< Path Variables | Variables | Upload Variables >
$AllowPassword
@nopass
" instead. If your wiki is old and/or may contain pages with the "nopass
" password, you should not change it. If that variable is empty or set to false, PmWiki will not check if pages have a special "allowed password".
$AuthUserPageFmt
$DefaultPasswords
$DenyHtaccessContent
.htaccess
files created by PmWiki in new directories under wiki.d
. The Apache server changed these directives in version 2.4. The default value should work for both new and older server versions.
:$EnablePostAttrClearSession: A switch to control whether or not changing a page's attributes causes any existing passwords to be forgotten. The default is that changing attributes forgets any passwords entered; this can be changed by setting $EnablePostAttrClearSession to zero.
$EnableSessionPasswords
$SetCookieFunction
pmsetcookie()
. Should accept the same arguments as pmsetcookie()
.
$EnableCookieSecure
pmsetcookie()
.$EnableCookieHTTPOnly
pmsetcookie()
.$CookieSameSite
pmsetcookie()
, default to 'Lax'. See article about the implications.
:$SessionEncode: Function to use to encode sensitive information in sessions. Set this to NULL if you want to not use any encoding. (See also $SessionDecode below.)
:$SessionDecode: Function to reverse the decoding given by $SessionEncode above. Set this to NULL if sensitive session values are not encoded.
$HandleAuth
config.php
you need to be authenticated as editor in order to view the page history:
$HandleAuth
['diff'] = 'edit';
$PageAttributes
$AuthLDAPBindDN
:$AuthLDAPBindPassword:For [[AuthUser]] with LDAP authentication, this specifies the password used for binding (in conjunction with $AuthLDAPBindDN above).
$AuthLDAPReferrals
$MultiFactorAuthFunction
AuthUserId()
if the password authentication has succeeded. This function is called with arguments the username and password, and should return true if the 2FA has succeeded, false otherwise.
$FailedLoginsFunction
:$EnablePublishAttr:Adds a new "publish" authorization level to distinguish editing of drafts from publishing - See $EnableDrafts.
$EnablePageVarAuth
:$RobotActions: An array controlling which [[AvailableActions|actions]] can be reached by web bots. The array keys are the actions, if the value is 1 or true then the action is reachable. If an action is not defined as a key, or if the value for that key evaluates to false or zero, when a bot requests this action it will be refused. By default, only the actions "browse", "rss" and "dc" are reachable by bots. For example:
%hlt php%@@$RobotActions['download'] = 1; # allow bots to download files with disabled $EnableDirectDownload (page permissions are respected)
# disallow bots from getting the RSS feed
%hlt php%@@$RobotActions['rss'] = 0;
# allow bots to get the print view$RobotActions
['print'] = 1;
The variable can have custom actions used by cookbook recipes as keys.
$RobotPattern
$EnableRobotCloakActions
?action=
values from page links returned to robots, which will reduce bandwidth loads from robots even further.
if ($action == 'download') $AuthFormRespCode = 403;
See also:
< Path Variables | Variables | Upload Variables >