Menu
▾
▴
Re: [Phpwiki-talk] User Authorization and Page File Creation for non-existent pages
|
From: Harold H. <ha...@ha...> - 2021-08-17 16:39:12
|
THANKS! Looking at the activity, you've been busy. I really appreciate all your work on this. I've started migrating to a new server running Alma Linux 8. My current server is running Centos 6. LOTS of PHP complaints on PhpWiki. I look forward to trying this new version. Again, thanks! Harold > Hi Harold, > > Thank you for your continued interest in PhpWiki. > > I have finally the time to publish PhpWiki 1.6.0: > https://sourceforge.net/p/phpwiki/news/2021/08/phpwiki-160-released/ > > You might want to upgrade your wiki to this version. > > I have added some notes about user authentication in file > config/config-dist.ini, based on your notes below. > > Best regards, > > Marc-Etienne > > -----Original Message----- > From: Harold Hallikainen <ha...@ha...> > Sent: Monday, July 19, 2021 5:15 AM > To: Harold Hallikainen <ha...@ha...> > Cc: Discussion on PhpWiki features, bugs, development. > <php...@li...> > Subject: Re: [Phpwiki-talk] User Authorization and Page File Creation for > non-existent pages > > > Following up on this, I have a couple solutions. > > To get rid of the files for pages that do not exist, I create a zip dump > of the wiki, move the wiki page files somewhere else as a backup, do a > restore from the dump. If all looks good, the moved page files are > deleted. > > I have not dug extensively into the code, but I understand that page > access data is saved in the wiki page file. If someone tries to access a > page that does not exist (typically trying to send a command to get > /etc/passwd), a file is created with that page name to record the access > even though the page does not exist. I might dig into the code a bit to > see if I can make an access not create a file. > > Second, on using file authentication, after grepping around a bit, I found > in config.ini > > ; File authentication options: > ; > ; File to read for authentication information. > ; Popular choices are /etc/shadow and /etc/httpd/.htpasswd ; > AUTH_USER_FILE = /etc/shadow AUTH_USER_FILE = > /home/harold/BhWikiData/users ; above line changed 7/18/21. hh See > /home/harold/BhWikiData/AddingUsers > for info. > > You can see how I changed the AUTH_USER_FILE. I made notes in > /home/harold/BhWikiData/AddingUsers to remind me how to add users: > > [harold@mai BhWikiData]$ cat AddingUsers User info is kept in > /home/harold/BhWikiData/users. > > To add a user, run the command > > htpasswd UserName > > where UserName is the user to be added. You will be prompted twice for the > password. > > hh > 7/18/21 > > > I added a test user, and IT WORKED! Hopefully this will help someone else > using file authentication. > > Thanks! > > Harold > > > > > -- > FCC Rules Updated Daily at http://www.hallikainen.com Not sent from an > iPhone. > > > _______________________________________________ > Phpwiki-talk mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phpwiki-talk > > _______________________________________________ > Phpwiki-talk mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phpwiki-talk > > -- FCC Rules Updated Daily at http://www.hallikainen.com Not sent from an iPhone. |
