Limit Viewing

[RatKing]

What I have so far is user based bandwith monitoring that will not care about tumbnails being shown only the full pictures includign the once that you see in the slideshow are monitored.

Ok, the files that need to be modified are:

lang/<your language>.php
usermgr.php
delete.php
displayimage.php
include/init.inc.php
include/slideshow.inc.php

On top of that the database needs a change... (we will add a table)

Ok lets start with the language file(s) this will not be noticed by anyone for obvious reasons I will only show how to

change the english language file.

Look for:

Code Select Expand


  'user_occupation' => 'User occupation',
  'latest_upload' => 'Recent uploads', //cpg1.3.0


Replace with:

Code Select Expand


  'user_occupation' => 'User occupation',
  'user_bandwidth' => 'User bandwidth limit (in Mb)',
  'latest_upload' => 'Recent uploads', //cpg1.3.0



Look for:

Code Select Expand


$lang_error = 'Error';


Replace with:

Code Select Expand


$lang_error = 'Error';
$lang_bandwidth_limit = 'Bandwidth limit reached';


Look for:

Code Select Expand


$lang_errors = array(
  'access_denied' => 'You don\'t have permission to access this page.',


Replace with:

Code Select Expand


$lang_errors = array(
  'bandwidth_limit' => 'You have exceeded your bandwidth limit of [limit]Mb',
  'access_denied' => 'You don\'t have permission to access this page.',


Look for:

Code Select Expand


  'Cookies settings',
  array('Name of the cookie used by the script (when using bbs integration, make sure it differs from the bbs\'s cookie

name)', 'cookie_name', 0),
  array('Path of the cookie used by the script', 'cookie_path', 0),

  'Miscellaneous settings',
  array('Enable debug mode', 'debug_mode', 9), //cpg1.3.0
  array('Display notices in debug mode', 'debug_notice', 1), //cpg1.3.0


Replace with:

Code Select Expand


  'Cookies settings',
  array('Name of the cookie used by the script (when using bbs integration, make sure it differs from the bbs\'s cookie

name)', 'cookie_name', 0),
  array('Path of the cookie used by the script', 'cookie_path', 0),

  'Bandwidth monitoring',
  array('Monitor bandwidth per user', 'monitor_bandwidth', 1),

  'Miscellaneous settings',
  array('Enable debug mode', 'debug_mode', 9), //cpg1.3.0
  array('Display notices in debug mode', 'debug_notice', 1), //cpg1.3.0


Ok, now that should be it.... as far as the language file goes.


Then we will do the table creation in the database which again should not be noticed by our dear users.

Code Select Expand


DROP TABLE IF EXISTS `cpg133_bandwidth`;
CREATE TABLE IF NOT EXISTS `cpg133_bandwidth` (
  `user_id` int(11) NOT NULL default '0',
  `bandwidth` bigint(20) NOT NULL default '0',
  `download` bigint(20) NOT NULL default '0',
  PRIMARY KEY  (`user_id`)
) TYPE=MyISAM;


Then we need to make sure all our users are in there plus an extra which is the unknown user (iow logged in)

Code Select Expand


INSERT INTO `cpg133_bandwidth` VALUES (0, 0, 0);
INSERT INTO `cpg133_bandwidth` VALUES (select user_id, 0, 0 from `cpg133_users`);



Now we need to add a configuration field to the admin screen so we can en/disable bandwidth checking
The following SQL code will do that:

Code Select Expand


INSERT INTO `cpg133_config` VALUES ('monitor_bandwidth', '0');


Now we need to make sure we can access the bandwidth table and add some custom error message to do this we edit init.inc.php

Look for:

Code Select Expand


$CONFIG['TABLE_ECARDS']          = $CONFIG['TABLE_PREFIX']."ecards";
$CONFIG['TABLE_TEMPDATA']        = $CONFIG['TABLE_PREFIX']."temp_data";


Replace with:

Code Select Expand


$CONFIG['TABLE_ECARDS']          = $CONFIG['TABLE_PREFIX']."ecards";
$CONFIG['TABLE_TEMPDATA']        = $CONFIG['TABLE_PREFIX']."temp_data";
$CONFIG['TABLE_BANDWIDTH']       = $CONFIG['TABLE_PREFIX']."bandwidth";


Look for:

Code Select Expand


define('CRITICAL_ERROR', 3);


Replace with:

Code Select Expand


define('CRITICAL_ERROR', 3);
define('BANDWIDTH_LIMIT', 4);


Ok, so now we have a table and we have the language files changed lets make sure that new users get added with their own

personal bandwidth limit.


So now then usermgr.php

Look for:

Code Select Expand


    case 'new_user' :
        db_query("INSERT INTO {$CONFIG['TABLE_USERS']}(user_regdate, user_active) VALUES (NOW(), 'YES')");

        $user_id = mysql_insert_id();


Replace with:

Code Select Expand


    case 'new_user' :
        db_query("INSERT INTO {$CONFIG['TABLE_USERS']}(user_regdate, user_active) VALUES (NOW(), 'YES')");

        $user_id = mysql_insert_id();
        db_query("INSERT INTO {$CONFIG['TABLE_BANDWIDTH']}(user_id, bandwidth, download) VALUES ($user_id, 0, 0)");


Look for:

Code Select Expand


function update_user($user_id)
{
    global $CONFIG, $PHP_SELF, $HTTP_POST_VARS;
    global $lang_usermgr_php, $lang_register_php;

    $user_name = addslashes(trim($HTTP_POST_VARS['user_name']));
    $user_password = addslashes(trim($HTTP_POST_VARS['user_password']));
    $user_email = addslashes(trim($HTTP_POST_VARS['user_email']));
    $user_location = addslashes($HTTP_POST_VARS['user_location']);
    $user_interests = addslashes($HTTP_POST_VARS['user_interests']);
    $user_website = addslashes($HTTP_POST_VARS['user_website']);
    $user_occupation = addslashes($HTTP_POST_VARS['user_occupation']);
    $user_active = $HTTP_POST_VARS['user_active'];
    $user_group = $HTTP_POST_VARS['user_group'];
    $group_list = isset($HTTP_POST_VARS['group_list']) ? $HTTP_POST_VARS['group_list'] : '';


Replace with:

Code Select Expand


function update_user($user_id)
{
    global $CONFIG, $PHP_SELF, $HTTP_POST_VARS;
    global $lang_usermgr_php, $lang_register_php;

    $user_name = addslashes(trim($HTTP_POST_VARS['user_name']));
    $user_password = addslashes(trim($HTTP_POST_VARS['user_password']));
    $user_email = addslashes(trim($HTTP_POST_VARS['user_email']));
    $user_location = addslashes($HTTP_POST_VARS['user_location']);
    $user_interests = addslashes($HTTP_POST_VARS['user_interests']);
    $user_website = addslashes($HTTP_POST_VARS['user_website']);
    $user_occupation = addslashes($HTTP_POST_VARS['user_occupation']);
    $user_active = $HTTP_POST_VARS['user_active'];
    $user_group = $HTTP_POST_VARS['user_group'];
    $user_bandwidth = $HTTP_POST_VARS['bandwidth'];
    $group_list = isset($HTTP_POST_VARS['group_list']) ? $HTTP_POST_VARS['group_list'] : '';


Look for:

Code Select Expand


    $sql_update = "UPDATE {$CONFIG['TABLE_USERS']} " . "SET " . "user_name           = '$user_name', " . "user_email     

    = '$user_email', " . "user_active    = '$user_active', " . "user_group           = '$user_group', " . "user_location 

= '$user_location', " . "user_interests = '$user_interests', " . "user_website          = '$user_website', " .

"user_occupation= '$user_occupation', " . "user_group_list      = '$user_group_list'";
    if (strlen($user_password)) $sql_update .= ", user_password = '$user_password'";
    $sql_update .= " WHERE user_id = '$user_id'";

    db_query($sql_update);
}


Replace with:

Code Select Expand


    $sql_update = "UPDATE {$CONFIG['TABLE_USERS']} " . "SET " . "user_name           = '$user_name', " . "user_email     

    = '$user_email', " . "user_active    = '$user_active', " . "user_group           = '$user_group', " . "user_location 

= '$user_location', " . "user_interests = '$user_interests', " . "user_website          = '$user_website', " .

"user_occupation= '$user_occupation', " . "user_group_list      = '$user_group_list'";
    if (strlen($user_password)) $sql_update .= ", user_password = '$user_password'";
    $sql_update .= " WHERE user_id = '$user_id'";

    db_query($sql_update);
    $sql_update = "UPDATE {$CONFIG['TABLE_BANDWIDTH']} SET bandwidth = '" . round(($user_bandwidth*1024)*1024) .
                  "' WHERE user_id = '$user_id'";
    db_query($sql_update);
}


Look for:

Code Select Expand


function edit_user($user_id)
{
    global $CONFIG, $PHP_SELF;
    global $lang_usermgr_php, $lang_yes, $lang_no;

    $form_data = array(
        array('input', 'user_name', $lang_usermgr_php['name'], 25),
        array('password', 'user_password', $lang_usermgr_php['password'], 25),
        array('yesno', 'user_active', $lang_usermgr_php['user_active']),
        array('group_list', 'user_group', $lang_usermgr_php['user_group']),
        array('input', 'user_email', $lang_usermgr_php['user_email'], 255),
        array('input', 'user_location', $lang_usermgr_php['user_location'], 255),
        array('input', 'user_interests', $lang_usermgr_php['user_interests'], 255),
        array('input', 'user_website', $lang_usermgr_php['user_web_site'], 255),
        array('input', 'user_occupation', $lang_usermgr_php['user_occupation'], 255),
        );

    $sql = "SELECT * FROM {$CONFIG['TABLE_USERS']}  WHERE user_id = '$user_id'";



Replace with:

Code Select Expand


function edit_user($user_id)
{
    global $CONFIG, $PHP_SELF;
    global $lang_usermgr_php, $lang_yes, $lang_no;

    $form_data = array(
        array('input', 'user_name', $lang_usermgr_php['name'], 25),
        array('password', 'user_password', $lang_usermgr_php['password'], 25),
        array('yesno', 'user_active', $lang_usermgr_php['user_active']),
        array('group_list', 'user_group', $lang_usermgr_php['user_group']),
        array('input', 'user_email', $lang_usermgr_php['user_email'], 255),
        array('input', 'user_location', $lang_usermgr_php['user_location'], 255),
        array('input', 'user_interests', $lang_usermgr_php['user_interests'], 255),
        array('input', 'user_website', $lang_usermgr_php['user_web_site'], 255),
        array('input', 'user_occupation', $lang_usermgr_php['user_occupation'], 255),
        array('input', 'bandwidth', $lang_usermgr_php['user_bandwidth'], 255),
        );

    $sql = "SELECT * FROM {$CONFIG['TABLE_USERS']} as tu, {$CONFIG['TABLE_BANDWIDTH']} as tb WHERE tu.user_id =

'$user_id' AND tb.user_id = tu.user_id";


Look for:

Code Select Expand


    foreach ($form_data as $element) switch ($element[0]) {
        case 'input' :
            $user_data[$element[1]] = $user_data[$element[1]];
            echo <<<EOT


Replace with:

Code Select Expand


    foreach ($form_data as $element) switch ($element[0]) {
        case 'input' :
            if ( $element[1] == 'bandwidth' ) { $user_data[$element[1]] = ($user_data[$element[1]]/1024)/1024; }
            echo <<<EOT


And we can add users with their bandwith limit set, now we need to make sure that if we remove them we clean up this

users info in the bandwith table as well.

So now for delete.php

Look for:

Code Select Expand


        db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET  owner_id = '0' WHERE  owner_id = '$user_id'");


Replace with:

Code Select Expand


        db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET  owner_id = '0' WHERE  owner_id = '$user_id'");
        // BANDWIDTH MONITORING
        db_query("DELETE FROM {$CONFIG['TABLE_BANDWIDTH']} WHERE user_id = '$user_id'");
        // BANDWIDTH MONITORING


[RatKing]

So now that all user both old and new will have a bandwith limit set and removed all we need to do is enforce the policy.


Lets edit displayimage.php (this will as long as you copy and paste correctly not be noticed by the users)

Look for:

Code Select Expand


function html_picture()
{
    global $CONFIG, $CURRENT_PIC_DATA, $CURRENT_ALBUM_DATA, $USER, $HTTP_COOKIE_VARS;
    global $album, $comment_date_fmt, $template_display_picture;
    global $lang_display_image_php, $lang_picinfo, $lang_errors;


Replace with:

Code Select Expand


function html_picture()
{
    global $CONFIG, $CURRENT_PIC_DATA, $CURRENT_ALBUM_DATA, $USER, $HTTP_COOKIE_VARS;
    global $album, $comment_date_fmt, $template_display_picture;
    global $lang_display_image_php, $lang_picinfo, $lang_errors;

    if ( $CONFIG['monitor_bandwidth'] ) {
      $sql = "select * from ".$CONFIG['TABLE_BANDWIDTH']." WHERE user_id = '".USER_ID."' ";
      $result = db_query($sql);

      if (!mysql_num_rows($result)) cpg_die(ERROR, $lang_errors['action_failed'], __FILE__, __LINE__);
      $row = mysql_fetch_array($result);

      if ( ($row['bandwidth'] != 0) && (($row['download']+$CURRENT_PIC_DATA['filesize']) > $row['bandwidth']) ) {
        $msg = strtr($lang_errors['bandwidth_limit'], array('[limit]' => (round(($row['bandwidth']/1024)/1024))));
        cpg_die(BANDWIDTH_LIMIT, $msg, __FILE__, __LINE__);
      }
    }


Look for:

Code Select Expand


    $image_size = compute_img_size($CURRENT_PIC_DATA['pwidth'], $CURRENT_PIC_DATA['pheight'], $CONFIG['picture_width']);

    $pic_title = '';
    $mime_content = get_type($CURRENT_PIC_DATA['filename']);

    if ($CURRENT_PIC_DATA['title'] != '') {
        $pic_title .= $CURRENT_PIC_DATA['title'] . "\n";
    }


Replace with:

Code Select Expand


    $image_size = compute_img_size($CURRENT_PIC_DATA['pwidth'], $CURRENT_PIC_DATA['pheight'], $CONFIG['picture_width']);

    $pic_title = '';
    $mime_content = get_type($CURRENT_PIC_DATA['filename']);

    if ( $CONFIG['monitor_bandwidth'] ) {
      if ($CURRENT_PIC_DATA['filesize'] != '') {
        $result = db_query("UPDATE ".$CONFIG['TABLE_BANDWIDTH']." SET download=download+".$CURRENT_PIC_DATA['filesize']." WHERE user_id='".USER_ID."' ");
      }
    }

    if ($CURRENT_PIC_DATA['title'] != '') {
        $pic_title .= $CURRENT_PIC_DATA['title'] . "\n";
    }


Look for:

Code Select Expand


        // Treat the album set
        if (count($ALBUM_SET_ARRAY)) {
            $set = '';
            foreach ($ALBUM_SET_ARRAY as $album_id) $set .= ($set == '') ? $album_id : ',' . $album_id;
            $ALBUM_SET .= "AND aid IN ($set) ";
        }
    }
}

// Retrieve data for the current picture
if ($pos < 0) {
    $pid = - $pos;


Replace with:

Code Select Expand


        // Treat the album set
        if (count($ALBUM_SET_ARRAY)) {
            $set = '';
            foreach ($ALBUM_SET_ARRAY as $album_id) $set .= ($set == '') ? $album_id : ',' . $album_id;
            $ALBUM_SET .= "AND aid IN ($set) ";
        }
    }
}

  if ( $CONFIG['monitor_bandwidth'] ) {
    $result = db_query("UPDATE ".$CONFIG['TABLE_BANDWIDTH']." SET download=download+".$addsize." WHERE user_id='".USER_ID."' ");
  }

// Retrieve data for the current picture
if ($pos < 0) {
    $pid = - $pos;


To prevent our users from using the slideshow feature to escape our watchful eye we will have to modify slideshow.inc.php

Just replace all code in that file with:

Code Select Expand


<?php
/*************************
  Coppermine Photo Gallery
  ************************
  Copyright (c) 2003-2005 Coppermine Dev Team
  v1.1 originaly written by Gregory DEMAR

  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License as published by
  the Free Software Foundation; either version 2 of the License, or
  (at your option) any later version.
  ********************************************
  Coppermine version: 1.3.3
  $Source: /cvsroot/coppermine/stable/include/slideshow.inc.php,v $
  $Revision: 1.9 $
  $Author: gaugau $
  $Date: 2005/04/19 03:17:11 $
**********************************************/
?>

<script language="JavaScript" type="text/JavaScript">
// (C) 2000 www.CodeLifter.com
// http://www.codelifter.com
// Free for all users, but leave in this  header
// NS4-6,IE4-6
// Fade effect only in IE; degrades gracefully

// $Id: slideshow.inc.php,v 1.9 2005/04/19 03:17:11 gaugau Exp $

// Set slideShowSpeed (milliseconds)
var slideShowSpeed = <?php echo (int)$HTTP_GET_VARS['slideshow'] ?>

// Agent sniffer shamelessly 'stolen' from the excellent X library from cross-browser.com
var xOp7=false,xOp5or6=false,xIE4Up=false,xNN4=false,xUA=navigator.userAgent.toLowerCase();
if(window.opera){
  xOp7=(xUA.indexOf('opera 7')!=-1 || xUA.indexOf('opera/7')!=-1);
  if (!xOp7) xOp5or6=(xUA.indexOf('opera 5')!=-1 || xUA.indexOf('opera/5')!=-1 || xUA.indexOf('opera 6')!=-1 || xUA.indexOf('opera/6')!=-1);
}
else if(document.layers) xNN4=true;
else {xIE4Up=document.all && xUA.indexOf('msie')!=-1 && parseInt(navigator.appVersion)>=4;}

// Duration of crossfade (seconds)
var crossFadeDuration = 3

// Specify the image files
var Pic = new Array() // don't touch this
// BANDWIDTH MONITOR
var Pic_size = new Array() // don't touch this
// BANDWIDTH MONITOR
// to add more images, just continue
// the pattern, adding to the array below
<?php
    global $CONFIG, $USER, $HTTP_COOKIE_VARS;
    global $lang_errors;

// BANDWIDTH MONITOR
    $sql = "select * from ".$CONFIG['TABLE_BANDWIDTH']." WHERE user_id = '".USER_ID."' ";
    $result = db_query($sql);

    if (!mysql_num_rows($result)) cpg_die(ERROR, $lang_errors['action_failed'], __FILE__, __LINE__);
    $row = mysql_fetch_array($result);
// BANDWIDTH MONITOR

$bandwidth = $row['bandwidth'];
$download  = $row['download'];
$i = 0;
$j = 0;
$pid = (int)$HTTP_GET_VARS['pid'];
$start_img = '';
$pic_data = get_pic_data($HTTP_GET_VARS['album'], $pic_count, $album_name, -1, -1, false);
foreach ($pic_data as $picture) {

    if($CONFIG['thumb_use']=='ht' && $picture['pheight'] > $CONFIG['picture_width'] ){ // The wierd comparision is because only picture_width is stored
      $condition = true;
    }elseif($CONFIG['thumb_use']=='wd' && $picture['pwidth'] > $CONFIG['picture_width']){
      $condition = true;
    }elseif($CONFIG['thumb_use']=='any' && max($picture['pwidth'], $picture['pheight']) > $CONFIG['picture_width']){
      $condition = true;
    }else{
     $condition = false;
    }

    if (is_image($picture['filename'])) {
        if ($CONFIG['make_intermediate'] && $condition ) {
            $picture_url = get_pic_url($picture, 'normal');
        } else {
            $picture_url = get_pic_url($picture, 'fullsize');
        }

        echo "Pic[$i]      = '" . $picture_url . "'\n";
// BANDWIDTH MONITOR
        echo "Pic_size[$i] = " . $picture['filesize'] . "\n";
// BANDWIDTH MONITOR
        if ($picture['pid'] == $pid) {
            $j = $i;
            $start_img = $picture_url;
        }
        $i++;
    }
}
if (!$i) {
    echo "Pic[0]      = 'images/thumb_document.jpg'\n";
// BANDWIDTH MONITOR
    echo "Pic_size[0] = 0\n";
// BANDWIDTH MONITOR
}
?>

var t
var j = <?php echo "$j\n" ?>
var p = Pic.length
var pos = j
var bandwidth = <?php echo "$bandwidth\n" ?>
var download  = <?php echo "$download\n" ?>
var viewed_size = 0

var preLoad = new Array()

function preLoadPic(index)
{
        if (Pic[index] != ''){
                window.status='Loading : '+Pic[index]
                preLoad[index] = new Image()
                preLoad[index].src = Pic[index]
<? if ( $CONFIG['monitor_bandwidth'] ) { echo "                viewed_size = viewed_size + Pic_size[index]\n"; } ?>
                Pic[index] = ''
                window.status=''
        }
}

function runSlideShow(){
<? if ( $CONFIG['monitor_bandwidth'] ) {
     echo "   if ((bandwidth != 0) && (download + viewed_size > bandwidth)) {\n";
     echo "     pos++;\n";
     echo "     endSlideShow(1)\n";
     echo "   }\n";
   } ?>
   if (xIE4Up){
        document.images.SlideShow.style.filter="blendTrans(duration=2)"
        document.images.SlideShow.style.filter= "blendTrans(duration=crossFadeDuration)"
        document.images.SlideShow.filters.blendTrans.Apply()
        }
        document.images.SlideShow.src = preLoad[j].src
        if (xIE4Up){
           document.images.SlideShow.filters.blendTrans.Play()
        }

        pos = j

        j = j + 1
        if (j > (p-1)) j=0
        t = setTimeout('runSlideShow()', slideShowSpeed)
        preLoadPic(j)
}

function endSlideShow(limit){
  self.document.location = 'displayimage.php?album=<?php echo isset($HTTP_GET_VARS['album']) ? $HTTP_GET_VARS['album'] : '';
  echo isset($HTTP_GET_VARS['cat']) ? '&cat=' . $HTTP_GET_VARS['cat'] : '' ?>&pos='+pos+'&addsize='+viewed_size
}

preLoadPic(j)

</script>

Now then we should have a very crude but working bandwidth monitoring setup.

[RatKing]

Ok, it seems that so far no one has noticed that there is no resetting of the user's downloaded data total. 

Doesn't really mather it will come it's just that this mod is quite big as far as mods go I'm nearly done with that bit right now so expect to see a post with more code to complete this mod during the comming week.

Oh, and yes it is more difficult than I expected it to be not because it is so complex (well it isn't so far) but because it is a lot of searching thru the code trying to figure out how things can best be done without harming the other parts within CPG.

[andy_cul]

How to reset bandwidth used everyday and can we add the bandwidth limit mod to Group manager so that it will be easy to manage all the users.

Issue:
I tried registering a test account and it is successful and can login but when I login as admin then go to user manager when click edit on the test account it has an error "Selected user does not exist !" While the user that I create manually can be edited

[loki]

Hello RatKing,

My problem is not really bandwith but the users that go directly to large images without registering by guessing the url path. I believe a mod that would hide the original pictures or put them in protected directory would be much needed by all the CPG community. Do U think this can be done ?

Thanks,

Loki

[Joachim Müller]

has been requested before, and there's no support on the feature requests board. Please don't try to hijack threads.

[loki]

I am not "hijacking" as you say, and this is a discussion forum don't forget ...

[RatKing]

  Have been limited in my free time this week will need to spend some more time on this later on just bare with me on this it will take time which I have very little of 

[RatKing]

 

Yeah well time to update you lot on whats been going on... Been very bussy actualy and I have thanks to a clients request found a much much better way of protecting images and keeping track of what is being servered.

It's based upon the hide image location script by omniscientdeveloper http://forum.coppermine-gallery.net/index.php?topic=3069.0

The final details are being worked on but it is a much much cleaner and better way of doing this than the messing about with so may of the CPG core files. When it is completely done it will be posted in a seperate thread but for now I am officialy stopping development for this thread as I can see to many issues and problems with this way of trying to monitor bandwith.

When the solution that I am now working on is released is upto my client he agrees that it will be released at some point in time so for now all I can say is that it will be released.... (I still own the code  )

[andy_cul]

any update

[RatKing]

 

Sorry for the slow pace at which this is going... I have been a little bussy, company has been sending me around the planet lately for training and courses... Anyway last weekend I have added usage graphics and I have finalized the design for the restricting of user access.

Currently it is monitored and you can give it a try, if you like so you know what the direction is I am working in.

Go to: http://ratking.net/protection

There is a user: test password: test
And there is a admin user: admin password: foobar

I would like to ask you not to change the user settings just have a look and try it. Upload images look at them try and get to an image without actualy hacking the whole system. (It's a hosting provider and they will be a little upset should their box be hacked) Anyway as long as you respect the fact that this is a shared host and that others would like to test as well then you can do what ever you like.  Did I just say that 

Anyway have a look and see let me know what you think I know the template behaves a bit bas when looking at the user views but it is as I said not finished yet....

[Stramm]

I just tried both logins without any hacking haven't tried to grab images so far just noticed that I can't view fulsized images when using the testuser account. However no problem as admin. Is this intended behaviour?

[RatKing]

Look at the edit user page and find out if it is 

If you have no time to do that, yes it is you can set any level of access, even thumbnails can be blocked.... The image used for blocking will be configurable of course... (I don't think I have done that yet)

[Stramm]

got it... works nice.... have done some standard stuff to get the images as non user... nada

[Sigma]

Bump .....

Anything new on this great future ?