PmWiki as a CMS

Summary: How to use PmWiki as a CMS
Categories: Administration, CMS

Question answered by this recipe

Using PmWiki as a CMS (Content Management System)

A Wiki such as PmWiki is very useful for a community style web site. However, with minor modifications, it can be used as a content management system, to administer a web site that only authorized people can modify. This requires modifications of two aspects of the Wiki:

  • Authorization before editing of a web page is allowed
  • The links to edit the site should not be displayed unless a user is authorized (logged in)

Authorizing the users who can edit pages

It's possible to fulfill the first requirement by using Passwords to protect each page in the wiki. However, this means that all users who can edit a page must share a password.

Another way to protect the pages of a wiki is by setting up a user-based authentication system, using the AuthUser or UserAuth recipe. This has the benefit of giving each user his or her own password and set of permissions.

Hiding the edit links for everyone else

If you want to setup a simple web site to manage a project, class assignment or any other group-managed activity, you are may not want outsiders to be able to view the web site. In many cases, you do not want those outsiders to see the edit/recent changes/history links that wikis display, but simply a web site with some content.

To do this, it is neccessary to do a bit of customization. First, you must choose and install a skin that allows the hiding of the edit links by modifying the stylesheet (*.css file). The LeanSkin? allows this in a simple manner (it is documented in the skin itself), but this should not be a big problem for other skins either.

You then create two versions of the style sheet for the skin. I have versions named lean-admin.css and lean-public.css, where the admin version shows the links but the public version does not.

The only remaining issue is to ensure that the correct style sheet is used depending on whether a user is logged in. To do this I installed the UserAuth and got everything working properly with that component, including a login/logout page for users. Then I added the following to the userauth.php file, just before the first function definition:

	global $CSSAuthAppend;
	$auth_username = $_SESSION['username'];
	if ( isset($UserInfoObj) && $UserInfoObj->UserHasAbility($auth_username, 'admin') )
		$CSSAuthAppend = "-admin";
		$CSSAuthAppend = "-public";

This creates a global variable called $CSSAuthAppend, with the value of "-admin" if someone is logged in with admin privileges, but "-public" otherwise. The only remaining thing is to change the template file lean.tmpl in my case, so that the correct value is appended to the name of the style sheet used. I modified the line containing the link tag so that it looked like this:

	<link rel='stylesheet' title="Lean" href='$SkinDirUrl/lean$CSSAuthAppend.css' type='text/css' />

Voila! When browsing the wiki, the edit links are hidden, but when you login, all the links are displayed.

See also


  • It is possible to get the same effect by simply using hot keys to edit pages. However, this works only in Firefox and not all users are comfortable with using hot keys.
  • (Using UserAuth and hidden edit links) If you want to restrict users from editing most pages, but not all, you can create a special WikiGroup for those pages that are editable, and allow GuestUser to edit it. Then create a page inside the group called GroupHeader. In GroupHeader, add the following and users will be able to edit pages within the group even with the wiki links are hidden:
         [[{$Name}?action=edit | Edit this page]]
  • If you have any issues or would like to add helpful notes on configuring PmWiki as a CMS, please feel free to do so

Hmmm ! This solution didn't fully satisfy me. So I worked on another recipe


I use PmWiki as a CMS and don't bother with conditional edit links. I used a bookmarklet in my browser so I can click on the bookmark for ANY PmWiki page I want to edit -- saves me from hunting the Edit Page link down (scrolling up and down looking for it) or typing the variable & value into the URL. See OtherBookmarklets


You can more simply get this result by giving your Admin password to the Site-Group, as it doesn't make sense even for editors to see these pages, nor in search results. If you configure a password for the Site.PageActions then (this is the page that contains the Page Actions), the Edit-Links will only appear when an editor or admin is logged in.
This affects the links included by the <!--wiki:{$Group}.PageActions {$SiteGroup}.PageActions--> in the template.
To make it possible to Editors to log in you can make a login-Link in the Template or the main-Menu (pmwiki.php?action=login).

I see a lot of CMS recipes that require the user to login in order to be able to use menus, edit pages, etc. I've tried a few of them and I can easily bypass the login altogether by using a link such as: $PageUrl?action=edit

Isn't there a way to block all edits via a CMS recipe without having to set an edit password in config.php? -Ian MacGregor

Found the answer in AuthUser -Ian MacGregor