Simple Gallery schützen

Den folgenden Beitrag habe ich im englischsprachigen Support-Forum von Simple Gallery hinterlassen. Damit ich ihn bei Gelegenheit selbst wiederfinde ;-), hier eine Kopie davon:

Hello,

I had the idea, that some of my pictures should be shown only to registered users in Wordpress 1.5 - not to everybody. I made a simple hack to the sp_def_vars.php which I want to show to you, maybe somebody can use it (and make it even better?)

The idea is, that in every image-directory beside the pictures there can(!) be a file called “.level”, a plain text file in which only a number is stored, i.e. “6”. That means, that this directory is only shown to registered Wordpress-Users who have a userlevel of 6 or higher.

Warning: In the current version everybody can show every picture-directory if he knows the name and types it in the adress-field of his browser. So it is a very soft protection. But most of your visitors won’t know the directory-names of your hidden images, would they?

So, what do you have to do?

1)

Just add a function and therefor change the beginning of the file sp_def_vars.php to the following:

`< ?php require(‘sp_config.php’);

define(“VERSION”,“1.1”);

function is_closed($checkfile) { global $user_level; $checkfile=$checkfile.‘/.level’; if (file_exists($checkfile)) { $level_file = @fopen($checkfile,‘r’); $min_level = fread($level_file, filesize($checkfile)); @fclose($level_file); get_currentuserinfo(); if (intval($user_level) >= intval($min_level)) return false; else return true; } else return false; } ` 2)

Change the following line (near the end of the file):

//IF THE CURRENT ITEM IS A DIRECTORY, ADD THE LINK TEXT TO THE $dirlink ARRAY else if(is_dir($path) && !in_array($file, $hide_folders) && !is_closed($path))

3)

That’s it.

Nächster Beitrag
Vorheriger Beitrag