[pmwiki-users] Passwords

[Petko Yotov]

On 2016-06-25 23:39, Lee Gold wrote:
> I went to the home page and saw that the sidebar is editable by 
> default.

Yes, the Site.SideBar page has the same permissions as the rest of the 
wiki: if the wiki is open for editing (no passwords set), then the 
sidebar is also editable. If there is a site-wide edit password, then 
the sidebar can be edited with the same password.

> I edit ../local/config.php I did:
> 
> $DefaultPasswords['admin'] = pmcrypt('somepassword1234);
> $DefaultPasswords['edit']  = pmcrypt('editpw1234');
> 
> now when I go to edit the sidebar it asks for a password which is 
> masked
> but automatically provided, and still lets me edit the sidebar without 
> a
> challenge because the pw is correct. How do i password protect the
> sidebar? why is the correct pw being provided yet masked?

The password is most likely filled by your browser or password manager, 
PmWiki does not fill the password form. So my guess is the WAMP 
installation had some other software installed. You can test if it is 
the case by launching your browser in the "incognito" or "private" mode: 
the password will not be pre-filled. Again, if you don't have a password 
manager or some browser extension that fills the passwords for you.

> Also it seems to use cookies. And I can leave the page and comeback and
> still edit the sidebar. Is there a way to have it that I leave the page
> that edit cookie for the sidebar gets destroyed?

This is a session cookie that should be discarded when you close your 
browser window(s).

To speed this, at the end of the "page actions" (View Edit History... 
under the header) click on the link "Logout". That link only appears if 
you have entered any passwords.

Alternatively, append to any page address "?action=logout", for example 
pmwiki.php?action=logout.

Petko

---
Change log     :  http://www.pmwiki.org/wiki/PmWiki/ChangeLog
Release notes  :  http://www.pmwiki.org/wiki/PmWiki/ReleaseNotes
If you upgrade :  http://www.pmwiki.org/wiki/PmWiki/Upgrades