password protect entries?

[yrstruly]

i tried adding a password to my blog directory directly from my host. it seemed to work but wouldn't let me open the login screen.

so i disabled the password and now i can't open anything. the main blog page opens (i.e. my most recent posts) but when i try to do anything (open admin screen, look at comments, go to calendar, etc.) i get error messages saying that the requested url isn't found on the server.

is this a problem with the upgrade? i was able to open the admin screen before i messed around with password protection.

any ideas?

thanks.

melanie.

[yrstruly]

i also can't find an "extended properties for entries" plugin. is it under event or sidebar plugins?

thanks.

melanie.

[yrstruly]

sorry, one more thing i forgot.

when i last wrote about template problems i then left my house for a while. when i came back i saw your response and went to my blog. my template was there - but not in its correct form. it was very raw and not formatted correctly.

also, just so you know, my url is yrstruly.net/blog

thanks.

[garvinhicking]

First off, by adding password protection you deleted the .htaccess file. But serendipity needs that to work properly!

Now you need to login to "serendipity_admin.php", go to configuration, and then set URL Rewriting to "None". Then you don't need .htaccess and you can put in your passwordprotection.

The extended properties plugin is under Event plugins.

Your template problem will also be fixed once you turn of URL rewriting and wit that fix the .htaccess issue.

Regards,
Garvin

[yrstruly]

garvin:

thanks for all your help. i changed the url re-writing and everything was fixed.

i then re-added the password protection through my host but it doesn't seem to have taken. could this be a result of the url re-writing?

or is this a matter to take up with the host?

again, thanks for everything. you've been great and i really appreciate your promptness with responses.

melanie.

[garvinhicking]

Great that this now works.

How does your .htaccess file now look like? Changing the URL Rewriting overwrites your .htacces file so you might need to re-upload your file so that the password protection can be activated...

Also check if you can write to your .htaccess file or if it maybe didn't get changed when you enabled password protection?

Regards,
Garvin

[yrstruly]

garvin:

thanks for the reply.

where is the .htaccess file? i'm looking all over the directory and cannot seem to locate it.

also, you say that i may need to re-upload the file. should i do that from the back-up i made of the files before i did the upgrade or do i do it from elsewhere?

finally, you asked what the .htaccess file now looks like. what should it look like so that i know what i'm looking for?

thanks.

melanie.

[garvinhicking]

The .htaccess file is in your base serendipity directory. You cannot see the file if your FTP Utility is not properly configured, or if your FTP server is hiding them from you. Which FTP program are you using? SmartFTP doesn't hide those files...

If all fails you can write a simple "htaccess.php" file with those contents:

Code: Select all

<?php
echo file_get_contents('.htacces');
?>

Save that iny our s9y root and call the file via http://yourhost/htaccess.php, then you'll see the contents.

I don't know how you created the password protection, so I don't know where you need to upload the file from. You just need to take care you don't upload an old version which contains Serendipity's directives for URL Rewriting. Basically your .htaccess should only look something like this:

Code: Select all

AuthType Basic
AuthName "Authorisation: User erforderlich"
AuthUserFile /etc/passwd
require valid-user

If you see "DirectoryIndex index.php" and other directives, those come from Serendipity and would not be needed. I can tell you more once you show me how your .htaccess looks like.

Regards,
Garvin

[yrstruly]

garvin:

the file was hidden. here is what my .htaccess looks like:

AuthType Basic
AuthUserFile /home/yrstruly/yrstruly.net/blog/.htpasswd
AuthName "yrstruly's blog"
require valid-user

so, it essentially looks like yours. i'm not sure what the authname is supposed to be. in my .htaccess file, it's the name of the directory that's meant to appear in the pop-up (this is all from my set-up page with my host).

any ideas?

thanks.

melanie.

[yrstruly]

it all seems to be working now. maybe the cookies kept the original log-in or something. i have no clue.

so no need to respond. but again, thanks for everything.

melanie.

[garvinhicking]

ah, okay. The login is saved until your browser is closed, so that was the reason.

Have fun with Serendipity!

Regards,
Garvin

[Thomas]

A word on giving read access to certain user groups:
it would be interesting to have a simple user- and group management in 0.9, if not already implemented. This would give the webmaster the change to allow users to register themself into a read-only group. The register plugin should be modified so, that it puts the users into this read-only group.

Im not satisfied with the current situation that self-registered users are automatically co-authors. Well, at least if they wanna post something it must be approved, if I'm right. But anyway...

Just my 5 cents ... as always ...

[garvinhicking]

Hio Thomas!

it would be interesting to have a simple user- and group management in 0.9, if not already implemented.

Already implemented some months ago.

The register plugin has not yet been adapted. I'm missing the time to do that. But it's not so much work.

Im not satisfied with the current situation that self-registered users are automatically co-authors. Well, at least if they wanna post something it must be approved, if I'm right. But anyway...

That plugin already allows for an option to [x] User may not do anything, so that is basically already sufficient so that a user cannot do anything.

Regards,
Garvin

[Thomas]

Hi Garv,

I'd like to thank you at this point for your phantastic and superfast support. And congratulations, S9Y gets more and more professional and popular. *clap*clap*.

I installed the "Self-registration" plugin and see USERCONF_CREATE in all language versions. What does it mean?

Another issue: I tested once again the plugin for adding a user. Honestly: it does not satisfy me. The user can log in, great, but he sees too much in the admin panel. He sees the whole media gallery, can do a couple things which is actually a too high level of view to a dummy user who should just log in to see entries on the blog.

Regards, Thomas

[garvinhicking]

Oh, I'm sorry. It seems the USERCONF_CREATE stuff requires Serendipity 0.9 (an very early version, though). :-/

That's why he sees so much stuff still, it's because s9y 0.8 doesn't support that config option.

Regards,
Garvin