form = $this->_get_password_form($id); print $view; } public function login() { // Display prompt to allow visitors to use their passwords. // Create the page. $view = new View("loginpassword.html"); $view->form = $this->_get_login_form(); print $view; } public function remove($id) { // Remove a password from an album // Make sure user has view/edit privileges for this item $item = ORM::factory("item", $id); access::required("view", $item); access::required("edit", $item); // Check for and delete the password. $existing_password = ORM::factory("items_albumpassword")->where("album_id", "=", $id)->find(); if ($existing_password->loaded()) { db::build()->delete("items_albumpasswords")->where("album_id", "=", $id)->execute(); message::success(t("Password Removed.")); } // Redirect the user back to the album. url::redirect(url::abs_site("albums/" . $id)); } public function savepassword() { // Save a newly assigned password. // Prevent Cross Site Request Forgery access::verify_csrf(); // Convert submitted data to local variables. $album_id = Input::instance()->post("item_id"); $album_password = Input::instance()->post("assignpassword_password"); // Check for, and remove, any existing passwords. $existing_password = ORM::factory("items_albumpassword")->where("album_id", "=", $album_id)->find(); if ($existing_password->loaded()) { db::build()->delete("items_albumpasswords")->where("album_id", "=", $album_id)->execute(); } // Save the new password. $new_password = ORM::factory("items_albumpassword"); $new_password->album_id = $album_id; $new_password->password = $album_password; $new_password->save(); // Display a success message and close the dialog. message::success(t("Password saved.")); print "\n\n\n\n\n"; } public function logout() { // Delete a stored password cookie. cookie::delete("g3_albumpassword"); url::redirect(url::abs_site("albums/1")); } public function checkpassword() { // Check that a password is valid, then store in a browser cookie. // Prevent Cross Site Request Forgery access::verify_csrf(); // Convert submitted data to local variables. $album_password = Input::instance()->post("albumpassword_password"); // See if the submitted password matches any in the database. $existing_password = ORM::factory("items_albumpassword") ->where("password", "=", $album_password) ->find_all(); if (count($existing_password) > 0) { // If the password if valid, then store it, and display a success message. // If not, close the dialog and display a rejected message. cookie::set("g3_albumpassword", $album_password); message::success(t("Password Accepted.")); print "\n\n\n\n\n"; } else { message::error(t("Password Rejected.")); print "\n\n\n\n\n"; } } private function _get_password_form($id) { // Generate a form for assigning a new password. $form = new Forge("albumpassword/savepassword", "", "post", array("id" => "g-assign-password-form")); $assignpassword_group = $form->group("Enter Password") ->label(t("Enter Password:")); $assignpassword_group->hidden("item_id")->value($id); $assignpassword_group->input("assignpassword_password") ->id('assignpassword_password') ->label(t("Password:")); $assignpassword_group->submit("save_password")->value(t("Save")); // Return the newly generated form. return $form; } private function _get_login_form($id) { // Generate a form for allowing visitors to enter in their passwords. $form = new Forge("albumpassword/checkpassword", "", "post", array("id" => "g-login-password-form")); $assignpassword_group = $form->group("Enter Password") ->label(t("Enter Password:")); $assignpassword_group->password("albumpassword_password") ->id('albumpassword_password') ->label(t("Password:")); $assignpassword_group->submit("")->value(t("Login")); // Return the newly generated form. return $form; } }