Password Protect Entries
This hack is deprecated in favour of the MT Protect plugin. Please use the plugin instead of this hack!
One of the biggest wants with MT is to password protect individual entries. There are several hacks and bits of code that allow you to password protect entries but many of them are long winded and many involve separate categories. I wanted a simple way to selectively password protect entries no matter what the category, what blog etc.
So I created a new field on the entry screen (click screenshot for a larger view) that would contain the password. For this to work you will need to be using MT 3.1x, mySQL and PHP. To see this in action see the front page on my blog, enter the password "password" and you will be granted access for 10 days.
And yes I'm perfectly aware WordPress has this functionality built in!
First off all run this query on your mysql database, all it does is add a new column called entry_password to your mt_entry table.
Alter table mt\_entry add column entry\_password text
Next open up lib/MT/App/CMS.pm and find around line 656
Alter table mt\_entry add column entry\_password text
$q->param($col) : $obj->$col();
}
if ($type eq 'entry') {
and add below it
Alter table mt\_entry add column entry\_password text
$q->param($col) : $obj->$col();
}
if ($type eq 'entry') {
$param{password} = $obj->password;
Save CMS.pm and open lib/MT/Entry.pm and right at the top you'll see the columns in the mt_entry table being defined. Find
Alter table mt\_entry add column entry\_password text
$q->param($col) : $obj->$col();
}
if ($type eq 'entry') {
$param{password} = $obj->password;
'basename',
and replace it with
Alter table mt\_entry add column entry\_password text
$q->param($col) : $obj->$col();
}
if ($type eq 'entry') {
$param{password} = $obj->password;
'basename',
'basename','password',
Save Entry.pm. This next change we're going to make will create a new
$ctx->register_handler(EntryMore => \&_hdlr_entry_more);
and add immediately underneath it
$ctx->register_handler(EntryPassword => \&_hdlr_entry_password);
Next find
Alter table mt\_entry add column entry\_password text
$q->param($col) : $obj->$col();
}
if ($type eq 'entry') {
$param{password} = $obj->password;
'basename',
'basename','password',
sub \_hdlr\_entry\_title {
and add immediately above it
Alter table mt\_entry add column entry\_password text
$q->param($col) : $obj->$col();
}
if ($type eq 'entry') {
$param{password} = $obj->password;
'basename',
'basename','password',
sub \_hdlr\_entry\_title {
sub \_hdlr\_entry\_password {
my $e = $\_[0]->stash('entry')
or return $\_[0]->\_no\_entry\_error('MTEntryPassword');
my $password = defined $e->password ? $e->password: '';
$password;
}
Save Context.pm and open edit_entry.tmpl, find
Alter table mt\_entry add column entry\_password text
$q->param($col) : $obj->$col();
}
if ($type eq 'entry') {
$param{password} = $obj->password;
'basename',
'basename','password',
sub \_hdlr\_entry\_title {
sub \_hdlr\_entry\_password {
my $e = $\_[0]->stash('entry')
or return $\_[0]->\_no\_entry\_error('MTEntryPassword');
my $password = defined $e->password ? $e->password: '';
$password;
}
<TMPL_VAR NAME=CREATED_ON_FORMATTED ESCAPE=HTML>
</TMPL_IF>
and add underneath it
Alter table mt\_entry add column entry\_password text
$q->param($col) : $obj->$col();
}
if ($type eq 'entry') {
$param{password} = $obj->password;
'basename',
'basename','password',
sub \_hdlr\_entry\_title {
sub \_hdlr\_entry\_password {
my $e = $\_[0]->stash('entry')
or return $\_[0]->\_no\_entry\_error('MTEntryPassword');
my $password = defined $e->password ? $e->password: '';
$password;
}
<TMPL_VAR NAME=CREATED_ON_FORMATTED ESCAPE=HTML>
</TMPL_IF>
<br />
<label><MT_TRANS phrase="Entry Password"></label><br />
<input name="password" id="password" value="<TMPL_VAR NAME=PASSWORD>" />
Save edit_entry.tmpl and upload these files. Next you'll need to create a new static index template called mt-password.php. For the template body, copy the contents of this file. The file sets a cookie that lasts 10 days. To change the length it lasts, change 864000 to another time frame in seconds, for example a day would be 86400 etc.
Save and rebuild the template.
This next bit depends on whether you publish statically or dynamically. I'll walk you through both ways.
Static Publishing
At the top of all templates where you use <MTEntry> tags, add the following
Alter table mt\_entry add column entry\_password text
$q->param($col) : $obj->$col();
}
if ($type eq 'entry') {
$param{password} = $obj->password;
'basename',
'basename','password',
sub \_hdlr\_entry\_title {
sub \_hdlr\_entry\_password {
my $e = $\_[0]->stash('entry')
or return $\_[0]->\_no\_entry\_error('MTEntryPassword');
my $password = defined $e->password ? $e->password: '';
$password;
}
<TMPL_VAR NAME=CREATED_ON_FORMATTED ESCAPE=HTML>
</TMPL_IF>
<br />
<label><MT_TRANS phrase="Entry Password"></label><br />
<input name="password" id="password" value="<TMPL_VAR NAME=PASSWORD>" />
<?php
include('<$MTCGIServerPath$>/php/mt.php');
$mt = new MT(<$MTBlogID$>, '<$MTCGIServerPath$>/mt.cfg');
$db = $mt->db(); ?>
This must be added right at the top, before the DocType declaration.
Next, just before the <MTEntryBody> tag, add this
Alter table mt\_entry add column entry\_password text
$q->param($col) : $obj->$col();
}
if ($type eq 'entry') {
$param{password} = $obj->password;
'basename',
'basename','password',
sub \_hdlr\_entry\_title {
sub \_hdlr\_entry\_password {
my $e = $\_[0]->stash('entry')
or return $\_[0]->\_no\_entry\_error('MTEntryPassword');
my $password = defined $e->password ? $e->password: '';
$password;
}
<TMPL_VAR NAME=CREATED_ON_FORMATTED ESCAPE=HTML>
</TMPL_IF>
<br />
<label><MT_TRANS phrase="Entry Password"></label><br />
<input name="password" id="password" value="<TMPL_VAR NAME=PASSWORD>" />
<?php
include('<$MTCGIServerPath$>/php/mt.php');
$mt = new MT(<$MTBlogID$>, '<$MTCGIServerPath$>/mt.cfg');
$db = $mt->db(); ?>
<?
$pass = $db->get_var("select entry_password from mt_entry where entry_id = <MTEntryID>");
$cookie = 'mt-postpass_'.md5($pass);
if($pass == "" || isset($_REQUEST[$cookie]) ) { ?>
Finally just before the posted section add
Alter table mt\_entry add column entry\_password text
$q->param($col) : $obj->$col();
}
if ($type eq 'entry') {
$param{password} = $obj->password;
'basename',
'basename','password',
sub \_hdlr\_entry\_title {
sub \_hdlr\_entry\_password {
my $e = $\_[0]->stash('entry')
or return $\_[0]->\_no\_entry\_error('MTEntryPassword');
my $password = defined $e->password ? $e->password: '';
$password;
}
<TMPL_VAR NAME=CREATED_ON_FORMATTED ESCAPE=HTML>
</TMPL_IF>
<br />
<label><MT_TRANS phrase="Entry Password"></label><br />
<input name="password" id="password" value="<TMPL_VAR NAME=PASSWORD>" />
<?php
include('<$MTCGIServerPath$>/php/mt.php');
$mt = new MT(<$MTBlogID$>, '<$MTCGIServerPath$>/mt.cfg');
$db = $mt->db(); ?>
<?
$pass = $db->get_var("select entry_password from mt_entry where entry_id = <MTEntryID>");
$cookie = 'mt-postpass_'.md5($pass);
if($pass == "" || isset($_REQUEST[$cookie]) ) { ?>
<? } else { ?>
<form action="<MTBlogURL>mt-password.php" method="post">
<input name="entry_id" value="<MTEntryID>" type="hidden" />
<p>This post is password protected. To view it please enter your password below:</p>
<p><label>Password:</label> <input name="post_password" type="text" size="20" /> <input type="submit" name="Submit" value="Submit" /></p>
</form>
<? } ?>
For the RSS templates, you'll need to do something slightly different. Wherever you find an <MTEntryBody> tag, replace it with
Alter table mt\_entry add column entry\_password text
$q->param($col) : $obj->$col();
}
if ($type eq 'entry') {
$param{password} = $obj->password;
'basename',
'basename','password',
sub \_hdlr\_entry\_title {
sub \_hdlr\_entry\_password {
my $e = $\_[0]->stash('entry')
or return $\_[0]->\_no\_entry\_error('MTEntryPassword');
my $password = defined $e->password ? $e->password: '';
$password;
}
<TMPL_VAR NAME=CREATED_ON_FORMATTED ESCAPE=HTML>
</TMPL_IF>
<br />
<label><MT_TRANS phrase="Entry Password"></label><br />
<input name="password" id="password" value="<TMPL_VAR NAME=PASSWORD>" />
<?php
include('<$MTCGIServerPath$>/php/mt.php');
$mt = new MT(<$MTBlogID$>, '<$MTCGIServerPath$>/mt.cfg');
$db = $mt->db(); ?>
<?
$pass = $db->get_var("select entry_password from mt_entry where entry_id = <MTEntryID>");
$cookie = 'mt-postpass_'.md5($pass);
if($pass == "" || isset($_REQUEST[$cookie]) ) { ?>
<? } else { ?>
<form action="<MTBlogURL>mt-password.php" method="post">
<input name="entry_id" value="<MTEntryID>" type="hidden" />
<p>This post is password protected. To view it please enter your password below:</p>
<p><label>Password:</label> <input name="post_password" type="text" size="20" /> <input type="submit" name="Submit" value="Submit" /></p>
</form>
<? } ?>
<MTIfEqual a="[MTEntryPassword]" b=""><$MTEntryBody encode_xml="1"$></MTIfEqual><MTIfNotEqual a="[MTEntryPassword]" b="">This post is password protected.</MTIfNotEqual>
To make this work, you'll need to install the Compare plugin
Rebuild all the files. To password protect an entry, type in a password into the Entry Password field on the edit/new entry page and once the pages are rebuilt, readers will need to enter a password to be able to gain access to the entry.
Dynamic publishing
With dynamic publishing, things are slightly easier since we're already in a PHP environment. In all templates that call
Alter table mt\_entry add column entry\_password text
$q->param($col) : $obj->$col();
}
if ($type eq 'entry') {
$param{password} = $obj->password;
'basename',
'basename','password',
sub \_hdlr\_entry\_title {
sub \_hdlr\_entry\_password {
my $e = $\_[0]->stash('entry')
or return $\_[0]->\_no\_entry\_error('MTEntryPassword');
my $password = defined $e->password ? $e->password: '';
$password;
}
<TMPL_VAR NAME=CREATED_ON_FORMATTED ESCAPE=HTML>
</TMPL_IF>
<br />
<label><MT_TRANS phrase="Entry Password"></label><br />
<input name="password" id="password" value="<TMPL_VAR NAME=PASSWORD>" />
<?php
include('<$MTCGIServerPath$>/php/mt.php');
$mt = new MT(<$MTBlogID$>, '<$MTCGIServerPath$>/mt.cfg');
$db = $mt->db(); ?>
<?
$pass = $db->get_var("select entry_password from mt_entry where entry_id = <MTEntryID>");
$cookie = 'mt-postpass_'.md5($pass);
if($pass == "" || isset($_REQUEST[$cookie]) ) { ?>
<? } else { ?>
<form action="<MTBlogURL>mt-password.php" method="post">
<input name="entry_id" value="<MTEntryID>" type="hidden" />
<p>This post is password protected. To view it please enter your password below:</p>
<p><label>Password:</label> <input name="post_password" type="text" size="20" /> <input type="submit" name="Submit" value="Submit" /></p>
</form>
<? } ?>
<MTIfEqual a="[MTEntryPassword]" b=""><$MTEntryBody encode_xml="1"$></MTIfEqual><MTIfNotEqual a="[MTEntryPassword]" b="">This post is password protected.</MTIfNotEqual>
<?php
$entry = $this->stash('entry');
$pass = $entry['entry_password'];
$cookie = 'mt-postpass_'.md5($pass);
if($pass == "" || isset($_REQUEST[$cookie]) ) { ?>
and add this right above the posted section
Alter table mt\_entry add column entry\_password text
$q->param($col) : $obj->$col();
}
if ($type eq 'entry') {
$param{password} = $obj->password;
'basename',
'basename','password',
sub \_hdlr\_entry\_title {
sub \_hdlr\_entry\_password {
my $e = $\_[0]->stash('entry')
or return $\_[0]->\_no\_entry\_error('MTEntryPassword');
my $password = defined $e->password ? $e->password: '';
$password;
}
<TMPL_VAR NAME=CREATED_ON_FORMATTED ESCAPE=HTML>
</TMPL_IF>
<br />
<label><MT_TRANS phrase="Entry Password"></label><br />
<input name="password" id="password" value="<TMPL_VAR NAME=PASSWORD>" />
<?php
include('<$MTCGIServerPath$>/php/mt.php');
$mt = new MT(<$MTBlogID$>, '<$MTCGIServerPath$>/mt.cfg');
$db = $mt->db(); ?>
<?
$pass = $db->get_var("select entry_password from mt_entry where entry_id = <MTEntryID>");
$cookie = 'mt-postpass_'.md5($pass);
if($pass == "" || isset($_REQUEST[$cookie]) ) { ?>
<? } else { ?>
<form action="<MTBlogURL>mt-password.php" method="post">
<input name="entry_id" value="<MTEntryID>" type="hidden" />
<p>This post is password protected. To view it please enter your password below:</p>
<p><label>Password:</label> <input name="post_password" type="text" size="20" /> <input type="submit" name="Submit" value="Submit" /></p>
</form>
<? } ?>
<MTIfEqual a="[MTEntryPassword]" b=""><$MTEntryBody encode_xml="1"$></MTIfEqual><MTIfNotEqual a="[MTEntryPassword]" b="">This post is password protected.</MTIfNotEqual>
<?php
$entry = $this->stash('entry');
$pass = $entry['entry_password'];
$cookie = 'mt-postpass_'.md5($pass);
if($pass == "" || isset($_REQUEST[$cookie]) ) { ?>
<?php } else { ?>
<form action="<MTBlogURL>mt-password.php" method="post">
<input name="entry_id" value="<MTEntryID>" type="hidden" />
<p>This post is password protected. To view it please enter your password below:</p>
<p><label>Password:</label><input name="post_password" type="text" size="20" /> <input type="submit" name="Submit" value="Submit" /></p>
</form>
<?php } ?>
The RSS templates are slightly different. Replace the <MTEntryBody> tag with
Alter table mt\_entry add column entry\_password text
$q->param($col) : $obj->$col();
}
if ($type eq 'entry') {
$param{password} = $obj->password;
'basename',
'basename','password',
sub \_hdlr\_entry\_title {
sub \_hdlr\_entry\_password {
my $e = $\_[0]->stash('entry')
or return $\_[0]->\_no\_entry\_error('MTEntryPassword');
my $password = defined $e->password ? $e->password: '';
$password;
}
<TMPL_VAR NAME=CREATED_ON_FORMATTED ESCAPE=HTML>
</TMPL_IF>
<br />
<label><MT_TRANS phrase="Entry Password"></label><br />
<input name="password" id="password" value="<TMPL_VAR NAME=PASSWORD>" />
<?php
include('<$MTCGIServerPath$>/php/mt.php');
$mt = new MT(<$MTBlogID$>, '<$MTCGIServerPath$>/mt.cfg');
$db = $mt->db(); ?>
<?
$pass = $db->get_var("select entry_password from mt_entry where entry_id = <MTEntryID>");
$cookie = 'mt-postpass_'.md5($pass);
if($pass == "" || isset($_REQUEST[$cookie]) ) { ?>
<? } else { ?>
<form action="<MTBlogURL>mt-password.php" method="post">
<input name="entry_id" value="<MTEntryID>" type="hidden" />
<p>This post is password protected. To view it please enter your password below:</p>
<p><label>Password:</label> <input name="post_password" type="text" size="20" /> <input type="submit" name="Submit" value="Submit" /></p>
</form>
<? } ?>
<MTIfEqual a="[MTEntryPassword]" b=""><$MTEntryBody encode_xml="1"$></MTIfEqual><MTIfNotEqual a="[MTEntryPassword]" b="">This post is password protected.</MTIfNotEqual>
<?php
$entry = $this->stash('entry');
$pass = $entry['entry_password'];
$cookie = 'mt-postpass_'.md5($pass);
if($pass == "" || isset($_REQUEST[$cookie]) ) { ?>
<?php } else { ?>
<form action="<MTBlogURL>mt-password.php" method="post">
<input name="entry_id" value="<MTEntryID>" type="hidden" />
<p>This post is password protected. To view it please enter your password below:</p>
<p><label>Password:</label><input name="post_password" type="text" size="20" /> <input type="submit" name="Submit" value="Submit" /></p>
</form>
<?php } ?>
<?php
$entry = $this->stash('entry');
$pass = $entry['entry_password'];
if($pass == "") { ?><$MTEntryBody encode_xml="1"$><?php } else { ?>This post is password protected.
<?php } ?>
And now you're done. To password protect an entry, type in a password into the Entry Password field on the edit/new entry page now, readers will need to enter a password to be able to gain access to the entry.
Thanks to Brad Choate for assistance with the dynamic publishing code
45 Comments
Subscribe to Movalog's Feed
Carla said:
on Jan 29, 2005 11:47 AM | Reply
I'm stuck at the first step. I login to phpMyAdmin section and I'm quite confused at what to do next. Here's what I've done. Clicked MT database and then clicked Query. If this is correct so far, what's next? If not, can you please explain a bit more in detail.
Thanks in advance.
Arvind Satyanarayan said:
on Jan 29, 2005 6:11 PM | Reply
No Carla, when you select your MT database in phpmyadmin, click the SQL tab at the top. Then type the Alter table bit from above and run it. After that proceed with the other steps :)
Carla said:
on Jan 29, 2005 8:08 PM | Reply
Thanks a bunch!
Carla said:
on Jan 30, 2005 12:20 AM | Reply
I'm only using dynamic publishing with my archives files. I can't seem to get it to work. However, I did get it to work on my friends site, and she's using static publishing only.
So, I attempted to use the static instructions you've listed on my index page(s), and the dynamic instructions on my archive pages. It worked so to speak, yet it left the style of my index page looking quite obscure when I created a protected entry.
Any insight you could provide would be greatly appreciated.
apidevlab said:
on Jan 31, 2005 10:51 PM | Reply
Just a quickie but I managed to get this working great and have found it to be one of the most useful hacks I have come accross.
It brings us a step closer to securing indivdual content from within MT (which I would LOVE to see as standard) a few others are playing around with similar ideas...
TKPal and TKPal for MT
Affy said:
on Feb 5, 2005 11:18 AM | Reply
my MT is not running on MySQL. Is there still a way i can do this?
Jenna said:
on Feb 5, 2005 5:24 PM | Reply
Everything works fine with all of my browsers, except Firefox (Mac). In FF when I enter the password, it hangs at mt-password.php (in your example it hangs at test.php). Any ideas on how to correct this?
I should note that it does actually *work* once you go back to the right page. It's just that I don't know how to make it make the jump from mt-password to my index page.
Arvind Satyanarayan said:
on Feb 5, 2005 5:35 PM | Reply
That's odd it works perfectly for me on Firefox. Make sure your mt-password file is exactly as the file above, nothing more (especially spaces at the beginning of the file.
Alternatively, give me a link to the entry page in question, perhaps there's something wrong with your Firefox setup.
jerm said:
on Feb 7, 2005 2:58 AM | Reply
Some of my readers are saying it doesnt work for them. It works for me and I have tried it on a few other computers and it works but they say when they type in the password and click submit the page 'refreshs' but then it just asks to submit the password again.
Arvind Satyanarayan said:
on Feb 8, 2005 7:52 AM | Reply
They need to have cookies enabled for it to work. The method relies on setting a cookie to control whether or not the password is shown. If cookies are off then the post will never show.
jerm said:
on Feb 9, 2005 9:47 AM | Reply
I figured out what was happening. The cookie is coming from www.thejerm.org . Some of my users are using thejerm.org without the "www".
Icyshard said:
on Feb 10, 2005 6:41 AM | Reply
When I try to use this I get the following error:
Parse error: parse error, unexpected '{', expecting ')' in /home/icyshar/publichtml/blog/templatesc/%%45^451^45116A63%%mt%3A94.php on line 6When I go to the file referred to in this error I see:
include('{{MTCGIServerPath}}/php/mt.php'); $mt = new MT({{MTBlogID}}, '{{MTCGIServerPath}}/mt.cfg');$db = $mt->db();
$entry = $POST['entryid']; $query = "select entrypassword from mtentry where entryid = $entry"; $pass = $db->getvar($query); $passsent = $POST['postpassword']; if($passsent == $pass) { setcookie('mt-postpass' . md5($pass), $POST['postpassword'], time() + 86400,'{{MTBlogRelativeURL}}'); } header('Location: ' . $SERVER['HTTP_REFERER']); (With opening and closing php tags...couldn't get this code to display w/o removing them) Any ideas? Thanks...Arvind Satyanarayan said:
on Feb 10, 2005 6:55 AM | Reply
As I mentioned in the tutorial, the mt-password.php file has to be a static template, not a dynamic one.
Icyshard said:
on Feb 10, 2005 7:13 AM | Reply
my mt-password.php is a static file, built from an index template, but the page I tried to password was dynamic.
I noticed in your instructions for dynamic pages that you have it linking to a test.php file, but I figured you meant mt-password.php and changed it accordingly. If this wasn't the proper move, let me know what file test.php should be.
Icyshard said:
on Feb 10, 2005 7:40 AM | Reply
Ack, nevermind! I realized that I had it pointing to the wrong folder! Thanks for responding and for creating a wonderful hack. :)
Arvind Satyanarayan said:
on Feb 10, 2005 7:53 AM | Reply
Thanks for pointing that out, I've changed it :)
Donna said:
on Feb 15, 2005 12:01 PM | Reply
Hi,
First a compliment, then a question =)
This has got to be the most easy and thorough set of instructions I've ever read. Even a dummy like me got this going in less than half an hour! Thanks so much for putting your time into this.
Now, do we add the code to comments boxes to prevent people without the password from seeing the comments? Or does it automatically prevent it. Or are comments just always viewable?
I ask because I see this in the comments templates: MTEntryIfCommentsOpen and I assume this is an entry tag, but I'm not sure.
Thanks, Donna
Iki said:
on Feb 15, 2005 9:11 PM | Reply
I pal of mine just did this hack, and it appears to work fine. Without the password I can't see the entry - but I can still comment on it. Is that normal? The entry is hidden but the comments aren't? Or are there a different set of comments inside the passworded place?
Donna said:
on Feb 16, 2005 3:14 AM | Reply
something you may not know. if you view the page source, you can see some of the password protected post...the syndicated thing, I think.
Is there a work-around for this?
Chris said:
on Feb 24, 2005 6:28 AM | Reply
First of all, thank you for this excellent tidbit of code. It is something that is definitely needed in MT.
As for protecting comments, it's fairly easy to accomplish this ... you can define a temporary variable when you make the initial call in the database:
This will create a variable that will be used above the comments section to disable them from being viewed ... just above <MTComments> field:
This is, of course closed right after the comments section (near the end of the file), as you don't want people to be able to post comments to an entry that they don't even have a right to see... this code would go right below </MTEntryIfAllowComments> :
Hope this gives you an idea of how this will work ...
-c
Donna said:
on Mar 10, 2005 12:02 AM | Reply
I'm not understanding where that first piece of code goes (the one with ?pass)...do I ass a new table to the database? Do I modify the existing table or does it go in one of the files?
Told ya I was a big stupid LOL
Tahnee said:
on Mar 25, 2005 10:31 PM | Reply
I followed all the instructions (at least, I thought I did), went to test it, created a password, but when I viewed the site, I just saw the entry as if it weren't protected. Do you know what I've most likely done wrong? Thanks for your help!
Daphne said:
on Apr 2, 2005 12:22 AM | Reply
Fantastic concept! That said, I've done something wrong and can't get it to work.... Once implemented I receive an error on the page stating:
and the password entry field in viewable on every post. You can see the error in action at http://www.villasantiago.com/blog/index2.php
I know it's a ridiculous questions, but... any idea what I may have done wrong?
Thanks!
miss.sushi said:
on Apr 3, 2005 1:38 AM | Reply
Hi! I've follow all your instruction.
Now, when I try to rebuild my site whether it's because of a new entry or a change in a template, I get this error
Undefined subroutine &MT::Template::Context::initdefaulthandlers called at lib/MT/Template/Context.pm line 64.
How can I fix this?
Ariya said:
on Apr 3, 2005 3:14 PM | Reply
Daphne, it's not your fault. I had the same error in my configuration when I started. Then I discovered that there's a slight error in Arvind's code.
The Original Code Reads as Follows:
$pass = $db->get_var("select entry_password from mt_entry where entr\_id = "); $cookie = 'mt-postpass_'.md5($pass); if($pass == "" || isset($_REQUEST[$cookie])Change the slash in "entr_id" to a "y". It should read entry_id
$pass = $db->get_var("select entry_password from mt_entry where entry_id = "); $cookie = 'mt-postpass_'.md5($pass); if($pass == "" || isset($_REQUEST[$cookie])Once I changed the variable, it worked fine.
Arvind, thanks for the brilliant tutorial. It was one of the clearest, simplest tut's I've read in a long time. Keep up the excellent work!
Arvind Satyanarayan said:
on Apr 3, 2005 3:20 PM | Reply
Thanks for pointing the error out Ariya, I've corrected it.
Ariya said:
on Apr 3, 2005 8:02 PM | Reply
Welcome Arvind. Again, great tutorial. Um, heh, I was going to make a request for two tutorials ...but I think I'll use the form. Thanks :).
GnomeGrrl said:
on Apr 4, 2005 3:11 AM | Reply
Great tutorial Arvind, thank you for sharing.
Would it be possible to get some more info on what Chris posted re protecting the comments as well?
Daphne said:
on Apr 4, 2005 6:25 AM | Reply
Ariya - thanks! I had tried adding the "y" before the "/" but not in place of - seems to work like a charm now.
Arvind - thanks for the wonderful code - I think this opens up a whole new realm of possibility for MT users!
Daphne said:
on Apr 4, 2005 9:20 AM | Reply
Ariya - thanks! I had tried adding the "y" before the "/" but not in place of - seems to work like a charm now.
Arvind - thanks for the wonderful code - I think this opens up a whole new realm of possibility for MT users!
Daphne said:
on Apr 4, 2005 9:27 AM | Reply
GnomeGrrl
As for protecting comments - I moved the lower portion of the script down to below there comments/trackback script area on my main index page (the only one where comments actually show - for me) and it seems to work fine.
I also moved my MTEntryTrackbackData tag down eliminating the bleed there and reconfigured my Search page by removing the Excerpt so that nothing showed there.
Icyshard said:
on Apr 19, 2005 8:52 AM | Reply
Hi Arvind,
Well, I just upgraded to MT v.3.16 and I'm getting that same error as before--only on my static index--it works fine on the dynamic archives. I tried to put all the code back in all the files, and I didn't change my templates any, so those should've been ok.
I'm wondering if maybe too much has changed with the new version for it to work? For instance,where you say to look for this line:
$ctx->register_handler(EntryMore => \&hdlrentry_more);
it now looks like
$ctx->registerhandler(EntryMore => \&hdlrentrymore);
NOTE the lack of a back slash. Therefore when I pasted in your bit of code, I removed the slash from that as well.
Anyway, just thinking that if that bit of code subtly changed, then maybe there needs to be some new type of call from the static pages.
Thanks!
Jeremy said:
on Apr 20, 2005 8:51 AM | Reply
I also tried to implement this in 3.16 but got an error during rebuild about something in the "lib/MT/Template/Context.pm" file.
Arvind Satyanarayan said:
on Apr 20, 2005 8:56 AM | Reply
Could you guys try it now, I fixed the code problem Icyshard pointed out, there shouldn't be a back slash. This hack should still work in 3.16, I don't see it wouldn't, the flaw in my code Icyshard pointed out was due to formatting I had to bypass in MT not a change in how MT worked.
Icyshard said:
on Apr 20, 2005 10:29 AM | Reply
Works now for me, thanks! :)
Jenna said:
on Apr 26, 2005 9:17 PM | Reply
I'm getting the following error: "Can't call method "password" on an undefined value at /home/yourlittlesecret/cgi-local/mt/lib/MT/App/CMS.pm line 857."
Any ideas?
(I'm using 3.15)
Jenna said:
on Apr 26, 2005 9:30 PM | Reply
I'm also getting a blank screen when I put the code at the head of the static page. It's including the mt.php file in the php dir correctly, but it seems to hang at this point:
$mt = new MT(<$MTBlogID$>, '<$MTCGIServerPath$>/mt.cfg'); $db = $mt->db();
Jenna said:
on Apr 26, 2005 9:49 PM | Reply
Ignore the first comment. I went through your instructions a second time and I'm not getting the error anymore. I'm still getting the blank screen though. Hmm...
Kachina Crowe said:
on Apr 30, 2005 11:05 AM | Reply
This is such an odd little thing - I was doing find but I can't for the life of me find the edit_entry.tmpl file. Where should it be?
Donna said:
on May 12, 2005 4:23 AM | Reply
i can't get this protected comments thing to work at all.
Any chance of talking to me like I was 2?
Anarane said:
on May 27, 2005 2:39 PM | Reply
I'm currently using the orangehairedboy script but it doesn't keep the entries secure from RSS feeds. Will this method do so?
Thanks. :D
Arvind Satyanarayan said:
on May 27, 2005 2:45 PM | Reply
Anarane: As I mentioned on the forums topic I would recommend you use MT Protect and if you find it useful, I urge you to donate. With MT Protect you can protect any area of your blog including RSS feeds. Enjoy!
Dave said:
on Jun 21, 2005 10:29 PM | Reply
Is there any way someone could post a example of where to paste the code in to index.html on a static site? I seem to be doing this wrong because I cannot post new Entries. My Main Index Template (Index.html) looks like this. I have highlighted the inserted code.
Now that code lets me rebuild the template fine, yet when I go to post a new entry, I get the error
And i have no Idea why that would be causing errors. AAgggh so much frustration.
Arvind Satyanarayan said:
on Jun 21, 2005 10:38 PM | Reply
Hi Dave
I edited your comment to remove the HTML -- please don't paste the template code like that. As I said on the previous comment you left on my personal blog, this hack is out dated and has been replaced by a plugin called MT Protect
The error you are getting, however, is because you've incorrectly applied the hack to edit_entry.tmpl. I suggest you roll back changes and install the plugin.
serene said:
on Mar 2, 2006 6:53 PM | Reply
I'm using blogspot with template. I'm not too sure how to use it =(