Blame | Last modification | View Log | RSS feed
<?php
/*
Copyright (C) 2003-2004 MJG/04-Inconceivable.org
See file LICENSE for licensing details.
See file VERSION for versioning/author/source details
See file CHANGELOG for changes from version to version
*/
// Include configuration data
include("../global_config.inc.php");
// Before requiring authentication, let's check their cookie,
// they may already be auth'd and we can go immediately to the admin
// Authenticate via cookie that may already be set
if ( isset($_COOKIE['mcal_adm_auth']) )
{
// Authenticate via the set cookie from index.php
if ( md5($CONF['adm_user'] . $CONF['adm_pass']) == $_COOKIE['mcal_adm_auth'] )
{
header("Location: admin.php?year=" . $FORM['year'] . "&month=" . $FORM['month'] . "&today=" . $FORM['today'] . "\n\n");
exit(1);
}
}
// Authenticate user if 'go' is 'auth'
if ( isset($FORM['go']) && $FORM['go'] == "auth" )
{
if ( $FORM['user'] == $CONF['adm_user'] && $FORM['pass'] == $CONF['adm_pass'] )
{
// Set authed status
$CONF['adm_authed'] = 1;
// Set cookie with encrypted username and password
setcookie("mcal_adm_auth", md5($FORM['user'] . $FORM['pass']), time()+$CONF['adm_authed_timeout']);
// Redirect to admin section
header("Location: " . $CONF['url_base'] . "/" . $CONF['url_admin'] . "/admin.php?year=" . $FORM['year'] . "&month=" . $FORM['month'] . "&today=" . $FORM['today'] . "\n\n");
}
else
{
// Kill their cookie just for fun
setcookie("mcal_adm_auth", "", time()-1);
}
}
?>
<html>
<head>
<title>Schedule Administration Authentication || MCal</title>
<meta http-equiv="content-type" content="text/html;charset=iso-8859-1">
<style type="text/css">
<?php include($CONF['path_include'] . "/styles.css"); ?>
</style>
<script languaegt="javascript" type="text/javascript">
<!--
function onLoad( D )
{
D.frmLoginAdmin.user.focus();
}
-->
</script>
</head>
<body bgcolor="#ffffff" onload="onLoad(document);">
<!-- TABLE: centering -->
<table width="100%" height="100%" align="center">
<tr>
<td width="100%" height="100%" align="center" valign="middle">
<!-- TABLE: body-border -->
<table align="center" cellspacing="0" cellpadding="1" bgcolor="#000000">
<tr>
<td width="100%" height="100%" align="center" valign="middle">
<!-- TABLE: border -->
<form method="post" action="" name="frmLoginAdmin">
<input type="hidden" name="go" value="auth">
<input type="hidden" name="year" value="<?php echo $FORM['year'] ?>">
<input type="hidden" name="month" value="<?php echo $FORM['month'] ?>">
<input type="hidden" name="today" value="<?php echo $FORM['today'] ?>">
<table width="100%" height="100%" align="center" cellspacing="0" bgcolor="#FFFFFF">
<tr>
<td width="100%" align="center" colspan="2" bgcolor="#99CCFF" nowrap="nowrap" class="adm_auth"> <b>Schedule Administration Authentication</b> </td>
</tr>
<?php
// If 'go' is 'auth' and failed to auth, print error
if ( isset($FORM['go']) && $FORM['go'] == "auth" && $CONF['adm_authed'] == 0 )
{
echo "<tr>\n";
echo "<td width='100%' align='center' colspan='2' class='small'><b>User or password incorrect.</td>\n";
echo "</tr>\n";
}
?>
<tr>
<td width="50%" align="right" class="normal"><b>User</b></td>
<td width="50%"><input type="text" name="user" size="20" ></td>
</tr>
<tr>
<td width="50%" align="right" class="normal"><b>Password</b></td>
<td width="50%"><input type="password" name="pass" size="20"></td>
</tr>
<tr>
<td width="100%" align="center" colspan="2" bgcolor="#99CCFF"><input type="submit" name="submit" value="Continue" size="20" style="width:150px;"></td>
</tr>
</table>
</form>
<!-- TABLE: border -->
</td>
</tr>
</table>
<!-- TABLE: body-border -->
<?php
echo "<br /><center>";
echo "<a href='http://www.inconceivable.org/projects/mcal'><font size='-2'>Powered by MCal " . $CONF['__version'] . "</font></a>";
echo '<br />';
echo '<a href="../appt.php?year=' . $FORM['year'] . '&month=' . $FORM['month'] . '&today=' . $FORM['today'] . '" style="font-size:10px;">MAIN</a>';
echo "</center>";
?>
</td>
</tr>
</table>
<!-- TABLE: centering -->
</body>
</html>