// If there's no stored message available:
if (!isset($_SESSION['HeaderString'])) {
$HeaderString = "Display details for a particular record by entering its record identifier:";
} else {
$HeaderString = $_SESSION['HeaderString'];
// extract 'HeaderString' session variable (only necessary if register globals is OFF!)
// Note: though we clear the session variable, the current message is still available to this script via '$HeaderString':
deleteSessionVariable("HeaderString");
// function 'deleteSessionVariable()' is defined in 'include.inc.php'
}
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// DISPLAY header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- " . $loc["ShowRecord"], "index,follow", "Search the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// Define variables holding drop-down elements, i.e. build properly formatted <option> tag elements:
$dropDownConditionalsArray = array("is equal to" => $loc["equal to"], "contains" => $loc["contains"], "is within list" => $loc["is within list"]);
$dropDownItems1 = buildSelectMenuOptions($dropDownConditionalsArray, "//", "\t\t\t", true);
// function 'buildSelectMenuOptions()' is defined in 'include.inc.php'
$dropDownFieldNameArray = array("serial" => $loc["DropDownFieldName_Serial"]);
if (isset($_SESSION['loginEmail'])) {
// add drop down items for user-specific record identifiers:
$dropDownFieldNameArray["call_number"] = $loc["DropDownFieldName_MyCallNumber"];
$dropDownFieldNameArray["cite_key"] = $loc["DropDownFieldName_MyCiteKey"];
// adjust the width of the table cell holding the drop down:
$recordIDCellWidth = "140";
} else {
$recordIDCellWidth = "85";
}
$HeaderString = $rowOffset + 1 . "–" . $showMaxRow . " of " . $rowsFound . $HeaderString;
} elseif ($rowsFound == 0) {
$HeaderString = $rowsFound . $HeaderString;
}
} else {
$HeaderString = $_SESSION['HeaderString'];
// extract 'HeaderString' session variable (only necessary if register globals is OFF!)
// Note: though we clear the session variable, the current message is still available to this script via '$HeaderString':
deleteSessionVariable("HeaderString");
// function 'deleteSessionVariable()' is defined in 'include.inc.php'
}
// Now, show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// Then, call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- Manage Users", "noindex,nofollow", "Administration page that lists users of the " . encodeHTML($officialDatabaseName) . ", with links for adding, editing or deleting any users", "", true, "", $viewType, array());
if (!preg_match("/^(Print|Mobile)\$/i", $viewType)) {
// Note: we omit the visible header in print/mobile view! ('viewType=Print' or 'viewType=Mobile')
showPageHeader($HeaderString);
}
// (4b) DISPLAY results:
showUsers($result, $rowsFound, $query, $queryURL, $showQuery, $showLinks, $rowOffset, $showRows, $previousOffset, $nextOffset, $showMaxRow, $viewType, $displayType);
// show all users
// ----------------------------------------------
// (5) CLOSE the database connection:
disconnectFromMySQLDatabase();
// function 'disconnectFromMySQLDatabase()' is defined in 'include.inc.php'
// --------------------------------------------------------------------
// Display all users listed within the 'users' table
function showUsers($result, $rowsFound, $query, $queryURL, $showQuery, $showLinks, $rowOffset, $showRows, $previousOffset, $nextOffset, $showMaxRow, $viewType, $displayType)
{
$row = mysql_fetch_array($result);
// fetch the current row into the array $row
// If the admin is logged in AND the displayed user data are NOT his own, we overwrite the default header message:
// (Since the admin is allowed to view and edit account data from other users, we have to provide a dynamic header message in that case)
if ($loginEmail == $adminLoginEmail && !empty($userID) && $userID != getUserID($loginEmail)) {
// ('$adminLoginEmail' is specified in 'ini.inc.php')
$HeaderString = "Edit account options for <b>" . encodeHTML($row["first_name"]) . " " . encodeHTML($row["last_name"]) . " (" . $row["email"] . ")</b>:";
} elseif (empty($userID)) {
$HeaderString = "Edit account options for anyone who isn't logged in:";
}
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (4) DISPLAY header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- User Options", "noindex,nofollow", "User options offered by the " . encodeHTML($officialDatabaseName), "\n\t<meta http-equiv=\"expires\" content=\"0\">", true, "", $viewType, array());
showPageHeader($HeaderString);
// --------------------------------------------------------------------
if (empty($errors)) {
// Reset the '$formVars' variable (since we're loading from the user tables):
$formVars = array();
// Reset the '$errors' variable:
$errors = array();
// Load all the form variables with user data & options:
$formVars["language"] = $row["language"];
}
// Initialize variables which will set form elements according to the current user's options:
// Get all user options for the current user:
$userOptionsArray = getUserOptions($userID);
// function 'getUserOptions()' is defined in 'include.inc.php'
// Display Options:
deleteSessionVariable("HeaderString");
// function 'deleteSessionVariable()' is defined in 'include.inc.php'
}
// Extract the view type requested by the user (either 'Mobile', 'Print', 'Web' or ''):
// ('' will produce the default 'Web' output style)
if (isset($_REQUEST['viewType'])) {
$viewType = $_REQUEST['viewType'];
} else {
$viewType = "";
}
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (2a) Display header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- Extract Citations", "index,follow", "Search the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// (2b) Start <form> and <table> holding the form elements:
echo "\n<form action=\"search.php\" method=\"POST\">";
echo "\n<input type=\"hidden\" name=\"formType\" value=\"extractSearch\">" . "\n<input type=\"hidden\" name=\"submit\" value=\"Cite\">";
// provide a default value for the 'submit' form tag. Otherwise, some browsers may not recognize the correct output format when a user hits <enter> within a form field (instead of clicking the "Cite" button)
if (!isset($_SESSION['user_styles'])) {
$citeStyleDisabled = " disabled";
} else {
$citeStyleDisabled = "";
}
if (!isset($_SESSION['user_cite_formats'])) {
$citeFormatDisabled = " disabled";
} else {
$citeFormatDisabled = "";
}
function showQueryPage($operation, $viewType, $showRows, $rowOffset)
{
global $officialDatabaseName;
// defined in 'ini.inc.php'
global $displayType;
global $loc;
// defined in 'locales/core.php'
global $client;
// If there's no stored message available:
if (!isset($_SESSION['HeaderString'])) {
$HeaderString = $loc["SearchDB"] . ":";
} else {
$HeaderString = $_SESSION['HeaderString'];
// extract 'HeaderString' session variable (only necessary if register globals is OFF!)
// Note: though we clear the session variable, the current message is still available to this script via '$HeaderString':
deleteSessionVariable("HeaderString");
// function 'deleteSessionVariable()' is defined in 'include.inc.php'
}
// For HTML output, we'll need to reset the value of the '$displayType' variable
// (which, by default, is set to "Export"; see above); otherwise, the 'originalDisplayType'
// parameter in the 'quickSearch' form of the page header would be incorrectly set to "Export"
$displayType = "";
// if '$displayType' is empty, 'show.php' will use the default view that's given in session variable 'userDefaultView'
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// DISPLAY header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- " . $loc["Search"], "index,follow", "Search the " . encodeHTML($officialDatabaseName), "", true, "", $viewType, array());
if (!preg_match("/^Mobile\$/i", $viewType) and !preg_match("/^inc/i", $client)) {
// Note: we omit the visible header in mobile view ('viewType=Mobile') and for include mechanisms!
showPageHeader($HeaderString);
}
// Define variables holding common drop-down elements, i.e. build properly formatted <option> tag elements:
$dropDownConditionals1Array = array("contains" => $loc["contains"], "does not contain" => $loc["contains not"], "is equal to" => $loc["equal to"], "is not equal to" => $loc["equal to not"], "starts with" => $loc["starts with"], "ends with" => $loc["ends with"]);
$dropDownItems1 = buildSelectMenuOptions($dropDownConditionals1Array, "//", "\t\t\t", true);
// function 'buildSelectMenuOptions()' is defined in 'include.inc.php'
$dropDownConditionals2Array = array("is greater than" => $loc["is greater than"], "is less than" => $loc["is less than"], "is within range" => $loc["is within range"], "is within list" => $loc["is within list"]);
$dropDownItems2 = buildSelectMenuOptions($dropDownConditionals2Array, "//", "\t\t\t", true);
$dropDownFieldNames1Array = array("author" => $loc["DropDownFieldName_Author"], "address" => $loc["DropDownFieldName_Address"], "corporate_author" => $loc["DropDownFieldName_CorporateAuthor"], "thesis" => $loc["DropDownFieldName_Thesis"], "", "title" => $loc["DropDownFieldName_Title"], "orig_title" => $loc["DropDownFieldName_OrigTitle"], "", "year" => $loc["DropDownFieldName_Year"], "publication" => $loc["DropDownFieldName_Publication"], "abbrev_journal" => $loc["DropDownFieldName_AbbrevJournal"], "editor" => $loc["DropDownFieldName_Editor"], "", "volume_numeric" => $loc["DropDownFieldName_Volume"], "issue" => $loc["DropDownFieldName_Issue"], "pages" => $loc["DropDownFieldName_Pages"], "", "series_title" => $loc["DropDownFieldName_SeriesTitle"], "abbrev_series_title" => $loc["DropDownFieldName_AbbrevSeriesTitle"], "series_editor" => $loc["DropDownFieldName_SeriesEditor"], "series_volume_numeric" => $loc["DropDownFieldName_SeriesVolume"], "series_issue" => $loc["DropDownFieldName_SeriesIssue"], "", "publisher" => $loc["DropDownFieldName_Publisher"], "place" => $loc["DropDownFieldName_Place"], "", "edition" => $loc["DropDownFieldName_Edition"], "medium" => $loc["DropDownFieldName_Medium"], "issn" => $loc["DropDownFieldName_Issn"], "isbn" => $loc["DropDownFieldName_Isbn"], "", "language" => $loc["DropDownFieldName_Language"], "summary_language" => $loc["DropDownFieldName_SummaryLanguage"], "", "keywords" => $loc["DropDownFieldName_Keywords"], "abstract" => $loc["DropDownFieldName_Abstract"], "", "area" => $loc["DropDownFieldName_Area"], "expedition" => $loc["DropDownFieldName_Expedition"], "conference" => $loc["DropDownFieldName_Conference"], "", "doi" => $loc["DropDownFieldName_Doi"], "url" => $loc["DropDownFieldName_Url"]);
if (isset($_SESSION['loginEmail'])) {
// we only include the 'file' field if the user is logged in
$dropDownFieldNames1Array["file"] = $loc["DropDownFieldName_File"];
}
$dropDownFieldNames1Array[] = "";
$dropDownFieldNames1Array["notes"] = $loc["DropDownFieldName_Notes"];
if (isset($_SESSION['loginEmail'])) {
// we only include the 'location' field if the user is logged in
$dropDownFieldNames1Array["location"] = $loc["DropDownFieldName_Location"];
}
$dropDownFieldNames2Array = array("call_number" => $loc["DropDownFieldName_CallNumber"], "", "serial" => $loc["DropDownFieldName_Serial"], "type" => $loc["DropDownFieldName_Type"], "approved" => $loc["DropDownFieldName_Approved"], "", "created_date" => $loc["DropDownFieldName_CreatedDate"], "created_time" => $loc["DropDownFieldName_CreatedTime"]);
if (isset($_SESSION['loginEmail'])) {
// we only include the 'created_by' field if the user is logged in
$dropDownFieldNames2Array["created_by"] = $loc["DropDownFieldName_CreatedBy"];
}
$dropDownFieldNames2Array[] = "";
$dropDownFieldNames2Array["modified_date"] = $loc["DropDownFieldName_ModifiedDate"];
$dropDownFieldNames2Array["modified_time"] = $loc["DropDownFieldName_ModifiedTime"];
if (isset($_SESSION['loginEmail'])) {
// we only include the 'modified_by' field if the user is logged in
$dropDownFieldNames2Array["modified_by"] = $loc["DropDownFieldName_ModifiedBy"];
}
$dropDownItems3 = buildSelectMenuOptions(array_merge($dropDownFieldNames1Array, $dropDownFieldNames2Array), "//", "\t\t\t", true);
$dropDownConditionals3Array = array("html" => "html", "atom" => "Atom XML", "rss" => "RSS XML", "srw_dc" => "SRW_DC XML", "srw_mods" => "SRW_MODS XML");
$dropDownItems4 = buildSelectMenuOptions($dropDownConditionals3Array, "//", "\t\t\t", true);
// Map CQL indexes to refbase field names:
$indexNamesArray = mapCQLIndexes();
// function 'mapCQLIndexes()' is defined in 'webservice.inc.php'
// --------------------------------------------------------------------
// TODO: when the simple CQL Query Builder interface is done, a call to 'opensearch.php' (or 'opensearch.php?operation=simple')
// should activate that simple GUI-based interface (currently, it activates the advanced interface that you'd normally only
// get via 'opensearch.php?operation=cql' or 'opensearch.php?operation=advanced')
// if (preg_match("/^(advanced|CQL)$/i", $operation))
showQueryFormAdvanced($dropDownItems1, $dropDownItems2, $dropDownItems3, $dropDownItems4, $showRows, $rowOffset, $indexNamesArray, $viewType);
// let's you enter a standard CQL query directly
// else
// showQueryFormSimple($dropDownItems1, $dropDownItems2, $dropDownItems3, $dropDownItems4, $showRows, $rowOffset, $indexNamesArray, $viewType); // let's you build a CQL query via dropdown menues
// --------------------------------------------------------------------
// DISPLAY THE HTML FOOTER:
// call the 'showPageFooter()' and 'displayHTMLfoot()' functions (which are defined in 'footer.inc.php')
if (!preg_match("/^Mobile\$/i", $viewType) and !preg_match("/^inc/i", $client)) {
// Note: we omit the visible footer in mobile view ('viewType=Mobile') and for include mechanisms!
showPageFooter($HeaderString);
}
displayHTMLfoot();
}
function showUserData($userID, $userAction, $connection)
{
global $HeaderString;
global $viewType;
global $loginWelcomeMsg;
global $loginStatus;
global $loginLinks;
global $loginEmail;
global $adminLoginEmail;
global $officialDatabaseName;
global $defaultLanguage;
global $tableUsers;
// defined in 'db.inc.php'
global $loc;
// '$loc' is made globally available in 'core.php'
// CONSTRUCT SQL QUERY:
$query = "SELECT * FROM {$tableUsers} WHERE user_id = " . quote_smart($userID);
// (3) RUN the query on the database through the connection:
$result = queryMySQLDatabase($query);
// function 'queryMySQLDatabase()' is defined in 'include.inc.php'
// (4) EXTRACT results (since 'user_id' is the unique primary key for the 'users' table, there will be only one matching row)
$row = @mysql_fetch_array($result);
// Build the correct header message:
if (!isset($_SESSION['HeaderString'])) {
// if there's no saved message
if ($userAction == "Delete") {
// provide an appropriate header message:
$HeaderString = "<b><span class=\"warning\">Delete user</span> " . encodeHTML($row["first_name"]) . " " . encodeHTML($row["last_name"]) . " (" . $row["email"] . ")</b>:";
} elseif (empty($userID)) {
$HeaderString = "Account details and options for anyone who isn't logged in:";
} else {
// provide the default message:
$HeaderString = "Account details and options for <b>" . encodeHTML($row["first_name"]) . " " . encodeHTML($row["last_name"]) . " (" . $row["email"] . ")</b>:";
}
} else {
$HeaderString = $_SESSION['HeaderString'];
// extract 'HeaderString' session variable (only necessary if register globals is OFF!)
// Note: though we clear the session variable, the current message is still available to this script via '$HeaderString':
deleteSessionVariable("HeaderString");
// function 'deleteSessionVariable()' is defined in 'include.inc.php'
}
// Get the list of "main fields" preferred by the current user:
// NOTE: We have to call function 'getMainFields()' up here since it updates
// session variable 'userMainFields' which gets used in function
// 'buildQuickSearchElements()' (which, in turn, is called from within
// function 'showPageHeader()')
$mainFieldsArray = getMainFields($userID);
// function 'getMainFields()' is defined in 'include.inc.php'
// Get the user's preference for displaying auto-completions:
// (see note for '$mainFieldsArray' which also applies here)
$showAutoCompletions = getPrefAutoCompletions($userID);
// function 'getPrefAutoCompletions()' is defined in 'include.inc.php'
// Map MySQL field names to localized column names:
$fieldNamesArray = mapFieldNames();
// function 'mapFieldNames()' is defined in 'include.inc.php'
$localizedMainFieldsArray = array();
foreach ($mainFieldsArray as $field) {
if (isset($fieldNamesArray[$field])) {
$localizedMainFieldsArray[$field] = $fieldNamesArray[$field];
} else {
// no localized field name exists, so we use the original field name
$localizedMainFieldsArray[$field] = $field;
}
}
// Call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- User Receipt", "noindex,nofollow", "Receipt page confirming correct entry of user details and options for the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// Start main table:
echo "\n<table id=\"accountinfo\" align=\"center\" border=\"0\" cellpadding=\"0\" cellspacing=\"10\" width=\"95%\" summary=\"This table displays user account details and options\">";
echo "\n<tr>" . "\n\t<td valign=\"top\" width=\"28%\">";
// Start left sub-table:
echo "\n\t\t<table id=\"accountdetails\" border=\"0\" cellpadding=\"0\" cellspacing=\"10\" summary=\"User account details\">";
echo "\n\t\t<tr>\n\t\t\t<td align=\"left\"><b>Account Details:</b></td>";
if (mysql_num_rows($result) == 1) {
// Add edit/delete button:
echo "\n\t\t\t<td align=\"left\">";
// If the admin is logged in, allow the display of a button that will delete the currently shown user:
if (isset($_SESSION['loginEmail']) && $loginEmail == $adminLoginEmail) {
if ($userAction == "Delete") {
echo "<a href=\"user_removal.php?userID=" . $userID . "\"><img src=\"img/delete.gif\" alt=\"" . $loc["delete"] . "\" title=\"" . $loc["LinkTitle_DeleteUser"] . "\" width=\"11\" height=\"17\" hspace=\"0\" border=\"0\"></a>";
}
}
if ($userAction != "Delete") {
echo "<a href=\"user_details.php?userID=" . $userID . "\"><img src=\"img/edit.gif\" alt=\"" . $loc["edit"] . "\" title=\"" . $loc["LinkTitle_EditDetails"] . "\" width=\"11\" height=\"17\" hspace=\"0\" border=\"0\"></a>";
}
echo "</td>\n\t\t</tr>";
// Display a password reminder:
// (but only if a normal user is logged in -OR- the admin is logged in AND the updated user data are his own!)
if ($loginEmail != $adminLoginEmail | ($loginEmail == $adminLoginEmail && $userID == getUserID($loginEmail))) {
echo "\n\t\t<tr>\n\t\t\t<td colspan=\"2\"><i>Please record your password somewhere safe for future use!</i></td>\n\t\t</tr>";
}
// Print title, first name, last name and institutional abbreviation:
echo "\n\t\t<tr>\n\t\t\t<td colspan=\"2\">\n\t\t\t\t";
if (!empty($row["title"])) {
echo $row["title"] . ". ";
}
echo encodeHTML($row["first_name"]) . " " . encodeHTML($row["last_name"]) . " (" . encodeHTML($row["abbrev_institution"]) . ")";
// Since the first name, last name and abbrev. institution fields are mandatory, we don't need to check if they're empty
// Print institution name:
if (!empty($row["institution"])) {
echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["institution"]);
}
// Print corporate institution name:
if (!empty($row["corporate_institution"])) {
echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["corporate_institution"]);
}
// If any of the address lines contain data, add a spacer row:
if (!empty($row["address_line_1"]) || !empty($row["address_line_2"]) || !empty($row["address_line_3"]) || !empty($row["zip_code"]) || !empty($row["city"]) || !empty($row["state"]) || !empty($row["country"])) {
echo "\n\t\t\t\t<br>";
}
// Print first address line:
if (!empty($row["address_line_1"])) {
echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["address_line_1"]);
}
// Print second address line:
if (!empty($row["address_line_2"])) {
echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["address_line_2"]);
}
// Print third address line:
if (!empty($row["address_line_3"])) {
echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["address_line_3"]);
}
// Print zip code and city:
if (!empty($row["zip_code"]) && !empty($row["city"])) {
// both fields are available
echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["zip_code"]) . " " . encodeHTML($row["city"]);
} elseif (!empty($row["zip_code"]) && empty($row["city"])) {
// only 'zip_code' available
echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["zip_code"]);
} elseif (empty($row["zip_code"]) && !empty($row["city"])) {
// only 'city' field available
echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["city"]);
}
// Print state:
if (!empty($row["state"])) {
echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["state"]);
}
// Print country:
if (!empty($row["country"])) {
echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["country"]);
}
// If any of the phone/url/email fields contain data, add a spacer row:
if (!empty($row["phone"]) || !empty($row["url"]) || !empty($row["email"])) {
echo "\n\t\t\t\t<br>";
}
// Print phone number:
if (!empty($row["phone"])) {
echo "\n\t\t\t\t<br>\n\t\t\t\t" . "Phone: " . encodeHTML($row["phone"]);
}
// Print URL:
if (!empty($row["url"])) {
echo "\n\t\t\t\t<br>\n\t\t\t\t" . "URL: <a href=\"" . $row["url"] . "\">" . $row["url"] . "</a>";
}
// Print email:
echo "\n\t\t\t\t<br>\n\t\t\t\t" . "Email: <a href=\"mailto:" . $row["email"] . "\">" . $row["email"] . "</a>";
// Since the email field is mandatory, we don't need to check if it's empty
echo "\n\t\t\t</td>\n\t\t</tr>";
} else {
echo "\n\t\t\t<td align=\"right\"></td>\n\t\t</tr>";
echo "\n\t\t<tr>\n\t\t\t<td colspan=\"2\">(none)</td>\n\t\t</tr>";
}
// Close left sub-table:
echo "\n\t\t</table>";
// Close left table cell of main table:
echo "\n\t</td>";
if ($userAction != "Delete") {
// ------------------------------------------------------------
// Start middle table cell of main table:
echo "\n\t<td valign=\"top\">";
// Start middle sub-table:
echo "\n\t\t<table id=\"accountopt\" border=\"0\" cellpadding=\"0\" cellspacing=\"10\" summary=\"User account options\">";
echo "\n\t\t<tr>\n\t\t\t<td align=\"left\"><b>Display Options:</b></td>" . "\n\t\t\t<td align=\"right\">";
if (mysql_num_rows($result) == 1 or $userID == 0) {
// If there's a user associated with this user ID (or if we're supposed to display options/permissions for anyone who isn't logged in)
echo "<a href=\"user_options.php?userID=" . $userID . "\"><img src=\"img/options.gif\" alt=\"" . $loc["options"] . "\" title=\"" . $loc["LinkTitle_EditOptions"] . "\" width=\"11\" height=\"17\" hspace=\"0\" border=\"0\"></a>";
}
echo "</td>\n\t\t</tr>";
// Show the user's selected interface language:
echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>Use language:</td>";
if (mysql_num_rows($result) == 1) {
// If there's a user associated with this user ID
echo "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . $row["language"] . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>";
} else {
// no user exists with this user ID
echo "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . $defaultLanguage . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>";
}
echo "\n\t\t</tr>";
// get the default number of records per page preferred by the current user:
$recordsPerPage = getDefaultNumberOfRecords($userID);
// function 'getDefaultNumberOfRecords()' is defined in 'include.inc.php'
// show the user's default number of records per page:
echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>Show records per page:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . $recordsPerPage . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>";
// show the user's preference for displaying auto-completions:
echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>Show auto-completions:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . $loc[$showAutoCompletions] . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>";
if ($loginEmail == $adminLoginEmail) {
$ShowEnabledDescriptor = "Enabled";
// get all formats/styles/types that are available and were enabled by the admin for the current user:
$userTypesArray = getEnabledUserFormatsStylesTypes($userID, "type", "", false);
// function 'getEnabledUserFormatsStylesTypes()' is defined in 'include.inc.php'
$citationStylesArray = getEnabledUserFormatsStylesTypes($userID, "style", "", false);
$citationFormatsArray = getEnabledUserFormatsStylesTypes($userID, "format", "cite", false);
$exportFormatsArray = getEnabledUserFormatsStylesTypes($userID, "format", "export", false);
} else {
$ShowEnabledDescriptor = "Show";
// get all formats/styles/types that were selected by the current user
// and (if some formats/styles/types were found) save them as semicolon-delimited string to an appropriate session variable:
$userTypesArray = getVisibleUserFormatsStylesTypes($userID, "type", "");
// function 'getVisibleUserFormatsStylesTypes()' is defined in 'include.inc.php'
$citationStylesArray = getVisibleUserFormatsStylesTypes($userID, "style", "");
$citationFormatsArray = getVisibleUserFormatsStylesTypes($userID, "format", "cite");
$exportFormatsArray = getVisibleUserFormatsStylesTypes($userID, "format", "export");
// Note: the function 'getVisibleUserFormatsStylesTypes()' will only update the appropriate session variables if
// either a normal user is logged in -OR- the admin is logged in AND the updated user data are his own(*);
// otherwise, the function will simply return an array containing all matching values
// (*) the admin-condition won't apply here, though, since this function gets only called for normal users. This means, that
// the admin is currently not able to hide any items from his popup lists via the admin interface (he'll need to hack the MySQL tables)!
}
// list types:
echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>" . $ShowEnabledDescriptor . " reference types:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>";
if (empty($userTypesArray)) {
echo "(none)";
} else {
echo implode("</li>\n\t\t\t\t\t<li>", $userTypesArray);
}
echo "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>";
// list styles:
echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>" . $ShowEnabledDescriptor . " citation styles:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>";
if (empty($citationStylesArray)) {
echo "(none)";
} else {
echo implode("</li>\n\t\t\t\t\t<li>", $citationStylesArray);
}
echo "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>";
// list cite formats:
echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>" . $ShowEnabledDescriptor . " citation formats:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>";
if (empty($citationFormatsArray)) {
echo "(none)";
} else {
echo implode("</li>\n\t\t\t\t\t<li>", $citationFormatsArray);
}
echo "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>";
// list export formats:
echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>" . $ShowEnabledDescriptor . " export formats:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>";
if (empty($exportFormatsArray)) {
echo "(none)";
} else {
echo implode("</li>\n\t\t\t\t\t<li>", $exportFormatsArray);
}
echo "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>";
// list all fields that were selected by the current user as "main fields":
echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>\"Main fields\" searches:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>";
if (empty($localizedMainFieldsArray)) {
echo "(none)";
} else {
echo implode("</li>\n\t\t\t\t\t<li>", $localizedMainFieldsArray);
}
echo "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>";
// Close middle sub-table:
echo "\n\t\t</table>";
// Close middle table cell of main table:
echo "\n\t</td>";
// ------------------------------------------------------------
// Start right table cell of main table:
echo "\n\t<td valign=\"top\">";
// Start right sub-table:
echo "\n\t\t<table id=\"accountperm\" border=\"0\" cellpadding=\"0\" cellspacing=\"10\" summary=\"User account permissions\">";
if ($loginEmail == $adminLoginEmail) {
// get all user permissions for the current user:
$userPermissionsArray = getPermissions($userID, "user", false);
// function 'getPermissions()' is defined in 'include.inc.php'
// map raw field names from table 'user_permissions' with items of the global localization array ('$loc'):
$localizedUserPermissionsArray = array('allow_add' => 'UserPermission_AllowAdd', 'allow_edit' => 'UserPermission_AllowEdit', 'allow_delete' => 'UserPermission_AllowDelete', 'allow_download' => 'UserPermission_AllowDownload', 'allow_upload' => 'UserPermission_AllowUpload', 'allow_list_view' => 'UserPermission_AllowListView', 'allow_details_view' => 'UserPermission_AllowDetailsView', 'allow_print_view' => 'UserPermission_AllowPrintView', 'allow_browse_view' => 'UserPermission_AllowBrowseView', 'allow_sql_search' => 'UserPermission_AllowSQLSearch', 'allow_user_groups' => 'UserPermission_AllowUserGroups', 'allow_user_queries' => 'UserPermission_AllowUserQueries', 'allow_rss_feeds' => 'UserPermission_AllowRSSFeeds', 'allow_import' => 'UserPermission_AllowImport', 'allow_export' => 'UserPermission_AllowExport', 'allow_cite' => 'UserPermission_AllowCite', 'allow_batch_import' => 'UserPermission_AllowBatchImport', 'allow_batch_export' => 'UserPermission_AllowBatchExport', 'allow_modify_options' => 'UserPermission_AllowModifyOptions', 'allow_edit_call_number' => 'UserPermission_AllowEditCallNumber');
$enabledUserActionsArray = array();
// initialize array variables
$disabledUserActionsArray = array();
// separate enabled permission settings from disabled ones and assign localized permission names:
foreach ($userPermissionsArray as $permissionKey => $permissionValue) {
if ($permissionValue == 'yes') {
$enabledUserActionsArray[] = $loc[$localizedUserPermissionsArray[$permissionKey]];
} else {
$disabledUserActionsArray[] = $loc[$localizedUserPermissionsArray[$permissionKey]];
}
// append this field's localized permission name to the array of disabled user actions
}
if (empty($enabledUserActionsArray)) {
$enabledUserActionsArray[] = "(none)";
}
if (empty($disabledUserActionsArray)) {
$disabledUserActionsArray[] = "(none)";
}
echo "\n\t\t<tr>\n\t\t\t<td align=\"left\"><b>User Permissions:</b></td>" . "\n\t\t\t<td align=\"right\">";
if (mysql_num_rows($result) == 1 or $userID == 0) {
// If there's a user associated with this user ID (or if we're supposed to display options/permissions for anyone who isn't logged in)
echo "<a href=\"user_options.php?userID=" . $userID . "#permissions\"><img src=\"img/options.gif\" alt=\"" . $loc["permissions"] . "\" title=\"" . $loc["LinkTitle_EditPermissions"] . "\" width=\"11\" height=\"17\" hspace=\"0\" border=\"0\"></a>";
}
echo "</td>\n\t\t</tr>";
echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>Enabled features:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . implode("</li>\n\t\t\t\t\t<li>", $enabledUserActionsArray) . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>";
echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>Disabled features:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . implode("</li>\n\t\t\t\t\t<li>", $disabledUserActionsArray) . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>";
}
// Close right sub-table:
echo "\n\t\t</table>";
// Close right table cell of main table:
echo "\n\t</td>";
}
echo "\n</tr>";
// Close main table:
echo "\n</table>";
}
// Assign correct values to the form variables:
if (!empty($errors)) {
// load the form data that were entered by the user:
$origRecord = $formVars['origRecord'];
$dupRecords = $formVars['dupRecords'];
} else {
$origRecord = "";
$dupRecords = "";
}
// --------------------------------------------------------------------
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (2a) Display header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- " . "Manage Duplicates", "index,follow", "Manage duplicate records in the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// (2b) Start <form> and <table> holding the form elements:
// note: we provide a default value for the 'submit' form tag so that hitting <enter> within a text entry field will act as if the user clicked the 'Flag Duplicates' button
?>
<form action="duplicate_modify.php" method="POST">
<input type="hidden" name="formType" value="flagDuplicates">
<input type="hidden" name="viewType" value="<?php
echo $viewType;
?>
">
<input type="hidden" name="submit" value="Flag Duplicates">
<table align="center" border="0" cellpadding="0" cellspacing="10" width="95%" summary="This table holds a form that allows you to manage duplicate database entries">
<tr>
<td width="120">
} else {
$skipBadRecords = "";
}
} else {
$sourceText = "";
$showSource = "1";
$importRecordsRadio = "only";
$importRecords = "1";
$skipBadRecords = "";
}
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (2a) Display header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . $pageTitle, "index,follow", "Search the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// (2b) Start <form> and <table> holding the form elements:
echo "\n<form action=\"import_csa_modify.php\" method=\"POST\">";
echo "\n<input type=\"hidden\" name=\"formType\" value=\"importCSA\">" . "\n<input type=\"hidden\" name=\"submit\" value=\"Import\">" . "\n<input type=\"hidden\" name=\"showLinks\" value=\"1\">";
// embed '$showLinks=1' so that links get displayed on any 'display details' page
if (isset($errors['badRecords'])) {
if ($errors['badRecords'] == "all") {
if (!empty($errors['skipBadRecords'])) {
$skipBadRecordsInput = "<br>" . fieldError("skipBadRecords", $errors);
} else {
$skipBadRecordsInput = "";
}
} elseif ($errors['badRecords'] == "some") {
if (!empty($skipBadRecords)) {
$skipBadRecordsCheckBoxIsChecked = " checked";
deleteSessionVariable("HeaderString");
// function 'deleteSessionVariable()' is defined in 'include.inc.php'
}
// Extract the view type requested by the user (either 'Mobile', 'Print', 'Web' or ''):
// ('' will produce the default 'Web' output style)
if (isset($_REQUEST['viewType'])) {
$viewType = $_REQUEST['viewType'];
} else {
$viewType = "";
}
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// DISPLAY header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- Installation Feedback", "index,follow", "Installation feedback for the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// Start a <table>:
?>
<table align="center" border="0" cellpadding="0" cellspacing="10" width="95%" summary="This table holds the installation feedback info"><?php
if (!empty($resultArray)) {
?>
<tr>
<td valign="top"><b>Error:</b></td>
<td><?php
echo encodeHTML($resultLines);
?>
</td>
</tr>
} else {
$formType = "";
// (A) main import form:
$sourceText = "";
$importRecordsRadio = "all";
$importRecords = "1";
$skipBadRecords = "";
// (B) "Import IDs" form:
$sourceIDs = "";
}
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (2a) Display header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . $pageTitle, "index,follow", "Import records into the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// (2b) Start <form> and <table> holding the form elements of the main import form:
echo "\n<form enctype=\"multipart/form-data\" action=\"import_modify.php\" method=\"POST\">" . "\n<input type=\"hidden\" name=\"formType\" value=\"import\">" . "\n<input type=\"hidden\" name=\"submit\" value=\"Import\">" . "\n<input type=\"hidden\" name=\"showLinks\" value=\"1\">" . "\n<input type=\"hidden\" name=\"showSource\" value=\"1\">";
// for particular formats (e.g., CSA or MEDLINE) original source data will be displayed alongside the parsed data for easier comparison
if (isset($errors['badRecords'])) {
if ($errors['badRecords'] == "all") {
if (!empty($errors['skipBadRecords'])) {
$skipBadRecordsInput = "<br>" . fieldError("skipBadRecords", $errors);
} else {
$skipBadRecordsInput = "";
}
} elseif ($errors['badRecords'] == "some") {
if (!empty($skipBadRecords)) {
$skipBadRecordsCheckBoxIsChecked = " checked";
} else {
function login_page($referer)
{
global $HeaderString;
global $viewType;
global $loginWelcomeMsg;
global $loginStatus;
global $loginLinks;
global $officialDatabaseName;
global $loc;
// Show login status (should be logged out!)
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// If there's no stored message available:
if (!isset($_SESSION['HeaderString'])) {
$HeaderString = $loc['YouNeedToLoginInOrderToMakeChangesToTheDatabase'];
} else {
$HeaderString = $_SESSION['HeaderString'];
// extract 'HeaderString' session variable (only necessary if register globals is OFF!)
// Note: though we clear the session variable, the current message is still available to this script via '$HeaderString':
deleteSessionVariable("HeaderString");
// function 'deleteSessionVariable()' is defined in 'include.inc.php'
}
// Call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- User Login", "index,follow", "User login page. You must be logged in to the " . encodeHTML($officialDatabaseName) . " in order to add, edit or delete records", "", false, "", $viewType, array());
showPageHeader($HeaderString);
// Build the login form:
// Note: we use the fact here, that a page can have both, a GET and POST request.
// (if you POST, but add ?blah=foo to the end of the action URL, the client will GET, then POST)
?>
<form method="POST" action="user_login.php?referer=<?php
echo rawurlencode($referer);
?>
">
<div class="row">
<div class="small-12 column">
<div class="row">
<div class="small-2 columns">
<label for=""><?php
echo $loc["EmailAddress"];
?>
:</label>
</div>
<div class="small-10 columns">
<input type="text" name="loginEmail" size="30">
</div>
</div>
</div>
</div>
<div class="row">
<div class="small-12 column">
<div class="row">
<div class="small-2 columns">
<label for=""><?php
echo $loc["EmailAdressPassword"];
?>
:</label>
</div>
<div class="small-10 columns">
<input type="password" name="loginPassword" size="30">
</div>
</div>
</div>
</div>
<div class="row">
<div class="small-12 column">
<input class="button secondary right" style="margin-bottom: 15px" type="submit" value="Login">
</div>
</div>
<!--<table align="center" border="0" cellpadding="2" cellspacing="5" width="95%" summary="This table holds a login form for the --><?php
//echo encodeHTML($officialDatabaseName);
?>
<!--">-->
<!-- <tr>-->
<!-- <td width="174" valign="bottom">-->
<!-- <b>--><?php
//echo $loc["EmailAddress"];
?>
<!--:</b>-->
<!-- </td>-->
<!-- <td valign="bottom">-->
<!-- <input type="text" name="loginEmail" size="30">-->
<!-- </td>-->
<!-- </tr>-->
<!-- <tr>-->
<!-- <td valign="bottom">-->
<!-- <b>--><?php
//echo $loc["EmailAdressPassword"];
?>
<!--:</b>-->
<!-- </td>-->
<!-- <td valign="bottom">-->
<!-- <input type="password" name="loginPassword" size="30">-->
<!-- </td>-->
<!-- </tr>-->
<!-- <tr>-->
<!-- <td valign="bottom">-->
<!-- -->
<!-- </td>-->
<!-- <td valign="bottom">-->
<!-- <input class="button secondary" type="submit" value="Login">-->
<!-- </td>-->
<!-- </tr>-->
<!--</table>-->
</form><?php
// --------------------------------------------------------------------
// DISPLAY THE HTML FOOTER:
// call the 'showPageFooter()' and 'displayHTMLfoot()' functions (which are defined in 'footer.inc.php')
showPageFooter($HeaderString);
displayHTMLfoot();
// --------------------------------------------------------------------
}
// Note: though we clear the session variable, the current message is still available to this script via '$HeaderString':
deleteSessionVariable("HeaderString");
}
// Extract the view type requested by the user (either 'Mobile', 'Print', 'Web' or ''):
// ('' will produce the default 'Web' output style)
if (isset($_REQUEST['viewType'])) {
$viewType = $_REQUEST['viewType'];
} else {
$viewType = "";
}
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// DISPLAY header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- Update Feedback", "index,follow", "Update feedback for the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// Start a <table>:
?>
<table align="center" border="0" cellpadding="0" cellspacing="10" width="95%" summary="This table holds the update feedback info"><?php
if (!empty($resultArray)) {
?>
<tr>
<td colspan="2"><h3>Welcome to refbase v0.9.6!</h3></td>
</tr><?php
}
// following note will be always displayed no matter if something was changed or not:
?>
//fetch the current row into the array $row
// If the admin is logged in AND the displayed user data are NOT his own, we overwrite the default header message:
// (Since the admin is allowed to view and edit account data from other users, we have to provide a dynamic header message in that case)
if ($loginEmail == $adminLoginEmail && $userID != getUserID($loginEmail)) {
// ('$adminLoginEmail' is specified in 'ini.inc.php')
if (!isset($_SESSION['HeaderString'])) {
$HeaderString = "Edit account details for <b>" . encodeHTML($row["first_name"]) . " " . encodeHTML($row["last_name"]) . " (" . $row["email"] . ")</b>:";
}
}
}
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (4) DISPLAY header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- User Details", "noindex,nofollow", "User details required for use of the " . encodeHTML($officialDatabaseName), "\n\t<meta http-equiv=\"expires\" content=\"0\">", true, "", $viewType, array());
showPageHeader($HeaderString);
// (5) CLOSE the database connection:
disconnectFromMySQLDatabase();
// function 'disconnectFromMySQLDatabase()' is defined in 'include.inc.php'
// --------------------------------------------------------------------
if (isset($_SESSION['loginEmail']) && empty($errors) && isset($userID) && !empty($userID)) {
// Reset the '$formVars' variable (since we're loading from the user table):
$formVars = array();
// Reset the '$errors' variable:
$errors = array();
// Load all the form variables with user data:
$formVars["firstName"] = $row["first_name"];
$formVars["lastName"] = $row["last_name"];
$formVars["title"] = $row["title"];
$formVars["institution"] = $row["institution"];
function generateExport($result, $rowOffset, $showRows, $exportFormat, $exportType, $exportStylesheet, $displayType, $viewType, $userID)
{
global $officialDatabaseName;
// these variables are defined in 'ini.inc.php'
global $contentTypeCharset;
global $convertExportDataToUTF8;
global $defaultExportFormat;
global $userOptionsArray;
global $loc;
// '$loc' is made globally available in 'core.php'
// get all user options for the current user:
// (note that '$userOptionsArray' is made globally available)
$userOptionsArray = getUserOptions($userID);
// function 'getUserOptions()' is defined in 'include.inc.php'
// fetch the path/name of the export format file that's associated with the export format given in '$exportFormat':
$exportFormatFile = getFormatFile($exportFormat, "export");
// function 'getFormatFile()' is defined in 'include.inc.php()'
if (empty($exportFormatFile)) {
$exportFormat = $defaultExportFormat;
// if the given export format could not be found, we'll use the default export format which is defined by the '$defaultExportFormat' variable in 'ini.inc.php'
$exportFormatFile = getFormatFile($exportFormat, "export");
}
// include the found export format file *once*:
include_once "export/" . $exportFormatFile;
// instead of 'include_once' we could also use: 'if ($rowCounter == 0) { include "export/" . $exportFormatFile; }'
// export found records using the specified export format:
$exportText = exportRecords($result, $rowOffset, $showRows, $exportStylesheet, $displayType);
// function 'exportRecords()' is defined in the export format file given in '$exportFormatFile' (which, in turn, must reside in the 'export' directory of the refbase root directory)
// adjust the mime type and return exported data based on the key given in '$exportType':
if (preg_match("/text/i", $exportType)) {
$exportContentType = "text/plain";
} elseif (preg_match("/^(html|email)\$/i", $exportType)) {
$exportContentType = "text/html";
} elseif (preg_match("/xml/i", $exportType)) {
// NOTE: Firefox >=2.x, Safari >=2.x and IE >=7.x break client-side XSL for RSS and Atom feeds!
// See e.g.: <http://decafbad.com/blog/2006/11/02/firefox-20-breaks-client-side-xsl-for-rss-and-atom-feeds>
// TODO: Re-evaluate: As a consequence, we apply a VERY dirty hack in 'atomxml.inc.php' that prevents the feed sniffing
// and subsequent browser applied default XSLT stylesheet that has been implemented by FireFox 2, Safari 2
// and Internet Explorer 7. To prevent the feed sniffing we insert a comment before the feed
// element that is larger than 512 bytes. See: <http://feedme.mind-it.info/pivot/entry.php?id=9>
//
// For some browsers (such as the Camino browser <http://caminobrowser.org/>) it's possible to set the content type
// to 'application/xml' which (while incorrect for Atom/RSS) will cause the browser to trigger their XML+XSLT renderer
// if the Atom/RSS feed was requested together with a stylesheet.
//
// If the content type is set to 'application/atom+xml', Firefox 2 and Safari 2 will always apply their own default
// XSLT stylesheet and ignore any client-side XSL transformation!
if (preg_match("/Atom/i", $exportFormat) and empty($exportStylesheet)) {
$exportContentType = "application/atom+xml";
} else {
$exportContentType = "application/xml";
}
} elseif (preg_match("/rss/i", $exportType)) {
$exportContentType = "application/rss+xml";
} elseif (preg_match("/file/i", $exportType)) {
$exportContentType = "text/plain";
// set the default mime type
// Note that we do some "quick'n dirty" guessing for some export formats here (e.g., we assume/require that an XML export format name
// contains 'XML' within its name!). This is in NO way fool proof and should be handled in a better way!
if (preg_match("/XML/i", $exportFormat)) {
if (preg_match("/Atom/i", $exportFormat)) {
// if the export format name contains 'Atom'
$exportContentType = "application/atom+xml";
} else {
$exportContentType = "application/xml";
}
if (preg_match("/Atom/i", $exportFormat)) {
// if the export format name contains 'Atom'
$exportFileName = "atom_export.xml";
} elseif (preg_match("/SRW_DC/i", $exportFormat)) {
// if the export format name contains 'SRW_DC'
$exportFileName = "srw_dc_export.xml";
} elseif (preg_match("/SRW_MODS/i", $exportFormat)) {
// if the export format name contains 'SRW_MODS'
$exportFileName = "srw_mods_export.xml";
} elseif (preg_match("/SRW/i", $exportFormat)) {
// if the export format name contains 'SRW' (fallback)
$exportFileName = "srw_export.xml";
} elseif (preg_match("/^MODS/i", $exportFormat)) {
// if the export format name starts with 'MODS' (NOTE: the regex pattern must not match "SRW_MODS XML")
$exportFileName = "mods_export.xml";
} elseif (preg_match("/^(OAI_)?DC/i", $exportFormat)) {
// if the export format starts contains 'OAI_DC' or 'DC' (NOTE: the regex pattern must not match "SRW_DC XML")
$exportFileName = "oaidc_export.xml";
} elseif (preg_match("/ODF|OpenDocument/i", $exportFormat)) {
if (preg_match("/file/i", $exportType)) {
$exportContentType = "application/vnd.oasis.opendocument.spreadsheet";
$exportFileName = "odf_export.ods";
} else {
$exportFileName = "content.xml";
}
} elseif (preg_match("/Word/i", $exportFormat)) {
// if the export format name contains 'Word'
$exportFileName = "msword_export.xml";
} else {
$exportFileName = "export.xml";
}
} elseif (preg_match("/ADS|BibTeX|Endnote|ISI|RIS/i", $exportFormat)) {
if (preg_match("/ADS/i", $exportFormat)) {
$exportFileName = "ads_export.txt";
} elseif (preg_match("/BibTeX/i", $exportFormat)) {
$exportFileName = "bibtex_export.bib";
} elseif (preg_match("/Endnote/i", $exportFormat)) {
$exportFileName = "endnote_export.enw";
} elseif (preg_match("/ISI/i", $exportFormat)) {
$exportFileName = "isi_export.txt";
} elseif (preg_match("/RIS/i", $exportFormat)) {
$exportFileName = "ris_export.ris";
}
} else {
$exportFileName = "exported_records.txt";
}
// set the default download file name
}
// if variable '$convertExportDataToUTF8' is set to "yes" in 'ini.inc.php', we'll convert latin1 data to UTF-8
// when exporting to XML; therefore, we'll need to temporarily set the value of the global '$contentTypeCharset'
// variable to UTF-8 which will ensure proper HTML output
if ($convertExportDataToUTF8 == "yes" and $contentTypeCharset != "UTF-8") {
$oldContentTypeCharset = $contentTypeCharset;
// remember the actual database charset
$oldOfficialDatabaseName = $officialDatabaseName;
// remember the database name as originally encoded
// if the database charset is not "UTF-8" then we'll also need to temporarily convert any higher ASCII chars in variables which get included within the HTML output
$officialDatabaseName = convertToCharacterEncoding("UTF-8", "IGNORE", $officialDatabaseName);
// function 'convertToCharacterEncoding()' is defined in 'include.inc.php'
$contentTypeCharset = "UTF-8";
// for XML output we'll temporarily set the value of '$contentTypeCharset' to "UTF-8"
}
// set the appropriate mimetype & set the character encoding to the one given in '$contentTypeCharset':
setHeaderContentType($exportContentType, $contentTypeCharset);
// function 'setHeaderContentType()' is defined in 'include.inc.php'
if (preg_match("/file/i", $exportType)) {
// instruct the browser to download the resulting XML file:
header('Content-Disposition: attachment; filename="' . $exportFileName . '"');
} elseif (preg_match("/^(html|email)\$/i", $exportType)) {
if (preg_match("/email/i", $exportType)) {
$emailRecipient = $_SESSION['loginEmail'];
$emailSubject = "Your records from the " . $officialDatabaseName . " (exported to " . $exportFormat . " format)";
$emailBody = $exportText;
sendEmail($emailRecipient, $emailSubject, $emailBody);
// function 'sendEmail()' is defined in 'include.inc.php'
}
// call the 'displayHTMLhead()' function (defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- Exported Data", "index,follow", "Data exported from the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
$exportText = "\n\t<pre>\n" . encodeHTML($exportText) . "\n\t</pre>\n</body>\n</html>\n";
if ($exportType == "email") {
$exportText = "\n\t<p>" . "\n\t\t<a href=\"javascript:history.back()\" title=\"" . $loc["LinkTitle_GoBackToResults"] . "\">" . $loc["Go Back"] . "</a>" . "\n\t</p>" . "\n\t<p>" . "\n\t\t<b>The data below have been sent to <a href=\"mailto:" . $_SESSION['loginEmail'] . "\">" . $_SESSION['loginEmail'] . "</a>:</b>" . "\n\t</p>" . $exportText;
}
}
if ($convertExportDataToUTF8 == "yes" and $contentTypeCharset != "UTF-8") {
$contentTypeCharset = $oldContentTypeCharset;
// restore the actual database charset
$officialDatabaseName = $oldOfficialDatabaseName;
// restore the database name as originally encoded
}
if (preg_match("/ODF|OpenDocument/i", $exportFormat) && preg_match("/file/i", $exportType)) {
// This is a dirty hack to zip and return an ODF file.
// It may be desired to retun other non-textual formats in the future & to return these as attachments by email in the future.
// If this becomes needed, we should refactor the output.
$zipfile = zipODF($exportText);
// function 'zipODF()' is defined in 'odfxml.inc.php'
echo $zipfile->file();
} else {
// we'll present the output within the _same_ browser window:
// (note that we don't use a popup window here, since this may be blocked by particular browsers)
echo $exportText;
}
}
}
// Extract generic variables from the request:
if (isset($_SESSION['oldQuery'])) {
$oldQuery = $_SESSION['oldQuery'];
} else {
$oldQuery = array();
}
// --------------------------------------------------------------------
// (4) DISPLAY HEADER & RESULTS
// (NOTE: Since there's no need to query the database here, we won't perform any of the following: (1) OPEN CONNECTION, (2) SELECT DATABASE, (3) RUN QUERY, (5) CLOSE CONNECTION)
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (4a) DISPLAY header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- Error", "noindex,nofollow", "Feedback page that shows any error that occurred while using the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// Generate a 'search.php' URL that points to the formerly displayed results page:
if (!empty($oldQuery)) {
$oldQueryURL = generateURL("search.php", "html", $oldQuery, true);
}
// function 'generateURL()' is defined in 'include.inc.php'
// Build appropriate links:
$links = "\n<tr>" . "\n\t<td>" . "\n\t\tChoose how to proceed: ";
// - provide a 'go back' link (the following would only work with javascript: <a href=\"javascript:history.back()\">Go Back</a>")
$links .= "\n\t\t<a href=\"" . str_replace('&', '&', $referer) . "\">Go Back</a>";
// variable '$referer' is globally defined in function 'start_session()' in 'include.inc.php'
// - provide a link to any previous search results:
if (!empty($oldQuery)) {
$links .= "\n\t\t -OR- " . "\n\t\t<a href=\"" . $oldQueryURL . "\">Display previous search results</a>";
}
$mobileViewTypeSelected = "";
} elseif (preg_match("/^Mobile\$/i", $queryViewType)) {
$webViewTypeSelected = "";
$printViewTypeSelected = "";
$mobileViewTypeSelected = " selected";
} else {
$webViewTypeSelected = " selected";
$printViewTypeSelected = "";
$mobileViewTypeSelected = "";
}
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (2a) Display header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- " . $pageTitle, "index,follow", "Manage queries that are used to search the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// (2b) Start <form> and <table> holding the form elements:
// note: we provide a default value for the 'submit' form tag so that hitting <enter> within a text entry field will act as if the user clicked the 'Add/Edit Query' button
?>
<form action="query_modify.php" method="POST" name="saveQuery">
<input type="hidden" name="formType" value="saveQuery">
<input type="hidden" name="submit" value="<?php
echo $pageTitle;
?>
">
<input type="hidden" name="queryAction" value="<?php
echo $queryAction;
?>
">
// for INSERTs, 'created_...' and 'modified_...' variables will get fresh values in 'modify.php' anyhow
$createdTime = "";
$createdBy = "";
$modifiedDate = "";
$modifiedTime = "";
$modifiedBy = "";
$origRecord = "";
}
}
}
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (4a) DISPLAY header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- " . $pageTitle, "index,follow", "Add, edit or delete a record in the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// (4b) DISPLAY results:
// Start <form> and <table> holding the form elements:
echo "\n<form enctype=\"multipart/form-data\" action=\"modify.php?proc=1\" method=\"POST\" accept-charset=\"" . $contentTypeCharset . "\" name=\"record\">";
// '$contentTypeCharset' is defined in 'ini.inc.php'
echo "\n<input type=\"hidden\" name=\"formType\" value=\"record\">";
echo "\n<input type=\"hidden\" name=\"submit\" value=\"" . $addEditButtonTitle . "\">";
// provide a default value for the 'submit' form tag (then, hitting <enter> within a text entry field will act as if the user clicked the 'Add/Edit Record' button)
echo "\n<input type=\"hidden\" name=\"recordAction\" value=\"" . $recordAction . "\">";
echo "\n<input type=\"hidden\" name=\"contributionIDName\" value=\"" . rawurlencode($contributionID) . "\">";
echo "\n<input type=\"hidden\" name=\"origRecord\" value=\"" . $origRecord . "\">";
if ($recordAction == "edit") {
// the following hidden form tags are included in order to have their values available when a record is moved to the 'deleted' table:
echo "\n<input type=\"hidden\" name=\"createdDate\" value=\"" . $createdDate . "\">";
echo "\n<input type=\"hidden\" name=\"createdTime\" value=\"" . $createdTime . "\">";
}
// Get the query URL of the last multi-record query:
if (isset($_SESSION['oldMultiRecordQuery'])) {
$oldMultiRecordQuery = $_SESSION['oldMultiRecordQuery'];
} else {
$oldMultiRecordQuery = "";
}
// --------------------------------------------------------------------
// (4) DISPLAY HEADER & RESULTS
// (NOTE: Since there's no need to query the database here, we won't perform any of the following: (1) OPEN CONNECTION, (2) SELECT DATABASE, (3) RUN QUERY, (5) CLOSE CONNECTION)
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (4a) DISPLAY header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- Record Action Feedback", "noindex,nofollow", "Feedback page that confirms any adding, editing or deleting of records in the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// (4b) DISPLAY results:
// construct the correct SQL query that will link back to the added/edited record:
$sqlQuery = buildSELECTclause("Display", "1", "", true, false);
// function 'buildSELECTclause()' is defined in 'include.inc.php'
if (isset($_SESSION['loginEmail'])) {
// if a user is logged in, show user specific fields:
$sqlQuery .= " FROM {$tableRefs} LEFT JOIN {$tableUserData} ON serial = record_id AND user_id = " . quote_smart($loginUserID) . " WHERE serial RLIKE " . quote_smart("^(" . $serialNo . ")\$") . " ORDER BY author, year DESC, publication";
} else {
// if NO user logged in, don't display any user specific fields:
$sqlQuery .= " FROM {$tableRefs} WHERE serial RLIKE " . quote_smart("^(" . $serialNo . ")\$") . " ORDER BY author, year DESC, publication";
}
// we simply use the fixed default ORDER BY clause here
$sqlQuery = rawurlencode($sqlQuery);
// Generate a 'search.php' URL that points to the formerly displayed results page:
// function 'returnMsg()' is defined in 'include.inc.php'
header("Location: " . $referer);
// variable '$referer' is globally defined in function 'start_session()' in 'include.inc.php'
exit;
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> !EXIT! <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
}
// --------------------------------------------------------------------
// (4) DISPLAY HEADER & RESULTS
// (NOTE: Since there's no need to query the database here, we won't perform any of the following: (1) OPEN CONNECTION, (2) SELECT DATABASE, (3) RUN QUERY, (5) CLOSE CONNECTION)
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (4a) DISPLAY header:
// Call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
if ($wrapResults != "0") {
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- Query History", "noindex,nofollow", "Displays links to previous search results", "", false, "", $viewType, array());
if (!preg_match("/^(Print|Mobile)\$/i", $viewType)) {
// Note: we omit the visible header in print/mobile view ('viewType=Print' or 'viewType=Mobile')
showPageHeader($HeaderString);
}
echo "\n";
}
// (4b) DISPLAY results:
echo "<div id=\"queryhistory\">";
// Print a link to the current query:
if (!empty($oldQuery)) {
echo "\n\t<div id=\"currentquery\">" . "\n\t\t<h5>Current Query</h5>";
// Extract the 'WHERE' clause from the current SQL query:
$queryWhereClause = extractWHEREclause($oldQuery["sqlQuery"]);
// function 'extractWHEREclause()' is defined in 'include.inc.php'
$queryTitle = encodeHTML(explainSQLQuery($queryWhereClause));
// NOTE: strictly, this isn't really necessary but it helps to achieve a similar appearance of the login form on Firefox/Gecko & Safari/WebKit browsers (with all supported GUI languages)
// TODO: figure out a better way (which isn't based on user agent sniffing); the problem could also be avoided by simply stacking <input> fields & their labels on top of each other
if (isset($_SERVER['HTTP_USER_AGENT']) and preg_match("/AppleWebKit/i", $_SERVER['HTTP_USER_AGENT'])) {
$rightColumnWidth = "215";
} else {
$rightColumnWidth = "225";
}
// Get the total number of records:
$recordCount = getTotalNumberOfRecords();
// function 'getTotalNumberOfRecords()' is defined in 'include.inc.php'
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (4) DISPLAY header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- " . $loc["Home"], "index,follow", "Search the " . encodeHTML($officialDatabaseName), "", true, "", $viewType, $rssURLArray);
showPageHeader($HeaderString);
// Define variables holding common drop-down elements, i.e. build properly formatted <option> tag elements:
// - "Browse My Refs" form:
$dropDownFieldNameArray2 = array("author" => $loc["DropDownFieldName_Author"], "year" => $loc["DropDownFieldName_Year"], "publication" => $loc["DropDownFieldName_Publication"], "keywords" => $loc["DropDownFieldName_Keywords"], "user_keys" => $loc["DropDownFieldName_UserKeys"]);
$dropDownItems2 = buildSelectMenuOptions($dropDownFieldNameArray2, "//", "\t\t\t\t\t", true);
// function 'buildSelectMenuOptions()' is defined in 'include.inc.php'
// --------------------------------------------------------------------
?>
<table align="center" width="95%" summary="This table explains features, goals and usage of the <?php
echo encodeHTML($officialDatabaseName);
?>
">
<tr>
<td colspan="2"><h3><?php
$selectedFields = implode("|", $selectedFieldsArray);
// merge array of fields that shall be selected
$matchFieldsOptionTags = preg_replace("/<option([^>]*)>({$selectedFields})<\\/option>/", "<option\\1 selected>\\2</option>", $matchFieldsOptionTags);
// define variable holding the 'nonASCIIChars' drop-down elements:
$dropDownItemArray2 = array("strip" => "strip", "transliterate" => "transliterate", "keep" => "don't change");
// build properly formatted <option> tag elements from array items given in '$dropDownItemArray2':
$nonASCIICharsOptionTags = buildSelectMenuOptions($dropDownItemArray2, "//", "\t\t\t\t", true);
// add 'selected' attribute:
$nonASCIICharsOptionTags = preg_replace("/<option([^>]*)>({$dropDownItemArray2[$nonASCIICharsSelected]})<\\/option>/", "<option\\1 selected>\\2</option>", $nonASCIICharsOptionTags);
// --------------------------------------------------------------------
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (2a) Display header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- " . "Find Duplicates", "index,follow", "Search for duplicates within the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// (2b) Start <form> and <table> holding the form elements:
// note: we provide a default value for the 'submit' form tag so that hitting <enter> within a text entry field will act as if the user clicked the 'Add/Edit Query' button
?>
<form action="search.php" method="GET">
<input type="hidden" name="formType" value="duplicateSearch">
<input type="hidden" name="originalDisplayType" value="<?php
echo $displayType;
?>
">
<input type="hidden" name="submit" value="Find Duplicates">
<input type="hidden" name="citeStyle" value="<?php
echo rawurlencode($citeStyle);
?>