From 9bb481ccd7c1dc4ec3bac428c6c76b073730d0ec Mon Sep 17 00:00:00 2001 From: desci Date: Thu, 14 Apr 2016 17:14:47 -0400 Subject: [PATCH] --- ..._edit_caused_lock_out_on_entire_site_.mdwn | 53 +++++++++++++++++++ 1 file changed, 53 insertions(+) create mode 100644 doc/bugs/Anon_edit_caused_lock_out_on_entire_site_.mdwn diff --git a/doc/bugs/Anon_edit_caused_lock_out_on_entire_site_.mdwn b/doc/bugs/Anon_edit_caused_lock_out_on_entire_site_.mdwn new file mode 100644 index 000000000..dc79bba4e --- /dev/null +++ b/doc/bugs/Anon_edit_caused_lock_out_on_entire_site_.mdwn @@ -0,0 +1,53 @@ +Probably caused by something misconfigured about the [[plugins/comments]] plugin. + +--- + +## Config + +My setup file: + + # comments plugin + # PageSpec of pages where comments are allowed + comments_pagespec: forum/* or blog/posts/* or tarefa/* + # PageSpec of pages where posting new comments is not allowed + comments_closed_pagespec: '' + # Base name for comments, e.g. "comment_" for pages like "sandbox/comment_12" + comments_pagename: comment_ + # Interpret directives in comments? + #comments_allowdirectives: 0 + # Allow anonymous commenters to set an author name? + comments_allowauthor: 1 + # commit comments to the VCS + comments_commit: 1 + # Restrict formats for comments to (no restriction if empty) + comments_allowformats: mdwn txt + +The `moderatedcomments` plugins is **not** enabled + +The `anonok` plugin is **not** enabled + +--- + +## Steps + +I've tried to place a comment clicking in the obvious [Add a comment](https://dev.iikb.org/ikiwiki.cgi?do=comment&page=forum%2FTema_bootstrap) in a [forum post](https://dev.iikb.org/forum/Tema_bootstrap/). + +I've not signed in because the *sign in* page didn't come up, instead a simple `(You might want to Signin first?)` showed up, which I've haven't read and commented away. + +--- + +## Results + +As a consequence of that, the user '' - that's a null character, have somehow logged in and it seems that there is no way to [log it out](https://dev.iikb.org/ikiwiki.cgi?do=prefs). + +None of this phantom user edits are being commited - this [blog post](https://dev.iikb.org/blog/posts/Bug_severo_neste_site/) was made with that user logged in via web. + +It seems I can't log out from nowhere. I've rebuild the wiki from the command line and restarted the nginx server, the phantom user remains logged in and open to anyone willing to edit away the wiki. + +--- + +## Conclusion + +If I wanted to do a totally anonnymous wiki, this would be the best setup ever. + +For [this particular installation](https://dev.iikb.org), that's not the case. -- 2.39.5