Initial commit of albumpassword module.
This commit is contained in:
parent
c3a4cf3f88
commit
0ced928c65
152
3.0/modules/albumpassword/controllers/albumpassword.php
Normal file
152
3.0/modules/albumpassword/controllers/albumpassword.php
Normal file
|
@ -0,0 +1,152 @@
|
|||
<?php defined("SYSPATH") or die("No direct script access.");
|
||||
/**
|
||||
* Gallery - a web based photo album viewer and editor
|
||||
* Copyright (C) 2000-2010 Bharat Mediratta
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or (at
|
||||
* your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
|
||||
*/
|
||||
class albumpassword_Controller extends Controller {
|
||||
public function assign($id) {
|
||||
// Display prompt for assigning a new password.
|
||||
|
||||
// Make sure user has view/edit access for this item.
|
||||
$item = ORM::factory("item", $id);
|
||||
access::required("view", $item);
|
||||
access::required("edit", $item);
|
||||
|
||||
// Create the page.
|
||||
$view = new View("assignpassword.html");
|
||||
$view->form = $this->_get_password_form($id);
|
||||
print $view;
|
||||
}
|
||||
|
||||
public function login() {
|
||||
// Display prompt to allow visitors to use their passwords.
|
||||
|
||||
// Create the page.
|
||||
$view = new View("loginpassword.html");
|
||||
$view->form = $this->_get_login_form();
|
||||
print $view;
|
||||
}
|
||||
|
||||
public function remove($id) {
|
||||
// Remove a password from an album
|
||||
|
||||
// Make sure user has view/edit privileges for this item
|
||||
$item = ORM::factory("item", $id);
|
||||
access::required("view", $item);
|
||||
access::required("edit", $item);
|
||||
|
||||
// Check for and delete the password.
|
||||
$existing_password = ORM::factory("items_albumpassword")->where("album_id", "=", $id)->find();
|
||||
if ($existing_password->loaded()) {
|
||||
db::build()->delete("items_albumpasswords")->where("album_id", "=", $id)->execute();
|
||||
message::success(t("Password Removed."));
|
||||
}
|
||||
|
||||
// Redirect the user back to the album.
|
||||
url::redirect(url::abs_site("albums/" . $id));
|
||||
}
|
||||
|
||||
public function savepassword() {
|
||||
// Save a newly assigned password.
|
||||
|
||||
// Prevent Cross Site Request Forgery
|
||||
access::verify_csrf();
|
||||
|
||||
// Convert submitted data to local variables.
|
||||
$album_id = Input::instance()->post("item_id");
|
||||
$album_password = Input::instance()->post("assignpassword_password");
|
||||
|
||||
// Check for, and remove, any existing passwords.
|
||||
$existing_password = ORM::factory("items_albumpassword")->where("album_id", "=", $album_id)->find();
|
||||
if ($existing_password->loaded()) {
|
||||
db::build()->delete("items_albumpasswords")->where("album_id", "=", $album_id)->execute();
|
||||
}
|
||||
|
||||
// Save the new password.
|
||||
$new_password = ORM::factory("items_albumpassword");
|
||||
$new_password->album_id = $album_id;
|
||||
$new_password->password = $album_password;
|
||||
$new_password->save();
|
||||
|
||||
// Display a success message and close the dialog.
|
||||
message::success(t("Password saved."));
|
||||
json::reply(array("result" => "success"));
|
||||
}
|
||||
|
||||
public function logout() {
|
||||
// Delete a stored password cookie.
|
||||
cookie::delete("g3_albumpassword");
|
||||
url::redirect(url::abs_site("albums/1"));
|
||||
}
|
||||
|
||||
public function checkpassword() {
|
||||
// Check that a password is valid, then store in a browser cookie.
|
||||
|
||||
// Prevent Cross Site Request Forgery
|
||||
access::verify_csrf();
|
||||
|
||||
// Convert submitted data to local variables.
|
||||
$album_password = Input::instance()->post("albumpassword_password");
|
||||
|
||||
// See if the submitted password matches any in the database.
|
||||
$existing_password = ORM::factory("items_albumpassword")
|
||||
->where("password", "=", $album_password)
|
||||
->find_all();
|
||||
|
||||
if (count($existing_password) > 0) {
|
||||
// If the password if valid, then store it, and display a success message.
|
||||
// If not, close the dialog and display a rejected message.
|
||||
cookie::set("g3_albumpassword", $album_password);
|
||||
message::success(t("Password Accepted."));
|
||||
json::reply(array("result" => "success"));
|
||||
} else {
|
||||
message::error(t("Password Rejected."));
|
||||
json::reply(array("result" => "success"));
|
||||
}
|
||||
}
|
||||
|
||||
private function _get_password_form($id) {
|
||||
// Generate a form for assigning a new password.
|
||||
$form = new Forge("albumpassword/savepassword", "", "post",
|
||||
array("id" => "g-assign-password-form"));
|
||||
$assignpassword_group = $form->group("Enter Password")
|
||||
->label(t("Enter Password:"));
|
||||
$assignpassword_group->hidden("item_id")->value($id);
|
||||
$assignpassword_group->input("assignpassword_password")
|
||||
->id('assignpassword_password')
|
||||
->label(t("Password:"));
|
||||
$form->submit("save_password")->value(t("Save"));
|
||||
|
||||
// Return the newly generated form.
|
||||
return $form;
|
||||
}
|
||||
|
||||
private function _get_login_form($id) {
|
||||
// Generate a form for allowing visitors to enter in their passwords.
|
||||
$form = new Forge("albumpassword/checkpassword", "", "post",
|
||||
array("id" => "g-login-password-form"));
|
||||
$assignpassword_group = $form->group("Enter Password")
|
||||
->label(t("Enter Password:"));
|
||||
$assignpassword_group->input("albumpassword_password")
|
||||
->id('albumpassword_password')
|
||||
->label(t("Password:"));
|
||||
$form->submit("login_password")->value(t("Login"));
|
||||
|
||||
// Return the newly generated form.
|
||||
return $form;
|
||||
}
|
||||
}
|
53
3.0/modules/albumpassword/helpers/MY_item.php
Normal file
53
3.0/modules/albumpassword/helpers/MY_item.php
Normal file
|
@ -0,0 +1,53 @@
|
|||
<?php defined("SYSPATH") or die("No direct script access.");
|
||||
/**
|
||||
* Gallery - a web based photo album viewer and editor
|
||||
* Copyright (C) 2000-2010 Bharat Mediratta
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or (at
|
||||
* your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
|
||||
*/
|
||||
|
||||
class item extends item_Core {
|
||||
static function viewable($model) {
|
||||
// Hide the contents of a password protected album,
|
||||
// Unless the current user is an admin, or the albums owner.
|
||||
|
||||
$model = item_Core::viewable($model);
|
||||
$album_item = ORM::factory("item")->where("id", "=", $model->id)->find();
|
||||
|
||||
// Figure out if the user can access this album.
|
||||
$deny_access = false;
|
||||
$existing_password = ORM::factory("items_albumpassword")->where("album_id", "=", $model->id)->find();
|
||||
if ($existing_password->loaded()) {
|
||||
if ((cookie::get("g3_albumpassword") != $existing_password->password) &&
|
||||
(identity::active_user()->id != $album_item->owner_id))
|
||||
$deny_access = true;
|
||||
}
|
||||
|
||||
// set access::DENY if necessary.
|
||||
if ($deny_access == true) {
|
||||
$view_restrictions = array();
|
||||
if (!identity::active_user()->admin) {
|
||||
foreach (identity::group_ids_for_active_user() as $id) {
|
||||
$view_restrictions[] = array("items.view_$id", "=", access::DENY);
|
||||
}
|
||||
}
|
||||
}
|
||||
if (count($view_restrictions)) {
|
||||
$model->and_open()->merge_or_where($view_restrictions)->close();
|
||||
}
|
||||
|
||||
return $model;
|
||||
}
|
||||
}
|
104
3.0/modules/albumpassword/helpers/albumpassword_event.php
Normal file
104
3.0/modules/albumpassword/helpers/albumpassword_event.php
Normal file
|
@ -0,0 +1,104 @@
|
|||
<?php defined("SYSPATH") or die("No direct script access.");
|
||||
/**
|
||||
* Gallery - a web based photo album viewer and editor
|
||||
* Copyright (C) 2000-2010 Bharat Mediratta
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or (at
|
||||
* your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
|
||||
*/
|
||||
class albumpassword_event_Core {
|
||||
static function site_menu($menu, $theme) {
|
||||
// Add menu options for Adding / Removing / Using passwords to the menu.
|
||||
|
||||
// If this page doesn't belong to an item, don't display the menu.
|
||||
if (!$theme->item()) {
|
||||
return;
|
||||
}
|
||||
$item = $theme->item();
|
||||
|
||||
// If there isn't currently a password stored in the cookie,
|
||||
// then display the enter password link.
|
||||
if (cookie::get("g3_albumpassword") == "") {
|
||||
$menu->append(Menu::factory("dialog")
|
||||
->id("albumpassword_login")
|
||||
->css_id("g-album-password-login")
|
||||
->url(url::site("albumpassword/login"))
|
||||
->label(t("Enter password")));
|
||||
} else {
|
||||
// If a password has been entered already
|
||||
// display the log out link, and links to the protected albums
|
||||
$menu->append(Menu::factory("submenu")
|
||||
->id("albumpassword_protected")
|
||||
->css_id("g-album-password-protected")
|
||||
->label(t("Protected albums")));
|
||||
$menu->get("albumpassword_protected")
|
||||
->append(Menu::factory("link")
|
||||
->id("albumpassword_logout")
|
||||
->css_id("g-album-password-logout")
|
||||
->url(url::site("albumpassword/logout"))
|
||||
->label(t("Clear password")));
|
||||
$existing_password = ORM::factory("items_albumpassword")
|
||||
->where("password", "=", cookie::get("g3_albumpassword"))
|
||||
->find_all();
|
||||
if (count($existing_password) > 0) {
|
||||
$counter = 0;
|
||||
while ($counter < count($existing_password)) {
|
||||
$item_album = ORM::factory("item")->where("id", "=", $existing_password[$counter]->album_id)->find();
|
||||
$menu->get("albumpassword_protected")
|
||||
->append(Menu::factory("link")
|
||||
->id("albumpassword_album" . $counter)
|
||||
->label(html::purify($item_album->title))
|
||||
->css_id("g-album-password-album" . $counter)
|
||||
->url(url::abs_site("{$item_album->type}s/{$item_album->id}")));
|
||||
$counter++;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// If this is an album without a password, display a link for assigning one.
|
||||
// If this is an album with a password, display a link to remove it.
|
||||
if ($item->is_album()) {
|
||||
if ((access::can("view", $item)) && (access::can("edit", $item))) {
|
||||
$existing_password = ORM::factory("items_albumpassword")
|
||||
->where("album_id", "=", $item->id)
|
||||
->find_all();
|
||||
if (count($existing_password) > 0) {
|
||||
$menu->get("options_menu")
|
||||
->append(Menu::factory("link")
|
||||
->id("albumpassword_remove")
|
||||
->label(t("Remove password"))
|
||||
->css_id("g-album-password-remove")
|
||||
->url(url::site("albumpassword/remove/" . $item->id)));
|
||||
} else {
|
||||
$menu->get("options_menu")
|
||||
->append(Menu::factory("dialog")
|
||||
->id("albumpassword_assign")
|
||||
->label(t("Assign password"))
|
||||
->css_id("g-album-password-assign")
|
||||
->url(url::site("albumpassword/assign/" . $item->id)));
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
static function item_deleted($item) {
|
||||
// If an album is deleted, remove any associated passwords.
|
||||
$existingPasswords = ORM::factory("items_albumpassword")
|
||||
->where("album_id", "=", $item->id)
|
||||
->find_all();
|
||||
if (count($existingPasswords) > 0) {
|
||||
db::build()->delete("items_albumpassword")->where("album_id", "=", $item->id)->execute();
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,42 @@
|
|||
<?php defined("SYSPATH") or die("No direct script access.");
|
||||
/**
|
||||
* Gallery - a web based photo album viewer and editor
|
||||
* Copyright (C) 2000-2010 Bharat Mediratta
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or (at
|
||||
* your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
|
||||
*/
|
||||
class albumpassword_installer {
|
||||
static function install() {
|
||||
// Create a table to store passwords in.
|
||||
$db = Database::instance();
|
||||
$db->query("CREATE TABLE IF NOT EXISTS {items_albumpasswords} (
|
||||
`id` int(9) NOT NULL auto_increment,
|
||||
`album_id` int(9) NOT NULL,
|
||||
`password` varchar(64) NOT NULL,
|
||||
PRIMARY KEY (`id`))
|
||||
DEFAULT CHARSET=utf8;");
|
||||
|
||||
|
||||
// Set the module's version number.
|
||||
module::set_version("albumpassword", 1);
|
||||
}
|
||||
|
||||
static function uninstall() {
|
||||
// Delete the password table before uninstalling.
|
||||
$db = Database::instance();
|
||||
$db->query("DROP TABLE IF EXISTS {items_albumpassword};");
|
||||
module::delete("albumpassword");
|
||||
}
|
||||
}
|
21
3.0/modules/albumpassword/models/items_albumpassword.php
Normal file
21
3.0/modules/albumpassword/models/items_albumpassword.php
Normal file
|
@ -0,0 +1,21 @@
|
|||
<?php defined("SYSPATH") or die("No direct script access.");
|
||||
/**
|
||||
* Gallery - a web based photo album viewer and editor
|
||||
* Copyright (C) 2000-2010 Bharat Mediratta
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or (at
|
||||
* your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
|
||||
*/
|
||||
class Items_Albumpassword_Model extends ORM {
|
||||
}
|
3
3.0/modules/albumpassword/module.info
Normal file
3
3.0/modules/albumpassword/module.info
Normal file
|
@ -0,0 +1,3 @@
|
|||
name = "Album Password"
|
||||
description = "Restrict access to individual albums."
|
||||
version = 1
|
24
3.0/modules/albumpassword/views/assignpassword.html.php
Normal file
24
3.0/modules/albumpassword/views/assignpassword.html.php
Normal file
|
@ -0,0 +1,24 @@
|
|||
<script type="text/javascript">
|
||||
function ajaxify_login_reset_form() {
|
||||
$("#g-login form").ajaxForm({
|
||||
dataType: "json",
|
||||
success: function(data) {
|
||||
if (data.form) {
|
||||
$("#g-login form").replaceWith(data.form);
|
||||
ajaxify_login_reset_form();
|
||||
}
|
||||
if (data.result == "success") {
|
||||
$("#g-dialog").dialog("close");
|
||||
window.location.reload();
|
||||
}
|
||||
}
|
||||
});
|
||||
};
|
||||
</script>
|
||||
<div id="g-assign-password">
|
||||
<ul>
|
||||
<li id="g-assign-password-form">
|
||||
<?= $form ?>
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
24
3.0/modules/albumpassword/views/loginpassword.html.php
Normal file
24
3.0/modules/albumpassword/views/loginpassword.html.php
Normal file
|
@ -0,0 +1,24 @@
|
|||
<script type="text/javascript">
|
||||
function ajaxify_login_reset_form() {
|
||||
$("#g-login form").ajaxForm({
|
||||
dataType: "json",
|
||||
success: function(data) {
|
||||
if (data.form) {
|
||||
$("#g-login form").replaceWith(data.form);
|
||||
ajaxify_login_reset_form();
|
||||
}
|
||||
if (data.result == "success") {
|
||||
$("#g-dialog").dialog("close");
|
||||
window.location.reload();
|
||||
}
|
||||
}
|
||||
});
|
||||
};
|
||||
</script>
|
||||
<div id="g-login-password">
|
||||
<ul>
|
||||
<li id="g-login-password-form">
|
||||
<?= $form ?>
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
152
3.1/modules/albumpassword/controllers/albumpassword.php
Normal file
152
3.1/modules/albumpassword/controllers/albumpassword.php
Normal file
|
@ -0,0 +1,152 @@
|
|||
<?php defined("SYSPATH") or die("No direct script access.");
|
||||
/**
|
||||
* Gallery - a web based photo album viewer and editor
|
||||
* Copyright (C) 2000-2010 Bharat Mediratta
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or (at
|
||||
* your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
|
||||
*/
|
||||
class albumpassword_Controller extends Controller {
|
||||
public function assign($id) {
|
||||
// Display prompt for assigning a new password.
|
||||
|
||||
// Make sure user has view/edit access for this item.
|
||||
$item = ORM::factory("item", $id);
|
||||
access::required("view", $item);
|
||||
access::required("edit", $item);
|
||||
|
||||
// Create the page.
|
||||
$view = new View("assignpassword.html");
|
||||
$view->form = $this->_get_password_form($id);
|
||||
print $view;
|
||||
}
|
||||
|
||||
public function login() {
|
||||
// Display prompt to allow visitors to use their passwords.
|
||||
|
||||
// Create the page.
|
||||
$view = new View("loginpassword.html");
|
||||
$view->form = $this->_get_login_form();
|
||||
print $view;
|
||||
}
|
||||
|
||||
public function remove($id) {
|
||||
// Remove a password from an album
|
||||
|
||||
// Make sure user has view/edit privileges for this item
|
||||
$item = ORM::factory("item", $id);
|
||||
access::required("view", $item);
|
||||
access::required("edit", $item);
|
||||
|
||||
// Check for and delete the password.
|
||||
$existing_password = ORM::factory("items_albumpassword")->where("album_id", "=", $id)->find();
|
||||
if ($existing_password->loaded()) {
|
||||
db::build()->delete("items_albumpasswords")->where("album_id", "=", $id)->execute();
|
||||
message::success(t("Password Removed."));
|
||||
}
|
||||
|
||||
// Redirect the user back to the album.
|
||||
url::redirect(url::abs_site("albums/" . $id));
|
||||
}
|
||||
|
||||
public function savepassword() {
|
||||
// Save a newly assigned password.
|
||||
|
||||
// Prevent Cross Site Request Forgery
|
||||
access::verify_csrf();
|
||||
|
||||
// Convert submitted data to local variables.
|
||||
$album_id = Input::instance()->post("item_id");
|
||||
$album_password = Input::instance()->post("assignpassword_password");
|
||||
|
||||
// Check for, and remove, any existing passwords.
|
||||
$existing_password = ORM::factory("items_albumpassword")->where("album_id", "=", $album_id)->find();
|
||||
if ($existing_password->loaded()) {
|
||||
db::build()->delete("items_albumpasswords")->where("album_id", "=", $album_id)->execute();
|
||||
}
|
||||
|
||||
// Save the new password.
|
||||
$new_password = ORM::factory("items_albumpassword");
|
||||
$new_password->album_id = $album_id;
|
||||
$new_password->password = $album_password;
|
||||
$new_password->save();
|
||||
|
||||
// Display a success message and close the dialog.
|
||||
message::success(t("Password saved."));
|
||||
json::reply(array("result" => "success"));
|
||||
}
|
||||
|
||||
public function logout() {
|
||||
// Delete a stored password cookie.
|
||||
cookie::delete("g3_albumpassword");
|
||||
url::redirect(url::abs_site("albums/1"));
|
||||
}
|
||||
|
||||
public function checkpassword() {
|
||||
// Check that a password is valid, then store in a browser cookie.
|
||||
|
||||
// Prevent Cross Site Request Forgery
|
||||
access::verify_csrf();
|
||||
|
||||
// Convert submitted data to local variables.
|
||||
$album_password = Input::instance()->post("albumpassword_password");
|
||||
|
||||
// See if the submitted password matches any in the database.
|
||||
$existing_password = ORM::factory("items_albumpassword")
|
||||
->where("password", "=", $album_password)
|
||||
->find_all();
|
||||
|
||||
if (count($existing_password) > 0) {
|
||||
// If the password if valid, then store it, and display a success message.
|
||||
// If not, close the dialog and display a rejected message.
|
||||
cookie::set("g3_albumpassword", $album_password);
|
||||
message::success(t("Password Accepted."));
|
||||
json::reply(array("result" => "success"));
|
||||
} else {
|
||||
message::error(t("Password Rejected."));
|
||||
json::reply(array("result" => "success"));
|
||||
}
|
||||
}
|
||||
|
||||
private function _get_password_form($id) {
|
||||
// Generate a form for assigning a new password.
|
||||
$form = new Forge("albumpassword/savepassword", "", "post",
|
||||
array("id" => "g-assign-password-form"));
|
||||
$assignpassword_group = $form->group("Enter Password")
|
||||
->label(t("Enter Password:"));
|
||||
$assignpassword_group->hidden("item_id")->value($id);
|
||||
$assignpassword_group->input("assignpassword_password")
|
||||
->id('assignpassword_password')
|
||||
->label(t("Password:"));
|
||||
$form->submit("save_password")->value(t("Save"));
|
||||
|
||||
// Return the newly generated form.
|
||||
return $form;
|
||||
}
|
||||
|
||||
private function _get_login_form($id) {
|
||||
// Generate a form for allowing visitors to enter in their passwords.
|
||||
$form = new Forge("albumpassword/checkpassword", "", "post",
|
||||
array("id" => "g-login-password-form"));
|
||||
$assignpassword_group = $form->group("Enter Password")
|
||||
->label(t("Enter Password:"));
|
||||
$assignpassword_group->input("albumpassword_password")
|
||||
->id('albumpassword_password')
|
||||
->label(t("Password:"));
|
||||
$form->submit("login_password")->value(t("Login"));
|
||||
|
||||
// Return the newly generated form.
|
||||
return $form;
|
||||
}
|
||||
}
|
53
3.1/modules/albumpassword/helpers/MY_item.php
Normal file
53
3.1/modules/albumpassword/helpers/MY_item.php
Normal file
|
@ -0,0 +1,53 @@
|
|||
<?php defined("SYSPATH") or die("No direct script access.");
|
||||
/**
|
||||
* Gallery - a web based photo album viewer and editor
|
||||
* Copyright (C) 2000-2010 Bharat Mediratta
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or (at
|
||||
* your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
|
||||
*/
|
||||
|
||||
class item extends item_Core {
|
||||
static function viewable($model) {
|
||||
// Hide the contents of a password protected album,
|
||||
// Unless the current user is an admin, or the albums owner.
|
||||
|
||||
$model = item_Core::viewable($model);
|
||||
$album_item = ORM::factory("item")->where("id", "=", $model->id)->find();
|
||||
|
||||
// Figure out if the user can access this album.
|
||||
$deny_access = false;
|
||||
$existing_password = ORM::factory("items_albumpassword")->where("album_id", "=", $model->id)->find();
|
||||
if ($existing_password->loaded()) {
|
||||
if ((cookie::get("g3_albumpassword") != $existing_password->password) &&
|
||||
(identity::active_user()->id != $album_item->owner_id))
|
||||
$deny_access = true;
|
||||
}
|
||||
|
||||
// set access::DENY if necessary.
|
||||
if ($deny_access == true) {
|
||||
$view_restrictions = array();
|
||||
if (!identity::active_user()->admin) {
|
||||
foreach (identity::group_ids_for_active_user() as $id) {
|
||||
$view_restrictions[] = array("items.view_$id", "=", access::DENY);
|
||||
}
|
||||
}
|
||||
}
|
||||
if (count($view_restrictions)) {
|
||||
$model->and_open()->merge_or_where($view_restrictions)->close();
|
||||
}
|
||||
|
||||
return $model;
|
||||
}
|
||||
}
|
104
3.1/modules/albumpassword/helpers/albumpassword_event.php
Normal file
104
3.1/modules/albumpassword/helpers/albumpassword_event.php
Normal file
|
@ -0,0 +1,104 @@
|
|||
<?php defined("SYSPATH") or die("No direct script access.");
|
||||
/**
|
||||
* Gallery - a web based photo album viewer and editor
|
||||
* Copyright (C) 2000-2010 Bharat Mediratta
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or (at
|
||||
* your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
|
||||
*/
|
||||
class albumpassword_event_Core {
|
||||
static function site_menu($menu, $theme) {
|
||||
// Add menu options for Adding / Removing / Using passwords to the menu.
|
||||
|
||||
// If this page doesn't belong to an item, don't display the menu.
|
||||
if (!$theme->item()) {
|
||||
return;
|
||||
}
|
||||
$item = $theme->item();
|
||||
|
||||
// If there isn't currently a password stored in the cookie,
|
||||
// then display the enter password link.
|
||||
if (cookie::get("g3_albumpassword") == "") {
|
||||
$menu->append(Menu::factory("dialog")
|
||||
->id("albumpassword_login")
|
||||
->css_id("g-album-password-login")
|
||||
->url(url::site("albumpassword/login"))
|
||||
->label(t("Enter password")));
|
||||
} else {
|
||||
// If a password has been entered already
|
||||
// display the log out link, and links to the protected albums
|
||||
$menu->append(Menu::factory("submenu")
|
||||
->id("albumpassword_protected")
|
||||
->css_id("g-album-password-protected")
|
||||
->label(t("Protected albums")));
|
||||
$menu->get("albumpassword_protected")
|
||||
->append(Menu::factory("link")
|
||||
->id("albumpassword_logout")
|
||||
->css_id("g-album-password-logout")
|
||||
->url(url::site("albumpassword/logout"))
|
||||
->label(t("Clear password")));
|
||||
$existing_password = ORM::factory("items_albumpassword")
|
||||
->where("password", "=", cookie::get("g3_albumpassword"))
|
||||
->find_all();
|
||||
if (count($existing_password) > 0) {
|
||||
$counter = 0;
|
||||
while ($counter < count($existing_password)) {
|
||||
$item_album = ORM::factory("item")->where("id", "=", $existing_password[$counter]->album_id)->find();
|
||||
$menu->get("albumpassword_protected")
|
||||
->append(Menu::factory("link")
|
||||
->id("albumpassword_album" . $counter)
|
||||
->label(html::purify($item_album->title))
|
||||
->css_id("g-album-password-album" . $counter)
|
||||
->url(url::abs_site("{$item_album->type}s/{$item_album->id}")));
|
||||
$counter++;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// If this is an album without a password, display a link for assigning one.
|
||||
// If this is an album with a password, display a link to remove it.
|
||||
if ($item->is_album()) {
|
||||
if ((access::can("view", $item)) && (access::can("edit", $item))) {
|
||||
$existing_password = ORM::factory("items_albumpassword")
|
||||
->where("album_id", "=", $item->id)
|
||||
->find_all();
|
||||
if (count($existing_password) > 0) {
|
||||
$menu->get("options_menu")
|
||||
->append(Menu::factory("link")
|
||||
->id("albumpassword_remove")
|
||||
->label(t("Remove password"))
|
||||
->css_id("g-album-password-remove")
|
||||
->url(url::site("albumpassword/remove/" . $item->id)));
|
||||
} else {
|
||||
$menu->get("options_menu")
|
||||
->append(Menu::factory("dialog")
|
||||
->id("albumpassword_assign")
|
||||
->label(t("Assign password"))
|
||||
->css_id("g-album-password-assign")
|
||||
->url(url::site("albumpassword/assign/" . $item->id)));
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
static function item_deleted($item) {
|
||||
// If an album is deleted, remove any associated passwords.
|
||||
$existingPasswords = ORM::factory("items_albumpassword")
|
||||
->where("album_id", "=", $item->id)
|
||||
->find_all();
|
||||
if (count($existingPasswords) > 0) {
|
||||
db::build()->delete("items_albumpassword")->where("album_id", "=", $item->id)->execute();
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,42 @@
|
|||
<?php defined("SYSPATH") or die("No direct script access.");
|
||||
/**
|
||||
* Gallery - a web based photo album viewer and editor
|
||||
* Copyright (C) 2000-2010 Bharat Mediratta
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or (at
|
||||
* your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
|
||||
*/
|
||||
class albumpassword_installer {
|
||||
static function install() {
|
||||
// Create a table to store passwords in.
|
||||
$db = Database::instance();
|
||||
$db->query("CREATE TABLE IF NOT EXISTS {items_albumpasswords} (
|
||||
`id` int(9) NOT NULL auto_increment,
|
||||
`album_id` int(9) NOT NULL,
|
||||
`password` varchar(64) NOT NULL,
|
||||
PRIMARY KEY (`id`))
|
||||
DEFAULT CHARSET=utf8;");
|
||||
|
||||
|
||||
// Set the module's version number.
|
||||
module::set_version("albumpassword", 1);
|
||||
}
|
||||
|
||||
static function uninstall() {
|
||||
// Delete the password table before uninstalling.
|
||||
$db = Database::instance();
|
||||
$db->query("DROP TABLE IF EXISTS {items_albumpassword};");
|
||||
module::delete("albumpassword");
|
||||
}
|
||||
}
|
21
3.1/modules/albumpassword/models/items_albumpassword.php
Normal file
21
3.1/modules/albumpassword/models/items_albumpassword.php
Normal file
|
@ -0,0 +1,21 @@
|
|||
<?php defined("SYSPATH") or die("No direct script access.");
|
||||
/**
|
||||
* Gallery - a web based photo album viewer and editor
|
||||
* Copyright (C) 2000-2010 Bharat Mediratta
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or (at
|
||||
* your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
|
||||
*/
|
||||
class Items_Albumpassword_Model extends ORM {
|
||||
}
|
3
3.1/modules/albumpassword/module.info
Normal file
3
3.1/modules/albumpassword/module.info
Normal file
|
@ -0,0 +1,3 @@
|
|||
name = "Album Password"
|
||||
description = "Restrict access to individual albums."
|
||||
version = 1
|
24
3.1/modules/albumpassword/views/assignpassword.html.php
Normal file
24
3.1/modules/albumpassword/views/assignpassword.html.php
Normal file
|
@ -0,0 +1,24 @@
|
|||
<script type="text/javascript">
|
||||
function ajaxify_login_reset_form() {
|
||||
$("#g-login form").ajaxForm({
|
||||
dataType: "json",
|
||||
success: function(data) {
|
||||
if (data.form) {
|
||||
$("#g-login form").replaceWith(data.form);
|
||||
ajaxify_login_reset_form();
|
||||
}
|
||||
if (data.result == "success") {
|
||||
$("#g-dialog").dialog("close");
|
||||
window.location.reload();
|
||||
}
|
||||
}
|
||||
});
|
||||
};
|
||||
</script>
|
||||
<div id="g-assign-password">
|
||||
<ul>
|
||||
<li id="g-assign-password-form">
|
||||
<?= $form ?>
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
24
3.1/modules/albumpassword/views/loginpassword.html.php
Normal file
24
3.1/modules/albumpassword/views/loginpassword.html.php
Normal file
|
@ -0,0 +1,24 @@
|
|||
<script type="text/javascript">
|
||||
function ajaxify_login_reset_form() {
|
||||
$("#g-login form").ajaxForm({
|
||||
dataType: "json",
|
||||
success: function(data) {
|
||||
if (data.form) {
|
||||
$("#g-login form").replaceWith(data.form);
|
||||
ajaxify_login_reset_form();
|
||||
}
|
||||
if (data.result == "success") {
|
||||
$("#g-dialog").dialog("close");
|
||||
window.location.reload();
|
||||
}
|
||||
}
|
||||
});
|
||||
};
|
||||
</script>
|
||||
<div id="g-login-password">
|
||||
<ul>
|
||||
<li id="g-login-password-form">
|
||||
<?= $form ?>
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
Reference in New Issue
Block a user