News

I am playing with LDAP for some IMAP stuff I am doing at work. Eventually I will need to have Geeklog and my IMAP server work together so that account creation, password updates and authentication work seemlessly between the two.

For that it seems that using LDAP makes the most sense. Aside from that it would take Geeklog a long way from being a toy for Geeks to a realistic intranet solution for businesses and organizations that already use LDAP.

On the other hand adding LDAP support could break the KISS principle (Keep-it-Simple-Stupid). What are the pros and cons to adding the LDAP authentication to Geeklog? Would you use it or would it be just a waste of time?

There is a small but nasty security bug with fresh installations of Geeklog 1.3. This only pertains to fresh installations of Geeklog 1.3. Turns out with fresh installations, the data includes one orphaned group_assignments record with a user ID of 13. Geeklog\'s user table with on a fresh installation only has 12 users. So the first user that creates an account has access to the GroupAdmin Group and, subsequently, the UserAdmin Group.

If you have already installed a fresh version of Geeklog 1.3 then you need to edit the user with a uid of 13. To get that, do a \"SELECT username FROM users WHERE uid = 13\" in your favorite MySQL editor. Then in the admin/users.php page edit that user and uncheck both the GroupAdmin Group AND the UserAdmin Group and be sure to leave the Normal User and Logged-in User boxes checked.

Thanks to whoever posted that nasty on our SourceForge site.

Ok, so 1.3 has been on the market now for a few weeks and many of you have started tweaking your site by modifying the templates and what not. But now what? Well, I thought I'd write a quick how-to with a real life example on using a Geeklog PHP block.