diff --git a/app/post.class.php b/app/post.class.php
index 6e3c840..15486fd 100644
--- a/app/post.class.php
+++ b/app/post.class.php
@@ -310,7 +310,7 @@ class Post
"SELECT `id`, `text`, `feeling`, `persons`, `location`, `privacy`, `content_type`, `content`, DATE_FORMAT(`posts`.`datetime`,'%d %b %Y %H:%i') AS `datetime` ".
"FROM `posts` ".
"WHERE ".
- (!User::is_logged_in() ? "`privacy` = 'public' AND " : "").
+ (!User::is_logged_in() ? (User::is_visitor() ? "`privacy` IN ('public', 'friends') AND " : "`privacy` = 'public' AND ") : "").
($until ? "`posts`.`datetime` < DATE_ADD('{$until}', INTERVAL +1 MONTH) AND " : "").
($id ? "`id` = {$id} AND " : "").
($tag ? "`plain_text` LIKE '%{$tag}%' AND " : "").
@@ -331,6 +331,6 @@ class Post
}
public static function handshake($r){
- return ["logged_in" => User::is_logged_in()];
+ return ["logged_in" => User::is_logged_in(), "is_visitor" => User::is_visitor()];
}
}
\ No newline at end of file
diff --git a/app/user.class.php b/app/user.class.php
index c5a96c5..882372a 100644
--- a/app/user.class.php
+++ b/app/user.class.php
@@ -4,6 +4,14 @@ class user
{
const SESSION_NAME = "logged_in";
+ public static function is_visitor(){
+ if(!Config::get_safe("force_login", false)){
+ return true;
+ }
+
+ return !empty($_SESSION[User::SESSION_NAME]) && $_SESSION[User::SESSION_NAME] == 'visitor';
+ }
+
public static function is_logged_in(){
if(!Config::get_safe("force_login", false)){
return true;
@@ -23,9 +31,14 @@ class user
if(Config::get("nick") == $nick && Config::get_safe("pass", "") == $pass){
$_SESSION[User::SESSION_NAME] = md5($nick.$pass);
- return true;
+ return ["logged_in" => true, "is_visitor" => false];
}
-
+
+ if(($visitors = Config::get_safe("visitor", [])) && !empty($visitors) && isset($visitors[$nick]) && $visitors[$nick] === $pass){
+ $_SESSION[User::SESSION_NAME] = 'visitor';
+ return ["logged_in" => false, "is_visitor" => true];
+ }
+
Log::put("login_fails", $nick);
throw new Exception(__("The nick or password is incorrect."));
}
@@ -35,7 +48,7 @@ class user
throw new Exception(__("You can't log out. There is no account."));
}
- if(!self::is_logged_in()){
+ if(!self::is_logged_in() && !self::is_visitor()){
throw new Exception(__("You are not even logged in."));
}
diff --git a/config.ini b/config.ini
index 07bff3e..3d9aaf0 100644
--- a/config.ini
+++ b/config.ini
@@ -23,13 +23,18 @@ highlight = true
;styles[] = static/styles/custom2.css
;scripts = static/styles/scripts.css
+[bbcode]
;bbtags[quote] = "{param}
"
-[login]
+[admin]
force_login = true
nick = demo
pass = demo
+[visitors]
+;visitor[user] = pass
+;visitor[user] = pass
+
[system]
system_name = blog
version = 1.05
diff --git a/index.php b/index.php
index 9ff86dc..e6a0a03 100644
--- a/index.php
+++ b/index.php
@@ -290,7 +290,7 @@ if(!empty($scripts)){
diff --git a/static/scripts/app.js b/static/scripts/app.js
index 2769753..c54abb2 100644
--- a/static/scripts/app.js
+++ b/static/scripts/app.js
@@ -156,7 +156,8 @@ var cnt_funcs = {
// Login function
var login = {
is: false,
-
+ visitor: false,
+
// Logout button
logout_btn: function(name){
var btn = $('#prepared .logout_btn').clone();
@@ -174,11 +175,15 @@ var login = {
$("body").error_msg(data.msg);
return ;
}
-
+
+ // Remove new post input
+ if(login.is){
+ new_post.remove();
+ }
+
// Is not logged in anymore
login.is = false;
- // Remove new post input
- new_post.remove();
+ login.visitor = false;
// Remove logout button
btn.remove();
// Load first posts
@@ -231,9 +236,13 @@ var login = {
}
// Now is logged in
- login.is = true;
+ login.is = data.logged_in;
+ login.visitor = data.is_visitor;
+
// Logged in user can add post
- new_post.create();
+ if(login.is){
+ new_post.create();
+ }
// Remove login button
btn.remove();
// Load first posts
@@ -272,11 +281,15 @@ var login = {
// Check if is logged in
login.is = data.logged_in;
- if(!login.is){
+ login.visitor = data.is_visitor;
+ if(!login.is && !login.visitor){
login.login_btn();
} else {
login.logout_btn();
- // Logged in user can add post
+ }
+
+ // Logged in user can add post
+ if(login.is){
new_post.create();
}