[pLog-svn] r2495 - in plugins/trunk: . secretblog secretblog/class
secretblog/class/action secretblog/class/security
secretblog/class/view secretblog/locale secretblog/templates
oscar at devel.plogworld.net
oscar at devel.plogworld.net
Tue Sep 20 16:44:30 GMT 2005
Author: oscar
Date: 2005-09-20 16:44:29 +0000 (Tue, 20 Sep 2005)
New Revision: 2495
Added:
plugins/trunk/secretblog/
plugins/trunk/secretblog/class/
plugins/trunk/secretblog/class/action/
plugins/trunk/secretblog/class/action/adminsecretblogpluginsettingsaction.class.php
plugins/trunk/secretblog/class/action/adminsecretblogpluginupdatesettingsaction.class.php
plugins/trunk/secretblog/class/security/
plugins/trunk/secretblog/class/security/secretblogfilter.class.php
plugins/trunk/secretblog/class/view/
plugins/trunk/secretblog/class/view/adminsecretblogpluginsettingsview.class.php
plugins/trunk/secretblog/locale/
plugins/trunk/secretblog/locale/locale_en_UK.php
plugins/trunk/secretblog/pluginsecretblog.class.php
plugins/trunk/secretblog/templates/
plugins/trunk/secretblog/templates/passwordform.template
plugins/trunk/secretblog/templates/pluginsettings.template
Log:
a plugin to password-protect entire blogs
Added: plugins/trunk/secretblog/class/action/adminsecretblogpluginsettingsaction.class.php
===================================================================
--- plugins/trunk/secretblog/class/action/adminsecretblogpluginsettingsaction.class.php 2005-09-19 07:06:22 UTC (rev 2494)
+++ plugins/trunk/secretblog/class/action/adminsecretblogpluginsettingsaction.class.php 2005-09-20 16:44:29 UTC (rev 2495)
@@ -0,0 +1,30 @@
+<?php
+
+ include_once( PLOG_CLASS_PATH."class/action/admin/blogowneradminaction.class.php" );
+ include_once( PLOG_CLASS_PATH."plugins/secretblog/class/view/adminsecretblogpluginsettingsview.class.php" );
+
+ class AdminSecretBlogPluginSettingsAction extends BlogOwnerAdminAction
+ {
+
+ /**
+ * Constructor. If nothing else, it also has to call the constructor of the parent
+ * class, BlogAction with the same parameters
+ */
+ function AdminSecretBlogPluginSettingsAction( $actionInfo, $request )
+ {
+ $this->BlogOwnerAdminAction( $actionInfo, $request );
+ }
+
+ /**
+ * Carries out the specified action
+ */
+ function perform()
+ {
+ $this->_view = new AdminSecretBlogPluginSettingsView( $this->_blogInfo );
+
+ $this->setCommonData();
+
+ return true;
+ }
+ }
+?>
Added: plugins/trunk/secretblog/class/action/adminsecretblogpluginupdatesettingsaction.class.php
===================================================================
--- plugins/trunk/secretblog/class/action/adminsecretblogpluginupdatesettingsaction.class.php 2005-09-19 07:06:22 UTC (rev 2494)
+++ plugins/trunk/secretblog/class/action/adminsecretblogpluginupdatesettingsaction.class.php 2005-09-20 16:44:29 UTC (rev 2495)
@@ -0,0 +1,70 @@
+<?php
+
+ include_once( PLOG_CLASS_PATH."class/action/admin/blogowneradminaction.class.php" );
+ include_once( PLOG_CLASS_PATH."plugins/secretblog/class/view/adminsecretblogpluginsettingsview.class.php" );
+ include_once( PLOG_CLASS_PATH."class/dao/blogs.class.php" );
+
+ class AdminSecretBlogPluginUpdateSettingsAction extends BlogOwnerAdminAction
+ {
+
+ var $_pluginEnabled;
+ var $_blogPassword;
+
+ /**
+ * Constructor. If nothing else, it also has to call the constructor of the parent
+ * class, BlogAction with the same parameters
+ */
+ function AdminSecretBlogPluginUpdateSettingsAction( $actionInfo, $request )
+ {
+ $this->BlogOwnerAdminAction( $actionInfo, $request );
+ }
+
+ function validate()
+ {
+ $this->_pluginEnabled = $this->_request->getValue( "pluginEnabled" );
+ $this->_pluginEnabled = ($this->_pluginEnabled != "" );
+
+ $this->_blogPassword = $this->_request->getValue( "blogPassword" );
+
+ return true;
+ }
+
+ /**
+ * Carries out the specified action
+ */
+ function perform()
+ {
+ // update the plugin configurations to blog setting
+ $blogSettings = $this->_blogInfo->getSettings();
+ $blogSettings->setValue( "plugin_secretblog_enabled", $this->_pluginEnabled );
+ // only update the password if it's not empty, or else leave it as it is
+ if( $this->_blogPassword != "" )
+ $blogSettings->setValue( "plugin_secretblog_password", md5( $this->_blogPassword ));
+ $this->_blogInfo->setSettings( $blogSettings );
+
+ // save the blogs settings
+ $blogs = new Blogs();
+ if( !$blogs->updateBlog( $this->_blogInfo->getId(), $this->_blogInfo )) {
+ $this->_view = new AdminSecretPluginSettingsView( $this->_blogInfo );
+ $this->_view->setErrorMessage( $this->_locale->tr("error_updating_settings"));
+ $this->setCommonData();
+
+ return false;
+ }
+
+ // if everything went ok...
+ $this->_blogInfo->setSettings( $blogSettings );
+ $this->_session->setValue( "blogInfo", $this->_blogInfo );
+ $this->saveSession();
+
+ $this->_view = new AdminSecretBlogPluginSettingsView( $this->_blogInfo );
+ $this->_view->setSuccessMessage( $this->_locale->tr("secretblog_settings_saved_ok"));
+ $this->setCommonData();
+
+ // clear the cache
+ CacheControl::resetBlogCache( $this->_blogInfo->getId());
+
+ return true;
+ }
+ }
+?>
Added: plugins/trunk/secretblog/class/security/secretblogfilter.class.php
===================================================================
--- plugins/trunk/secretblog/class/security/secretblogfilter.class.php 2005-09-19 07:06:22 UTC (rev 2494)
+++ plugins/trunk/secretblog/class/security/secretblogfilter.class.php 2005-09-20 16:44:29 UTC (rev 2495)
@@ -0,0 +1,103 @@
+<?php
+
+ include_once( PLOG_CLASS_PATH."class/security/pipelinefilter.class.php" );
+
+ class SecretBlogFilter extends PipelineFilter
+ {
+
+ function SecretBlogFilter( $pipelineRequest )
+ {
+ $this->PipelineFilter( $pipelineRequest );
+ }
+
+ function filter()
+ {
+ // get some info
+ $blogInfo = $this->_pipelineRequest->getBlogInfo();
+ $blogSettings = $blogInfo->getSettings();
+ $request = $this->_pipelineRequest->getHttpRequest();
+ $session = HttpVars::getSession();
+
+ // is the plugin enabled? If not, we can quit right away
+ if( !$blogSettings->getValue( "plugin_secretblog_enabled" )) {
+ $result = new PipelineResult( true );
+ return( $result );
+ }
+
+ // there are three possible situations:
+ // - user not authenticated
+ // - user not authenticated but blogPassword parameter in the request
+ // - user authenticated
+
+ if( $this->isUserAuthenticated( $blogInfo )) {
+ $result = new PipelineResult( true );
+ return( $result );
+ }
+ else {
+ // is there a "blogPassword" parameter in the session?
+ $password = $request->getValue( "blogPassword" );
+ if( $password ) {
+ // validate the password compared to whatever was stored in the blog settings
+ $blogSettings = $blogInfo->getSettings();
+ $blogPassword = $blogSettings->getValue( "plugin_secretblog_password" );
+ if( $blogPassword == md5( $password )) {
+ // set the password in the session
+ $session["blogPassword"] = md5( $password );
+ HttpVars::setSession( $session );
+ // and return everything ok...
+ $result = new PipelineResult( true );
+ return( $result );
+ }
+ else {
+ // password wasn't correct, try again!
+ print( $this->renderPasswordForm( $blogInfo ));
+ die();
+ }
+ }
+ else {
+ // no password, no authentication info in the session!
+ print( $this->renderPasswordForm( $blogInfo ));
+ die();
+ }
+ }
+ }
+
+ /**
+ * @private
+ * Returns true if the user has already been authenticated for this session
+ */
+ function isUserAuthenticated( $blogInfo )
+ {
+ // retrieve the session
+ $session = HttpVars::getSession();
+ // and look for our information
+ $sessionPassword = $session["blogPassword"];
+ if( $sessionPassword ) {
+ $blogSettings = $blogInfo->getSettings();
+ $blogPassword = $blogSettings->getValue( "plugin_secretblog_password" );
+ if( $sessionPassword == $blogPassword )
+ return true;
+ else
+ return false;
+ }
+ else
+ return false;
+ }
+
+ /**
+ * @private
+ * Shows the authentication form
+ */
+ function renderPasswordForm( $blogInfo )
+ {
+ include_once( PLOG_CLASS_PATH."class/template/templateservice.class.php" );
+ $ts = new TemplateService();
+ $t = $ts->PluginTemplate( "secretblog", "passwordform" );
+ $t->assign( "locale", $blogInfo->getLocale() );
+ $t->assign( "articleId", $articleId );
+ $t->assign( "url", RequestGenerator::getRequestGenerator( $blogInfo ));
+ $t->assign( "blog", $blogInfo );
+ return( $t->fetch());
+ }
+ }
+?>
\ No newline at end of file
Added: plugins/trunk/secretblog/class/view/adminsecretblogpluginsettingsview.class.php
===================================================================
--- plugins/trunk/secretblog/class/view/adminsecretblogpluginsettingsview.class.php 2005-09-19 07:06:22 UTC (rev 2494)
+++ plugins/trunk/secretblog/class/view/adminsecretblogpluginsettingsview.class.php 2005-09-20 16:44:29 UTC (rev 2495)
@@ -0,0 +1,25 @@
+<?php
+
+ include_once( PLOG_CLASS_PATH."class/view/admin/adminplugintemplatedview.class.php" );
+
+ class AdminSecretBlogPluginSettingsView extends AdminPluginTemplatedView
+ {
+
+ function AdminSecretBlogPluginSettingsView( $blogInfo )
+ {
+ $this->AdminPluginTemplatedView( $blogInfo, "secretblog", "pluginsettings" );
+ }
+
+ function render()
+ {
+ // load some configuration settings
+ $blogSettings = $this->_blogInfo->getSettings();
+ $pluginEnabled = $blogSettings->getValue( "plugin_secretblog_enabled" );
+
+ // create a view and export the settings to the template
+ $this->setValue( "pluginEnabled", $pluginEnabled );
+
+ parent::render();
+ }
+ }
+?>
\ No newline at end of file
Added: plugins/trunk/secretblog/locale/locale_en_UK.php
===================================================================
--- plugins/trunk/secretblog/locale/locale_en_UK.php 2005-09-19 07:06:22 UTC (rev 2494)
+++ plugins/trunk/secretblog/locale/locale_en_UK.php 2005-09-20 16:44:29 UTC (rev 2495)
@@ -0,0 +1,13 @@
+<?php
+$messages["secretblog_plugin"] = "Secret Blog";
+$messages["secretblog_settings_saved_ok"] = "Plugin settings saved successfully";
+$messages["secretblog_plugin_enabled_help"] = "Enabling this plugin will password-protect this blog";
+$messages["secretblog_plugin_enabled"] = "Enable this plugin";
+$messages["secretblog_password"] = "Password";
+$messages["secretblog_password_help"] = "Please type the password that will be used to protect this blog";
+$messages["pluginSecretBlogSettings"] = "Secret Blog";
+$messages["manageSecurityPlugins"] = "Security Plugins";
+$messages["secretblog_blog_is_password_protected"] = "You must provide the correct password in order to access the contents of this blog.";
+$messages["secretblog_send"] = "Send";
+$messages["secretblog_enter_password"] = "Enter password";
+?>
\ No newline at end of file
Added: plugins/trunk/secretblog/pluginsecretblog.class.php
===================================================================
--- plugins/trunk/secretblog/pluginsecretblog.class.php 2005-09-19 07:06:22 UTC (rev 2494)
+++ plugins/trunk/secretblog/pluginsecretblog.class.php 2005-09-20 16:44:29 UTC (rev 2495)
@@ -0,0 +1,31 @@
+<?php
+
+ include_once( PLOG_CLASS_PATH."class/plugin/pluginbase.class.php" );
+ include_once( PLOG_CLASS_PATH."plugins/secretblog/class/security/secretblogfilter.class.php" );
+
+ class PluginSecretBlog extends PluginBase
+ {
+
+ function PluginSecretBlog()
+ {
+ $this->PluginBase();
+
+ $this->id = "secretblog";
+ $this->author = "The pLog Team";
+
+ // we only need to register a filter
+ $this->registerFilter( "SecretBlogFilter" );
+
+ // register our own actions
+ // register our action and menu entry
+ $this->registerAdminAction( "pluginSecretBlogSettings", "AdminSecretBlogPluginSettingsAction" );
+ $this->registerAdminAction( "pluginSecretBlogUpdateSettings", "AdminSecretBlogPluginUpdateSettingsAction" );
+
+ // register our action and menu entry
+ $menu =& Menu::getMenu();
+ if( !$menu->entryExists( "/menu/controlCenter/manageSecurityPlugins" ))
+ $this->addMenuEntry( "/menu/controlCenter", "manageSecurityPlugins", "", "", true, false );
+ $this->addMenuEntry( "/menu/controlCenter/manageSecurityPlugins", "pluginSecretBlogSettings", "admin.php?op=pluginSecretBlogSettings", "", true, false );
+ }
+ }
+?>
\ No newline at end of file
Added: plugins/trunk/secretblog/templates/passwordform.template
===================================================================
--- plugins/trunk/secretblog/templates/passwordform.template 2005-09-19 07:06:22 UTC (rev 2494)
+++ plugins/trunk/secretblog/templates/passwordform.template 2005-09-20 16:44:29 UTC (rev 2495)
@@ -0,0 +1,26 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="{$locale->getLanguageId()}" lang="{$locale->getLanguageId()}" dir="{$locale->getDirection()}">
+ <head>
+ <title>{$blog->getBlog()}</title>
+ <style>
+ {literal}
+ .secretBlogTitle {
+ font-size: 18px;
+ font-weight: bold;
+ }
+ {/literal}
+ </style>
+ </head>
+ <body>
+<span class="secretBlogTitle">{$locale->tr("secretblog_enter_password")}</span>
+<p>
+{$locale->tr("secretblog_blog_is_password_protected")}
+</p>
+<form name="password" action="{$url->getIndexUrl()}" method="post">
+ {$locale->tr("password")}: <input type="password" name="blogPassword" value="" />
+ <input type="hidden" name="blogId" value="{$blog->getId()}" />
+ <input type="submit" name="Send" value="{$locale->tr("secretblog_send")}" />
+ <input type="hidden" name="op" value="Default" />
+</form>
+ </body>
+</html>
\ No newline at end of file
Added: plugins/trunk/secretblog/templates/pluginsettings.template
===================================================================
--- plugins/trunk/secretblog/templates/pluginsettings.template 2005-09-19 07:06:22 UTC (rev 2494)
+++ plugins/trunk/secretblog/templates/pluginsettings.template 2005-09-20 16:44:29 UTC (rev 2495)
@@ -0,0 +1,32 @@
+{include file="$admintemplatepath/header.template"}
+{include file="$admintemplatepath/navigation.template" showOpt=pluginSecretBlogSettings title=$locale->tr("secretblog_plugin")}
+<form name="pluginSecretBlogSettings" action="admin.php" method="post">
+ <fieldset class="inputField">
+ <legend>{$locale->tr("pluginSecretBlogSettings")}</legend>
+ {include file="$admintemplatepath/successmessage.template"}
+ {include file="$admintemplatepath/errormessage.template"}
+ <div class="field">
+ <label for="pluginEnabled">{$locale->tr("secretblog_plugin_enabled")}</label>
+ <div class="formHelp">
+ <input class="checkbox" type="checkbox" name="pluginEnabled" id="pluginEnabled" {if $pluginEnabled} checked="checked" {/if} value="1" />{$locale->tr("secretblog_plugin_enabled_help")}
+ </div>
+ </div>
+
+ <div class="field">
+ <label for="blogPassword">{$locale->tr("secretblog_password")}</label>
+ <span class="required">*</span>
+ <div class="formHelp">{$locale->tr("secretblog_password_help")}</div>
+ <input type="password" name="blogPassword" value="" />
+ </label>
+ </div>
+
+ </fieldset>
+
+ <div class="buttons">
+ <input type="hidden" name="op" value="pluginSecretBlogUpdateSettings" />
+ <input type="reset" name="{$locale->tr("reset")}" />
+ <input type="submit" name="{$locale->tr("update_settings")}" value="{$locale->tr("update")}" />
+ </div>
+</form>
+{include file="$admintemplatepath/footernavigation.template"}
+{include file="$admintemplatepath/footer.template"}
\ No newline at end of file
More information about the pLog-svn
mailing list