Hide these pages from the public: thumbnails.php?album=topn Hide these pages from the public: thumbnails.php?album=topn
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Hide these pages from the public: thumbnails.php?album=topn

Started by Badegakk, January 15, 2016, 07:03:46 PM

Previous topic - Next topic

0 Members and 4 Guests are viewing this topic.

Print
Go Down Pages1
User actions

Badegakk

January 15, 2016, 07:03:46 PM
I am well aware how to remove the links on the index page. But either way anyone can add this: thumbnails.php?album=topn to the end of any url.com/gallery/ and be able to view this page which I would like to keep private. This includes Album list, last uploads, last comments, most viewed, top rated.

I have the stats private which is why I would also like to keep this info private.

gmc

#1
January 16, 2016, 12:58:49 AM
Two possible solutions I see... (and sure there are others...)
Use .htaccess to look for and overwrite any album=xxx that you want to disallow... This would apply to everyone (admin or not) and be outside of Coppermine.  I'm not an expert in htaccess coding.

In Coppermine, the meta albums are processed in function get_pic_data
Depending on what you want - changes could be made here to suppress certain albums for all.. for non-admin... etc...
There is a plugin filter here - probably the best option as you wouldn't have to redo changes for each release:
Code Select
    $meta_album_passto = array (
        'album' => $album,
        'limit' => $limit,
        'set_caption' => $set_caption,
    );

    $meta_album_params = CPGPluginAPI::filter('meta_album', $meta_album_passto);

In the doc:
http://documentation.coppermine-gallery.net/en/dev_plugin_hooks.htm#plugin_hooks_meta_album
Quotemeta_album    Filter    executed before meta albums are retrieved, giving the possibility to add or filter meta albums.

If you can indicate what you want to disallow and for who (admin or all) - someone may be able to help.. (or of course you can write a plugin too!)  I have limited time right now - but thought the ideas might help someone else...
Thanks!
Greg
My Coppermine Gallery
Need a web hosting account? See my gallery for an offer for CPG Forum users.
Send me money

Badegakk

#2
January 31, 2016, 05:34:22 PM
I  want to be able to remove this page so no one can view it
http://xtinapictures.com/thumbnails.php?album=topn&cat=0

Even if I remove the link in the theme people can still paste /thumbnails.php?album=topn&cat=0 after any url in ANY gallery and get to this page.
So how can I remove it to keep the most viewed private?

gmc

#3
January 31, 2016, 09:38:33 PM
A quick bandaid...
Open include/functions.inc.php.
Find function 'get_pic_data' (line 1163 at CPG 1.5.40)   
Find the following statement: (line 1579 at CPG 1.5.40)
Code Select
    case 'topn': // Most viewed files
Change topn to anything you want - so you can still view it - but no one else will know the keyword...
Anyone trying to view topn will fall through the code...

Cleaner to filter with a plugin (and wouldn't need to be redone with each release) - maybe someone else can help with that - I don't have the time right now...
Thanks!
Greg
My Coppermine Gallery
Need a web hosting account? See my gallery for an offer for CPG Forum users.
Send me money

Badegakk

#4
January 31, 2016, 10:22:42 PM
That worked perfectly. Thank you very much!  :D
Print
Go Up Pages1
User actions