From: Jason Woofenden Date: Fri, 8 Jun 2007 09:13:26 +0000 (-0400) Subject: added optional http-auth to metaform X-Git-Url: https://jasonwoof.com/gitweb/?p=wfpl.git;a=commitdiff_plain;h=9140853cc645c28f6cdd6c3a4565d6e600bd7ca3 added optional http-auth to metaform --- diff --git a/metaform.php b/metaform.php index 7bfa9f7..b32c87e 100644 --- a/metaform.php +++ b/metaform.php @@ -71,6 +71,8 @@ function metaform() { tem_set('opt_email', $GLOBALS['opt_email']); $GLOBALS['opt_db'] = format_yesno($_REQUEST['opt_db']); tem_set('opt_db', $GLOBALS['opt_db']); + $GLOBALS['opt_http_pass'] = format_yesno($_REQUEST['opt_http_pass']); + tem_set('opt_http_pass', $GLOBALS['opt_http_pass']); } else { $GLOBALS['form_name'] = 'some_form'; } @@ -284,6 +286,10 @@ function make_php() { $tem->sub('opt_email_1'); $tem->sub('opt_email_2'); } + if($GLOBALS['opt_http_pass'] == 'Yes') { + $tem->sub('opt_http_pass_1'); + $tem->sub('opt_http_pass_2'); + } return $tem->run(); } @@ -293,6 +299,7 @@ function edit_url() { $url = ereg_replace('view_php=[^&]*', 'edit=yes', $url); $url = ereg_replace('download_tar=[^&]*', 'edit=yes', $url); $url = ereg_replace('/[a-z0-9_.]*\?', '/?', $url); + $url = str_replace('jasonwoof.l', 'jasonwoof.com', $url); # so that code generated on Jason's home computer will display a publically accessible link. return $url; } diff --git a/metaform/main.html b/metaform/main.html index ffd38fc..5d0bc2e 100644 --- a/metaform/main.html +++ b/metaform/main.html @@ -19,6 +19,8 @@

Save form results to a database.

+

Password protect this form (with HTTP authentication).

+

Below, specify the fields you'd like in your form, one field per line. After each field name, put at least one space, then the field type. The following field types are available: ~available_types.html~.

Example:

 name      textbox
diff --git a/metaform/preview.html b/metaform/preview.html
index e847988..d9d0b6f 100644
--- a/metaform/preview.html
+++ b/metaform/preview.html
@@ -13,10 +13,10 @@ td.caption { text-align: right; font-weight: bold; }
   
This grey thing is a preview. It will NOT work. Don't click button(s) in it

 ~preview~
   
-    

+    

 
   

-  	

+  	

 
     

 
diff --git a/metaform/template.php b/metaform/template.php
index 84755d4..5aa4395 100644
--- a/metaform/template.php
+++ b/metaform/template.php
@@ -8,6 +8,7 @@
 #
 # ~metaform_url~
 
+
 # SETUP
 
 # To send results by e-mail, all you have to do is set your e-mail address here:
@@ -21,6 +22,11 @@ $GLOBALS['~form_name~_form_recipient'] = "fixme@example.com";
 # Set this to the path to your uploads directory. It can be relative to the
 # location of this script. IT MUST END WITH A SLASH
 $GLOBALS['upload_directory'] = 'uploads/';
+
+# Define the username and password required to view this form:
+define('AUTH_REALM', '~form_name~ administration area');
+define('AUTH_USER', 'fixme');
+define('AUTH_PASS', 'fixme');
 
 
 if(!file_exists('code/wfpl/template.php')) { die('This form requires wfpl.'); }
@@ -44,7 +50,15 @@ function ~form_name~_get_fields() {
 	return array(~php_fields~);
 }
 
-function ~form_name~() {
+function ~form_name~() {
+	# To remove password protection, just delete this block:
+	if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER'] != AUTH_USER || $_SERVER['PHP_AUTH_PW'] != AUTH_PASS) {
+		header('WWW-Authenticate: Basic realm="' . AUTH_REALM . '"');
+		header('HTTP/1.0 401 Unauthorized');
+		echo '401 Unauthorized';
+		exit;
+	}
+	
 	$edit_id = format_int($_REQUEST['~form_name~_edit_id']);
 	unset($_REQUEST['~form_name~_edit_id']);
 	if($edit_id) {