Hello all, All of the above were a top priority for me when I started building my site. I've been reading and rereading the security documentation for PMWiki, as well as documentation on various recipes dealing with authentication. I installed authuser successfully and I kno how to use the attr action to sed permissions. I was able to put off this whole mess for many months as some minor features and the skin as well as the training of publisher level users could be done without making a detaled group policy or implementing and testing the various tools. Now that these are basically done, the real fun begins and I'm daunted.
First, account creation and login procedures themselves have to be secure. I was thinking of using http://www.pmwiki.org/wiki/Cookbook/SwitchToSSLMode for this. Second, users have to be able to sign themselves up. I tried http://www.pmwiki.org/wiki/Cookbook/UserAdmin But didn't get very far with it at all. Third, we need to be able to collect data on users and securely store user profiles. I played with http://www.pmwiki.org/wiki/Cookbook/AuthProfile But it didn't work out, and I'm not sure it's either as secure or robust as I need it to be. A better option might be http://www.pmwiki.org/wiki/Cookbook/AuthUserDbase but it has three or four dependencies, and then you still have to do something to allow each user access to his or her own information. That would probably be http://www.pmwiki.org/wiki/Cookbook/DataQuery All that, even before I start on the value added services that would make people want to sign up. For that, I really wanted to use http://www.pmwiki.org/wiki/Cookbook/ZAP because of it installes a lot of the functions I want all at oncc and has a handler for account creation and logins. I installed it, but I couldn't make a simple loging page work despite going over the documentation very thoroughly. Seeing that it's last update was in 2007, it may be safe to assume the issue isn't all my fault and that compatibility issues have crept in. I looked at fox forms. Fox is heavily moduler, meaning you don't have to take a bunch of crap you don't want to get the features you do want. Or, you have to spend a bit more time installing and testing each feature you want separately. All depending on your point of view. It doesn't have some of the features I want, such as signup and login, a shopping cart, or paypal intergration, so I would have to go out and install other recipes anyway. That's why I'm not kean on it despite the fact that it seems to be up to date and very powerful in it's own right. It's super important to me to get this right, but I am daunted by the sheer number of recipes available, the fact that some are pretty old or in alpa or beta stages and haven't been updated in years, and the need to have the proper workflow order for putting all this stuff in. ANy tips you can give me to save time would be very much appreciated. Thanks and regards, Erik _______________________________________________ pmwiki-users mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-users
