From: Reini U. <ru...@x-...> - 2009-09-09 15:35:34
|
2009/9/9 Antony Stone <Ant...@ph...>: > On Sunday 06 September 2009 14:02, Antony Stone wrote: >> ; True User Authentication: >> ; To require user passwords: >> ; ALLOW_ANON_USER = false >> ; ALLOW_ANON_EDIT = false >> ; ALLOW_BOGO_LOGIN = false, >> ; ALLOW_USER_PASSWORDS = true. >> ; Otherwise any anon or bogo user might login without any or a wrong >> password. >> >> I have set all four variables to the required values and restarted Apache, >> and yet it is still possible to log in with a random username and no >> password (ie: a Bogo login). How do I get the functionality as documented >> - True User Authentication? Do I need to reset / reconfigure / restart >> something else after changing the config.ini file? > > Is this list really as low-volume as it appears? Since I joined on Sunday > I've seen precisely three postings to it, two of them from me. > > Am I asking in the wrong place? Is there somewhere else I can get help on > using PHPwiki? Probably not. > Any helpful advice gratefully received - I'd really like to be able to use > this software, but in the absence of effective documentation, or somewhere I > can get help when the documentation fails, I'll have to give up and use > something else instead :( Sorry. I was also out ideas, but now I got one. To me it also looked like Massimiliano said, wrong config.ini. Tell us your USER_AUTH_ORDER These are effective with ALLOW_USER_PASSWORDS If you have e.g. USER_AUTH_ORDER = "BogoLogin : PersonalPage" BogoLogin is in use as you observed. -- Reini Urban http://phpwiki.org/ http://murbreak.at/ |