Moved admin into it's own folder for http authentication.

2 files changed, 8 insertions, 149 deletions

diff --git a/admin.php b/admin.php
deleted file mode 100644
index 48726f5..0000000
--- a/admin.php
+++ /dev/null
@@ -1,141 +0,0 @@
-<?php
-define('BASE', './');
-require_once(BASE.'functions/admin_functions.php');
-require_once(BASE.'functions/ical_parser.php');
-require_once(BASE.'functions/template.php');
-header("Content-Type: text/html; charset=$charset");
-
-// Redirect if administration is not allowed
-if ($allow_admin != "yes") {
-	header("Location: index.php");
-	die();
-}
-
-// Load variables from forms and query strings into local scope
-if($_POST) 	{extract($_POST, EXTR_PREFIX_SAME, "post_");}
-if($_GET)  	{extract($_GET, EXTR_PREFIX_SAME, "get_");}
-
-// Logout by clearing session variables
-if ((isset($_GET['action'])) && ($_GET['action'] == 'logout')) {
-	$_SESSION['phpical_loggedin'] = FALSE;
-	unset($_SESSION['phpical_username']);
-	unset($_SESSION['phpical_password']);
-}
-
-
-// if $auth_method == 'none', don't do any authentication
-$username = $_POST['username'];
-$password = $_POST['password'];
-
-if ($auth_method == 'none') {
-	$is_loged_in = TRUE;
-} else {
-	$is_loged_in = FALSE;
-	
-	if (is_loggedin()) {
-		$is_loged_in = TRUE;
-	}
-	
-	if (isset($username) && $_GET['action'] != 'logout') {
-		$is_loged_in = login ($username, $password);
-	}
-}
-
-$login_good = ($is_loged_in) ? '' : 'oops';
-$login_bad	= ((!$is_loged_in) && ($_GET['action'] == 'login')) ? 'oops' : '';
-
-// Delete a calendar
-// Not at all secure - need to strip out path info if used by users besides admin in the future
-$delete_msg = '';
-if ($_POST['action'] == 'delete') {
-	foreach ($delete_calendar as $filename) {
-		if (!delete_cal(urldecode($filename))) {
-			$delete_msg = $delete_msg . '<font color="red">' . $lang['l_delete_error'] . ' ' . urldecode(substr($filename,0,-4)) . '</font><br />';
-		} else {
-			$delete_msg = $delete_msg . '<font color="green">' . urldecode(substr($filename,0,-4)) . ' ' . $lang['l_delete_success'] . '</font><br />';
-		}
-	}
-}
-
-// Add or Update a calendar
-$addupdate_msg 	= '';
-if ((isset($_POST['action']))  && ($_POST['action'] == 'addupdate')) {
-	for ($filenumber = 1; $filenumber < 6; $filenumber++) {
-		$file = $HTTP_POST_FILES['calfile'];
-		$addupdate_success = FALSE;
-
-		if (!is_uploaded_file_v4($file['tmp_name'][$filenumber])) {
-			$upload_error = get_upload_error($file['error'][$filenumber]);
-		} elseif (!is_uploaded_ics($file['name'][$filenumber])) {
-			$upload_error = $upload_error_type_lang;
-		} elseif (!copy_cal($file['tmp_name'][$filenumber], $file['name'][$filenumber])) {
-			$upload_error = $copy_error_lang . " " . $file['tmp_name'][$filenumber] . " - " . $calendar_path . "/" . $file['name'][$filenumber];
-		} else {
-			$addupdate_success = TRUE;
-		}
-		
-		if ($addupdate_success == TRUE) {
-			$addupdate_msg = $addupdate_msg . '<font color="green">'.$lang['l_cal_file'].' #'.$filenumber.': '.$lang['l_action_success'].'</font><br />';
-		} else {
-			$addupdate_msg = $addupdate_msg . '<font color="red">'.$lang['l_cal_file'].' #'.$filenumber.': '.$lang['l_upload_error'].'</font><br />';
-		}
-	}
-}
-
-$calendar_name = $lang['l_admin_header'];
-
-$page = new Page(BASE.'templates/'.$template.'/admin.tpl');
-
-$page->replace_files(array(
-	'header'			=> BASE.'templates/'.$template.'/header.tpl',
-	'footer'			=> BASE.'templates/'.$template.'/footer.tpl'
-	));
-
-$page->replace_tags(array(
-	'event_js'			=> '',
-	'charset'			=> $charset,
-	'default_path'		=> '',
-	'template'			=> $template,
-	'cal'				=> $cal,
-	'getdate'			=> $getdate,
-	'calendar_name'		=> $calendar_name,
-	'display_date'		=> $display_date,
-	'current_view'		=> $current_view,
-	'sidebar_date'		=> $sidebar_date,
-	'rss_powered'	 	=> $rss_powered,
-	'rss_available' 	=> '',
-	'rss_valid' 		=> '',
-	'show_search' 		=> '',
-	'login_error'		=> $login_bad,
-	'display_login'		=> $login_good,
-	'delete_msg'		=> $delete_msg,
-	'addupdate_msg'	=> $addupdate_msg,
-	'l_day'				=> $lang['l_day'],
-	'l_week'			=> $lang['l_week'],
-	'l_month'			=> $lang['l_month'],
-	'l_year'			=> $lang['l_year'],
-	'l_admin_header'	=> $lang['l_admin_header'],
-	'l_admin_subhead'	=> $lang['l_admin_subhead'],
-	'l_invalid_login'	=> $lang['l_invalid_login'],
-	'l_username'		=> $lang['l_username'],
-	'l_password'		=> $lang['l_password'],
-	'l_cal_file'		=> $lang['l_cal_file'],
-	'l_delete_cal'		=> $lang['l_delete_cal'],
-	'l_delete'			=> $lang['l_delete'],
-	'l_logout'			=> $lang['l_logout'],
-	'l_login'			=> $lang['l_login'],
-	'l_submit'			=> $lang['l_submit'],
-	'l_addupdate_cal'	=> $lang['l_addupdate_cal'],
-	'l_addupdate_desc'	=> $lang['l_addupdate_desc'],
-	'l_powered_by'		=> $lang['l_powered_by'],
-	'l_this_site_is'	=> $lang['l_this_site_is']			
-	));
-
-$page->draw_admin();
-$page->output();
-
-?>
-
-
-
-
diff --git a/templates/default/admin.tpl b/templates/default/admin.tpl
index 2bf9b61..1a70f35 100644
--- a/templates/default/admin.tpl
+++ b/templates/default/admin.tpl
@@ -10,10 +10,10 @@
 						<div style="padding-top: 3px;">
 						<table width="120" border="0" cellpadding="0" cellspacing="0">
 							<tr valign="top">
-								<td><a class="psf" href="day.php?cal={CAL}&amp;getdate={GETDATE}"><img src="templates/{TEMPLATE}/images/day_on.gif" alt="{L_DAY}" border="0" /></a></td>
-								<td><a class="psf" href="week.php?cal={CAL}&amp;getdate={GETDATE}"><img src="templates/{TEMPLATE}/images/week_on.gif" alt="{L_WEEK}" border="0" /></a></td>
-								<td><a class="psf" href="month.php?cal={CAL}&amp;getdate={GETDATE}"><img src="templates/{TEMPLATE}/images/month_on.gif" alt="{L_MONTH}" border="0" /></a></td>
-								<td><a class="psf" href="year.php?cal={CAL}&amp;getdate={GETDATE}"><img src="templates/{TEMPLATE}/images/year_on.gif" alt="{L_YEAR}" border="0" /></a></td>
+								<td><a class="psf" href="day.php?cal={CAL}&amp;getdate={GETDATE}"><img src="../templates/{TEMPLATE}/images/day_on.gif" alt="{L_DAY}" border="0" /></a></td>
+								<td><a class="psf" href="week.php?cal={CAL}&amp;getdate={GETDATE}"><img src="../templates/{TEMPLATE}/images/week_on.gif" alt="{L_WEEK}" border="0" /></a></td>
+								<td><a class="psf" href="month.php?cal={CAL}&amp;getdate={GETDATE}"><img src="../templates/{TEMPLATE}/images/month_on.gif" alt="{L_MONTH}" border="0" /></a></td>
+								<td><a class="psf" href="year.php?cal={CAL}&amp;getdate={GETDATE}"><img src="../templates/{TEMPLATE}/images/year_on.gif" alt="{L_YEAR}" border="0" /></a></td>
 							</tr>
 						</table>
 						</div>
@@ -28,7 +28,7 @@
 	<tr>
 		<td align="right">
 			<!-- switch logged_in2 on -->
-			<a href="admin.php?action=logout">{L_LOGOUT}</a>&nbsp;
+			<a href="index.php?action=logout">{L_LOGOUT}</a>&nbsp;
 			<!-- switch logged_in2 off -->
 		</td>
 	</tr>
@@ -43,7 +43,7 @@
 						<!-- switch login_error off -->
 	
 						<!-- switch display_login on -->
-						<form action="admin.php?action=login" method="post">
+						<form action="index.php?action=login" method="post">
 							<table cellspacing="0" cellpadding="0">
 								<tr>
 									<td nowrap>{L_USERNAME}: </td>
@@ -70,7 +70,7 @@
 						<!-- switch logged_in on -->
 						<b>{L_ADDUPDATE_CAL}</b><br />
 						{L_ADDUPDATE_DESC}<br /><br />
-						<form action="admin.php" method="post" enctype="multipart/form-data">
+						<form action="index.php" method="post" enctype="multipart/form-data">
 							<input type="hidden" name="action" value="addupdate">
 							<table width="100%" border="0" cellspacing="0" cellpadding="2" class="G10B">
 								<tr>
@@ -104,7 +104,7 @@
 						</form>
 						
 						<b>{L_DELETE_CAL}</b>
-						<form action="admin.php" method="post">
+						<form action="index.php" method="post">
 							<table width="100%" border="0" cellspacing="0" cellpadding="2" class="G10B">
 								{DELETE_TABLE}
 							</table>