|
Cookbook /
UserAuth2-TalkQuestions answered by this recipe
DescriptionEnter your recipe's description here. NotesRelease Notes
CommentsI wanted to secure the login and user management. I came up with this solution which seems to work, but I'd like feedback since I'm still new to modrewrite. Personally, I'd think it much cleaner if the code could do the redirects.: Charles: sonikbuddha ATT hotmail DOTT com
if (@$_SERVER['HTTPS'] == 'on' || @$_SERVER['SERVER_PORT'] == '443')
{
$UrlScheme='https';
} else {
$UrlScheme='http';
}
$ScriptUrl = $UrlScheme.'://www.example.com/wiki';
$PubDirUrl = $UrlScheme.'://www.example.com/wiki/pub';
.htaccess
# Use mod_rewrite to enable "Clean URLs" for a PmWiki installation.
RewriteEngine On
# Define the rewrite base.
RewriteBase /wiki
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} ^/wiki/Site/Login [OR]
RewriteCond %{QUERY_STRING} action=login [OR]
RewriteCond %{QUERY_STRING} ^n=Site.Login [OR]
RewriteCond %{QUERY_STRING} ^action=admin [OR]
RewriteCond %{QUERY_STRING} ^action=pwchange
RewriteRule (.*) https://www.example.com/wiki/$1 [R=permanent,L]
RewriteCond %{SERVER_PORT} 443
RewriteCond %{REQUEST_URI} !(\.gif|\.css)
RewriteCond %{REQUEST_URI} !^/wiki/Site/Login
RewriteCond %{QUERY_STRING} !^n=Site/Login
RewriteCond %{QUERY_STRING} !action=login
RewriteCond %{QUERY_STRING} !action=admin
RewriteCond %{QUERY_STRING} !action=pwchange
RewriteRule (.*) http://www.example.com/wiki/$1 [R=permanent,L]
# Send requests without parameters to pmwiki.php.
RewriteRule ^$ pmwiki.php [L]
# Send requests for index.php to pmwiki.php.
RewriteRule ^index\.php$ pmwiki.php [L]
# Send requests to pmwiki.php, appending the query string part.
RewriteRule ^([A-Z0-9\xa0-\xff].*)$ pmwiki.php?n=$1 [QSA,L]
I've removed any previous comments that I made here. Whilst I did have problems at first with:
I did a clean install and have had no problems since - (I hope). I am enjoying using the software produced by people like PM and Thomas and my thanks go to them both. RecommendUse latest version of software at all times and be careful of settings and you'll not go wrong! I would really like MySQL database authentication, as I have a password protected welcome page, forum and wiki, and adding new users is a pain, I have to add them in three different files (.htpasswd(until I find decent PHP/MySQL login script), wiki(using userauth2) and MyBB(in the MySQL database). It would be probably most optimal if one would use the database organization of MyBB, otherwise you would just end up maintaining two databases / database tables. Can you provide details? (I guess though it is better in the end to create only hooks in UserAuth2 that can be connected with whatever backend is necessary.) ThomasP May 27, 2007, at 05:58 AM
Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to allocate 40 bytes) in /home/*/public_html/*/*/*/wiki/cookbook/userauth2.php on line 1009 , Using the lastest version (stable5). Thanks. This line contains an unserialize() call. Maybe an endless loop in the unserialize code due to an unclean saved permission record? If persistent, try to reduce the maximum sizes of the two caches or (for testing) disable the caching completely. See implementation reference. ThomasP September 12, 2007, at 10:14 AM
The required dot in the URL (. instead of /)Why on earth is this a requirement? It's a pretty sad one. Most sites that I know where pmwiki is used for, have used the / instead of the dot. So none of them can use userAuth2. See AlsoContributors |