Hello everyone, I'm having trouble accessing the cvs repository (no doubt my own lame fault, but there you have it!). So instead of stalling any longer, here's the diff patch and the new copy of Gallery.pm, attached. If any of you have cvs access and are willing, please go ahead and upload it. Michael has already given me permission to bang it in before an intense QA, I guess his feeling is that problems can be fixed afterwards. This implements authentication, rotation and the editing of annotation files on the server. Feedback welcomed and appreciated, and cheers! Paul (30 years old today!)
Attachment:
Gallery.pm
Description: Binary data
16,17d15
< use Apache::Cookie;
< use MD5;
22d19
< use CGI;
51,56d47
< my $authenticated = '';
< if ( isauth() )
< {
< $authenticated = '( User authenticated ) ';
< }
<
98,147c89,91
<
< $tpl->assign(AUTH => '' );
<
< if ( $apr->param('auth') )
< {
< if ( $apr->param('password') )
< {
< $authenticated = authenticate_user( $apr->param('password') );
<
< if ( $authenticated eq '( User authenticated ) ' ) {
< my $hash=new MD5;
< $hash->add($apr->param('password'));
< my $digest = $hash->digest();
< my $cookie = Apache::Cookie->new($apr,
< -name => 'password',
< -value => unpack("H*", $digest) ,
< -expires => '+1h'
< );
<
< $cookie->bake;
< } else {
< my $cookie = Apache::Cookie->new($apr,
< -name => 'password',
< -value => '',
< -expires => '+1h'
< );
< $cookie->bake;
< }
<
< } else {
<
< if ( $apr->param('logout_button') )
< {
< my $cookie = Apache::Cookie->new($apr,
< -name => 'password',
< -value => '',
< -expires => '+1h'
< );
< $cookie->bake;
< $authenticated = '';
< }
<
< }
<
< $tpl->assign(AUTH => build_auth_form($authenticated));
<
< }
<
< $tpl->assign(MENU => $authenticated . generate_menu($r));
<
---
>
> $tpl->assign(MENU => generate_menu($r));
>
235d178
<
282,392d224
< # admin section
< # admin form section
<
< if ( isauth() ) {
<
< my $query = new CGI;
< my $admin;
<
< # Rotate form
<
< my @rotatefile;
< my $rotateval = '0';
< if ( open (ROTATE, "$filename.rotate") ) {
< @rotatefile = <ROTATE>;
< close ROTATE;
< }
< foreach my $line (@rotatefile) {
< chomp($rotateval = $line);
< }
< $tpl->assign(DEBUG => "rotatefile is $filename.comment and contents are $rotateval");
<
< $admin=$query->start_form;
< my %labels = ('0'=>'0', '1'=>'90', '2'=>'180', '3'=>'270');
< $admin = $admin . 'Rotation: ' . $query->popup_menu('rotate_menu',
< ['0','1','2','3'],
< "$rotateval",\%labels);
< $admin = $admin . $query->submit(-name=>'resolution_button', -value=>'submit');
< $admin = $admin . $query->end_form;
<
<
< # Comments form
< my @commentfile;
< my $comments = '';
< if ( open (COMMENTS, "$filename.comment") ) {
< @commentfile = <COMMENTS>;
< close COMMENTS;
< }
< foreach my $line (@commentfile) {
< $comments = $comments . $line;
< }
<
< $admin = $admin . $query->start_form;
< $admin = $admin . 'Comments: ' . $query->textarea(-name=>'comments',
< -default=>$comments,
< -rows=>10,
< -columns=>50);
< $admin = $admin . $query->submit(-name=>'comments_button', -value=>'submit');
< $admin = $admin . $query->end_form;
<
< $tpl->assign(ADMIN => $admin );
<
< } else {
< $tpl->assign(ADMIN => '');
< }
<
< # end admin form section
<
< # admin processing section
< if ( isauth() ) {
<
< my @dirs = split(/\//, $filename);
< my $fileonly = pop(@dirs);
< my $cache = join ("/", @dirs) . "/.cache";
<
< if ( $apr->param('resolution_button') && $apr->param('resolution_button') eq 'submit' )
< {
<
< if ( $apr->param('rotate_menu') eq '0' )
< { unlink "$filename.rotate";
< }
< else {
< open ROTATEFILE, ">$filename.rotate";
< print ROTATEFILE $apr->param('rotate_menu') . "\n";
< close ROTATEFILE;
< }
<
< # Blow the cache for this file.
<
< unless (opendir (DIR, $cache)) {
< show_error ($r, $!, "Unable to access cache directory $cache: $!");
< return OK;
< }
<
< my @files = readdir (DIR);
< @files = sort @files;
< my $filelist;
<
< if (@files) {
<
< foreach my $picture (@files) {
<
< if (-f $cache.'/'.$picture && ($picture =~ m/$fileonly/i)) {
< unlink $cache.'/'.$picture;
< }
< }
< }
< $tpl->assign(DEBUG => 'rotate!');
< }
< if ( $apr->param('comments_button') && $apr->param('comments_button') eq 'submit' )
< {
< open COMMENTFILE, ">$filename.comment";
< print COMMENTFILE $apr->param('comments');
< close COMMENTFILE;
< $tpl->assign(DEBUG => $apr->param('comments'));
< }
<
< }
<
< # end admin processing section
< # end admin section
<
395c227
< $tpl->assign(MENU => $authenticated . generate_menu($r));
---
> $tpl->assign(MENU => generate_menu($r));
581c413
< if ($r->dir_config('GalleryCopyrightImage') && -f $r->dir_config('GalleryCopyrightImage')) {
---
> if (-f $r->dir_config('GalleryCopyrightImage')) {
771,828d602
<
< sub build_auth_form {
<
< my $form;
< my $query = new CGI;
< my $authenticated = shift;
< $form = $query->start_form();
<
< if ( $authenticated eq '( User authenticated ) ' )
< {
< $form = $form . $query->submit(-name=>'logout_button', -value=>'logout');
< }
< else {
< $form = $form . $query->password_field(-name=>'password',
< -value=>'');
< $form = $form . $query->submit(-name=>'submit_button', -value=>'submit');
< }
< $form = $form . $query->endform();
<
<
< return $form;
< }
<
< sub authenticate_user {
<
< my $password = shift;
< my $returnstring;
< if ( Apache->request()->dir_config('AdminPassword') &&
< Apache->request()->dir_config('AdminPassword') eq $password )
< { $returnstring = '( User authenticated ) ';
<
< } else {
< $returnstring = '( User authentication failed )' ;
< }
<
< return $returnstring;
<
< }
<
< sub isauth {
< my %cookies = Apache::Cookie->fetch;
< my $isauth;
< my $hash=new MD5;
<
< if (Apache->request()->dir_config('AdminPassword')) {
< $hash->add(Apache->request()->dir_config('AdminPassword'));
< } else {
< return 0;
< }
<
< my $digest = $hash->digest();
<
< if ( $cookies{'password'} && $cookies{'password'}->value eq unpack("H*", $digest) )
< { $isauth = 1 ;
< } else { $isauth = 0 }
< return $isauth;
< }
<
--------------------------------------------------------------------- Apache::Gallery users mailinglist. http://apachegallery.dk/ To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx