It's a sensible approach and nicely displayed, but you know it's hardly the first time the world has seen such a password = folder name script! In reality I wouldn't know a toronto folder was there, but I just guessed http://phpcrazysite.com/clients/toronto/ and bypassed it. As it's working server side, maybe add some form variables and check for those, or add some other way of transforming the password (eg a prefix/suffix such as pfxtoronto6) which would keep it reasonably simple while more secure.
John
Thanks John. I have been coding for 25 years and know that there is a ton of stuff out there that does similar work. Nothing on earth is NEW. I have designed this code with my mentality and approach from a photography perspective using methods and code snippets that I have built in my scrips for many years now. If anyone wants more security there are many more complex database driven shopping carts available. I and many others like me, are not interested in this approach for what we need.
There is really no heavy security need other than a simple password entry page that uses the folder names (which don't have to be toronto - but can be any letter combination desired) for the type of proofing I and anyone using this package, do. I only threw up "toronto" for the demo because I already had it together as a sample - - - there is a "
81R23P" named folder in there also. It is up to the user to make their folder names unique if they want a little more complexity to the security.
In most cases though, it really doesn't matter if someone spends the time figuring out the name of the folders and is able to see the pictures from a portrait or portrait session (which most won't) - - - if it is a concern, find a complex database driven solution. This package is to give a professional looking password protected entry into the self contained galleries - instead of having to maintain a webpage of links that need to be designed and then changed every time a gallery is uploaded or deleted, and then to have the ugly browser Password dialogue box pop up for entry into the password protected folder. Simply - it does that - - - and at a security level that will be satisfactory for many photographers.