Over a million developers have joined DZone.

Multiple User Accounts Hack For ZenPhoto

·
Multiple user accounts hack for zenPhoto

I needed support for several users, not really for any fancy reason, just so there was no password sharing, so here's a quick hack I made that shouldn't be hard to extend to be a bit more useful if you desire.

Hopefully I have used this forum's tags correctly. If I haven't perhaps a mod can lend a hand in rectifying them. :)


In admin-functions.php:
After:
	echo "\n  ";
Add:
	echo "\n  ";

Before:
  echo "\n  ";
Add:
  echo "\n     users";

In admin.php
After:
    } else if ($action == 'settheme') {
      if (isset($_GET['theme'])) {
        $gallery->setCurrentTheme($_GET['theme']);
      }
Add:
	  
/** USERS ******************************************************************/
/*****************************************************************************/

    } else if ($action == 'updateUsers') {
		$uid = explode("_",$_REQUEST['userid']);
		$uid = $uid[1];
		$name = $_REQUEST['username'];
		$pass = $_REQUEST['userpass'];
		$email = $_REQUEST['usermail'];
		$query = "SELECT * FROM users WHERE name='$name' LIMIT 1";
		$result = mysql_query($query) or die(mysql_error());
		if (mysql_num_rows($result)<1){
			//create new user
			$query = "INSERT INTO users (`name`,`pass`,`email`) VALUES ('$name',MD5('$pass'),'$email')";
			$result = mysql_query($query) or die(mysql_error());
			$r = mysql_insert_id();
			die("$r");
		}else{
			//update old user
			$query = "UPDATE users SET ";
			$query .= "name='$name'";
			if (!empty($pass) && ($pass!="")){ $query .= ",pass=MD5('$name')"; }
			$query .= ",email='$email'";
			$query .= " WHERE id='$uid'";
			$result = mysql_query($query) or die(mysql_error());
			die("Save successful!");
		}
    } else if ($action == 'removeUsers') {
		$uid = explode("_",$_REQUEST['userid']);
		$uid = $uid[1];
		$query = "DELETE FROM users WHERE id='$uid' LIMIT 1";
		$result = mysql_query($query) or die(mysql_error());
	}

Before:
 
Add:
 
      
    
	
	
	
	

User Management

"; echo " "; echo " "; echo " "; echo " "; echo ""; } ?>
Name Password Email
Add User
Delete | Edit".$r['name']."Saved".$r['email']."
Replace auth_zp.php with: 0){ $r = mysql_fetch_assoc($result); $check_auth = md5($r['name'].$r['pass']); } if ($rows>0 && $saved_auth==$check_auth) { $_zp_loggedin = true; } else { // Clear the cookie setcookie("zenphoto_auth", "", time()-368000, $cookiepath); setcookie("zenphoto_user", "", time()-368000, $cookiepath); } } else { // Handle the login form. if (isset($_POST['login']) && isset($_POST['user']) && isset($_POST['pass'])) { $user = $_POST['user']; $pass = MD5($_POST['pass']); $redirect = $_POST['redirect']; $query = "SELECT * FROM users WHERE name='$user' AND pass='$pass' LIMIT 1"; $result = mysql_query($query) or die(mysql_error()); if (mysql_num_rows($result)>0) { // Correct auth info. Set the cookie. setcookie("zenphoto_auth", md5($user.$pass), time()+5184000, $cookiepath); setcookie("zenphoto_user", $user, time()+5184000, $cookiepath); $_zp_loggedin = true; //// FIXME: Breaks IIS if (!empty($redirect)) { header("Location: " . FULLWEBPATH . $redirect); } //// } else { // Clear the cookie, just in case setcookie("zenphoto_auth", "", time()-368000, $cookiepath); setcookie("zenphoto_user", "", time()-368000, $cookiepath); $error = true; } } } unset($saved_auth, $check_auth, $user, $pass); // Handle a logout action. if (isset($_POST['logout']) || isset($_GET['logout'])) { setcookie("zenphoto_auth", "", time()-368000, $cookiepath); setcookie("zenphoto_user", "", time()-368000, $cookiepath); header("Location: " . FULLWEBPATH . "/"); } function zp_loggedin() { $_zp_loggedin = false; if (isset($_COOKIE['zenphoto_auth'])) { $saved_auth = $_COOKIE['zenphoto_auth']; $saved_user = $_COOKIE['zenphoto_user']; $query = "SELECT * FROM users WHERE name='$saved_user' LIMIT 1"; $result = mysql_query($query) or die(mysql_error()); $rows = mysql_num_rows($result); if ($rows>0){ $r = mysql_fetch_assoc($result); $check_auth = md5($r['name'].$r['pass']); if ($saved_auth==$check_auth){ $_zp_loggedin = true; } } } return $_zp_loggedin; } ?> Execute this SQL on your zenphoto table: CREATE TABLE users ( `id` INT( 255 ) NOT NULL AUTO_INCREMENT PRIMARY KEY , `name` VARCHAR( 255 ) NOT NULL , `pass` VARCHAR( 255 ) NOT NULL , `email` VARCHAR( 255 ) NOT NULL ); INSERT INTO users (`name`,`pass`,`email`) VALUES ('admin',MD5('password'),'you@yourdomain.com');
I recommend also changing the password info in the config file to something uninteresting. Also, as always, I recommend doing a full backup before proceeding with these directions. YMMV. These directions are provided as-is with no warranty express or implied. You use this at your own risk.
Topics:

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}