IchBin wrote: > IchBin wrote: >> This has never happened before but here goes. I just moved my website to >> a new hosting site. I just entered a bad admin login name and correct >> password. It let me open up that page for editing. So I tried to enter a >> makeup userid and makeup password. It let me open up the editor for >> editing that page. I am not sure how this is happening. >> >> I just noticed that I had 30 user on my website. I just put a .htaccess >> file in the root to block anyone until I get this problem fixed. >> >> Nothing have changed I have this: >> >> - this in my config: >> $DefaultPasswords['admin']='$1$Pw1cjg06$9VgqESpEGt1WLCJPgr/3J.'; >> $DefaultPasswords['attr']= '$1$Pw1cjg06$9VgqESpEGt1WLCJPgr/3J.'; >> $DefaultPasswords['edit']= '$1$Pw1cjg06$9VgqESpEGt1WLCJPgr/3J.'; >> $HandleAuth['diff'] = 'edit'; >> >> - authuser plugin >> >> The only thing I can think of is that per a question I had here the >> other day in another thread "Problems adding my pmWiki to a different ISP". >> >> I modify the permissions of wiki.d/ so they're 777 instead of 775. >> >> > > > I am running pmwiki-2.2.0-beta19 Version Number 2001919 > > The website, that I FTP'ed to the new Host site at weconsul.zendurl.com, > is working on my windows pc. The page login is checking correctly. > Maybe I can get some one to respond to this thread with this information.
I have had a site up for at least six months. It is currently running pmwiki-2.2.0-beta18 Version Number 2001918. I have an 'admin' userid. If I enter 'jsndcipadmin12jsad' for my *userid* and the correct password it opens the screen for editing. So the check for userid passed because it happen to have 'admin' embedded in that made-up userid. More importantly, my general question for my other website is, what lets anyone enter anything into a USERID and PASSWORD for 'EDIT' which open up a edit panel for that page? This is what I am asking in this thread. -- Thanks in Advance... http://weconsul.zendurl.com IchBin, Pocono Lake, Pa, USA http://ichbinquotations.awardspace.com ______________________________________________________________________ 'If there is one, Knowledge is the "Fountain of Youth"' -William E. Taylor, Regular Guy (1952-) _______________________________________________ pmwiki-users mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-users
