Always use password, setting in img_config.php, fix #78.

REVISION.md

@@ -5,6 +5,7 @@ Revision history
 v0.6.x (latest)
 -------------------------------------
 
+* Always use password, setting in img_config.php, fix #78.
 * Resize gif keeping transparency #81.
 * Now returns statuscode 500 when something fails #55.
 * Three different modes: strict, production, development #44.

webroot/img.php

@@ -8,6 +8,8 @@
  *
  */
 
+$version = "0.7.0 (2015-02-10)";
+
 
 
 /**
@@ -143,6 +145,7 @@ if (is_file($configFile)) {
 * verbose, v - do a verbose dump of what happens
 */
 $verbose = getDefined(array('verbose', 'v'), true, false);
+verbose("img.php version = $version");
 
 
 
@@ -208,12 +211,21 @@ if ($defaultTimezone) {
  * Options decide themself if they require passwords to be used.
  */
 $pwdConfig   = getConfig('password', false);
+$pwdAlways   = getConfig('password_always', false);
 $pwd         = get(array('password', 'pwd'), null);
 
 // Check if passwords match, if configured to use passwords
 $passwordMatch = null;
-if ($pwdConfig && $pwd) {
-    $passwordMatch = ($pwdConfig == $pwd);
+if ($pwdAlways) {
+
+    $passwordMatch = ($pwdConfig === $pwd);
+    if (!$passwordMatch) {
+        errorPage("Password required and does not match or exists.");
+    }
+
+} elseif ($pwdConfig && $pwd) {
+
+    $passwordMatch = ($pwdConfig === $pwd);
 }
 
 verbose("password match = $passwordMatch");

webroot/img_config.php

@@ -52,9 +52,11 @@ return array(
     * and aliasing.
     *
     * Default values.
-    *  password: false // as in do not use password
+    *  password:        false // as in do not use password
+    *  password_always: false // do not always require password,
     */
-    //'password' => false, // "secret-password",
+    //'password'        => false, // "secret-password",
+    //'password_always' => false, // always require password,