Coppermine Photo Gallery v1.5.x: Documentation and Manual

Table of Contents


In this documentation, the term "user" is used for visitors of your gallery who have registered an account and have logged in. The term "visitor" is used for all who access your gallery, both registered users as well as unregistered guests. Registration features (if visitors are allowed to register in the first place and how registration will work) can be configured in the corresponding section of the config panel. Coppermine comes with a user management of it's own that allows you to control what group your users are in (group membership controls permissions) unless you disable the built-in user management in favor of bridging Coppermine with another app. If you enable bridging, the bridging application will take over and control your users instead of Coppermine.

The user control panel

The user control panel can be found when clicking "users" from the admin menu. It is the place where you create and manage your users.

If you have enabled integration (bridging) Coppermine with another application (e.g. your favorite BBS app), Coppermine will use the member table of the application you bridged with (your BBS), so the built-in Coppermine user management will be disabled in favor of the user management that comes with the bridged application. This has been incorporated to eliminate redundancy and facilitate a seemless integration.
As a result, you will not have this user control panel; clicking the "users" link will send you to your bridge application's user management instead.

Page controls

Searching for user(s)

You can use the wildcards: * (for any string) and ? (any single character) or even %expression%.
Example: searching for j* will return both Jack and Jill

Creating new users

To create a new user, simply click on the button "Create new user" at the bottom of the user manager and fill in the form that will come up.

This does of course not apply if you have bridging enabled, as user management is being handled by the app you have bridged coppermine with. In this case, the user management screen of your bridged app should show - create a new user there.

Editing users

To edit the properties of a user, click the -button next to the user name. You will then find a page where you can modify all user profile fields the user has. This includes the option to change the password of that user. If you don't want to change a user's password, leave the password field blank.
The dropdown list determines the primary group the user is in, the checkboxes beneath it determine the secondary groups.

Please note that this screen (as well as the rest of Coppermine's user management) will not be available if you have enabled bridging, because then the user management of the application you have bridged with (e.g. your BBS) kicks in and handles everything related to user management.

Album permissions by group

The link "Album permissions by group" will let you display what albums are assigned exclusively to members of a particular group. To make this absolutely clear: this feature does not allow you to actually assign albums to groups, it just displays those assignements. To actually assign albums to particular groups, use the album properties dialog of individual albums.

Group membership

When creating a new user or editing an existing user, you will notice a row named "User group" - it determines what group(s) the user is in.
The first field (a dropdown field) determines the primary user group. It determines the status of a user. You should set it to "Administrator" (for users you want to assign admins powers to) or "Registered".
Additional (secondary) group membership can be assigned using the checkboxes beneath the dropdown field. Here, all your custom groups (that you can create and manage using the group control panel) should show as well as the core groups (the ones that come with coppermine out of the box and can't be deleted). Assign additional group membership to your users here. Privileges for a particular user inherited from group membership are added: the least restrictive permissions are taken into account.

If you want your registered users to be capable of viewing the gallery only, and only privileged users of your custom user group "photographers" are allowed to actually upload files, make all your users members of the built-in group "registered" (by default, they already are). Only for user you want to give the privilege to upload, tick the check box "photographers" as secondary group. Then go to your groups control panel and disallow uploads for the registered group there, but allow uploads for the custom group "photographers".

Note: the button "album permission by group" beneath the checkboxes is not meant to assign album permissions, but only to check the permissions set. You can only assign particular album permissions on the album properties screen.

Lost passwords

There are many passwords that you have to memorize, and there are many issues that are related to password issues. Not all of them are related to Coppermine though, so they will be discussed in brevity here. If you need to figure out details on password issues that are not related to Coppermine in itself, it's a good idea to use a search engine and/or your webhost for support.

Coppermine user account password

There is no difference in this aspect between an admin and a non-admin user account: they both work the same way: you have to log in providing a user name (or an email address if you enabled the corresponding option in Coppermine's config) and a password. If this authentification has been successfull, i.e. if Coppermine "knows" you, Coppermine will determine if your user account belongs to the admin group or not. Based on this group membership you will have different privileges.
There is however a basic difference between Coppermine running in standalone mode (out of the box it runs in standalone mode) and Coppermine being bridged with another application:

Coppermine in standalone mode

The database table that Coppermine users are being stored in does not contain the actual user's password in plain text, but only an MD5-encrypted password hash. Think of such a hash as a checksum: in fact it's the result of a calculation: when the password is being entered on Coppermine's login screen into the form there, the browser sends the password the visitor has entered to the server. The server then calculates the hash that results out of the password the visitor has entered and finally compares the hash stored inside the database table against the has that was just calculated. If those hash values match, the password is considered to be correct and the user is authentificated, i.e. a cookie is being stored on the visitor's computer that basically says "the user with the user name XYZ has successfully authentificated". Again, no password is being stored anywhere.
With this being said it should be obvious that you can't look the password up anywhere, simply because it isn't actually stored anywhere.
But then, we're all human, so it might happen that you (as someone who runs a Coppermine gallery) or your users forget your password for whatever reason. That's why there is a mechanism to make sure you can log in again. Sadly, you can not just send a password reminder inside an email to the user, simply because the server is not aware of the password. That's why there is a link on Coppermine's login screen that is named "I forgot my password". If a visitor clicks on it, he/she will be sent to a password reminder screen where he/she can enter his/her email address. But wait a minute! Haven't you just said that the server doesn't know the password and therefore it can't send it by email? And yes, that's true. Actually, it's a three-step process: the visitor can enter his/her email address. If a user with that email address exists in Coppermine's user table, an email is being sent to that address that basically contains a link that the recipient of the email needs to click on to verify that he actually has forgotten his/her password and wants to request a new one. This is meant as a pre-caution against vandalism to make sure nobody get's locked out because someone else requested a new password for him. The link inside the email contains a token that can not be guessed or made up: it's unique. Only if that link is actually clicked the password reminder is triggered. The server then assigns a new random password for the account that corresponds to the email address and sends that new password in another email. With that new password inisde that second email the user can log in again.
This is a very elegant and fool-proof process once it is set up properly, but there are of course some things that can go wrong as well: If this is the case for you, i.e. if you have forgotten Coppermine's admin account and you can't use the "forgot password" feature for whatever reason, here are some things to do:

Coppermine bridged

When Coppermine is bridged, the user management of the other application that it's bridged with "takes over", so if a visitor clicks on the login link within Coppermine he is being redirected to your bridging app's login screen. After a successfull login there, he/she might be sent back to your Coppermine-driven gallery (if your bridging app supports redirection after logging in). Coppermine is only "aware" that the user has been authentificated in your bridging app; Coppermine is not aware of the user's password. Subsequently, you can't use Coppermine mechanisms to retrieve lost user account passwords when you're bridged. If your bridging app provides mechanisms to recover from password-loss, then use those mechanisms.

mySQL account password

If you (or your webhost) have changed your mySQL account details (e.g. if you have assigned a new password to your mySQL account) you can reflect your changes in Coppermine by editing the file include/
Please keep in mind that you can only reflect your mySQL database account changes in that file. Coppermine can not actually change the password of your mySQL account itself. If you want to do that (i.e. change your mySQL admin account password), use whatever mechanism your webhost is providing to accomplish this or ask your webhost to change it for you.