Fri, 10 Apr 2026 09:20:41 +0000 https://bugs.horde.org/ticket/6404 Password protected galleries Added the ability to lock a gallery by a password. I added the check into the gallery hasPermission method which seem the more logic place. If the headers are still not sent the user is redirected to the password enter form. Otherwise returns false. Sat, 08 Mar 2008 12:53:39 +0000 https://bugs.horde.org/ticket/6404#t43573 The enter password form. Sat, 08 Mar 2008 12:54:20 +0000 https://bugs.horde.org/ticket/6404#t43574 Couple of issues: You are prevented from viewing *any* galleries in the List view if the current grouping contains any password protected galleries that you do not have the password for. For example, browsing all of User A's galleries, you are *immediately* presented with a password dialog. If you do not have the password for that gallery, you have to way of viewing any of the rest of the grouping. I also don't think we should show the password dialog until we actually try to view the gallery itself. Maybe a "locked" image as the gallery tile thumbnail should be displayed when we have not "authenticated" to a particular gallery yet. We also need to implement some sort of better check for things like Ansel's blocks. Right now, images and galleries that are passwd protected show up in the various blocks, and when you mouse over an image, for example, the image is briefly displayed and then is replaced by the login form in the floating div where the previewed thumbnail should be. I'm also not sure that a non-owner with edit permissions should be able to change a gallery password....and if we *do* want to allow it, there is an issue that when the password is changed and we are asked for the new password when being redirected back to the gallery view, after a successful "authentication", a "No gallery found" error is returned. Mon, 10 Mar 2008 15:26:46 +0000 https://bugs.horde.org/ticket/6404#t43659 ...and should we be storing passwords in the database as cleartext? We should probably md5 them before they are stored instead of just when we are storing them in the session. Mon, 10 Mar 2008 15:29:08 +0000 https://bugs.horde.org/ticket/6404#t43661 > Couple of issues: - password can be edited only by the owner of the gallery - added hasPasswd() method to tell if the gallery has passwd and the user has not entered it yet - added gallery-locked.png to as thumbnails for locked images Now we check if the gallery is locked by password in Ansel_View_Abstract and various blocks. Wed, 12 Mar 2008 14:14:41 +0000 https://bugs.horde.org/ticket/6404#t43745 > Couple of issues: - password can be edited only by the owner of the gallery - added hasPasswd() method to tell if the gallery has passwd and the user has not entered it yet - added gallery-locked.png to as thumbnails for locked images Now we check if the gallery is locked by password in Ansel_View_Abstract and various blocks. Wed, 12 Mar 2008 14:14:53 +0000 https://bugs.horde.org/ticket/6404#t43746 I forgot tho check the gallery tile. Wed, 12 Mar 2008 14:19:07 +0000 https://bugs.horde.org/ticket/6404#t43747 So far... 1) DB Syntax error when saving new galleries 2) Password and Tags fields are already filled in with values from somewhere when creating a new gallery 3) After entering password from the protect form, a "no gallery specified' error is still returned. 4) Images from password protected galleries are still shown in the mini thumbnails of gallery groups and the image titles are still shown in the blocks. If a gallery is not accessible, you shouldn't be able to even read the titles, file names etc... 5) Image for locked galleries not included in patch 6) Passwords stored in plaintext Fri, 14 Mar 2008 19:24:36 +0000 https://bugs.horde.org/ticket/6404#t43846 I should also mention that I had to guess a bit on where some of these changes went as the patch didn't apply cleanly...maybe a fresh patch against current HEAD would help if this seems to be working for you. Fri, 14 Mar 2008 19:27:44 +0000 https://bugs.horde.org/ticket/6404#t43847 I done what your comment but I moved my work into my local svn repository where I gone much forward with face recognition and face bitmap search (finds similarities) and even some more optimizations. But is difficult to me to create a ticket for every single changes I made. I wish to make Ansel feature and optimization capable for my site till the end of the month. I will stay tuned, but I will probably wait with patches till I finish, or maybe even till Ansel is branched for php5. All my patches are created against the cvs snapshot of the day the patch is created. Problems my occur as things changes till the patch is revisioned. Mon, 17 Mar 2008 08:53:19 +0000 https://bugs.horde.org/ticket/6404#t43873 Sounds good...and thank you for your work. I'm looking forward to seeing the facial recognition once it's fully implemented Mon, 17 Mar 2008 14:53:58 +0000 https://bugs.horde.org/ticket/6404#t43890 Any progress here, since a lot of other changes to Ansel have gone in? Sun, 09 Nov 2008 16:26:21 +0000 https://bugs.horde.org/ticket/6404#t50609 I'll try to take a look again at these changes in the context of recent changes. The main issue I had with how this - and the gallery age requirement - is currently implemented is that there needs to be various checks sprinkled around Ansel to check these things. We query by permissions to get the gallery list, then on top of that, we have to double check other types of permissions in various places to be sure the person is old enough, the gallery has a password etc... I remember trying (unsuccessfully) to centralize everything at one point, but I don't remember the exact issues off hand. I'll look at it again, but to honest, it's going to be towards the bottom of my list. Sun, 09 Nov 2008 16:49:58 +0000 https://bugs.horde.org/ticket/6404#t50614 Target for 1.0 since the code is in an inconsistent state at the moment... Wed, 17 Dec 2008 15:45:59 +0000 https://bugs.horde.org/ticket/6404#t51330 Changes have been made in CVS for this ticket: http://cvs.horde.org/diff.php/ansel/gallery.php?rt=horde&r1=1.140&r2=1.141&ty=u http://cvs.horde.org/diff.php/ansel/lib/Ansel.php?rt=horde&r1=1.560&r2=1.561&ty=u http://cvs.horde.org/diff.php/ansel/lib/Block/gallery.php?rt=horde&r1=1.47&r2=1.48&ty=u http://cvs.horde.org/diff.php/ansel/lib/Block/random_photo.php?rt=horde&r1=1.35&r2=1.36&ty=u http://cvs.horde.org/diff.php/ansel/lib/Block/recently_added.php?rt=horde&r1=1.39&r2=1.40&ty=u http://cvs.horde.org/diff.php/ansel/lib/Tile/Gallery.php?rt=horde&r1=1.36&r2=1.37&ty=u http://cvs.horde.org/diff.php/ansel/lib/Views/EmbeddedRenderers/Mini.php?rt=horde&r1=1.13&r2=1.14&ty=u http://cvs.horde.org/diff.php/ansel/lib/Views/Gallery.php?rt=horde&r1=1.123&r2=1.124&ty=u http://cvs.horde.org/diff.php/ansel/lib/Views/Image.php?rt=horde&r1=1.73&r2=1.74&ty=u http://cvs.horde.org/diff.php/ansel/lib/Views/Slideshow.php?rt=horde&r1=1.11&r2=1.12&ty=u http://cvs.horde.org/co.php/ansel/protect.php?rt=horde&r=1.1 http://cvs.horde.org/diff.php/ansel/templates/gallery/gallery.inc?rt=horde&r1=1.61&r2=1.62&ty=u Sun, 21 Dec 2008 19:01:06 +0000 https://bugs.horde.org/ticket/6404#t51368 Changes have been made in CVS for this ticket: http://cvs.horde.org/diff.php/ansel/disclamer.php?rt=horde&r1=1.3&r2=1.3.2.1&ty=u http://cvs.horde.org/diff.php/ansel/gallery.php?rt=horde&r1=1.136.2.4&r2=1.136.2.5&ty=u http://cvs.horde.org/diff.php/ansel/lib/Ansel.php?rt=horde&r1=1.517.2.30&r2=1.517.2.31&ty=u http://cvs.horde.org/diff.php/ansel/lib/Block/gallery.php?rt=horde&r1=1.45.2.2&r2=1.45.2.3&ty=u http://cvs.horde.org/diff.php/ansel/lib/Block/random_photo.php?rt=horde&r1=1.35&r2=1.35.2.1&ty=u http://cvs.horde.org/diff.php/ansel/lib/Block/recently_added.php?rt=horde&r1=1.37.2.2&r2=1.37.2.3&ty=u http://cvs.horde.org/diff.php/ansel/lib/Tile/Gallery.php?rt=horde&r1=1.36&r2=1.36.2.1&ty=u http://cvs.horde.org/diff.php/ansel/lib/Views/EmbeddedRenderers/Mini.php?rt=horde&r1=1.8.2.2&r2=1.8.2.3&ty=u http://cvs.horde.org/diff.php/ansel/lib/Views/Gallery.php?rt=horde&r1=1.119.2.2&r2=1.119.2.3&ty=u http://cvs.horde.org/diff.php/ansel/lib/Views/Image.php?rt=horde&r1=1.68.2.4&r2=1.68.2.5&ty=u http://cvs.horde.org/diff.php/ansel/lib/Views/Slideshow.php?rt=horde&r1=1.10.2.1&r2=1.10.2.2&ty=u http://cvs.horde.org/diff.php/ansel/templates/gallery/gallery.inc?rt=horde&r1=1.57.2.4&r2=1.57.2.5&ty=u Sun, 21 Dec 2008 19:20:55 +0000 https://bugs.horde.org/ticket/6404#t51370 Changes have been made in CVS for this ticket: http://cvs.horde.org/diff.php/ansel/templates/group/category.inc?rt=horde&r1=1.16&r2=1.17&ty=u http://cvs.horde.org/diff.php/ansel/templates/group/owner.inc?rt=horde&r1=1.26&r2=1.27&ty=u Sun, 21 Dec 2008 19:42:48 +0000 https://bugs.horde.org/ticket/6404#t51372 k - this appears to be in good order. Just need a icon for the locked gallery thumbnails, but it's no longer a 1.0 showstopper. Mon, 22 Dec 2008 20:34:24 +0000 https://bugs.horde.org/ticket/6404#t51402 I guess that preview.php should be aware of locked galleries too. My initial page comes with a special password property page. Yes, maybe is more logic to have this attribute with other gallery proprieties. But we must allow to set the password only to the gallery owner. Wed, 24 Dec 2008 11:52:54 +0000 https://bugs.horde.org/ticket/6404#t51436 > I guess that preview.php should be aware of locked galleries too. Yup, good catch, thank you. Fixed. > My initial page comes with a special password property page. Yes, > maybe is more logic to have this attribute with other gallery > proprieties. But we must allow to set the password only to the > gallery owner. I added a check to the existing gallery property form to not show that field if the current user is not the owner. I really don't see the issue here though. The only other people that would see this form other than the owner are admins - and admins can see the password protected galleries without knowing the password anyway. Wed, 24 Dec 2008 14:25:09 +0000 https://bugs.horde.org/ticket/6404#t51437