[pmwiki-users] Password protection not working
a.sonderhoff at gassi-tv.de
a.sonderhoff at gassi-tv.de
Thu Nov 10 14:25:11 CST 2011
yue, can you tell me what 5.3 version you are using? 5.3.7?
according to <https://bugs.php.net/bug.php?id=55439> there is a confirmed md5 crypt specific to php 5.3.7. if you are using 5.3.7, you should upgrade to 5.3.7-p11 or 5.3.8.
brand & marketing
office +49 2238 4629519
mobile +49 1511 5794189
fax +49 2238 963023
email <a.sonderhoff at gassi-tv.de>
50259 Pulheim, NRW
On Nov/10, 2011, at 2117 , a.sonderhoff at gassi-tv.de wrote:
> checked the supplied link. most interestingly Main.HomePage?action=attr shows the edit password set by site. still (:if auth edit:) evaluates to true for non-logged in users while (:if auth admin:) evaluates to false.
> can you post the contents of your entire local/config.php? (minus clear passwords, of course)
> sadly my servers are running php versions 5.2.6 and 5.2.12, so I cannot verify if this is a 5.3 related problem. to verify or falsify that faulty crypt implementation in php 5.3 theory, you could use md5 or sha-1 encrypted passwords stored in a .htpasswd (see the Passwd section in http://www.pmwiki.org/wiki/Cookbook/AuthUser).
> ALJOSCHA SONDERHOFF
> brand & marketing
> office +49 2238 4629519
> mobile +49 1511 5794189
> fax +49 2238 963023
> email <a.sonderhoff at gassi-tv.de>
> Aurikelweg 22
> 50259 Pulheim, NRW
> On Nov/10, 2011, at 1900 , pmwiki-users-request at pmichaud.com wrote:
>> Date: Thu, 10 Nov 2011 11:13:14 -0500
>> From: "Sun, Yue" <Yue.Sun at vaughan.ca>
>> To: "'pmwiki-users at pmichaud.com'" <pmwiki-users at pmichaud.com>
>> Subject: [pmwiki-users] Password protection not working
>> <814D48CA046EE04DBA96C426B6CEACB112BBCF61EB at XCLUSTER.vgn.cty>
>> Content-Type: text/plain; charset="us-ascii"
>> We have a pmwiki site (version 2.2.0) that has been up for a few years. Recently we upgraded to RedHat 5 and PHP 5.3.7, after that the password protection is not working any more. To help figure out the problem, I've set up a new pmwiki 2.2.34, and use the simple config file with
>> $DefaultPasswords['edit'] = crypt('operations');
>> $EnableDiag = 1;
>> but still the Edit is open to everyone and never got a password prompt. When I changed $DefaultPasswords['edit'] ='@lock'<mailto:='@lock'> and the password was prompted. I notice there are some discussions about the new crypt() in php 5.3 and doubt if it's related to the issue I am having. Here is the test pmwiki I set up http://newsletter.vaughanpl.info/pmwiki/pmwiki.php. Can someone provide a help? Do I have to downgrade to php 5.2?
>> Any comments or suggestions would be appreciated!!
>> This e-mail, including any attachment(s), may be confidential and is intended solely for the attention and information of the named addressee(s). If you are not the intended recipient or have received this message in error, please notify me immediately by return e-mail and permanently delete the original transmission from your computer, including any attachment(s). Any unauthorized distribution, disclosure or copying of this message and attachment(s) by anyone other than the recipient is strictly prohibited.
>> -------------- next part --------------
>> An HTML attachment was scrubbed...
>> URL: <http://www.pmichaud.com/pipermail/pmwiki-users/attachments/20111110/4690ae9a/attachment-0001.html>
More information about the pmwiki-users