Yes it will break those default statements -- but adding a $prefix to the
default would solve that.
The Auth stuff (LDAP and DB primarily) is all accessable via the config file so
that PhpWiki can use foreign authentication mechanisms transparently without the
user having to hack the Auth Code. Currently it is pretty kludgy, and we
certainly can clean it up. But there should be the ability to put such
statements into the config file. In an ideal world we would have a default
class (or more then one) for SQL or LDAP queries, but the defaults would be
overridden by the user provided settings. And all of these advanced settings
should be at the very end of the config file -- and marked as dangerous to modify.
Providing this functionality makes the product much more attractive to large
organizations that already have authentication systems. My first job after
picking PhpWiki for a documentation project was to hack the authentication
system to work with and require the UW's Pubcookie Authentication. Another
group on my floor had to make more extensive modifications to GNU Mailman to get
it to work with Pubcookie. Eliminating this hacking will dramatically reduce
the barriers to adoption.
> The DB_AUTH stuff shouldn't even be in index.php
> I'll save debate for another day, but essentially no SQL code should leak
> from the wikiDB directories.
> Also, if you prefix your tables, those default db_auth statements break.
> I've already proposed moving wiki_auth to an abstract class like wikidb or
> even part of DB. I'll beat that drum some more.
> As far as the ini goes, assume DB_Auth will not be part of it.
> I've stopped 7,521 spam messages. You can too!
> One month FREE spam protection at http://www.cloudmark.com/spamnetsig/}
> -----Original Message-----
> From: phpwiki-talk-admin@...
> [mailto:phpwiki-talk-admin@...] On Behalf Of Joby Walker
> Sent: Monday, March 22, 2004 5:20 PM
> To: Matthew Palmer
> Cc: phpwiki-talk@...
> Subject: Re: [Phpwiki-talk] IniConfig - it lives!
> Matthew Palmer wrote:
>>On Mon, Mar 22, 2004 at 09:53:49AM -0800, Joby Walker wrote:
>>>Some special characters are not passed via the parse_ini_file function.
>>Double quotes? Hmm, potential problem. I don't like the whole DBAUTH
>>section, myself. I'd recommend making the external authenticator a
>>file/class that can plugin. Provide a couple of default ones, and just
>>a single config option - "DBAUTH_PLUGIN_FILE" or similar, which specifies
>>the file that contains the auth functions, which would presumably just do
>>SQL calls (but could do BDB, or LDAP, or ...)
> The & sign is also a problem with parse_ini_file(). While the DBAUTH
> may be a bit advanced for the model of an INI file we really want to avoid
> fragmenting the config file. Since the PEAR_Config 'inicommented' type
> both characters just fine, we should keep things together.
> This SF.Net email is sponsored by: IBM Linux Tutorials
> Free Linux tutorial presented by Daniel Robbins, President and CEO of
> GenToo technologies. Learn everything from fundamentals to system
> Phpwiki-talk mailing list