Giovanni Sce schrieb:
> today, without have changed anything user "root" is taking over my phpwiki!! :-(
First clam down. Nothing happened and happens.
> I haven't changed basically anything in the config file ever, I only used to
> sign in
> (not authenticated) with my WikiUserName and it was lasting for the session.
> Now, at every page loaded next to sign in button says:
> " You are signed but not authenticated as root"
That means, that you stored a cookie with WIKI_ID=root.
You probably signed in once as user "root".
To get rid of this informative message just sign as a user.
"You are signed but not authenticated as xxx" says that phpwiki thinks
that you are the user xxx, and will mark your changes in RecentChanges
with this author_id. Just informative help, which is better than the IP.
Also stored with every page change is the authenticated_id, which is
empty in this case.
If you need true authentication, "Signed in user xxx" is not enough, you
might need to provide a password or use a proper CamelCase BogoLogin,
until you are "Authenticated as user xxx".
> Obviously I didn't create any phpwiki root user!! I did open up my directories,
> bot lib, other executable and the data dir to 777 (I know... bad...).
>
> I'm very nervous now, what's going on?! How is something/someone signing
> in as root?!
>
> Thanks for any advice (beside shut down everything!).
no need to do that.
--
Reini Urban
http://xarch.tu-graz.ac.at/home/rurban/
|
