Menu
▾
▴
[Phpwiki-talk] security not working
|
From: Charles C. <ch...@ru...> - 2005-11-01 16:46:15
|
I recently upgraded the site I administer to 1.3.11p1 - see http://www.runegate.org/whitewall/wiki It appears that the security that I implemented no longer works. For example, I set the acl on the . page so that only authenticated users in the groups WhiteWallWriters, Administrators and/or Owner could edit a page. However, when I go to the site, my session is in the state signed but I can still edit and save the front page. My (edited) config.ini is below. Any ideas? Regards, Charles INCLUDE_PATH = "/home/runega2/software/phpwiki" GOOGLE_LINKS_NOFOLLOW = false WIKI_NAME = WhiteWall ENABLE_REVERSE_DNS = true ADMIN_USER = WhiteWallAdmin ADMIN_PASSWD = "xxx" ENCRYPTED_PASSWD = true ZIPDUMP_AUTH = false ENABLE_RAW_HTML = false ENABLE_RAW_HTML_LOCKEDONLY = false ENABLE_RAW_HTML_SAFE = false STRICT_MAILABLE_PAGEDUMPS = true DEFAULT_DUMP_DIR = /home/runega2/whitewall/wikidump HTML_DUMP_DIR = /home/runega2/whitewall/wikidumphtml HTML_DUMP_SUFFIX = .html MAX_UPLOAD_SIZE = 1050000 MINOR_EDIT_TIMEOUT = 604800 CACHE_CONTROL = LOOSE CACHE_CONTROL_MAX_AGE = 600 COOKIE_EXPIRATION_DAYS = 365 DATABASE_TYPE = SQL DATABASE_PREFIX = wwwiki_ DATABASE_DSN = "mysql://xxx:xxx@localhost/runega2_db" DATABASE_PERSISTENT = false DATABASE_SESSION_TABLE = session DATABASE_DIRECTORY = /home/runega2/whitewall/files DATABASE_DBA_HANDLER = gdbm DATABASE_TIMEOUT = 5 SESSION_SAVE_PATH = /home/runega2/whitewall/session MAJOR_MAX_AGE = 32 MAJOR_KEEP = 8 MINOR_MAX_AGE = 7 MINOR_KEEP = 4 AUTHOR_MAX_AGE = 365 AUTHOR_KEEP = 8 AUTHOR_MIN_AGE = 7 AUTHOR_MAX_KEEP = 20 ALLOW_ANON_USER = true ALLOW_ANON_EDIT = false ALLOW_BOGO_LOGIN = false ALLOW_USER_PASSWORDS = true USER_AUTH_ORDER = "Db" PASSWORD_LENGTH_MINIMUM = 6 USER_AUTH_POLICY = first-only GROUP_METHOD = WIKIPAGE DBAUTH_AUTH_USER_EXISTS = "SELECT userid FROM wwwiki_user WHERE userid='$userid'" DBAUTH_AUTH_CHECK = "SELECT IF(passwd=PASSWORD('$password'),1,0) AS ok FROM wwwiki_user WHERE userid='$userid'" DBAUTH_AUTH_CRYPT_METHOD = plain DBAUTH_AUTH_UPDATE = "UPDATE wwwiki_user SET passwd=PASSWORD('$password') WHERE userid='$userid'" DBAUTH_AUTH_CREATE = "INSERT INTO wwwiki_user SET passwd=PASSWORD('$password'),userid='$userid'" DBAUTH_PREF_SELECT = "SELECT prefs FROM wwwiki_pref WHERE userid='$userid'" DBAUTH_PREF_UPDATE = "REPLACE INTO wwwiki_pref SET prefs='$pref_blob',userid='$userid'" DBAUTH_IS_MEMBER = "SELECT userid FROM wwwiki_member WHERE userid='$userid' AND groupname='$groupname'" DBAUTH_GROUP_MEMBERS = "SELECT DISTINCT userid FROM wwwiki_member WHERE groupname='$groupname'" DBAUTH_USER_GROUPS = "SELECT groupname FROM wwwiki_member WHERE userid='$userid'" THEME = default CHARSET = iso-8859-1 DEFAULT_LANGUAGE = en PHPWIKI_DIR = /home/runega2/software/phpwiki USE_PATH_INFO = true TEMP_DIR = /home/runega2/whitewall/tmp |
