home *** CD-ROM | disk | FTP | other *** search

---

/ linuxmafia.com 2016 / linuxmafia.com.tar / linuxmafia.com / calendar-2010-08-23.tar.gz / calendar-2010-08-23.tar / calendar / admin.php

next >

Wrap

PHP Script  |  2003-10-12  |  8KB  |  280 lines

---

1. <?php
2. session_start();
3.  
4. define('BASE', './');
5. include (BASE.'functions/init.inc.php');
6. include (BASE.'functions/admin_functions.php');
7.  
8. // Redirect if administration is not allowed
9. if ($allow_admin != "yes") {
10.     header("Location: index.php");
11.     die();
12. }
13.  
14. // Load variables from forms and query strings into local scope
15. if($HTTP_POST_VARS)     {extract($HTTP_POST_VARS, EXTR_PREFIX_SAME, "post_");}
16. if($HTTP_GET_VARS)      {extract($HTTP_GET_VARS, EXTR_PREFIX_SAME, "get_");}
17.  
18. if (!isset($action)) $action = '';
19.  
20. // Logout by clearing session variables
21. if ((isset($action)) && ($action == "logout")) {
22.     $HTTP_SESSION_VARS['phpical_loggedin'] = FALSE;
23.     unset($HTTP_SESSION_VARS['phpical_username']);
24.     unset($HTTP_SESSION_VARS['phpical_password']);
25. }
26.  
27.  
28. // if $auth_method == 'none', don't do any authentication
29. if ($auth_method == "none") {
30.     $is_loged_in = TRUE;
31. }
32. // Check if The User is Identified
33. else {
34.     $is_loged_in = FALSE;
35.     
36.     if (is_loggedin()) {
37.         $is_loged_in = TRUE;
38.     }
39.     if (isset($username) && $action != "logout") {
40.         $is_loged_in = login ($username, $password);
41.     }
42. }
43. include (BASE.'includes/header.inc.php'); 
44.  
45. ?>
46. <center>
47. <table width="640" border="0" cellspacing="0" cellpadding="0" class="calborder">
48.     <tr>
49.         <td align="center" valign="middle">
50.             <table width="100%" border="0" cellspacing="0" cellpadding="0">
51.                 <tr>
52.                     <td align="left" width="120" class="navback"><?php echo '<a href="'.BASE.'"><img src="'.BASE.'styles/'.$style_sheet.'/back.gif" alt=" " border="0" align="left"></a>'; ?></td>
53.                     <td class="navback">
54.                         <table width="100%" border="0" cellspacing="0" cellpadding="0">
55.                             <tr>
56.                                 <td align="center" class="navback" nowrap valign="middle"><font class="H20"><?php echo "$admin_header_lang"; ?></font></td>
57.                             </tr>
58.                         </table>
59.                     </td>
60.                     <td align="right" width="120" class="navback">    
61.                         <table width="120" border="0" cellpadding="0" cellspacing="0">
62.                             <tr>
63.                                 <td><?php echo '<a class="psf" href="'.BASE.'day.php?cal='.$cal.'&getdate='.$getdate.'"><img src="'.BASE.'styles/'.$style_sheet.'/day_on.gif" alt=" " border="0"></a></td>'; ?>
64.                                 <td><?php echo '<a class="psf" href="'.BASE.'week.php?cal='.$cal.'&getdate='.$getdate.'"><img src="'.BASE.'styles/'.$style_sheet.'/week_on.gif" alt=" " border="0"></a></td>'; ?>
65.                                 <td><?php echo '<a class="psf" href="'.BASE.'month.php?cal='.$cal.'&getdate='.$getdate.'"><img src="'.BASE.'styles/'.$style_sheet.'/month_on.gif" alt=" " border="0"></a></td>'; ?>
66.                                 <td><?php echo '<a class="psf" href="'.BASE.'year.php?cal='.$cal.'&getdate='.$getdate.'"><img src="'.BASE.'styles/'.$style_sheet.'/year_on.gif" alt=" " border="0"></a></td>'; ?>
67.                             </tr>
68.                         </table>
69.                     </td>
70.                 </tr>
71.             </table>
72.         </td>
73.     </tr>
74.     <tr>
75.         <td class="dayborder"><img src="images/spacer.gif" width="1" height="5" alt=" "></td>
76.     </tr>
77.     <tr>
78.         <td class="G10" align="right"><?php if ($auth_method != "none" && $is_loged_in == TRUE) { echo "<a href=\"{$HTTP_SERVER_VARS['PHP_SELF']}?action=logout\">{$logout_lang}</a>"; } ?> </td>
79.     </tr>
80.     <tr>
81.         <td>
82.             <table width="100%" border="0" cellspacing="0" cellpadding="0" class="G10B">
83.                 <tr>
84.                     <td width="2%"></td>
85.                     <td width="98%" valign="top" align="left">
86. <?php 
87.  
88.  
89.  
90. // If User is Not Logged In, Display The Login Page
91. if ($is_loged_in == FALSE) {
92.     if (isset($username)) {
93.         $login_error =  "<font color=\"red\">$invalid_login_lang</font>";
94.     } else {
95.         $login_error = '';
96.     }
97.         
98.     echo <<<EOT
99.     <form action="{$HTTP_SERVER_VARS['PHP_SELF']}" method="post">
100.         <table cellspacing="0" cellpadding="0">
101.             <tr>
102.                 <td nowrap>{$username_lang}: </td>
103.                 <td align="left"><input type="text" name="username"></td>
104.             </tr>
105.             <tr>
106.                 <td>{$password_lang}: </td>
107.                 <td align="left"><input type="password" name="password"></td>
108.             </tr>
109.             <tr>
110.                 <td> </td>
111.                 <td align="left"><input type="submit" value="{$login_lang}"></td>
112.             </tr>
113.             <tr>
114.                 <td align="center" colspan="3">{$login_error} </td>
115.             </tr>
116.         </table>
117.     </form>
118. EOT;
119.  
120.  
121.     echo "
122.                     </td>
123.                 </tr>
124.             </table>
125.         </td>
126.     </tr>
127. </table>";
128.  
129.     include (BASE.'includes/footer.inc.php');
130.     
131.     echo "
132.     </center>
133.     </body>
134.     </html>";
135.     
136.     die();
137. }
138.  
139.  
140. // The user is logged in if we get here
141.  
142.  
143.  
144. // Add or Update a calendar
145. $addupdate_msg     = '';
146. $delete_msg        = '';
147. if ((isset($action))  && ($action == "addupdate")) {
148.     $addupdate_msg = "";
149.  
150.     for($filenumber=1; $filenumber<6; $filenumber++) {
151.         $file = $HTTP_POST_FILES['calfile'];
152.         $addupdate_success = FALSE;
153.  
154.         if (!is_uploaded_file_v4($file['tmp_name'][$filenumber])) {
155.             $upload_error = get_upload_error($file['error'][$filenumber]);
156.         }
157.         elseif (!is_uploaded_ics($file['name'][$filenumber])) {
158.             $upload_error = $upload_error_type_lang;
159.         }
160.         elseif (!copy_cal($file['tmp_name'][$filenumber], $file['name'][$filenumber])) {
161.             $upload_error = $copy_error_lang . " " . $file['tmp_name'][$filenumber] . " - " . $calendar_path . "/" . $file['name'][$filenumber];
162.         }
163.         else {
164.             $addupdate_success = TRUE;
165.         }
166.         
167.         if ($addupdate_success)
168.             $addupdate_msg = $addupdate_msg . "<font color=\"green\">{$cal_file_lang} {$filenumber}: {$action_success_lang}</font><br>";
169.         else
170.             $addupdate_msg = $addupdate_msg . "<font color=\"red\">{$cal_file_lang} {$filenumber}: {$upload_error}</font><br>";
171.     }
172. }
173.  
174. // Delete a calendar
175. //  Not at all secure - need to strip out path info if used by users besides admin in the future
176. if ($action == "delete") {
177.     $delete_msg = "";
178.  
179.     foreach ($delete_calendar as $filename) {
180.         if (!delete_cal(urldecode($filename))) {
181.             $delete_msg = $delete_msg . "<font color=\"red\">" . $delete_error_lang . " " . urldecode(substr($filename,0,-4)) . "</font><br>";
182.         }
183.         else {
184.             $delete_msg = $delete_msg . "<font color=\"green\">" . urldecode(substr($filename,0,-4)) . " " . $delete_success_lang . "</font><br>";
185.         }
186.     }
187. }
188.  
189. ?>
190.  
191.  
192. <h2><?php echo $addupdate_cal_lang; ?></h2>
193. <p><?php echo $addupdate_desc_lang; ?></p>
194. <form action="<?php echo $HTTP_SERVER_VARS['PHP_SELF']; ?>" method="post" enctype="multipart/form-data">
195.     <input type="hidden" name="action" value="addupdate">
196.     <table border="0" cellspacing="0">
197.         <tr>
198.             <td nowrap><?php echo $cal_file_lang; ?> 1: </td>
199.             <td><input type="file" name="calfile[1]"></td>
200.         </tr>
201.         <tr>
202.             <td nowrap><?php echo $cal_file_lang; ?> 2: </td>
203.             <td><input type="file" name="calfile[2]"></td>
204.         </tr>
205.         <tr>
206.             <td nowrap><?php echo $cal_file_lang; ?> 3: </td>
207.             <td><input type="file" name="calfile[3]"></td>
208.         </tr>
209.         <tr>
210.             <td nowrap><?php echo $cal_file_lang; ?> 4: </td>
211.             <td><input type="file" name="calfile[4]"></td>
212.         </tr>
213.         <tr>
214.             <td nowrap><?php echo $cal_file_lang; ?> 5: </td>
215.             <td><input type="file" name="calfile[5]"></td>
216.         </tr>
217.         <tr>
218.             <td> </td>
219.             <td><input type="submit" value="<?php echo $submit_lang; ?>"></td>
220.         </tr>
221.         <tr>
222.             <td align="center" colspan="2"><?php echo $addupdate_msg; ?> </td>
223.         </tr>
224.     </table>
225. </form>
226.  
227. <h2><?php echo $delete_cal_lang; ?></h2>
228. <form action="<?php echo $HTTP_SERVER_VARS['PHP_SELF']; ?>" method="post">
229.     <input type="hidden" name="action" value="delete">
230.     <table border="0" cellspacing="0">
231.         <?php
232.                 
233.             // Print Calendar Checkboxes
234.             //
235.             $COLUMNS_TO_PRINT = 3;
236.             $column = 1;
237.             $filelist = get_calendar_files($calendar_path);
238.             foreach ($filelist as $file) {
239.                 if ($column > $COLUMNS_TO_PRINT) {
240.                     echo "</tr>";
241.                     $column = 1;
242.                 }
243.                 if ($column == 1) {
244.                     echo "<tr>";
245.                 }
246.                 
247.                 $cal_filename_tmp = substr($file,0,-4);
248.                 $cal_tmp = urlencode($file);
249.                 $cal_displayname_tmp = str_replace("32", " ", $cal_filename_tmp);
250.                 
251.                 echo "<td align=\"left\"><input name=\"delete_calendar[]\" value=\"$cal_tmp\" type=\"checkbox\">$cal_displayname_tmp</td>\n";
252.                 
253.                 $column++;
254.             }
255.             // Print remaining empty columns if necessary
256.             $number_of_columns = count($filelist);
257.             while (gettype($number_of_columns/$COLUMNS_TO_PRINT) != "integer") {
258.                 echo "<td> </td>";
259.                 $number_of_columns++;
260.             }
261.         ?>
262.         </tr>
263.     </table>
264.     <p><input type="submit" value="<?php echo $delete_lang; ?>"></p>
265.     <p><?php echo $delete_msg; ?> </p>
266. </form>
267.  
268.                     </td>
269.                 </tr>
270.             </table>
271.         </td>
272.     </tr>
273. </table>
274. </center>
275.  
276. <?php include (BASE.'includes/footer.inc.php'); ?>
277.  
278.  
279.  
280.