PmWikiRu /

, !

()

 PmWiki        . 
      ,       .  ,             (   ),       Security.

    Passwords,     PmWiki      ,    . ,   ,            .

PmWiki :

read
edit
attr (, , )
, upload
 ,    admin          .

 , PmWiki    :
 admin    "" , ..  ,      .

  Passwords        .             local/config.php.

, -- admin. local/config.php:

    $DefaultPasswords['admin'] = crypt('secret_password');

, crypt() -- PmWiki . .

      ,   "edit"       local/config.php:

    $DefaultPasswords['edit'] = crypt('edit_password');

     $DefaultPasswords['read'], $DefaultPasswords['edit']  $DefaultPasswords['upload']   ,       .             .   ,   $DefaultPasswords     :

    $DefaultPasswords['read'] = array(crypt('alpha'), crypt('beta'));
    $DefaultPasswords['edit'] = crypt('beta');

 ,    "alpha"  "beta"   ,    "beta"  -  .   PmWiki        .     -     .

(/ , AuthUser)

            (..     '  '), PmWiki    .          ,            ,   ,   .

, PmWiki authuser.php . AuthUser.

...

               .      (     ),     ,                       .    ,          "admin"  "attr"    config.php.    PmWiki  sample-config.php ,   PmWiki  Main    "attr",   -   ,  "attr" .           "attr"     ( ).    --      config.php:
$DefaultPasswords['admin'] = crypt('-admin-');
$DefaultPasswords['attr'] = crypt('-admin-');

config.php

crypt() config.php -- - . , config.php
    $DefaultPasswords['admin'] = crypt('mysecret');

  "mysecret"    .  ,            ?action=crypt    PmWiki (    PasswordsAdmin?action=crypt).                config.php.  ,  ?action=crypt   "mysecret", PmWiki   

    $DefaultPasswords['type']='$1$vR4.Ma1.$llNADCnbvJRxIE/hqnucA.';
?action=crypt config.php, :
    $DefaultPasswords['admin']='$1$vR4.Ma1.$llNADCnbvJRxIE/hqnucA.';

 ,       crypt   ,     .   ,        .        "mysecret",  -   config.php         .  Crypt            --   (    ).

    ,        ,      :

    $DefaultPasswords['upload'] = '';

      "nopass"(  $AllowPassword)   ?action=attr,                  .

               ,     local/config.php   :

    $ForbiddenPasswords = array('secret', 'tanstaafl');
    if (in_array(@$_POST['authpw'], $ForbiddenPasswords)) 
      unset($_POST['authpw']);

     - "secret"  "tanstaafl"    ,        .

()

     .            ,      ( )   ?action=source.       .       ,     ,          ,      .

    :
  1. "source" local/config.php:
    $HandleAuth['source'] ='edit';
  2. "source" :
    $HandleAuth['source'] ='source';
    $DefaultPasswords['source'] = crypt(secret); #
          ,  :
$PageAttributes['passwdsource'] = "$['Set new source password']";

<< | DocumentationIndex | AuthUser >>

PmWiki.PasswordsAdmin -

  PmWikiRu.PasswordsAdmin -

Backlinks
PmWikiRu.PasswordsAdmin: September 10, 2011, at 01:48 PM EST
PmWiki.PasswordsAdmin: June 03, 2022, at 01:04 AM EST