Multiple user accounts hack for zenPhoto (See related posts)

Multiple user accounts hack for zenPhoto

I needed support for several users, not really for any fancy reason, just so there was no password sharing, so here's a quick hack I made that shouldn't be hard to extend to be a bit more useful if you desire.

Hopefully I have used this forum's tags correctly. If I haven't perhaps a mod can lend a hand in rectifying them. :)

In admin-functions.php:
After:
	echo "\n  <script type=\"text/javascript\" src=\"admin.js\"></script>";
Add:
	echo "\n  <script type=\"text/javascript\" src=\"scriptaculous/prototype.js\"></script>";

Before:
  echo "\n  </ul>";
Add:
  echo "\n    <li". ($page == "users" ? " class=\"current\""  : "") . 
    "> <a href=\"admin.php?page=users\">users</a></li>";

In admin.php
After:
    } else if ($action == 'settheme') {
      if (isset($_GET['theme'])) {
        $gallery->setCurrentTheme($_GET['theme']);
      }
Add:
	  
/** USERS ******************************************************************/
/*****************************************************************************/

    } else if ($action == 'updateUsers') {
		$uid = explode("_",$_REQUEST['userid']);
		$uid = $uid[1];
		$name = $_REQUEST['username'];
		$pass = $_REQUEST['userpass'];
		$email = $_REQUEST['usermail'];
		$query = "SELECT * FROM users WHERE name='$name' LIMIT 1";
		$result = mysql_query($query) or die(mysql_error());
		if (mysql_num_rows($result)<1){
			//create new user
			$query = "INSERT INTO users (`name`,`pass`,`email`) VALUES ('$name',MD5('$pass'),'$email')";
			$result = mysql_query($query) or die(mysql_error());
			$r = mysql_insert_id();
			die("$r");
		}else{
			//update old user
			$query = "UPDATE users SET ";
			$query .= "name='$name'";
			if (!empty($pass) && ($pass!="")){ $query .= ",pass=MD5('$name')"; }
			$query .= ",email='$email'";
			$query .= " WHERE id='$uid'";
			$result = mysql_query($query) or die(mysql_error());
			die("Save successful!");
		}
    } else if ($action == 'removeUsers') {
		$uid = explode("_",$_REQUEST['userid']);
		$uid = $uid[1];
		$query = "DELETE FROM users WHERE id='$uid' LIMIT 1";
		$result = mysql_query($query) or die(mysql_error());
	}

Before:
<?php /*** HOME ***************************************************************************/ 
      /************************************************************************************/ ?> 
Add:
<?php /*** USERS *******************************************************/ 
      /************************************************************************************/ ?> 
      
    <?php } else if ($page == "users") { ?>
	
	<script>
	addRow = function(e){
		while(e.nodeName.toLowerCase() != "tr"){ e = e.parentNode; }
		newAdd = "<tr><td></td><td><a href='#' onClick='addRow(event.target);'>Add User</a></td><td></td><td></td></tr>";
		cells = e.getElementsByTagName('td');
		cells[0].update("<input type='button' id='newCancel' value='Cancel' onClick='cancelRow(event.target);'><input type='button' id='newSave' value='Save' onClick='saveRow(event.target);'>");
		cells[1].update("<input type='test' id='newName'>");
		cells[2].update("<input type='password' id='newPass'>");
		cells[3].update("<input type='test' id='newEmail'>");
		new Insertion.Before(e,newAdd);
	};
	cancelRow = function(e){
		while(e.nodeName.toLowerCase() != "tr"){ e = e.parentNode; }
		e.remove();
	}
	saveRow = function(e){
		while(e.nodeName.toLowerCase() != "tr"){ e = e.parentNode; }
		cells = e.getElementsByTagName('td');
		//ajax save call1
		cells[0].update("<em>Saving...</em>");
		//build url
		daUrl = "admin.php?page=users";
		daUrl += "&action=updateUsers";
		daUrl += "&userid="+(e.id);
		daUrl += "&username="+(cells[1].getElementsByTagName("input")[0].value);
		daUrl += "&userpass="+(cells[2].getElementsByTagName("input")[0].value);
		daUrl += "&usermail="+(cells[3].getElementsByTagName("input")[0].value);
		
		new Ajax.Request(daUrl,{
			method:'get',
			onSuccess:function(r){
				uid = r.responseText;
				e.id = "uid_"+uid;
				cells = e.getElementsByTagName('td');
				cells[0].update("<a href='#' onClick='remRow(event.target);'>Delete</a> | <a href='#' onClick='editRow(event.target);'>Edit</a>");
				cells[1].update(cells[1].getElementsByTagName("input")[0].value);
				cells[2].update("<em>Saved</em>");
				cells[3].update(cells[3].getElementsByTagName("input")[0].value);
			},
			onFailure:function(r){
				alert("Save function failed!");
			}
		});
		

	}
	remRow = function(e){
		while(e.nodeName.toLowerCase() != "tr"){ e = e.parentNode; }
		daUrl = "admin.php?page=users";
		daUrl += "&action=removeUsers";
		daUrl += "&userid="+(e.id);
		new Ajax.Request(daUrl,{
			method:'get',
			onSuccess:function(r){
				e.remove();
			},
			onFailure:function(r){
				alert("Delete function failed!");
			}
		});
	}
	editRow = function(e){
		while(e.nodeName.toLowerCase() != "tr"){ e = e.parentNode; }
		cells = e.getElementsByTagName('td');
		cells[0].update("<input type='button' id='newCancel' value='Cancel' onClick='cancelEdit(event.target);'><input type='button' id='newSave' value='Save' onClick='saveRow(event.target);'>");
		cells[1].update("<input o="+cells[1].innerHTML+" type='test' id='newName' value='"+cells[1].innerHTML+"'>");
		cells[2].update("<input type='password' id='newPass'>");
		cells[3].update("<input o="+cells[3].innerHTML+" type='test' id='newEmail' value='"+cells[3].innerHTML+"'>");
	}
	cancelEdit = function(e){
		while(e.nodeName.toLowerCase() != "tr"){ e = e.parentNode; }
		cells = e.getElementsByTagName('td');
		cells[0].update("<a href='#' onClick='remRow(event.target);'>Delete</a> | <a href='#' onClick='editRow(event.target);'>Edit</a>");
		cells[1].update(cells[1].getElementsByTagName("input")[0].getAttribute('o'));
		cells[2].update("<em>Saved</em>");
		cells[3].update(cells[3].getElementsByTagName("input")[0].getAttribute('o'));
	}

	</script>
	
	<h1>User Management</h1>
	<table class="bordered">
		<tr>
			<th></th>
			<th>Name</th>
			<th>Password</th>
			<th>Email</th>
		</tr>
		<tr>
			<td></td>
			<td><a href="#" onClick="addRow(event.target);">Add User</a></td>
			<td></td>
			<td></td>
		</tr>
		<?php
		$query = "SELECT * FROM users";
		$result = mysql_query($query) or die(mysql_error());
		while($r=mysql_fetch_assoc($result)){
			echo "<tr id='uid_".$r['id']."'>";
			echo "	<td><a href='#' onClick='remRow(event.target);'>Delete</a> | <a href='#' onClick='editRow(event.target);'>Edit</a></td>";
			echo "	<td>".$r['name']."</td>";
			echo "	<td><em>Saved</em></td>";
			echo "	<td>".$r['email']."</td>";
			echo "</tr>";
		}
		?>
	</table>
	 
Replace auth_zp.php with:
<?php

require_once("functions-db.php");

// If the auth variable gets set somehow before this, get rid of it.
if (isset($_zp_loggedin)) unset($_zp_loggedin);
$_zp_loggedin = false;

// Fix the cookie's path for root installs.
$cookiepath = WEBPATH;
if (WEBPATH == '') { $cookiepath = '/'; }

if (isset($_COOKIE['zenphoto_auth'])) {
  $saved_auth = $_COOKIE['zenphoto_auth'];
  $saved_user = $_COOKIE['zenphoto_user'];
  $query = "SELECT * FROM users WHERE name='$saved_user' LIMIT 1";
  $result = mysql_query($query) or die(mysql_error());
  $rows = mysql_num_rows($result);
  if ($rows>0){
	$r = mysql_fetch_assoc($result);
	$check_auth = md5($r['name'].$r['pass']);
  }
  if ($rows>0 && $saved_auth==$check_auth) {
    $_zp_loggedin = true;
  } else {
    // Clear the cookie
    setcookie("zenphoto_auth", "", time()-368000, $cookiepath);
    setcookie("zenphoto_user", "", time()-368000, $cookiepath);
  }
} else {
  // Handle the login form.
  if (isset($_POST['login']) && isset($_POST['user']) && isset($_POST['pass'])) {
    $user = $_POST['user'];
    $pass = MD5($_POST['pass']);
    $redirect = $_POST['redirect'];
	$query = "SELECT * FROM users WHERE name='$user' AND pass='$pass' LIMIT 1";
	$result = mysql_query($query) or die(mysql_error());
    if (mysql_num_rows($result)>0) {
      // Correct auth info. Set the cookie.
      setcookie("zenphoto_auth", md5($user.$pass), time()+5184000, $cookiepath);
      setcookie("zenphoto_user", $user, time()+5184000, $cookiepath);
      $_zp_loggedin = true;
      //// FIXME: Breaks IIS
      if (!empty($redirect)) { header("Location: " . FULLWEBPATH . $redirect); }
      //// 
    } else {
      // Clear the cookie, just in case
      setcookie("zenphoto_auth", "", time()-368000, $cookiepath);
      setcookie("zenphoto_user", "", time()-368000, $cookiepath);
      $error = true;
    }
  }
}
unset($saved_auth, $check_auth, $user, $pass);
// Handle a logout action.
if (isset($_POST['logout']) || isset($_GET['logout'])) {
  setcookie("zenphoto_auth", "", time()-368000, $cookiepath);
  setcookie("zenphoto_user", "", time()-368000, $cookiepath);
  header("Location: " . FULLWEBPATH . "/");
}

function zp_loggedin() {
	$_zp_loggedin = false;
	if (isset($_COOKIE['zenphoto_auth'])) {
	  $saved_auth = $_COOKIE['zenphoto_auth'];
	  $saved_user = $_COOKIE['zenphoto_user'];
	  $query = "SELECT * FROM users WHERE name='$saved_user' LIMIT 1";
	  $result = mysql_query($query) or die(mysql_error());
	  $rows = mysql_num_rows($result);
	  if ($rows>0){
		$r = mysql_fetch_assoc($result);
		$check_auth = md5($r['name'].$r['pass']);
		if ($saved_auth==$check_auth){ $_zp_loggedin = true; }
	  }
	}
  return $_zp_loggedin;
}


?>


Execute this SQL on your zenphoto table:
CREATE TABLE users (
`id` INT( 255 ) NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`name` VARCHAR( 255 ) NOT NULL ,
`pass` VARCHAR( 255 ) NOT NULL ,
`email` VARCHAR( 255 ) NOT NULL
);

INSERT INTO users (`name`,`pass`,`email`) VALUES ('admin',MD5('password'),'you@yourdomain.com');

I recommend also changing the password info in the config file to something uninteresting.

Also, as always, I recommend doing a full backup before proceeding with these directions. YMMV. These directions are provided as-is with no warranty express or implied. You use this at your own risk.