<?php print $deptName ?>

$entry[fname] $entry[lname]"; } return $contentvar; } function extAuthors($extAuthorsString, $flag) { if($extAuthorsString == null) return; $extAuthorsString = trim($extAuthorsString); if($extAuthorsString == null || $extAuthorsString == "") return null; preg_match_all("%((\!|\@)([0-9A-Za-z\ ]*)(\@|\!))%", $extAuthorsString, $answer, PREG_PATTERN_ORDER); if($flag == 1) { return $answer; } for($i = 0; $i < count($answer[3]); $i++) { if(trim($answer[2][$i] == "@")) { $contentvar .= localAuthors($answer[3][$i]); } else { $contentvar .= trim($answer[3][$i]); } if($i == (count($answer[3]) - 1)) $contentvar .= "."; else $contentvar .= ", "; } return $contentvar; } function localGroups($groupsString, $flag) { if($groupsString == null) return; $groupsString = trim($groupsString); if($groupsString == null || $groupsString == "") return null; preg_match_all("%\!([0-9]*)\!%", $groupsString, $answer, PREG_PATTERN_ORDER); $ted = $answer[1][0]; if ( $flag == 1 ) { return $ted; } $query = "SELECT * FROM groups WHERE groupID = $ted"; $result = mysql_query($query); $entry = mysql_fetch_array($result); $contentvar .= "$entry[groupName]"; return $contentvar; } mysql_connect('localhost', 'root'); //DO NOT RELEASE mysql_select_db('dept_coredb'); $query = "SELECT * from vitals"; $result = mysql_query($query); $entry = mysql_fetch_array($result); $deptName = $entry[deptName]; $deptAbbv = $entry[deptAbbv]; $deptLogo = $entry[deptLogo]; $address1 = $entry[address1]; $address2 = $entry[address2]; $city = $entry[city]; $state = $entry[state]; $zip = $entry[zip]; $phone = $entry[phone]; $groupName = "$deptAbbv Admin Tool"; if($_POST['myaction'] != '') { if($_POST['myaction'] === "deletePaper") { $paperID = $_POST['paperid']; mysql_query("DELETE FROM papers WHERE paperID = '$paperID' "); } if($_POST['myaction'] === "deletePerson") { $personID = $_POST['personid']; mysql_query("DELETE FROM people WHERE personID = '$personID' "); } if($_POST['myaction'] === "deleteGroup") { $groupID = $_POST['groupid']; mysql_query("DELETE FROM groups WHERE groupID = '$groupID' "); } if($_POST['myaction'] === "deleteProject") { $projectID = $_POST['projectid']; mysql_query("DELETE FROM projects WHERE projectID = '$projectID' "); } if($_POST['myaction'] === "Edit Paper") { require("fileupload-class.php"); //UPLOAD SCRIPT BEGIN $path = "uploads/"; $upload_file_name = "userfile"; $default_extension = ""; $mode = 2; // Create a new instance of the class $my_uploader = new uploader; // OPTIONAL: set the max filesize of uploadable files in bytes $my_uploader->max_filesize(10000000); // OPTIONAL: if you're uploading images, you can set the max pixel dimensions $my_uploader->max_image_size(400, 600); /* max_image_size($width, $height) */ // UPLOAD the file /* upload(file name[, acceptable mime types[, default extenstion]]) */ if ($my_uploader->upload($upload_file_name, $acceptable_file_types, $default_extension)) { $success = $my_uploader->save_file($path, $mode); } if($_POST['author1'] != "none" && $_POST['author1'] != "line") { if($_POST['author1'] === "other") { $extAuthors .= "!".$_POST['otherauthor1']."!"; } else { $extAuthors .= "@".$_POST['author1']."@"; $localAuthors .= "!".$_POST['author1']."!"; } } if($_POST['author2'] != "none" && $_POST['author2'] != "line") { if($_POST['author2'] === "other") { $extAuthors .= "!".$_POST['otherauthor2']."!"; } else { $extAuthors .= "@".$_POST['author2']."@"; $localAuthors .= "!".$_POST['author2']."!"; } } if($_POST['author3'] != "none" && $_POST['author3'] != "line") { if($_POST['author3'] === "other") { $extAuthors .= "!".$_POST['otherauthor3']."!"; } else { $extAuthors .= "@".$_POST['author3']."@"; $localAuthors .= "!".$_POST['author3']."!"; } } if($_POST['author4'] != "none" && $_POST['author4'] != "line") { if($_POST['author4'] === "other") { $extAuthors .= "!".$_POST['otherauthor4']."!"; } else { $extAuthors .= "@".$_POST['author4']."@"; $localAuthors .= "!".$_POST['author4']."!"; } } if($_POST['author5'] != "none" && $_POST['author5'] != "line") { if($_POST['author5'] === "other") { $extAuthors .= "!".$_POST['otherauthor5']."!"; } else { $extAuthors .= "@".$_POST['author5']."@"; $localAuthors .= "!".$_POST['author5']."!"; } } $paperName = str_replace("\'", "\\'", $_POST['papername']); $paperGroup = str_replace("\'", "\\'", "!".$_POST['groupname']."!"); $journal = str_replace("\'", "\\'", $_POST['journalname']); $year = $_POST['year']; $status = str_replace("\'", "\\'", $_POST['status']); $extAuthors = str_replace("\'", "\\'", $extAuthors); $paperID = $_GET['paper']; $page = $_GET['page']; $entry = mysql_fetch_array(mysql_query("SELECT * FROM papers WHERE paperID=$paperID")); if ($success) { $fileURL = $my_uploader->file['name']; } else { $fileURL = $entry[fileURL]; } mysql_connect('localhost', 'root'); $query = "UPDATE papers SET paperID='$paperID', title='$paperName', localAuthors='$localAuthors', localGroups='$paperGroup', extAuthors='$extAuthors', journal='$journal', year='$year', status='$status', fileURL='$fileURL' WHERE paperID = $paperID;"; mysql_query($query); Header("Location: admin.php?page=$page"); } if($_POST['myaction'] === "Edit Person") { require("fileupload-class.php"); //UPLOAD SCRIPT BEGIN $path = "uploads/"; $upload_file_name = "userphoto"; $default_extension = ""; $mode = 2; // Create a new instance of the class $my_uploader = new uploader; // OPTIONAL: set the max filesize of uploadable files in bytes $my_uploader->max_filesize(1000000); // OPTIONAL: if you're uploading images, you can set the max pixel dimensions $my_uploader->max_image_size(600, 600); /* max_image_size($width, $height) */ // UPLOAD the file /* upload(file name[, acceptable mime types[, default extenstion]]) */ if ($my_uploader->upload($upload_file_name, $acceptable_file_types, $default_extension)) { $success = $my_uploader->save_file($path, $mode); } if($_POST['groupname'] != "none" && $_POST['groupname'] != "line") { $groupName2 = $_POST['groupname']; } if($_POST['typename'] != "none" && $_POST['typename'] != "line") { $groupName2 = $_POST['typename']; } $groupName2 = str_replace("\'", "\\'", $groupName2); $fname = str_replace("\'", "\\'", $_POST['fname']); $lname = str_replace("\'", "\\'", $_POST['lname']); $officeLoc = str_replace("\'", "\\'", $_POST['officeLoc']); $phone = str_replace("\'", "\\'", $_POST['phone']); $title = str_replace("\'", "\\'", $_POST['title']); $description = str_replace("\'", "\\'", $_POST['personDesc']); $description = str_replace("\r\n\r\n", "

", $description); $description = str_replace("\r\n", "
", $description); $group = str_replace("\'", "\\'", "!".$_POST['groupname']."!"); $type = str_replace("\'", "\\'", $_POST['typename']); $personID = $_GET['person']; $page = $_GET['page']; $entry = mysql_fetch_array(mysql_query("SELECT * FROM people WHERE personID=$personID")); if ($success) { $pictureURL = $my_uploader->file['name']; } else { $pictureURL = $entry[pictureURL]; } mysql_connect('localhost', 'root'); $query = "UPDATE people SET fname='$fname',lname='$lname',officeLoc='($officeLoc)',phone='$phone',title='$title',type='$type', description='$description',pictureURL='$pictureURL',papers='',groups='$group',personID='$personID' WHERE personID = $personID"; mysql_query($query); Header("Location: admin.php?page=$page"); } if($_POST['myaction'] === "Edit Group") { $groupID = $_GET['group']; $page = $_GET['page']; $groupName2 = str_replace("\'", "\\'", $_POST['groupName']); $groupDesc = str_replace("\r\n\r\n", "

", $_POST['groupDesc']); $groupDesc = str_replace("\r\n", "
", $groupDesc); $groupDesc = str_replace("\'", "\\'", $groupDesc); if($_POST['link1'] != '') { $links .= $_POST['link1'].":!:"; if($_POST['linkdest1'] != '') { $links .= $_POST['linkdest1'].":!:"; } else { $links .= "Other External Site:!:"; } } if($_POST['link2'] != '') { $links .= $_POST['link2'].":!:"; if($_POST['linkdest2'] != '') { $links .= $_POST['linkdest2'].":!:"; } else { $links .= "Other External Site:!:"; } } if($_POST['link3'] != '') { $links .= $_POST['link3'].":!:"; if($_POST['linkdest3'] != '') { $links .= $_POST['linkdest3'].":!:"; } else { $links .= "Other External Site:!:"; } } if($_POST['link4'] != '') { $links .= $_POST['link4'].":!:"; if($_POST['linkdest4'] != '') { $links .= $_POST['linkdest4'].":!:"; } else { $links .= "Other External Site:!:"; } } if($_POST['link5'] != '') { $links .= $_POST['link5'].":!:"; if($_POST['linkdest5'] != '') { $links .= $_POST['linkdest5'].":!:"; } else { $links .= "Other External Site:!:"; } } mysql_connect('localhost', 'root'); $query = "UPDATE groups SET groupID='$groupID',groupName='$groupName2',groupDesc='$groupDesc',links='$links' WHERE groupID=$groupID"; mysql_query($query); Header("Location: admin.php?page=$page"); } if($_POST['myaction'] === "Edit Project") { require("fileupload-class.php"); //UPLOAD SCRIPT BEGIN $path = "uploads/"; $upload_file_name = "projectpicture"; $default_extension = ""; $mode = 2; // Create a new instance of the class $my_uploader = new uploader; // OPTIONAL: set the max filesize of uploadable files in bytes $my_uploader->max_filesize(1000000); // OPTIONAL: if you're uploading images, you can set the max pixel dimensions $my_uploader->max_image_size(600, 600); /* max_image_size($width, $height) */ // UPLOAD the file /* upload(file name[, acceptable mime types[, default extenstion]]) */ if ($my_uploader->upload($upload_file_name, $acceptable_file_types, $default_extension)) { $success = $my_uploader->save_file($path, $mode); } $projectID = $_GET['project']; $page = $_GET['page']; $projectName = str_replace("''", "\"", $_POST['projectName']); $projectName = str_replace("\'", "\\'", $projectName); $projectDesc = str_replace("\r\n\r\n", "

", $_POST['projectDesc']); $projectDesc = str_replace("\r\n", "
", $projectDesc); $projectDesc = str_replace("\'", "\\'" , $projectDesc); $relevantGroup = "!".$_POST['relevantGroup']."!"; $entry = mysql_fetch_array(mysql_query("SELECT * FROM projects WHERE projectID=$projectID")); $highlighted = $entry[highlighted]; if ($success) { $pictureURL = $my_uploader->file['name']; } else { $pictureURL = $entry[pictureURL]; } mysql_connect('localhost', 'root'); $query = "UPDATE projects SET projectID='$projectID', highlighted='$highlighted', projectName='$projectName', projectDesc='$projectDesc', pictureURL='$pictureURL', relevantGroup='$relevantGroup' WHERE projectID=$projectID"; mysql_query($query); Header("Location: admin.php?page=$page"); } if($_POST['myaction'] === "Make Changes") { if($_POST['link1'] != '') { $links .= $_POST['link1'].":!:"; if($_POST['linkdest1'] != '') { $links .= $_POST['linkdest1'].":!:"; } else { $links .= "Other External Site:!:"; } } if($_POST['link2'] != '') { $links .= $_POST['link2'].":!:"; if($_POST['linkdest2'] != '') { $links .= $_POST['linkdest2'].":!:"; } else { $links .= "Other External Site:!:"; } } if($_POST['link3'] != '') { $links .= $_POST['link3'].":!:"; if($_POST['linkdest3'] != '') { $links .= $_POST['linkdest3'].":!:"; } else { $links .= "Other External Site:!:"; } } if($_POST['link4'] != '') { $links .= $_POST['link4'].":!:"; if($_POST['linkdest4'] != '') { $links .= $_POST['linkdest4'].":!:"; } else { $links .= "Other External Site:!:"; } } if($_POST['link5'] != '') { $links .= $_POST['link5'].":!:"; if($_POST['linkdest5'] != '') { $links .= $_POST['linkdest5'].":!:"; } else { $links .= "Other External Site:!:"; } } $query2 = "UPDATE vitals SET links = '$links' LIMIT 1"; mysql_query($query2); $query = "SELECT * FROM projects ORDER BY projectName"; $result = mysql_query($query); for ($i = 0; $i < mysql_num_rows($result); $i++) { $entry = mysql_fetch_array($result); $projectFormName = "project_$entry[projectID]"; $checkValue = $_POST["$projectFormName"]; $projectID = $entry[projectID]; if($checkValue != "") { $query2 = "UPDATE projects SET highlighted = '1' WHERE projectID = '$projectID' LIMIT 1"; mysql_query($query2); } else { $query2 = "UPDATE projects SET highlighted = '0' WHERE projectID = '$projectID' LIMIT 1"; mysql_query($query2); } } } } if($_GET['page'] != '') { $page = $_GET['page']; if($page == 0) { $pageName = "Main Admin"; $content .="$deptAbbv Main Site Administration

"; $query = "SELECT * FROM projects ORDER BY projectName"; $result = mysql_query($query); $content .= "

Please select the projects to be highlighted on the $deptAbbv front page:

\n"; $content .= ""; for ($i = 0; $i < mysql_num_rows($result); $i++) { $entry = mysql_fetch_array($result); if($entry[highlighted] == 0) { $checkvalue = ""; } else { $checkvalue = "checked"; } $groupName2 = localGroups($entry[relevantGroup]); $content .= "\n\n"; } $query = "SELECT * FROM vitals"; $result = mysql_query($query); $entry = mysql_fetch_array($result); $answer = array(); $answer = localLinks($entry[links]); $link1 = $answer[1][0]; $link2 = $answer[1][2]; $link3 = $answer[1][4]; $link4 = $answer[1][6]; $link5 = $answer[1][8]; $linkdest1 = $answer[1][1]; $linkdest2 = $answer[1][3]; $linkdest3 = $answer[1][5]; $linkdest4 = $answer[1][7]; $linkdest5 = $answer[1][9]; $content .="

Highlight?	Project
"; $content .= "	$entry[projectName] - $groupName2

Enter some links for the Relevant Links section on the front page:

\n \n \n \n \n \n \n
Site Title URL

"; } else if($page == 1) { $pageName = "Edit Papers"; $paperID = $_GET['paper']; $query2 = "SELECT * FROM papers WHERE paperID=$paperID"; $result2 = mysql_query($query2); $entry2 = mysql_fetch_array($result2); $authors = extAuthors($entry2[extAuthors], 1); $test = array(); $authorList = array(); for($j = 0; $j < 5; $j++) { if ( !is_numeric($authors[3][$j]) && $authors[3][$j] != "") { $otherSelected = "SELECTED"; $test[$j] = $authors[3][$j]; } else { $otherSelected = ''; } $authorList[$j] .= ""; $query = "SELECT * FROM people WHERE type = 'researcher'"; $result = mysql_query($query); for ($i = 0; $i < mysql_num_rows($result); $i++) { $entry = mysql_fetch_array($result); if($entry[personID] == $authors[3][$j]) { $selected = "SELECTED"; } else { $selected = ""; } $authorList[$j] .= "\n"; } } $groupList .= ""; $query = "SELECT * FROM groups"; $result = mysql_query($query); for ($i = 0; $i < mysql_num_rows($result); $i++) { $entry = mysql_fetch_array($result); if($entry[groupID] == localGroups($entry2[localGroups], 1)) { $selected = "SELECTED"; } else { $selected = ""; } $groupList .= "\n"; } $content .="

\nEdit Paper:

\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n

Paper Title

Authors

(Will be placed into the database in this order)

\n \n \n \n \n \n \n

Relevant Group

Journal

Year Published

Paper Status
(submitted, in review, etc.)

Upload File

Note: Depending on the file size and the speed of your connection, this upload may take a few minutes after pressing 'Edit Paper'. Please be patient.

"; } else if($page == 2) { $pageName = "Edit People"; $personID = $_GET['person']; $query2 = "SELECT * FROM people WHERE personID=$personID"; $result2 = mysql_query($query2); $entry2 = mysql_fetch_array($result2); $groupList .= ""; $query = "SELECT * FROM groups"; $result = mysql_query($query); for ($i = 0; $i < mysql_num_rows($result); $i++) { $entry = mysql_fetch_array($result); if($entry[groupID] == localGroups($entry2[groups],1)) { $selected = "SELECTED"; } else { $selected = ""; } $groupList .= "\n"; } if($entry2[type] == "researcher") { $resSelected = "SELECTED"; $staffSelected = ""; } else if($entry2[type] == "staff") { $resSelected = ""; $staffSelected = "SELECTED"; } else { $resSelected = ""; $staffSelected = ""; } $typeList .= ""; $typeList .= " \n"; $officeLoc = str_replace("(", "", $entry2[officeLoc]); $officeLoc = str_replace(")", "", $officeLoc); $personDesc = str_replace("

", "\r\n\r\n", $entry2['description']); $personDesc = str_replace("
", "\r\n", $personDesc); $content .="

Edit Person:

"; } else if($page == 3) { $pageName = "Edit Groups"; $groupID = $_GET['group']; $query2 = "SELECT * FROM groups WHERE groupID=$groupID"; $result2 = mysql_query($query2); $entry2 = mysql_fetch_array($result2); $links = array(); $answer = localLinks($entry2[links]); $link1 = $answer[1][0]; $link2 = $answer[1][2]; $link3 = $answer[1][4]; $link4 = $answer[1][6]; $link5 = $answer[1][8]; $linkdest1 = $answer[1][1]; $linkdest2 = $answer[1][3]; $linkdest3 = $answer[1][5]; $linkdest4 = $answer[1][7]; $linkdest5 = $answer[1][9]; $groupDesc = str_replace("

", "\r\n\r\n", $entry2['groupDesc']); $groupDesc = str_replace("
", "\r\n", $groupDesc); $content .="

\nEdit Group:

"; } else if($page == 4) { $pageName = "Edit Projects"; $projectID = $_GET['project']; $query2 = "SELECT * FROM projects WHERE projectID=$projectID"; $result2 = mysql_query($query2); $entry2 = mysql_fetch_array($result2); $groupList .= ""; $query = "SELECT * FROM groups"; $result = mysql_query($query); for ($i = 0; $i < mysql_num_rows($result); $i++) { $entry = mysql_fetch_array($result); if($entry[groupID] == localGroups($entry2[relevantGroup],1)) { $selected = "SELECTED"; } else { $selected = ""; } $groupList .= "\n"; } $projectName = str_replace("\"", "''", $entry2['projectName']); $projectDesc = str_replace("

", "\r\n\r\n", $entry2['projectDesc']); $projectDesc = str_replace("
", "\r\n", $projectDesc); $content .="Edit Project:

"; } } else { $content .= "Please select a management task.

Main Site Administration

Add/Delete Papers

Add/Delete People

Add/Delete Groups

Add/Delete Projects"; } ?> <?php print $deptName ?>

> Administration >

- - , -

First Name
Last Name
Title
Office Location
Phone Number
Description (HTML OK)	$personDesc
Group
Type
Upload Photo

Project Name
Description (HTML OK)	$projectDesc
Relevant Group	\n \n
Upload Picture