Re: [pmwiki-users] action=crypt issue (pmwiki bug?)
btw, I just found this to be an old well known bug referenced as PITS #1000 and also here : http://www.pmichaud.com/pipermail/pmwiki-users/2004-December/008722.html JF 2008/10/31 Jean-Fabrice [gmail] <[EMAIL PROTECTED]>: > Hi, > According to http://pmwiki.org/wiki/Cookbook/CleanUrls, $ScriptUrl > should not ends with a trailing slash. Apache does it's job and send > back a 302 location when the use ask for a directory without putting a > trailing slash at the end. > > function HandleCrypt (in scripts/crypt.php) creates a form where > action is set to $ScriptUrl, that is a URL with no trailing slash. > When this form is posted, my apache sends back a 302 location to add > the trailing slash. The original post is then lost and so is the > pmwiki answers to the form request. > > Shouldn't HandCrypt creates a form with action=$PageUrl instead ? or > add a trailing slash when $ScriptUrl does not have one ? > > Or maybe my apache is badly configured (but I'm not using apache > aliases, so I don't have to care with trailing slashes) > > JF > ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] ?action=edit not working anymore
Thank you everybody...finally I came up with a last hour fix! The problem was permissions... I had overlooked a wiki.d folder that was inside the skin folder which was set to only write. I just chmoded to 755 and it worked again... The main problem here, is the ISP, which I am quite sure ran a general script to changing permissions to a more ¨secure¨ (according to their concept of things...) setting! This WILL happen again, and I think it is a common procedure on much of the ISPs, which puts in danger all of our work with PmWiki...I think we should pay attention to this and tell the providers massively that they shouldnt mess with things in such a generic way Thanks again to everyone who tried to help in this case... Best regards from Buenos Aires! 2008/3/31, Christian Bartolomaeus <[EMAIL PROTECTED]>: > Hi Fernando, > > On 2008-03-30, Fernando Pont wrote: > >[...] > > >When I add ?action=edit to the url, I just get the part that I need to > >edit, blank... > >You can take a look at the site (it's in spanish) at > > >[1]http://www.capituloinfancia.periodismosocial.net/PS/pmwiki.php/Main > > >/RightBar?action=edit > >I included the edit commend to show what I mean... > > > it seems to work for me now. Do you still experience any problems? > > On 2008-03-30, Fernando Pont wrote: > >[...] > > >Tegan said something about EditForm, well.. I checked out and it > >actually shows, but instead of gui buttons it has code, as you > >can see in the image attached. I wonder what is really > >happening!! > > > I think your Site/EditForm looks fine. You can compare it with > > http://www.pmwiki.org/wiki/Site/EditForm > > The code you see generates the edit form used for editing pages. > > Best regards > > > Christian > > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.6 (GNU/Linux) > > iD8DBQFH8HWhFvkwwNi9yQQRAnXbAJsGZHB/F7snUo5F1tf1eh/O+BVHMQCbBeKC > BQFSOLris2bxAA1t7SHKED8= > =RbPe > -END PGP SIGNATURE- > > ___ > pmwiki-users mailing list > pmwiki-users@pmichaud.com > http://www.pmichaud.com/mailman/listinfo/pmwiki-users > > ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] ?action=edit not working anymore
Hi Fernando, On 2008-03-30, Fernando Pont wrote: >[...] >When I add ?action=edit to the url, I just get the part that I need to >edit, blank... >You can take a look at the site (it's in spanish) at >[1]http://www.capituloinfancia.periodismosocial.net/PS/pmwiki.php/Main >/RightBar?action=edit >I included the edit commend to show what I mean... it seems to work for me now. Do you still experience any problems? On 2008-03-30, Fernando Pont wrote: >[...] >Tegan said something about EditForm, well.. I checked out and it >actually shows, but instead of gui buttons it has code, as you >can see in the image attached. I wonder what is really >happening!! I think your Site/EditForm looks fine. You can compare it with http://www.pmwiki.org/wiki/Site/EditForm The code you see generates the edit form used for editing pages. Best regards Christian signature.asc Description: Digital signature ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] ?action=edit not working anymore
Thank you very much Tegan, I had previously tried with setting 777 to wiki.d& wikilib.d, but no cigar!! :( I wonder if the problem could lay on config.php or index.php... I'n no programmer or such, just a designer so I couldn't really tell... Tegan said something about EditForm, well.. I checked out and it actually shows, but instead of gui buttons it has code, as you can see in the image attached. I wonder what is really happening!! Anyway, thank you so much.. I hope someone comes out with another idea that can help... Cheers from Buenos Aires! 2008/3/30, Tegan Dowling <[EMAIL PROTECTED]>: > > On Sun, Mar 30, 2008 at 5:26 PM, Fernando Pont <[EMAIL PROTECTED]> wrote: > > Hi! I really need some help here.. I' ve been using PmWiki as a website > for > > a NGO for about 2 years now. All of a sudden I had a problem with > > permissions (they were changed supposedly by some script run by the > server). > > I solved it by changing back the permissions on wiki.d and wikilib.d(744), > > but since then, I can´t get to edit any page. > > When I add ?action=edit to the url, I just get the part that I need to > > edit, blank... > > You can take a look at the site (it's in spanish) at > > > http://www.capituloinfancia.periodismosocial.net/PS/pmwiki.php/Main/RightBar?action=edit > > I included the edit commend to show what I mean... > > > My first thought was to check for whether Site/EditForm might have > been deleted -- but it's there... > > My sites all have permissions for wiki.d set to 777. Try that and see > if that resolves things? > > Please reply to the list, as I'm barely literate in this stuff -- but > hoping this might help. > > > Tegan > <>___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] ?action=edit not working anymore
On Sun, Mar 30, 2008 at 5:26 PM, Fernando Pont <[EMAIL PROTECTED]> wrote: > Hi! I really need some help here.. I' ve been using PmWiki as a website for > a NGO for about 2 years now. All of a sudden I had a problem with > permissions (they were changed supposedly by some script run by the server). > I solved it by changing back the permissions on wiki.d and wikilib.d (744), > but since then, I can´t get to edit any page. > When I add ?action=edit to the url, I just get the part that I need to > edit, blank... > You can take a look at the site (it's in spanish) at > http://www.capituloinfancia.periodismosocial.net/PS/pmwiki.php/Main/RightBar?action=edit > I included the edit commend to show what I mean... My first thought was to check for whether Site/EditForm might have been deleted -- but it's there... My sites all have permissions for wiki.d set to 777. Try that and see if that resolves things? Please reply to the list, as I'm barely literate in this stuff -- but hoping this might help. Tegan ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] ?action=upload
"Patrick R. Michaud" wrote : > In a _url_ it's not possible, because the only way to perform > a file upload is by using an HTTP POST request using a > "multipart/form-data" encoding. Any other alternative ? idea would be to push files to the /import directory in a very secured environment, ... I would like to avoid using 'sftp' 2nd question : any chance to use REST API to read & write pages from a windows client/server tool ? Thanks for your comments, SH ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] ?action=upload
On Fri, Feb 29, 2008 at 03:46:46PM -0600, Chris Cox wrote: > Stéphane Heckel wrote: > > Greetings, ... > > > > Just wondering if it's possible to upload a file and set all required > > parameters in the URL, ie source file, target, ... to avoid being prompted ? > > Probably possible to craft it... but now we'll have a whole discussion > about upload spam (sigh). In a _url_ it's not possible, because the only way to perform a file upload is by using an HTTP POST request using a "multipart/form-data" encoding. In other words, any "file" portion of an upload is expected to be in the body of the HTTP request (and most browsers expect to handle it that way). Pm ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] ?action=upload
Stéphane Heckel wrote: > Greetings, ... > > Just wondering if it's possible to upload a file and set all required > parameters in the URL, ie source file, target, ... to avoid being prompted ? Probably possible to craft it... but now we'll have a whole discussion about upload spam (sigh). But, might be ok for a controlled internal only site. (are you sure this is what you are wanting to do?) ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] action = copy?
On Feb 20, 2008 3:30 AM, Hans <[EMAIL PROTECTED]> wrote: > Wednesday, February 20, 2008, 2:06:26 AM, Steven Benmosh wrote: > > > I want users to be able to copy and edit pages so they can use he same > > templates I do. This way, the can maintain the same style as I do, and once > > I verify their data, I can move it to the read only groups with ease. > > > I have a different template for each group, but only one for the users area. > > I think Tegan's suggestion using EditTemplates is your best option, > for giving users a blueprint when they start a new page. Of course > if the template contains data they could alter this. If you want the > GPS data to stay "certified" by you, you should not include it in any > user template, but include it indirectly, for instance with a page > include (:include ..:) markup, or have the data available as page text > variables on your edit-protected pages, which can be accessed from > user pages. Instead of having the users' pages start with one of your own, data-included, pages as a template, you could use EditTemplates to pre-configure new pages in the users' groups with generic forms for them to fill in. I have a "Templates" wikigroup in my standard installation, with templates pages for HomePage, SideBar, etc. These are all designed just for the purpose of pre-populating new pages elsewhere in the wiki, so have (:comments ... :) and so forth to help authors understand how to use them. ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] action = copy?
Wednesday, February 20, 2008, 2:06:26 AM, Steven Benmosh wrote: > I want users to be able to copy and edit pages so they can use he same > templates I do. This way, the can maintain the same style as I do, and once > I verify their data, I can move it to the read only groups with ease. > I have a different template for each group, but only one for the users area. I think Tegan's suggestion using EditTemplates is your best option, for giving users a blueprint when they start a new page. Of course if the template contains data they could alter this. If you want the GPS data to stay "certified" by you, you should not include it in any user template, but include it indirectly, for instance with a page include (:include ..:) markup, or have the data available as page text variables on your edit-protected pages, which can be accessed from user pages. Sorry i misunderstood you, by interpreting read-only with read-protected! Thank you for explaining your project, and my best wishes for it! ~Hans ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] action = copy?
>Is there functionality in PmWiki that allows one to copy a page without
>access to the wiki.d directory?
If you have Cookbook/WikiSh installed (with $EnableWikiShWritePage and
$EnableWikiShCreatePage at a minimum) you can use this MX to copy from
readonly page A to page B
{(cp ClosedGroup.A OpenGroup.B)}
If you wanted to copy the entire group (i.e., have an entire group as a
"template" for groups you want to create) you could do this:
{(cp ClosedGroup.* OpenGroup)}
-Peter
___
pmwiki-users mailing list
pmwiki-users@pmichaud.com
http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] action = copy?
On Feb 19, 2008 5:14 PM, Steven Benmosh <[EMAIL PROTECTED]> wrote: > Is there functionality in PmWiki that allows one to copy a page without > access to the wiki.d directory? > > Here is the goal: I have 3 read only group that I use for my own pages, each > with a different template. I have a users area, where users can add their > own content. I want users to be able to use all 3 template, or even copy a > page from one of my groups and modify the content. Since my page are read > only (and action=source is also password protected), they can not access the > source. > > A 'copy' button would be nice, or action=copy. It would have to provide a > field for the new group.page name, or even to default to a specific group > and only allow to name the page. Hi, Steven: As long as your users can read the pages that you want them to use as templates, I think maybe you can use one/some of the methods described on http://www.pmwiki.org/wiki/Cookbook/EditTemplates Note that one of the methods there is a "one-shot template": [[SomeGroup.NewPage?action=edit?template=OldGroup.OldPage]] Let us know if none of that applies. Tegan ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] action = copy?
Hans, My site has gps tracks (bus routes and foot/car routes) and points of interest. It contains my own data, which I trust, and an area for users to add their own data, which I don't trust as much. Since it is easy for a malicious user to enter false GPS coordinates and send someone to a nasty part of town, an unpassable road, or just an inappropriate place, I don't let users edit my data. I don't let them see the source for security reasons. I want users to be able to copy and edit pages so they can use he same templates I do. This way, the can maintain the same style as I do, and once I verify their data, I can move it to the read only groups with ease. I have a different template for each group, but only one for the users area. If you have the time, check out the wiki part of the site, gps.words2u.netand you'll get the idea. I am still working on the site, so the design needs to be improved (more graphics, less intrusive borders on the ads, etc.), but the general strcture and templates are close to final status. Thanks, Z. On Feb 19, 2008 6:26 PM, Hans <[EMAIL PROTECTED]> wrote: > Tuesday, February 19, 2008, 11:14:10 PM, Steven Benmosh wrote: > > > Here is the goal: I have 3 read only group that I use for my own pages, > each > > with a different template. I have a users area, where users can add > their > > own content. I want users to be able to use all 3 template, or even copy > a > > page from one of my groups and modify the content. Since my page are > read > > only (and action=source is also password protected), they can not access > the > > source. > > I don't quite understand the rational behind copying read-protected > pages into non-read-protected pages. Why read-protect them in the > first place if you want to allow access by copying them? > > apart from that perhaps have a look at > http://www.pmwiki.org/wiki/Cookbook/FoxPageManagement > > > ~Hans > > -- Check out my web site - www.words2u.net ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] action = copy?
Tuesday, February 19, 2008, 11:14:10 PM, Steven Benmosh wrote: > Here is the goal: I have 3 read only group that I use for my own pages, each > with a different template. I have a users area, where users can add their > own content. I want users to be able to use all 3 template, or even copy a > page from one of my groups and modify the content. Since my page are read > only (and action=source is also password protected), they can not access the > source. I don't quite understand the rational behind copying read-protected pages into non-read-protected pages. Why read-protect them in the first place if you want to allow access by copying them? apart from that perhaps have a look at http://www.pmwiki.org/wiki/Cookbook/FoxPageManagement ~Hans ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] action=edit hangs
Apologies, I sent this (below) directly to pm instead of to the group as I had intended. I am still at a complete loss as to how to fix this problem in any kind of acceptable solution... I attempted deleting .flock, renaming it, renaming wiki.d, renaming pmwiki itself, etc. and nothing was successful. Mtime and atime continue to be updated regularly. However, I have found a workaround. I went into pmwiki.php to the Lock() function and changed the line reading SDV($LockFile,"$WorkDir/.flock"); To SDV($LockFile,"$WorkDir/.MYflock"); Now I am once again able to edit pages on my site. However, I don't know if I've set myself up for something else in the future... Hopefully everybody is well-behaved and always uses this function to get/use .flock, but if not I could get myself into worse problems... I would still greatly appreciate it if anybody could give me any pointers how delete the undeletable .flock file so I can go back to normal behavior... -Peter -Original Message- From: Peter & Melodye Bowers [mailto:[EMAIL PROTECTED] Sent: Thursday, October 18, 2007 4:34 PM To: 'Patrick R. Michaud' Cc: SentN ([EMAIL PROTECTED]); Peter Gmail Bowers ([EMAIL PROTECTED]) Subject: RE: [pmwiki-users] action=edit hangs Thanks for the thoughts... See below for specific answers. > -Original Message- > From: Patrick R. Michaud [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 18, 2007 2:42 PM > To: Peter & Melodye Bowers > Cc: pmwiki-users@pmichaud.com; Peter Gmail Bowers; SentN > Subject: Re: [pmwiki-users] action=edit hangs > > On Thu, Oct 18, 2007 at 07:32:36AM +0200, Peter & Melodye Bowers wrote: > >I am still struggling with being completely unable to edit a single > page > >on my system. I can view/search/etc, but any edits causes the system > to > >hang indefinitely. > > By "hang indefinitely" do you mean that the server never returns a > page to the browser? Or does it return a blank page? Never returns a page to the browser -- message in the status bar continues to say "waiting for ccl-al.org" indefinitely. Hmmm... Actually the page I left in that state 4 hours ago now shows "done" in the status bar and a blank page. No idea when it change nor whether there was any error message that I might have missed since I haven't been near the computer for quite a while... > Try removing the .flock file in wiki.d/ . Hmmm... Can't seem to do that! Results from filezilla: ===(snip)=== Command:DELE .flock Response: 550 /pmwiki/wiki.d/.flock: Cannot delete file. ===(snip)=== Permissions are fine as far as I can see... (rwrwrw=666) Webadmin gives no errors when I attempt the deletion, but the file is still there after "deleting". Do note that the atime and mtime is current on .flock. Perhaps changes each time I try to delete via webadmin? Yes, that appears correct. Ctime is sometime back in February (probably when I updated to the then-current beta?) I have no command line access, unfortunately. What I can do via FTP and PHP is the extent of my permission. > >Please, any help in troubleshooting, ideas to try, etc would be > GREATLY > >appreciated. > > Is there a url we could look at? www.ccl-al.org/pmwiki/pmwiki.php > > Pm ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] action=edit hangs
On Thu, Oct 18, 2007 at 07:32:36AM +0200, Peter & Melodye Bowers wrote: >I am still struggling with being completely unable to edit a single page >on my system. I can view/search/etc, but any edits causes the system to >hang indefinitely. By "hang indefinitely" do you mean that the server never returns a page to the browser? Or does it return a blank page? Try removing the .flock file in wiki.d/ . >Please, any help in troubleshooting, ideas to try, etc would be GREATLY >appreciated. Is there a url we could look at? Pm ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] action bar
On Sun, Jun 03, 2007 at 11:32:48AM -0400, Marguerite Floyd wrote:
> I asked this before but got myself so confused with everyone's helpful
> answers I gave up . . . .
>
> I'm using the Barthelme template. The action bar (View, Edit,
> History, Print) is at the bottom right of the sidebar.
>
> I want it to be at the top right of the content boxes.
>
> I know very little HTML, but I do know how to copy and paste, and how
> to type in code. The only recipes I can find talk about tabs and so
> on, but I can't find anything that addresses what I want.
>
> Thanks for the 23rd millionith time!
>
Okay, I'll try, but I'm not an expert.
First, in ../pub/skins/barthelme edit the .tmpl file:
move the line [line 42]
just below
[line 27]
so it now look like--
Remove the
Actions
from the sidebar.
Test; this will give you a nice menu above the page content
left aligned to the sidebar.
To right align takes more work. I got it to work by
adding
#headright {
white-space:nowrap;
text-align:right;
}
after line 127 in the barthelme.css file.
Then, in the barthelme.tmpl file change the section "container"
to look like this--
div id='container'>
This in inelegant but works in my quick tests (I don't use
the barthelme skin, but it looks attractive).
Personally, I think it looks better aligned left :-)
Rgds,
--
Mike Bishop
Willow, Alaska
___
pmwiki-users mailing list
pmwiki-users@pmichaud.com
http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] action=upload hacked ???
On 5/4/07, Christophe David <[EMAIL PROTECTED]> wrote: > > > Is the root directory of the field writable? If so, it shouldn't be. > > > It is indeed. Will change that. > > > > That still doesn't explain where the files are coming from, > > but I suspect it's not as a result of the uploads capability. > > > > >I would appreciate it if someone would report a similar experience > and > > >share his findings, or suggest a particular cookbook or combination > of > > >settings that would allow the creation of these files. > > > > Perhaps you could help us narrow things down by letting us know > > what recipes and/or settings you're using...? > > > Here we go... > > ActionLog.php > authuser.php > charts.php > emenu.php > enablehtml.php > e-protect.php > expirediff.php > FlashMindMap.php > includeSite.php > pmwiki2pdf.php > postitnotes.php > rssdisplay.php > searchterms.php > sourceblock.php > stylepage.php > VisitorsLogging.php > > > Unfortunately, the accesslog retention period is such that I missed the > lines for the moment these files were created. > FWIW, you can customize ActionLog with the help of using both parameters: * $ActionLogLinesMax = NUMBER, to specify a maximum per-page log line count. * $ActionLogArchive = 1, to archive previous logs when the line max count has been reached instead of throwing them away. Archived pages are named as ActionLog-TIMESTAMP by default. Hope this could help, Dominique ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] action=upload hacked ???
Is the root directory of the field writable? If so, it shouldn't be. It is indeed. Will change that. That still doesn't explain where the files are coming from, but I suspect it's not as a result of the uploads capability. >I would appreciate it if someone would report a similar experience and >share his findings, or suggest a particular cookbook or combination of >settings that would allow the creation of these files. Perhaps you could help us narrow things down by letting us know what recipes and/or settings you're using...? Here we go... ActionLog.php authuser.php charts.php emenu.php enablehtml.php e-protect.php expirediff.php FlashMindMap.php includeSite.php pmwiki2pdf.php postitnotes.php rssdisplay.php searchterms.php sourceblock.php stylepage.php VisitorsLogging.php Unfortunately, the accesslog retention period is such that I missed the lines for the moment these files were created. I intend to check for the existence of such files more often and try to find in the access log which page/action was used. Christophe ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] action=upload hacked ???
Could you list the recipes/customizations that you have enabled and the pmwiki version? -Martin --- Christophe David <[EMAIL PROTECTED]> wrote: > I regularly find 0 byte files like > > 0 pre > 0 preteen > 0 preteens > 0 pthc > 0 pussy > 0 ranchi > 0 real > 0 riley > 0 rompl > 0 russian > 0 shy > > in the root directory of one of the fields of my > wiki farm. > > Uploads are not enabled, except for one unique page > (in a > group.name.phpfile). This page is read and edit > protected, and the > upload directory is not > the root (where the 0 byte files are found). The > uploads made using this > page work as expected. > > I would appreciate it if someone would report a > similar experience and share > his findings, or suggest a particular cookbook or > combination of settings > that would allow the creation of these files. > > Thank you in anticipation. > > Christophe > > ___ > pmwiki-users mailing list > pmwiki-users@pmichaud.com > http://www.pmichaud.com/mailman/listinfo/pmwiki-users > __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] action=upload hacked ???
On Fri, May 04, 2007 at 09:17:27PM +0200, Christophe David wrote: >I regularly find 0 byte files like > >0 pre >0 preteen >0 preteens >0 pthc >0 pussy >0 ranchi >0 real >0 riley >0 rompl >0 russian >0 shy > >in the root directory of one of the fields of my wiki farm. Is the root directory of the field writable? If so, it shouldn't be. That still doesn't explain where the files are coming from, but I suspect it's not as a result of the uploads capability. >I would appreciate it if someone would report a similar experience and >share his findings, or suggest a particular cookbook or combination of >settings that would allow the creation of these files. Perhaps you could help us narrow things down by letting us know what recipes and/or settings you're using...? Pm ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] $action
Wednesday, April 18, 2007, 4:05:17 PM, Nicholas wrote: > If I can use... > $action=='comment' > ...to set a filter for what appears on the recent > changes list. Would other/all recepies have similar > action signatures that I can look for to add to the > list of pages not included in the recent changes list? > I'm thinking specifically of The Wiki Calendar > recepie. did you try if ($action=='wikilog') ~Hans ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] action=version (Was: pmwiki and apis)
On Mon, 16 Apr 2007, Patrick R. Michaud wrote: Maybe we could let '?action=dc' also output the revision of PmWiki. I'm not sure that I see a natural dc metadata element where the PmWiki version information could go. (And it would still need to be optional, since some admins don't want that information to be available.) True. And it should probably still be the API version rather then the PmWiki version. Still, I'm glad I finally rememberd 'dc'. /C -- Christian Ridderström, +46-8-768 39 44 http://www.md.kth.se/~chr___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] action=version (Was: pmwiki and apis)
On Mon, Apr 16, 2007 at 03:45:38PM +0200, [EMAIL PROTECTED] wrote: > On Mon, 16 Apr 2007, Patrick R. Michaud wrote: > > >It's also worth looking at ?action=dc and ?action=rss (see > > Aha... now I rememeber it. It was '?action=dc' that was the mechanism I > couldn't remember. > > Maybe we could let '?action=dc' also output the revision of PmWiki. I'm not sure that I see a natural dc metadata element where the PmWiki version information could go. (And it would still need to be optional, since some admins don't want that information to be available.) Any Dublin Core metadata experts around that could help with this? Pm ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] action diff, source and browse
On Thu, Mar 15, 2007 at 05:56:47PM -0400, The Editor wrote: > >Normally one does not "unencrypt" passwords. Instead, the way > >passwords work is that one stores the encrypted form of a password, > >and to check if an entered password matches the stored one, you > >simply re-encrypt the entered password and make sure that the > >resulting encryptions match. > > Ahhh, thanks Pm. Very clever. But then how does one send a password > reminder? Or is that not normally done? Normally I'm not a fan of "password reminder" systems, as it means that the password is sent via email (in cleartext), and thus cannot be trusted after being sent. What many systems do is send a message containing a link to be followed in order to reset the password. The link contains a one-time-use code (essentially a random number) that allows the password to be changed for a limited period of time. The person receiving the mail can then use this link to regain access to the account, and change the password to a known value. Pm ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] action diff, source and browse
On 3/15/07, Patrick R. Michaud <[EMAIL PROTECTED]> wrote: > On Thu, Mar 15, 2007 at 02:21:32PM -0400, The Editor wrote: > > If I read protect a group, will that be sufficient to > > > > 1) protect its contents from action=diff? > > 2) protect its contents from action=source? > > 3) Text Vars being read from it onto other pages? > > Yes, at least with the core. (I make few guarantees as to what other recipes > might do that could allow read-protected content to leak. :-) > > > Second, what is the best way to encrypt/unencrypt passwords. [...] > > Normally one does not "unencrypt" passwords. Instead, the way > passwords work is that one stores the encrypted form of a password, > and to check if an entered password matches the stored one, you > simply re-encrypt the entered password and make sure that the > resulting encryptions match. > > This is how crypt-based and md5-based password systems work. > (PmWiki uses crypt() for its password encryptions.) > > Any system that uses two-way encryption functions (i.e., allowing > stored passwords to be converted back to unencrypted form) is likely > to be insecure unless there's a really good mechanism available > for keeping the encryption key(s) secret. And you also have to be > prepared to handle the case when the key is lost somehow. > > (I wouldn't consider storing the key in a config file as being "safe".) > > Pm Ahhh, thanks Pm. Very clever. But then how does one send a password reminder? Or is that not normally done? Cheers, Dan ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
Re: [pmwiki-users] action diff, source and browse
On Thu, Mar 15, 2007 at 02:21:32PM -0400, The Editor wrote: > If I read protect a group, will that be sufficient to > > 1) protect its contents from action=diff? > 2) protect its contents from action=source? > 3) Text Vars being read from it onto other pages? Yes, at least with the core. (I make few guarantees as to what other recipes might do that could allow read-protected content to leak. :-) > Second, what is the best way to encrypt/unencrypt passwords. [...] Normally one does not "unencrypt" passwords. Instead, the way passwords work is that one stores the encrypted form of a password, and to check if an entered password matches the stored one, you simply re-encrypt the entered password and make sure that the resulting encryptions match. This is how crypt-based and md5-based password systems work. (PmWiki uses crypt() for its password encryptions.) Any system that uses two-way encryption functions (i.e., allowing stored passwords to be converted back to unencrypted form) is likely to be insecure unless there's a really good mechanism available for keeping the encryption key(s) secret. And you also have to be prepared to handle the case when the key is lost somehow. (I wouldn't consider storing the key in a config file as being "safe".) Pm ___ pmwiki-users mailing list pmwiki-users@pmichaud.com http://www.pmichaud.com/mailman/listinfo/pmwiki-users
