Mercurial > judyates

     1 <?php

     2 

     3 ###############################################################

     4 #

     5 # Page Password Protect 2.13

     6 # MODIFIED FOR INCORPORATION WITH e2 Photo Gallery

     7 # Name of cookie set has been changed from original script writers default to a specific name of e2verify

     8 # Some instructions and notifications on this page have been altered to make things more clear

     9 # Authors original login form has been altered to match original e2 login form

    10 #

    11 ###############################################################

    12 # Visit http://www.zubrag.com/scripts/ for original unmodified script and updates

    13 ############################################################### 

    14 # Usage:

    15 # Set usernames / passwords below between SETTINGS START and SETTINGS END.

    16 # Place Script inside e2 Photos gallery uploader folder

    17 # Add include of this script to all files being protected on VERY FIRST LINE ON PAGE 

    18 #    Example: include ('password_protect.php);

    19 #

    20 # Add following HTML code to your page where you want to have logout link

    21 # <a href="http://www.example.com/path/to/protected/page.php?logout=1">Logout</a>

    22 #

    23 ###############################################################

    24 

    25 /*

    26 -------------------------------------------------------------------

    27 SAMPLE if you only want to request login and password on login form.

    28 Each row represents different user.

    29 Each row requires a comma in the end of it execpt the last

    30 

    31 $LOGIN_INFORMATION = array(

    32   'zubrag' => 'root',

    33   'test' => 'testpass',

    34   'admin' => 'passwd'

    35 );

    36 

    37 --------------------------------------------------------------------

    38 SAMPLE if you only want to request only password on login form so only passwords are listed and required to login

    39 Note: You will have to modify line 59 of this code to read false, and replace lines 52-56 with the sample array below 

    40 

    41 $LOGIN_INFORMATION = array(

    42   'root',

    43   'testpass',

    44   'passwd'

    45 );

    46 

    47 --------------------------------------------------------------------

    48 */

    49 

    50 ///////////////////////////////////////////////////////

    51 // do not change code below

    52 ///////////////////////////////////////////////////////

    53 

    54 // show usage example

    55 if(isset($_GET['help'])) {

    56   die('Include following code into every page you would like to protect, at the very beginning (first line):<br>&lt;?php include("' . str_replace('\\','\\\\',__FILE__) . '"); ?&gt;');

    57 }

    58 

    59 // timeout in seconds

    60 $timeout = (TIMEOUT_MINUTES == 0 ? 0 : time() + TIMEOUT_MINUTES * 60);

    61 

    62 // logout?

    63 if(isset($_GET['logout'])) {

    64   setcookie("e2verify", '', $timeout, '/'); // clear password;

    65   header('Location: ' . LOGOUT_URL);

    66   exit();

    67 }

    68 

    69 if(!function_exists('showLoginPasswordProtect')) {

    70 

    71 // show login form

    72 function showLoginPasswordProtect($error_msg) {

    73 ?>

    74 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

    75 <html xmlns="http://www.w3.org/1999/xhtml">

    76 

    77 <head profile="http://gmpg.org/xfn/11">

    78 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

    79   <META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">

    80   <META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">

    81 <title>(E)2 Gallery Pro Log In</title> 

    82 <link href="rsrc/style.css" rel="stylesheet" type="text/css">

    83 <style type="text/css">

    84 <!--

    85 body{

    86 	font:16px "Trebuchet MS", Verdana, Arial, sans-serif;

    87 	background: #F1F1F1 url(images/bodybg.png) repeat-x top center;

    88 }

    89 #login #header {

    90 	background-image: url(images/loginheader.png);

    91 	background-repeat: no-repeat;

    92 	background-position: center top;

    93 	height: 72px;

    94 	width: 260px;

    95 }

    96 #login {

    97 	width: 260px;

    98 	margin: 25px auto;

    99 }

   100 #login #loginform {

   101 	margin: 0px auto;

   102 	padding: 9px;

   103 	width: 220px;

   104 	background: #E1E1E1;

   105 	border-left: solid 1px #CCC;

   106 	border-right: solid 1px #CCC;

   107 	border-bottom: solid 1px #CCC;

   108 	-moz-border-radius: 0 0 10px 10px;

   109 	-webkit-border-bottom-left-radius: 10px;

   110 	-webkit-border-bottom-right-radius: 10px;

   111 	-khtml-border-bottom-left-radius: 10px;

   112 	-khtml-border-bottom-right-radius: 10px;

   113 	border-bottom-left-radius: 10px;

   114 	border-bottom-right-radius: 10px;

   115 }

   116 input{

   117 	width:98%;

   118 	font:16px "Trebuchet MS", Verdana, Arial, sans-serif;

   119 }

   120 #login #loginform h2 {

   121 	margin: 0px;

   122 	padding: 0px;

   123 }

   124 -->

   125 </style>

   126 </head> 

   127 <body> 

   128 <div id="login">

   129 	<div id="header"></div>

   130     <div id="loginform">

   131     <h2>Login</h2>

   132         <font color="red"><?php echo $error_msg; ?></font><br />

   133             <form name="form1" method="post" action="<?php echo $_SERVER['PHP_SELF'] ;?>"> 

   134         	<?php if (USE_USERNAME) echo '<label id="username"><strong>Username</strong></label><br /><input type="text" name="access_login"><br /><br />'; ?> 

   135               <label id="password"><strong>Password</strong></label><br />

   136                 <input type="password" name="access_password"><br /><br /> 

   137                 <input type="submit" name="submit" value="Login"> 

   138             </form>

   139      </div>

   140 </div>

   141 </body> 

   142 </html> 

   143 

   144 <?php

   145   // stop at this point

   146   die();

   147 }

   148 }

   149 

   150 // user provided password

   151 if (isset($_POST['access_password'])) {

   152 

   153   $login = isset($_POST['access_login']) ? $_POST['access_login'] : '';

   154   $pass = $_POST['access_password'];

   155   if (!USE_USERNAME && !in_array($pass, $LOGIN_INFORMATION)

   156   || (USE_USERNAME && ( !array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass ) ) 

   157   ) {

   158     showLoginPasswordProtect("Incorrect login information.");

   159   }

   160   else {

   161     // set cookie if password was validated

   162     setcookie("e2verify", md5($login.'%'.$pass), $timeout, '/');

   163     

   164     // Some programs (like Form1 Bilder) check $_POST array to see if parameters passed

   165     // So need to clear password protector variables

   166     unset($_POST['access_login']);

   167     unset($_POST['access_password']);

   168     unset($_POST['Submit']);

   169   }

   170 

   171 }

   172 

   173 else {

   174 

   175   // check if password cookie is set

   176   if (!isset($_COOKIE['e2verify'])) {

   177     showLoginPasswordProtect("");

   178   }

   179 

   180   // check if cookie is good

   181   $found = false;

   182   foreach($LOGIN_INFORMATION as $key=>$val) {

   183     $lp = (USE_USERNAME ? $key : '') .'%'.$val;

   184     if ($_COOKIE['e2verify'] == md5($lp)) {

   185       $found = true;

   186       // prolong timeout

   187       if (TIMEOUT_CHECK_ACTIVITY) {

   188         setcookie("e2verify", md5($lp), $timeout, '/');

   189       }

   190       break;

   191     }

   192   }

   193   if (!$found) {

   194     showLoginPasswordProtect("");

   195   }

   196 

   197 }

   198 

   199 ?>