[Phpwiki-talk] secure phpwiki: request for example

[Stan B. <sb...@po...>]

Hi,
I have tried to configure PhpWiki in secure mode:  everyone can view, 
only authorized users can edit.  That simple.  But I've never 
succeeded.  My last try is here http://www.berka.name/phpwiki in case 
you want to try it out.  Try to sign-in.  It's ver. 1.3.10.

Could anyone provide information leading to a working configuration like 
this?  I mean: which phpwiki version, provide a config file and any 
other info that matters?  This installation is on Linux/Apache/mysql. 

I'd really appreciate your help.  I'm using phpwiki in our office all 
the time; it's wonderfull, but here I need a secure mode and...

I'm attaching below the config.ini from berka.name; lines commented out 
are removed.

-- 
Best regards,
Stan Berka
Senior Programmer Analyst
Pope & Talbot, Inc.
Portland, OR
503 552-4315

--- config.ini

DEBUG = 1

ENABLE_USER_NEW = true


WIKI_NAME = BerkaWiki

ENABLE_REVERSE_DNS = true

ADMIN_USER = admin
ADMIN_PASSWD = <snip>

ENCRYPTED_PASSWD = true

ZIPDUMP_AUTH = false

ENABLE_RAW_HTML = false;

STRICT_MAILABLE_PAGEDUMPS = false

HTML_DUMP_SUFFIX = .html

MAX_UPLOAD_SIZE = 16777216

MINOR_EDIT_TIMEOUT = 604800

CACHE_CONTROL = LOOSE

CACHE_CONTROL_MAX_AGE = 600



DATABASE_TYPE = SQL
   

DATABASE_DSN = "mysql://berka8f_admin:<snip>@localhost/berka8f_phpwiki"

DATABASE_SESSION_TABLE = session

DATABASE_DIRECTORY = /tmp

DATABASE_DBA_HANDLER = gdbm

DATABASE_TIMEOUT = 20


MAJOR_MAX_AGE = 32
MAJOR_KEEP = 8

MINOR_MAX_AGE = 7
MINOR_KEEP = 4

AUTHOR_MAX_AGE = 365
AUTHOR_KEEP = 8
AUTHOR_MIN_AGE = 7
AUTHOR_MAX_KEEP = 20


ALLOW_ANON_USER = true
ALLOW_ANON_EDIT = false

ALLOW_BOGO_LOGIN = false

ALLOW_USER_PASSWORDS = true

USER_AUTH_ORDER = "Db"

PASSWORD_LENGTH_MINIMUM = 6
    
USER_AUTH_POLICY = first-only

LDAP_AUTH_HOST = "ldap://localhost:389"

LDAP_BASE_DN = "ou=Users,o=Development,dc=mycompany.com"

GROUP_METHOD = WIKIPAGE


DBAUTH_AUTH_DSN = "mysql://berka8f_admin:<snip>@localhost/berka8f_phpwiki"
DBAUTH_AUTH_USER_EXISTS = "SELECT userid FROM user WHERE userid='$userid'"
DBAUTH_AUTH_CHECK = "SELECT IF(passwd=PASSWORD('$password'),1,0) FROM user WHERE userid='$userid'"
DBAUTH_AUTH_CRYPT_METHOD = plain

DBAUTH_AUTH_UPDATE = "UPDATE user SET passwd=PASSWORD('$password') WHERE userid='$userid'"
DBAUTH_AUTH_CREATE = "INSERT INTO user SET passwd=PASSWORD('$password'),userid='$userid'"

DBAUTH_PREF_SELECT = SELECT prefs FROM pref WHERE userid='$userid'

DBAUTH_PREF_UPDATE = "REPLACE INTO pref SET prefs='$pref_blob',userid='$userid'"


EDITING_POLICY = EditingPolicy


THEME = Sidebar

CHARSET = iso-8859-1

DEFAULT_LANGUAGE = en

WIKI_PGSRC = pgsrc

DEFAULT_WIKI_PGSRC = pgsrc
DEFAULT_WIKI_PAGES = "ReleaseNotes:SteveWainstead:TestPage"

ALLOWED_PROTOCOLS = "http|https|mailto|ftp|news|nntp|ssh|gopher"

INLINE_IMAGES = "png|jpg|gif"

WIKI_NAME_REGEXP = "(?<![[:alnum:]])(?:[[:upper:]][[:lower:]]+){2,}(?![[:alnum:]])"

SUBPAGE_SEPARATOR = /

INTERWIKI_MAP_FILE = lib/interwiki.map

WARN_NONPUBLIC_INTERWIKIMAP = false

KEYWORDS = "Category:Topic"

COPYRIGHTPAGE_TITLE = GNU General Public License
COPYRIGHTPAGE_URL = http://www.gnu.org/copyleft/gpl.html#SEC1
AUTHORPAGE_TITLE = The PhpWiki Programming Team
AUTHORPAGE_URL = http://phpwiki.sourceforge.net/phpwiki/ThePhpWikiProgrammingTeam

TOC_FULL_SYNTAX = true
--- end