Security fix: unauthorized access (#10091)

* Security fix: unauthorized access
Affects nginx users:
Moved php files outside of public html directory (Apache was protected by .htaccess)

Affects all users:
Some files did not check for authentication and could disclose some info.
Better checks before including files from user input

* git mv html/includes/ includes/html
git mv html/pages/ includes/html/

includes/html/graphs/application/freeswitch_peak.inc.php

@@ -0,0 +1,14 @@
+<?php
+
+require 'includes/html/graphs/common.inc.php';
+
+$scale_min       = 0;
+$ds              = 'peak';
+$colour_area     = '9DDA52';
+$colour_line     = '2EAC6D';
+$colour_area_max = 'FFEE99';
+$graph_max       = 10000;
+$unit_text       = 'Peak Calls';
+$rrd_filename = rrd_name($device['hostname'], array('app', 'freeswitch', 'stats', $app['app_id']));
+
+require 'includes/html/graphs/generic_simplex.inc.php';