hans Bracker's commentboxstyled.php script to allow 
users with read-only privileges to leave comments. Users with edit 
privileges can clean up the comments if need be.


Neil Herber
Corporate info at http://www.eton.ca/
Eton Systems, 15 Pinepoint Drive, Nepean, ON, Canada K2H 6B1
Tel: (613) 829-4668 

More information about the pmwiki-users mailing list