Vanilla 1.1.10 is a product of Lussumo. More Information: Documentation, Community Support.
create table plogger_user_groups (
groupname varchar(50) primary key,
password varchar(50)
);
alter table plogger_albums add groupname varchar(50) default 'default_group';
insert into plogger_user_groups (groupname) values ('default_group');
alter table plogger_albums add foreign key (groupname) references plogger_user_groups(groupname);
<?php
/*
This file is part of an addition
to plogger made by Dylan Moore.
© 2009 by Dylan Moore
*/
session_start();
$_SESSION['referer'] =
isset($_SERVER['HTTP_REFERER'])
? $_SERVER['HTTP_REFERER'] : '';
?>
<html>
<head>
<title>Please login.</title>
<style type="text/css">
table
{
background-color:cornflowerblue; //login box color
}
body {background-color:white} //background color
</style>
</head>
<?php
if (isset($_GET['msg']) && $_GET['msg'] == "noauth") {
echo "Problem with username/password";
}
?>
<table width="50%" border="0">
<form name="form1" method="post" action="plog-auth-continue.php">
<tr><td colspan="3" align="center">
<?php
if( isset($_GET['group']) ) {
echo "Password required for content marked as: "
. '<b>' . $_GET['group'] . '<br>';
}
?>
</td></tr>
<tr>
<td align="right">Password</td><td align="center">:</td>
<td><input name="passw" type="password" id="passw"></td>
</tr>
<tr>
<td colspan="3" align="center"><input type="submit" name="Submit" value="Login"></td>
</tr>
</form>
</table>
</html>
<?php
session_start();
$formpassw = $_POST['passw'];
// protects against MySQL injection
// and md5 's the password
$formpassw = stripslashes($formpassw);
$formpassw = mysql_real_escape_string($formpassw);
$formpassw = md5($formpassw);
//------------------------------------------------
$_SESSION['password'] = $formpassw;
if( isset($_SESSION['referer']) ) {
header("location:".$_SESSION['referer']);
}
else {
header("location:index.php");
}
?>
function auth_album() {
if( $GLOBALS['plogger_level'] == 'picture' ||
$GLOBALS['plogger_level'] == 'album' ) {
$sql = 'select * from '
. 'plogger_user_groups u, plogger_albums a where '
. 'a.id=' . $GLOBALS['plogger_id']
. ' and u.groupname = a.groupname';
connect_db();
$sql_result = run_query( $sql );
$ret = mysql_fetch_assoc($sql_result);
$password = $ret['password'];
if( isset( $password )){
$groupname_ending
= 'group=' . $ret['groupname'];
//echo "db pw == " . $ret['password'] . '<br/>';
//echo "dialog pw == " . $_SESSION['password'];
// if there is a password for this album
// but no password has been set by the user,
// go to password dialog
if( !isset($_SESSION['password']) ) {
header('location:plog-auth.php?'
. $groupname_ending );
}
// otherwise, check the password
else if( $password != $_SESSION['password'] ) {
header('location:plog-auth.php?'
. $groupname_ending . '&msg=noauth');
}
}
}
}
...
// Authenticate if necessary
auth_album();
// Initialize Plogger
plogger_init();
// Throw 404 headers if a 404 error has occurred
if ($GLOBALS['plogger_level'] == '404' && !headers_sent()) {
...
INSERT INTO plogger_user_groups (groupname, password) VALUES ('group_name_here', md5('password_here'));
UPDATE plogger_albums SET groupname='group_name_here' WHERE name='album name here';
Posted By: georgeHello all
I have installed the password protection for each album per instructions of dzmoore in this post: http://www.plogger.org/forum/discussion/1430/howto-password-protect-albums/#Item_0 .
However I can't get it to work. (I don't understand the last insturction).
Can anyone help? Please!
INSERT INTO plogger_user_groups (groupname, password) VALUES ('group_one', md5('a_passw3rd_f0r_gr0up1'));
UPDATE plogger_albums SET groupname='group_one' WHERE name='partying';
<? echo realpath("rp.php"); ?>
ErrorDocument 401 "http://upload.wikimedia.org/wikipedia/commons/c/ce/Transparent.gif"
AuthUserFile absolute/path/to/htpassword/file
AuthGroupFile /dev/null
AuthName "Restricted access"
AuthType Basic
<LIMIT GET POST>
Require valid-user
</LIMIT>
1 to 23 of 23