Gossamer Forum
Home : Products : DBMan SQL : Discussion :

default user problems

Quote Reply
default user problems
Hey

I have tried to use the setup for users as described by "The Stone" in another tread:
Quote:

The Authorization Options should be set:

auth_no_authentication: No

auth_allow_default: view

auth_modify_own: Yes

auth_user_field: This is the field name in the database used for storing the userid who owns the record.

The URL of default user to view all records:
db.cgi?db=table_name&do=search_results&keyword=*&uid=default

TheStone.
Gossamer Threads Inc.

I still have the problem with a login prompt from the .htaccess file when the default user tries to view the records. What am I doing wrong??

I presume it has something to do with the templates is in the .htaccess protected directory, but how do I move them elsewhere - I can't find a place to change the path.

Help really needed

Niels
Quote Reply
Re: [nielsp] default user problems In reply to
Hi Niels

which directories have you protected with a .htaccess file? Is it possible that you've protected the cgi-bin folder where db.cgi is located (this would explain your problem)?

Please ensure that you're only protecting the admin subfolder -> the best thing ist to use the "Admin Password" option in the Setup menu to protect your admin panel.

Let me know if you can give us more information about your Apache configuration / .htaccess configuration or if this post already solves your problem.

Good luck
Smileliver
Quote Reply
Re: [olivers] default user problems In reply to
Hi Oliver

I had hoped that it was an error of the kind you described that was the problem, but as far as I can see everything is placed right.

My root folder is: (/ is a directory)
.htaccess
/admin
ChangeLog
db.cgi
/errordocs
gfx
/images
/img
/img_forside
index.php
/pdf

where the .htaccess handles errors

My admin folder is: (/ is a directory)
.htaccess
.htpasswd
admin.cgi
bases.pm
checksums.dat
constants.pm
/admin/Dbsql
Dbsql.pm
/admin/defs
/admin/GT
import.cgi
index.php
myserver-2.cgi
/admin/mysqlman
nph-email.cgi
phpinfo.php
/admin/Plugins
setup.cgi
/admin/templates
/admin/tmp

where the .htaccess and .htpassword is generated by the DbManSQL admin panel. The problem has something to do with the .htaccess and .htpassword in the admin folder. When they are active the .htaccess login prompt shows when I call the db.cgi?uid=default, but when I click on cancel I can browse the site.

I have tried on IE 6 (windows), Firefox(mac) where the problem exist. Safari on mac handle the site correctly.
Quote Reply
Re: [nielsp] default user problems In reply to
Hello again

htaccess authentication can be configured within the virtual host container of httpd.conf (the Apache configuration file) or in individual .htaccess files placed into directories. Can you tell us more about the content of the .htaccess files and/or httpd.conf?

Thanks
Oliver
Quote Reply
Re: [olivers] default user problems In reply to
I think I have solved the problem. I had put the .css files in same folder as the templates. After I moved them to the root folder, it looks like my problem is solved. Why I haven't thought of this before is a mystery...(or maybe not Wink )

Thanks for your help.
Quote Reply
Re: [nielsp] default user problems In reply to
I was having the same problem as described by Nielsp. Using following setup as suggested by TheStone, the default user URl does not show any records.
Quote:

The Authorization Options should be set:

auth_no_authentication: No

auth_allow_default: view

auth_modify_own: Yes

auth_user_field: This is the field name in the database used for storing the userid who owns the record.

The URL of default user to view all records:
db.cgi?db=table_name&do=search_results&keyword=*&uid=default

TheStone.
Gossamer Threads Inc.


It seems that the reason might be the code in Home.pm in Sub search_results. I changed the following code -

=========
# Check if users can view only their own record
if ( $self->{cfg}->{'auth_view_own'} and $self->{cfg}->{'auth_user_field'} and !$self->{user}->{admin_p} ) {
$self->{cgi}->{$self->{cfg}->{'auth_user_field'}} = $self->{user}->{'Username'};
$self->{cgi}->{"$self->{cfg}->{'auth_user_field'}-opt"} = '=';
}
=========

to

=========
# Check if users can view only their own record
if ( $self->{cfg}->{'auth_view_own'} and $self->{cfg}->{'auth_user_field'} and !$self->{user}->{admin_p} ) {
# if Statement introduced to enable displaying of records for default user, and not put the condition
if ( $self->{user}->{'Username'} ne 'default' ) {
$self->{cgi}->{$self->{cfg}->{'auth_user_field'}} = $self->{user}->{'Username'};
$self->{cgi}->{"$self->{cfg}->{'auth_user_field'}-opt"} = '=';
}
}
=========

It seems to work now. I am not certain if this is a correct solution or it will have some side effects. Would appreciate if TheStone or someone from GT can validate this, it would help many.

Thanks.