From 889dba1ddbe231bd51e1471f9724302876ce624a Mon Sep 17 00:00:00 2001
From: Mikael Roos <mikael.t.h.roos@gmail.com>
Date: Tue, 10 Feb 2015 22:41:24 +0100
Subject: [PATCH] Always use password, setting in img_config.php, fix #78.

---
 REVISION.md            |  1 +
 webroot/img.php        | 16 ++++++++++++++--
 webroot/img_config.php |  6 ++++--
 3 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/REVISION.md b/REVISION.md
index d64a6c7..0dc8dbc 100644
--- a/REVISION.md
+++ b/REVISION.md
@@ -5,6 +5,7 @@ Revision history
 v0.6.x (latest)
 -------------------------------------
 
+* Always use password, setting in img_config.php, fix #78.
 * Resize gif keeping transparency #81.
 * Now returns statuscode 500 when something fails #55.
 * Three different modes: strict, production, development #44.
diff --git a/webroot/img.php b/webroot/img.php
index b7dbf17..88db2b6 100644
--- a/webroot/img.php
+++ b/webroot/img.php
@@ -8,6 +8,8 @@
  *
  */
 
+$version = "0.7.0 (2015-02-10)";
+
 
 
 /**
@@ -143,6 +145,7 @@ if (is_file($configFile)) {
 * verbose, v - do a verbose dump of what happens
 */
 $verbose = getDefined(array('verbose', 'v'), true, false);
+verbose("img.php version = $version");
 
 
 
@@ -208,12 +211,21 @@ if ($defaultTimezone) {
  * Options decide themself if they require passwords to be used.
  */
 $pwdConfig   = getConfig('password', false);
+$pwdAlways   = getConfig('password_always', false);
 $pwd         = get(array('password', 'pwd'), null);
 
 // Check if passwords match, if configured to use passwords
 $passwordMatch = null;
-if ($pwdConfig && $pwd) {
-    $passwordMatch = ($pwdConfig == $pwd);
+if ($pwdAlways) {
+
+    $passwordMatch = ($pwdConfig === $pwd);
+    if (!$passwordMatch) {
+        errorPage("Password required and does not match or exists.");
+    }
+
+} elseif ($pwdConfig && $pwd) {
+
+    $passwordMatch = ($pwdConfig === $pwd);
 }
 
 verbose("password match = $passwordMatch");
diff --git a/webroot/img_config.php b/webroot/img_config.php
index 43e18d3..9d08438 100644
--- a/webroot/img_config.php
+++ b/webroot/img_config.php
@@ -52,9 +52,11 @@ return array(
     * and aliasing.
     *
     * Default values.
-    *  password: false // as in do not use password
+    *  password:        false // as in do not use password
+    *  password_always: false // do not always require password,
     */
-    //'password' => false, // "secret-password",
+    //'password'        => false, // "secret-password",
+    //'password_always' => false, // always require password,