added optional http-auth to metaform

diff --git a/metaform.php b/metaform.php
index 7bfa9f7..b32c87e 100644 (file)
--- a/metaform.php
+++ b/metaform.php
@@ -71,6 +71,8 @@ function metaform() {
                tem_set('opt_email', $GLOBALS['opt_email']);
                $GLOBALS['opt_db'] = format_yesno($_REQUEST['opt_db']);
                tem_set('opt_db', $GLOBALS['opt_db']);
+               $GLOBALS['opt_http_pass'] = format_yesno($_REQUEST['opt_http_pass']);
+               tem_set('opt_http_pass', $GLOBALS['opt_http_pass']);
        } else {
                $GLOBALS['form_name'] = 'some_form';
        }
@@ -284,6 +286,10 @@ function make_php() {
                $tem->sub('opt_email_1');
                $tem->sub('opt_email_2');
        }
+       if($GLOBALS['opt_http_pass'] == 'Yes') {
+               $tem->sub('opt_http_pass_1');
+               $tem->sub('opt_http_pass_2');
+       }
        return $tem->run();
 }
 
@@ -293,6 +299,7 @@ function edit_url() {
        $url = ereg_replace('view_php=[^&]*', 'edit=yes', $url);
        $url = ereg_replace('download_tar=[^&]*', 'edit=yes', $url);
        $url = ereg_replace('/[a-z0-9_.]*\?', '/?', $url);
+       $url = str_replace('jasonwoof.l', 'jasonwoof.com', $url); # so that code generated on Jason's home computer will display a publically accessible link.
        return $url;
 }
 

diff --git a/metaform/main.html b/metaform/main.html
index ffd38fc..5d0bc2e 100644 (file)
--- a/metaform/main.html
+++ b/metaform/main.html
@@ -19,6 +19,8 @@
 
     <p><input type="checkbox" name="opt_db~opt_db.checked~" value="Yes" /> Save form results to a database.</p>
 
+    <p><input type="checkbox" name="opt_http_pass~opt_http_pass.checked~" value="Yes" /> Password protect this form (with HTTP authentication).</p>
+
        <p>Below, specify the fields you'd like in your form, one field per line. After each field name, put at least one space, then the field type. The following field types are available: ~available_types.html~.</p>
        <p>Example:<br /><pre>
 name      textbox

diff --git a/metaform/preview.html b/metaform/preview.html
index e847988..d9d0b6f 100644 (file)
--- a/metaform/preview.html
+++ b/metaform/preview.html
@@ -13,10 +13,10 @@ td.caption { text-align: right; font-weight: bold; }
   <h1>This grey thing is a preview. It will NOT work. Don't click button(s) in it</h1>
 ~preview~
   </div>
-    <p><form action="~form_name~.tgz" method="get"><input type="hidden" name="form_name" value="~form_name.attr~" /><input type="hidden" name="opt_email" value="~opt_email.attr~" /><input type="hidden" name="opt_db" value="~opt_db.attr~" /><input type="hidden" name="fields" value="~fields.attr~" /><input type="submit" name="download_tar" value="Download tar ball" /></form></p>
+    <p><form action="~form_name~.tgz" method="get"><input type="hidden" name="form_name" value="~form_name.attr~" /><input type="hidden" name="opt_email" value="~opt_email.attr~" /><input type="hidden" name="opt_db" value="~opt_db.attr~" /><input type="hidden" name="opt_http_pass" value="~opt_http_pass.attr~" /><input type="hidden" name="fields" value="~fields.attr~" /><input type="submit" name="download_tar" value="Download tar ball" /></form></p>
 
   <form action="~metaform_name~" method="get">
-       <p><input type="hidden" name="form_name" value="~form_name.attr~" /><input type="hidden" name="opt_email" value="~opt_email.attr~" /><input type="hidden" name="opt_db" value="~opt_db.attr~" /><input type="hidden" name="fields" value="~fields.attr~" /><input type="submit" name="edit" value="Back to editing" /></p>
+       <p><input type="hidden" name="form_name" value="~form_name.attr~" /><input type="hidden" name="opt_email" value="~opt_email.attr~" /><input type="hidden" name="opt_db" value="~opt_db.attr~" /><input type="hidden" name="opt_http_pass" value="~opt_http_pass.attr~" /><input type="hidden" name="fields" value="~fields.attr~" /><input type="submit" name="edit" value="Back to editing" /></p>
 
     <p><input type="submit" name="view_sql" value="View SQL" /></p>
 

diff --git a/metaform/template.php b/metaform/template.php
index 84755d4..5aa4395 100644 (file)
--- a/metaform/template.php
+++ b/metaform/template.php
@@ -8,6 +8,7 @@
 #
 # ~metaform_url~
 
+
 # SETUP
 <!--~opt_email_1 start~-->
 # To send results by e-mail, all you have to do is set your e-mail address here:
@@ -21,6 +22,11 @@ $GLOBALS['~form_name~_form_recipient'] = "fixme@example.com";
 # Set this to the path to your uploads directory. It can be relative to the
 # location of this script. IT MUST END WITH A SLASH
 $GLOBALS['upload_directory'] = 'uploads/';
+<!--~end~--><!--~opt_http_pass_1 start~-->
+# Define the username and password required to view this form:
+define('AUTH_REALM', '~form_name~ administration area');
+define('AUTH_USER', 'fixme');
+define('AUTH_PASS', 'fixme');
 <!--~end~-->
 
 if(!file_exists('code/wfpl/template.php')) { die('This form requires <a href="http://jasonwoof.org/wfpl">wfpl</a>.'); }
@@ -44,7 +50,15 @@ function ~form_name~_get_fields() {<!--~formats start~-->
        return array(~php_fields~);
 }
 
-function ~form_name~() {<!--~opt_db_3 start~-->
+function ~form_name~() {<!--~opt_http_pass_2 start~-->
+       # To remove password protection, just delete this block:
+       if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER'] != AUTH_USER || $_SERVER['PHP_AUTH_PW'] != AUTH_PASS) {
+               header('WWW-Authenticate: Basic realm="' . AUTH_REALM . '"');
+               header('HTTP/1.0 401 Unauthorized');
+               echo '401 Unauthorized';
+               exit;
+       }
+       <!--~end~--><!--~opt_db_3 start~-->
        $edit_id = format_int($_REQUEST['~form_name~_edit_id']);
        unset($_REQUEST['~form_name~_edit_id']);
        if($edit_id) {