One Hat Cyber Team
Your IP :
216.73.216.24
Server IP :
194.44.31.54
Server :
Linux zen.imath.kiev.ua 4.18.0-553.77.1.el8_10.x86_64 #1 SMP Fri Oct 3 14:30:23 UTC 2025 x86_64
Server Software :
Apache/2.4.37 (Rocky Linux) OpenSSL/1.1.1k
PHP Version :
5.6.40
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
home
/
nosc
/
public_html
/
admin
/
View File Name :
manage_articles_authors.php
<? $lang=take_variable('lang'); // Remove, etc.: the scripts (perform the selected action) switch ($aa_browse_todo) { case "Remove": if ($aa_browse_selected) { //echo "removing author $aa_browse_selected for article $id_selected"; $res_au_remove = mysql_db_query($database, "delete from AA_temp where article_id='$id_selected' and author_id='$aa_browse_selected' "); } //if selected else echo "<div class=dark><p align=center>No command specified!</p></div>"; $aa_browse_todo="-1"; break; case "Promote": //the corresponding button is inactive; this code does not play! //find out what Author entry we are dealing with $res_this = mysql_db_query($database, "SELECT id, author_id, author_ambition from AA_temp WHERE article_id='$id_selected' AND author_id='$aa_browse_selected' ORDER BY author_ambition, author_id"); //it should be the only element: $this = mysql_fetch_array($res_this); echo "in article $id_selected, author $aa_browse_selected has ambition $this[author_ambition] "; $res_other = mysql_db_query($database, "SELECT id,author_ambition FROM AA_temp WHERE article_id='$id_selected' AND author_ambition < '$this[author_ambition]' ORDER BY author_ambition"); echo "aa_browse_selected=$aa_browse_selected (i.e., author id)<br>"; $other = mysql_fetch_array($res_other); while ($other ) { $other_prev = $other; /* if ($other[author_ambition] >= $this[author_ambition]) { break; //the data stream is ordered by ambition (ascending) } else */ { // do nothing echo " amb=$other[author_ambition]<br> "; } $other = mysql_fetch_array($res_other); } echo "candidate ambition = $other_prev[author_ambition]"; $res_candidate = mysql_db_query($database, "SELECT id, author_id, article_id, author_ambition FROM AA_temp WHERE id='$other_prev[id]' ORDER BY author_ambition"); //should be unique, but--- while ($candidate=mysql_fetch_array($res_candidate)) { //candidate echo "<br>cand aid=$candidate[author_id], cand art=$candidate[article_id], can amb=$candidate[author_ambition], candidate_id=$candidate[id]"; $old_this_amb = $this[author_ambition]; echo "<br>old_this_amb=$old_this_amb; <br>"; $q_other = mysql_db_query($database,"update AA_temp set author_ambition=$candidate[author_ambition] where author_id=$this[author_id] HAVING article_id='$this[article_id]' "); $q_this = mysql_db_query($database,"UPDATE AA_temp SET author_ambition=$this[author_ambition] WHERE id='$candidate[id] "); //$q_other = mysql_db_query($database,"UPDATE AA_temp SET //author_ambition='$candidate[author_ambition]' WHERE id='$ti' "); }//candidate $aa_browse_todo="-1"; default: // essential that not "Remove" // read the related data from AA (if there are any) and put it // into AA_temp $fetch_AA = mysql_db_query($database,"SELECT author_id, article_id, author_ambition FROM AA WHERE article_id='$id_selected' "); while ( $entry_AA = mysql_fetch_array($fetch_AA) ) { $res_verify_AA_temp = mysql_db_query($database,"SELECT author_id, article_id, author_ambition FROM AA_temp WHERE article_id='$id_selected' AND author_id='$entry_AA[author_id]' "); if (!mysql_fetch_array($res_verify_AA_temp)) $res_aa_read_into_aa_temp = mysql_db_query($database,"REPLACE INTO AA_temp (AA_temp.author_id, AA_temp.article_id, AA_temp.author_ambition) SELECT AA.author_id, AA.article_id, AA.author_ambition FROM AA WHERE AA.article_id='$id_selected' "); } //fill in AA_temp break; } //switch //add authors (form) $res_au = mysql_db_query($database,"SELECT id, last_name, first_name, middle_name, city, affiliation FROM Authors ORDER BY last_name, first_name, middle_name, city"); if(!$res_au) die(mysql_error("cannot look into the Authors table!")); //echo "todo=$todo [aa]<br> ar_number (=id_sel) is $id_selected<br>"; echo "<div>"; echo "<H3>Selection of the <font color=\"$mandatory_colour\">authors</font>* for Article no. $entry[id]</H3>"; echo "<div><h3><em>All the persons registered in the authors table:</em></h3>"; echo "<div class=control>"; print("<FORM METHOD=\"POST\" ACTION=\"manage_articles_action.php\">"); print("<input type=\"hidden\" name=\"id_selected\" value=\"$id_selected\">\n"); print("<input type=\"hidden\" name=\"todo\" value=\"$todo\">\n"); echo "<center>"; //all the entries of the authors table (a menu) echo "<SELECT NAME=\"aa_add_selected\" >\n"; while($row = mysql_fetch_array($res_au)) { print("<OPTION VALUE=\"$row[id]\">$row[last_name], $row[first_name] $row[middle_name] ($row[city]), no. $row[id]</OPTION>\n"); } echo "</SELECT><br>"; echo "<input type=\"submit\" name=aa_todo value=\"Accept for Article no. $id_selected\">\n"; echo "</center> </div> "; //if ($aa_add_selected) if ($aa_todo=="Accept for Article no. $id_selected") { /* add an author */ /* echo "aa_add_selected=$aa_add_selected (author); id_selected=$id_selected (article)"; */ $res_aa_verify = mysql_db_query($database,"SELECT id, author_id, article_id FROM AA_temp WHERE author_id='$aa_add_selected' AND article_id= '$id_selected' "); //mysql_free_result; if ( $q = mysql_fetch_array($res_aa_verify) ) { /* echo " (Found id=$q[id], au_id=$q[author_id], art_id=$q[article_id]) "; */ } else { //echo "inserting"; // look for other authors ambitions $res_other = mysql_db_query($database, "SELECT author_ambition FROM AA_temp WHERE article_id='$id_selected' ORDER BY author_ambition"); while ($other=mysql_fetch_array($res_other)) { //other while (list($key,$val) = each($other) ) { $new_ambition=$val; /* echo "key=$key, val=$val"; */ } /* echo "amb= $new_ambition <br>"; */ }//other $new_ambition++; $res_aa_replace = mysql_db_query($database,"INSERT INTO AA_temp (author_id,article_id,author_ambition) VALUES ('$aa_add_selected', '$id_selected', '$new_ambition' )"); if(!$res_aa_replace) die(mysql_error()); //$aa_add_selected=0; echo "purged<br>"; } //inserting } print("</FORM>"); echo "</div>"; // actions performed; can output the results //-------------------------- //now actually list the authors $res_aa_read = mysql_db_query($database,"SELECT id,author_id, article_id, author_ambition FROM AA_temp WHERE article_id='$id_selected' ORDER BY author_ambition"); echo "<div>\n"; //browse authors print("<FORM METHOD=\"POST\" ACTION=\"manage_articles_action.php\">"); echo pass("lang",$lang); /* print("<input type=\"hidden\" name=\"aa_browse_selected\" value=\"$aa_browse_selected\">\n"); */ print("<input type=\"hidden\" name=\"id_selected\" value=\"$id_selected\">\n"); print("<input type=\"hidden\" name=\"todo\" value=\"$todo\">\n"); echo "<H3><em>The authors of Article no. $id_selected:</em></H3>"; echo "<center>"; echo "<select name=\"aa_browse_selected\" size=5>\n"; while($row = mysql_fetch_array($res_aa_read)) { $res_au_read = mysql_db_query($database, "select id, last_name, first_name,middle_name, city, affiliation from Authors where id='$row[author_id]'"); if ($au_entry = mysql_fetch_array($res_au_read)) { echo "<option value=\"$au_entry[id]\">$au_entry[last_name], $au_entry[first_name] $au_entry[middle_name] ($au_entry[city]), no. $au_entry[id]"; $res_check_AA = mysql_db_query($database, "SELECT author_id, article_id FROM AA WHERE author_id='$au_entry[id]' AND article_id='$id_selected' "); if (!mysql_fetch_array($res_check_AA)) echo " [NOT SAVED]"; echo "</option>\n"; } //$au_entry contains sth else echo "Authors table is incomplete: could not find authors with id='$row[author_id]'!"; } //row echo "</select></center>"; echo "<div class=menu><center>"; /* echo "<input type=\"submit\" name=aa_browse_todo value=\"Promote\">   \n"; */ echo "<input type=\"submit\" name=aa_browse_todo value=\"Remove\">"; echo "<center><small>Please take care to select the authors in the proper order. The items which have not already been saved into the main database are marked with the words ``NOT SAVED''. To accept the changes, please select ``Proceed'' in the form at the end of the page. </small></center>"; //echo "<input type=\"submit\" name=aa_browse_todo value=\"Demote\">\n"; echo "</center></div>"; echo "</form>"; /* print("<input type=\"hidden\" name=\"id_selected\" value=\"$id_selected\">\n"); print("<input type=\"hidden\" name=\"todo\" value=\"$todo\">\n"); print("<input type=\"hidden\" name=\"aa_add_selected\" value=\"$aa_add_selected\">\n"); print("<input type=\"hidden\" name=\"aa_browse_selected\" value=\"$aa_browse_selected\">\n"); */ echo "</form>"; echo "</DIV> </div>"; ?>