/** * returns the auth type of a guest login * * @param string $hint * @param string $show * @return string */ function checkForGuest(&$hint = NULL, &$show = NULL) { global $_zp_gallery, $_zp_gallery_page, $_zp_current_zenpage_page, $_zp_current_category, $_zp_current_zenpage_news; $authType = zp_apply_filter('checkForGuest', NULL); if (!is_null($authType)) { return $authType; } if (in_context(ZP_SEARCH)) { // search page $hash = getOption('search_password'); $show = getOption('search_user') != ''; $hint = get_language_string(getOption('search_hint')); $authType = 'zp_search_auth'; if (empty($hash)) { $hash = $_zp_gallery->getPassword(); $show = $_zp_gallery->getUser() != ''; $hint = $_zp_gallery->getPasswordHint(); $authType = 'zp_gallery_auth'; } if (!empty($hash) && zp_getCookie($authType) == $hash) { return $authType; } } else { if (!is_null($_zp_current_zenpage_news)) { $authType = $_zp_current_zenpage_news->checkAccess($hint, $show); return $authType; } else { if (isset($_GET['album'])) { // album page list($album, $image) = rewrite_get_album_image('album', 'image'); if ($authType = checkAlbumPassword($album, $hint)) { return $authType; } else { $alb = new Album($_zp_gallery, $album); $show = $alb->getUser() != ''; return false; } } else { // other page $hash = $_zp_gallery->getPassword(); $show = $_zp_gallery->getUser() != ''; $hint = $_zp_gallery->getPasswordHint(); if (!empty($hash) && zp_getCookie('zp_gallery_auth') == $hash) { return 'zp_gallery_auth'; } } } } if (empty($hash)) { return 'zp_public_access'; } return false; }
$_zp_gallery = new Gallery(); $albumobj = new Album($_zp_gallery, $album8); if (!$albumobj->checkAccess() && !zp_loggedin(VIEW_FULLIMAGE_RIGHTS)) { // handle password form if posted zp_handle_password('zp_image_auth', getOption('protected_image_password'), getOption('protected_image_user')); //check for passwords $hash = getOption('protected_image_password'); $authType = 'zp_image_auth'; $hint = get_language_string(getOption('protected_image_hint')); $show = getOption('protected_image_user'); if (empty($hash)) { // check for album password $hash = $albumobj->getPassword(); $authType = "zp_album_auth_" . $albumobj->get('id'); $hint = $albumobj->getPasswordHint(); $show = $albumobj->getUser(); if (empty($hash)) { $albumobj = $albumobj->getParent(); while (!is_null($albumobj)) { $hash = $albumobj->getPassword(); $authType = "zp_album_auth_" . $albumobj->get('id'); $hint = $albumobj->getPasswordHint(); $show = $albumobj->getUser(); if (!empty($hash)) { break; } $albumobj = $albumobj->getParent(); } } } if (empty($hash)) {
/** * Checks to see if a password is needed * displays a password form if log-on is required * * Returns true if a login form has been displayed * * The password protection is hereditary. This normally only impacts direct url access to an album or image since if * you are going down the tree you will be stopped at the first place a password is required. * * If the gallery is password protected then every album & image will require that password. * * If an album is password protected then all subalbums and images treed below that album will require * the password. If there are multiple passwords in the tree and you direct link, the password that is * required will be that of the nearest parent that has a password. (The gallery is the ur-parrent to all * albums.) * * @param bool $silent set to true to inhibit the logon form * @return bool * @since 1.1.3 */ function checkforPassword($silent = false) { global $_zp_current_album, $_zp_current_search, $_zp_gallery, $_zp_loggedin; if (zp_loggedin(MAIN_RIGHTS | VIEWALL_RIGHTS | ALL_ALBUMS_RIGHTS)) { return false; } // you're the admin, you don't need the passwords. if (in_context(ZP_SEARCH)) { // search page $hash = getOption('search_password'); $show = getOption('search_user') != ''; $hint = get_language_string(getOption('search_hint')); $authType = 'zp_search_auth'; if (empty($hash)) { $hash = getOption('gallery_password'); $show = getOption('gallery_user') != ''; $hint = get_language_string(getOption('gallery_hint')); $authType = 'zp_gallery_auth'; } if (!empty($hash)) { if (zp_getCookie($authType) != $hash) { if (!$silent) { printPasswordForm($hint, true, getOption('login_user_field') || $show); } return true; } } } else { if (isset($_GET['album'])) { // album page list($album, $image) = rewrite_get_album_image('album', 'image'); if (checkAlbumPassword($album, $hint)) { return false; } else { if (!$silent) { $alb = new Album($_zp_gallery, $album); printPasswordForm($hint, true, getOption('login_user_field') || $alb->getUser() != ''); } return true; } } else { // index page if ($_zp_loggedin) { return false; } $hash = getOption('gallery_password'); $hint = get_language_string(getOption('gallery_hint')); if (!empty($hash)) { if (zp_getCookie('zp_gallery_auth') != $hash) { if (!$silent) { printPasswordForm($hint, true, getOption('login_user_field') || getOption('gallery_user') != ''); } return true; } } } } return false; }