On Fri, 2004-01-30 at 10:57, AltGrendel wrote:
> On Fri, 2004-01-30 at 10:29, Reini Urban wrote:
> > Old Auth Scheme (1.3.4 - 1.3.8) and new auth scheme (auth_policy = old):
> > On REQUIRE_SIGNIN_BEFORE_EDIT = true:
> > When the given username - password is invalid or not found, it tries the
> > next methods (imap, ldap, ...).
> > If no matching user-passwd pair is found, "Invalid UserID or password"
> > is returned.
> > So it looks like you enabled bogo login (ALLOW_BOGO_LOGIN = true), which
> > means that your users must login with a valid WikiWord. Robert and Bob
> > are no valid WikiWords.
> > I suggest to set REQUIRE_SIGNIN_BEFORE_EDIT = false, so that any
> > username is accepted with or withour password. Then the password is only
> > checked if the user has a homepage, where the password is actually stored.
> Here is that section of the original index.php(comments removed):
> if (!defined('ALLOW_USER_LOGIN')) define('ALLOW_USER_LOGIN', 'false');
> if (!defined('ALLOW_HTTP_AUTH_LOGIN')) define('ALLOW_HTTP_AUTH_LOGIN', 'false');
> if (!defined('ALLOW_BOGO_LOGIN')) define('ALLOW_BOGO_LOGIN', 'true');
> if (!defined('REQUIRE_SIGNIN_BEFORE_EDIT'))
> define('REQUIRE_SIGNIN_BEFORE_EDIT', 'false');
> I believe that this is correct according to what you're saying. Is there
> some other section or file that could be controlling this? And do you
> think an upgrade to 1.3.8b fix this?
I Found the answer to my question, it's
So as you indicated, it would have to be Bob12 to be a valid wiki word,
and of course Bob would not be valid.