Re: [Phpwiki-talk] User Authorization and Page File Creation for non-existent pages

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

>
>> Hi Harold,
>>
>> Unfortunately, I have never tested Phpwiki with DATABASE_TYPE: file
>> I have only tested with an SQL database.
>> I will need some time to test your issue.
>>
>> Best regards,
>>
>> Marc-Etienne
>
> THANKS! I wish I was better at reading the code in this complex
> application. So, there are two issues:
>
> 1. How to authorize users when authorization file method.
>
> 2. Using flat file for page data, how to avoid the creation of new files
> when someone tries to access a page that does not exist.
>
> THANKS!
>
> Harold
> http://bh.hallikainen.org/wiki/
>

I get a daily report of new files on the server. Here's a typical file
created by someone trying to access a nonexistent wiki page:

page_data/Historic+Papers%27%2F%2A%2A%2Fand%28select%271%27from%2F%2A%2A%2Fpg_sleep%283%29%29%270

Someone is clearly trying to hack the database. It would be nice if
attempts to access nonexistent pages did not generate a page file.

THANKS!

Harold

-- 
FCC Rules Updated Daily at http://www.hallikainen.com
Not sent from an iPhone.