$entry[fname] $entry[lname]"; } return $contentvar; } function extAuthors($extAuthorsString, $flag) { if($extAuthorsString == null) return; $extAuthorsString = trim($extAuthorsString); if($extAuthorsString == null || $extAuthorsString == "") return null; preg_match_all("%((\!|\@)([0-9A-Za-z\ ]*)(\@|\!))%", $extAuthorsString, $answer, PREG_PATTERN_ORDER); if($flag == 1) { return $answer; } for($i = 0; $i < count($answer[3]); $i++) { if(trim($answer[2][$i] == "@")) { $contentvar .= localAuthors($answer[3][$i]); } else { $contentvar .= trim($answer[3][$i]); } if($i == (count($answer[3]) - 1)) $contentvar .= "."; else $contentvar .= ", "; } return $contentvar; } function localGroups($groupsString, $flag) { if($groupsString == null) return; $groupsString = trim($groupsString); if($groupsString == null || $groupsString == "") return null; preg_match_all("%\!([0-9]*)\!%", $groupsString, $answer, PREG_PATTERN_ORDER); $ted = $answer[1][0]; if ( $flag == 1 ) { return $ted; } $query = "SELECT * FROM groups WHERE groupID = $ted"; $result = mysql_query($query); $entry = mysql_fetch_array($result); $contentvar .= "$entry[groupName]"; return $contentvar; } mysql_connect('localhost', 'root'); //DO NOT RELEASE mysql_select_db('dept_coredb'); $query = "SELECT * from vitals"; $result = mysql_query($query); $entry = mysql_fetch_array($result); $deptName = $entry[deptName]; $deptAbbv = $entry[deptAbbv]; $deptLogo = $entry[deptLogo]; $address1 = $entry[address1]; $address2 = $entry[address2]; $city = $entry[city]; $state = $entry[state]; $zip = $entry[zip]; $phone = $entry[phone]; $groupName = "$deptAbbv Admin Tool"; if($_POST['myaction'] != '') { if($_POST['myaction'] === "deletePaper") { $paperID = $_POST['paperid']; mysql_query("DELETE FROM papers WHERE paperID = '$paperID' "); } if($_POST['myaction'] === "deletePerson") { $personID = $_POST['personid']; mysql_query("DELETE FROM people WHERE personID = '$personID' "); } if($_POST['myaction'] === "deleteGroup") { $groupID = $_POST['groupid']; mysql_query("DELETE FROM groups WHERE groupID = '$groupID' "); } if($_POST['myaction'] === "deleteProject") { $projectID = $_POST['projectid']; mysql_query("DELETE FROM projects WHERE projectID = '$projectID' "); } if($_POST['myaction'] === "Edit Paper") { require("fileupload-class.php"); //UPLOAD SCRIPT BEGIN $path = "uploads/"; $upload_file_name = "userfile"; $default_extension = ""; $mode = 2; // Create a new instance of the class $my_uploader = new uploader; // OPTIONAL: set the max filesize of uploadable files in bytes $my_uploader->max_filesize(10000000); // OPTIONAL: if you're uploading images, you can set the max pixel dimensions $my_uploader->max_image_size(400, 600); /* max_image_size($width, $height) */ // UPLOAD the file /* upload(file name[, acceptable mime types[, default extenstion]]) */ if ($my_uploader->upload($upload_file_name, $acceptable_file_types, $default_extension)) { $success = $my_uploader->save_file($path, $mode); } if($_POST['author1'] != "none" && $_POST['author1'] != "line") { if($_POST['author1'] === "other") { $extAuthors .= "!".$_POST['otherauthor1']."!"; } else { $extAuthors .= "@".$_POST['author1']."@"; $localAuthors .= "!".$_POST['author1']."!"; } } if($_POST['author2'] != "none" && $_POST['author2'] != "line") { if($_POST['author2'] === "other") { $extAuthors .= "!".$_POST['otherauthor2']."!"; } else { $extAuthors .= "@".$_POST['author2']."@"; $localAuthors .= "!".$_POST['author2']."!"; } } if($_POST['author3'] != "none" && $_POST['author3'] != "line") { if($_POST['author3'] === "other") { $extAuthors .= "!".$_POST['otherauthor3']."!"; } else { $extAuthors .= "@".$_POST['author3']."@"; $localAuthors .= "!".$_POST['author3']."!"; } } if($_POST['author4'] != "none" && $_POST['author4'] != "line") { if($_POST['author4'] === "other") { $extAuthors .= "!".$_POST['otherauthor4']."!"; } else { $extAuthors .= "@".$_POST['author4']."@"; $localAuthors .= "!".$_POST['author4']."!"; } } if($_POST['author5'] != "none" && $_POST['author5'] != "line") { if($_POST['author5'] === "other") { $extAuthors .= "!".$_POST['otherauthor5']."!"; } else { $extAuthors .= "@".$_POST['author5']."@"; $localAuthors .= "!".$_POST['author5']."!"; } } $paperName = str_replace("\'", "\\'", $_POST['papername']); $paperGroup = str_replace("\'", "\\'", "!".$_POST['groupname']."!"); $journal = str_replace("\'", "\\'", $_POST['journalname']); $year = $_POST['year']; $status = str_replace("\'", "\\'", $_POST['status']); $extAuthors = str_replace("\'", "\\'", $extAuthors); $paperID = $_GET['paper']; $page = $_GET['page']; $entry = mysql_fetch_array(mysql_query("SELECT * FROM papers WHERE paperID=$paperID")); if ($success) { $fileURL = $my_uploader->file['name']; } else { $fileURL = $entry[fileURL]; } mysql_connect('localhost', 'root'); $query = "UPDATE papers SET paperID='$paperID', title='$paperName', localAuthors='$localAuthors', localGroups='$paperGroup', extAuthors='$extAuthors', journal='$journal', year='$year', status='$status', fileURL='$fileURL' WHERE paperID = $paperID;"; mysql_query($query); Header("Location: admin.php?page=$page"); } if($_POST['myaction'] === "Edit Person") { require("fileupload-class.php"); //UPLOAD SCRIPT BEGIN $path = "uploads/"; $upload_file_name = "userphoto"; $default_extension = ""; $mode = 2; // Create a new instance of the class $my_uploader = new uploader; // OPTIONAL: set the max filesize of uploadable files in bytes $my_uploader->max_filesize(1000000); // OPTIONAL: if you're uploading images, you can set the max pixel dimensions $my_uploader->max_image_size(600, 600); /* max_image_size($width, $height) */ // UPLOAD the file /* upload(file name[, acceptable mime types[, default extenstion]]) */ if ($my_uploader->upload($upload_file_name, $acceptable_file_types, $default_extension)) { $success = $my_uploader->save_file($path, $mode); } if($_POST['groupname'] != "none" && $_POST['groupname'] != "line") { $groupName2 = $_POST['groupname']; } if($_POST['typename'] != "none" && $_POST['typename'] != "line") { $groupName2 = $_POST['typename']; } $groupName2 = str_replace("\'", "\\'", $groupName2); $fname = str_replace("\'", "\\'", $_POST['fname']); $lname = str_replace("\'", "\\'", $_POST['lname']); $officeLoc = str_replace("\'", "\\'", $_POST['officeLoc']); $phone = str_replace("\'", "\\'", $_POST['phone']); $title = str_replace("\'", "\\'", $_POST['title']); $description = str_replace("\'", "\\'", $_POST['personDesc']); $description = str_replace("\r\n\r\n", "

", $description); $description = str_replace("\r\n", "
", $description); $group = str_replace("\'", "\\'", "!".$_POST['groupname']."!"); $type = str_replace("\'", "\\'", $_POST['typename']); $personID = $_GET['person']; $page = $_GET['page']; $entry = mysql_fetch_array(mysql_query("SELECT * FROM people WHERE personID=$personID")); if ($success) { $pictureURL = $my_uploader->file['name']; } else { $pictureURL = $entry[pictureURL]; } mysql_connect('localhost', 'root'); $query = "UPDATE people SET fname='$fname',lname='$lname',officeLoc='($officeLoc)',phone='$phone',title='$title',type='$type', description='$description',pictureURL='$pictureURL',papers='',groups='$group',personID='$personID' WHERE personID = $personID"; mysql_query($query); Header("Location: admin.php?page=$page"); } if($_POST['myaction'] === "Edit Group") { $groupID = $_GET['group']; $page = $_GET['page']; $groupName2 = str_replace("\'", "\\'", $_POST['groupName']); $groupDesc = str_replace("\r\n\r\n", "

", $_POST['groupDesc']); $groupDesc = str_replace("\r\n", "
", $groupDesc); $groupDesc = str_replace("\'", "\\'", $groupDesc); if($_POST['link1'] != '') { $links .= $_POST['link1'].":!:"; if($_POST['linkdest1'] != '') { $links .= $_POST['linkdest1'].":!:"; } else { $links .= "Other External Site:!:"; } } if($_POST['link2'] != '') { $links .= $_POST['link2'].":!:"; if($_POST['linkdest2'] != '') { $links .= $_POST['linkdest2'].":!:"; } else { $links .= "Other External Site:!:"; } } if($_POST['link3'] != '') { $links .= $_POST['link3'].":!:"; if($_POST['linkdest3'] != '') { $links .= $_POST['linkdest3'].":!:"; } else { $links .= "Other External Site:!:"; } } if($_POST['link4'] != '') { $links .= $_POST['link4'].":!:"; if($_POST['linkdest4'] != '') { $links .= $_POST['linkdest4'].":!:"; } else { $links .= "Other External Site:!:"; } } if($_POST['link5'] != '') { $links .= $_POST['link5'].":!:"; if($_POST['linkdest5'] != '') { $links .= $_POST['linkdest5'].":!:"; } else { $links .= "Other External Site:!:"; } } mysql_connect('localhost', 'root'); $query = "UPDATE groups SET groupID='$groupID',groupName='$groupName2',groupDesc='$groupDesc',links='$links' WHERE groupID=$groupID"; mysql_query($query); Header("Location: admin.php?page=$page"); } if($_POST['myaction'] === "Edit Project") { require("fileupload-class.php"); //UPLOAD SCRIPT BEGIN $path = "uploads/"; $upload_file_name = "projectpicture"; $default_extension = ""; $mode = 2; // Create a new instance of the class $my_uploader = new uploader; // OPTIONAL: set the max filesize of uploadable files in bytes $my_uploader->max_filesize(1000000); // OPTIONAL: if you're uploading images, you can set the max pixel dimensions $my_uploader->max_image_size(600, 600); /* max_image_size($width, $height) */ // UPLOAD the file /* upload(file name[, acceptable mime types[, default extenstion]]) */ if ($my_uploader->upload($upload_file_name, $acceptable_file_types, $default_extension)) { $success = $my_uploader->save_file($path, $mode); } $projectID = $_GET['project']; $page = $_GET['page']; $projectName = str_replace("''", "\"", $_POST['projectName']); $projectName = str_replace("\'", "\\'", $projectName); $projectDesc = str_replace("\r\n\r\n", "

", $_POST['projectDesc']); $projectDesc = str_replace("\r\n", "
", $projectDesc); $projectDesc = str_replace("\'", "\\'" , $projectDesc); $relevantGroup = "!".$_POST['relevantGroup']."!"; $entry = mysql_fetch_array(mysql_query("SELECT * FROM projects WHERE projectID=$projectID")); $highlighted = $entry[highlighted]; if ($success) { $pictureURL = $my_uploader->file['name']; } else { $pictureURL = $entry[pictureURL]; } mysql_connect('localhost', 'root'); $query = "UPDATE projects SET projectID='$projectID', highlighted='$highlighted', projectName='$projectName', projectDesc='$projectDesc', pictureURL='$pictureURL', relevantGroup='$relevantGroup' WHERE projectID=$projectID"; mysql_query($query); Header("Location: admin.php?page=$page"); } if($_POST['myaction'] === "Make Changes") { if($_POST['link1'] != '') { $links .= $_POST['link1'].":!:"; if($_POST['linkdest1'] != '') { $links .= $_POST['linkdest1'].":!:"; } else { $links .= "Other External Site:!:"; } } if($_POST['link2'] != '') { $links .= $_POST['link2'].":!:"; if($_POST['linkdest2'] != '') { $links .= $_POST['linkdest2'].":!:"; } else { $links .= "Other External Site:!:"; } } if($_POST['link3'] != '') { $links .= $_POST['link3'].":!:"; if($_POST['linkdest3'] != '') { $links .= $_POST['linkdest3'].":!:"; } else { $links .= "Other External Site:!:"; } } if($_POST['link4'] != '') { $links .= $_POST['link4'].":!:"; if($_POST['linkdest4'] != '') { $links .= $_POST['linkdest4'].":!:"; } else { $links .= "Other External Site:!:"; } } if($_POST['link5'] != '') { $links .= $_POST['link5'].":!:"; if($_POST['linkdest5'] != '') { $links .= $_POST['linkdest5'].":!:"; } else { $links .= "Other External Site:!:"; } } $query2 = "UPDATE vitals SET links = '$links' LIMIT 1"; mysql_query($query2); $query = "SELECT * FROM projects ORDER BY projectName"; $result = mysql_query($query); for ($i = 0; $i < mysql_num_rows($result); $i++) { $entry = mysql_fetch_array($result); $projectFormName = "project_$entry[projectID]"; $checkValue = $_POST["$projectFormName"]; $projectID = $entry[projectID]; if($checkValue != "") { $query2 = "UPDATE projects SET highlighted = '1' WHERE projectID = '$projectID' LIMIT 1"; mysql_query($query2); } else { $query2 = "UPDATE projects SET highlighted = '0' WHERE projectID = '$projectID' LIMIT 1"; mysql_query($query2); } } } } if($_GET['page'] != '') { $page = $_GET['page']; if($page == 0) { $pageName = "Main Admin"; $content .="$deptAbbv Main Site Administration

"; $query = "SELECT * FROM projects ORDER BY projectName"; $result = mysql_query($query); $content .= "

 

Please select the projects to be highlighted on the $deptAbbv front page:

\n"; $content .= ""; for ($i = 0; $i < mysql_num_rows($result); $i++) { $entry = mysql_fetch_array($result); if($entry[highlighted] == 0) { $checkvalue = ""; } else { $checkvalue = "checked"; } $groupName2 = localGroups($entry[relevantGroup]); $content .= "\n\n"; } $query = "SELECT * FROM vitals"; $result = mysql_query($query); $entry = mysql_fetch_array($result); $answer = array(); $answer = localLinks($entry[links]); $link1 = $answer[1][0]; $link2 = $answer[1][2]; $link3 = $answer[1][4]; $link4 = $answer[1][6]; $link5 = $answer[1][8]; $linkdest1 = $answer[1][1]; $linkdest2 = $answer[1][3]; $linkdest3 = $answer[1][5]; $linkdest4 = $answer[1][7]; $linkdest5 = $answer[1][9]; $content .="
Highlight?Project
"; $content .= "$entry[projectName] - $groupName2

 

Enter some links for the Relevant Links section on the front page:

\n \n \n \n \n \n \n
Site TitleURL

 

"; } else if($page == 1) { $pageName = "Edit Papers"; $paperID = $_GET['paper']; $query2 = "SELECT * FROM papers WHERE paperID=$paperID"; $result2 = mysql_query($query2); $entry2 = mysql_fetch_array($result2); $authors = extAuthors($entry2[extAuthors], 1); $test = array(); $authorList = array(); for($j = 0; $j < 5; $j++) { if ( !is_numeric($authors[3][$j]) && $authors[3][$j] != "") { $otherSelected = "SELECTED"; $test[$j] = $authors[3][$j]; } else { $otherSelected = ''; } $authorList[$j] .= ""; $query = "SELECT * FROM people WHERE type = 'researcher'"; $result = mysql_query($query); for ($i = 0; $i < mysql_num_rows($result); $i++) { $entry = mysql_fetch_array($result); if($entry[personID] == $authors[3][$j]) { $selected = "SELECTED"; } else { $selected = ""; } $authorList[$j] .= "\n"; } } $groupList .= ""; $query = "SELECT * FROM groups"; $result = mysql_query($query); for ($i = 0; $i < mysql_num_rows($result); $i++) { $entry = mysql_fetch_array($result); if($entry[groupID] == localGroups($entry2[localGroups], 1)) { $selected = "SELECTED"; } else { $selected = ""; } $groupList .= "\n"; } $content .="

 

\nEdit Paper:

\n

\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
Paper Title
Authors

(Will be placed into the database in this order)

\n \n \n \n \n \n \n
Relevant Group
Journal
Year Published
Paper Status
(submitted, in review, etc.)
Upload File

Note: Depending on the file size and the speed of your connection, this upload may take a few minutes after pressing 'Edit Paper'. Please be patient.

"; } else if($page == 2) { $pageName = "Edit People"; $personID = $_GET['person']; $query2 = "SELECT * FROM people WHERE personID=$personID"; $result2 = mysql_query($query2); $entry2 = mysql_fetch_array($result2); $groupList .= ""; $query = "SELECT * FROM groups"; $result = mysql_query($query); for ($i = 0; $i < mysql_num_rows($result); $i++) { $entry = mysql_fetch_array($result); if($entry[groupID] == localGroups($entry2[groups],1)) { $selected = "SELECTED"; } else { $selected = ""; } $groupList .= "\n"; } if($entry2[type] == "researcher") { $resSelected = "SELECTED"; $staffSelected = ""; } else if($entry2[type] == "staff") { $resSelected = ""; $staffSelected = "SELECTED"; } else { $resSelected = ""; $staffSelected = ""; } $typeList .= ""; $typeList .= " \n"; $officeLoc = str_replace("(", "", $entry2[officeLoc]); $officeLoc = str_replace(")", "", $officeLoc); $personDesc = str_replace("

", "\r\n\r\n", $entry2['description']); $personDesc = str_replace("
", "\r\n", $personDesc); $content .="

Edit Person:

\n

\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n
First Name
Last Name
Title
Office Location
Phone Number
Description
(HTML OK)
Group
Type
Upload Photo

Note: Depending on the file size and the speed of your connection, this upload may take a few minutes after pressing 'Edit Person'. Please be patient.

"; } else if($page == 3) { $pageName = "Edit Groups"; $groupID = $_GET['group']; $query2 = "SELECT * FROM groups WHERE groupID=$groupID"; $result2 = mysql_query($query2); $entry2 = mysql_fetch_array($result2); $links = array(); $answer = localLinks($entry2[links]); $link1 = $answer[1][0]; $link2 = $answer[1][2]; $link3 = $answer[1][4]; $link4 = $answer[1][6]; $link5 = $answer[1][8]; $linkdest1 = $answer[1][1]; $linkdest2 = $answer[1][3]; $linkdest3 = $answer[1][5]; $linkdest4 = $answer[1][7]; $linkdest5 = $answer[1][9]; $groupDesc = str_replace("

", "\r\n\r\n", $entry2['groupDesc']); $groupDesc = str_replace("
", "\r\n", $groupDesc); $content .="

\nEdit Group:

\n

\n \n \n \n \n \n \n \n \n
Group Name
Description
(HTML OK)
Relevant Links

(Will be placed into the database in this order)

\n \n \n \n \n \n \n \n
Site TitleURL

"; } else if($page == 4) { $pageName = "Edit Projects"; $projectID = $_GET['project']; $query2 = "SELECT * FROM projects WHERE projectID=$projectID"; $result2 = mysql_query($query2); $entry2 = mysql_fetch_array($result2); $groupList .= ""; $query = "SELECT * FROM groups"; $result = mysql_query($query); for ($i = 0; $i < mysql_num_rows($result); $i++) { $entry = mysql_fetch_array($result); if($entry[groupID] == localGroups($entry2[relevantGroup],1)) { $selected = "SELECTED"; } else { $selected = ""; } $groupList .= "\n"; } $projectName = str_replace("\"", "''", $entry2['projectName']); $projectDesc = str_replace("

", "\r\n\r\n", $entry2['projectDesc']); $projectDesc = str_replace("
", "\r\n", $projectDesc); $content .="Edit Project:

\n

\n \n \n \n \n \n \n \n \n \n \n
Project Name
Description
(HTML OK)
Relevant Group \n \n
Upload Picture

"; } } else { $content .= "Please select a management task.

 

Main Site Administration

Add/Delete Papers

Add/Delete People

Add/Delete Groups

Add/Delete Projects"; } ?> <?php print $deptName ?>
> Administration >
- - , -