On 4/22/05, Jason Davies ucgajpd@ucl.ac.uk wrote:
I finally got round to doing this (without the messy mail indentation etc) but it doesn't seem to have had any effect. We're running 1.3.1 for various reasons.
I hope you mean 1.3.11, because there have been _numerous_ security fixes since 1.3.1. If this is a LAN-only setup, it isn't as much of an issue. But if the wiki is public, then you should probably at least patch it.
-- Jamie ------------------------------------------------------------------- http://endeavour.zapto.org/astro73/ Thank you to JosephM for inviting me to Gmail! Have lots of invites. Gmail now has 2GB.
I hope you mean 1.3.11, because there have been _numerous_ security fixes since 1.3.1. If this is a LAN-only setup, it isn't as much of an issue. But if the wiki is public, then you should probably at least patch it.
well, i actually was told we had gone to 1.3.11 after having trouble with 1.4 installation. But when i looked, the folder was called 1.3.1.
I can sort that out on Monday. In the meantime, any ideas on that problem with restricting editing to logged in users, and limiting users to sysop authorisation?
Jason Davies wrote:
I can sort that out on Monday. In the meantime, any ideas on that problem with restricting editing to logged in users, and limiting users to sysop authorisation?
Have you checked the FAQ? http://meta.wikimedia.org/wiki/MediaWiki_FAQ
-- brion vibber (brion @ pobox.com)
Have you checked the FAQ? http://meta.wikimedia.org/wiki/MediaWiki_FAQ
don't know if you saw my earlier post - I followed those instructions carefully. I don't see anything there about a sysop having to authorise new users though....I've copied the pertinent bits at the end of this message.
Dealing with forcing login to edit first:
The opening of the localsettings.php reads thus: you can see right near the end where I added the line
$wgWhitelistEdit = true;
I don't actually see in the FAQ how to set things so that only approved users can have accounts but i followed instructions given here some time ago:
<?php
# This file was automatically generated by the MediaWiki installer. # If you make manual changes, please keep track in case you need to # recreate them later.
$IP = "/nfs/rcs/www/webdocs/calt/alpd/mediawiki-1.3.1"; ini_set( "include_path", ".:$IP:$IP/includes:$IP/languages" ); include_once( "DefaultSettings.php" );
# If PHP's memory limit is very low, some operations may fail. # ini_set( 'memory_limit', '20M' );
if ( $wgCommandLineMode ) { if ( isset( $_SERVER ) && array_key_exists( 'REQUEST_METHOD', $_SERVER ) ) { die( "This script must be run from the command line\n" ); } } else { ## Compress output if the browser supports it if( !ini_get( 'zlib.output_compression' ) ) ob_start( 'ob_gzhandler' ); }
$wgSitename = "ALPDwiki";
$wgScriptPath = "/calt/alpd/mediawiki-1.3.1"; $wgScript = "$wgScriptPath/index.php"; $wgRedirectScript = "$wgScriptPath/redirect.php";
$wgWhitelistEdit = true; # user must login to edit. This line added by Jason April 22 2005 ## If using PHP as a CGI module, use the ugly URLs # $wgArticlePath = "$wgScript/$1"; $wgArticlePath = "$wgScript?title=$1";
(end of excerpt)
This is what I added to the localsettings.php
Add the following lines to LocalSettings.php: # Prevent new user registrations - only users with sysop status can # create users. $wgWhitelistAccount = array ( "sysop" => 1 ); # You must be a logged in user to edit pages. Combining this # restriction with the previous restriction means we control who can # edit pages. $wgWhitelistEdit = true;
thanks for any help. I will sort out the update asap.
On 23 Apr 2005, at 05:56, Jason Davies wrote:
I don't see anything there about a sysop having to authorise new users though...
I had to modify the schema and a bit of code to do this. I added a field to mw_cur: s_mem_type enum, with a default value of "non-member". I don't have web access to this field -- a DBA has to change it to some other state.
I then added a method to User is_member that checks this field. I haven't really put it to use yet, but the intent was to provide access restrictions on personal information; I want full contact info on each User page for other members, but have it hidden for non-members.
Perhaps that's a starting point for you. As near as I could determine, there is no such facility built-in.
:::: Conflict cannot survive without your participation. -- Wayne Dyer :::: Jan Steinman http://www.Bytesmiths.com/Van
I don't see anything there about a sysop having to authorise new users though...
I had to modify the schema and a bit of code to do this. I added a field to mw_cur: s_mem_type enum, with a default value of "non-member". I don't have web access to this field -- a DBA has to change it to some other state.
I'm sure I've seen some localsetting.php lines that enable this. Thanks for your input but it's way over my head!
mediawiki-l@lists.wikimedia.org