X3Photo Gallery Forums

do you have any updates for this feature yet?

Sorry, not yet. It will be available in a major new version we are working on with a brand new admin interface.

Hello dear Imagevue team,

any news here please? I am really looking forward to this feature maybe two years while being your customer :]

Many free, javascript only galleries have it...

I believe that new version u are working on will be amazing...but when :/

Yes I would really like this feature as well.

Just something simple, set a password for one folder, or even the entire site would be great.

I've always wanted to install imagevue on my own site and be able to tell the world how good it is, but until this password protection is implemented I'm not going to do that.

Really guys you've done such an awesome job improving the new releases and the admin interface but such a very simple thing like one password just to enter the gallery seems to take years for you to implement?

I will buy a license for it the day you release a version with a simple password protection! I can't use it on my site until then because I plan to use it for my familys photo album on my personal site and I don't want the entire world to be able to google their way there, I only want people that I know to be able to see the photos there so just one simple password to enter the gallery! Nothing fancy, no major permission system, directory-service or password protected images, just one simple "log in here to access the gallery".

Please! I don't know what it is in your programming that makes it so hard to do. Because to me it sounds like something that would take a day to program for you guys and I guarantee you will have atleast one more customer if you do and just search your forums and you'll see how many are screaming for this feature!!

stoff wrote:I've always wanted to install imagevue on my own site and be able to tell the world how good it is, but until this password protection is implemented I'm not going to do that.

Really guys you've done such an awesome job improving the new releases and the admin interface but such a very simple thing like one password just to enter the gallery seems to take years for you to implement?

I will buy a license for it the day you release a version with a simple password protection! I can't use it on my site until then because I plan to use it for my familys photo album on my personal site and I don't want the entire world to be able to google their way there, I only want people that I know to be able to see the photos there so just one simple password to enter the gallery! Nothing fancy, no major permission system, directory-service or password protected images, just one simple "log in here to access the gallery".

Please! I don't know what it is in your programming that makes it so hard to do. Because to me it sounds like something that would take a day to program for you guys and I guarantee you will have atleast one more customer if you do and just search your forums and you'll see how many are screaming for this feature!!

There are some complications involved with password protection - We need to set the password on server-level(.htaccess) to provide true protection, and this is not a simple process especially because it is not consistent across all servers. However, me and Nick were discussing and testing this yesterday, and have it planned out already for the "major admin revamp" release coming soon! I know it is one of the most requested features, and now it is on its way ...

Just to give the full details to quench your curiosity, adding a password will work like this:
1. In admin, go to "users", add a new user/password and select the "frontpage" checkbox.
2. Now for any folder in admin, you can assign this user from a dropdown list, to protect this folder. Needless to say, you can set the same user/password from for ANY folder.
3. Imagevue will set a server-side protection for the folder, so it cant be accessed from imagevue, or directly. When accessing the folder from imagevue, a popup dialog will appear prompting for username+password

Some may wonder, what is the need of both username and password? Unfortunately, this is not a choice because serverside folder protection simply requires username and password. Normally, you could just set a global username either blank(none) or "photos" and then pick specific passwords for your user(s).

That is great news Karl! I just wish you hadn't said "planned out already for the "major admin revamp" release coming soon" because I've found posts since 2008 says the same thing And I know it's very optimistic to ask but I have to - when is "soon"?.

Also what you are talking about with .htaccess makes me worried that it won't do me any good because I'm running on IIS in Windows 7! So whatever solution you are working on I hope it'll be platform independant?

I ofcourse can't speak for everyone but what I'm after is just a way to stop someone from accidentally stumbling into our personal photo album by mistake from google or something. So a big hacker-proof security solution isn't really priority, just a small password protection, be it PHP session variables or what have you...

Regards
//Kristoffer

Well, this time we are working on it RIGHT NOW, and it is a big update scheduled for release before summer (so not imminent).

In regards to .htaccess and windows, I think Nick may have to answer the details about this. There may be some complications, yes.

As for your security scheme, that you just want to prevent random people from stumbling upon private galleries. Sure, I get your point, but dont you think it comes across as a bit unprofessional if we provide PASSWORD PROTECTION for folders/images, and then anyone who knows computers can easily find the images? I think this may come across as slightly unprofessional .. Besides, if you set a password for a folder, I am not sure how it can hurt that the folder IS actually password protected?

I made a nice little password .swf.. disabled the right click menu, and passwords + usernames are added to the .fla, any amount can be added !! and passed on to the appropriate user... security is not good for a determined person, who might be able to grab the .swf and decompile it... but why would they want to go to that trouble for 'private' photos ??? It's exceptionally small so If anyone's interested, let me know and I'll gladly supply it and further info ???

I don't know guys, looks like true protection will not help us, because it will work only on Apache server.

What about fake security. Really I don't want to do it. I can imagine angry people 'I put my naked images in a folder with the password and now they are all over facebook' or something.

You know Imagevue reads files and folders directly so this 'measure' would stop only your grandma from peeking into passworded folders unfortunately.

than let's do it for apache servers at least.

I ended up using password protection that my host provides, which is a little clunky, but works, and is easy to change.

Until Imagevue gets around to it, it will have to do.

what I need is password protected folders. Apache.

secerator wrote:what I need is password protected folders. Apache.

I wanted exactly the same. So I decided the google the .htaccess method of protection described above by Karl. I have never done this, but when following the procedure from the website below, I was surprised how easy and quick it was to set up. Basically you require 2 files (plus ftp access to your website), a .htpassword file (which has your encrypted password. Note the username is in plain text, and the file is placed outside the public_html. Most likely in an appropriate password folder auto created by your host provider) and a .htaccess file, which you put in the folder you want to protect (which the code inside this file simply points the the location of the .htpassword file you previsouly created).

If you want to see it in action go to my website: http://www.cottonbowles.com and go to Gallery/Jon and Lisa/Shared Private/Dillan Month 1.

The tutorial is at http://www.elated.com/articles/password ... -htaccess/ and gives you links to create your encrypted password.

I hope this helps, and after you have successfully done this, you will understand how difficult this is going to be for Karl and Nick to automate through the admin area, let alone trying to implement a universal front end password protection system for all platforms.

Cheers,

Cavey

Cavey: Thanks for giving a quick reference tutorial on this!