Need group permissions for images Need group permissions for images
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Need group permissions for images

Started by trigger, February 09, 2006, 01:43:55 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

trigger

Hello everybody!

I need permissions for individual files, because some files in an album should not be seen by unregistered users. When they are browsing an album with public and non public pictures, they see all public pics and thumbs the normal way and for the non public pics they see a "this-is-private" thumbnail. When they click this thumb, they go to login.php

Permissions may be set in editOnePic.php. There should be a listbox to choose a valid group.

I am using 1.4.3

I hope you understand what i mean...

I'm willing to pay for it, so please make an offer.

Like to hear from you.

Stramm

I do not really understand. You say if not registered a click on the thumb will lead to the login page. But for what do you need a listbox and for what group?

oh, and when you don't need whistles and bells it's easy to do

trigger

Hi!

the listbox is only for the admin in editOnePic.php - for choosing the group that should have permission to the image.

I dont know if its easy, i think there must be a new field in the picture table, and editOnePic.php must be edited, and everytime a thumnail is shown it must be checked if the user has the permission to view it...


Stramm

why do you want redirect probably already registered users to login? Just makes sense to redirect guests to login. Then you won't need the 'listbox' and the changes that need to be done are minimal

trigger

of course only guests will be redirected to login page. - my fault - i explained it bad...

registered users can access all pictures.


Stramm

try this...

in functions.inc.php find
                if($select_columns != '*') $select_columns .= ', title, caption,hits,owner_id,owner_name';
and replace with
                if($select_columns != '*') $select_columns .= ', title, caption,hits,owner_id,owner_name,user1'; //mod

find
$thumb_list[$i]['caption'] = bb_decode($row['caption_text']);
above add

                        //mod
if (!USER_ID && $row['user1']=='yes'){
$thumb_list[$i]['image'] = "<img src=\"images/no.gif\" class=\"image\" border=\"0\" alt=\"no access\" title=\"no access\"/>";
} else {
$thumb_list[$i]['image'] = "<img src=\"" . $pic_url . "\" class=\"image\" {$image_size['geom']} border=\"0\" alt=\"{$row['filename']}\" title=\"$pic_title\"/>";
                        }
                        $thumb_list[$i]['user1'] = $row['user1'];
//mod



now go to your themes dir and open theme.php
and add following code above the ?> at the end of it
function theme_display_thumbnails(&$thumb_list, $nbThumb, $album_name, $aid, $cat, $page, $total_pages, $sort_options, $display_tabs, $mode = 'thumb')
{
    global $CONFIG, $REFERER; //mod
    global $template_thumb_view_title_row,$template_fav_thumb_view_title_row, $lang_thumb_view, $template_tab_display, $template_thumbnail_view, $lang_album_list;

    static $header = '';
    static $thumb_cell = '';
    static $empty_cell = '';
    static $row_separator = '';
    static $footer = '';
    static $tabs = '';
    static $spacer = '';

    if ($header == '') {
        $thumb_cell = template_extract_block($template_thumbnail_view, 'thumb_cell');
        $tabs = template_extract_block($template_thumbnail_view, 'tabs');
        $header = template_extract_block($template_thumbnail_view, 'header');
        $empty_cell = template_extract_block($template_thumbnail_view, 'empty_cell');
        $row_separator = template_extract_block($template_thumbnail_view, 'row_separator');
        $footer = template_extract_block($template_thumbnail_view, 'footer');
        $spacer = template_extract_block($template_thumbnail_view, 'spacer');
    }

    $cat_link = is_numeric($aid) ? '' : '&amp;cat=' . $cat;

    $theme_thumb_tab_tmpl = $template_tab_display;

    if ($mode == 'thumb') {
        $theme_thumb_tab_tmpl['left_text'] = strtr($theme_thumb_tab_tmpl['left_text'], array('{LEFT_TEXT}' => $aid == 'lastalb' ? $lang_album_list['album_on_page'] : $lang_thumb_view['pic_on_page']));
        $theme_thumb_tab_tmpl['inactive_tab'] = strtr($theme_thumb_tab_tmpl['inactive_tab'], array('{LINK}' => 'thumbnails.php?album=' . $aid . $cat_link . '&amp;page=%d'));
        $theme_thumb_tab_tmpl['inactive_next_tab'] = strtr($theme_thumb_tab_tmpl['inactive_next_tab'], array('{LINK}' => 'thumbnails.php?album=' . $aid . $cat_link . '&amp;page=%d'));
        $theme_thumb_tab_tmpl['inactive_prev_tab'] = strtr($theme_thumb_tab_tmpl['inactive_prev_tab'], array('{LINK}' => 'thumbnails.php?album=' . $aid . $cat_link . '&amp;page=%d'));
    } else {
        $theme_thumb_tab_tmpl['left_text'] = strtr($theme_thumb_tab_tmpl['left_text'], array('{LEFT_TEXT}' => $lang_thumb_view['user_on_page']));
        $theme_thumb_tab_tmpl['inactive_tab'] = strtr($theme_thumb_tab_tmpl['inactive_tab'], array('{LINK}' => 'index.php?cat=' . $cat . '&amp;page=%d'));
        $theme_thumb_tab_tmpl['inactive_next_tab'] = strtr($theme_thumb_tab_tmpl['inactive_next_tab'], array('{LINK}' => 'index.php?cat=' . $cat . '&amp;page=%d'));
        $theme_thumb_tab_tmpl['inactive_prev_tab'] = strtr($theme_thumb_tab_tmpl['inactive_prev_tab'], array('{LINK}' => 'index.php?cat=' . $cat . '&amp;page=%d'));
    }

    $thumbcols = $CONFIG['thumbcols'];
    $cell_width = ceil(100 / $CONFIG['thumbcols']) . '%';

    $tabs_html = $display_tabs ? create_tabs($nbThumb, $page, $total_pages, $theme_thumb_tab_tmpl) : '';
    // The sort order options are not available for meta albums
    if ($sort_options) {
        $param = array('{ALBUM_NAME}' => $album_name,
            '{AID}' => $aid,
            '{PAGE}' => $page,
            '{NAME}' => $lang_thumb_view['name'],
            '{TITLE}' => $lang_thumb_view['title'],
            '{DATE}' => $lang_thumb_view['date'],
            '{SORT_TA}' => $lang_thumb_view['sort_ta'],
            '{SORT_TD}' => $lang_thumb_view['sort_td'],
            '{SORT_NA}' => $lang_thumb_view['sort_na'],
            '{SORT_ND}' => $lang_thumb_view['sort_nd'],
            '{SORT_DA}' => $lang_thumb_view['sort_da'],
            '{SORT_DD}' => $lang_thumb_view['sort_dd'],
            '{POSITION}' => $lang_thumb_view['position'],
            '{SORT_PA}' => $lang_thumb_view['sort_pa'],
            '{SORT_PD}' => $lang_thumb_view['sort_pd'],
            );
        $title = template_eval($template_thumb_view_title_row, $param);
    } else if ($aid == 'favpics' && $CONFIG['enable_zipdownload'] == 1) { //Lots of stuff can be added here later
       $param = array('{ALBUM_NAME}' => $album_name,
                             '{DOWNLOAD_ZIP}'=>$lang_thumb_view['download_zip']
                               );
       $title = template_eval($template_fav_thumb_view_title_row, $param);
    }else{
        $title = $album_name;
    }


    if ($mode == 'thumb') {
        starttable('100%', $title, $thumbcols);
    } else {
        starttable('100%');
    }

    echo $header;

    $i = 0;
    foreach($thumb_list as $thumb) {
        $i++;
//mod
if (!USER_ID && $thumb['user1']=='yes'){
$link_tgt1 = "login.php?referer=$REFERER";
$link_tgt2 = "login.php?referer=$REFERER";
$link_tgt3 = "login.php?referer=$REFERER";
} else {
$link_tgt1 = "thumbnails.php?album={$thumb['aid']}";
$link_tgt2 = "displayimage.php?album=$aid$cat_link&amp;pos={$thumb['pos']}";
$link_tgt3 = "index.php?cat={$thumb['cat']}";
}

//mod
        if ($mode == 'thumb') {
            if ($aid == 'lastalb') {
                $params = array('{CELL_WIDTH}' => $cell_width,
                    '{LINK_TGT}' => $link_tgt1,//mod
                    '{THUMB}' => $thumb['image'],
                    '{CAPTION}' => $thumb['caption'],
                    '{ADMIN_MENU}' => $thumb['admin_menu']
                    );
            } else {
                $params = array('{CELL_WIDTH}' => $cell_width,
                    '{LINK_TGT}' => $link_tgt2,//mod
                    '{THUMB}' => $thumb['image'],
                    '{CAPTION}' => $thumb['caption'],
                    '{ADMIN_MENU}' => $thumb['admin_menu']
                    );
            }
        } else {
            $params = array('{CELL_WIDTH}' => $cell_width,
                '{LINK_TGT}' => $link_tgt3,//mod
                '{THUMB}' => $thumb['image'],
                '{CAPTION}' => $thumb['caption'],
                '{ADMIN_MENU}' => ''
                );
        }
        echo template_eval($thumb_cell, $params);

        if ((($i % $thumbcols) == 0) && ($i < count($thumb_list))) {
            echo $row_separator;
        }
    }
    for (;($i % $thumbcols); $i++) {
        echo $empty_cell;
    }
    echo $footer;

    if ($display_tabs) {
        $params = array('{THUMB_COLS}' => $thumbcols,
            '{TABS}' => $tabs_html
            );
        echo template_eval($tabs, $params);
    }

    endtable();
    echo $spacer;
}


just a few changes here, they are commented with //mod

now in config -  Custom fields for image description -> here you enable the first field with typing eg. 'Private' in it
and of course you need an image 'no.gif'. Place it into the images dir


When viewing the intermediate image click 'Edit file information' (editOnePic.php). If you now type 'yes' into the 'Private' field the image becomes visible only for registered users

trigger

 :D :D

WOW!

That works fine for me! You are so great! how much do I owe you?

Thanx thanx thanx!!!

Stramm

I move the thread to the support board... then it's free

trigger

Thanx a lot!
let me know if you come to hamburg, i give you a drink, or two, or...  ;)


trigger

Hi again,
there is thomething i forgot...  ::)

the "no access" thumb must appear if someone comes via "next image>" and "<previous image" to the protected picture, and also in the filmstrip...

Could you give me a hint for this too?  :-[ Thanks again for your help!!

Stramm

yup,
in displayimage.php find
// Retrieve data for the current album
if (isset($CURRENT_PIC_DATA)) {

and after that add if ($CURRENT_PIC_DATA['user1']=='yes') cpg_die(ERROR, $lang_display_image_php['registered_only'], __FILE__, __LINE__);


then when an unregistered user clicks on prev/ next and stumbles over a 'private' image he gets an error message 'you must be a registzered user yadda, yadda'
you can display the nopic instead if you assign the relevant data to
$CURRENT_PIC_DATA['filepath']
$CURRENT_PIC_DATA['filename']
$CURRENT_PIC_DATA['pwidth']
$CURRENT_PIC_DATA['pheight']

filmstrip works similar to the code in function theme_display_thumbnails I posted above (just look what I've changed there --> I've commented it with //mod)
filmstrip template can be found in themes.inc.php -> function theme_display_film_strip
copy it to your theme.php

I haven't tested this... so it's not foolproof

trigger

thanks again, that was what i needed.

i changed some things, so here is the code for anyone who is interested:

for the filmstrip go to your themes dir and open theme.php
and add following code above the ?> at the end of it

// Added to display flim_strip
function theme_display_film_strip(&$thumb_list, $nbThumb, $album_name, $aid, $cat, $pos, $sort_options, $mode = 'thumb')
{
    global $CONFIG, $REFERER; //mod
    global $CONFIG, $THEME_DIR;
    global $template_film_strip, $lang_film_strip;

    static $template = '';
    static $thumb_cell = '';
    static $empty_cell = '';
    static $spacer = '';

    if ((!$template)) {
        $template = $template_film_strip;
        $thumb_cell = template_extract_block($template, 'thumb_cell');
        $empty_cell = template_extract_block($template, 'empty_cell');
    }

    $cat_link = is_numeric($aid) ? '' : '&amp;cat=' . $cat;

    $thumbcols = $CONFIG['thumbcols'];
    $cell_width = ceil(100 / $CONFIG['max_film_strip_items']) . '%';

    $i = 0;
    $thumb_strip = '';
    foreach($thumb_list as $thumb) {

        $i++;

//mod
if (!USER_ID && $thumb['user1']=='yes'){
$link_tgt1 = "login.php?referer=$REFERER";
$link_tgt2 = "login.php?referer=$REFERER";
$link_tgt3 = "login.php?referer=$REFERER";
} else {
$link_tgt1 = "thumbnails.php?album={$thumb['aid']}";
$link_tgt2 = "displayimage.php?album=$aid$cat_link&amp;pos={$thumb['pos']}";
$link_tgt3 = "index.php?cat={$thumb['cat']}";
}

//mod

        if ($mode == 'thumb') {
            $params = array('{CELL_WIDTH}' => $cell_width,
                '{LINK_TGT}' => $link_tgt2,
                '{THUMB}' => $thumb['image'],
                '{CAPTION}' => $thumb['caption'],
                '{ADMIN_MENU}' => ''
                );
        } else {
            $params = array('{CELL_WIDTH}' => $cell_width,
                '{LINK_TGT}' => $link_tgt3,
                '{THUMB}' => $thumb['image'],
                '{CAPTION}' => '',
                '{ADMIN_MENU}' => ''
                );
        }
        $thumb_strip .= template_eval($thumb_cell, $params);
    }

    if (defined('THEME_HAS_FILM_STRIP_GRAPHICS')) {
        $tile1 = $THEME_DIR . 'images/tile1.gif';
        $tile2 = $THEME_DIR . 'images/tile2.gif';
    } elseif (defined('THEME_HAS_FILM_STRIP_GRAPHIC')) {
        $tile1=$tile2=$THEME_DIR . 'images/tile.gif';
    } else {
        $tile1=$tile2= 'images/tile.gif';
    }

    $params = array('{THUMB_STRIP}' => $thumb_strip,
        '{COLS}' => $i,
        '{TILE1}' => $tile1,
        '{TILE2}' => $tile2,
        );

    ob_start();
    starttable($CONFIG['picture_table_width']);
    echo template_eval($template, $params);
    endtable();
    $film_strip = ob_get_contents();
    ob_end_clean();

    return $film_strip;
}



to prevent that someone comes to an pic by next/prev button:
in include/functions.inc.php find
}
                return theme_display_film_strip($thumb_list, $thumb_count, $album_name, $album, $cat, $pos, is_numeric($album));

and add ABOVE
//mod
if (!USER_ID && $row['user1']=='yes'){
$thumb_list[$i]['image'] = "<img src=\"images/no.gif\" class=\"image\" border=\"0\" alt=\"no access\" title=\"no access\"/>";
} else {
$thumb_list[$i]['image'] = "<img src=\"" . $pic_url . "\" class=\"image\" {$image_size['geom']} border=\"0\" alt=\"{$row['filename']}\" title=\"$pic_title\"/>";
                        }
                        $thumb_list[$i]['user1'] = $row['user1'];
//mod


in displayimage.php find
// Retrieve data for the current album
if (isset($CURRENT_PIC_DATA)) {

and after that add
if (!USER_ID && $CURRENT_PIC_DATA['user1']=='yes'){
$CURRENT_PIC_DATA['filepath'] = "/";
$CURRENT_PIC_DATA['filename'] = "noope.jpg";
$CURRENT_PIC_DATA['pwidth'] = "100";
$CURRENT_PIC_DATA['pheight'] = "150";
}
change the noope.jpg to your warning pic and fit the sizes


now i am working on a solution for the slideshow ...  ;D

benj_gos

Hi,
Could this be modified to simply hide the image totally instead of showing something else in it's place? (of course, it also needs to hide it all from the filmstrip, next, slideshow etc...)

Thanks,
Benji