Extension talk:PasswordProtected

From mediawiki.org
Jump to navigation Jump to search

When attempting to use this extension, I followed the directions, and ended up with the following error:

Parse error: syntax error, unexpected $end in /home/.keewer/mohnkern/wiki.mohnkern.com/extensions/passwordpages.php on line 189

The Script does not even have 189 lines. Have a look at your code.

The Extension is usless, as anyone can click on "edit" and can see the content of the page. It protects only from editing pages.

Also, it breaks logging in. I would not recommend.

I also experienced this... it shows a nice Lock/Unlock, but you can always see the content in the source/edit-field, which makes it a no-go for private information. However, I hope the author can add a View Source restriction.


I added this and it protects every page I try to create. I don't recommend. TheNewPhobia 18:56, 30 November 2008 (UTC)

bad joke : you can see the page when you click on 'edit'

I tried it, and protect the page, but not the source code.

However, the worst thing in it is that any user can upload any file.

It's a great idea, but it need some changes ;)

This is about as secure as leaving your wallet in plain sight of a thief and telling them "don't take my wallet" as you look away. It shows the password in plain text in the "View Source" tab as well as in the descriptive text when you search for the page if you put it within the first few lines of the page.

But it provides a good "weak" password protection solution[edit]

MediaWiki isn't really designed to have password-protected areas, but this extension provides a good quick solution for the problem of needing password protected pages. And as far as I can tell, as long as you've disabled editing and viewing the source by users (and allow only sysops), then this really is an effective password protection solution. Am I correct? --PicklePower 04:04, 2 July 2009 (UTC)

If you have time to further the code[edit]

I don't have the time but if you disable the view/edit tab as in something like the 'hide edit tab while editing extension' does. This will stop 95% of users from editing the page. Although, if someone types in 'edit&section=' to the URL to look at the data they then still be able see the password but if you wanted that kind of security just run wiki on an intranet. However, if you further code in to stop that edit/view page action with an conditional statement and it first sees if there's password to begin with, this will prevent it. They can still view source through their browser but you can then put the password in a hidden password html php form when the page is accessed instead of a with the password in the tag then you have your secure page.

The form can mail the password, confirm the password and user, ask permission through an email of the author of tag or parser (which now doesn't have the password in it) to page access.

Such as:

<password>form="My_Form" user="My_User_Name"</password>


{{#password | My_Form | My_User_Name}} 

I hope this helps for someone to get it started in the right direction.--iWiki 20:22, 16 July 2009 (UTC)


Guys! I mean the author of this code - why do you think that making weak code you are doing the right thing? I would rather beat you after hundreds of hours spent in setting up your extension AND FINALLY DISCOVER THAT ONCE PAGE COVERED WITH PASSWORD YOU WILL NEVER DELETE IT!!!!!!!!!!!!!!! Access to Depassword Special Page returns:

Catchable fatal error: Argument 1 passed to Article::__construct() must be an instance of Title, null given, called in /usr/local/www/apache22/data/wiki2/extensions/passwordpages.php on line 143 and defined in /usr/local/www/apache22/data/wiki2/includes/Article.php on line 50


Work with database[edit]

you can delete protected pages in database. For quick search by title edit passwordpages.php in line 52.
$db->query("INSERT INTO `{$wgDBprefix}protect_pages` (`pageid`,`password`) VALUES ('".$wgTitle->getArticleID()."','".$input."')");


$db->query("INSERT INTO `{$wgDBprefix}protect_pages` (`pageid`,`password`,`mytitle`) VALUES ('".$wgTitle->getArticleID()."','".$input."','".$wgTitle."')");

And use this query

CREATE TABLE `protect_pages` (

 `pageid` int(3) NOT NULL,
 `password` blob NOT NULL,
 `mytitle varbinary(255) NOT NULL


Author: zi0n