Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: 1 [2]   Go Down

Author Topic: Limit Viewing  (Read 19546 times)

0 Members and 1 Guest are viewing this topic.

RatKing

  • Contributor
  • Coppermine regular visitor
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 85
    • Personal website
Re: Limit Viewing
« Reply #20 on: August 01, 2005, 06:05:16 pm »

What I have so far is user based bandwith monitoring that will not care about tumbnails being shown only the full pictures includign the once that you see in the slideshow are monitored.

Ok, the files that need to be modified are:

lang/<your language>.php
usermgr.php
delete.php
displayimage.php
include/init.inc.php
include/slideshow.inc.php

On top of that the database needs a change... (we will add a table)

Ok lets start with the language file(s) this will not be noticed by anyone for obvious reasons I will only show how to

change the english language file.


Look for:
Code: [Select]
  'user_occupation' => 'User occupation',
  'latest_upload' => 'Recent uploads', //cpg1.3.0

Replace with:
Code: [Select]
  'user_occupation' => 'User occupation',
  'user_bandwidth' => 'User bandwidth limit (in Mb)',
  'latest_upload' => 'Recent uploads', //cpg1.3.0


Look for:
Code: [Select]
$lang_error = 'Error';

Replace with:
Code: [Select]
$lang_error = 'Error';
$lang_bandwidth_limit = 'Bandwidth limit reached';

Look for:
Code: [Select]
$lang_errors = array(
  'access_denied' => 'You don\'t have permission to access this page.',

Replace with:
Code: [Select]
$lang_errors = array(
  'bandwidth_limit' => 'You have exceeded your bandwidth limit of [limit]Mb',
  'access_denied' => 'You don\'t have permission to access this page.',

Look for:
Code: [Select]
  'Cookies settings',
  array('Name of the cookie used by the script (when using bbs integration, make sure it differs from the bbs\'s cookie

name)', 'cookie_name', 0),
  array('Path of the cookie used by the script', 'cookie_path', 0),

  'Miscellaneous settings',
  array('Enable debug mode', 'debug_mode', 9), //cpg1.3.0
  array('Display notices in debug mode', 'debug_notice', 1), //cpg1.3.0

Replace with:
Code: [Select]
  'Cookies settings',
  array('Name of the cookie used by the script (when using bbs integration, make sure it differs from the bbs\'s cookie

name)', 'cookie_name', 0),
  array('Path of the cookie used by the script', 'cookie_path', 0),

  'Bandwidth monitoring',
  array('Monitor bandwidth per user', 'monitor_bandwidth', 1),

  'Miscellaneous settings',
  array('Enable debug mode', 'debug_mode', 9), //cpg1.3.0
  array('Display notices in debug mode', 'debug_notice', 1), //cpg1.3.0

Ok, now that should be it.... as far as the language file goes.


Then we will do the table creation in the database which again should not be noticed by our dear users.
Code: [Select]
DROP TABLE IF EXISTS `cpg133_bandwidth`;
CREATE TABLE IF NOT EXISTS `cpg133_bandwidth` (
  `user_id` int(11) NOT NULL default '0',
  `bandwidth` bigint(20) NOT NULL default '0',
  `download` bigint(20) NOT NULL default '0',
  PRIMARY KEY  (`user_id`)
) TYPE=MyISAM;

Then we need to make sure all our users are in there plus an extra which is the unknown user (iow logged in)
Code: [Select]
INSERT INTO `cpg133_bandwidth` VALUES (0, 0, 0);
INSERT INTO `cpg133_bandwidth` VALUES (select user_id, 0, 0 from `cpg133_users`);


Now we need to add a configuration field to the admin screen so we can en/disable bandwidth checking
The following SQL code will do that:
Code: [Select]
INSERT INTO `cpg133_config` VALUES ('monitor_bandwidth', '0');

Now we need to make sure we can access the bandwidth table and add some custom error message to do this we edit init.inc.php

Look for:
Code: [Select]
$CONFIG['TABLE_ECARDS']          = $CONFIG['TABLE_PREFIX']."ecards";
$CONFIG['TABLE_TEMPDATA']        = $CONFIG['TABLE_PREFIX']."temp_data";

Replace with:
Code: [Select]
$CONFIG['TABLE_ECARDS']          = $CONFIG['TABLE_PREFIX']."ecards";
$CONFIG['TABLE_TEMPDATA']        = $CONFIG['TABLE_PREFIX']."temp_data";
$CONFIG['TABLE_BANDWIDTH']       = $CONFIG['TABLE_PREFIX']."bandwidth";

Look for:
Code: [Select]
define('CRITICAL_ERROR', 3);

Replace with:
Code: [Select]
define('CRITICAL_ERROR', 3);
define('BANDWIDTH_LIMIT', 4);

Ok, so now we have a table and we have the language files changed lets make sure that new users get added with their own

personal bandwidth limit.


So now then usermgr.php

Look for:
Code: [Select]
    case 'new_user' :
        db_query("INSERT INTO {$CONFIG['TABLE_USERS']}(user_regdate, user_active) VALUES (NOW(), 'YES')");

        $user_id = mysql_insert_id();

Replace with:
Code: [Select]
    case 'new_user' :
        db_query("INSERT INTO {$CONFIG['TABLE_USERS']}(user_regdate, user_active) VALUES (NOW(), 'YES')");

        $user_id = mysql_insert_id();
        db_query("INSERT INTO {$CONFIG['TABLE_BANDWIDTH']}(user_id, bandwidth, download) VALUES ($user_id, 0, 0)");

Look for:
Code: [Select]
function update_user($user_id)
{
    global $CONFIG, $PHP_SELF, $HTTP_POST_VARS;
    global $lang_usermgr_php, $lang_register_php;

    $user_name = addslashes(trim($HTTP_POST_VARS['user_name']));
    $user_password = addslashes(trim($HTTP_POST_VARS['user_password']));
    $user_email = addslashes(trim($HTTP_POST_VARS['user_email']));
    $user_location = addslashes($HTTP_POST_VARS['user_location']);
    $user_interests = addslashes($HTTP_POST_VARS['user_interests']);
    $user_website = addslashes($HTTP_POST_VARS['user_website']);
    $user_occupation = addslashes($HTTP_POST_VARS['user_occupation']);
    $user_active = $HTTP_POST_VARS['user_active'];
    $user_group = $HTTP_POST_VARS['user_group'];
    $group_list = isset($HTTP_POST_VARS['group_list']) ? $HTTP_POST_VARS['group_list'] : '';

Replace with:
Code: [Select]
function update_user($user_id)
{
    global $CONFIG, $PHP_SELF, $HTTP_POST_VARS;
    global $lang_usermgr_php, $lang_register_php;

    $user_name = addslashes(trim($HTTP_POST_VARS['user_name']));
    $user_password = addslashes(trim($HTTP_POST_VARS['user_password']));
    $user_email = addslashes(trim($HTTP_POST_VARS['user_email']));
    $user_location = addslashes($HTTP_POST_VARS['user_location']);
    $user_interests = addslashes($HTTP_POST_VARS['user_interests']);
    $user_website = addslashes($HTTP_POST_VARS['user_website']);
    $user_occupation = addslashes($HTTP_POST_VARS['user_occupation']);
    $user_active = $HTTP_POST_VARS['user_active'];
    $user_group = $HTTP_POST_VARS['user_group'];
    $user_bandwidth = $HTTP_POST_VARS['bandwidth'];
    $group_list = isset($HTTP_POST_VARS['group_list']) ? $HTTP_POST_VARS['group_list'] : '';

Look for:
Code: [Select]
    $sql_update = "UPDATE {$CONFIG['TABLE_USERS']} " . "SET " . "user_name           = '$user_name', " . "user_email     

    = '$user_email', " . "user_active    = '$user_active', " . "user_group           = '$user_group', " . "user_location 

= '$user_location', " . "user_interests = '$user_interests', " . "user_website          = '$user_website', " .

"user_occupation= '$user_occupation', " . "user_group_list      = '$user_group_list'";
    if (strlen($user_password)) $sql_update .= ", user_password = '$user_password'";
    $sql_update .= " WHERE user_id = '$user_id'";

    db_query($sql_update);
}

Replace with:
Code: [Select]
    $sql_update = "UPDATE {$CONFIG['TABLE_USERS']} " . "SET " . "user_name           = '$user_name', " . "user_email     

    = '$user_email', " . "user_active    = '$user_active', " . "user_group           = '$user_group', " . "user_location 

= '$user_location', " . "user_interests = '$user_interests', " . "user_website          = '$user_website', " .

"user_occupation= '$user_occupation', " . "user_group_list      = '$user_group_list'";
    if (strlen($user_password)) $sql_update .= ", user_password = '$user_password'";
    $sql_update .= " WHERE user_id = '$user_id'";

    db_query($sql_update);
    $sql_update = "UPDATE {$CONFIG['TABLE_BANDWIDTH']} SET bandwidth = '" . round(($user_bandwidth*1024)*1024) .
                  "' WHERE user_id = '$user_id'";
    db_query($sql_update);
}

Look for:
Code: [Select]
function edit_user($user_id)
{
    global $CONFIG, $PHP_SELF;
    global $lang_usermgr_php, $lang_yes, $lang_no;

    $form_data = array(
        array('input', 'user_name', $lang_usermgr_php['name'], 25),
        array('password', 'user_password', $lang_usermgr_php['password'], 25),
        array('yesno', 'user_active', $lang_usermgr_php['user_active']),
        array('group_list', 'user_group', $lang_usermgr_php['user_group']),
        array('input', 'user_email', $lang_usermgr_php['user_email'], 255),
        array('input', 'user_location', $lang_usermgr_php['user_location'], 255),
        array('input', 'user_interests', $lang_usermgr_php['user_interests'], 255),
        array('input', 'user_website', $lang_usermgr_php['user_web_site'], 255),
        array('input', 'user_occupation', $lang_usermgr_php['user_occupation'], 255),
        );

    $sql = "SELECT * FROM {$CONFIG['TABLE_USERS']}  WHERE user_id = '$user_id'";


Replace with:
Code: [Select]
function edit_user($user_id)
{
    global $CONFIG, $PHP_SELF;
    global $lang_usermgr_php, $lang_yes, $lang_no;

    $form_data = array(
        array('input', 'user_name', $lang_usermgr_php['name'], 25),
        array('password', 'user_password', $lang_usermgr_php['password'], 25),
        array('yesno', 'user_active', $lang_usermgr_php['user_active']),
        array('group_list', 'user_group', $lang_usermgr_php['user_group']),
        array('input', 'user_email', $lang_usermgr_php['user_email'], 255),
        array('input', 'user_location', $lang_usermgr_php['user_location'], 255),
        array('input', 'user_interests', $lang_usermgr_php['user_interests'], 255),
        array('input', 'user_website', $lang_usermgr_php['user_web_site'], 255),
        array('input', 'user_occupation', $lang_usermgr_php['user_occupation'], 255),
        array('input', 'bandwidth', $lang_usermgr_php['user_bandwidth'], 255),
        );

    $sql = "SELECT * FROM {$CONFIG['TABLE_USERS']} as tu, {$CONFIG['TABLE_BANDWIDTH']} as tb WHERE tu.user_id =

'$user_id' AND tb.user_id = tu.user_id";

Look for:
Code: [Select]
    foreach ($form_data as $element) switch ($element[0]) {
        case 'input' :
            $user_data[$element[1]] = $user_data[$element[1]];
            echo <<<EOT

Replace with:
Code: [Select]
    foreach ($form_data as $element) switch ($element[0]) {
        case 'input' :
            if ( $element[1] == 'bandwidth' ) { $user_data[$element[1]] = ($user_data[$element[1]]/1024)/1024; }
            echo <<<EOT

And we can add users with their bandwith limit set, now we need to make sure that if we remove them we clean up this

users info in the bandwith table as well.

So now for delete.php

Look for:
Code: [Select]
        db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET  owner_id = '0' WHERE  owner_id = '$user_id'");

Replace with:
Code: [Select]
        db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET  owner_id = '0' WHERE  owner_id = '$user_id'");
        // BANDWIDTH MONITORING
        db_query("DELETE FROM {$CONFIG['TABLE_BANDWIDTH']} WHERE user_id = '$user_id'");
        // BANDWIDTH MONITORING
Logged

RatKing

  • Contributor
  • Coppermine regular visitor
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 85
    • Personal website
Re: Limit Viewing
« Reply #21 on: August 01, 2005, 06:06:35 pm »

So now that all user both old and new will have a bandwith limit set and removed all we need to do is enforce the policy.


Lets edit displayimage.php (this will as long as you copy and paste correctly not be noticed by the users)

Look for:
Code: [Select]
function html_picture()
{
    global $CONFIG, $CURRENT_PIC_DATA, $CURRENT_ALBUM_DATA, $USER, $HTTP_COOKIE_VARS;
    global $album, $comment_date_fmt, $template_display_picture;
    global $lang_display_image_php, $lang_picinfo, $lang_errors;

Replace with:
Code: [Select]
function html_picture()
{
    global $CONFIG, $CURRENT_PIC_DATA, $CURRENT_ALBUM_DATA, $USER, $HTTP_COOKIE_VARS;
    global $album, $comment_date_fmt, $template_display_picture;
    global $lang_display_image_php, $lang_picinfo, $lang_errors;

    if ( $CONFIG['monitor_bandwidth'] ) {
      $sql = "select * from ".$CONFIG['TABLE_BANDWIDTH']." WHERE user_id = '".USER_ID."' ";
      $result = db_query($sql);

      if (!mysql_num_rows($result)) cpg_die(ERROR, $lang_errors['action_failed'], __FILE__, __LINE__);
      $row = mysql_fetch_array($result);

      if ( ($row['bandwidth'] != 0) && (($row['download']+$CURRENT_PIC_DATA['filesize']) > $row['bandwidth']) ) {
        $msg = strtr($lang_errors['bandwidth_limit'], array('[limit]' => (round(($row['bandwidth']/1024)/1024))));
        cpg_die(BANDWIDTH_LIMIT, $msg, __FILE__, __LINE__);
      }
    }

Look for:
Code: [Select]
    $image_size = compute_img_size($CURRENT_PIC_DATA['pwidth'], $CURRENT_PIC_DATA['pheight'], $CONFIG['picture_width']);

    $pic_title = '';
    $mime_content = get_type($CURRENT_PIC_DATA['filename']);

    if ($CURRENT_PIC_DATA['title'] != '') {
        $pic_title .= $CURRENT_PIC_DATA['title'] . "\n";
    }

Replace with:
Code: [Select]
    $image_size = compute_img_size($CURRENT_PIC_DATA['pwidth'], $CURRENT_PIC_DATA['pheight'], $CONFIG['picture_width']);

    $pic_title = '';
    $mime_content = get_type($CURRENT_PIC_DATA['filename']);

    if ( $CONFIG['monitor_bandwidth'] ) {
      if ($CURRENT_PIC_DATA['filesize'] != '') {
        $result = db_query("UPDATE ".$CONFIG['TABLE_BANDWIDTH']." SET download=download+".$CURRENT_PIC_DATA['filesize']." WHERE user_id='".USER_ID."' ");
      }
    }

    if ($CURRENT_PIC_DATA['title'] != '') {
        $pic_title .= $CURRENT_PIC_DATA['title'] . "\n";
    }

Look for:
Code: [Select]
        // Treat the album set
        if (count($ALBUM_SET_ARRAY)) {
            $set = '';
            foreach ($ALBUM_SET_ARRAY as $album_id) $set .= ($set == '') ? $album_id : ',' . $album_id;
            $ALBUM_SET .= "AND aid IN ($set) ";
        }
    }
}

// Retrieve data for the current picture
if ($pos < 0) {
    $pid = - $pos;

Replace with:
Code: [Select]
        // Treat the album set
        if (count($ALBUM_SET_ARRAY)) {
            $set = '';
            foreach ($ALBUM_SET_ARRAY as $album_id) $set .= ($set == '') ? $album_id : ',' . $album_id;
            $ALBUM_SET .= "AND aid IN ($set) ";
        }
    }
}

  if ( $CONFIG['monitor_bandwidth'] ) {
    $result = db_query("UPDATE ".$CONFIG['TABLE_BANDWIDTH']." SET download=download+".$addsize." WHERE user_id='".USER_ID."' ");
  }

// Retrieve data for the current picture
if ($pos < 0) {
    $pid = - $pos;

To prevent our users from using the slideshow feature to escape our watchful eye we will have to modify slideshow.inc.php

Just replace all code in that file with:
Code: [Select]
<?php
/*************************
  Coppermine Photo Gallery
  ************************
  Copyright (c) 2003-2005 Coppermine Dev Team
  v1.1 originaly written by Gregory DEMAR

  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License as published by
  the Free Software Foundation; either version 2 of the License, or
  (at your option) any later version.
  ********************************************
  Coppermine version: 1.3.3
  $Source: /cvsroot/coppermine/stable/include/slideshow.inc.php,v $
  $Revision: 1.9 $
  $Author: gaugau $
  $Date: 2005/04/19 03:17:11 $
**********************************************/
?>


<script language="JavaScript" type="text/JavaScript">
// (C) 2000 www.CodeLifter.com
// http://www.codelifter.com
// Free for all users, but leave in this  header
// NS4-6,IE4-6
// Fade effect only in IE; degrades gracefully

// $Id: slideshow.inc.php,v 1.9 2005/04/19 03:17:11 gaugau Exp $

// Set slideShowSpeed (milliseconds)
var slideShowSpeed = <?php echo (int)$HTTP_GET_VARS['slideshow'?>

// Agent sniffer shamelessly 'stolen' from the excellent X library from cross-browser.com
var xOp7=false,xOp5or6=false,xIE4Up=false,xNN4=false,xUA=navigator.userAgent.toLowerCase();
if(window.opera){
  xOp7=(xUA.indexOf('opera 7')!=-1 || xUA.indexOf('opera/7')!=-1);
  if (!xOp7) xOp5or6=(xUA.indexOf('opera 5')!=-1 || xUA.indexOf('opera/5')!=-1 || xUA.indexOf('opera 6')!=-1 || xUA.indexOf('opera/6')!=-1);
}
else if(document.layers) xNN4=true;
else {xIE4Up=document.all && xUA.indexOf('msie')!=-1 && parseInt(navigator.appVersion)>=4;}

// Duration of crossfade (seconds)
var crossFadeDuration = 3

// Specify the image files
var Pic = new Array() // don't touch this
// BANDWIDTH MONITOR
var Pic_size = new Array() // don't touch this
// BANDWIDTH MONITOR
// to add more images, just continue
// the pattern, adding to the array below
<?php
    
global $CONFIG$USER$HTTP_COOKIE_VARS;
    global 
$lang_errors;

// BANDWIDTH MONITOR
    
$sql "select * from ".$CONFIG['TABLE_BANDWIDTH']." WHERE user_id = '".USER_ID."' ";
    
$result db_query($sql);

    if (!
mysql_num_rows($result)) cpg_die(ERROR$lang_errors['action_failed'], __FILE____LINE__);
    
$row mysql_fetch_array($result);
// BANDWIDTH MONITOR

$bandwidth $row['bandwidth'];
$download  $row['download'];
$i 0;
$j 0;
$pid = (int)$HTTP_GET_VARS['pid'];
$start_img '';
$pic_data get_pic_data($HTTP_GET_VARS['album'], $pic_count$album_name, -1, -1false);
foreach (
$pic_data as $picture) {

    if(
$CONFIG['thumb_use']=='ht' && $picture['pheight'] > $CONFIG['picture_width'] ){ // The wierd comparision is because only picture_width is stored
      
$condition true;
    }elseif(
$CONFIG['thumb_use']=='wd' && $picture['pwidth'] > $CONFIG['picture_width']){
      
$condition true;
    }elseif(
$CONFIG['thumb_use']=='any' && max($picture['pwidth'], $picture['pheight']) > $CONFIG['picture_width']){
      
$condition true;
    }else{
     
$condition false;
    }

    if (
is_image($picture['filename'])) {
        if (
$CONFIG['make_intermediate'] && $condition ) {
            
$picture_url get_pic_url($picture'normal');
        } else {
            
$picture_url get_pic_url($picture'fullsize');
        }

        echo 
"Pic[$i]      = '" $picture_url "'\n";
// BANDWIDTH MONITOR
        
echo "Pic_size[$i] = " $picture['filesize'] . "\n";
// BANDWIDTH MONITOR
        
if ($picture['pid'] == $pid) {
            
$j $i;
            
$start_img $picture_url;
        }
        
$i++;
    }
}
if (!
$i) {
    echo 
"Pic[0]      = 'images/thumb_document.jpg'\n";
// BANDWIDTH MONITOR
    
echo "Pic_size[0] = 0\n";
// BANDWIDTH MONITOR
}
?>


var t
var j = <?php echo "$j\n" ?>
var p = Pic.length
var pos = j
var bandwidth = <?php echo "$bandwidth\n" ?>
var download  = <?php echo "$download\n" ?>
var viewed_size = 0

var preLoad = new Array()

function preLoadPic(index)
{
        if (Pic[index] != ''){
                window.status='Loading : '+Pic[index]
                preLoad[index] = new Image()
                preLoad[index].src = Pic[index]
<? if ( $CONFIG['monitor_bandwidth'] ) { echo "                viewed_size = viewed_size + Pic_size[index]\n"; } ?>
                Pic[index] = ''
                window.status=''
        }
}

function runSlideShow(){
<? if ( $CONFIG['monitor_bandwidth'] ) {
     echo "   if ((bandwidth != 0) && (download + viewed_size > bandwidth)) {\n";
     echo "     pos++;\n";
     echo "     endSlideShow(1)\n";
     echo "   }\n";
   } ?>
   if (xIE4Up){
        document.images.SlideShow.style.filter="blendTrans(duration=2)"
        document.images.SlideShow.style.filter= "blendTrans(duration=crossFadeDuration)"
        document.images.SlideShow.filters.blendTrans.Apply()
        }
        document.images.SlideShow.src = preLoad[j].src
        if (xIE4Up){
           document.images.SlideShow.filters.blendTrans.Play()
        }

        pos = j

        j = j + 1
        if (j > (p-1)) j=0
        t = setTimeout('runSlideShow()', slideShowSpeed)
        preLoadPic(j)
}

function endSlideShow(limit){
  self.document.location = 'displayimage.php?album=<?php echo isset($HTTP_GET_VARS['album']) ? $HTTP_GET_VARS['album'] : '';
  echo isset(
$HTTP_GET_VARS['cat']) ? '&cat=' $HTTP_GET_VARS['cat'] : '' ?>
&pos='+pos+'&addsize='+viewed_size
}

preLoadPic(j)

</script>

Now then we should have a very crude but working bandwidth monitoring setup.
Logged

RatKing

  • Contributor
  • Coppermine regular visitor
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 85
    • Personal website
Re: Limit Viewing
« Reply #22 on: August 01, 2005, 08:21:06 pm »

Ok, it seems that so far no one has noticed that there is no resetting of the user's downloaded data total.  :)

Doesn't really mather it will come it's just that this mod is quite big as far as mods go I'm nearly done with that bit right now so expect to see a post with more code to complete this mod during the comming week.

Oh, and yes it is more difficult than I expected it to be not because it is so complex (well it isn't so far) but because it is a lot of searching thru the code trying to figure out how things can best be done without harming the other parts within CPG.
Logged

andy_cul

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Gender: Male
  • Posts: 63
  • Incigida
Re: Limit Viewing
« Reply #23 on: August 03, 2005, 07:35:58 pm »

How to reset bandwidth used everyday and can we add the bandwidth limit mod to Group manager so that it will be easy to manage all the users.

Issue:
I tried registering a test account and it is successful and can login but when I login as admin then go to user manager when click edit on the test account it has an error "Selected user does not exist !" While the user that I create manually can be edited
Logged

loki

  • Coppermine newbie
  • Offline Offline
  • Posts: 5
Re: Limit Viewing
« Reply #24 on: August 08, 2005, 10:33:05 am »

Hello RatKing,

My problem is not really bandwith but the users that go directly to large images without registering by guessing the url path. I believe a mod that would hide the original pictures or put them in protected directory would be much needed by all the CPG community. Do U think this can be done ?

Thanks,

Loki
« Last Edit: August 16, 2005, 11:36:56 pm by loki »
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: Limit Viewing
« Reply #25 on: August 08, 2005, 10:18:12 pm »

has been requested before, and there's no support on the feature requests board. Please don't try to hijack threads.
Logged

loki

  • Coppermine newbie
  • Offline Offline
  • Posts: 5
Re: Limit Viewing
« Reply #26 on: August 08, 2005, 11:30:14 pm »

I am not "hijacking" as you say, and this is a discussion forum don't forget ... ::)
Logged

RatKing

  • Contributor
  • Coppermine regular visitor
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 85
    • Personal website
Re: Limit Viewing
« Reply #27 on: August 08, 2005, 11:51:02 pm »

 >:( Have been limited in my free time this week will need to spend some more time on this later on just bare with me on this it will take time which I have very little of  >:(
Logged

RatKing

  • Contributor
  • Coppermine regular visitor
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 85
    • Personal website
Re: Limit Viewing
« Reply #28 on: August 15, 2005, 06:27:40 pm »

 ::)

Yeah well time to update you lot on whats been going on... Been very bussy actualy and I have thanks to a clients request found a much much better way of protecting images and keeping track of what is being servered.

It's based upon the hide image location script by omniscientdeveloper http://forum.coppermine-gallery.net/index.php?topic=3069.0

The final details are being worked on but it is a much much cleaner and better way of doing this than the messing about with so may of the CPG core files. When it is completely done it will be posted in a seperate thread but for now I am officialy stopping development for this thread as I can see to many issues and problems with this way of trying to monitor bandwith.

When the solution that I am now working on is released is upto my client he agrees that it will be released at some point in time so for now all I can say is that it will be released.... (I still own the code  8) )
Logged

andy_cul

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Gender: Male
  • Posts: 63
  • Incigida
Re: Limit Viewing
« Reply #29 on: September 05, 2005, 02:50:12 am »

any update :)
Logged

RatKing

  • Contributor
  • Coppermine regular visitor
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 85
    • Personal website
Re: Limit Viewing
« Reply #30 on: September 06, 2005, 11:55:37 am »

 ;D

Sorry for the slow pace at which this is going... I have been a little bussy, company has been sending me around the planet lately for training and courses... Anyway last weekend I have added usage graphics and I have finalized the design for the restricting of user access.

Currently it is monitored and you can give it a try, if you like so you know what the direction is I am working in.

Go to: http://ratking.net/protection

There is a user: test password: test
And there is a admin user: admin password: foobar

I would like to ask you not to change the user settings just have a look and try it. Upload images look at them try and get to an image without actualy hacking the whole system. (It's a hosting provider and they will be a little upset should their box be hacked) Anyway as long as you respect the fact that this is a shared host and that others would like to test as well then you can do what ever you like.  :-[ Did I just say that  :-[

Anyway have a look and see let me know what you think I know the template behaves a bit bas when looking at the user views but it is as I said not finished yet....
Logged

Stramm

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: 00
  • Offline Offline
  • Gender: Male
  • Posts: 6006
    • Bettis Wollwelt
Re: Limit Viewing
« Reply #31 on: September 06, 2005, 12:17:52 pm »

I just tried both logins without any hacking ;) haven't tried to grab images so far just noticed that I can't view fulsized images when using the testuser account. However no problem as admin. Is this intended behaviour?

RatKing

  • Contributor
  • Coppermine regular visitor
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 85
    • Personal website
Re: Limit Viewing
« Reply #32 on: September 07, 2005, 09:13:34 am »

Look at the edit user page and find out if it is  ;)

If you have no time to do that, yes it is you can set any level of access, even thumbnails can be blocked.... The image used for blocking will be configurable of course... (I don't think I have done that yet)
Logged

Stramm

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: 00
  • Offline Offline
  • Gender: Male
  • Posts: 6006
    • Bettis Wollwelt
Re: Limit Viewing
« Reply #33 on: September 07, 2005, 10:26:27 am »

got it... works nice.... have done some standard stuff to get the images as non user... nada

Sigma

  • Coppermine newbie
  • Offline Offline
  • Posts: 7
    • FunandGiggles
Re: Limit Viewing
« Reply #34 on: September 30, 2005, 09:31:09 pm »

Bump .....

Anything new on this great future ?
Logged
Pages: 1 [2]   Go Up
 

Page created in 0.089 seconds with 19 queries.