From: Harold H. <ha...@ha...> - 2021-02-09 00:55:15
|
> Hi Harold, > > Unfortunately, I have never tested Phpwiki with DATABASE_TYPE: file > I have only tested with an SQL database. > I will need some time to test your issue. > > Best regards, > > Marc-Etienne THANKS! I wish I was better at reading the code in this complex application. So, there are two issues: 1. How to authorize users when authorization file method. 2. Using flat file for page data, how to avoid the creation of new files when someone tries to access a page that does not exist. THANKS! Harold http://bh.hallikainen.org/wiki/ > > -----Original Message----- > From: Harold Hallikainen <ha...@ha...> > Sent: Thursday, February 4, 2021 5:53 PM > To: php...@li... > Subject: [Phpwiki-talk] User Authorization and Page File Creation for > non-existent pages > > > Good Morning! > > A follow-up and a new question: > > 1. I'm still having trouble determining how to grant write access to > authorized users. > > I'm using the File method for user authorization. > > USER_AUTH_ORDER = "File" > > The description from config.ini is: > File: Store username:crypted-passwords in .htaccess like files. > Use Apache's htpasswd to manage this file. > > This implies to me that is an ".htaccess like file" and not .htaccess > itself. What is the name of this file, and where is it located? I could > then use htpasswd on it to allow users to edit the wiki. > > 2. People appear to be attempting to break into the system by attempting > to access pages that do not exist. Each one of these attempted access > creates a new file. For example, here is one of several new files this > morning: > > /home/harold/BhWikiData/page_data/http%3A%2F%2Fejdarc.venissieux.free.fr%2Fa_virer_joomla%2Fimages%2Ffbfiles%2Fimages%2Fcache.txt%3F > > I have tried making the files read only until I am updating the wiki, but > this gives those reading the wiki errors since the access of the page > cannot be recorded in the page file. > > To deal with this so far, I have done a dump of all pages, move all the > existing files to a backup directory, then do a restore. If it looks good, > I then delete the backup directory. > > Is there a way to prevent this file creation when someone tries to access > a page that does not exist? > > THANKS! > > Harold > http://bh.hallikainen.org/ > > > > > > >> Hello Harold, >> The .htaccess file is a file used by Apache to protect a directory and > its >> subdirectories. >> For PhpWIki, you find find an .htaccess file in the root directory and > in >> some of the subdirectories. >> You should adapt their content to your needs. >> Best regards, >> Marc-Etienne >> -----Original Message----- >> From: Harold Hallikainen [mailto:ha...@ha...] >> Sent: Tuesday, May 15, 2018 11:41 PM >> To: Discussion on PhpWiki features, bugs, development. >> <php...@li...> >> Subject: [Phpwiki-talk] User Authorization - resend from different >> email > I'm using the File method for user authorization. >> USER_AUTH_ORDER = "File" >> The description from config.ini is: >> File: Store username:crypted-passwords in .htaccess like > files. >> ; Use Apache's htpasswd to manage this file. >> What is the name of this file, and where is it located? >> THANKS! >> Harold >> -- >> FCC Rules Updated Daily at http://www.hallikainen.com Not sent from an > iPhone. >> ---------------------------------------------------------------------- >> -------- > Check out the vibrant tech community on one of the world's most engaging > tech sites, Slashdot.org! http://sdm.link/slashdot >> _______________________________________________ >> Phpwiki-talk mailing list >> Php...@li... >> https://lists.sourceforge.net/lists/listinfo/phpwiki-talk > > > -- > FCC Rules Updated Daily at http://www.hallikainen.com Not sent from an > iPhone. > > > > > > _______________________________________________ > Phpwiki-talk mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phpwiki-talk > > _______________________________________________ > Phpwiki-talk mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phpwiki-talk > > -- FCC Rules Updated Daily at http://www.hallikainen.com Not sent from an iPhone. |