Last modified: 2010-05-15 15:33:48 UTC

Wikimedia Bugzilla is closed!

Wikimedia has migrated from Bugzilla to Phabricator. Bug reports should be created and updated in Wikimedia Phabricator instead. Please create an account in Phabricator and add your Bugzilla email address to it.
Wikimedia Bugzilla is read-only. If you try to edit or create any bug report in Bugzilla you will be shown an intentional error message.
In order to access the Phabricator task corresponding to a Bugzilla report, just remove "static-" from its URL.
You could still run searches in Bugzilla or access your list of votes but bug reports will obviously not be up-to-date in Bugzilla.
Bug 3605 - wgWhitelistEdit
Product: MediaWiki
Classification: Unclassified
Page editing (Other open bugs)
Macintosh Linux
: Normal normal (vote)
: ---
Assigned To: Nobody - You can work on this!
Depends on:
  Show dependency treegraph
Reported: 2005-10-04 23:33 UTC by Robert Carter
Modified: 2010-05-15 15:33 UTC (History)
1 user (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Description Robert Carter 2005-10-04 23:33:18 UTC
It appears that the wgWhitelistEdit directive fails to have any effect in
MediaWiki 1.4.10.

I have tracked the problem to EditPage.php

Lines: 55
		if ( !$wgUser->getID() && $wgWhitelistEdit ) {
Lines: 206
			if ( !$wgUser->getID() && $wgWhitelistEdit ) {

It seems that the boolean should use || rather than && to have the desired
effect. I have modified my version of the scipt and it seems to work. Prior to
this I could edit regardless of whether I was logged in or not.

Running on Red Hat Linux.
    MediaWiki ( 1.4.10 
    PHP ( 4.3.9 (apache) 
    MySQL ( 4.0.23a-log
Comment 1 Brion Vibber 2005-10-04 23:40:24 UTC
Those lines look correct; using || would be incorrect.

Here's the truth matrix:

Is anon, whitelist off: can edit
Not anon, whitelist off: can edit
Is anon, whitelist on: can't edit -> show 'not logged in' page
Not anon, whitelist on: can edit

As you can see this is a boolean 'and' operation.

Can you detail the exact settings you tried and exactly what you tried that "fails to 
have any effect"?
Comment 2 Robert Carter 2005-10-05 00:03:03 UTC
Here is the modified lines from my LocalSettings file:

# -------------- Manual changes ----------------
$wgDisableAnonTalk = true;
$wgDisableUploads = false; # Uploads have to be specially set up to be secure
$wgCheckCopyrightUpload = true;
$wgRawHtml = true;
$wgUserHtml = true;
# See the implimentation of this class for hooks to UoA LDAP
$wgAuth = new AuthPlugin();
$wgWhitelistEdit = true;   # true = user must login to edit.
# -------------- End manual changes ----------------

I'm also running a MediaWiki 1.4.4 on another web site and the WhiteList
function works ok on that one. When I grep for the wgWhitelistEdit on both
versions I get the same code.

I've also checked for global scope but that seems ok.

Could SpecialSitesettings.php have any effect? It seems to be disconnected at
Comment 3 Brion Vibber 2005-10-05 00:14:16 UTC
I tried pasting the above settings into my 1.4 test wiki's configuration,
replacing the require_once for your authentication plugin with a reference
to the built-in includes/AuthPlugin.php.

It appears to work as expected: trying to edit a page when not logged in,
I receive the 'Login required to edit' prompt.

Can you try it without the custom auth plugin? Also check that your plugin
works correctly; you seem to be creating an instance of the base AuthPlugin
class. Is that your intention?
Comment 4 Robert Carter 2005-10-05 00:20:04 UTC
With the new instance of the AuthClass removed the wiki behaves as expected.
Thank you for your help.

Note You need to log in before you can comment on or make changes to this bug.