[pmwiki-users] Double logins to be able to edit a page

Petko Yotov 5ko at 5ko.fr
Fri Nov 13 06:30:16 PST 2020


> 1) How can I stop the double login (one on edit, one on save)?

This can happen if the browser does not receive cookies, doesn't store 
them, or the website doesn't send them correctly or cannot store the 
session data.

I assume that your browser does accept at least 1st-party cookies 
(otherwise many other websites will look broken), and your own domain is 
not somehow blacklisted in the browser preferences to disallow cookies.

Otherwise try with a different browser.

See on the page
   https://www.pmwiki.org/wiki/PmWiki/Troubleshooting

the question
    Why is PmWiki prompting me multiple times for a password I've already 
entered?


I should add 2 cases that need to be checked for the script loading 
pmwiki.php (if you have one, typically index.php) and all php scripts in 
the local and cookbook directories:

1. if they are saved in UTF-8, they must be without Byte Order Mark 
(BOM)

2. They must not have a closing "?>" PHP marker.

This is explained in the question on the same page:

   Why am I seeing "PHP Warning: Cannot modify header information - 
headers already sent by ..." messages at the top of my page.

Finally, review the question:
   How do I make a PHP Warning about function.session-write-close go 
away?

in case your server cannot save the session data.

Your PHP installation may be configured to not show any warnings -- some 
hosting providers do this for "production" websites.

> 2) Is there a way that I can get a single login to be remembered?

Fixing 1) above should fix this too.

> 3) Is there a way to display the name of the current user inside a
> page?  I thought {$AuthId} would display it, but it's not showing a
> value.

It does. Fixing 1) above should fix this too.

> 4) Is there a way to display the members of the @editors group?

Once you fix the cookie/session problem, you can add $EnableDiag = 1; to 
config.php and as a logged-in user you can go to pmwiki.php?action=diag

This should show you your current permissions/groups in the 
$_SESSION['authlist'] entry.

Note that PmWiki allows you to be logged in with more than one 
username/permissions -- as it finds a protected area, it cycles through 
all permissions/passwords you already have provided within the current 
browsing session.

Petko

-- 
If you upgrade :  http://www.pmwiki.org/Upgrades


On 13/11/2020 14:45, Foster Schucker wrote:
> I'm setting up a new instance of PMWiki.   The site is running
> pmwiki-2.2.133.
> 
> When I go to edit a page I get prompted for a user / password.  But
> when I save, I also get prompted for a user / password.
> 
> From my config.php file
> 
>> ## Set up some users
>> $AuthUser['Astro'] = pmcrypt('astropassword');
>> $AuthUser['Robot'] = pmcrypt('robotpassword');
>> $AuthUser['@editors'] = array ('Astro', 'Robot');
>> 
>> # Now give them edit ability
>> $DefaultPasswords['edit'] = array(pmcrypt('editpagepassword'),
>> #global edit password
>> '@editors');  # and the editors
>> 
>> ## Turn on auth system
>> include_once("$FarmD/scripts/authuser.php");
>  I can edit pages as logging in as Astro and Robot with their
> password. I can also edit with the global password.  (The site Admin
> has the same behavior)
> 
> I've been through the Password page and the Auth User page and didn't
> see any other special setup info
> 
> Questions:
> 1) How can I stop the double login (one on edit, one on save)?
> 
> 2) Is there a way that I can get a single login to be remembered?
> When I go to edit the file, I put in the user / password, and on the
> edit page I get View, Edit, History, Print and_ Logout_ links.  But
> once I do the save (with the second authentication) there is no longer
> a Logout link.  In a more perfect world I'd be able to login once and
> have it stick.
> a)  I have tried using the Auth User form and it shows a logon, but it
> does not seem to stay.
> b) I've tried setting $EnableIMSCaching = 1;   to both zero and one
> and the results don't change.
> 
> 3) Is there a way to display the name of the current user inside a
> page?  I thought {$AuthId} would display it, but it's not showing a
> value.
> 
> 4) Is there a way to display the members of the @editors group?
> 
> Thanks for your help!



More information about the pmwiki-users mailing list