Paul Badger (2009-10-04 22:46): > These lines below seem to have fixed the upload problem with php 5.3.0. > > # temprorary workaround for PHP 5.3 login issues > # pmwiki.org/wiki/PITS/01141 > $_REQUEST[session_name()]=1; > > I did have to set permissions on the upload folders at 777 though. > > Any opinions on whether this represents a security issue?
The workaround line shouldn't have any security implications. At least not more than running PHP 5.3.0 before the bugs are explained and fixed (remember that using workarounds is far from fixing). Making uploads/ world-writable is what most people do with PmWiki (and other webapps that need to write files). Security of this depends on your server's configuration. > Also authuser functionality now seems to be broken now. ie defined > passwords no longer work. > Would this have been expected? No, it works here. Could you test whether AuthUser works with a fresh install, without any recipes (you can simply unpack PmWiki into a separate directory, make wiki.d/ world-writable, enable authuser in config.php and copy your password from SiteAdmin.AuthUser)? -- -- Rogutės Sparnuotos _______________________________________________ pmwiki-users mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-users
