[pmwiki-users] Author setting in two different ways

Tegan Dowling tmdowling at gmail.com
Sat Jul 1 12:34:28 CDT 2006 

On 6/9/06, Patrick R. Michaud <pmichaud at pobox.com> wrote:
> On Fri, Jun 09, 2006 at 12:02:27PM -0500, Jon Haupt wrote:
> > Hi there,
> >
> > So I'm using AuthUser and enforcing author tracking on my wiki.
> > Everything works fine except that one group on my wiki has a simple
> > read/edit password (so it doesn't require authenticated ID).  The
> > problem here is if they type in an author name, this isn't copied to
> > $Author like an $AuthId is.  Is there a way to do this so that either
> > way, the author cookie is automatically set if they enter one (whether
> > it's an authenticated ID or just a name to go with the password)?
>
> It's not pretty, but try the following in local/config.php:
>
>   if (@$_POST['authid'] && !@$_COOKIE['author'])
>     $_POST['author'] = $_POST['authid'];
>
> This will use the username field (from the authentication form)
> to set the author cookie if one hasn't already been set.

I have a similar setup on one of my wikis, where I want to use
**both** the native, password-authentication scheme and the AuthUser,
user-based authentication.  I've just enabled AuthUser.php (below the
same old list of passwords) in my local/config.php, and am first
testing to see what, if anything, I have to do to make the existing
password-authentication setup keep on working as before.  I've added
the lines of code that PM provided, above, to my local/config.php
file, and they also work very nicely for me.

Now I see that if a user reaches the AuthForm via ?action=edit, and
supplies a password that confers edit access, then the AuthForm sets
the page to ?action=edit - even if the username isn't recognized, and
that's fine, because that's how it worked before.

But if a user reaches the AuthForm via ?action=login, and enters a
good password (one that's globally set via local/config.php OR set on
the originating group/page via ?action=attr), then the AuthForm
remains on-screen, with the 'not recognized' message.

I'm not sure just what action I'd like instead, nor how to accomplish
it.  Certainly, once I've added user/password pairs to the
Site/AuthUser page, I'll still want the AuthForm to advise a
recognized user who has used the wrong password.

I think if a user reaches the AuthForm via ?action=login, and enters a
good password (one that's globally set via local/config.php OR set on
the originating group/page via ?action=attr), then I'd want the form
to apply ?action=browse, even if the username isn't recognized.  Is
that possible?

OR, if the wiki can't check the config and attr passwords at this
point, could the form apply ?action=browse (and then have the wiki
check, as usual, for read-access), in any case?

Any other thoughts/suggestions?

Thanks!

Tegan

More information about the pmwiki-users mailing list