[pmwiki-users] Passwords
pmwiki at 911networks.com
pmwiki at 911networks.com
Tue May 30 19:26:36 CDT 2006
Patrick R. Michaud wrote:
> While it could be a problem with crypt or encryption, usually
repeated requests for a password indicate a problem with session
> handling or url redirects in the webserver.
Could very well be.
Here is the Sessiom section of the php.ini
[Session]
session.save_handler = files
session.save_path = /tmp
session.use_cookies = 1
session.name = PHPSESSID
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = /
session.cookie_domain =
session.serialize_handler = php
session.gc_probability = 1
session.gc_maxlifetime = 1440
session.referer_check =
session.entropy_length = 0
session.entropy_file =
session.cache_limiter = nocache
session.cache_expire = 180
session.use_trans_sid = 1
url_rewriter.tags =
"a=href,area=href,frame=src,input=src,form=fakeentry"
and here is the httpd.conf
ServerRoot "/opt/lampp"
Listen 80
<IfDefine JUSTTOMAKEAPXSHAPPY>
LoadModule php4_module modules/libphp4.so
LoadModule php5_module modules/libphp5.so
</IfDefine>
<IfModule !mpm_winnt_module>
<IfModule !mpm_netware_module>
User nobody
Group nogroup
</IfModule>
</IfModule>
ServerName localhost
DocumentRoot "/opt/lampp/htdocs"
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory "/opt/lampp/htdocs">
Options Indexes FollowSymLinks ExecCGI Includes
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<IfModule dir_module>
DirectoryIndex index.html index.html.var index.php
index.php3 index.php4
</IfModule>
<FilesMatch "^\.ht">
Order allow,deny
Deny from all
</FilesMatch>
ErrorLog logs/error_log
LogLevel warn
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/opt/lampp/cgi-bin/"
</IfModule>
<Directory "/opt/lampp/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
DefaultType text/plain
<IfModule mime_module>
TypesConfig etc/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddHandler cgi-script .cgi .pl
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
EnableMMAP off
EnableSendfile off
>
> In particular, if there are any url redirects being used to
> access the page, then any passwords being submitted tend to get
> lost in the redirect (which is why "disable clean urls" is a
> common recommendation).
Done: $EnablePathInfo = 0; No difference
>
> You might try explicitly setting $ScriptUrl in the local/config.php
> file. If that doesn't work, is there a url I could look at?
$ScriptUrl = 'http://192.168.2.20/pmwiki.php';
Did not help. Thanks for offering to actually look at it, but I
can't give you access, it's an internal server and I don't
control the router firewall, Port 80 is redirected to another
[public] webserver.
>
> Also, try accessing pmwiki.php with ?action=diag -- what value
> is being reported for 'DefaultPasswords'?
[DefaultPasswords] => Array
(
[admin] => $1$R5Tw59.F$k8/VPXD3j4emIMbZKH5Zm0
[read] =>
[edit] => $1$R5Tw59.F$k8/VPXD3j4emIMbZKH5Zm0
[attr] => $1$R5Tw59.F$k8/VPXD3j4emIMbZKH5Zm0
)
--
Thanks
More information about the pmwiki-users
mailing list