Commit Graph

17 Commits (ff6433179e7b0d6d5c04ec09f648c619d16e4eb8)

Author SHA1 Message Date
Joey Hess e943812dc9 hashed password support, and empty password security fix
This implements the previously documented hashed password support.

While implementing that, I noticed a security hole, which this commit
also fixes..
2008-05-30 17:35:34 -04:00
Joey Hess 4745391360 * Change formbuilder hook to not be responsible for displaying a form,
so that more than one plugin can use this hook.
  I believe this is a safe change, since only passwordauth uses this hook.
  (If some other plugin already used it, it would have broken passwordauth!)
2007-12-12 03:15:30 -05:00
joey 739325834b * Fix some bugs in password handling:
- If the password is empty in preferences, don't clear the existing
    password.
  - Actually check the confirm password field, even if it's left empty.
2007-05-17 08:06:05 +00:00
joshtriplett b8d7ae91d0 * Add an account-creation password as a simple anti-spam mechanism. If
set in the wiki setup, passwordauth will require the password in
  order to create an account.
2007-05-09 02:05:32 +00:00
joey 9026ae05c2 * Fix a bug that prevented clearing email or subscriptions. 2007-04-30 21:32:24 +00:00
joey f46c35f46f correct size of name field in initial login form (same size as password) 2007-04-30 21:10:14 +00:00
joshtriplett fafaa119cf Revert passwordauth fieldset and doc to avoid 2.0 regressions; need to re-evaluate after 2.0. 2007-04-30 04:08:06 +00:00
joshtriplett 40365e1aee * Group passwordauth fields with a fieldset as well. Add a new
passwordauth page to the basewiki describing password
  authentication; like openid, it uses conditional to check which
  forms of authentication the wiki allows.  Add conditional cross-
  links between the openid and passwordauth pages, to help the user
  understand how they can log in.
2007-04-30 02:26:50 +00:00
joey 64f798786e I don't think this comment adds much 2007-04-29 22:18:02 +00:00
joey 93c6d2c340 * Use fieldsets in the preferences form to group related options together.
Especially cleans up the ordering of the admin's preferences form.
2007-04-29 21:57:25 +00:00
joey ee1ad53c4c * pagespec_match() has changed to take named parameters, to better allow
for extended pagespecs. The old calling convention will still work for
  back-compat for now.
* The calling convention for functions in the IkiWiki::PageSpec namespace
  has changed so they are passed named parameters.
* Plugin interface version increased to 2.00 since I don't anticipate any
  more interface changes before 2.0.
2007-04-27 02:55:52 +00:00
joey d4c61b7281 * Many changes to make ikiwiki very resistant to write failures
including out of disk space situations. ikiwiki should never leave
  truncated files, and if the error occurs during a web-based file edit,
  the user will be given an opportunity to retry.
  Inspired by the many ways Moin Moin destroys itself when out of disk. :-)
* Fix syslogging of errors.
2007-02-15 02:22:08 +00:00
joey 762ecf9461 missing IkiWiki:: 2007-02-03 02:07:03 +00:00
joey 5f162cfd34 * Add canedit hook, allowing arbitrary controls over when a page can be
edited.
* Move code forcing signing before edit to a new "signinedit" plugin, and
  code checking for locked pages into a new "lockedit" plugin. Both are 
  enabled by default.
* Remove the anonok config setting. This is now implemented by a new
  "anonok" plugin. Anyone with a wiki allowing anonymous edits should
  change their configs to enable this new plugin.
* Add an opendiscussion plugin that allows anonymous users to edit
  discussion pages, on a wiki that is otherwise wouldn't allow it.
* Lots of CGI code reorg and cleanup.
2007-02-02 02:33:03 +00:00
joey 912521ef07 * Initial work on internationalization of the program code. po/ikiwiki.pot
is available for translation.
* Export gettext() from IkiWiki module.
2006-12-29 04:38:40 +00:00
joey 4a40b5f9d5 bugfixen 2006-11-22 04:26:44 +00:00
joey c24be1b752 add 2006-11-20 20:55:37 +00:00