PmWiki | Cookbook / UserAuth2-Talk

Summary:

Version:

Prerequisites:

Status:

Maintainer:

Comments

I wanted to secure the login and user management. I came up with this solution which seems to work, but I'd like feedback since I'm still new to modrewrite. Personally, I'd think it much cleaner if the code could do the redirects.:

Charles: sonikbuddha ATT hotmail DOTT com

if (@$_SERVER['HTTPS'] == 'on' || @$_SERVER['SERVER_PORT'] == '443')
{
        $UrlScheme='https';
} else {
        $UrlScheme='http';
}
$ScriptUrl = $UrlScheme.'://www.example.com/wiki';
$PubDirUrl = $UrlScheme.'://www.example.com/wiki/pub';

.htaccess

# Use mod_rewrite to enable "Clean URLs" for a PmWiki installation.
RewriteEngine On
# Define the rewrite base.
RewriteBase /wiki
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} ^/wiki/Site/Login [OR]
RewriteCond %{QUERY_STRING} action=login [OR]
RewriteCond %{QUERY_STRING} ^n=Site.Login [OR]
RewriteCond %{QUERY_STRING} ^action=admin [OR]
RewriteCond %{QUERY_STRING} ^action=pwchange
RewriteRule (.*)  https://www.example.com/wiki/$1 [R=permanent,L]
RewriteCond %{SERVER_PORT} 443
RewriteCond %{REQUEST_URI} !(\.gif|\.css) 
RewriteCond %{REQUEST_URI} !^/wiki/Site/Login
RewriteCond %{QUERY_STRING} !^n=Site/Login 
RewriteCond %{QUERY_STRING} !action=login
RewriteCond %{QUERY_STRING} !action=admin 
RewriteCond %{QUERY_STRING} !action=pwchange
RewriteRule (.*)  http://www.example.com/wiki/$1 [R=permanent,L]
# Send requests without parameters to pmwiki.php.
RewriteRule ^$           pmwiki.php  [L]
# Send requests for index.php to pmwiki.php.
RewriteRule ^index\.php$ pmwiki.php  [L]
# Send requests to pmwiki.php, appending the query string part.
RewriteRule ^([A-Z0-9\xa0-\xff].*)$ pmwiki.php?n=$1  [QSA,L]

I've removed any previous comments that I made here. Whilst I did have problems at first with:

CleanUrls - see fix on main page re using '/' instead of '.' in the extra lines in config.php (at that time correct, now only dots should be used)
Search box didn't work - I think this was down to using an early flavour of PMWiki (done)
(:pagelist:) markup broken - same as search box above. (done)
Not returning to correct page after logging in - same as CleanUrls

I did a clean install and have had no problems since - (I hope). I am enjoying using the software produced by people like PM and Thomas and my thanks go to them both.

Recommend

Use latest version of software at all times and be careful of settings and you'll not go wrong!

Dave

I would really like MySQL database authentication, as I have a password protected welcome page, forum and wiki, and adding new users is a pain, I have to add them in three different files (.htpasswd(until I find decent PHP/MySQL login script), wiki(using userauth2) and MyBB(in the MySQL database).
Having it all in one table in a MySQL database would be so much easier.

It would be probably most optimal if one would use the database organization of MyBB, otherwise you would just end up maintaining two databases / database tables. Can you provide details? (I guess though it is better in the end to create only hooks in UserAuth2 that can be connected with whatever backend is necessary.) ThomasP May 27, 2007, at 05:58 AM

Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to allocate 40 bytes) in /home/*/public_html/*/*/*/wiki/cookbook/userauth2.php on line 1009 , Using the lastest version (stable5).

Thanks. This line contains an unserialize() call. Maybe an endless loop in the unserialize code due to an unclean saved permission record? If persistent, try to reduce the maximum sizes of the two caches or (for testing) disable the caching completely. See implementation reference. ThomasP September 12, 2007, at 10:14 AM

The required dot in the URL (. instead of /)

Why on earth is this a requirement? It's a pretty sad one. Most sites that I know where pmwiki is used for, have used the / instead of the dot. So none of them can use UserAuth2.

Hi, you have probably seen this requirement at the first configuration scribble in the installation notes. But actually it refers only to those two lines, i.e. when setting the $HomePage and $LoginPage variables, and to the permission record. In both of these cases the dot should/ has to be used. Apart from these configuration related places, your pmwiki is allowed to use CleanUrls. (Slashes will then automatically mapped to dots internally for permission check.) ThomasP October 02, 2008, at 01:36 PM

I'm working with wikifields (Cookbook.WikiFarmAlternative) which places the pmwiki largely out of the way of the web path. The directory structure looks like this:

  pmwiki-latest/
  ---cookbook/
  ------userauth2.php
  ------userauth2/ (hopefully this will only contain the static objects)
  ---local/
  ------config.php (system-wide configurations, common to all wikifields) 
  ------setworkdir.php (sets up the working directories for the wiki based on a variable set in each wiki's local/config.php)
  ---var/ (where work goes)
  ------WIKINAME/ (per-wiki directory)
  ---------wiki.d/ (where wiki pages live for this wiki)
  ---------userauth2/ (where dynamic userauth2 info lives for this wiki)

I'd prefer to be able to split out dynamic portions of userauth2 from static portions for the obvious benefit of keeping one copy of something everyone can run and still keep their data separate.

--tamouse September 20, 2011, at 08:12 AM

Talk page for the UserAuth2 recipe (users).