[pmwiki-users] DBauth question

Marc Cooper gmane at auxbuss.com
Tue Jun 27 02:52:37 CDT 2006 

The Editor said...
> Hi all!
> 
> On a related note... I'm wondering if someone could give me more
> detailed information about using dbauth for user authentication.

The plan is to replace dbauth with authuser_dbase. I was working on this 
with the author, Ben, but he is in the middle of some academic work, and 
I've not heard from him in a while. That said, dbauth does the same 
thing, the new version has a few tweaks that, for example, allow you to 
put the variables in your config.php rather than having to edit the 
recipe.

> Namely, how do I create the database

dbauth was intended to be used with an existing database, I believe. It 
only supports MySQL; Postgres is included in the new version.

To create the db, you will need MySQL installed. You can then create a 
table with only two fields - for the user name and password. The 
password should be encrypted with MD5 or SHA1 - MySQL will do this for 
you.

Something like:

CREATE TABLE `myusers` (
`userid` INT( 11 ) NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`username` TEXT NOT NULL ,
`userpass` TEXT NOT NULL ,
`realname` TEXT ,
`email` TEXT
) TYPE = MYISAM ;

BTW, for web-based MySql admin, try installing phpMyAdmin - it's pretty 
much ubiquitous for hosted sites, I believe.

> and what exactly do I need to do
> to link to it. The instructions seemed a bit sparse.

To connect to the db, you will need to amend the values of $dbauth in 
dbauth.php to reflect your db and table. Something like:

  $dbauth = array(
	  'host'      => 'localhost',
	  'db'        => 'mydb',
	  'user'      => 'dbuser',
	  'password'  => 'dbuser_password',
	  'table'     => 'myusers',
	  'userfield' => 'username',
	  'pwfield'   => 'userpass' };

I'd also comment out the $AuthForm lines in dbauth.php, since this 
overrides Site.AuthForm and it's easier to manage this within PmWiki, 
imo.

> Also, is there someway to automatically write to it from within
> PmWiki?

No, dbauth is a read-only thing. to write to the db, you need to put on 
your coding hat.

> I'm using a modified version of the FAST Membership
> (newuser.php) recipe which writes the user name and password to a
> htpasswd file, and was wondering if I couldn't just change a line or
> two to have it write to the database instead.

Probably, though it will be a few more lines, especially if you add 
error checking.

> My current system works
> fine, but is a htpasswd file really plausible if you have say a 1000
> users?  Or would it be a bit slow?

Can't help with that.

> I suppose there's no reason you couldn't have multiple fields in the
> database for each user.

No reason at all. In addition, I have my own version of dbauth in 
which I perform a range of functions against the database at login and 
store what I need in session variables, so that I don't need to go to 
the db repeatedly.

> And you could write to them in exactly the
> same way.  But how hard would it be to retrieve some specific database
> variable for a given user on a page?

It's not hard - once you are familiar with handling a database via PHP, 
of course. The way to go about this is to use, and build on, a library 
of PHP database access functions (i.e. some PHP code that you 
'include'). Try to avoid embedding db code in your scripts - imo, YMMV, 
etc.

> And lastly, are there some
> wiki-based admin interface for editing the database, or would it all
> have to be manually edited?

Not yet ;-) This is actually what I was trying to do yesterday, but it's 
early days in my PmWiki script writing career, so I'm still tripping 
over myself on some of the PmWiki basics.

In a nutshell, I'm converting some "old" authentication, authorization 
and account admin code, which I use elsewhere, to PmWiki. It does all 
the account generation, email verification, forgotten you password, 
change password stuff. It's probably possible to turn this into a 
recipe, but I don't know enough PmWiki yet to be confident.

For PmWiki, I'm planning on providing users an 'Account admin' page. 
With page customization, PmWiki forms and a few cookbook function with 
markup, that looks to fairly straightforward.

However, as I asked elsewhere, I'm stuck on a really, really basic 
PmWiki lack of knowledge thing :-(

Hope that helps more than confuses. Good luck.

-- 
Best,
Marc

More information about the pmwiki-users mailing list