<?php

/* InstaDisc Series - A Four Island Project */

/** 
 * require_once() is used to ensure
 * the ACP files are being called by
 * admin.php instead of their actual
 * locations admin/.
 * The _once() part ensures no problem
 * arises as includes/instadisc.php has
 * already been included from admin.php
 */
require_once('includes/instadisc.php');

if (!isset($_SESSION['username']))
{
	header('Location: index.php');
	exit;
}

if (!instaDisc_isAdmin($_SESSION['username']))
{
	$subs = instaDisc_listSubscriptions($_SESSION['username']);
	$i=0;
	$notfound=1;
	for ($i=0;isset($subs[$i]);$i++)
	{
		if (!isset($_GET['submit']))
		{
			if ($subs[$i]['identity'] == $_POST['id'])
			{
				$notfound=0;
			}
		} else {
			if ($subs[$i]['id'] == $_GET['subid'])
			{
				$notfound=0;
			}
		}
	}

	if ($notfound == 1)
	{
		header('Location: index.php');
		exit;
	}
}

if (!isset($_GET['submit']))
{
	$sub = instaDisc_getSubscriptionByID($_GET['subid']);
	showForm($sub['identity'],$sub['title'],$sub['url'],$sub['category'],$sub['password'],array());
} else {
	$numOfErrors = 0;
	$errors = array();

	if ($_POST['title'] == '')
	{
		addError($numOfErrors, $errors, 'title', 'Title is a required field');
	}

	if ($_POST['url'] == '')
	{
		addError($numOfErrors, $errors, 'url', 'Subscription URL is a required field');
	}

	if ($_POST['category'] == '')
	{
		addError($numOfErrors, $errors, 'category', 'Category is a required field');
	}

	if ($numOfErrors > 0)
	{
		showForm($_POST['id'], $_POST['title'], $_POST['url'], $_POST['category'], $_POST['password'], $errors);
	} else {
		instaDisc_initSubscription