Simplement pour prévenir que ...
Les mots de passe entre le forum et le wiki discordent.
Donc j'espère que ça n'influence pas les permissions d'édition pour les utilisateurs communs (on avait déjà vérifié y'a un moment, et il semblait que non).
Voilà, bref, c'était juste pour signaler. D'ici à ce qu'on ait une solution d'authentification plus propre ...
]]>Je me suis connecté avec le compte Untest et j'ai pu modifier la page http://openarena.tuxfamily.org/wiki/doc … =revisions.
Tu peux revérifier (c'est recommandé), le site est maintenant prêt à se faire péter
]]>Pour le wiki, vu que c'est des fichiers, rien de prévu. Il faudrait donc mettre ça en place nous-même, avec rsync via ssh, ou bien faire un mirror vers le FTP.
Cela dit, ce serait bien de regarder un peu mieux comment marche dokuwiki, car les pages éffacées sont il me semble conservées ... juste que je trouve que c'est un peu le bordel et pas pratique. (je me plains encore de l'historique de dokuwiki qui il me semble ne recense pas toutes les modifs effectuées)
]]>Pour tes inquiétudes, la fonction d'historique du Wiki n'est pas suffisante pour faire les bons reverts ? (elle est sans doute moins bien faite que celle de mediawiki).
Je parlais pour le moment de l'accès aux _membres_, mais c'est vrai qu'on pourrait étendre aux invités.
-
Je me disait : avant de donner les droits à n'importe qui de faire n'importe quoi (dont la possibilité d'effacer tout le contenu), il faudrai songer à quoi faire en cas de catastrophe. Donc je me dis qu'il faut sauvegarder. Hors je n'ai pas accès à l'outil crontab, donc impossible de faire proprement un script qui s'exécute régulièrement.
Tout ça pour dire, que je ne me penche pas sur le problème de l'accès 777 à tout le monde sans qu'on ai un système de sauvegarde du wiki avant.
]]># <?php exit()?>
# Don't modify the lines above
#
# Access Control Lists
#
# Auto-generated by install script
# Date: Mon, 14 Jul 2008 21:43:37 +0000
* @ALL 1
about @user 2
accueil @user 2
doc:* @user 16
projet:* @user 16
wiki:playground @user 2
english:* @user 16
creations:* @user 16
wiki:* @user 16
about @members 2
accueil @members 2
doc:* @members 16
projet:* @members 16
wiki:playground @members 2
english:* @members 16
creations:* @members 16
Si vous voulez tester :
login: Untest
mot de passe: popo
J'aime pas reléguer le boulot, mais si t'y arrives j'serais bien content
Les permissions devraient être bonnes J'ai changé les perms pour tout htdocs ..
T'inquiètes pas pour le partage du boulot, faut que chacun fasse ce qu'il sait faire et le bouzin avancera.
Donc j'ai tout corrigé et tout devrait fonctionner maintenant. Pour information voila le principe :
* le module que tu as récupéré s'occupe de l'authentification de doku en passant par fluxbb
* le code ne prend en charge que les bases mysql
* j'ai corrigé les quelques endroits de fluxbb.class.php qui n'allaient pas et qui empêchaient de fonctionner avec pgsql (suffit de faire un diff pour voir les différences)
* j'ai ajouté une ligne à pgsql.class.php et mysql.class.php, je comprend d'ailleurs pas comment l'authentification de base avec pgsql peut fonctionner, en l'état actuel il y a forcement une erreur.
Voici le nouveau code de fluxbb.class.php
<?php
/**
* FluxBB auth backend with Postgresql support
*
* Uses external Trust mechanism to check against FluxBB's
* user cookie. FluxBB's FORUM_ROOT must be defined correctly.
*
* @author Andreas Gohr <andi@splitbrain.org>
* @author 0xmathieu <oa.20.ultimat@spamgourmet.com>
*/
if(!defined('FORUM_ROOT')) define('FORUM_ROOT', DOKU_INC.'../forum/');
define('FORUM_DISABLE_CSRF_CONFIRM', 1);
require_once FORUM_ROOT.'include/common.php';
require_once DOKU_INC.'inc/auth/pgsql.class.php';
#dbg($GLOBALS);
#dbg($forum_user);
class auth_fluxbb extends auth_pgsql {
/**
* Constructor.
*
* Sets additional capabilities and config strings
*/
function auth_fluxbb(){
global $conf;
$this->cando['external'] = true;
$this->cando['logoff'] = true;
$conf['passcrypt'] = 'sha1';
// get global vars from fluxbb config
global $db_host;
global $db_name;
global $db_username;
global $db_password;
global $db_prefix;
// now set up the pgsql config strings
if (empty($conf['auth'])) {
$conf['auth'] = array();
$conf['auth']['pgsql'] = array();
}
$cf = &$conf['auth']['pgsql'];
$cf['server'] = $db_host;
$cf['user'] = $db_username;
$cf['password'] = $db_password;
$cf['database'] = $db_name;
$cf['checkPass'] = "SELECT u.password AS pass
FROM ${db_prefix}users AS u, ${db_prefix}groups AS g
WHERE u.group_id = g.g_id
AND u.username = '%{user}'
AND g.g_title != 'Guest'";
$cf['getUserInfo'] = "SELECT password AS pass, realname AS name, email AS mail, id, g_title as group
FROM ${db_prefix}users AS u, ${db_prefix}groups AS g
WHERE u.group_id = g.g_id
AND u.username = '%{user}'";
$cf['getGroups'] = "SELECT g.g_title as group
FROM ${db_prefix}users AS u, ${db_prefix}groups AS g
WHERE u.group_id = g.g_id
AND u.username = '%{user}'";
$cf['getUsers'] = "SELECT DISTINCT u.username AS user
FROM ${db_prefix}users AS u, ${db_prefix}groups AS g
WHERE u.group_id = g.g_id";
$cf['FilterLogin'] = "u.username LIKE '%{user}'";
$cf['FilterName'] = "u.realname LIKE '%{name}'";
$cf['FilterEmail'] = "u.email LIKE '%{email}'";
$cf['FilterGroup'] = "g.g_title LIKE '%{group}'";
$cf['SortOrder'] = "ORDER BY u.username";
$cf['addUser'] = "INSERT INTO ${db_prefix}users
(username, password, email, realname)
VALUES ('%{user}', '%{pass}', '%{email}', '%{name}')";
$cf['addGroup'] = "INSERT INTO ${db_prefix}groups (g_title) VALUES ('%{group}')";
$cf['addUserGroup']= "UPDATE ${db_prefix}users SET group_id=%{gid} WHERE id='%{uid}'";
$cf['delGroup'] = "DELETE FROM ${db_prefix}groups WHERE g_id='%{gid}'";
$cf['getUserID'] = "SELECT id FROM ${db_prefix}users WHERE username='%{user}'";
$cf['updateUser'] = "UPDATE ${db_prefix}users SET";
$cf['UpdateLogin'] = "username='%{user}'";
$cf['UpdatePass'] = "password='%{pass}'";
$cf['UpdateEmail'] = "email='%{email}'";
$cf['UpdateName'] = "realname='%{name}'";
$cf['UpdateTarget']= "WHERE id=%{uid}";
$cf['delUserGroup']= "UPDATE ${db_prefix}users SET g_id=4 WHERE id=%{uid}";
$cf['getGroupID'] = "SELECT g_id AS id FROM ${db_prefix}groups WHERE g_title='%{group}'";
$cf['TablesToLock']= array("${db_prefix}users", "${db_prefix}users AS u",
"${db_prefix}groups", "${db_prefix}groups AS g");
$cf['debug'] = 1;
// call pgsql constructor
$this->auth_pgsql();
}
/**
* Just checks against the $forum_user variable
*/
function trustExternal($user,$pass,$sticky=false){
global $USERINFO;
global $conf;
global $lang;
global $forum_user;
global $forum_config;
global $cookie_name;
$sticky ? $sticky = true : $sticky = false; //sanity check
// someone used the login form
if(!empty($user)){
authenticate_user($user, $pass);
if (!$forum_user['is_guest']){
$expire = ($forum_user['save_pass'] == '1') ? time() + 31536000 : 0;
forum_setcookie($cookie_name, base64_encode($forum_user['id'].'|'.$forum_user['password']), $expire);
}else{
//invalid credentials - log off
msg($lang['badlogin'],-1);
auth_logoff();
return false;
}
}
if(isset($forum_user) && !$forum_user['is_guest']){
// okay we're logged in - set the globals
$USERINFO['pass'] = $forum_user['password'];
$USERINFO['name'] = $forum_user['realname'];
$USERINFO['mail'] = $forum_user['email'];
$USERINFO['grps'] = array($forum_user['g_title']);
if ($forum_user['g_id'] == FORUM_ADMIN)
$USERINFO['grps'][] = 'admin';
$_SERVER['REMOTE_USER'] = $forum_user['username'];
$_SESSION[DOKU_COOKIE]['auth']['user'] = $forum_user['username'];
$_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO;
return true;
}
// to be sure
auth_logoff();
return false;
}
/**
* remove fluxbb cookie on logout
*/
function logOff(){
global $forum_user;
global $cookie_name;
$forum_user = array();
$forum_user['is_guest'] = true;
forum_setcookie($cookie_name, base64_encode('1|'.random_key(8, true)), time() + 31536000);
}
}
//To delete unwanted notices, by Cacatoes
//See http://fluxbb.org/forums/post/11507/#p11507
error_reporting(E_ALL ^ E_NOTICE);
//Setup VIM: ex: et ts=2 enc=utf-8 :
Voici le bout de code à ajouter en haut de pgsql.class.php et mysql.class.php :
if(!defined('DOKU_AUTH')) define('DOKU_AUTH', dirname(__FILE__));
à la place de :
define('DOKU_AUTH', dirname(__FILE__));
Les permissions devraient être bonnes J'ai changé les perms pour tout htdocs ..
]]>Merci
]]>Donc normal si vous voyez des messages d'erreur avec l'authentification poindre ces jours-ci
]]>Dokuwiki - inc/auth/fluxbb.class.php
<?php
/**
* FluxBB auth backend
*
* Uses external Trust mechanism to check against FluxBB's
* user cookie. FluxBB's FORUM_ROOT must be defined correctly.
*
* @author Andreas Gohr <andi@splitbrain.org>
*/
if(!defined('FORUM_ROOT')) define('FORUM_ROOT', DOKU_INC.'../forums/');
define('FORUM_DISABLE_CSRF_CONFIRM', 1);
require_once FORUM_ROOT.'include/common.php';
require_once DOKU_INC.'inc/auth/mysql.class.php';
#dbg($GLOBALS);
#dbg($forum_user);
class auth_fluxbb extends auth_mysql {
/**
* Constructor.
*
* Sets additional capabilities and config strings
*/
function auth_fluxbb(){
global $conf;
$this->cando['external'] = true;
$this->cando['logoff'] = true;
$conf['passcrypt'] = 'sha1';
// get global vars from fluxbb config
global $db_host;
global $db_name;
global $db_username;
global $db_password;
global $db_prefix;
// now set up the mysql config strings
$conf['auth']['mysql']['server'] = $db_host;
$conf['auth']['mysql']['user'] = $db_username;
$conf['auth']['mysql']['password'] = $db_password;
$conf['auth']['mysql']['database'] = $db_name;
$conf['auth']['mysql']['checkPass'] = "SELECT u.password AS pass
FROM ${db_prefix}users AS u, ${db_prefix}groups AS g
WHERE u.group_id = g.g_id
AND u.username = '%{user}'
AND g.g_title != 'Guest'";
$conf['auth']['mysql']['getUserInfo'] = "SELECT password AS pass, realname AS name, email AS mail,
id, g_title as `group`
FROM ${db_prefix}users AS u, ${db_prefix}groups AS g
WHERE u.group_id = g.g_id
AND u.username = '%{user}'";
$conf['auth']['mysql']['getGroups'] = "SELECT g.g_title as `group`
FROM ${db_prefix}users AS u, ${db_prefix}groups AS g
WHERE u.group_id = g.g_id
AND u.username = '%{user}'";
$conf['auth']['mysql']['getUsers'] = "SELECT DISTINCT u.username AS user
FROM ${db_prefix}users AS u, ${db_prefix}groups AS g
WHERE u.group_id = g.g_id";
$conf['auth']['mysql']['FilterLogin'] = "u.username LIKE '%{user}'";
$conf['auth']['mysql']['FilterName'] = "u.realname LIKE '%{name}'";
$conf['auth']['mysql']['FilterEmail'] = "u.email LIKE '%{email}'";
$conf['auth']['mysql']['FilterGroup'] = "g.g_title LIKE '%{group}'";
$conf['auth']['mysql']['SortOrder'] = "ORDER BY u.username";
$conf['auth']['mysql']['addUser'] = "INSERT INTO ${db_prefix}users
(username, password, email, realname)
VALUES ('%{user}', '%{pass}', '%{email}', '%{name}')";
$conf['auth']['mysql']['addGroup'] = "INSERT INTO ${db_prefix}groups (g_title) VALUES ('%{group}')";
$conf['auth']['mysql']['addUserGroup']= "UPDATE ${db_prefix}users
SET group_id=%{gid}
WHERE id='%{uid}'";
$conf['auth']['mysql']['delGroup'] = "DELETE FROM ${db_prefix}groups WHERE g_id='%{gid}'";
$conf['auth']['mysql']['getUserID'] = "SELECT id FROM ${db_prefix}users WHERE username='%{user}'";
$conf['auth']['mysql']['updateUser'] = "UPDATE ${db_prefix}users SET";
$conf['auth']['mysql']['UpdateLogin'] = "username='%{user}'";
$conf['auth']['mysql']['UpdatePass'] = "password='%{pass}'";
$conf['auth']['mysql']['UpdateEmail'] = "email='%{email}'";
$conf['auth']['mysql']['UpdateName'] = "realname='%{name}'";
$conf['auth']['mysql']['UpdateTarget']= "WHERE id=%{uid}";
$conf['auth']['mysql']['delUserGroup']= "UPDATE ${db_prefix}users SET g_id=4 WHERE id=%{uid}";
$conf['auth']['mysql']['getGroupID'] = "SELECT g_id AS id FROM ${db_prefix}groups WHERE g_title='%{group}'";
$conf['auth']['mysql']['TablesToLock']= array("${db_prefix}users", "${db_prefix}users AS u",
"${db_prefix}groups", "${db_prefix}groups AS g");
$conf['auth']['mysql']['debug'] = 1;
// call mysql constructor
$this->auth_mysql();
}
/**
* Just checks against the $forum_user variable
*/
function trustExternal($user,$pass,$sticky=false){
global $USERINFO;
global $conf;
global $lang;
global $forum_user;
global $forum_config;
global $cookie_name;
$sticky ? $sticky = true : $sticky = false; //sanity check
// someone used the login form
if(!empty($user)){
authenticate_user($user, $pass);
if (!$forum_user['is_guest']){
$expire = ($forum_user['save_pass'] == '1') ? time() + 31536000 : 0;
forum_setcookie($cookie_name, base64_encode($forum_user['id'].'|'.$forum_user['password']), $expire);
}else{
//invalid credentials - log off
msg($lang['badlogin'],-1);
auth_logoff();
return false;
}
}
if(isset($forum_user) && !$forum_user['is_guest']){
// okay we're logged in - set the globals
$USERINFO['pass'] = $forum_user['password'];
$USERINFO['name'] = $forum_user['realname'];
$USERINFO['mail'] = $forum_user['email'];
$USERINFO['grps'] = array($forum_user['g_title']);
if ($forum_user['g_id'] == FORUM_ADMIN)
$USERINFO['grps'][] = 'admin';
$_SERVER['REMOTE_USER'] = $forum_user['username'];
$_SESSION[DOKU_COOKIE]['auth']['user'] = $forum_user['username'];
$_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO;
return true;
}
// to be sure
auth_logoff();
return false;
}
/**
* remove fluxbb cookie on logout
*/
function logOff(){
global $forum_user;
global $cookie_name;
$forum_user = array();
$forum_user['is_guest'] = true;
forum_setcookie($cookie_name, base64_encode('1|'.random_key(8, true)), time() + 31536000);
}
}
// Modif par cacatoes : désactiver les notifications de non-initialisation des variables, etc...
error_reporting(E_ALL ^ E_NOTICE);
//Setup VIM: ex: et ts=2 enc=utf-8 :
Dokuwiki - conf/local.php :
$conf['authtype']='fluxbb';
define('FORUM_ROOT','/data/web/59/0e/7c/openarena.tuxfamily.org/htdocs/forum/');
Ce qu'on avait avant fonctionnait, mais les messages d'erreurs qui apparaissaient étaient dûs au mode debug en gros.
]]>