[Pmwiki-users] Re: Password never accepted

Mike Harris Mike.Harris
Mon Dec 20 09:58:02 CST 2004


(snip)

>>> "Patrick R. Michaud" <pmichaud at pobox.com> 12/20/2004 9:54:59 AM
>>>
Can you send me your modified pmwiki.php and other files, or at least
the 
parts containing crypt() that you changed?  I can package the change
into
a cookbook recipe, so that you won't have to worry about applying
this patch to future versions of PmWiki...

Pm
(snip)


As I had extracted/saved the changes in my work notes, I'll just
include them here.  Basically, look for the commented out line.  If that
is not satisfactory, please let me know and I'll send the complete
files.

pmwiki.php
  
  # if (crypt($AllowPassword,$passwd)==$passwd) return $page; 
  if (md5($AllowPassword)==$passwd) return $page;

  # if (@crypt($pwresp,$pwchal)==$pwchal) return $page;
  if (@md5($pwresp)==$pwchal) return $page;

  # else if ($newpw>'') $page[$attr]=crypt($newpw);
  else if ($newpw>'') $page[$attr]=md5($newpw);

local\config.php (with edit and upload passwords enabled)

  # $DefaultPasswords['admin'] = crypt('xxxxxxxxxx');
  $DefaultPasswords['admin'] = md5(' xxxxxxxxxx ');

  # $DefaultPasswords['edit'] = crypt(' xxxxxxxxxx ');
  $DefaultPasswords['edit'] = md5(' xxxxxxxxxx ');

  # $DefaultPasswords['upload'] = crypt(' xxxxxxxxxx ');
  $DefaultPasswords['upload'] = md5(' xxxxxxxxxx ');

sample-config.php
 
  didn't change it, probably should have (see config.php above)

scripts\crypt.php

  # $crypt = crypt($passwd);
  $crypt = md5($passwd);

scripts\httpauth.php

  # if (crypt($AllowPassword,$passwd)==$passwd) return $page;
  if (md5($AllowPassword)==$passwd) return $page;

  # if (@crypt($pwresp,$pwchal)==$pwchal) return $page;
  if (@md5($pwresp)==$pwchal) return $page;

tests\install.php

  # $DefaultPasswords['upload'] = crypt('upload');
  $DefaultPasswords['upload'] = md5('upload');





More information about the pmwiki-users mailing list