diff options
| -rw-r--r-- | functions/ical_parser.php | 10 | ||||
| -rw-r--r-- | functions/init.inc.php | 24 | ||||
| -rw-r--r-- | includes/event.php | 2 | ||||
| -rw-r--r-- | includes/login.php | 13 | ||||
| -rw-r--r-- | includes/todo.php | 4 |
5 files changed, 34 insertions, 19 deletions
diff --git a/functions/ical_parser.php b/functions/ical_parser.php index e2d9a97..fe77dd9 100644 --- a/functions/ical_parser.php +++ b/functions/ical_parser.php @@ -1,11 +1,11 @@ <?php if (!defined('BASE')) define('BASE', './'); -include(BASE.'functions/init.inc.php'); -include(BASE.'functions/date_functions.php'); -include(BASE.'functions/draw_functions.php'); -include(BASE.'functions/overlapping_events.php'); -include(BASE.'functions/timezones.php'); +include_once(BASE.'functions/init.inc.php'); +include_once(BASE.'functions/date_functions.php'); +include_once(BASE.'functions/draw_functions.php'); +include_once(BASE.'functions/overlapping_events.php'); +include_once(BASE.'functions/timezones.php'); $fillTime = $day_start; $day_array = array (); diff --git a/functions/init.inc.php b/functions/init.inc.php index d78d734..992068d 100644 --- a/functions/init.inc.php +++ b/functions/init.inc.php @@ -6,7 +6,7 @@ //chmod(BASE.'calendars/School.ics',0666); // uncomment when developing, comment for shipping version -error_reporting (E_ERROR | E_WARNING); +error_reporting (E_ERROR | E_WARNING | E_PARSE); // Older versions of PHP do not define $_SERVER. Define it here instead. if (!isset($_SERVER) && isset($HTTP_SERVER_VARS)) { @@ -18,9 +18,9 @@ $ALL_CALENDARS_COMBINED = 'all_calendars_combined971'; // Pull in the configuration and some functions. if (!defined('BASE')) define('BASE', './'); -include(BASE.'config.inc.php'); -include(BASE.'functions/error.php'); -include(BASE.'functions/calendar_functions.php'); +include_once(BASE.'config.inc.php'); +include_once(BASE.'functions/error.php'); +include_once(BASE.'functions/calendar_functions.php'); if (isset($HTTP_COOKIE_VARS['phpicalendar'])) { $phpicalendar = unserialize(stripslashes($HTTP_COOKIE_VARS['phpicalendar'])); if (isset($phpicalendar['cookie_language'])) $language = $phpicalendar['cookie_language']; @@ -54,8 +54,22 @@ if (!isset($_SERVER['PHP_AUTH_USER'])) { if (isset($HTTP_GET_VARS['password'])) $password = $HTTP_GET_VARS['password']; else if (isset($HTTP_POST_VARS['password'])) $password = $HTTP_POST_VARS['password']; - // Set the login cookie if logging in. Clear it if logging out. + // Grab the action (login or logout). $action = (isset($_REQUEST['action'])) ? $_REQUEST['action'] : ''; + + // Check to make sure the username and password is valid. + if (!key_exists("$username:$password", $locked_map)) { + // Don't login, instead logout. + $action = 'logout'; + + // Remember the invalid login, because we may want to + // display a message elsewhere. + $invalid_login = true; + } else { + $invalid_login = false; + } + + // Set the login cookie if logging in. Clear it if logging out. if ($action == 'login') { $the_cookie = serialize(array('username' => $username, 'password' => $password)); setcookie('phpicalendar_login', $the_cookie, time()+(60*60*24*7*12*10), '/', $cookie_uri, 0); diff --git a/includes/event.php b/includes/event.php index ffa0308..8de5d20 100644 --- a/includes/event.php +++ b/includes/event.php @@ -1,6 +1,6 @@ <?php define('BASE', '../'); -include (BASE.'functions/init.inc.php'); +include_once(BASE.'functions/init.inc.php'); function decode_popup ($item) { $item = stripslashes(rawurldecode($item)); diff --git a/includes/login.php b/includes/login.php index 5df5d01..f29159b 100644 --- a/includes/login.php +++ b/includes/login.php @@ -1,7 +1,7 @@ <?php // Hide the login block if logged in, there are no lock usernames, // or if authenticated via HTTP. - if ($username == '' && $allow_login == 'yes' && !isset($_SERVER['PHP_AUTH_USER'])) { + if ($username == '' && $allow_login == 'yes' && !isset($_SERVER['PHP_AUTH_USER'])) { // Set the login table width if not set. if (!isset($login_width)) $login_width = "100%"; @@ -17,26 +17,27 @@ echo '<input type="hidden" name="'.$key.'" value="'.$HTTP_GET_VARS[$key].'">'; } - // For Wesley - $login_message = ($user_passed == TRUE) ? $invalid_login_lang : $login_lang; + // If the attempted login was invalid, change the box title. + $login_message = ($invalid_login == TRUE) ? "<font color=\"red\">$invalid_login_lang</font>" : ''; echo <<<END <table cellpadding="0" cellspacing="0" border="0" width="{$login_width}" class="calborder"> <tr> - <td align="center" class="sideback"><div style="height: 17px; margin-top: 3px;" class="G10BOLD">{$login_message}</div></td> + <td align="center" class="sideback"><div style="height: 17px; margin-top: 3px;" class="G10BOLD">{$login_lang}</div></td> </tr> <tr> <td align="left" class="G10B"> <div style="padding: 5px;"> + {$login_message} <table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="5%">{$username_lang}:</td> <td width="95%"><input class="login_style" type="text" size="8" name="username"></td> </tr> <tr> - <td>Password:</td> - <td><input class="login_style" type="{$password_lang}" size="8" name="password"></td> + <td>{$password_lang}:</td> + <td><input class="login_style" type="$password" size="8" name="password"></td> </tr> <tr> <td> </td> diff --git a/includes/todo.php b/includes/todo.php index f09cce9..b4cefbd 100644 --- a/includes/todo.php +++ b/includes/todo.php @@ -1,8 +1,8 @@ <?php define('BASE', '../'); -include (BASE.'functions/init.inc.php'); -include (BASE.'functions/date_functions.php'); +include_once(BASE.'functions/init.inc.php'); +include_once(BASE.'functions/date_functions.php'); $vtodo_array = unserialize(base64_decode($HTTP_GET_VARS['vtodo_array'])); |