| 4 |
andreas |
1 |
<?php
|
|
|
2 |
/*
|
|
|
3 |
Copyright (C) 2003-2004 MJG/04-Inconceivable.org
|
|
|
4 |
See file LICENSE for licensing details.
|
|
|
5 |
See file VERSION for versioning/author/source details
|
|
|
6 |
See file CHANGELOG for changes from version to version
|
|
|
7 |
*/
|
|
|
8 |
|
|
|
9 |
// Include configuration data
|
|
|
10 |
include("../global_config.inc.php");
|
|
|
11 |
|
|
|
12 |
// Before requiring authentication, let's check their cookie,
|
|
|
13 |
// they may already be auth'd and we can go immediately to the admin
|
|
|
14 |
// Authenticate via cookie that may already be set
|
|
|
15 |
if ( isset($_COOKIE['mcal_adm_auth']) )
|
|
|
16 |
{
|
|
|
17 |
// Authenticate via the set cookie from index.php
|
|
|
18 |
if ( md5($CONF['adm_user'] . $CONF['adm_pass']) == $_COOKIE['mcal_adm_auth'] )
|
|
|
19 |
{
|
|
|
20 |
header("Location: admin.php?year=" . $FORM['year'] . "&month=" . $FORM['month'] . "&today=" . $FORM['today'] . "\n\n");
|
|
|
21 |
exit(1);
|
|
|
22 |
}
|
|
|
23 |
}
|
|
|
24 |
// Authenticate user if 'go' is 'auth'
|
|
|
25 |
if ( isset($FORM['go']) && $FORM['go'] == "auth" )
|
|
|
26 |
{
|
|
|
27 |
if ( $FORM['user'] == $CONF['adm_user'] && $FORM['pass'] == $CONF['adm_pass'] )
|
|
|
28 |
{
|
|
|
29 |
// Set authed status
|
|
|
30 |
$CONF['adm_authed'] = 1;
|
|
|
31 |
// Set cookie with encrypted username and password
|
|
|
32 |
setcookie("mcal_adm_auth", md5($FORM['user'] . $FORM['pass']), time()+$CONF['adm_authed_timeout']);
|
|
|
33 |
// Redirect to admin section
|
|
|
34 |
header("Location: " . $CONF['url_base'] . "/" . $CONF['url_admin'] . "/admin.php?year=" . $FORM['year'] . "&month=" . $FORM['month'] . "&today=" . $FORM['today'] . "\n\n");
|
|
|
35 |
}
|
|
|
36 |
else
|
|
|
37 |
{
|
|
|
38 |
// Kill their cookie just for fun
|
|
|
39 |
setcookie("mcal_adm_auth", "", time()-1);
|
|
|
40 |
}
|
|
|
41 |
}
|
|
|
42 |
?>
|
|
|
43 |
<html>
|
|
|
44 |
<head>
|
|
|
45 |
<title>Schedule Administration Authentication || MCal</title>
|
|
|
46 |
<meta http-equiv="content-type" content="text/html;charset=iso-8859-1">
|
|
|
47 |
<style type="text/css">
|
|
|
48 |
<?php include($CONF['path_include'] . "/styles.css"); ?>
|
|
|
49 |
</style>
|
|
|
50 |
<script languaegt="javascript" type="text/javascript">
|
|
|
51 |
<!--
|
|
|
52 |
function onLoad( D )
|
|
|
53 |
{
|
|
|
54 |
D.frmLoginAdmin.user.focus();
|
|
|
55 |
}
|
|
|
56 |
-->
|
|
|
57 |
</script>
|
|
|
58 |
</head>
|
|
|
59 |
<body bgcolor="#ffffff" onload="onLoad(document);">
|
|
|
60 |
|
|
|
61 |
<!-- TABLE: centering -->
|
|
|
62 |
<table width="100%" height="100%" align="center">
|
|
|
63 |
<tr>
|
|
|
64 |
<td width="100%" height="100%" align="center" valign="middle">
|
|
|
65 |
|
|
|
66 |
<!-- TABLE: body-border -->
|
|
|
67 |
<table align="center" cellspacing="0" cellpadding="1" bgcolor="#000000">
|
|
|
68 |
<tr>
|
|
|
69 |
<td width="100%" height="100%" align="center" valign="middle">
|
|
|
70 |
|
|
|
71 |
<!-- TABLE: border -->
|
|
|
72 |
<form method="post" action="" name="frmLoginAdmin">
|
|
|
73 |
<input type="hidden" name="go" value="auth">
|
|
|
74 |
<input type="hidden" name="year" value="<?php echo $FORM['year'] ?>">
|
|
|
75 |
<input type="hidden" name="month" value="<?php echo $FORM['month'] ?>">
|
|
|
76 |
<input type="hidden" name="today" value="<?php echo $FORM['today'] ?>">
|
|
|
77 |
<table width="100%" height="100%" align="center" cellspacing="0" bgcolor="#FFFFFF">
|
|
|
78 |
<tr>
|
|
|
79 |
<td width="100%" align="center" colspan="2" bgcolor="#99CCFF" nowrap="nowrap" class="adm_auth"> <b>Schedule Administration Authentication</b> </td>
|
|
|
80 |
</tr>
|
|
|
81 |
<?php
|
|
|
82 |
// If 'go' is 'auth' and failed to auth, print error
|
|
|
83 |
if ( isset($FORM['go']) && $FORM['go'] == "auth" && $CONF['adm_authed'] == 0 )
|
|
|
84 |
{
|
|
|
85 |
echo "<tr>\n";
|
|
|
86 |
echo "<td width='100%' align='center' colspan='2' class='small'><b>User or password incorrect.</td>\n";
|
|
|
87 |
echo "</tr>\n";
|
|
|
88 |
}
|
|
|
89 |
?>
|
|
|
90 |
<tr>
|
|
|
91 |
<td width="50%" align="right" class="normal"><b>User</b></td>
|
|
|
92 |
<td width="50%"><input type="text" name="user" size="20" ></td>
|
|
|
93 |
</tr>
|
|
|
94 |
<tr>
|
|
|
95 |
<td width="50%" align="right" class="normal"><b>Password</b></td>
|
|
|
96 |
<td width="50%"><input type="password" name="pass" size="20"></td>
|
|
|
97 |
</tr>
|
|
|
98 |
<tr>
|
|
|
99 |
<td width="100%" align="center" colspan="2" bgcolor="#99CCFF"><input type="submit" name="submit" value="Continue" size="20" style="width:150px;"></td>
|
|
|
100 |
</tr>
|
|
|
101 |
</table>
|
|
|
102 |
</form>
|
|
|
103 |
<!-- TABLE: border -->
|
|
|
104 |
|
|
|
105 |
</td>
|
|
|
106 |
</tr>
|
|
|
107 |
</table>
|
|
|
108 |
<!-- TABLE: body-border -->
|
|
|
109 |
|
|
|
110 |
<?php
|
|
|
111 |
echo "<br /><center>";
|
|
|
112 |
echo "<a href='http://www.inconceivable.org/projects/mcal'><font size='-2'>Powered by MCal " . $CONF['__version'] . "</font></a>";
|
|
|
113 |
echo '<br />';
|
|
|
114 |
echo '<a href="../appt.php?year=' . $FORM['year'] . '&month=' . $FORM['month'] . '&today=' . $FORM['today'] . '" style="font-size:10px;">MAIN</a>';
|
|
|
115 |
echo "</center>";
|
|
|
116 |
?>
|
|
|
117 |
|
|
|
118 |
|
|
|
119 |
</td>
|
|
|
120 |
</tr>
|
|
|
121 |
</table>
|
|
|
122 |
<!-- TABLE: centering -->
|
|
|
123 |
|
|
|
124 |
</body>
|
|
|
125 |
</html>
|