Mercurial > judyates
diff e2gallerypro/e2upload/password_protect.php @ 3:3f6b44aa6b35 judyates
[svn r4] added ability to buy stuff, from a Prints page, but it doesn't work well with the css, and it also has not been fitted into the perl make system.
| author | rlm |
|---|---|
| date | Mon, 22 Feb 2010 08:02:39 -0500 |
| parents | |
| children |
line wrap: on
line diff
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/e2gallerypro/e2upload/password_protect.php Mon Feb 22 08:02:39 2010 -0500 1.3 @@ -0,0 +1,199 @@ 1.4 +<?php 1.5 + 1.6 +############################################################### 1.7 +# 1.8 +# Page Password Protect 2.13 1.9 +# MODIFIED FOR INCORPORATION WITH e2 Photo Gallery 1.10 +# Name of cookie set has been changed from original script writers default to a specific name of e2verify 1.11 +# Some instructions and notifications on this page have been altered to make things more clear 1.12 +# Authors original login form has been altered to match original e2 login form 1.13 +# 1.14 +############################################################### 1.15 +# Visit http://www.zubrag.com/scripts/ for original unmodified script and updates 1.16 +############################################################### 1.17 +# Usage: 1.18 +# Set usernames / passwords below between SETTINGS START and SETTINGS END. 1.19 +# Place Script inside e2 Photos gallery uploader folder 1.20 +# Add include of this script to all files being protected on VERY FIRST LINE ON PAGE 1.21 +# Example: include ('password_protect.php); 1.22 +# 1.23 +# Add following HTML code to your page where you want to have logout link 1.24 +# <a href="http://www.example.com/path/to/protected/page.php?logout=1">Logout</a> 1.25 +# 1.26 +############################################################### 1.27 + 1.28 +/* 1.29 +------------------------------------------------------------------- 1.30 +SAMPLE if you only want to request login and password on login form. 1.31 +Each row represents different user. 1.32 +Each row requires a comma in the end of it execpt the last 1.33 + 1.34 +$LOGIN_INFORMATION = array( 1.35 + 'zubrag' => 'root', 1.36 + 'test' => 'testpass', 1.37 + 'admin' => 'passwd' 1.38 +); 1.39 + 1.40 +-------------------------------------------------------------------- 1.41 +SAMPLE if you only want to request only password on login form so only passwords are listed and required to login 1.42 +Note: You will have to modify line 59 of this code to read false, and replace lines 52-56 with the sample array below 1.43 + 1.44 +$LOGIN_INFORMATION = array( 1.45 + 'root', 1.46 + 'testpass', 1.47 + 'passwd' 1.48 +); 1.49 + 1.50 +-------------------------------------------------------------------- 1.51 +*/ 1.52 + 1.53 +/////////////////////////////////////////////////////// 1.54 +// do not change code below 1.55 +/////////////////////////////////////////////////////// 1.56 + 1.57 +// show usage example 1.58 +if(isset($_GET['help'])) { 1.59 + die('Include following code into every page you would like to protect, at the very beginning (first line):<br><?php include("' . str_replace('\\','\\\\',__FILE__) . '"); ?>'); 1.60 +} 1.61 + 1.62 +// timeout in seconds 1.63 +$timeout = (TIMEOUT_MINUTES == 0 ? 0 : time() + TIMEOUT_MINUTES * 60); 1.64 + 1.65 +// logout? 1.66 +if(isset($_GET['logout'])) { 1.67 + setcookie("e2verify", '', $timeout, '/'); // clear password; 1.68 + header('Location: ' . LOGOUT_URL); 1.69 + exit(); 1.70 +} 1.71 + 1.72 +if(!function_exists('showLoginPasswordProtect')) { 1.73 + 1.74 +// show login form 1.75 +function showLoginPasswordProtect($error_msg) { 1.76 +?> 1.77 +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 1.78 +<html xmlns="http://www.w3.org/1999/xhtml"> 1.79 + 1.80 +<head profile="http://gmpg.org/xfn/11"> 1.81 +<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> 1.82 + <META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE"> 1.83 + <META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE"> 1.84 +<title>(E)2 Gallery Pro Log In</title> 1.85 +<link href="rsrc/style.css" rel="stylesheet" type="text/css"> 1.86 +<style type="text/css"> 1.87 +<!-- 1.88 +body{ 1.89 + font:16px "Trebuchet MS", Verdana, Arial, sans-serif; 1.90 + background: #F1F1F1 url(images/bodybg.png) repeat-x top center; 1.91 +} 1.92 +#login #header { 1.93 + background-image: url(images/loginheader.png); 1.94 + background-repeat: no-repeat; 1.95 + background-position: center top; 1.96 + height: 72px; 1.97 + width: 260px; 1.98 +} 1.99 +#login { 1.100 + width: 260px; 1.101 + margin: 25px auto; 1.102 +} 1.103 +#login #loginform { 1.104 + margin: 0px auto; 1.105 + padding: 9px; 1.106 + width: 220px; 1.107 + background: #E1E1E1; 1.108 + border-left: solid 1px #CCC; 1.109 + border-right: solid 1px #CCC; 1.110 + border-bottom: solid 1px #CCC; 1.111 + -moz-border-radius: 0 0 10px 10px; 1.112 + -webkit-border-bottom-left-radius: 10px; 1.113 + -webkit-border-bottom-right-radius: 10px; 1.114 + -khtml-border-bottom-left-radius: 10px; 1.115 + -khtml-border-bottom-right-radius: 10px; 1.116 + border-bottom-left-radius: 10px; 1.117 + border-bottom-right-radius: 10px; 1.118 +} 1.119 +input{ 1.120 + width:98%; 1.121 + font:16px "Trebuchet MS", Verdana, Arial, sans-serif; 1.122 +} 1.123 +#login #loginform h2 { 1.124 + margin: 0px; 1.125 + padding: 0px; 1.126 +} 1.127 +--> 1.128 +</style> 1.129 +</head> 1.130 +<body> 1.131 +<div id="login"> 1.132 + <div id="header"></div> 1.133 + <div id="loginform"> 1.134 + <h2>Login</h2> 1.135 + <font color="red"><?php echo $error_msg; ?></font><br /> 1.136 + <form name="form1" method="post" action="<?php echo $_SERVER['PHP_SELF'] ;?>"> 1.137 + <?php if (USE_USERNAME) echo '<label id="username"><strong>Username</strong></label><br /><input type="text" name="access_login"><br /><br />'; ?> 1.138 + <label id="password"><strong>Password</strong></label><br /> 1.139 + <input type="password" name="access_password"><br /><br /> 1.140 + <input type="submit" name="submit" value="Login"> 1.141 + </form> 1.142 + </div> 1.143 +</div> 1.144 +</body> 1.145 +</html> 1.146 + 1.147 +<?php 1.148 + // stop at this point 1.149 + die(); 1.150 +} 1.151 +} 1.152 + 1.153 +// user provided password 1.154 +if (isset($_POST['access_password'])) { 1.155 + 1.156 + $login = isset($_POST['access_login']) ? $_POST['access_login'] : ''; 1.157 + $pass = $_POST['access_password']; 1.158 + if (!USE_USERNAME && !in_array($pass, $LOGIN_INFORMATION) 1.159 + || (USE_USERNAME && ( !array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass ) ) 1.160 + ) { 1.161 + showLoginPasswordProtect("Incorrect login information."); 1.162 + } 1.163 + else { 1.164 + // set cookie if password was validated 1.165 + setcookie("e2verify", md5($login.'%'.$pass), $timeout, '/'); 1.166 + 1.167 + // Some programs (like Form1 Bilder) check $_POST array to see if parameters passed 1.168 + // So need to clear password protector variables 1.169 + unset($_POST['access_login']); 1.170 + unset($_POST['access_password']); 1.171 + unset($_POST['Submit']); 1.172 + } 1.173 + 1.174 +} 1.175 + 1.176 +else { 1.177 + 1.178 + // check if password cookie is set 1.179 + if (!isset($_COOKIE['e2verify'])) { 1.180 + showLoginPasswordProtect(""); 1.181 + } 1.182 + 1.183 + // check if cookie is good 1.184 + $found = false; 1.185 + foreach($LOGIN_INFORMATION as $key=>$val) { 1.186 + $lp = (USE_USERNAME ? $key : '') .'%'.$val; 1.187 + if ($_COOKIE['e2verify'] == md5($lp)) { 1.188 + $found = true; 1.189 + // prolong timeout 1.190 + if (TIMEOUT_CHECK_ACTIVITY) { 1.191 + setcookie("e2verify", md5($lp), $timeout, '/'); 1.192 + } 1.193 + break; 1.194 + } 1.195 + } 1.196 + if (!$found) { 1.197 + showLoginPasswordProtect(""); 1.198 + } 1.199 + 1.200 +} 1.201 + 1.202 +?>