[pmwiki-users] Retricting passwords to IPs
Knud Jahnke
jahnke at mpia.de
Wed Dec 9 08:33:41 CST 2009
Dear all!
I'm trying to do the following: For an institute-internal Wiki I want everyone
with a certain IP (base) to be able to edit the Wiki without a password, but
everyone else outside only with a password.
The Wiki is part of a farm and I tried to follow the example in
http://www.pmwiki.org/wiki/PmWiki/Security#wikivandalism
"How do I take a whitelist approach where users from known or trusted IP
addresses can edit, and others require a password?
Put these lines to local/config.php:
## Allow passwordless editing from own turf, pass for others.
if ($action=='edit'
&& !preg_match("^90.68.", $_SERVER['REMOTE_ADDR']) )
{ $DefaultPasswords['edit'] = crypt('foobar'); }
Replace 90.68. with the preferred network prefix and foobar with the default
password for others. "
When I do this, nothing happens: The statement
preg_match("^90.68.", $_SERVER['REMOTE_ADDR'])
always seems to return false, no matter what I do, so the negation is true, and
when editing then the if condition is true and hence a password is always
requested. Interestingly, this can not be due to problems with
$_SERVER['REMOTE_ADDR'] (how can I actually display this in the pmwiki
context?), but even
if ($action=='edit' && !preg_match(".*", "a" ))
{ $DefaultPasswords['edit'] = crypt('foo'); }
asks for the password, even though preg_match should return true, so the
negation is false, so the overall condition is false and no password should be
set.
Am I doing something stupid? Is something wrong with my system? Can I use
something else? I would appreciate help very much!
Cheers, Knud
More information about the pmwiki-users
mailing list