Menu
▾
▴
phpwiki-talk
|
From: Tom C. <li...@to...> - 2004-07-27 13:37:37
|
Hello, I'm getting in a real muddle here. I abandoned database auth, and went with file. I've got my htpasswd file set-up, and it seems to be working with PhpWiki. But the behaviour is completely useless. If I go to a page I have permission to edit, and sign in, it tells me by the sign in box that I am "Authenticated as community". If I then try to edit the page, it asks me to login again, saying: "Editing pages is disallowed on this wiki for not authenticated user 'community' (level: ANON)." So I login, change the page, and hit the submit button. It asks me to login *again*, which I do, and it works. Now, by the sign in box it tells me "You are signed but not authenticated as community". So I have to sign in *again* to do anything else. That is insane. Surely it should let the user login, checking their details against the htpasswd file, and then leave them logged in with a session cookie or some such mechanism until they log out or a given time expires? Nobody is going to want to type in their username and password every time they want to bring up a page that requires their authentification! Can I fix this myself, and if so, how? Regards, Tom |
|
From: <ru...@x-...> - 2004-07-28 07:37:12
|
> I'm getting in a real muddle here. I abandoned database auth, and went > with file. I've got my htpasswd file set-up, and it seems to be working > with PhpWiki. But the behaviour is completely useless. > > If I go to a page I have permission to edit, and sign in, it tells me by > the sign in box that I am "Authenticated as community". If I then try > to edit the page, it asks me to login again, saying: "Editing pages is > disallowed on this wiki for not authenticated user 'community' (level: > ANON)." So I login, change the page, and hit the submit button. It asks > me to login *again*, which I do, and it works. Now, by the sign in box > it tells me "You are signed but not authenticated as community". So I > have to sign in *again* to do anything else. Simple answer: Your sessions are lost. Try the other DB_SESSION options. If this doesn't work also, report your version, database backend and php version. -- reini |
|
From: Tom C. <li...@to...> - 2004-07-28 10:17:42
|
On Wednesday 28 Jul 2004 08:37, ru...@x-... wrote:
> > I'm getting in a real muddle here. I abandoned database auth, and went
> > with file. I've got my htpasswd file set-up, and it seems to be working
> > with PhpWiki. But the behaviour is completely useless.
> >
> > If I go to a page I have permission to edit, and sign in, it tells me by
> > the sign in box that I am "Authenticated as community". If I then try
> > to edit the page, it asks me to login again, saying: "Editing pages is
> > disallowed on this wiki for not authenticated user 'community' (level:
> > ANON)." So I login, change the page, and hit the submit button. It asks
> > me to login *again*, which I do, and it works. Now, by the sign in box
> > it tells me "You are signed but not authenticated as community". So I
> > have to sign in *again* to do anything else.
>
> Simple answer:
> Your sessions are lost. Try the other DB_SESSION options.
> If this doesn't work also, report your version, database backend and php
> version.
OK, I have the following options:
DATABASE_SESSION_TABLE = session
AUTH_SESS_USER = userid
AUTH_SESS_LEVEL = 2
I don't see an option 'DB_SESSION' anywhere in the config files, in case you
were refering to a specific option.
I monitored the session table while I logged in with the "community" login,
and it looks like it's getting the SQL queries wrong, because it came up with
this entry:
---
| 2b9f79f7c1ff5d03f930e67dd62d55e2 |wiki_user|O:13:"_filepassuser":11:
{s:7:"_userid";s:9:"community";s:6:"_level";i:2;s:6:"_prefs";O:15:"userpreferences":4:
{s:6:"_prefs";a:13:{s:6:"userid";O:15:"_userpreference":2:
{s:13:"default_value";s:0:"";s:6:"userid";s:9:"community";}s:6:"passwd";O:15:"_userpreference":1:
{s:13:"default_value";s:0:"";}s:9:"autologin";O:20:"_userpreference_bool":1:
{s:13:"default_value";b:0;}s:5:"email";O:21:"_userpreference_email":1:
{s:13:"default_value";s:0:"";}s:11:"notifyPages";O:22:"_userpreference_notify":1:
{s:13:"default_value";s:0:"";}s:5:"theme";O:21:"_userpreference_theme":1:
{s:13:"default_value";s:3:"SDC";}s:4:"lang";O:24:"_userpreference_language":1:
{s:13:"default_value";s:2:"en";}s:9:"editWidth";O:19:"_userpreference_int":3:
{s:13:"default_value";d:80;s:7:"_minval";d:30;s:7:"_maxval";d:150;}s:11:"noLinkIcons";O:20:"_userpreference_bool":1:
{s:13:"default_value";b:0;}s:10:"editHeight";O:19:"_userpreference_int":3:
{s:13:"default_value";d:22;s:7:"_minval";d:5;s:7:"_maxval";d:22;}s:10:"timeOffset";O:23:"_userpreference_numeric":3:
{s:13:"default_value";d:0;s:7:"_minval";d:-26;s:7:"_maxval";d:26;}s:13:"relativeDates";O:20:"_userpreference_bool":1:
{s:13:"default_value";b:0;}s:10:"googleLink";O:20:"_userpreference_bool":1:
{s:13:"default_value";b:0;}}s:7:"_method";s:3:"SQL";s:7:"_select";s:38:"SELECT
prefs FROM pref WHERE userid=%s";s:7:"_update";s:40:"REPLACE INTO pref SET
prefs=%s,userid=%s";}s:15:"_current_method";N;s:14:"_current_index";N;s:5:"_file";O:11:"file_passwd":6:
{s:8:"filename";s:23:"/www/htpasswd/passwords";s:5:"users";a:1:
{s:9:"community";s:13:"p0s/yKSwCtGrI";}s:3:"cvs";N;s:6:"fplock";N;s:6:"locked";N;s:8:"lockfile";s:28:"/www/htpasswd/passwords.lock";}s:11:"_may_change";b:0;s:11:"_authmethod";s:4:"File";s:8:"_authhow";s:6:"signin";s:4:"page";s:8:"HomePage";s:6:"action";s:6:"browse";}
| 1091009539 | 62.252.64.13 |
---
Whilst the admin sessions look like this:
---
| c6e6d45623d1b1203b578f135b53928b | | 1091007492 | 212.137.57.25 |
---
Regards,
Tom
|
|
From: Tom C. <li...@to...> - 2004-07-30 03:06:45
|
On Wednesday 28 Jul 2004 08:37, ru...@x-... wrote: > > I'm getting in a real muddle here. I abandoned database auth, and went > > with file. I've got my htpasswd file set-up, and it seems to be working > > with PhpWiki. But the behaviour is completely useless. > > > > If I go to a page I have permission to edit, and sign in, it tells me by > > the sign in box that I am "Authenticated as community". If I then try > > to edit the page, it asks me to login again, saying: "Editing pages is > > disallowed on this wiki for not authenticated user 'community' (level: > > ANON)." So I login, change the page, and hit the submit button. It asks > > me to login *again*, which I do, and it works. Now, by the sign in box > > it tells me "You are signed but not authenticated as community". So I > > have to sign in *again* to do anything else. > > Simple answer: > Your sessions are lost. Try the other DB_SESSION options. > If this doesn't work also, report your version, database backend and php > version. As I mentioned in my other e-mail, I seem to have stumbled upon some bugs in the SQL session code. But I cannot find any useful source of information on session options. So far I've tried setting "USE_DB_SESSION = false", which makes no discernable difference (i.e. sessions are still lost), but I can't fathom what other options exist. To make things stranger still, sessions work fine for admin, but not for the user account. So if someone could point me to or provide me with the session options, and some guidance, I'd be extremely grateful. Regards, Tom |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X