Not signed in (Sign In)

Vanilla 1.1.10 is a product of Lussumo. More Information: Documentation, Community Support.

    • CommentAuthorbauerman
    • CommentTimeSep 8th 2007
     
    hi,
    I manged to implement password protection per album.
    You just have to make some minor changes to the code!
    (I think everybody, even without PHP-knowledge will manage it)
    Thankful People: Huroman
    • CommentAuthorbauerman
    • CommentTimeSep 8th 2007
     
    step 1)
    add column "pass" to table albums
    step 2)
    create file auth.php in the themes folder (i.e plogger/themes/lucid) with the following content:
    <?php
    function authenticate()
    {
    Header("WWW-Authenticate: Basic realm=\"Test Authentication System\"");
    Header("HTTP/1.0 401 Unauthorized");
    echo "You must enter a valid login ID and password to access this resource\n";
    exit;
    }
    if ($_GET["level"]=="album" || $_GET["level"]=="picture"){
    if (!isset($_SERVER['PHP_AUTH_USER'])) {
    authenticate();
    } else {
    switch ($_GET["level"]){
    case "album":
    $sql="select pass from plogger_albums where id=".$_GET["id"];
    break;
    case "picture":
    $sql="select pass from plogger_albums a,plogger_pictures p where p.id=".$_GET["id"]." and p.parent_album=a.id";
    break;
    }

    connect_db();
    $sql_result=run_query($sql);
    $ret=mysql_fetch_assoc($sql_result);
    $pass=$ret["pass"];
    /*foreach ($ret as $i => $v) {
    echo "x$i=$v x";
    }*/
    if ($_SERVER['PHP_AUTH_PW']!=$pass){
    authenticate();
    }
    }
    }
    ?>
    step 3)
    include auth.php to album.php in themes folder:
    add "include("auth.php");" at the beginning of album.php
    album.php:
    <?php
    include("auth.php"); //ADDED THIS LINE
    plogger_get_header();
    print '<div id="thumbnail_container">';
    ....
    step 4)
    do the same as in step 3 to picture.php
    picture.php:
    <?php
    include("auth.php"); //ADDED THIS LINE
    plogger_get_header();
    if (plogger_has_pictures()) {
    step 5)
    to disable download button of a password protected album:
    -edit plog-functions.php in plogger folder
    -go to "function plogger_download_checkbox"
    looks like this now:
    function plogger_download_checkbox($id, $label = '') {
    global $config;
    if ($config["allow_dl"]){
    connect_db();
    $sql_result=run_query("select pass from plogger_albums where id=".$id);
    $ret=mysql_fetch_assoc($sql_result);
    if (empty($ret["pass"]) || $_SERVER['PHP_AUTH_PW']==$ret["pass"]){
    return '<input type="checkbox" name="checked[]" value="'.$id.'" /> '. $label;
    }
    else{
    return '(password protected)<br>';
    }
    }
    else
    return '';
    }

    THATS IT!
    • CommentAuthorbauerman
    • CommentTimeSep 8th 2007
     
    How to use it:
    every album you want to protect with a pass has to have some value in column "pass" of table "plogger_albums"

    i do not care about username, you can enter what you want in the user-field of the password dialog.
    (wouldnt be a challenge to add username functionality)

    it also should be possible to implement the password protection on a global basis (independend of the theme). But I am happy that i managed to implement the functionality i need and do not want to invest more time for this at the moment.
    • CommentAuthorbauerman
    • CommentTimeSep 8th 2007
     
    ITS NOT WORKING PROPERLY AT THE MOMENT
    PLEASE STAND BY...
    I WILL HAVE TO MAKE SOME CHANGES!
    • CommentAuthorjammindice
    • CommentTimeSep 8th 2007 edited
     
    i think you would be better off to create a whole plogger_user table with user/pass and id, then create another table plogger_permissions and have entries for user_id and album_id and allow_deny

    then just hit the user/pass db when they login if the user/pass is good then hit the permissions table to see if they are allowed in that album.

    then add a tab in the admin for users and write some stuff that would manage the users/passwords and which albums they are allowed to login to.

    this would allow other functionality, like to add extra users to the admin, or other possibilities, and would scale much better than the way you have currently written it.

    but i'm in no way discounting what you've done progress is progress and i'm sure others would like to use what you have.
    • CommentAuthorbauerman
    • CommentTimeSep 8th 2007
     
    of course there are a lot of possibilities to implement album protection.
    i have tried to implement it as easy as possible
    I want to say sorry for my submission of buggy code!!
    (the old code would lock collections even if there are no protected albums in it!)
    sorry!!!
    following the correct code which i tested already
    • CommentAuthorbauerman
    • CommentTimeSep 8th 2007
     
    THE CORRECT SETUP FOR ALBUM PW PROTECTION
    (does not care about usernames, you can leave them blank)

    step 1)
    add column "pass" to table albums

    step 2)
    create file auth.php in the themes folder (i.e plogger/themes/lucid) with the following content:
    <?php
    function authenticate()
    {
    Header("WWW-Authenticate: Basic realm=\"restricted area\"");
    Header("HTTP/1.0 401 Unauthorized");
    echo "You must enter a valid login ID and password to access this resource\n";
    exit;
    }
    if ($_GET["level"]=="album" || $_GET["level"]=="picture"){
    switch ($_GET["level"]){
    case "album":
    $sql="select pass from plogger_albums where id=".$_GET["id"];
    break;
    case "picture":
    $sql="select pass from plogger_albums a,plogger_pictures p where p.id=".$_GET["id"]." and p.parent_album=a.id";
    break;
    }
    connect_db();
    $sql_result=run_query($sql);
    $ret=mysql_fetch_assoc($sql_result);
    $pass=$ret["pass"];
    if ($pass!=""){
    if ($_SERVER['PHP_AUTH_PW']!=$pass) {
    authenticate();
    }
    }
    }
    ?>

    step 3)
    include auth.php to album.php in themes folder:
    add "include("auth.php");" at the beginning of album.php
    album.php:
    <?php
    include("auth.php"); //ADDED THIS LINE
    plogger_get_header();
    print '<div id="thumbnail_container">';
    ....

    step 4)
    do the same as in step 3 to picture.php
    picture.php:
    <?php
    include("auth.php"); //ADDED THIS LINE
    plogger_get_header();
    if (plogger_has_pictures()) {
    ...

    step 5)
    step 5)
    to disable download button of a password protected album:
    -edit plog-functions.php in plogger folder
    -go to "function plogger_download_checkbox"
    looks like this now:
    function plogger_download_checkbox($id, $label = '') {
    global $config;
    if ($config["allow_dl"]){
    connect_db();
    //if on page collections, have to look if albums are protected
    if ($_GET["level"]==""){
    $msg="";
    $sql_result=run_query("select count(*) c from plogger_albums where pass is not null and parent_id=".$id);
    $ret=mysql_fetch_assoc($sql_result);
    if ($ret["c"] > 0){
    $ret["pass"]="asdfqeeradfpoiejf";
    }
    else {
    $ret["pass"]="";
    }
    }
    else
    {
    $msg="(password protected)";
    $sql_result=run_query("select pass from plogger_albums where id=".$id);
    $ret=mysql_fetch_assoc($sql_result);
    }
    if (empty($ret["pass"]) || $_SERVER['PHP_AUTH_PW']==$ret["pass"]){
    return '<input type="checkbox" name="checked[]" value="'.$id.'" /> '. $label ;
    }
    else{
    return "$msg<br>";
    }
    }
    else
    return '';
    }
    • CommentAuthorGremi0
    • CommentTimeOct 1st 2007
     
    this must only work with plogger 3 i suppose?
  1.  
    I don't understand.. Where is this "step 1)
    add column "pass" to table albums"...?
    Thankful People: ssk
    • CommentAuthorPlebbi
    • CommentTimeApr 5th 2008
     
    Yeah it isnt hard to put User in i mean what i did was change few things in auth.php. Add a column called user to the "album table"

    // Change
    case "album":
    $sql="select pass from plogger_albums where id=".$_GET["id"];
    break;
    case "picture":
    $sql="select pass from plogger_albums a,plogger_pictures p where p.id=".$_GET["id"]." and p.parent_album=a.id";

    to

    case "album":
    $sql="select user, pass from plogger_albums where id=".$_GET["id"];
    break;
    case "picture":
    $sql="select user, pass from plogger_albums a,plogger_pictures p where p.id=".$_GET["id"]." and p.parent_album=a.id";

    // Change

    $pass=$ret["pass"];
    if ($pass!=""){
    if ($_SERVER['PHP_AUTH_PW']!=$pass) {

    to

    $user=$ret["user"];
    $pass=$ret["pass"];
    if ($user!="" && $pass!=""){
    if ($_SERVER['PHP_AUTH_USER']!=$user || $_SERVER['PHP_AUTH_PW']!=$pass) {

    Woalla, you got yourself a USER and PASS field to the album, put value in both :P.

    Hope this helps
    •  
      CommentAuthorkent
    • CommentTimeApr 5th 2008 edited
     
    Good work .. all of you

    Special cheers to bauerman for starting this

    I got a vision of , when you browse collections and a password protected album appears, it shows a N/A image or something..

    maybe plogger_get_collection_thumb() ? any ideas ?
    • CommentAuthorWim
    • CommentTimeApr 25th 2008
     
    What do you mean by "add column "pass" to table albums"?
    Where can I find this?
    How do I have to do this?
    Thankful People: ssk
    • CommentAuthorrobmatt78
    • CommentTimeApr 30th 2008
     
    Hi all,

    thanks for this thread ... I did all of the above but keep getting this error:

    Warning: Cannot modify header information - headers already sent by (output started at ..... index.php:27)..

    as I am a php novice, any help would be greatly appreciated.

    thanks,
    Rob
  2.  
    I am getting the same error as Rob above. Anyone succeeded on implementing this? I am using the latest version (Beta 3.0)...
  3.  
    Keep in mind that when you use the Header Authentication method, it will not work with PHP running in CGI mode, which you will find on a lot of shared hosting services. You actually need to set up a form to get the user and password.

    I use an authentication system to view the entire gallery. In that case I have users and passwords from a membership database. It sounds like you want to have group passwords. You really then need a database table structure with a table for group names and passwords, and a table for group names and albums.

    Also, you cannot modify header information if you have already output something. So, you need to do your Header Authentication before anything is output.
    • CommentAuthormacmadman
    • CommentTimeJul 19th 2009 edited
     
    Hey I am getting the same error... mvpetrovich can you elaborate on how to do all of this? I am new to PHP and I dont understand. Can you please make a step-by-step?

    Thanks
    Thankful People: ssk
    • CommentAuthorssk
    • CommentTimeNov 25th 2009
     
    I can do every step besides 1), maybe it's just late and I should go to bed. I'm a totally new to php, just trying to learn. Any further direction on where exactly I "add column "pass" to table albums"?

    Please, before my head explodes.
    • CommentAuthormpwj2
    • CommentTimeDec 7th 2009
     
    I have tried to make my own password protect code but I keep getting this error below. can anyone help?

    If no password is entered it works and you get the message "please go back and enter a password" as expected. But if you type anything into te password box you get this:

    Notice: Undefined variable: current_picture in public_html/plog/plog-includes/plog-functions.php on line 2556

    Fatal error: Cannot redeclare plogger_stats_count_total_collections() (previously declared in /home/moulton/public_html/plog/plog-content/themes/lucid/theme_functions.php:5) in /public_html/plog/plog-content/themes/lucid/theme_functions.php on line 4

    I have edited collection.php collections.php and album.php. The coce for these is below:

    for collection and collections I added this bit.

    <!-- Now do the password auth bit -->

    <form action="<?php echo plogger_get_album_url(); ?>" method="post">
    <P class="style1">Password: <input type="text" name="Passw" size="20"> <INPUT TYPE=submit NAME=Submit VALUE="Send"></P> &nbsp;

    </form>
    <!-- end of password -->




    For album.php I recreated it as this:



    <?php $con = mysql_connect("localhost","username","password");
    if (!$con)
    {
    die('Could not connect: ' . mysql_error());
    }
    mysql_select_db("user_plog", $con);

    //grab the user entered password

    $pass = $_POST['Passw'];
    if (strlen($pass) <1) {
    echo( "Please go back and enter a password" ); exit;
    }

    plogger_get_header();
    $img_id = "thumb-".plogger_get_picture_id();

    //checks to see if the password matches the one on file
    $checkpass = mysql_query("SELECT pass FROM plogger_albums WHERE id = $img_id");
    //while($row = mysql_fetch_array($checkpass))
    // {
    // $result=($row['pass']);
    // echo "<br />";

    // }
    //end of checking


    if ($pass==$checkpass)
    {

    plogger_get_header(); ?>

    <div id="thumbnail-container">
    <?php if (plogger_has_pictures()) : ?>
    <div id="overlay">&nbsp;</div>
    <ul class="slides">
    <?php while(plogger_has_pictures()) : plogger_load_picture();
    // Find thumbnail width/height
    $thumb_info = plogger_get_thumbnail_info();
    $thumb_width = $thumb_info['width']; // The width of the image. It is integer data type.
    $thumb_height = $thumb_info['height']; // The height of the image. It is an integer data type.
    $li_width = $thumb_width + 10; // Account for padding/border width
    // Generate XHTML with thumbnail and link to picture view.
    $img_id = "thumb-".plogger_get_picture_id();
    $imgtag = '<img id="'.$img_id.'" onmouseout="document.getElementById(\'overlay\').style.visibility = \'hidden\';" onmouseover="display_overlay(\''.$img_id.'\', \''.plogger_picture_comment_count().'\')" class="photos" src="'.plogger_get_picture_thumb().'" width="'.$thumb_width.'" height="'.$thumb_height.'" title="'.plogger_get_picture_caption('clean').'" alt="'.plogger_get_picture_caption('clean').'" />';
    ?>
    <li class="thumbnail" style="width: <?php echo $li_width; ?>px;">
    <a href="<?php echo plogger_get_picture_url(); ?>"><?php echo $imgtag; ?></a>
    <?php echo plogger_download_checkbox(plogger_get_picture_id()); ?>
    <div class="tag"><?php echo plogger_get_picture_caption(); ?></div>
    </li><!-- /thumbnail -->
    <?php endwhile; ?>
    </ul><!-- /slides -->
    <?php else : ?>
    <div id="no-pictures-msg">
    <h2><?php echo plog_tr('No Images') ?></h2>
    <p><?php echo plog_tr('Sorry, but there are no images in this album yet.') ?></p>
    </div><!-- /no-pictures-msg -->
    <?php endif; ?>
    </div><!-- /thumbnail-container -->

    <?php plogger_get_footer();



    }

    else
    {


    plogger_get_header(); ?>

    <div id="thumbnail-container">
    <?php if (plogger_has_albums()) : ?>
    <div id="collections">
    <?php while(plogger_has_albums()) : plogger_load_album();
    // Find thumbnail width/height
    $thumb_info = plogger_get_thumbnail_info();
    $thumb_width = $thumb_info['width']; // The width of the image. It is integer data type.
    $thumb_height = $thumb_info['height']; // The height of the image. It is an integer data type.
    ?>
    <div class="collection">
    <a href="<?php echo plogger_get_album_url(); ?>"><img class="photos" src="<?php echo plogger_get_album_thumb(); ?>" width="<?php echo $thumb_width; ?>" height="<?php echo $thumb_height; ?>" title="<?php echo plogger_get_album_description(); ?>" alt="<?php echo plogger_get_album_description(); ?>" /></a>
    <h2><a href="<?php echo plogger_get_album_url(); ?>"><?php echo plogger_get_album_name(); ?></a></h2>
    <?php echo plogger_download_checkbox(plogger_get_album_id()); ?>

    <span class="meta-header"><?php echo plog_tr('Contains'); ?> <?php echo plogger_album_picture_count() . ' '; echo (plogger_album_picture_count() == 1) ? plog_tr('Image') : plog_tr('Images'); ?></span>
    <p class="description"><?php echo plogger_get_album_description(); ?></p>
    <!-- Now do the password auth bit -->

    <form action="<?php echo plogger_get_album_url(); ?>" method="post">
    <P class="style1">Password: <input type="text" name="Passw" size="20"> <INPUT TYPE=submit NAME=Submit VALUE="Send">
    Password incorrect. Please try again</P> &nbsp;

    </form>
    <!-- end of password -->

    </div><!-- /collection -->
    <?php endwhile; ?>
    </div><!-- /collections -->
    <?php else : ?>
    <div id="no-pictures-msg">
    <h2><?php echo plog_tr('No Albums') ?></h2>
    <p><?php echo plog_tr('Sorry, but there are no images or albums in this collection yet.') ?></p>
    </div><!-- /no-pictures-msg -->
    <?php endif; ?>
    </div><!-- /thumbnail-container -->
    <?php plogger_get_footer();

    }
    ?>
    • CommentAuthordzmoore
    • CommentTimeDec 27th 2009
     
    Hello,
    I had a need for password-protecting albums as well. Below, I have attempted to relay my method of accomplishing this.

    Step 1: Within the plogger database, I added the following:

    create table plogger_user_groups (
    groupname varchar(50) primary key,
    password varchar(50)
    );
    alter table plogger_albums add groupname varchar(50) default 'default_group';
    insert into plogger_user_groups (groupname) values ('default_group');
    alter table plogger_albums add foreign key (groupname) references plogger_user_groups(groupname);

    First I created a new table to hold the "password group" name to password mapping. Next, I alter the plogger_album table to include a new column which will map each album to a single password group. After that I add a default group name named "default_group". Finally, I restructure the plogger_albums table to reference plogger_user_groups 's groupname column.

    Step 2: Create a password dialog. Below is "plog-auth.php" which I placed in the root plogger directory (mine is titled 'plogger').

    <?php
    /*
    This file is part of an addition
    to plogger made by Dylan Moore.
    © 2009 by Dylan Moore
    */
    session_start();
    $_SESSION['referer'] =
    isset($_SERVER['HTTP_REFERER'])
    ? $_SERVER['HTTP_REFERER'] : '';
    ?>
    <html>
    <head>
    <title>Please login.</title>
    <style type="text/css">
    table
    {
    background-color:cornflowerblue; //login box color
    }
    body {background-color:white} //background color
    </style>
    </head>
    <?php
    if (isset($_GET['msg']) && $_GET['msg'] == "noauth") {
    echo "Problem with username/password";
    }
    ?>
    <table width="50%" border="0">
    <form name="form1" method="post" action="plog-auth-continue.php">
    <tr><td colspan="3" align="center">
    <?php
    if( isset($_GET['group']) ) {
    echo "Password required for content marked as: "
    . '<b>' . $_GET['group'] . '<br>';
    }
    ?>
    </td></tr>

    <tr>
    <td align="right">Password</td><td align="center">:</td>
    <td><input name="passw" type="password" id="passw"></td>
    </tr>

    <tr>
    <td colspan="3" align="center"><input type="submit" name="Submit" value="Login"></td>
    </tr>

    </form>
    </table>
    </html>


    This file is the front-end for grabbing a password from a user. It will be called from a function within plogger.php (I reference this later). First this file saves a "referer address". So if I am, for example, going from page_A to a password-protected page_B, the referer address will be the address for page_A and it will be stored in the session variable 'referer' ($_SESSION['referer']). The other php bits simply reference the $_GET variables 'msg' and 'group'. The 'msg' variable is simply a variable I have used in other scripts for more complicated things, but I have used in this script to test for an incorrect password. In other words, if a user tries to login previously, but the password is not the same as the group password, this dialog will be called with the 'msg' variable set to "noauth". The 'group' variable simply stores the groupname for the convenience of the user. For example, a user might have several passwords (for several album group types), and need to know which password to enter (i.e. group "easy" has the password "aaa", but group "hard" has the password "3.14pi"; the dialog should therefore tell the user whether the album is of type "easy" or "hard" so that s/he may type the relevant password).

    Step 3. Add the password dialog helper file "plog-auth-continue.php" (copied below):

    <?php
    session_start();
    $formpassw = $_POST['passw'];

    // protects against MySQL injection
    // and md5 's the password
    $formpassw = stripslashes($formpassw);
    $formpassw = mysql_real_escape_string($formpassw);
    $formpassw = md5($formpassw);
    //------------------------------------------------
    $_SESSION['password'] = $formpassw;
    if( isset($_SESSION['referer']) ) {
    header("location:".$_SESSION['referer']);
    }
    else {
    header("location:index.php");
    }
    ?>

    This script does some simple input sanitisation and hashes the password into the session variable 'password'. This session variable will be checked later by plogger.php within a new function.

    Step 4. Add the authorisation function within the "plogger.php" file. I arbitrarily added my function between the_plogger_head and the_plogger_gallery. Here is the function's code:

    function auth_album() {
    if( $GLOBALS['plogger_level'] == 'picture' ||
    $GLOBALS['plogger_level'] == 'album' ) {
    $sql = 'select * from '
    . 'plogger_user_groups u, plogger_albums a where '
    . 'a.id=' . $GLOBALS['plogger_id']
    . ' and u.groupname = a.groupname';
    connect_db();
    $sql_result = run_query( $sql );
    $ret = mysql_fetch_assoc($sql_result);
    $password = $ret['password'];
    if( isset( $password )){
    $groupname_ending
    = 'group=' . $ret['groupname'];
    //echo "db pw == " . $ret['password'] . '<br/>';
    //echo "dialog pw == " . $_SESSION['password'];
    // if there is a password for this album
    // but no password has been set by the user,
    // go to password dialog
    if( !isset($_SESSION['password']) ) {
    header('location:plog-auth.php?'
    . $groupname_ending );
    }
    // otherwise, check the password
    else if( $password != $_SESSION['password'] ) {
    header('location:plog-auth.php?'
    . $groupname_ending . '&msg=noauth');
    }
    }
    }
    }

    This function queries the database for the group name and password associated with the current album. If the group name associated with this album does not have a password (i.e. has a null password), then the password checking does not occur. If the password for this album is set, then the function checks the 'password' session variable.

    Step 5. Call the auth_album function within plogger.php before the call to plogger_init():

    ...
    // Authenticate if necessary
    auth_album();

    // Initialize Plogger
    plogger_init();

    // Throw 404 headers if a 404 error has occurred
    if ($GLOBALS['plogger_level'] == '404' && !headers_sent()) {
    ...


    The password authentication should now be set up. Of course, for each album that you need password protected, the album will need to reference a user group with a non-null password. For example:

    INSERT INTO plogger_user_groups (groupname, password) VALUES ('group_name_here', md5('password_here'));
    UPDATE plogger_albums SET groupname='group_name_here' WHERE name='album name here';


    This is not the most efficient method of password authenticating albums, but it will get the job done (of keeping out prying eyes :P ).
    • CommentAuthorgeorge
    • CommentTimeMay 6th 2010
     
    Hello all

    I have installed the password protection for each album per instructions of dzmoore in this post: http://www.plogger.org/forum/discussion/1430/howto-password-protect-albums/#Item_0 .

    However I can't get it to work. (I don't understand the last insturction).

    Can anyone help? Please!
    • CommentAuthordzmoore
    • CommentTimeOct 3rd 2010
     
    Posted By: georgeHello all

    I have installed the password protection for each album per instructions of dzmoore in this post: http://www.plogger.org/forum/discussion/1430/howto-password-protect-albums/#Item_0 .

    However I can't get it to work. (I don't understand the last insturction).

    Can anyone help? Please!


    The last instruction is saying to go into a database commandline/visualizer and creating a new group, and then tagging an album with a particular group. If you look at the code above, it should be adding a 'group' column to the plogger album table (in the db). When a user asks plogger to display an album, the other parts of the code above decides whether

    (A) that albums group column is null
    - or -
    (B) that albums group column is some group name (not null)

    if (A), plogger functions as it did before the code additions (no password protect)
    if (B), plogger directs to the password page, where, upon user input, the above code additions verify the password against the group's password (stored in the group password table)


    TL;DR example:
    first create a group (only need to do this the first time)
    INSERT INTO plogger_user_groups (groupname, password) VALUES ('group_one', md5('a_passw3rd_f0r_gr0up1'));

    for each album (this example assumes an album exists in plogger called 'partying') you want to tag with "group_one", execute the following

    UPDATE plogger_albums SET groupname='group_one' WHERE name='partying';


    after doing this, any user attempting to view pictures in the album 'partying' will be prompted to type the password for group_out, which is a_passw3rd_f0r_gr0up1 .

    hope this helps
    • CommentAuthorSlapshot
    • CommentTimeOct 22nd 2010
     
    I have a little problem too and as I'm not an expert with php and barely managed to get all the steps done (I did finally ;-) ) a last obstacle occured. All the steps are done and I get a password dialog with my group indicated but after entering the password I get the error message below. Please help.

    Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'MYLOGIN'@'localhost' (using password: NO) in /var/www/MYLOGIN/html/gallerie/plog-auth-continue.php on line 8

    Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /var/www/MYLOGIN/html/gallerie/plog-auth-continue.php on line 8

    Warning: Cannot modify header information - headers already sent by (output started at /var/www/MYLOGIN/html/gallerie/plog-auth-continue.php:8) in /var/www/MYLOGIN/html/gallerie/plog-auth-continue.php on line 13


    Anyone got a hint how to solve this? Thank you very much in advance

    Nils
    • CommentAuthorchewbears
    • CommentTimeOct 22nd 2010
     
    Link to your gallery.
    • CommentAuthorSlapshot
    • CommentTimeOct 23rd 2010
     
    login is password

    Thank you for taking a look

    click
    • CommentAuthorpomstock
    • CommentTimeMar 27th 2011
     
    Hi,
    I found out a not-so-nice but very simple way to password protect specific albums or collections.
    I use htaccess files referring to a password config file, and I put them in every album/collection folder I need to protect, with a 401 bad auth redirection to a fully transparent gif to make it nicer.

    Pros :

    • Very simple to implement

    • Highly customisable

    • Perfectly working

    • Nice layout (forbidden picture appear just transparent)


    Cons :

    • Always need to access server through FTP to modify permissions.

    • Might be annoying for people navigating on your gallery if they don't have the password, because if you didn't authenticate properly, it will ask you for the password every time you load a page and try to watch a password-protected picture.


    How to implement it :
    1)create a file named pwd.htpasswd
    2)Go to http://www.htaccesstools.com/htpasswd-generator/ to generate your password file and copy the content to pwd.htpasswd using your notepad.
    3)create a file named rp.php
    4) Fill it with :
    <? echo realpath("rp.php"); ?>
    5)Connect to your server with FTP, and put the two files rp.php and pwd.htpasswd to your domain root folder (that is, the one where you have your main index file).
    6) Rename pwd.htpasswd to .htpasswd
    7) Go to yourdomain.com/rp.php and get the absolute path to access your domain root folder (just remove rp.php from what is shown)
    8) The absolute path to your .htpasswd file is absolute/path/to/domain/root/folder/.htaccess
    9) remove the file rp.php
    10)create a file named file.htaccess
    11)open it with your notepad and fill it with the following code :
    ErrorDocument 401 "http://upload.wikimedia.org/wikipedia/commons/c/ce/Transparent.gif"
    AuthUserFile absolute/path/to/htpassword/file
    AuthGroupFile /dev/null
    AuthName "Restricted access"
    AuthType Basic
    <LIMIT GET POST>

    Require valid-user
    </LIMIT>

    Don't forget to replace "absolute/path/to/htpassword/file" with the path to your .htpasswd file.

    To password protect the collection "mycollection"
    12) Put the file file.htaccess in the folder plogger/plog-content/images/mycollection/
    13) rename it to .htaccess
    14) Put the file file.htaccess in the folder plogger/plog-content/thumbs/mycollection/
    15) rename it to .htaccess

    To password protect the album "myalbum" in collection "mycollection"
    12) Put the file file.htaccess in the folder plogger/plog-content/images/mycollection/myalbum/
    13) rename it to .htaccess
    14) Put the file file.htaccess in the folder plogger/plog-content/thumbs/mycollection/myalbum/
    15) rename it to .htaccess


    And that's it !

    If you feel like you want to password protect only specific pictures, htaccess files can also do this, but I let you google it ;)

    Hope this helped you.