Mercurial > judyates
comparison e2gallerypro/e2upload/password_protect.php @ 3:3f6b44aa6b35 judyates
[svn r4] added ability to buy stuff, from a Prints page, but it doesn't work well with the css, and it also has not been fitted into the perl make system.
| author | rlm |
|---|---|
| date | Mon, 22 Feb 2010 08:02:39 -0500 |
| parents | |
| children |
comparison
equal
deleted
inserted
replaced
| 2:670229c4eb4b | 3:3f6b44aa6b35 |
|---|---|
| 1 <?php | |
| 2 | |
| 3 ############################################################### | |
| 4 # | |
| 5 # Page Password Protect 2.13 | |
| 6 # MODIFIED FOR INCORPORATION WITH e2 Photo Gallery | |
| 7 # Name of cookie set has been changed from original script writers default to a specific name of e2verify | |
| 8 # Some instructions and notifications on this page have been altered to make things more clear | |
| 9 # Authors original login form has been altered to match original e2 login form | |
| 10 # | |
| 11 ############################################################### | |
| 12 # Visit http://www.zubrag.com/scripts/ for original unmodified script and updates | |
| 13 ############################################################### | |
| 14 # Usage: | |
| 15 # Set usernames / passwords below between SETTINGS START and SETTINGS END. | |
| 16 # Place Script inside e2 Photos gallery uploader folder | |
| 17 # Add include of this script to all files being protected on VERY FIRST LINE ON PAGE | |
| 18 # Example: include ('password_protect.php); | |
| 19 # | |
| 20 # Add following HTML code to your page where you want to have logout link | |
| 21 # <a href="http://www.example.com/path/to/protected/page.php?logout=1">Logout</a> | |
| 22 # | |
| 23 ############################################################### | |
| 24 | |
| 25 /* | |
| 26 ------------------------------------------------------------------- | |
| 27 SAMPLE if you only want to request login and password on login form. | |
| 28 Each row represents different user. | |
| 29 Each row requires a comma in the end of it execpt the last | |
| 30 | |
| 31 $LOGIN_INFORMATION = array( | |
| 32 'zubrag' => 'root', | |
| 33 'test' => 'testpass', | |
| 34 'admin' => 'passwd' | |
| 35 ); | |
| 36 | |
| 37 -------------------------------------------------------------------- | |
| 38 SAMPLE if you only want to request only password on login form so only passwords are listed and required to login | |
| 39 Note: You will have to modify line 59 of this code to read false, and replace lines 52-56 with the sample array below | |
| 40 | |
| 41 $LOGIN_INFORMATION = array( | |
| 42 'root', | |
| 43 'testpass', | |
| 44 'passwd' | |
| 45 ); | |
| 46 | |
| 47 -------------------------------------------------------------------- | |
| 48 */ | |
| 49 | |
| 50 /////////////////////////////////////////////////////// | |
| 51 // do not change code below | |
| 52 /////////////////////////////////////////////////////// | |
| 53 | |
| 54 // show usage example | |
| 55 if(isset($_GET['help'])) { | |
| 56 die('Include following code into every page you would like to protect, at the very beginning (first line):<br><?php include("' . str_replace('\\','\\\\',__FILE__) . '"); ?>'); | |
| 57 } | |
| 58 | |
| 59 // timeout in seconds | |
| 60 $timeout = (TIMEOUT_MINUTES == 0 ? 0 : time() + TIMEOUT_MINUTES * 60); | |
| 61 | |
| 62 // logout? | |
| 63 if(isset($_GET['logout'])) { | |
| 64 setcookie("e2verify", '', $timeout, '/'); // clear password; | |
| 65 header('Location: ' . LOGOUT_URL); | |
| 66 exit(); | |
| 67 } | |
| 68 | |
| 69 if(!function_exists('showLoginPasswordProtect')) { | |
| 70 | |
| 71 // show login form | |
| 72 function showLoginPasswordProtect($error_msg) { | |
| 73 ?> | |
| 74 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> | |
| 75 <html xmlns="http://www.w3.org/1999/xhtml"> | |
| 76 | |
| 77 <head profile="http://gmpg.org/xfn/11"> | |
| 78 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> | |
| 79 <META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE"> | |
| 80 <META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE"> | |
| 81 <title>(E)2 Gallery Pro Log In</title> | |
| 82 <link href="rsrc/style.css" rel="stylesheet" type="text/css"> | |
| 83 <style type="text/css"> | |
| 84 <!-- | |
| 85 body{ | |
| 86 font:16px "Trebuchet MS", Verdana, Arial, sans-serif; | |
| 87 background: #F1F1F1 url(images/bodybg.png) repeat-x top center; | |
| 88 } | |
| 89 #login #header { | |
| 90 background-image: url(images/loginheader.png); | |
| 91 background-repeat: no-repeat; | |
| 92 background-position: center top; | |
| 93 height: 72px; | |
| 94 width: 260px; | |
| 95 } | |
| 96 #login { | |
| 97 width: 260px; | |
| 98 margin: 25px auto; | |
| 99 } | |
| 100 #login #loginform { | |
| 101 margin: 0px auto; | |
| 102 padding: 9px; | |
| 103 width: 220px; | |
| 104 background: #E1E1E1; | |
| 105 border-left: solid 1px #CCC; | |
| 106 border-right: solid 1px #CCC; | |
| 107 border-bottom: solid 1px #CCC; | |
| 108 -moz-border-radius: 0 0 10px 10px; | |
| 109 -webkit-border-bottom-left-radius: 10px; | |
| 110 -webkit-border-bottom-right-radius: 10px; | |
| 111 -khtml-border-bottom-left-radius: 10px; | |
| 112 -khtml-border-bottom-right-radius: 10px; | |
| 113 border-bottom-left-radius: 10px; | |
| 114 border-bottom-right-radius: 10px; | |
| 115 } | |
| 116 input{ | |
| 117 width:98%; | |
| 118 font:16px "Trebuchet MS", Verdana, Arial, sans-serif; | |
| 119 } | |
| 120 #login #loginform h2 { | |
| 121 margin: 0px; | |
| 122 padding: 0px; | |
| 123 } | |
| 124 --> | |
| 125 </style> | |
| 126 </head> | |
| 127 <body> | |
| 128 <div id="login"> | |
| 129 <div id="header"></div> | |
| 130 <div id="loginform"> | |
| 131 <h2>Login</h2> | |
| 132 <font color="red"><?php echo $error_msg; ?></font><br /> | |
| 133 <form name="form1" method="post" action="<?php echo $_SERVER['PHP_SELF'] ;?>"> | |
| 134 <?php if (USE_USERNAME) echo '<label id="username"><strong>Username</strong></label><br /><input type="text" name="access_login"><br /><br />'; ?> | |
| 135 <label id="password"><strong>Password</strong></label><br /> | |
| 136 <input type="password" name="access_password"><br /><br /> | |
| 137 <input type="submit" name="submit" value="Login"> | |
| 138 </form> | |
| 139 </div> | |
| 140 </div> | |
| 141 </body> | |
| 142 </html> | |
| 143 | |
| 144 <?php | |
| 145 // stop at this point | |
| 146 die(); | |
| 147 } | |
| 148 } | |
| 149 | |
| 150 // user provided password | |
| 151 if (isset($_POST['access_password'])) { | |
| 152 | |
| 153 $login = isset($_POST['access_login']) ? $_POST['access_login'] : ''; | |
| 154 $pass = $_POST['access_password']; | |
| 155 if (!USE_USERNAME && !in_array($pass, $LOGIN_INFORMATION) | |
| 156 || (USE_USERNAME && ( !array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass ) ) | |
| 157 ) { | |
| 158 showLoginPasswordProtect("Incorrect login information."); | |
| 159 } | |
| 160 else { | |
| 161 // set cookie if password was validated | |
| 162 setcookie("e2verify", md5($login.'%'.$pass), $timeout, '/'); | |
| 163 | |
| 164 // Some programs (like Form1 Bilder) check $_POST array to see if parameters passed | |
| 165 // So need to clear password protector variables | |
| 166 unset($_POST['access_login']); | |
| 167 unset($_POST['access_password']); | |
| 168 unset($_POST['Submit']); | |
| 169 } | |
| 170 | |
| 171 } | |
| 172 | |
| 173 else { | |
| 174 | |
| 175 // check if password cookie is set | |
| 176 if (!isset($_COOKIE['e2verify'])) { | |
| 177 showLoginPasswordProtect(""); | |
| 178 } | |
| 179 | |
| 180 // check if cookie is good | |
| 181 $found = false; | |
| 182 foreach($LOGIN_INFORMATION as $key=>$val) { | |
| 183 $lp = (USE_USERNAME ? $key : '') .'%'.$val; | |
| 184 if ($_COOKIE['e2verify'] == md5($lp)) { | |
| 185 $found = true; | |
| 186 // prolong timeout | |
| 187 if (TIMEOUT_CHECK_ACTIVITY) { | |
| 188 setcookie("e2verify", md5($lp), $timeout, '/'); | |
| 189 } | |
| 190 break; | |
| 191 } | |
| 192 } | |
| 193 if (!$found) { | |
| 194 showLoginPasswordProtect(""); | |
| 195 } | |
| 196 | |
| 197 } | |
| 198 | |
| 199 ?> |