--- tmp/httpauth/httpauth.module	2007-02-25 07:40:05.000000000 -0500
+++ httpauth/httpauth.module	2008-01-15 13:36:42.000000000 -0500
@@ -73,8 +73,32 @@ function httpauth_callback() {
 function httpauth_settings() {
   $form['httpauth_status'] = array('#type' => 'checkbox', '#title' => t('Enable HTTP authentication.'), '#default_value' => variable_get('httpauth_status', FALSE));
   
-  $form['httpauth_pages'] = array('#type' => 'textarea', '#title' => t('Promote HTTP authentication on pages'), '#default_value' => variable_get('httpauth_pages', ''), '#description' => t('On which pages to promote HTTP authentication, if an anonymous user stumbles upon an access denied page. Enter one page per line as a Drupal path. The * character is a wildcard.'));
-  
+  $form['httpauth_promote'] = 
+    array('#type' => 'fieldset',
+	  '#title' => t('Promote HTTP Authentication'),
+	  '#collapsible' => true,
+	  '#collapsed' => false);
+
+  $form['httpauth_promote']['httpauth_pages'] = 
+    array('#type' => 'textarea', 
+	  '#title' => t('On the following pages'), 
+	  '#default_value' => variable_get('httpauth_pages', ''), 
+	  '#description' => t('On which pages to promote HTTP authentication, if an anonymous user stumbles upon an access denied page. Enter one page per line as a Drupal path. The * character is a wildcard.'));
+  
+  $form['httpauth_promote']['httpauth_force_ips'] = 
+    array('#type' => 'textarea',
+	  '#title' => t('For the following IPs'),
+	  '#default_value' => variable_get('httpauth_force_ips', ''),
+	  '#description' => t('For which IPs HTTP authentication should always be promoted, regardless of page. Enter one full IP address per line. (No wildcards.)'),
+	  );
+
+  $form['httpauth_promote']['httpauth_code'] = 
+    array('#type' => 'textarea',
+	  '#title' => t('When the following PHP code returns true'),
+	  '#default_value' => variable_get('httpauth_code', ''),
+	  '#description' => t('Always promote HTTP authentication when this code returns true.'),
+	  );
+
   $form = system_settings_form($form);
   $form['#submit'] = array($form['#base'] .'_submit' => array(), 'httpauth_settings_form_submit' => array());
   
@@ -103,6 +127,10 @@ function httpauth_init() {
   if (!variable_get('httpauth_status', FALSE)) {
     return;
   }
+
+  // Retrieve list of always-authenticate IPs and PHP code
+  $ips =  variable_get('httpauth_force_ips', false);
+  $code = variable_get('httpauth_code', false);
   
   // Have credentials been provided?
   if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
@@ -147,11 +175,41 @@ function httpauth_init() {
       exit;
     }
   }
+
   // Force authentication when requested to do so.
   else if (isset($_GET['authenticate'])) {    
     httpauth_unauthorized();
     exit;
+  }  
+
+  // Force authentication for certain IPs
+  else {
+    if($ips) {
+      
+      $ips = explode("\n", $ips);
+      
+      foreach($ips as $ip) {
+	if($_SERVER['REMOTE_ADDR'] == trim($ip)) {
+
+	  httpauth_unauthorized();
+	  exit;
+	}
+      }
+      
+    }
+
+    // Allow random PHP code evaluation
+    if($code) {
+    
+      $func = create_function('', $code);
+      if($func()) {
+	httpauth_unauthorized();
+	exit;
+      }
+      
+    }
   }
+
 }
 
 /**