[pmwiki-users] UserAuth - problem with default pmwiki passwords

Bill Wraith bwraith at nji.com
Tue May 24 22:41:53 CDT 2005

Bill Wraith wrote:

> I installed UserAuth (0.63) and using pmwiki beta36 and happened to have 
> default passwords specified in local/config.php for admin, edit, upload 
> capabilites. I had to remove the default password for edit and 
> explicitly specify crypt('nopass') for both the upload and pwchange 
> default passwords to make things work for an ordinary user who had 
> read,edit,upload capabilities in the .htpasswd file.

I may have worked around this issue by removing the first test in 
userauth.php that tries to pass the User's password to PmWikiAuth, in 
case it is the same as the pmwiki password. The problem I see is that 
the $authpw array in PmWikiAuth is always set by the first test (which I 
removed), so it would never add the posted password sent in 
$_POST['authpw'] to the authpw array. This is because the retrieval of 
the password from $_POST['authpw'] occurs inside an "if" statement that 
checks the existence of the array $authpw. Sorry, as I am way out of my 
depth, so my diagnosis may be far off the mark. Thanks to anyone who can 
help me with some real expertise on this problem.

In any case, does anyone every use both types of authentication mixed 
together, or is it normal to only use one or the other?

More information about the pmwiki-users mailing list