|
[dokuwiki]
||
[Date Prev]
[03-2007 Date Index]
[Date Next]
||
[Thread Prev]
[03-2007 Thread Index]
[Thread Next]
[dokuwiki] Problem on auth_quickaclcheck
- From: "Miguel Pagano" <miguel.pagano@xxxxxxxxx>
- To: dokuwiki@xxxxxxxxxxxxx
- Date: Mon, 19 Mar 2007 18:13:27 -0300
Hi,
We have suffered some problems with uploading: nobody (even members of
the @admin group) can upload files in any namespace.
I tried to figure out what was going on and I think this bug is
somehow related with these two bugs: "aclquickcheck, auth_aclcheck
broken" [1] and "ACL broken after Apache upgrade?" [2]. We don't know
exactly what caused the problem, but as in [2] the server is running
Debian/Etch. I'm not sure whether to fill a new bug or not.
After glancing at some files, I decided to print out the result of
calling auth_quickaclchek in inc/media.php: the result turned to be
always "1", even when the user logged in belongs to the "superuser
group". As I had suspected of the auth_quickaclcheck function, I
printed the content of the $_SERVER variable (because the value of
$_SERVER['REMOTE_USER'] is used in auth_quickaclcheck): there was not
any "REMOTE_USER" field in the array $_SERVER (could this be caused by
the Apache upgrade mentioned in [2]?).
I'm not sure what is going on, but IMHO is not very elegant the way
the information about sessions is stored: why isn't the info (supposed
to be) in $_SERVER['REMOTE_USER'] in $USERINFO?
My workaround is this: using the user and group information from the
$_SESSION variable I call auth_aclcheck.
I hope my english is not so bad. Regards,
Miguel
[1] http://bugs.splitbrain.org/?do=details&id=1084
[2] http://bugs.splitbrain.org/?do=details&id=1012
--
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist
|
|
