From 0ced928c65f2ca1b564c39db280d2d5691a078a5 Mon Sep 17 00:00:00 2001
From: rWatcher <rwatcher@watcherdatabase.tk>
Date: Fri, 29 Oct 2010 13:51:15 +0800
Subject: [PATCH] Initial commit of albumpassword module.

---
 .../controllers/albumpassword.php             | 152 ++++++++++++++++++
 3.0/modules/albumpassword/helpers/MY_item.php |  53 ++++++
 .../helpers/albumpassword_event.php           | 104 ++++++++++++
 .../helpers/albumpassword_installer.php       |  42 +++++
 .../models/items_albumpassword.php            |  21 +++
 3.0/modules/albumpassword/module.info         |   3 +
 .../views/assignpassword.html.php             |  24 +++
 .../views/loginpassword.html.php              |  24 +++
 .../controllers/albumpassword.php             | 152 ++++++++++++++++++
 3.1/modules/albumpassword/helpers/MY_item.php |  53 ++++++
 .../helpers/albumpassword_event.php           | 104 ++++++++++++
 .../helpers/albumpassword_installer.php       |  42 +++++
 .../models/items_albumpassword.php            |  21 +++
 3.1/modules/albumpassword/module.info         |   3 +
 .../views/assignpassword.html.php             |  24 +++
 .../views/loginpassword.html.php              |  24 +++
 16 files changed, 846 insertions(+)
 create mode 100644 3.0/modules/albumpassword/controllers/albumpassword.php
 create mode 100644 3.0/modules/albumpassword/helpers/MY_item.php
 create mode 100644 3.0/modules/albumpassword/helpers/albumpassword_event.php
 create mode 100644 3.0/modules/albumpassword/helpers/albumpassword_installer.php
 create mode 100644 3.0/modules/albumpassword/models/items_albumpassword.php
 create mode 100644 3.0/modules/albumpassword/module.info
 create mode 100644 3.0/modules/albumpassword/views/assignpassword.html.php
 create mode 100644 3.0/modules/albumpassword/views/loginpassword.html.php
 create mode 100644 3.1/modules/albumpassword/controllers/albumpassword.php
 create mode 100644 3.1/modules/albumpassword/helpers/MY_item.php
 create mode 100644 3.1/modules/albumpassword/helpers/albumpassword_event.php
 create mode 100644 3.1/modules/albumpassword/helpers/albumpassword_installer.php
 create mode 100644 3.1/modules/albumpassword/models/items_albumpassword.php
 create mode 100644 3.1/modules/albumpassword/module.info
 create mode 100644 3.1/modules/albumpassword/views/assignpassword.html.php
 create mode 100644 3.1/modules/albumpassword/views/loginpassword.html.php

diff --git a/3.0/modules/albumpassword/controllers/albumpassword.php b/3.0/modules/albumpassword/controllers/albumpassword.php
new file mode 100644
index 00000000..b014b749
--- /dev/null
+++ b/3.0/modules/albumpassword/controllers/albumpassword.php
@@ -0,0 +1,152 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2010 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+class albumpassword_Controller extends Controller {
+  public function assign($id) {
+    // Display prompt for assigning a new password.
+
+    // Make sure user has view/edit access for this item.
+    $item = ORM::factory("item", $id);
+    access::required("view", $item);
+    access::required("edit", $item);
+
+    // Create the page.
+    $view = new View("assignpassword.html");
+    $view->form = $this->_get_password_form($id);
+    print $view;
+  }
+  
+  public function login() {
+    // Display prompt to allow visitors to use their passwords.
+
+    // Create the page.
+    $view = new View("loginpassword.html");
+    $view->form = $this->_get_login_form();
+    print $view;
+  }
+
+  public function remove($id) {
+    // Remove a password from an album
+
+    // Make sure user has view/edit privileges for this item
+    $item = ORM::factory("item", $id);
+    access::required("view", $item);
+    access::required("edit", $item);
+
+    // Check for and delete the password.
+    $existing_password = ORM::factory("items_albumpassword")->where("album_id", "=", $id)->find();
+    if ($existing_password->loaded()) {
+      db::build()->delete("items_albumpasswords")->where("album_id", "=", $id)->execute();
+      message::success(t("Password Removed."));
+    }
+
+    // Redirect the user back to the album.
+    url::redirect(url::abs_site("albums/" . $id));
+  }
+  
+  public function savepassword() {
+    // Save a newly assigned password.
+
+    // Prevent Cross Site Request Forgery
+    access::verify_csrf();
+
+    // Convert submitted data to local variables.
+    $album_id = Input::instance()->post("item_id");
+    $album_password = Input::instance()->post("assignpassword_password");
+
+    // Check for, and remove, any existing passwords.
+    $existing_password = ORM::factory("items_albumpassword")->where("album_id", "=", $album_id)->find();
+    if ($existing_password->loaded()) {
+      db::build()->delete("items_albumpasswords")->where("album_id", "=", $album_id)->execute();
+    }
+
+    // Save the new password.
+    $new_password = ORM::factory("items_albumpassword");
+    $new_password->album_id = $album_id;
+    $new_password->password = $album_password;
+    $new_password->save();
+
+    // Display a success message and close the dialog.
+    message::success(t("Password saved."));
+    json::reply(array("result" => "success"));
+  }
+
+  public function logout() {
+    // Delete a stored password cookie.
+    cookie::delete("g3_albumpassword");
+    url::redirect(url::abs_site("albums/1"));
+  }
+  
+  public function checkpassword() {
+    // Check that a password is valid, then store in a browser cookie.
+
+    // Prevent Cross Site Request Forgery
+    access::verify_csrf();
+
+    // Convert submitted data to local variables.
+    $album_password = Input::instance()->post("albumpassword_password");
+
+    // See if the submitted password matches any in the database.
+    $existing_password = ORM::factory("items_albumpassword")
+                              ->where("password", "=", $album_password)
+                              ->find_all();
+
+    if (count($existing_password) > 0) {
+      // If the password if valid, then store it, and display a success message.
+      // If not, close the dialog and display a rejected message.
+      cookie::set("g3_albumpassword", $album_password);
+      message::success(t("Password Accepted."));
+      json::reply(array("result" => "success"));
+    } else {
+      message::error(t("Password Rejected."));
+      json::reply(array("result" => "success"));
+    }
+  }
+
+  private function _get_password_form($id) {
+    // Generate a form for assigning a new password.
+    $form = new Forge("albumpassword/savepassword", "", "post",
+                      array("id" => "g-assign-password-form"));
+    $assignpassword_group = $form->group("Enter Password")
+                                 ->label(t("Enter Password:"));
+    $assignpassword_group->hidden("item_id")->value($id);
+    $assignpassword_group->input("assignpassword_password")
+                         ->id('assignpassword_password')
+                         ->label(t("Password:"));
+    $form->submit("save_password")->value(t("Save"));
+
+    // Return the newly generated form.
+    return $form;
+  }
+  
+  private function _get_login_form($id) {
+    // Generate a form for allowing visitors to enter in their passwords.
+    $form = new Forge("albumpassword/checkpassword", "", "post",
+                      array("id" => "g-login-password-form"));
+    $assignpassword_group = $form->group("Enter Password")
+                                 ->label(t("Enter Password:"));
+    $assignpassword_group->input("albumpassword_password")
+                         ->id('albumpassword_password')
+                         ->label(t("Password:"));
+    $form->submit("login_password")->value(t("Login"));
+
+    // Return the newly generated form.
+    return $form;
+  }
+}
diff --git a/3.0/modules/albumpassword/helpers/MY_item.php b/3.0/modules/albumpassword/helpers/MY_item.php
new file mode 100644
index 00000000..3e09a64d
--- /dev/null
+++ b/3.0/modules/albumpassword/helpers/MY_item.php
@@ -0,0 +1,53 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2010 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+
+class item extends item_Core {
+  static function viewable($model) {
+    // Hide the contents of a password protected album,
+    // Unless the current user is an admin, or the albums owner.
+
+    $model = item_Core::viewable($model);
+    $album_item = ORM::factory("item")->where("id", "=", $model->id)->find();
+
+    // Figure out if the user can access this album.
+    $deny_access = false;
+    $existing_password = ORM::factory("items_albumpassword")->where("album_id", "=", $model->id)->find();
+    if ($existing_password->loaded()) {
+      if ((cookie::get("g3_albumpassword") != $existing_password->password) &&
+          (identity::active_user()->id != $album_item->owner_id))
+        $deny_access = true;
+    }
+
+    // set access::DENY if necessary.
+    if ($deny_access == true) {
+      $view_restrictions = array();
+      if (!identity::active_user()->admin) {
+        foreach (identity::group_ids_for_active_user() as $id) {
+          $view_restrictions[] = array("items.view_$id", "=", access::DENY);
+        }
+      }
+    }
+    if (count($view_restrictions)) {
+      $model->and_open()->merge_or_where($view_restrictions)->close();
+    }
+
+    return $model;
+  }
+}
diff --git a/3.0/modules/albumpassword/helpers/albumpassword_event.php b/3.0/modules/albumpassword/helpers/albumpassword_event.php
new file mode 100644
index 00000000..dd83c4d9
--- /dev/null
+++ b/3.0/modules/albumpassword/helpers/albumpassword_event.php
@@ -0,0 +1,104 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2010 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+class albumpassword_event_Core {
+  static function site_menu($menu, $theme) {
+    // Add menu options for Adding / Removing / Using passwords to the menu.
+
+    // If this page doesn't belong to an item, don't display the menu.
+    if (!$theme->item()) {
+      return;
+    }
+    $item = $theme->item();
+
+    // If there isn't currently a password stored in the cookie, 
+    //   then display the enter password link.
+    if (cookie::get("g3_albumpassword") == "") {
+      $menu->append(Menu::factory("dialog")
+                      ->id("albumpassword_login")
+                      ->css_id("g-album-password-login")
+                      ->url(url::site("albumpassword/login"))
+                      ->label(t("Enter password")));
+    } else {
+      // If a password has been entered already
+      // display the log out link, and links to the protected albums
+      $menu->append(Menu::factory("submenu")
+                      ->id("albumpassword_protected")
+                      ->css_id("g-album-password-protected")
+                      ->label(t("Protected albums")));
+      $menu->get("albumpassword_protected")
+                      ->append(Menu::factory("link")
+                      ->id("albumpassword_logout")
+                      ->css_id("g-album-password-logout")
+                      ->url(url::site("albumpassword/logout"))
+                      ->label(t("Clear password")));
+      $existing_password = ORM::factory("items_albumpassword")
+                      ->where("password", "=", cookie::get("g3_albumpassword"))
+                      ->find_all();
+      if (count($existing_password) > 0) {
+        $counter = 0;
+        while ($counter < count($existing_password)) {
+          $item_album = ORM::factory("item")->where("id", "=", $existing_password[$counter]->album_id)->find();
+          $menu->get("albumpassword_protected")
+               ->append(Menu::factory("link")
+               ->id("albumpassword_album" . $counter)
+               ->label(html::purify($item_album->title))
+               ->css_id("g-album-password-album" . $counter)
+               ->url(url::abs_site("{$item_album->type}s/{$item_album->id}")));
+          $counter++;
+        }
+      }
+    }
+
+    // If this is an album without a password, display a link for assigning one.
+    // If this is an album with a password, display a link to remove it.
+    if ($item->is_album()) {
+      if ((access::can("view", $item)) && (access::can("edit", $item))) {
+        $existing_password = ORM::factory("items_albumpassword")
+                             ->where("album_id", "=", $item->id)
+                             ->find_all();
+        if (count($existing_password) > 0) {
+          $menu->get("options_menu")
+               ->append(Menu::factory("link")
+               ->id("albumpassword_remove")
+               ->label(t("Remove password"))
+               ->css_id("g-album-password-remove")
+               ->url(url::site("albumpassword/remove/" . $item->id)));
+        } else {
+          $menu->get("options_menu")
+               ->append(Menu::factory("dialog")
+               ->id("albumpassword_assign")
+               ->label(t("Assign password"))
+               ->css_id("g-album-password-assign")
+               ->url(url::site("albumpassword/assign/" . $item->id)));
+        }
+      }
+    }
+  }
+
+  static function item_deleted($item) {
+    // If an album is deleted, remove any associated passwords.
+    $existingPasswords = ORM::factory("items_albumpassword")
+                          ->where("album_id", "=", $item->id)
+                          ->find_all();
+    if (count($existingPasswords) > 0) {
+      db::build()->delete("items_albumpassword")->where("album_id", "=", $item->id)->execute();
+    }
+  }
+}
diff --git a/3.0/modules/albumpassword/helpers/albumpassword_installer.php b/3.0/modules/albumpassword/helpers/albumpassword_installer.php
new file mode 100644
index 00000000..e59faffb
--- /dev/null
+++ b/3.0/modules/albumpassword/helpers/albumpassword_installer.php
@@ -0,0 +1,42 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2010 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+class albumpassword_installer {
+  static function install() {
+    // Create a table to store passwords in.
+    $db = Database::instance();
+    $db->query("CREATE TABLE IF NOT EXISTS {items_albumpasswords} (
+               `id` int(9) NOT NULL auto_increment,
+               `album_id` int(9) NOT NULL,
+               `password` varchar(64) NOT NULL,
+               PRIMARY KEY (`id`))
+               DEFAULT CHARSET=utf8;");
+
+
+    // Set the module's version number.
+    module::set_version("albumpassword", 1);
+  }
+
+  static function uninstall() {
+    // Delete the password table before uninstalling.
+    $db = Database::instance();
+    $db->query("DROP TABLE IF EXISTS {items_albumpassword};");
+    module::delete("albumpassword");
+  }
+}
diff --git a/3.0/modules/albumpassword/models/items_albumpassword.php b/3.0/modules/albumpassword/models/items_albumpassword.php
new file mode 100644
index 00000000..bf0b7341
--- /dev/null
+++ b/3.0/modules/albumpassword/models/items_albumpassword.php
@@ -0,0 +1,21 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2010 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+class Items_Albumpassword_Model extends ORM {
+}
diff --git a/3.0/modules/albumpassword/module.info b/3.0/modules/albumpassword/module.info
new file mode 100644
index 00000000..6acdc1dd
--- /dev/null
+++ b/3.0/modules/albumpassword/module.info
@@ -0,0 +1,3 @@
+name = "Album Password"
+description = "Restrict access to individual albums."
+version = 1
diff --git a/3.0/modules/albumpassword/views/assignpassword.html.php b/3.0/modules/albumpassword/views/assignpassword.html.php
new file mode 100644
index 00000000..14cd2767
--- /dev/null
+++ b/3.0/modules/albumpassword/views/assignpassword.html.php
@@ -0,0 +1,24 @@
+<script type="text/javascript">
+  function ajaxify_login_reset_form() {
+    $("#g-login form").ajaxForm({
+      dataType: "json",
+      success: function(data) {
+        if (data.form) {
+          $("#g-login form").replaceWith(data.form);
+          ajaxify_login_reset_form();
+        }
+        if (data.result == "success") {
+          $("#g-dialog").dialog("close");
+          window.location.reload();
+        }
+      }
+    });
+  };
+</script>
+<div id="g-assign-password">
+  <ul>
+    <li id="g-assign-password-form">
+      <?= $form ?>
+    </li>
+  </ul>
+</div>
diff --git a/3.0/modules/albumpassword/views/loginpassword.html.php b/3.0/modules/albumpassword/views/loginpassword.html.php
new file mode 100644
index 00000000..9ebb47fd
--- /dev/null
+++ b/3.0/modules/albumpassword/views/loginpassword.html.php
@@ -0,0 +1,24 @@
+<script type="text/javascript">
+  function ajaxify_login_reset_form() {
+    $("#g-login form").ajaxForm({
+      dataType: "json",
+      success: function(data) {
+        if (data.form) {
+          $("#g-login form").replaceWith(data.form);
+          ajaxify_login_reset_form();
+        }
+        if (data.result == "success") {
+          $("#g-dialog").dialog("close");
+          window.location.reload();
+        }
+      }
+    });
+  };
+</script>
+<div id="g-login-password">
+  <ul>
+    <li id="g-login-password-form">
+      <?= $form ?>
+    </li>
+  </ul>
+</div>
diff --git a/3.1/modules/albumpassword/controllers/albumpassword.php b/3.1/modules/albumpassword/controllers/albumpassword.php
new file mode 100644
index 00000000..b014b749
--- /dev/null
+++ b/3.1/modules/albumpassword/controllers/albumpassword.php
@@ -0,0 +1,152 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2010 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+class albumpassword_Controller extends Controller {
+  public function assign($id) {
+    // Display prompt for assigning a new password.
+
+    // Make sure user has view/edit access for this item.
+    $item = ORM::factory("item", $id);
+    access::required("view", $item);
+    access::required("edit", $item);
+
+    // Create the page.
+    $view = new View("assignpassword.html");
+    $view->form = $this->_get_password_form($id);
+    print $view;
+  }
+  
+  public function login() {
+    // Display prompt to allow visitors to use their passwords.
+
+    // Create the page.
+    $view = new View("loginpassword.html");
+    $view->form = $this->_get_login_form();
+    print $view;
+  }
+
+  public function remove($id) {
+    // Remove a password from an album
+
+    // Make sure user has view/edit privileges for this item
+    $item = ORM::factory("item", $id);
+    access::required("view", $item);
+    access::required("edit", $item);
+
+    // Check for and delete the password.
+    $existing_password = ORM::factory("items_albumpassword")->where("album_id", "=", $id)->find();
+    if ($existing_password->loaded()) {
+      db::build()->delete("items_albumpasswords")->where("album_id", "=", $id)->execute();
+      message::success(t("Password Removed."));
+    }
+
+    // Redirect the user back to the album.
+    url::redirect(url::abs_site("albums/" . $id));
+  }
+  
+  public function savepassword() {
+    // Save a newly assigned password.
+
+    // Prevent Cross Site Request Forgery
+    access::verify_csrf();
+
+    // Convert submitted data to local variables.
+    $album_id = Input::instance()->post("item_id");
+    $album_password = Input::instance()->post("assignpassword_password");
+
+    // Check for, and remove, any existing passwords.
+    $existing_password = ORM::factory("items_albumpassword")->where("album_id", "=", $album_id)->find();
+    if ($existing_password->loaded()) {
+      db::build()->delete("items_albumpasswords")->where("album_id", "=", $album_id)->execute();
+    }
+
+    // Save the new password.
+    $new_password = ORM::factory("items_albumpassword");
+    $new_password->album_id = $album_id;
+    $new_password->password = $album_password;
+    $new_password->save();
+
+    // Display a success message and close the dialog.
+    message::success(t("Password saved."));
+    json::reply(array("result" => "success"));
+  }
+
+  public function logout() {
+    // Delete a stored password cookie.
+    cookie::delete("g3_albumpassword");
+    url::redirect(url::abs_site("albums/1"));
+  }
+  
+  public function checkpassword() {
+    // Check that a password is valid, then store in a browser cookie.
+
+    // Prevent Cross Site Request Forgery
+    access::verify_csrf();
+
+    // Convert submitted data to local variables.
+    $album_password = Input::instance()->post("albumpassword_password");
+
+    // See if the submitted password matches any in the database.
+    $existing_password = ORM::factory("items_albumpassword")
+                              ->where("password", "=", $album_password)
+                              ->find_all();
+
+    if (count($existing_password) > 0) {
+      // If the password if valid, then store it, and display a success message.
+      // If not, close the dialog and display a rejected message.
+      cookie::set("g3_albumpassword", $album_password);
+      message::success(t("Password Accepted."));
+      json::reply(array("result" => "success"));
+    } else {
+      message::error(t("Password Rejected."));
+      json::reply(array("result" => "success"));
+    }
+  }
+
+  private function _get_password_form($id) {
+    // Generate a form for assigning a new password.
+    $form = new Forge("albumpassword/savepassword", "", "post",
+                      array("id" => "g-assign-password-form"));
+    $assignpassword_group = $form->group("Enter Password")
+                                 ->label(t("Enter Password:"));
+    $assignpassword_group->hidden("item_id")->value($id);
+    $assignpassword_group->input("assignpassword_password")
+                         ->id('assignpassword_password')
+                         ->label(t("Password:"));
+    $form->submit("save_password")->value(t("Save"));
+
+    // Return the newly generated form.
+    return $form;
+  }
+  
+  private function _get_login_form($id) {
+    // Generate a form for allowing visitors to enter in their passwords.
+    $form = new Forge("albumpassword/checkpassword", "", "post",
+                      array("id" => "g-login-password-form"));
+    $assignpassword_group = $form->group("Enter Password")
+                                 ->label(t("Enter Password:"));
+    $assignpassword_group->input("albumpassword_password")
+                         ->id('albumpassword_password')
+                         ->label(t("Password:"));
+    $form->submit("login_password")->value(t("Login"));
+
+    // Return the newly generated form.
+    return $form;
+  }
+}
diff --git a/3.1/modules/albumpassword/helpers/MY_item.php b/3.1/modules/albumpassword/helpers/MY_item.php
new file mode 100644
index 00000000..3e09a64d
--- /dev/null
+++ b/3.1/modules/albumpassword/helpers/MY_item.php
@@ -0,0 +1,53 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2010 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+
+class item extends item_Core {
+  static function viewable($model) {
+    // Hide the contents of a password protected album,
+    // Unless the current user is an admin, or the albums owner.
+
+    $model = item_Core::viewable($model);
+    $album_item = ORM::factory("item")->where("id", "=", $model->id)->find();
+
+    // Figure out if the user can access this album.
+    $deny_access = false;
+    $existing_password = ORM::factory("items_albumpassword")->where("album_id", "=", $model->id)->find();
+    if ($existing_password->loaded()) {
+      if ((cookie::get("g3_albumpassword") != $existing_password->password) &&
+          (identity::active_user()->id != $album_item->owner_id))
+        $deny_access = true;
+    }
+
+    // set access::DENY if necessary.
+    if ($deny_access == true) {
+      $view_restrictions = array();
+      if (!identity::active_user()->admin) {
+        foreach (identity::group_ids_for_active_user() as $id) {
+          $view_restrictions[] = array("items.view_$id", "=", access::DENY);
+        }
+      }
+    }
+    if (count($view_restrictions)) {
+      $model->and_open()->merge_or_where($view_restrictions)->close();
+    }
+
+    return $model;
+  }
+}
diff --git a/3.1/modules/albumpassword/helpers/albumpassword_event.php b/3.1/modules/albumpassword/helpers/albumpassword_event.php
new file mode 100644
index 00000000..dd83c4d9
--- /dev/null
+++ b/3.1/modules/albumpassword/helpers/albumpassword_event.php
@@ -0,0 +1,104 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2010 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+class albumpassword_event_Core {
+  static function site_menu($menu, $theme) {
+    // Add menu options for Adding / Removing / Using passwords to the menu.
+
+    // If this page doesn't belong to an item, don't display the menu.
+    if (!$theme->item()) {
+      return;
+    }
+    $item = $theme->item();
+
+    // If there isn't currently a password stored in the cookie, 
+    //   then display the enter password link.
+    if (cookie::get("g3_albumpassword") == "") {
+      $menu->append(Menu::factory("dialog")
+                      ->id("albumpassword_login")
+                      ->css_id("g-album-password-login")
+                      ->url(url::site("albumpassword/login"))
+                      ->label(t("Enter password")));
+    } else {
+      // If a password has been entered already
+      // display the log out link, and links to the protected albums
+      $menu->append(Menu::factory("submenu")
+                      ->id("albumpassword_protected")
+                      ->css_id("g-album-password-protected")
+                      ->label(t("Protected albums")));
+      $menu->get("albumpassword_protected")
+                      ->append(Menu::factory("link")
+                      ->id("albumpassword_logout")
+                      ->css_id("g-album-password-logout")
+                      ->url(url::site("albumpassword/logout"))
+                      ->label(t("Clear password")));
+      $existing_password = ORM::factory("items_albumpassword")
+                      ->where("password", "=", cookie::get("g3_albumpassword"))
+                      ->find_all();
+      if (count($existing_password) > 0) {
+        $counter = 0;
+        while ($counter < count($existing_password)) {
+          $item_album = ORM::factory("item")->where("id", "=", $existing_password[$counter]->album_id)->find();
+          $menu->get("albumpassword_protected")
+               ->append(Menu::factory("link")
+               ->id("albumpassword_album" . $counter)
+               ->label(html::purify($item_album->title))
+               ->css_id("g-album-password-album" . $counter)
+               ->url(url::abs_site("{$item_album->type}s/{$item_album->id}")));
+          $counter++;
+        }
+      }
+    }
+
+    // If this is an album without a password, display a link for assigning one.
+    // If this is an album with a password, display a link to remove it.
+    if ($item->is_album()) {
+      if ((access::can("view", $item)) && (access::can("edit", $item))) {
+        $existing_password = ORM::factory("items_albumpassword")
+                             ->where("album_id", "=", $item->id)
+                             ->find_all();
+        if (count($existing_password) > 0) {
+          $menu->get("options_menu")
+               ->append(Menu::factory("link")
+               ->id("albumpassword_remove")
+               ->label(t("Remove password"))
+               ->css_id("g-album-password-remove")
+               ->url(url::site("albumpassword/remove/" . $item->id)));
+        } else {
+          $menu->get("options_menu")
+               ->append(Menu::factory("dialog")
+               ->id("albumpassword_assign")
+               ->label(t("Assign password"))
+               ->css_id("g-album-password-assign")
+               ->url(url::site("albumpassword/assign/" . $item->id)));
+        }
+      }
+    }
+  }
+
+  static function item_deleted($item) {
+    // If an album is deleted, remove any associated passwords.
+    $existingPasswords = ORM::factory("items_albumpassword")
+                          ->where("album_id", "=", $item->id)
+                          ->find_all();
+    if (count($existingPasswords) > 0) {
+      db::build()->delete("items_albumpassword")->where("album_id", "=", $item->id)->execute();
+    }
+  }
+}
diff --git a/3.1/modules/albumpassword/helpers/albumpassword_installer.php b/3.1/modules/albumpassword/helpers/albumpassword_installer.php
new file mode 100644
index 00000000..e59faffb
--- /dev/null
+++ b/3.1/modules/albumpassword/helpers/albumpassword_installer.php
@@ -0,0 +1,42 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2010 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+class albumpassword_installer {
+  static function install() {
+    // Create a table to store passwords in.
+    $db = Database::instance();
+    $db->query("CREATE TABLE IF NOT EXISTS {items_albumpasswords} (
+               `id` int(9) NOT NULL auto_increment,
+               `album_id` int(9) NOT NULL,
+               `password` varchar(64) NOT NULL,
+               PRIMARY KEY (`id`))
+               DEFAULT CHARSET=utf8;");
+
+
+    // Set the module's version number.
+    module::set_version("albumpassword", 1);
+  }
+
+  static function uninstall() {
+    // Delete the password table before uninstalling.
+    $db = Database::instance();
+    $db->query("DROP TABLE IF EXISTS {items_albumpassword};");
+    module::delete("albumpassword");
+  }
+}
diff --git a/3.1/modules/albumpassword/models/items_albumpassword.php b/3.1/modules/albumpassword/models/items_albumpassword.php
new file mode 100644
index 00000000..bf0b7341
--- /dev/null
+++ b/3.1/modules/albumpassword/models/items_albumpassword.php
@@ -0,0 +1,21 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2010 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+class Items_Albumpassword_Model extends ORM {
+}
diff --git a/3.1/modules/albumpassword/module.info b/3.1/modules/albumpassword/module.info
new file mode 100644
index 00000000..6acdc1dd
--- /dev/null
+++ b/3.1/modules/albumpassword/module.info
@@ -0,0 +1,3 @@
+name = "Album Password"
+description = "Restrict access to individual albums."
+version = 1
diff --git a/3.1/modules/albumpassword/views/assignpassword.html.php b/3.1/modules/albumpassword/views/assignpassword.html.php
new file mode 100644
index 00000000..14cd2767
--- /dev/null
+++ b/3.1/modules/albumpassword/views/assignpassword.html.php
@@ -0,0 +1,24 @@
+<script type="text/javascript">
+  function ajaxify_login_reset_form() {
+    $("#g-login form").ajaxForm({
+      dataType: "json",
+      success: function(data) {
+        if (data.form) {
+          $("#g-login form").replaceWith(data.form);
+          ajaxify_login_reset_form();
+        }
+        if (data.result == "success") {
+          $("#g-dialog").dialog("close");
+          window.location.reload();
+        }
+      }
+    });
+  };
+</script>
+<div id="g-assign-password">
+  <ul>
+    <li id="g-assign-password-form">
+      <?= $form ?>
+    </li>
+  </ul>
+</div>
diff --git a/3.1/modules/albumpassword/views/loginpassword.html.php b/3.1/modules/albumpassword/views/loginpassword.html.php
new file mode 100644
index 00000000..9ebb47fd
--- /dev/null
+++ b/3.1/modules/albumpassword/views/loginpassword.html.php
@@ -0,0 +1,24 @@
+<script type="text/javascript">
+  function ajaxify_login_reset_form() {
+    $("#g-login form").ajaxForm({
+      dataType: "json",
+      success: function(data) {
+        if (data.form) {
+          $("#g-login form").replaceWith(data.form);
+          ajaxify_login_reset_form();
+        }
+        if (data.result == "success") {
+          $("#g-dialog").dialog("close");
+          window.location.reload();
+        }
+      }
+    });
+  };
+</script>
+<div id="g-login-password">
+  <ul>
+    <li id="g-login-password-form">
+      <?= $form ?>
+    </li>
+  </ul>
+</div>