X-Git-Url: https://jasonwoof.com/gitweb/?a=blobdiff_plain;f=metaform%2Ftemplate.php;h=5aa4395f56afec99d7decd93669d0ce028d62181;hb=9140853cc645c28f6cdd6c3a4565d6e600bd7ca3;hp=fc1263b8f85bd279f7b2d2e5ebf013f67e330773;hpb=21c47e88810e97fe5b727c9c2689f64533bf6452;p=wfpl.git

diff --git a/metaform/template.php b/metaform/template.php
index fc1263b..5aa4395 100644
--- a/metaform/template.php
+++ b/metaform/template.php
@@ -8,6 +8,7 @@
 #
 # ~metaform_url~
 
+
 # SETUP
 <!--~opt_email_1 start~-->
 # To send results by e-mail, all you have to do is set your e-mail address here:
@@ -21,6 +22,11 @@ $GLOBALS['~form_name~_form_recipient'] = "fixme@example.com";
 # Set this to the path to your uploads directory. It can be relative to the
 # location of this script. IT MUST END WITH A SLASH
 $GLOBALS['upload_directory'] = 'uploads/';
+<!--~end~--><!--~opt_http_pass_1 start~-->
+# Define the username and password required to view this form:
+define('AUTH_REALM', '~form_name~ administration area');
+define('AUTH_USER', 'fixme');
+define('AUTH_PASS', 'fixme');
 <!--~end~-->
 
 if(!file_exists('code/wfpl/template.php')) { die('This form requires <a href="http://jasonwoof.org/wfpl">wfpl</a>.'); }
@@ -33,14 +39,26 @@ require_once('code/wfpl/upload.php');<!--~end~-->
 
 function ~form_name~_get_fields() {<!--~formats start~-->
 	$~name~ = format_~format~($_REQUEST['~name~']);<!--~end~--><!--~image_upload start~-->
-	$~name~ = save_uploaded_image('~name~', $GLOBALS['upload_directory']);<!--~end~-->
+	if($_FILE['~name~'] && $_FILE['~name~']['error'] == 0) {
+		$~name~ = substr(save_uploaded_image('~name~', $GLOBALS['upload_directory']), strlen($GLOBALS['upload_directory']));
+	} else {
+		$~name~ = format_filename($_REQUEST['old_~name~']);
+	}<!--~end~-->
 	<!--~tem_sets start~-->
 	tem_set('~name~', $~name~);<!--~end~-->
 
 	return array(~php_fields~);
 }
 
-function ~form_name~() {<!--~opt_db_3 start~-->
+function ~form_name~() {<!--~opt_http_pass_2 start~-->
+	# To remove password protection, just delete this block:
+	if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER'] != AUTH_USER || $_SERVER['PHP_AUTH_PW'] != AUTH_PASS) {
+		header('WWW-Authenticate: Basic realm="' . AUTH_REALM . '"');
+		header('HTTP/1.0 401 Unauthorized');
+		echo '401 Unauthorized';
+		exit;
+	}
+	<!--~end~--><!--~opt_db_3 start~-->
 	$edit_id = format_int($_REQUEST['~form_name~_edit_id']);
 	unset($_REQUEST['~form_name~_edit_id']);
 	if($edit_id) {