/**
* returns the auth type of a guest login
*
* @param string $hint
* @param string $show
* @return string
*/
function checkForGuest(&$hint = NULL, &$show = NULL)
{
global $_zp_gallery, $_zp_gallery_page, $_zp_current_zenpage_page, $_zp_current_category, $_zp_current_zenpage_news;
$authType = zp_apply_filter('checkForGuest', NULL);
if (!is_null($authType)) {
return $authType;
}
if (in_context(ZP_SEARCH)) {
// search page
$hash = getOption('search_password');
$show = getOption('search_user') != '';
$hint = get_language_string(getOption('search_hint'));
$authType = 'zp_search_auth';
if (empty($hash)) {
$hash = $_zp_gallery->getPassword();
$show = $_zp_gallery->getUser() != '';
$hint = $_zp_gallery->getPasswordHint();
$authType = 'zp_gallery_auth';
}
if (!empty($hash) && zp_getCookie($authType) == $hash) {
return $authType;
}
} else {
if (!is_null($_zp_current_zenpage_news)) {
$authType = $_zp_current_zenpage_news->checkAccess($hint, $show);
return $authType;
} else {
if (isset($_GET['album'])) {
// album page
list($album, $image) = rewrite_get_album_image('album', 'image');
if ($authType = checkAlbumPassword($album, $hint)) {
return $authType;
} else {
$alb = new Album($_zp_gallery, $album);
$show = $alb->getUser() != '';
return false;
}
} else {
// other page
$hash = $_zp_gallery->getPassword();
$show = $_zp_gallery->getUser() != '';
$hint = $_zp_gallery->getPasswordHint();
if (!empty($hash) && zp_getCookie('zp_gallery_auth') == $hash) {
return 'zp_gallery_auth';
}
}
}
}
if (empty($hash)) {
return 'zp_public_access';
}
return false;
}
$_zp_gallery = new Gallery();
$albumobj = new Album($_zp_gallery, $album8);
if (!$albumobj->checkAccess() && !zp_loggedin(VIEW_FULLIMAGE_RIGHTS)) {
// handle password form if posted
zp_handle_password('zp_image_auth', getOption('protected_image_password'), getOption('protected_image_user'));
//check for passwords
$hash = getOption('protected_image_password');
$authType = 'zp_image_auth';
$hint = get_language_string(getOption('protected_image_hint'));
$show = getOption('protected_image_user');
if (empty($hash)) {
// check for album password
$hash = $albumobj->getPassword();
$authType = "zp_album_auth_" . $albumobj->get('id');
$hint = $albumobj->getPasswordHint();
$show = $albumobj->getUser();
if (empty($hash)) {
$albumobj = $albumobj->getParent();
while (!is_null($albumobj)) {
$hash = $albumobj->getPassword();
$authType = "zp_album_auth_" . $albumobj->get('id');
$hint = $albumobj->getPasswordHint();
$show = $albumobj->getUser();
if (!empty($hash)) {
break;
}
$albumobj = $albumobj->getParent();
}
}
}
if (empty($hash)) {
/**
* Checks to see if a password is needed
* displays a password form if log-on is required
*
* Returns true if a login form has been displayed
*
* The password protection is hereditary. This normally only impacts direct url access to an album or image since if
* you are going down the tree you will be stopped at the first place a password is required.
*
* If the gallery is password protected then every album & image will require that password.
*
* If an album is password protected then all subalbums and images treed below that album will require
* the password. If there are multiple passwords in the tree and you direct link, the password that is
* required will be that of the nearest parent that has a password. (The gallery is the ur-parrent to all
* albums.)
*
* @param bool $silent set to true to inhibit the logon form
* @return bool
* @since 1.1.3
*/
function checkforPassword($silent = false)
{
global $_zp_current_album, $_zp_current_search, $_zp_gallery, $_zp_loggedin;
if (zp_loggedin(MAIN_RIGHTS | VIEWALL_RIGHTS | ALL_ALBUMS_RIGHTS)) {
return false;
}
// you're the admin, you don't need the passwords.
if (in_context(ZP_SEARCH)) {
// search page
$hash = getOption('search_password');
$show = getOption('search_user') != '';
$hint = get_language_string(getOption('search_hint'));
$authType = 'zp_search_auth';
if (empty($hash)) {
$hash = getOption('gallery_password');
$show = getOption('gallery_user') != '';
$hint = get_language_string(getOption('gallery_hint'));
$authType = 'zp_gallery_auth';
}
if (!empty($hash)) {
if (zp_getCookie($authType) != $hash) {
if (!$silent) {
printPasswordForm($hint, true, getOption('login_user_field') || $show);
}
return true;
}
}
} else {
if (isset($_GET['album'])) {
// album page
list($album, $image) = rewrite_get_album_image('album', 'image');
if (checkAlbumPassword($album, $hint)) {
return false;
} else {
if (!$silent) {
$alb = new Album($_zp_gallery, $album);
printPasswordForm($hint, true, getOption('login_user_field') || $alb->getUser() != '');
}
return true;
}
} else {
// index page
if ($_zp_loggedin) {
return false;
}
$hash = getOption('gallery_password');
$hint = get_language_string(getOption('gallery_hint'));
if (!empty($hash)) {
if (zp_getCookie('zp_gallery_auth') != $hash) {
if (!$silent) {
printPasswordForm($hint, true, getOption('login_user_field') || getOption('gallery_user') != '');
}
return true;
}
}
}
}
return false;
}
