One Hat Cyber Team
Your IP :
216.73.216.24
Server IP :
194.44.31.54
Server :
Linux zen.imath.kiev.ua 4.18.0-553.77.1.el8_10.x86_64 #1 SMP Fri Oct 3 14:30:23 UTC 2025 x86_64
Server Software :
Apache/2.4.37 (Rocky Linux) OpenSSL/1.1.1k
PHP Version :
5.6.40
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
home
/
nosc
/
public_html
/
admin
/
Edit File:
add_remove_authors.php3~
<? $page_title="Add/Remove authors for Article no. $id_selected"; $related_page="manage_articles.php3"; require("../auth/auth.php3"); require("defs_articles.php3"); switch ($aa_browse_todo) { case "Accept": mysql_db_query($database, "delete from AA where article_id='$id_selected' "); mysql_db_query($database, "replace into AA (author_id, article_id, author_ambition) select author_id, article_id, author_ambition from AA_temp where article_id='$id_selected' "); header("Location: manage_articles_action.php3?id_selected=$id_selected&todo=modify"); break; case "Discard": header("Location: manage_articles_action.php3?id_selected=$id_selected&todo=modify"); break; case "Remove": require("header.inc"); if ($aa_browse_selected) { //echo "removing author $aa_browse_selected for article $id_selected"; $res_au_remove = mysql_db_query($database, "delete from AA_temp where article_id='$id_selected' and author_id='$aa_browse_selected' "); } //if selected else echo "<div class=dark><p align=center>No command specified!</p></div>"; $aa_browse_todo="-1"; break; default: //echo "not remove"; require("header.inc"); break; } //switch echo "<body>"; /* ----------------------------------------------- */ //add authors (form) $res_au = mysql_db_query($database,"SELECT id, last_name, first_name, middle_name, city, affiliation FROM Authors ORDER BY last_name, first_name, middle_name, city"); //if(!$res_au) die(mysql_error("Cannot look into the Authors table!")); //echo "todo=$todo [aa]<br> ar_number (=id_sel) is $id_selected<br>"; echo "<div class=entry>"; echo "<H2>Selection of authors for ".article_link($id_selected)."</h2>"; echo "<div><h3><em>All the persons registered in the authors table:</em></h3>"; echo "<div class=control>"; print("<FORM METHOD=\"POST\" ACTION=\"add_remove_authors.php3\">"); print("<input type=\"hidden\" name=\"id_selected\" value=\"$id_selected\">\n"); print("<input type=\"hidden\" name=\"todo\" value=\"$todo\">\n"); echo "<center>"; //all the entries of the authors table (a menu) echo "<SELECT NAME=\"aa_add_selected\" >\n"; while($row = mysql_fetch_array($res_au)) { print("<OPTION VALUE=\"$row[id]\">$row[last_name], $row[first_name] $row[middle_name] ($row[city]), no. $row[id]</OPTION>\n"); } echo "</SELECT><br>"; echo "<input type=\"submit\" name=aa_todo value=\"Select for Article no. $id_selected\">\n"; echo "</center> </div> "; //if ($aa_add_selected) if ($aa_todo=="Select for Article no. $id_selected") { /* add an author */ /* echo "aa_add_selected=$aa_add_selected (author); id_selected=$id_selected (article)"; */ $res_aa_verify = mysql_db_query($database,"SELECT id, author_id, article_id FROM AA_temp WHERE author_id='$aa_add_selected' AND article_id= '$id_selected' "); //mysql_free_result; if ( $q = mysql_fetch_array($res_aa_verify) ) { /* echo " (Found id=$q[id], au_id=$q[author_id], art_id=$q[article_id]) "; */ } else { //echo "inserting"; // look for other authors ambitions $res_other = mysql_db_query($database, "SELECT author_ambition FROM AA_temp WHERE article_id='$id_selected' ORDER BY author_ambition"); while ($other=mysql_fetch_array($res_other)) { //other while (list($key,$val) = each($other) ) { $new_ambition=$val; /* echo "key=$key, val=$val"; */ } /* echo "amb= $new_ambition <br>"; */ }//other $new_ambition++; $res_aa_replace = mysql_db_query($database,"INSERT INTO AA_temp (author_id,article_id,author_ambition) VALUES ('$aa_add_selected', '$id_selected', '$new_ambition' )"); if(!$res_aa_replace) die(mysql_error()); //$aa_add_selected=0; echo "purged<br>"; } //inserting } print("</FORM>"); echo "</div>"; // actions performed; can output the results //-------------------------- //now actually list the authors $res_aa_read = mysql_db_query($database,"SELECT id,author_id, article_id, author_ambition FROM AA_temp WHERE article_id='$id_selected' ORDER BY author_ambition"); echo "<div>"; //browse authors print("<FORM METHOD=\"POST\" ACTION=\"add_remove_authors.php3\">"); /* print("<input type=\"hidden\" name=\"aa_browse_selected\" value=\"$aa_browse_selected\">\n"); */ print("<input type=\"hidden\" name=\"id_selected\" value=\"$id_selected\">\n"); print("<input type=\"hidden\" name=\"todo\" value=\"$todo\">\n"); echo "<H3><em>The authors of ".article_link($id_selected).":</em></H3>"; echo "<center>"; echo "<select name=\"aa_browse_selected\" size=5>\n"; while($row = mysql_fetch_array($res_aa_read)) { $res_au_read = mysql_db_query($database, "select id, last_name, first_name,middle_name, city, affiliation from Authors where id='$row[author_id]'"); if ($au_entry = mysql_fetch_array($res_au_read)) { echo "<option value=\"$au_entry[id]\">$au_entry[last_name], $au_entry[first_name] $au_entry[middle_name] ($au_entry[city]), no. $au_entry[id]"; /* $res_check_AA = mysql_db_query($database, "SELECT author_id, article_id FROM AA WHERE author_id='$au_entry[id]' AND article_id='$id_selected' "); if (!mysql_fetch_array($res_check_AA)) echo " [NOT SAVED]"; */ echo "</option>\n"; } //$au_entry contains sth else echo "Authors table is incomplete: could not find authors with id='$row[author_id]'!"; } //row echo "</select></center>"; echo "<div class=menu><center>"; /* echo "<input type=\"submit\" name=aa_browse_todo value=\"Promote\">   \n"; */ echo "<input type=\"submit\" name=aa_browse_todo value=\"Remove\">"; echo "<center><small>Please take care to select the authors in the proper order. To accept the changes, please choose ``Accept'' in the form below. </small></center>"; //echo "<input type=\"submit\" name=aa_browse_todo value=\"Demote\">\n"; echo "</center></div>"; echo "</form>"; /* print("<input type=\"hidden\" name=\"id_selected\" value=\"$id_selected\">\n"); print("<input type=\"hidden\" name=\"todo\" value=\"$todo\">\n"); print("<input type=\"hidden\" name=\"aa_add_selected\" value=\"$aa_add_selected\">\n"); print("<input type=\"hidden\" name=\"aa_browse_selected\" value=\"$aa_browse_selected\">\n"); */ echo "</form>"; echo "</DIV>"; echo "<div class=control>"; echo "<DL><DT><h3 class=control>Accept the changes for ".article_link($id_selected,"control")."?</h3>"; echo "<form action=add_remove_authors.php3 method=post>"; print("<input type=\"hidden\" name=\"id_selected\" value=\"$id_selected\">\n"); echo "<DD><input type=radio name=aa_browse_todo value=\"Discard\"> <font color=$alert_colour>Discard</font>"; echo "<DD><input type=radio name=aa_browse_todo checked value=\"Accept\"> Accept"; echo "</DL><center><input type=submit value=\"Proceed\"></center>"; echo "</form>"; echo "</DIV>"; echo "</div>"; require ("footer.php3"); ?>
Simpan