Difference between revisions of "Configure wiki security"
m |
(Error reporting) |
||
| Line 1: | Line 1: | ||
<noinclude>{{Procedure}}</noinclude> | <noinclude>{{Procedure}}</noinclude> | ||
| + | == Error reporting == | ||
| + | Error details should only be sent to sysops. A plain error message should be presented to all other users. The following can be added to ''LocalSettings.php'' to set this up. This snippet refers to an ''error.php'' file such as [http://svn.organicdesign.co.nz/filedetails.php?repname=extensions&path=%2Ferror.php this one]. | ||
| + | {{code|<php> | ||
| + | $wgExtensionFunctions[] = 'wfErrorReporting'; | ||
| + | function wfErrorReporting() { | ||
| + | if( in_array( 'sysop', $wgUser->getEffectiveGroups() ) ) { | ||
| + | ini_set("display_errors", "on"); | ||
| + | ini_set("error_reporting", E_ALL ); | ||
| + | $wgShowExceptionDetails = true; | ||
| + | $wgShowSQLErrors = true; | ||
| + | } else { | ||
| + | ini_set("display_errors", "off"); | ||
| + | $wgShowExceptionDetails = false; | ||
| + | $wgShowSQLErrors = false; | ||
| + | set_exception_handler( 'wfDisplayError' ); | ||
| + | set_error_handler( 'wfDisplayError' ); | ||
| + | } | ||
| + | } | ||
| + | |||
| + | function wfDisplayError() { | ||
| + | global $wgOut; | ||
| + | $wgOut->disable(); | ||
| + | wfResetOutputBuffers(); | ||
| + | $code = 500; | ||
| + | include( dirname( __FILE__ ) . "/error.php" ); | ||
| + | }</php>}} | ||
== Protecting files == | == Protecting files == | ||
Revision as of 00:16, 3 March 2012
|
Configure wiki security Organic Design procedure |
Error reporting
Error details should only be sent to sysops. A plain error message should be presented to all other users. The following can be added to LocalSettings.php to set this up. This snippet refers to an error.php file such as this one.
Protecting files
MediaWiki has a script called img_auth.php which is used to allow files to be protected. Requests to the image files are made via the img_auth.php script instead of into the image file structure, and the files are stored outside of web-accessible space. More information about the configuration can be found at MW:Manual:Image Authorization.
The setup is quite simple and just involves setting $wgUploadDirectory to the internal absolute location of the images, and $wgUploadPath to the external location of the img_auth.php script.
Unfortunately this method seems to have a problem with Friendly URL's, I had to patch the img_auth.php script so that the title part of the PATH_INFO would be extracted properly.
