Coppermine Update and Login Mod


Ironically, the web application that took the IIS6 upgrade the hardest was Coppermine, our photo gallery software. First off, it was the only application that required updating, because it used the outdated $GET_VARS instead of the newer $_GET. As a result, the old script was not seeing any parameters sent to the script and repeatedly reported “album not found” errors.

After the update, I had to re-implement my login scheme modification, which I always do when installing a new piece of software. This time, the new code was different enough from the old that my old hack didn’t work the first time. I had to play around with the code for a while to get it to full initiate a new session using the HTTP_DAFLOGIN environment variable instead of the conventional login form. Everything appears to work fine now.

For the record, modifications were required in only two files:

/login.php: Commented out lines 36 and 71 in order to skip over the login form.

/bridge/ This is the default login module. You can also tie Coppermine to other user databases. I made substantial changes to function login so that the script would automatically pick up the username from the environment variable and create the account if none exists. The rest runs fine now.

Inserted at line 28:
// kassissieh -- get user name from DAF environment variable
$daflogin = strtolower($_SERVER['HTTP_DAFLOGIN']);
if (strstr($daflogin, "\\")) {
list($env_domain, $env_user) = explode("\\\\", $daflogin);
$user_email = "$";
} elseif (strstr($daflogin, "@")) {
$env_user = $daflogin;
$user_email = $env_user;
} else {
$env_user = $daflogin;
$user_email = "$";
$username = $env_user;
$password = '-';

Inserted at line 138 (before // If exists update lastvisit value, session, and login)
// kassissieh -- auto-create user if it doesn't exist
if (!mysql_num_rows($results)) {
$sql = "INSERT INTO {$this->usertable} (user_regdate, user_active, user_name, user_password, user_email, user_group) VALUES (NOW(), 'YES', '" . addslashes($username) . "', '-', '" . addslashes($user_email) . "', '2')";
$result = cpg_db_query($sql);
// get user id from newly created record
$sql = "SELECT user_id, user_name, user_password FROM {$this->usertable} WHERE ";
$sql .= "user_name = '$username' AND BINARY user_password = '$encpassword' AND user_active = 'YES'";
$result = cpg_db_query($sql);

I still don’t know what photo gallery software we are going to run at Catlin Gabel. There are so many choices. We may not have a standalone gallery at all but rather integrate photos completely within the different content management systems we use — Drupal, Moodle, and perhaps Elgg.

Comments are closed.