I'm using the last LTS Tikiwiki version (18.1) on Apache 2.2/PHP 5.6/Mysql 5.5.
I configured Tikiwiki with "Web server" authentication method.
Using Firefox (no problems with Chrome), when I logout from Tikiwiki, the browser alert me with this popup:
"You are about to log in to the site "ww.example.com" with the username "admin", but the website does not require authentication. This may be an attempt to trick you.
Is "www.example.com" the site you want to visit?"
Looking at code, I found this suspect line (336) of "lib/userslib.php" :
header('Location: ' . str_replace('//', '//admin:@', $url)); // simulate a fake login to logout the user
To help developers solve the bug, we kindly request that you demonstrate your bug on a show2.tiki.org instance. To start, simply select a version and click on "Create show2.tiki.org instance". Once the instance is ready (in a minute or two), as indicated in the status window below, you can then access that instance, login (the initial admin username/password is "admin") and configure the Tiki to demonstrate your bug. Priority will be given to bugs that have been demonstrated on show2.tiki.org.
To help developers solve the bug, we kindly request that you demonstrate your bug on a show.tikiwiki.org instance. To start, simply select a version and click on "Create show.tikiwiki.org instance". Once the instance is ready (in a minute or two), as indicated in the status window below, you can then access that instance, login (the initial admin username/password is "admin") and configure the Tiki to demonstrate your bug. Priority will be given to bugs that have been demonstrated on show.tikiwiki.org.
filename | created | hits | comment | version | filetype | ||
---|---|---|---|---|---|---|---|
No attachments for this item |