Password Protection
How to password protect articles in UTF-8 CuteNews
This article refers to and uses code from UTF-8 CuteNews 7.
1. Categories
This hack (= code modification) uses CuteNews' category system to password protect articles which are in a given category. If you do not have a category you want to protect yet, create one under Options > Edit Categories. In our example, we use the category Privatë. It is important that you remember the ID of the category, which in our example is 3.
2. Modify shows.inc.php
You may want to back up your file /inc/shows.inc.php before altering its code.Open /inc/shows.inc.php, and add the following code after the first line ("<?PHP"):
$passCat = 3;
if(isset($CN_tried) && $CN_tried){
echo '<span style="color: #f00">Sorry, invalid password!</span>';
}
Replace 3 in $passCat with the ID of your private category.
if(isset($CN_tried) && $CN_tried){
echo '<span style="color: #f00">Sorry, invalid password!</span>';
}
Below the following code (under the Show Full Story comment)
foreach($all_active_news as $active_news){
$news_arr = explode('|', $active_news);
if($news_arr[0] == $id and (!$catid or $catid == $news_arr[6])){
Add this:
$news_arr = explode('|', $active_news);
if($news_arr[0] == $id and (!$catid or $catid == $news_arr[6])){
if ($news_arr[6] == $passCat && !$CN_logged) {
echo 'Please enter the password to view this article.
<form action="'.$_SERVER['PHP_SELF'].'" method="post">
<input type="password" name="CN_pw" />
<input type="hidden" name="CNID" value="'.$news_arr[0].'" />
<input type="submit" value=" Go " />
</form>';
$found = true;
break;
}
echo 'Please enter the password to view this article.
<form action="'.$_SERVER['PHP_SELF'].'" method="post">
<input type="password" name="CN_pw" />
<input type="hidden" name="CNID" value="'.$news_arr[0].'" />
<input type="submit" value=" Go " />
</form>';
$found = true;
break;
}
And, replace the following code (in the Active News code block; whitespace is not preserved)
$is_in_cat = FALSE;
if(strstr($news_arr[6],',')){ //if the article is in multiple categories
$this_cats_arr = explode(',',$news_arr[6]);
foreach($this_cats_arr as $this_single_cat){
if($requested_cats and $requested_cats[$this_single_cat] == TRUE){$is_in_cat=TRUE;}
}
}else{
if($requested_cats and $requested_cats[$news_arr[6]] == TRUE){ $is_in_cat=TRUE;}
With:
if(strstr($news_arr[6],',')){ //if the article is in multiple categories
$this_cats_arr = explode(',',$news_arr[6]);
foreach($this_cats_arr as $this_single_cat){
if($requested_cats and $requested_cats[$this_single_cat] == TRUE){$is_in_cat=TRUE;}
}
}else{
if($requested_cats and $requested_cats[$news_arr[6]] == TRUE){ $is_in_cat=TRUE;}
$is_in_cat = FALSE;
$CN_pass_req = false;
if(strstr($news_arr[6],',')){
$this_cats_arr = explode(',',$news_arr[6]);
if(in_array($passCat, $this_cats_arr)){
$CN_pass_req = true;
}
foreach($this_cats_arr as $this_single_cat){
if($requested_cats and $requested_cats[$this_single_cat] == TRUE){
$is_in_cat=TRUE;}
}
} else {
if($requested_cats and $requested_cats[$news_arr[6]] == TRUE){
$is_in_cat=TRUE;}
if($news_arr[6] == $passCat){
$CN_pass_req = true;
}
$CN_pass_req = false;
if(strstr($news_arr[6],',')){
$this_cats_arr = explode(',',$news_arr[6]);
if(in_array($passCat, $this_cats_arr)){
$CN_pass_req = true;
}
foreach($this_cats_arr as $this_single_cat){
if($requested_cats and $requested_cats[$this_single_cat] == TRUE){
$is_in_cat=TRUE;}
}
} else {
if($requested_cats and $requested_cats[$news_arr[6]] == TRUE){
$is_in_cat=TRUE;}
if($news_arr[6] == $passCat){
$CN_pass_req = true;
}
Just a bit below, you will find:
if($my_names[$news_arr[1]]){ $my_author = $my_names[$news_arr[1]]; }
Add the following below that code:
if($CN_pass_req && (!isset($CN_logged) || !$CN_logged)){
$news_arr[4] = '';
$news_arr[3] = 'This article is password-protected. Please log in:
<form action="'.$_SERVER['PHP_SELF'].'" method="post">
<input type="password" name="CN_pw" />
<input type="submit" value=" Go " />
</form>';
}
$news_arr[4] = '';
$news_arr[3] = 'This article is password-protected. Please log in:
<form action="'.$_SERVER['PHP_SELF'].'" method="post">
<input type="password" name="CN_pw" />
<input type="submit" value=" Go " />
</form>';
}
Phew, that's it! ;) Be sure you upload the modified file again.
3. Include page
On every page on which you use CuteNews, add the following code at the very top (this is important):<?php
$password = 'Rumpelstilzchen';
$CN_tried = false;
$CN_logged = false;
if(isset($_COOKIE['CN_pw']) && $_COOKIE['CN_pw'] == $password){
$CN_logged = true;
}
if(isset($_POST['CN_pw'])){
if($_POST['CN_pw'] == $password){
setcookie('CN_pw', $password, time()+7200);
$CN_logged = true;
if(isset($_POST['CNID']) && preg_match('/^[0-9]{1,}$/', $_POST['CNID'])){
header('location:'.$_SERVER['PHP_SELF'].'?subaction=showfull&id='.$_POST['CNID']);
exit;
}
}
else{
$CN_tried = true;
}
}
?>
Change $password's value, Rumpelstilzchen, to the password you want. For reasons related to server settings and character
encoding, I don't advise using characters outside of a-z, A-Z, 0-9, - and _ for your password.
$password = 'Rumpelstilzchen';
$CN_tried = false;
$CN_logged = false;
if(isset($_COOKIE['CN_pw']) && $_COOKIE['CN_pw'] == $password){
$CN_logged = true;
}
if(isset($_POST['CN_pw'])){
if($_POST['CN_pw'] == $password){
setcookie('CN_pw', $password, time()+7200);
$CN_logged = true;
if(isset($_POST['CNID']) && preg_match('/^[0-9]{1,}$/', $_POST['CNID'])){
header('location:'.$_SERVER['PHP_SELF'].'?subaction=showfull&id='.$_POST['CNID']);
exit;
}
}
else{
$CN_tried = true;
}
}
?>
As with other passwords, please use a strong password.
4. RSS adjustment
Because we replace the article's contents with a HTML code that prompts the user to log in sometimes, this will also show in the RSS (rss.php) file.To avoid this being shown in a user's feed reader, add a category parameter to rss.php, including all category numbers except from your private one under the first line ("<?PHP").
Following the example image at #1, the code would look something like this:
$category = '4,6';
Tip: If you only have a "Private" category set, add a second one - a "Public" category. Assign all articles you don't
have in the private one to the public one, supply that ID in the code above and all public articles will be displayed in the
RSS feed.
Nota Bene
Articles which are in multiple categories are accepted. This login code sets and reads a cookie to manage if a user is logged in or not. The set cookie will be valid for 2 hours (7200 seconds). Should you want to change this, replace the number 7200 in the code under title #3 with the number of your choice (the number supplies how many seconds the cookie is valid for).Should you encounter problems with this tutorial, do not hesitate to post a topic on the CuteNews forum and please refer to this page so that we know you are following this tutorial.
Please do not write all too personal things online. Keep in mind that the content is saved in /data/news.txt and is viewable by anyone who gains access to this file or by anyone who has administrator access rights to Edit News.