Community @ The Turning Gate

Support community for TTG plugins and products.

NOTICE

The Turning Gate's Community has moved to a new home, at https://discourse.theturninggate.net.

This forum is now closed, and exists here as a read-only archive.

  • New user registrations are disabled.
  • Users cannot create new topics.
  • Users cannot reply to existing topics.

You are not logged in.

#1 2019-01-04 00:15:06

dbfoto
Member
Registered: 2013-01-04
Posts: 121

Securing a page.

I want a page to be password-protected, is this possible?

Offline

#2 2019-01-04 01:04:15

rod barbee
Moderator
From: Port Ludlow, WA USA
Registered: 2012-09-24
Posts: 17,830
Website

Re: Securing a page.

No, just albums and album sets.

A quick Google search turned up some php code to password protect a page that you may be able to implement using phplugins.
Maybe someone with php skills will chime in with a solution.


Rod 
Just a user with way too much time on his hands.
www.rodbarbee.com
ttg-tips.com, Backlight 2/3 test site

Offline

#3 2019-01-04 01:07:20

rod barbee
Moderator
From: Port Ludlow, WA USA
Registered: 2012-09-24
Posts: 17,830
Website

Re: Securing a page.

Another solution is to use WordPress for the page you want to protect. See this thread: http://community.theturninggate.net/vie … 038#p52038


Rod 
Just a user with way too much time on his hands.
www.rodbarbee.com
ttg-tips.com, Backlight 2/3 test site

Offline

#4 2019-01-04 01:09:46

dbfoto
Member
Registered: 2013-01-04
Posts: 121

Re: Securing a page.

Ok I'll look into both. Thanks

Offline

#5 2019-01-05 07:46:23

Dutch
Member
From: Hannover (Germany)
Registered: 2019-01-05
Posts: 14
Website

Re: Securing a page.

Hi!
I hope this is going to work. I am just trying to install the new BL2 and having some problem. Looking for a solution I saw your question:
I used to solve it in older version of LR-plugins (which I just deleted) by using following php-script:

As you can see there is a downloadlink. Just save this file as a xxx.php and adjust the passwords you want to use and adjust the pages where you want the script to redirect after succesful and unsuccesful logins.....

It worked fine for me and the used passwords can not be seen if take a look at the code in your browser.

Hope it is a solution you can use. I protected several albums with sevearl *.php protectscripts. I didn´t write the code but I usume by reading you can folow what it does and see that it is "harmless".

Here it starts:


<?php

###############################################################
# Page Password Protect 2.13
###############################################################
# Visit http://www.zubrag.com/scripts/ for updates
###############################################################
#
# Usage:
# Set usernames / passwords below between SETTINGS START and SETTINGS END.
# Open it in browser with "help" parameter to get the code
# to add to all files being protected.
#    Example: password_protect.php?help
# Include protection string which it gave you into every file that needs to be protected
#
# Add following HTML code to your page where you want to have logout link
# <a href="http://www.example.com/path/to/protected/page.php?logout=1">Logout</a>
#
###############################################################

/*
-------------------------------------------------------------------
SAMPLE if you only want to request login and password on login form.
Each row represents different user.

$LOGIN_INFORMATION = array(
  'zubrag' => 'root',
  'test' => 'testpass',
  'admin' => 'passwd'
);

--------------------------------------------------------------------
SAMPLE if you only want to request only password on login form.
Note: only passwords are listed

$LOGIN_INFORMATION = array(
  'root',
  'testpass',
  'passwd'
);

--------------------------------------------------------------------
*/

##################################################################
#  SETTINGS START
##################################################################

// Add login/password pairs below, like described above
// NOTE: all rows except last must have comma "," at the end of line
$LOGIN_INFORMATION = array(
  'zubrag' => 'root',
  'admin' => 'adminpass'
);

// request login? true - show login and password boxes, false - password box only
define('USE_USERNAME', true);

// User will be redirected to this page after logout
define('LOGOUT_URL', 'http://www.example.com/');

// time out after NN minutes of inactivity. Set to 0 to not timeout
define('TIMEOUT_MINUTES', 0);

// This parameter is only useful when TIMEOUT_MINUTES is not zero
// true - timeout time from last activity, false - timeout time from login
define('TIMEOUT_CHECK_ACTIVITY', true);

##################################################################
#  SETTINGS END
##################################################################


///////////////////////////////////////////////////////
// do not change code below
///////////////////////////////////////////////////////

// show usage example
if(isset($_GET['help'])) {
  die('Include following code into every page you would like to protect, at the very beginning (first line):<br>&lt;?php include("' . str_replace('\\','\\\\',__FILE__) . '"); ?&gt;');
}

// timeout in seconds
$timeout = (TIMEOUT_MINUTES == 0 ? 0 : time() + TIMEOUT_MINUTES * 60);

// logout?
if(isset($_GET['logout'])) {
  setcookie("verify", '', $timeout, '/'); // clear password;
  header('Location: ' . LOGOUT_URL);
  exit();
}

if(!function_exists('showLoginPasswordProtect')) {

// show login form
function showLoginPasswordProtect($error_msg) {
?>
<html>
<head>
  <title>Please enter password to access this page</title>
  <META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
  <META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">
</head>
<body>
  <style>
    input { border: 1px solid black; }
  </style>
  <div style="width:700px; margin-left:auto; margin-right:auto; text-align:center">
  <form method="post">
    <h3>Ohne Login und Passwort kommen sie hier nicht weiter!</h3>
    <font color="red"><?php echo $error_msg; ?></font><br />
<?php if (USE_USERNAME) echo 'Login:<br /><input type="input" name="access_login" /><br />Password:<br />'; ?>
    <input type="password" name="access_password" /><p></p><input type="submit" name="Submit" value="Submit" />
  </form>
  <br />
  <a style="font-size:9px; color: #666666; font-family: Verdana, Arial;" href="http://www.zubrag.com/scripts/password-protect.php" title="Download Password Protector">Powered by Password Protect</a>
  </div>
</body>
</html>

<?php
  // stop at this point
  die();
}
}

// user provided password
if (isset($_POST['access_password'])) {

  $login = isset($_POST['access_login']) ? $_POST['access_login'] : '';
  $pass = $_POST['access_password'];
  if (!USE_USERNAME && !in_array($pass, $LOGIN_INFORMATION)
  || (USE_USERNAME && ( !array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass ) )
  ) {
    showLoginPasswordProtect("Incorrect password.");
  }
  else {
    // set cookie if password was validated
    setcookie("verify", md5($login.'%'.$pass), $timeout, '/');
   
    // Some programs (like Form1 Bilder) check $_POST array to see if parameters passed
    // So need to clear password protector variables
    unset($_POST['access_login']);
    unset($_POST['access_password']);
    unset($_POST['Submit']);
  }

}

else {

  // check if password cookie is set
  if (!isset($_COOKIE['verify'])) {
    showLoginPasswordProtect("");
  }

  // check if cookie is good
  $found = false;
  foreach($LOGIN_INFORMATION as $key=>$val) {
    $lp = (USE_USERNAME ? $key : '') .'%'.$val;
    if ($_COOKIE['verify'] == md5($lp)) {
      $found = true;
      // prolong timeout
      if (TIMEOUT_CHECK_ACTIVITY) {
        setcookie("verify", md5($lp), $timeout, '/');
      }
      break;
    }
  }
  if (!$found) {
    showLoginPasswordProtect("");
  }

}
header('Location: http://www.domain.com/............................/index.html'); die();
?>
?>

Offline

#6 2019-01-06 11:14:30

Matthew
Administrator
From: San Francisco, CA
Registered: 2012-09-24
Posts: 5,795
Website

Re: Securing a page.

dbfoto wrote:

I want a page to be password-protected, is this possible?

Another solution, make an album is no images. Or use Theater to create a "Still image" page with just one image. Password protect it, hide is from your album set, and put a link to that page in the site menu.

If you don't want to have "galleries" in the URL, then simply create a second top-level called "private" or whatever, and publish any protected albums-masquerading-as-pages to that location.


Matt

The Turning Gate, http://theturninggate.net

Offline

#7 2019-01-06 18:23:22

dbfoto
Member
Registered: 2013-01-04
Posts: 121

Re: Securing a page.

Thanks Dutch and Matthew.

The script is not my favourite. The solution of Matthew is interesting.

I don't want albums under a toplevel gallery as by that way all albums show. I have made a gallery-menu by putting albums in pages which carry the page template with the menustructure I want. So for now I have to make a page for each (protected or not) album which is more work but works fine. But I also want to protect a page allthough that has a low priority at the moment.

Just click the Galleries tab, not the option that it reveals to see my gelleriesmenu
www.fotograafdonald.nl/2019

Offline

#8 2019-01-06 23:33:33

rod barbee
Moderator
From: Port Ludlow, WA USA
Registered: 2012-09-24
Posts: 17,830
Website

Re: Securing a page.

You can assign the page template that uses your galleries-only menu to your album template. No need to embed albums in pages using that template.

Also, you can hide albums from their album set so that any protected album “pages” appearing in the top level won’t be seen in the menu.


Rod 
Just a user with way too much time on his hands.
www.rodbarbee.com
ttg-tips.com, Backlight 2/3 test site

Offline

#9 2019-01-07 05:02:49

dbfoto
Member
Registered: 2013-01-04
Posts: 121

Re: Securing a page.

I do that templateconnecting, works fine. no... I got you. Your way is simpler. Took me a second to let it sink in. 8-)
I hid my thumbnails album by both options but it still shows.

www.fotograafdonald.nl/2019 -> full set (it shows any album physically right under galleries)

Last edited by dbfoto (2019-01-07 05:23:47)

Offline

#10 2019-01-07 06:02:22

rod barbee
Moderator
From: Port Ludlow, WA USA
Registered: 2012-09-24
Posts: 17,830
Website

Re: Securing a page.

When I look a Full Set I see two albums and three album sets.

If you are seeing more it’s likely that you are also logged in to Backlight in the same browser.
Any hidden albums will have a little eye with aslash icon attached. Only you see this. It’s a feature of Backlight that allows you to see all albums when you’re logged in to Backlight.


Rod 
Just a user with way too much time on his hands.
www.rodbarbee.com
ttg-tips.com, Backlight 2/3 test site

Offline

#11 2019-03-02 05:50:13

aaplin
Member
Registered: 2016-12-10
Posts: 7

Re: Securing a page.

Matthew wrote:
dbfoto wrote:

I want a page to be password-protected, is this possible?

Another solution, make an album is no images. Or use Theater to create a "Still image" page with just one image. Password protect it, hide is from your album set, and put a link to that page in the site menu.

If you don't want to have "galleries" in the URL, then simply create a second top-level called "private" or whatever, and publish any protected albums-masquerading-as-pages to that location.


If you wanted to put a password protected album as your index page. A page with a different menu set than your default menu. Once the access is offered up, all the default menu options appear. Is there a way to prevent the default menu from coming up as you are entering your passcode? In trying this as my index page, anyone can bypass the access code by simply go to the other menu options on the default menu set. Do you have to reverse the menu sets to get this to work?

Offline

#12 2019-03-02 06:19:46

rod barbee
Moderator
From: Port Ludlow, WA USA
Registered: 2012-09-24
Posts: 17,830
Website

Re: Securing a page.

Only a page can be designated as the index page. An album cannot.
And a password protected album inserted into a page will not password protect the page.


Rod 
Just a user with way too much time on his hands.
www.rodbarbee.com
ttg-tips.com, Backlight 2/3 test site

Offline

Board footer

Powered by FluxBB