[pmwiki-users] UserAuth - problem with default pmwiki passwords
bwraith at nji.com
Tue May 24 22:41:53 CDT 2005
Bill Wraith wrote:
> I installed UserAuth (0.63) and using pmwiki beta36 and happened to have
> default passwords specified in local/config.php for admin, edit, upload
> capabilites. I had to remove the default password for edit and
> explicitly specify crypt('nopass') for both the upload and pwchange
> default passwords to make things work for an ordinary user who had
> read,edit,upload capabilities in the .htpasswd file.
I may have worked around this issue by removing the first test in
userauth.php that tries to pass the User's password to PmWikiAuth, in
case it is the same as the pmwiki password. The problem I see is that
the $authpw array in PmWikiAuth is always set by the first test (which I
removed), so it would never add the posted password sent in
$_POST['authpw'] to the authpw array. This is because the retrieval of
the password from $_POST['authpw'] occurs inside an "if" statement that
checks the existence of the array $authpw. Sorry, as I am way out of my
depth, so my diagnosis may be far off the mark. Thanks to anyone who can
help me with some real expertise on this problem.
In any case, does anyone every use both types of authentication mixed
together, or is it normal to only use one or the other?
More information about the pmwiki-users