PREFACE: cpg can be set up to allow only registered users access to the site, but does not protect the actual image files itself.
This is a mod to cpg that will require you to be logged in to get access to the image files in the albums folder.
This guide assumes that you are using Coppermine version 1.4.16
First we have to lock down the albums folder by making a new .htaccess with the following two lines:
Order Allow,Deny
Deny from All
Then you modify functions.inc.php and change the get_pic_url return statement into this (line 2015 in revision 4233):
return "getimage.php?file=".base64_encode($pic_row['url']);
Then create a new PHP script called getimage.php in the cpg root with this content:
<?php
/* getimage.php - Restrict access to images to logged in users only
for Coppermine image gallery
Written by Saivert */
define('IN_COPPERMINE', true);
define('GETIMAGE_PHP', true);
require('include/init.inc.php');
if (!USER_ID && $CONFIG['allow_unlogged_access'] == 0) {
header('Content-type: image/png');
readfile('images/no_access.png');
exit();
}
if (isset($_GET['file'])) {
$path = base64_decode($_GET['file']);
if (preg_match('/\.(.+)$/',$path,$m)) {
switch ($m[1]) {
case 'jpg': $mt = 'image/jpeg'; break;
case 'png': $mt = 'image/png'; break;
case 'gif': $mt = 'image/gif'; break;
}
} else {
$mt = 'image/jpeg'; // we fallback to JPEG. should work most of the time.
}
header('Content-type: ' . $mt);
readfile($path);
} else die('missing filename');
?>
(Note please ensure the regular expression above is correct. It's supposed to grab the file extension. I quickly did a test and it seemed like it was working. But you never know..)
You will have to create a image that will be shown to users who has not logged in yet or grab this one: [Edit GauGau ] Replaced hotlinked image with attachment [/Edit]
Anyways it has to be named no_access.png and reside in the images subfolder of your cpg root.
That's it, nobody will be able to access images without logging in.