Example #1
0
 // If there's no stored message available:
 if (!isset($_SESSION['HeaderString'])) {
     $HeaderString = "Display details for a particular record by entering its record identifier:";
 } else {
     $HeaderString = $_SESSION['HeaderString'];
     // extract 'HeaderString' session variable (only necessary if register globals is OFF!)
     // Note: though we clear the session variable, the current message is still available to this script via '$HeaderString':
     deleteSessionVariable("HeaderString");
     // function 'deleteSessionVariable()' is defined in 'include.inc.php'
 }
 // Show the login status:
 showLogin();
 // (function 'showLogin()' is defined in 'include.inc.php')
 // DISPLAY header:
 // call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
 displayHTMLhead(encodeHTML($officialDatabaseName) . " -- " . $loc["ShowRecord"], "index,follow", "Search the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
 showPageHeader($HeaderString);
 // Define variables holding drop-down elements, i.e. build properly formatted <option> tag elements:
 $dropDownConditionalsArray = array("is equal to" => $loc["equal to"], "contains" => $loc["contains"], "is within list" => $loc["is within list"]);
 $dropDownItems1 = buildSelectMenuOptions($dropDownConditionalsArray, "//", "\t\t\t", true);
 // function 'buildSelectMenuOptions()' is defined in 'include.inc.php'
 $dropDownFieldNameArray = array("serial" => $loc["DropDownFieldName_Serial"]);
 if (isset($_SESSION['loginEmail'])) {
     // add drop down items for user-specific record identifiers:
     $dropDownFieldNameArray["call_number"] = $loc["DropDownFieldName_MyCallNumber"];
     $dropDownFieldNameArray["cite_key"] = $loc["DropDownFieldName_MyCiteKey"];
     // adjust the width of the table cell holding the drop down:
     $recordIDCellWidth = "140";
 } else {
     $recordIDCellWidth = "85";
 }
Example #2
0
        $HeaderString = $rowOffset + 1 . "&#8211;" . $showMaxRow . " of " . $rowsFound . $HeaderString;
    } elseif ($rowsFound == 0) {
        $HeaderString = $rowsFound . $HeaderString;
    }
} else {
    $HeaderString = $_SESSION['HeaderString'];
    // extract 'HeaderString' session variable (only necessary if register globals is OFF!)
    // Note: though we clear the session variable, the current message is still available to this script via '$HeaderString':
    deleteSessionVariable("HeaderString");
    // function 'deleteSessionVariable()' is defined in 'include.inc.php'
}
// Now, show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// Then, call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- Manage Users", "noindex,nofollow", "Administration page that lists users of the " . encodeHTML($officialDatabaseName) . ", with links for adding, editing or deleting any users", "", true, "", $viewType, array());
if (!preg_match("/^(Print|Mobile)\$/i", $viewType)) {
    // Note: we omit the visible header in print/mobile view! ('viewType=Print' or 'viewType=Mobile')
    showPageHeader($HeaderString);
}
// (4b) DISPLAY results:
showUsers($result, $rowsFound, $query, $queryURL, $showQuery, $showLinks, $rowOffset, $showRows, $previousOffset, $nextOffset, $showMaxRow, $viewType, $displayType);
// show all users
// ----------------------------------------------
// (5) CLOSE the database connection:
disconnectFromMySQLDatabase();
// function 'disconnectFromMySQLDatabase()' is defined in 'include.inc.php'
// --------------------------------------------------------------------
// Display all users listed within the 'users' table
function showUsers($result, $rowsFound, $query, $queryURL, $showQuery, $showLinks, $rowOffset, $showRows, $previousOffset, $nextOffset, $showMaxRow, $viewType, $displayType)
{
Example #3
0
$row = mysql_fetch_array($result);
// fetch the current row into the array $row
// If the admin is logged in AND the displayed user data are NOT his own, we overwrite the default header message:
// (Since the admin is allowed to view and edit account data from other users, we have to provide a dynamic header message in that case)
if ($loginEmail == $adminLoginEmail && !empty($userID) && $userID != getUserID($loginEmail)) {
    // ('$adminLoginEmail' is specified in 'ini.inc.php')
    $HeaderString = "Edit account options for <b>" . encodeHTML($row["first_name"]) . " " . encodeHTML($row["last_name"]) . " (" . $row["email"] . ")</b>:";
} elseif (empty($userID)) {
    $HeaderString = "Edit account options for anyone who isn't logged in:";
}
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (4) DISPLAY header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- User Options", "noindex,nofollow", "User options offered by the " . encodeHTML($officialDatabaseName), "\n\t<meta http-equiv=\"expires\" content=\"0\">", true, "", $viewType, array());
showPageHeader($HeaderString);
// --------------------------------------------------------------------
if (empty($errors)) {
    // Reset the '$formVars' variable (since we're loading from the user tables):
    $formVars = array();
    // Reset the '$errors' variable:
    $errors = array();
    // Load all the form variables with user data & options:
    $formVars["language"] = $row["language"];
}
// Initialize variables which will set form elements according to the current user's options:
// Get all user options for the current user:
$userOptionsArray = getUserOptions($userID);
// function 'getUserOptions()' is defined in 'include.inc.php'
// Display Options:
Example #4
0
    deleteSessionVariable("HeaderString");
    // function 'deleteSessionVariable()' is defined in 'include.inc.php'
}
// Extract the view type requested by the user (either 'Mobile', 'Print', 'Web' or ''):
// ('' will produce the default 'Web' output style)
if (isset($_REQUEST['viewType'])) {
    $viewType = $_REQUEST['viewType'];
} else {
    $viewType = "";
}
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (2a) Display header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- Extract Citations", "index,follow", "Search the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// (2b) Start <form> and <table> holding the form elements:
echo "\n<form action=\"search.php\" method=\"POST\">";
echo "\n<input type=\"hidden\" name=\"formType\" value=\"extractSearch\">" . "\n<input type=\"hidden\" name=\"submit\" value=\"Cite\">";
// provide a default value for the 'submit' form tag. Otherwise, some browsers may not recognize the correct output format when a user hits <enter> within a form field (instead of clicking the "Cite" button)
if (!isset($_SESSION['user_styles'])) {
    $citeStyleDisabled = " disabled";
} else {
    $citeStyleDisabled = "";
}
if (!isset($_SESSION['user_cite_formats'])) {
    $citeFormatDisabled = " disabled";
} else {
    $citeFormatDisabled = "";
}
Example #5
0
function showQueryPage($operation, $viewType, $showRows, $rowOffset)
{
    global $officialDatabaseName;
    // defined in 'ini.inc.php'
    global $displayType;
    global $loc;
    // defined in 'locales/core.php'
    global $client;
    // If there's no stored message available:
    if (!isset($_SESSION['HeaderString'])) {
        $HeaderString = $loc["SearchDB"] . ":";
    } else {
        $HeaderString = $_SESSION['HeaderString'];
        // extract 'HeaderString' session variable (only necessary if register globals is OFF!)
        // Note: though we clear the session variable, the current message is still available to this script via '$HeaderString':
        deleteSessionVariable("HeaderString");
        // function 'deleteSessionVariable()' is defined in 'include.inc.php'
    }
    // For HTML output, we'll need to reset the value of the '$displayType' variable
    // (which, by default, is set to "Export"; see above); otherwise, the 'originalDisplayType'
    // parameter in the 'quickSearch' form of the page header would be incorrectly set to "Export"
    $displayType = "";
    // if '$displayType' is empty, 'show.php' will use the default view that's given in session variable 'userDefaultView'
    // Show the login status:
    showLogin();
    // (function 'showLogin()' is defined in 'include.inc.php')
    // DISPLAY header:
    // call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
    displayHTMLhead(encodeHTML($officialDatabaseName) . " -- " . $loc["Search"], "index,follow", "Search the " . encodeHTML($officialDatabaseName), "", true, "", $viewType, array());
    if (!preg_match("/^Mobile\$/i", $viewType) and !preg_match("/^inc/i", $client)) {
        // Note: we omit the visible header in mobile view ('viewType=Mobile') and for include mechanisms!
        showPageHeader($HeaderString);
    }
    // Define variables holding common drop-down elements, i.e. build properly formatted <option> tag elements:
    $dropDownConditionals1Array = array("contains" => $loc["contains"], "does not contain" => $loc["contains not"], "is equal to" => $loc["equal to"], "is not equal to" => $loc["equal to not"], "starts with" => $loc["starts with"], "ends with" => $loc["ends with"]);
    $dropDownItems1 = buildSelectMenuOptions($dropDownConditionals1Array, "//", "\t\t\t", true);
    // function 'buildSelectMenuOptions()' is defined in 'include.inc.php'
    $dropDownConditionals2Array = array("is greater than" => $loc["is greater than"], "is less than" => $loc["is less than"], "is within range" => $loc["is within range"], "is within list" => $loc["is within list"]);
    $dropDownItems2 = buildSelectMenuOptions($dropDownConditionals2Array, "//", "\t\t\t", true);
    $dropDownFieldNames1Array = array("author" => $loc["DropDownFieldName_Author"], "address" => $loc["DropDownFieldName_Address"], "corporate_author" => $loc["DropDownFieldName_CorporateAuthor"], "thesis" => $loc["DropDownFieldName_Thesis"], "", "title" => $loc["DropDownFieldName_Title"], "orig_title" => $loc["DropDownFieldName_OrigTitle"], "", "year" => $loc["DropDownFieldName_Year"], "publication" => $loc["DropDownFieldName_Publication"], "abbrev_journal" => $loc["DropDownFieldName_AbbrevJournal"], "editor" => $loc["DropDownFieldName_Editor"], "", "volume_numeric" => $loc["DropDownFieldName_Volume"], "issue" => $loc["DropDownFieldName_Issue"], "pages" => $loc["DropDownFieldName_Pages"], "", "series_title" => $loc["DropDownFieldName_SeriesTitle"], "abbrev_series_title" => $loc["DropDownFieldName_AbbrevSeriesTitle"], "series_editor" => $loc["DropDownFieldName_SeriesEditor"], "series_volume_numeric" => $loc["DropDownFieldName_SeriesVolume"], "series_issue" => $loc["DropDownFieldName_SeriesIssue"], "", "publisher" => $loc["DropDownFieldName_Publisher"], "place" => $loc["DropDownFieldName_Place"], "", "edition" => $loc["DropDownFieldName_Edition"], "medium" => $loc["DropDownFieldName_Medium"], "issn" => $loc["DropDownFieldName_Issn"], "isbn" => $loc["DropDownFieldName_Isbn"], "", "language" => $loc["DropDownFieldName_Language"], "summary_language" => $loc["DropDownFieldName_SummaryLanguage"], "", "keywords" => $loc["DropDownFieldName_Keywords"], "abstract" => $loc["DropDownFieldName_Abstract"], "", "area" => $loc["DropDownFieldName_Area"], "expedition" => $loc["DropDownFieldName_Expedition"], "conference" => $loc["DropDownFieldName_Conference"], "", "doi" => $loc["DropDownFieldName_Doi"], "url" => $loc["DropDownFieldName_Url"]);
    if (isset($_SESSION['loginEmail'])) {
        // we only include the 'file' field if the user is logged in
        $dropDownFieldNames1Array["file"] = $loc["DropDownFieldName_File"];
    }
    $dropDownFieldNames1Array[] = "";
    $dropDownFieldNames1Array["notes"] = $loc["DropDownFieldName_Notes"];
    if (isset($_SESSION['loginEmail'])) {
        // we only include the 'location' field if the user is logged in
        $dropDownFieldNames1Array["location"] = $loc["DropDownFieldName_Location"];
    }
    $dropDownFieldNames2Array = array("call_number" => $loc["DropDownFieldName_CallNumber"], "", "serial" => $loc["DropDownFieldName_Serial"], "type" => $loc["DropDownFieldName_Type"], "approved" => $loc["DropDownFieldName_Approved"], "", "created_date" => $loc["DropDownFieldName_CreatedDate"], "created_time" => $loc["DropDownFieldName_CreatedTime"]);
    if (isset($_SESSION['loginEmail'])) {
        // we only include the 'created_by' field if the user is logged in
        $dropDownFieldNames2Array["created_by"] = $loc["DropDownFieldName_CreatedBy"];
    }
    $dropDownFieldNames2Array[] = "";
    $dropDownFieldNames2Array["modified_date"] = $loc["DropDownFieldName_ModifiedDate"];
    $dropDownFieldNames2Array["modified_time"] = $loc["DropDownFieldName_ModifiedTime"];
    if (isset($_SESSION['loginEmail'])) {
        // we only include the 'modified_by' field if the user is logged in
        $dropDownFieldNames2Array["modified_by"] = $loc["DropDownFieldName_ModifiedBy"];
    }
    $dropDownItems3 = buildSelectMenuOptions(array_merge($dropDownFieldNames1Array, $dropDownFieldNames2Array), "//", "\t\t\t", true);
    $dropDownConditionals3Array = array("html" => "html", "atom" => "Atom XML", "rss" => "RSS XML", "srw_dc" => "SRW_DC XML", "srw_mods" => "SRW_MODS XML");
    $dropDownItems4 = buildSelectMenuOptions($dropDownConditionals3Array, "//", "\t\t\t", true);
    // Map CQL indexes to refbase field names:
    $indexNamesArray = mapCQLIndexes();
    // function 'mapCQLIndexes()' is defined in 'webservice.inc.php'
    // --------------------------------------------------------------------
    // TODO: when the simple CQL Query Builder interface is done, a call to 'opensearch.php' (or 'opensearch.php?operation=simple')
    //       should activate that simple GUI-based interface (currently, it activates the advanced interface that you'd normally only
    //       get via 'opensearch.php?operation=cql' or 'opensearch.php?operation=advanced')
    //		if (preg_match("/^(advanced|CQL)$/i", $operation))
    showQueryFormAdvanced($dropDownItems1, $dropDownItems2, $dropDownItems3, $dropDownItems4, $showRows, $rowOffset, $indexNamesArray, $viewType);
    // let's you enter a standard CQL query directly
    //		else
    //			showQueryFormSimple($dropDownItems1, $dropDownItems2, $dropDownItems3, $dropDownItems4, $showRows, $rowOffset, $indexNamesArray, $viewType); // let's you build a CQL query via dropdown menues
    // --------------------------------------------------------------------
    // DISPLAY THE HTML FOOTER:
    // call the 'showPageFooter()' and 'displayHTMLfoot()' functions (which are defined in 'footer.inc.php')
    if (!preg_match("/^Mobile\$/i", $viewType) and !preg_match("/^inc/i", $client)) {
        // Note: we omit the visible footer in mobile view ('viewType=Mobile') and for include mechanisms!
        showPageFooter($HeaderString);
    }
    displayHTMLfoot();
}
Example #6
0
function showUserData($userID, $userAction, $connection)
{
    global $HeaderString;
    global $viewType;
    global $loginWelcomeMsg;
    global $loginStatus;
    global $loginLinks;
    global $loginEmail;
    global $adminLoginEmail;
    global $officialDatabaseName;
    global $defaultLanguage;
    global $tableUsers;
    // defined in 'db.inc.php'
    global $loc;
    // '$loc' is made globally available in 'core.php'
    // CONSTRUCT SQL QUERY:
    $query = "SELECT * FROM {$tableUsers} WHERE user_id = " . quote_smart($userID);
    // (3) RUN the query on the database through the connection:
    $result = queryMySQLDatabase($query);
    // function 'queryMySQLDatabase()' is defined in 'include.inc.php'
    // (4) EXTRACT results (since 'user_id' is the unique primary key for the 'users' table, there will be only one matching row)
    $row = @mysql_fetch_array($result);
    // Build the correct header message:
    if (!isset($_SESSION['HeaderString'])) {
        // if there's no saved message
        if ($userAction == "Delete") {
            // provide an appropriate header message:
            $HeaderString = "<b><span class=\"warning\">Delete user</span> " . encodeHTML($row["first_name"]) . " " . encodeHTML($row["last_name"]) . " (" . $row["email"] . ")</b>:";
        } elseif (empty($userID)) {
            $HeaderString = "Account details and options for anyone who isn't logged in:";
        } else {
            // provide the default message:
            $HeaderString = "Account details and options for <b>" . encodeHTML($row["first_name"]) . " " . encodeHTML($row["last_name"]) . " (" . $row["email"] . ")</b>:";
        }
    } else {
        $HeaderString = $_SESSION['HeaderString'];
        // extract 'HeaderString' session variable (only necessary if register globals is OFF!)
        // Note: though we clear the session variable, the current message is still available to this script via '$HeaderString':
        deleteSessionVariable("HeaderString");
        // function 'deleteSessionVariable()' is defined in 'include.inc.php'
    }
    // Get the list of "main fields" preferred by the current user:
    // NOTE: We have to call function 'getMainFields()' up here since it updates
    //       session variable 'userMainFields' which gets used in function
    //       'buildQuickSearchElements()' (which, in turn, is called from within
    //       function 'showPageHeader()')
    $mainFieldsArray = getMainFields($userID);
    // function 'getMainFields()' is defined in 'include.inc.php'
    // Get the user's preference for displaying auto-completions:
    // (see note for '$mainFieldsArray' which also applies here)
    $showAutoCompletions = getPrefAutoCompletions($userID);
    // function 'getPrefAutoCompletions()' is defined in 'include.inc.php'
    // Map MySQL field names to localized column names:
    $fieldNamesArray = mapFieldNames();
    // function 'mapFieldNames()' is defined in 'include.inc.php'
    $localizedMainFieldsArray = array();
    foreach ($mainFieldsArray as $field) {
        if (isset($fieldNamesArray[$field])) {
            $localizedMainFieldsArray[$field] = $fieldNamesArray[$field];
        } else {
            // no localized field name exists, so we use the original field name
            $localizedMainFieldsArray[$field] = $field;
        }
    }
    // Call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
    displayHTMLhead(encodeHTML($officialDatabaseName) . " -- User Receipt", "noindex,nofollow", "Receipt page confirming correct entry of user details and options for the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
    showPageHeader($HeaderString);
    // Start main table:
    echo "\n<table id=\"accountinfo\" align=\"center\" border=\"0\" cellpadding=\"0\" cellspacing=\"10\" width=\"95%\" summary=\"This table displays user account details and options\">";
    echo "\n<tr>" . "\n\t<td valign=\"top\" width=\"28%\">";
    // Start left sub-table:
    echo "\n\t\t<table id=\"accountdetails\" border=\"0\" cellpadding=\"0\" cellspacing=\"10\" summary=\"User account details\">";
    echo "\n\t\t<tr>\n\t\t\t<td align=\"left\"><b>Account Details:</b></td>";
    if (mysql_num_rows($result) == 1) {
        // Add edit/delete button:
        echo "\n\t\t\t<td align=\"left\">";
        // If the admin is logged in, allow the display of a button that will delete the currently shown user:
        if (isset($_SESSION['loginEmail']) && $loginEmail == $adminLoginEmail) {
            if ($userAction == "Delete") {
                echo "<a href=\"user_removal.php?userID=" . $userID . "\"><img src=\"img/delete.gif\" alt=\"" . $loc["delete"] . "\" title=\"" . $loc["LinkTitle_DeleteUser"] . "\" width=\"11\" height=\"17\" hspace=\"0\" border=\"0\"></a>";
            }
        }
        if ($userAction != "Delete") {
            echo "<a href=\"user_details.php?userID=" . $userID . "\"><img src=\"img/edit.gif\" alt=\"" . $loc["edit"] . "\" title=\"" . $loc["LinkTitle_EditDetails"] . "\" width=\"11\" height=\"17\" hspace=\"0\" border=\"0\"></a>";
        }
        echo "</td>\n\t\t</tr>";
        // Display a password reminder:
        // (but only if a normal user is logged in -OR- the admin is logged in AND the updated user data are his own!)
        if ($loginEmail != $adminLoginEmail | ($loginEmail == $adminLoginEmail && $userID == getUserID($loginEmail))) {
            echo "\n\t\t<tr>\n\t\t\t<td colspan=\"2\"><i>Please record your password somewhere safe for future use!</i></td>\n\t\t</tr>";
        }
        // Print title, first name, last name and institutional abbreviation:
        echo "\n\t\t<tr>\n\t\t\t<td colspan=\"2\">\n\t\t\t\t";
        if (!empty($row["title"])) {
            echo $row["title"] . ". ";
        }
        echo encodeHTML($row["first_name"]) . " " . encodeHTML($row["last_name"]) . " (" . encodeHTML($row["abbrev_institution"]) . ")";
        // Since the first name, last name and abbrev. institution fields are mandatory, we don't need to check if they're empty
        // Print institution name:
        if (!empty($row["institution"])) {
            echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["institution"]);
        }
        // Print corporate institution name:
        if (!empty($row["corporate_institution"])) {
            echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["corporate_institution"]);
        }
        // If any of the address lines contain data, add a spacer row:
        if (!empty($row["address_line_1"]) || !empty($row["address_line_2"]) || !empty($row["address_line_3"]) || !empty($row["zip_code"]) || !empty($row["city"]) || !empty($row["state"]) || !empty($row["country"])) {
            echo "\n\t\t\t\t<br>";
        }
        // Print first address line:
        if (!empty($row["address_line_1"])) {
            echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["address_line_1"]);
        }
        // Print second address line:
        if (!empty($row["address_line_2"])) {
            echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["address_line_2"]);
        }
        // Print third address line:
        if (!empty($row["address_line_3"])) {
            echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["address_line_3"]);
        }
        // Print zip code and city:
        if (!empty($row["zip_code"]) && !empty($row["city"])) {
            // both fields are available
            echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["zip_code"]) . " " . encodeHTML($row["city"]);
        } elseif (!empty($row["zip_code"]) && empty($row["city"])) {
            // only 'zip_code' available
            echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["zip_code"]);
        } elseif (empty($row["zip_code"]) && !empty($row["city"])) {
            // only 'city' field available
            echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["city"]);
        }
        // Print state:
        if (!empty($row["state"])) {
            echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["state"]);
        }
        // Print country:
        if (!empty($row["country"])) {
            echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["country"]);
        }
        // If any of the phone/url/email fields contain data, add a spacer row:
        if (!empty($row["phone"]) || !empty($row["url"]) || !empty($row["email"])) {
            echo "\n\t\t\t\t<br>";
        }
        // Print phone number:
        if (!empty($row["phone"])) {
            echo "\n\t\t\t\t<br>\n\t\t\t\t" . "Phone: " . encodeHTML($row["phone"]);
        }
        // Print URL:
        if (!empty($row["url"])) {
            echo "\n\t\t\t\t<br>\n\t\t\t\t" . "URL: <a href=\"" . $row["url"] . "\">" . $row["url"] . "</a>";
        }
        // Print email:
        echo "\n\t\t\t\t<br>\n\t\t\t\t" . "Email: <a href=\"mailto:" . $row["email"] . "\">" . $row["email"] . "</a>";
        // Since the email field is mandatory, we don't need to check if it's empty
        echo "\n\t\t\t</td>\n\t\t</tr>";
    } else {
        echo "\n\t\t\t<td align=\"right\"></td>\n\t\t</tr>";
        echo "\n\t\t<tr>\n\t\t\t<td colspan=\"2\">(none)</td>\n\t\t</tr>";
    }
    // Close left sub-table:
    echo "\n\t\t</table>";
    // Close left table cell of main table:
    echo "\n\t</td>";
    if ($userAction != "Delete") {
        // ------------------------------------------------------------
        // Start middle table cell of main table:
        echo "\n\t<td valign=\"top\">";
        // Start middle sub-table:
        echo "\n\t\t<table id=\"accountopt\" border=\"0\" cellpadding=\"0\" cellspacing=\"10\" summary=\"User account options\">";
        echo "\n\t\t<tr>\n\t\t\t<td align=\"left\"><b>Display Options:</b></td>" . "\n\t\t\t<td align=\"right\">";
        if (mysql_num_rows($result) == 1 or $userID == 0) {
            // If there's a user associated with this user ID (or if we're supposed to display options/permissions for anyone who isn't logged in)
            echo "<a href=\"user_options.php?userID=" . $userID . "\"><img src=\"img/options.gif\" alt=\"" . $loc["options"] . "\" title=\"" . $loc["LinkTitle_EditOptions"] . "\" width=\"11\" height=\"17\" hspace=\"0\" border=\"0\"></a>";
        }
        echo "</td>\n\t\t</tr>";
        // Show the user's selected interface language:
        echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>Use language:</td>";
        if (mysql_num_rows($result) == 1) {
            // If there's a user associated with this user ID
            echo "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . $row["language"] . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>";
        } else {
            // no user exists with this user ID
            echo "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . $defaultLanguage . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>";
        }
        echo "\n\t\t</tr>";
        // get the default number of records per page preferred by the current user:
        $recordsPerPage = getDefaultNumberOfRecords($userID);
        // function 'getDefaultNumberOfRecords()' is defined in 'include.inc.php'
        // show the user's default number of records per page:
        echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>Show records per page:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . $recordsPerPage . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>";
        // show the user's preference for displaying auto-completions:
        echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>Show auto-completions:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . $loc[$showAutoCompletions] . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>";
        if ($loginEmail == $adminLoginEmail) {
            $ShowEnabledDescriptor = "Enabled";
            // get all formats/styles/types that are available and were enabled by the admin for the current user:
            $userTypesArray = getEnabledUserFormatsStylesTypes($userID, "type", "", false);
            // function 'getEnabledUserFormatsStylesTypes()' is defined in 'include.inc.php'
            $citationStylesArray = getEnabledUserFormatsStylesTypes($userID, "style", "", false);
            $citationFormatsArray = getEnabledUserFormatsStylesTypes($userID, "format", "cite", false);
            $exportFormatsArray = getEnabledUserFormatsStylesTypes($userID, "format", "export", false);
        } else {
            $ShowEnabledDescriptor = "Show";
            // get all formats/styles/types that were selected by the current user
            // and (if some formats/styles/types were found) save them as semicolon-delimited string to an appropriate session variable:
            $userTypesArray = getVisibleUserFormatsStylesTypes($userID, "type", "");
            // function 'getVisibleUserFormatsStylesTypes()' is defined in 'include.inc.php'
            $citationStylesArray = getVisibleUserFormatsStylesTypes($userID, "style", "");
            $citationFormatsArray = getVisibleUserFormatsStylesTypes($userID, "format", "cite");
            $exportFormatsArray = getVisibleUserFormatsStylesTypes($userID, "format", "export");
            // Note: the function 'getVisibleUserFormatsStylesTypes()' will only update the appropriate session variables if
            //       either a normal user is logged in -OR- the admin is logged in AND the updated user data are his own(*);
            //       otherwise, the function will simply return an array containing all matching values
            //       (*) the admin-condition won't apply here, though, since this function gets only called for normal users. This means, that
            //           the admin is currently not able to hide any items from his popup lists via the admin interface (he'll need to hack the MySQL tables)!
        }
        // list types:
        echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>" . $ShowEnabledDescriptor . " reference types:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>";
        if (empty($userTypesArray)) {
            echo "(none)";
        } else {
            echo implode("</li>\n\t\t\t\t\t<li>", $userTypesArray);
        }
        echo "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>";
        // list styles:
        echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>" . $ShowEnabledDescriptor . " citation styles:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>";
        if (empty($citationStylesArray)) {
            echo "(none)";
        } else {
            echo implode("</li>\n\t\t\t\t\t<li>", $citationStylesArray);
        }
        echo "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>";
        // list cite formats:
        echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>" . $ShowEnabledDescriptor . " citation formats:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>";
        if (empty($citationFormatsArray)) {
            echo "(none)";
        } else {
            echo implode("</li>\n\t\t\t\t\t<li>", $citationFormatsArray);
        }
        echo "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>";
        // list export formats:
        echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>" . $ShowEnabledDescriptor . " export formats:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>";
        if (empty($exportFormatsArray)) {
            echo "(none)";
        } else {
            echo implode("</li>\n\t\t\t\t\t<li>", $exportFormatsArray);
        }
        echo "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>";
        // list all fields that were selected by the current user as "main fields":
        echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>\"Main fields\" searches:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>";
        if (empty($localizedMainFieldsArray)) {
            echo "(none)";
        } else {
            echo implode("</li>\n\t\t\t\t\t<li>", $localizedMainFieldsArray);
        }
        echo "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>";
        // Close middle sub-table:
        echo "\n\t\t</table>";
        // Close middle table cell of main table:
        echo "\n\t</td>";
        // ------------------------------------------------------------
        // Start right table cell of main table:
        echo "\n\t<td valign=\"top\">";
        // Start right sub-table:
        echo "\n\t\t<table id=\"accountperm\" border=\"0\" cellpadding=\"0\" cellspacing=\"10\" summary=\"User account permissions\">";
        if ($loginEmail == $adminLoginEmail) {
            // get all user permissions for the current user:
            $userPermissionsArray = getPermissions($userID, "user", false);
            // function 'getPermissions()' is defined in 'include.inc.php'
            // map raw field names from table 'user_permissions' with items of the global localization array ('$loc'):
            $localizedUserPermissionsArray = array('allow_add' => 'UserPermission_AllowAdd', 'allow_edit' => 'UserPermission_AllowEdit', 'allow_delete' => 'UserPermission_AllowDelete', 'allow_download' => 'UserPermission_AllowDownload', 'allow_upload' => 'UserPermission_AllowUpload', 'allow_list_view' => 'UserPermission_AllowListView', 'allow_details_view' => 'UserPermission_AllowDetailsView', 'allow_print_view' => 'UserPermission_AllowPrintView', 'allow_browse_view' => 'UserPermission_AllowBrowseView', 'allow_sql_search' => 'UserPermission_AllowSQLSearch', 'allow_user_groups' => 'UserPermission_AllowUserGroups', 'allow_user_queries' => 'UserPermission_AllowUserQueries', 'allow_rss_feeds' => 'UserPermission_AllowRSSFeeds', 'allow_import' => 'UserPermission_AllowImport', 'allow_export' => 'UserPermission_AllowExport', 'allow_cite' => 'UserPermission_AllowCite', 'allow_batch_import' => 'UserPermission_AllowBatchImport', 'allow_batch_export' => 'UserPermission_AllowBatchExport', 'allow_modify_options' => 'UserPermission_AllowModifyOptions', 'allow_edit_call_number' => 'UserPermission_AllowEditCallNumber');
            $enabledUserActionsArray = array();
            // initialize array variables
            $disabledUserActionsArray = array();
            // separate enabled permission settings from disabled ones and assign localized permission names:
            foreach ($userPermissionsArray as $permissionKey => $permissionValue) {
                if ($permissionValue == 'yes') {
                    $enabledUserActionsArray[] = $loc[$localizedUserPermissionsArray[$permissionKey]];
                } else {
                    $disabledUserActionsArray[] = $loc[$localizedUserPermissionsArray[$permissionKey]];
                }
                // append this field's localized permission name to the array of disabled user actions
            }
            if (empty($enabledUserActionsArray)) {
                $enabledUserActionsArray[] = "(none)";
            }
            if (empty($disabledUserActionsArray)) {
                $disabledUserActionsArray[] = "(none)";
            }
            echo "\n\t\t<tr>\n\t\t\t<td align=\"left\"><b>User Permissions:</b></td>" . "\n\t\t\t<td align=\"right\">";
            if (mysql_num_rows($result) == 1 or $userID == 0) {
                // If there's a user associated with this user ID (or if we're supposed to display options/permissions for anyone who isn't logged in)
                echo "<a href=\"user_options.php?userID=" . $userID . "#permissions\"><img src=\"img/options.gif\" alt=\"" . $loc["permissions"] . "\" title=\"" . $loc["LinkTitle_EditPermissions"] . "\" width=\"11\" height=\"17\" hspace=\"0\" border=\"0\"></a>";
            }
            echo "</td>\n\t\t</tr>";
            echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>Enabled features:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . implode("</li>\n\t\t\t\t\t<li>", $enabledUserActionsArray) . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>";
            echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>Disabled features:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . implode("</li>\n\t\t\t\t\t<li>", $disabledUserActionsArray) . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>";
        }
        // Close right sub-table:
        echo "\n\t\t</table>";
        // Close right table cell of main table:
        echo "\n\t</td>";
    }
    echo "\n</tr>";
    // Close main table:
    echo "\n</table>";
}
Example #7
0
// Assign correct values to the form variables:
if (!empty($errors)) {
    // load the form data that were entered by the user:
    $origRecord = $formVars['origRecord'];
    $dupRecords = $formVars['dupRecords'];
} else {
    $origRecord = "";
    $dupRecords = "";
}
// --------------------------------------------------------------------
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (2a) Display header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- " . "Manage Duplicates", "index,follow", "Manage duplicate records in the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// (2b) Start <form> and <table> holding the form elements:
// note: we provide a default value for the 'submit' form tag so that hitting <enter> within a text entry field will act as if the user clicked the 'Flag Duplicates' button
?>

<form action="duplicate_modify.php" method="POST">
<input type="hidden" name="formType" value="flagDuplicates">
<input type="hidden" name="viewType" value="<?php 
echo $viewType;
?>
">
<input type="hidden" name="submit" value="Flag Duplicates">
<table align="center" border="0" cellpadding="0" cellspacing="10" width="95%" summary="This table holds a form that allows you to manage duplicate database entries">
<tr>
	<td width="120">
Example #8
0
    } else {
        $skipBadRecords = "";
    }
} else {
    $sourceText = "";
    $showSource = "1";
    $importRecordsRadio = "only";
    $importRecords = "1";
    $skipBadRecords = "";
}
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (2a) Display header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . $pageTitle, "index,follow", "Search the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// (2b) Start <form> and <table> holding the form elements:
echo "\n<form action=\"import_csa_modify.php\" method=\"POST\">";
echo "\n<input type=\"hidden\" name=\"formType\" value=\"importCSA\">" . "\n<input type=\"hidden\" name=\"submit\" value=\"Import\">" . "\n<input type=\"hidden\" name=\"showLinks\" value=\"1\">";
// embed '$showLinks=1' so that links get displayed on any 'display details' page
if (isset($errors['badRecords'])) {
    if ($errors['badRecords'] == "all") {
        if (!empty($errors['skipBadRecords'])) {
            $skipBadRecordsInput = "<br>" . fieldError("skipBadRecords", $errors);
        } else {
            $skipBadRecordsInput = "";
        }
    } elseif ($errors['badRecords'] == "some") {
        if (!empty($skipBadRecords)) {
            $skipBadRecordsCheckBoxIsChecked = " checked";
Example #9
0
        deleteSessionVariable("HeaderString");
        // function 'deleteSessionVariable()' is defined in 'include.inc.php'
    }
    // Extract the view type requested by the user (either 'Mobile', 'Print', 'Web' or ''):
    // ('' will produce the default 'Web' output style)
    if (isset($_REQUEST['viewType'])) {
        $viewType = $_REQUEST['viewType'];
    } else {
        $viewType = "";
    }
    // Show the login status:
    showLogin();
    // (function 'showLogin()' is defined in 'include.inc.php')
    // DISPLAY header:
    // call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
    displayHTMLhead(encodeHTML($officialDatabaseName) . " -- Installation Feedback", "index,follow", "Installation feedback for the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
    showPageHeader($HeaderString);
    // Start a <table>:
    ?>

<table align="center" border="0" cellpadding="0" cellspacing="10" width="95%" summary="This table holds the installation feedback info"><?php 
    if (!empty($resultArray)) {
        ?>

	<tr>
		<td valign="top"><b>Error:</b></td>
		<td><?php 
        echo encodeHTML($resultLines);
        ?>
</td>
	</tr>
Example #10
0
} else {
    $formType = "";
    // (A) main import form:
    $sourceText = "";
    $importRecordsRadio = "all";
    $importRecords = "1";
    $skipBadRecords = "";
    // (B) "Import IDs" form:
    $sourceIDs = "";
}
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (2a) Display header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . $pageTitle, "index,follow", "Import records into the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// (2b) Start <form> and <table> holding the form elements of the main import form:
echo "\n<form enctype=\"multipart/form-data\" action=\"import_modify.php\" method=\"POST\">" . "\n<input type=\"hidden\" name=\"formType\" value=\"import\">" . "\n<input type=\"hidden\" name=\"submit\" value=\"Import\">" . "\n<input type=\"hidden\" name=\"showLinks\" value=\"1\">" . "\n<input type=\"hidden\" name=\"showSource\" value=\"1\">";
// for particular formats (e.g., CSA or MEDLINE) original source data will be displayed alongside the parsed data for easier comparison
if (isset($errors['badRecords'])) {
    if ($errors['badRecords'] == "all") {
        if (!empty($errors['skipBadRecords'])) {
            $skipBadRecordsInput = "<br>" . fieldError("skipBadRecords", $errors);
        } else {
            $skipBadRecordsInput = "";
        }
    } elseif ($errors['badRecords'] == "some") {
        if (!empty($skipBadRecords)) {
            $skipBadRecordsCheckBoxIsChecked = " checked";
        } else {
Example #11
0
function login_page($referer)
{
    global $HeaderString;
    global $viewType;
    global $loginWelcomeMsg;
    global $loginStatus;
    global $loginLinks;
    global $officialDatabaseName;
    global $loc;
    // Show login status (should be logged out!)
    showLogin();
    // (function 'showLogin()' is defined in 'include.inc.php')
    // If there's no stored message available:
    if (!isset($_SESSION['HeaderString'])) {
        $HeaderString = $loc['YouNeedToLoginInOrderToMakeChangesToTheDatabase'];
    } else {
        $HeaderString = $_SESSION['HeaderString'];
        // extract 'HeaderString' session variable (only necessary if register globals is OFF!)
        // Note: though we clear the session variable, the current message is still available to this script via '$HeaderString':
        deleteSessionVariable("HeaderString");
        // function 'deleteSessionVariable()' is defined in 'include.inc.php'
    }
    // Call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
    displayHTMLhead(encodeHTML($officialDatabaseName) . " -- User Login", "index,follow", "User login page. You must be logged in to the " . encodeHTML($officialDatabaseName) . " in order to add, edit or delete records", "", false, "", $viewType, array());
    showPageHeader($HeaderString);
    // Build the login form:
    // Note: we use the fact here, that a page can have both, a GET and POST request.
    //       (if you POST, but add ?blah=foo to the end of the action URL, the client will GET, then POST)
    ?>

<form method="POST" action="user_login.php?referer=<?php 
    echo rawurlencode($referer);
    ?>
">
        <div class="row">
            <div class="small-12 column">
                <div class="row">
                    <div class="small-2 columns">
                        <label for=""><?php 
    echo $loc["EmailAddress"];
    ?>
:</label>
                    </div>
                    <div class="small-10 columns">
                        <input type="text" name="loginEmail" size="30">
                    </div>
                </div>
            </div>
        </div>
        <div class="row">
            <div class="small-12 column">
                <div class="row">
                    <div class="small-2 columns">
                        <label for=""><?php 
    echo $loc["EmailAdressPassword"];
    ?>
:</label>
                    </div>
                    <div class="small-10 columns">
                        <input type="password" name="loginPassword" size="30">
                    </div>
                </div>
            </div>
        </div>
        <div class="row">
            <div class="small-12 column">
                <input class="button secondary right" style="margin-bottom: 15px" type="submit" value="Login">
            </div>
        </div>

<!--<table align="center" border="0" cellpadding="2" cellspacing="5" width="95%" summary="This table holds a login form for the --><?php 
    //echo encodeHTML($officialDatabaseName);
    ?>
<!--">-->
<!--	<tr>-->
<!--		<td width="174" valign="bottom">-->
<!--			<b>--><?php 
    //echo $loc["EmailAddress"];
    ?>
<!--:</b>-->
<!--		</td>-->
<!--		<td valign="bottom">-->
<!--			<input type="text" name="loginEmail" size="30">-->
<!--		</td>-->
<!--	</tr>-->
<!--	<tr>-->
<!--		<td valign="bottom">-->
<!--			<b>--><?php 
    //echo $loc["EmailAdressPassword"];
    ?>
<!--:</b>-->
<!--		</td>-->
<!--		<td valign="bottom">-->
<!--			<input type="password" name="loginPassword" size="30">-->
<!--		</td>-->
<!--	</tr>-->
<!--	<tr>-->
<!--		<td valign="bottom">-->
<!--			&nbsp;-->
<!--		</td>-->
<!--		<td valign="bottom">-->
<!--			<input class="button secondary" type="submit" value="Login">-->
<!--		</td>-->
<!--	</tr>-->
<!--</table>-->
</form><?php 
    // --------------------------------------------------------------------
    // DISPLAY THE HTML FOOTER:
    // call the 'showPageFooter()' and 'displayHTMLfoot()' functions (which are defined in 'footer.inc.php')
    showPageFooter($HeaderString);
    displayHTMLfoot();
    // --------------------------------------------------------------------
}
Example #12
0
        // Note: though we clear the session variable, the current message is still available to this script via '$HeaderString':
        deleteSessionVariable("HeaderString");
    }
    // Extract the view type requested by the user (either 'Mobile', 'Print', 'Web' or ''):
    // ('' will produce the default 'Web' output style)
    if (isset($_REQUEST['viewType'])) {
        $viewType = $_REQUEST['viewType'];
    } else {
        $viewType = "";
    }
    // Show the login status:
    showLogin();
    // (function 'showLogin()' is defined in 'include.inc.php')
    // DISPLAY header:
    // call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
    displayHTMLhead(encodeHTML($officialDatabaseName) . " -- Update Feedback", "index,follow", "Update feedback for the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
    showPageHeader($HeaderString);
    // Start a <table>:
    ?>

<table align="center" border="0" cellpadding="0" cellspacing="10" width="95%" summary="This table holds the update feedback info"><?php 
    if (!empty($resultArray)) {
        ?>

	<tr>
		<td colspan="2"><h3>Welcome to refbase v0.9.6!</h3></td>
	</tr><?php 
    }
    // following note will be always displayed no matter if something was changed or not:
    ?>
Example #13
0
    //fetch the current row into the array $row
    // If the admin is logged in AND the displayed user data are NOT his own, we overwrite the default header message:
    // (Since the admin is allowed to view and edit account data from other users, we have to provide a dynamic header message in that case)
    if ($loginEmail == $adminLoginEmail && $userID != getUserID($loginEmail)) {
        // ('$adminLoginEmail' is specified in 'ini.inc.php')
        if (!isset($_SESSION['HeaderString'])) {
            $HeaderString = "Edit account details for <b>" . encodeHTML($row["first_name"]) . " " . encodeHTML($row["last_name"]) . " (" . $row["email"] . ")</b>:";
        }
    }
}
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (4) DISPLAY header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- User Details", "noindex,nofollow", "User details required for use of the " . encodeHTML($officialDatabaseName), "\n\t<meta http-equiv=\"expires\" content=\"0\">", true, "", $viewType, array());
showPageHeader($HeaderString);
// (5) CLOSE the database connection:
disconnectFromMySQLDatabase();
// function 'disconnectFromMySQLDatabase()' is defined in 'include.inc.php'
// --------------------------------------------------------------------
if (isset($_SESSION['loginEmail']) && empty($errors) && isset($userID) && !empty($userID)) {
    // Reset the '$formVars' variable (since we're loading from the user table):
    $formVars = array();
    // Reset the '$errors' variable:
    $errors = array();
    // Load all the form variables with user data:
    $formVars["firstName"] = $row["first_name"];
    $formVars["lastName"] = $row["last_name"];
    $formVars["title"] = $row["title"];
    $formVars["institution"] = $row["institution"];
Example #14
0
function generateExport($result, $rowOffset, $showRows, $exportFormat, $exportType, $exportStylesheet, $displayType, $viewType, $userID)
{
    global $officialDatabaseName;
    // these variables are defined in 'ini.inc.php'
    global $contentTypeCharset;
    global $convertExportDataToUTF8;
    global $defaultExportFormat;
    global $userOptionsArray;
    global $loc;
    // '$loc' is made globally available in 'core.php'
    // get all user options for the current user:
    // (note that '$userOptionsArray' is made globally available)
    $userOptionsArray = getUserOptions($userID);
    // function 'getUserOptions()' is defined in 'include.inc.php'
    // fetch the path/name of the export format file that's associated with the export format given in '$exportFormat':
    $exportFormatFile = getFormatFile($exportFormat, "export");
    // function 'getFormatFile()' is defined in 'include.inc.php()'
    if (empty($exportFormatFile)) {
        $exportFormat = $defaultExportFormat;
        // if the given export format could not be found, we'll use the default export format which is defined by the '$defaultExportFormat' variable in 'ini.inc.php'
        $exportFormatFile = getFormatFile($exportFormat, "export");
    }
    // include the found export format file *once*:
    include_once "export/" . $exportFormatFile;
    // instead of 'include_once' we could also use: 'if ($rowCounter == 0) { include "export/" . $exportFormatFile; }'
    // export found records using the specified export format:
    $exportText = exportRecords($result, $rowOffset, $showRows, $exportStylesheet, $displayType);
    // function 'exportRecords()' is defined in the export format file given in '$exportFormatFile' (which, in turn, must reside in the 'export' directory of the refbase root directory)
    // adjust the mime type and return exported data based on the key given in '$exportType':
    if (preg_match("/text/i", $exportType)) {
        $exportContentType = "text/plain";
    } elseif (preg_match("/^(html|email)\$/i", $exportType)) {
        $exportContentType = "text/html";
    } elseif (preg_match("/xml/i", $exportType)) {
        // NOTE: Firefox >=2.x, Safari >=2.x and IE >=7.x break client-side XSL for RSS and Atom feeds!
        //       See e.g.: <http://decafbad.com/blog/2006/11/02/firefox-20-breaks-client-side-xsl-for-rss-and-atom-feeds>
        // TODO: Re-evaluate: As a consequence, we apply a VERY dirty hack in 'atomxml.inc.php' that prevents the feed sniffing
        //       and subsequent browser applied default XSLT stylesheet that has been implemented by FireFox 2, Safari 2
        //       and Internet Explorer 7. To prevent the feed sniffing we insert a comment before the feed
        //       element that is larger than 512 bytes. See: <http://feedme.mind-it.info/pivot/entry.php?id=9>
        //
        //       For some browsers (such as the Camino browser <http://caminobrowser.org/>) it's possible to set the content type
        //       to 'application/xml' which (while incorrect for Atom/RSS) will cause the browser to trigger their XML+XSLT renderer
        //       if the Atom/RSS feed was requested together with a stylesheet.
        //
        //       If the content type is set to 'application/atom+xml', Firefox 2 and Safari 2 will always apply their own default
        //       XSLT stylesheet and ignore any client-side XSL transformation!
        if (preg_match("/Atom/i", $exportFormat) and empty($exportStylesheet)) {
            $exportContentType = "application/atom+xml";
        } else {
            $exportContentType = "application/xml";
        }
    } elseif (preg_match("/rss/i", $exportType)) {
        $exportContentType = "application/rss+xml";
    } elseif (preg_match("/file/i", $exportType)) {
        $exportContentType = "text/plain";
        // set the default mime type
        // Note that we do some "quick'n dirty" guessing for some export formats here (e.g., we assume/require that an XML export format name
        // contains 'XML' within its name!). This is in NO way fool proof and should be handled in a better way!
        if (preg_match("/XML/i", $exportFormat)) {
            if (preg_match("/Atom/i", $exportFormat)) {
                // if the export format name contains 'Atom'
                $exportContentType = "application/atom+xml";
            } else {
                $exportContentType = "application/xml";
            }
            if (preg_match("/Atom/i", $exportFormat)) {
                // if the export format name contains 'Atom'
                $exportFileName = "atom_export.xml";
            } elseif (preg_match("/SRW_DC/i", $exportFormat)) {
                // if the export format name contains 'SRW_DC'
                $exportFileName = "srw_dc_export.xml";
            } elseif (preg_match("/SRW_MODS/i", $exportFormat)) {
                // if the export format name contains 'SRW_MODS'
                $exportFileName = "srw_mods_export.xml";
            } elseif (preg_match("/SRW/i", $exportFormat)) {
                // if the export format name contains 'SRW' (fallback)
                $exportFileName = "srw_export.xml";
            } elseif (preg_match("/^MODS/i", $exportFormat)) {
                // if the export format name starts with 'MODS' (NOTE: the regex pattern must not match "SRW_MODS XML")
                $exportFileName = "mods_export.xml";
            } elseif (preg_match("/^(OAI_)?DC/i", $exportFormat)) {
                // if the export format starts contains 'OAI_DC' or 'DC' (NOTE: the regex pattern must not match "SRW_DC XML")
                $exportFileName = "oaidc_export.xml";
            } elseif (preg_match("/ODF|OpenDocument/i", $exportFormat)) {
                if (preg_match("/file/i", $exportType)) {
                    $exportContentType = "application/vnd.oasis.opendocument.spreadsheet";
                    $exportFileName = "odf_export.ods";
                } else {
                    $exportFileName = "content.xml";
                }
            } elseif (preg_match("/Word/i", $exportFormat)) {
                // if the export format name contains 'Word'
                $exportFileName = "msword_export.xml";
            } else {
                $exportFileName = "export.xml";
            }
        } elseif (preg_match("/ADS|BibTeX|Endnote|ISI|RIS/i", $exportFormat)) {
            if (preg_match("/ADS/i", $exportFormat)) {
                $exportFileName = "ads_export.txt";
            } elseif (preg_match("/BibTeX/i", $exportFormat)) {
                $exportFileName = "bibtex_export.bib";
            } elseif (preg_match("/Endnote/i", $exportFormat)) {
                $exportFileName = "endnote_export.enw";
            } elseif (preg_match("/ISI/i", $exportFormat)) {
                $exportFileName = "isi_export.txt";
            } elseif (preg_match("/RIS/i", $exportFormat)) {
                $exportFileName = "ris_export.ris";
            }
        } else {
            $exportFileName = "exported_records.txt";
        }
        // set the default download file name
    }
    // if variable '$convertExportDataToUTF8' is set to "yes" in 'ini.inc.php', we'll convert latin1 data to UTF-8
    // when exporting to XML; therefore, we'll need to temporarily set the value of the global '$contentTypeCharset'
    // variable to UTF-8 which will ensure proper HTML output
    if ($convertExportDataToUTF8 == "yes" and $contentTypeCharset != "UTF-8") {
        $oldContentTypeCharset = $contentTypeCharset;
        // remember the actual database charset
        $oldOfficialDatabaseName = $officialDatabaseName;
        // remember the database name as originally encoded
        // if the database charset is not "UTF-8" then we'll also need to temporarily convert any higher ASCII chars in variables which get included within the HTML output
        $officialDatabaseName = convertToCharacterEncoding("UTF-8", "IGNORE", $officialDatabaseName);
        // function 'convertToCharacterEncoding()' is defined in 'include.inc.php'
        $contentTypeCharset = "UTF-8";
        // for XML output we'll temporarily set the value of '$contentTypeCharset' to "UTF-8"
    }
    // set the appropriate mimetype & set the character encoding to the one given in '$contentTypeCharset':
    setHeaderContentType($exportContentType, $contentTypeCharset);
    // function 'setHeaderContentType()' is defined in 'include.inc.php'
    if (preg_match("/file/i", $exportType)) {
        // instruct the browser to download the resulting XML file:
        header('Content-Disposition: attachment; filename="' . $exportFileName . '"');
    } elseif (preg_match("/^(html|email)\$/i", $exportType)) {
        if (preg_match("/email/i", $exportType)) {
            $emailRecipient = $_SESSION['loginEmail'];
            $emailSubject = "Your records from the " . $officialDatabaseName . " (exported to " . $exportFormat . " format)";
            $emailBody = $exportText;
            sendEmail($emailRecipient, $emailSubject, $emailBody);
            // function 'sendEmail()' is defined in 'include.inc.php'
        }
        // call the 'displayHTMLhead()' function (defined in 'header.inc.php'):
        displayHTMLhead(encodeHTML($officialDatabaseName) . " -- Exported Data", "index,follow", "Data exported from the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
        $exportText = "\n\t<pre>\n" . encodeHTML($exportText) . "\n\t</pre>\n</body>\n</html>\n";
        if ($exportType == "email") {
            $exportText = "\n\t<p>" . "\n\t\t<a href=\"javascript:history.back()\" title=\"" . $loc["LinkTitle_GoBackToResults"] . "\">" . $loc["Go Back"] . "</a>" . "\n\t</p>" . "\n\t<p>" . "\n\t\t<b>The data below have been sent to <a href=\"mailto:" . $_SESSION['loginEmail'] . "\">" . $_SESSION['loginEmail'] . "</a>:</b>" . "\n\t</p>" . $exportText;
        }
    }
    if ($convertExportDataToUTF8 == "yes" and $contentTypeCharset != "UTF-8") {
        $contentTypeCharset = $oldContentTypeCharset;
        // restore the actual database charset
        $officialDatabaseName = $oldOfficialDatabaseName;
        // restore the database name as originally encoded
    }
    if (preg_match("/ODF|OpenDocument/i", $exportFormat) && preg_match("/file/i", $exportType)) {
        // This is a dirty hack to zip and return an ODF file.
        // It may be desired to retun other non-textual formats in the future & to return these as attachments by email in the future.
        // If this becomes needed, we should refactor the output.
        $zipfile = zipODF($exportText);
        // function 'zipODF()' is defined in 'odfxml.inc.php'
        echo $zipfile->file();
    } else {
        // we'll present the output within the _same_ browser window:
        // (note that we don't use a popup window here, since this may be blocked by particular browsers)
        echo $exportText;
    }
}
Example #15
0
}
// Extract generic variables from the request:
if (isset($_SESSION['oldQuery'])) {
    $oldQuery = $_SESSION['oldQuery'];
} else {
    $oldQuery = array();
}
// --------------------------------------------------------------------
// (4) DISPLAY HEADER & RESULTS
//     (NOTE: Since there's no need to query the database here, we won't perform any of the following: (1) OPEN CONNECTION, (2) SELECT DATABASE, (3) RUN QUERY, (5) CLOSE CONNECTION)
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (4a) DISPLAY header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- Error", "noindex,nofollow", "Feedback page that shows any error that occurred while using the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// Generate a 'search.php' URL that points to the formerly displayed results page:
if (!empty($oldQuery)) {
    $oldQueryURL = generateURL("search.php", "html", $oldQuery, true);
}
// function 'generateURL()' is defined in 'include.inc.php'
// Build appropriate links:
$links = "\n<tr>" . "\n\t<td>" . "\n\t\tChoose how to proceed:&nbsp;&nbsp;";
// - provide a 'go back' link (the following would only work with javascript: <a href=\"javascript:history.back()\">Go Back</a>")
$links .= "\n\t\t<a href=\"" . str_replace('&', '&amp;', $referer) . "\">Go Back</a>";
// variable '$referer' is globally defined in function 'start_session()' in 'include.inc.php'
// - provide a link to any previous search results:
if (!empty($oldQuery)) {
    $links .= "\n\t\t&nbsp;&nbsp;-OR-&nbsp;&nbsp;" . "\n\t\t<a href=\"" . $oldQueryURL . "\">Display previous search results</a>";
}
Example #16
0
    $mobileViewTypeSelected = "";
} elseif (preg_match("/^Mobile\$/i", $queryViewType)) {
    $webViewTypeSelected = "";
    $printViewTypeSelected = "";
    $mobileViewTypeSelected = " selected";
} else {
    $webViewTypeSelected = " selected";
    $printViewTypeSelected = "";
    $mobileViewTypeSelected = "";
}
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (2a) Display header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- " . $pageTitle, "index,follow", "Manage queries that are used to search the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// (2b) Start <form> and <table> holding the form elements:
// note: we provide a default value for the 'submit' form tag so that hitting <enter> within a text entry field will act as if the user clicked the 'Add/Edit Query' button
?>

<form action="query_modify.php" method="POST" name="saveQuery">
<input type="hidden" name="formType" value="saveQuery">
<input type="hidden" name="submit" value="<?php 
echo $pageTitle;
?>
">
<input type="hidden" name="queryAction" value="<?php 
echo $queryAction;
?>
">
Example #17
0
            // for INSERTs, 'created_...' and 'modified_...' variables will get fresh values in 'modify.php' anyhow
            $createdTime = "";
            $createdBy = "";
            $modifiedDate = "";
            $modifiedTime = "";
            $modifiedBy = "";
            $origRecord = "";
        }
    }
}
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (4a) DISPLAY header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- " . $pageTitle, "index,follow", "Add, edit or delete a record in the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// (4b) DISPLAY results:
// Start <form> and <table> holding the form elements:
echo "\n<form enctype=\"multipart/form-data\" action=\"modify.php?proc=1\" method=\"POST\" accept-charset=\"" . $contentTypeCharset . "\" name=\"record\">";
// '$contentTypeCharset' is defined in 'ini.inc.php'
echo "\n<input type=\"hidden\" name=\"formType\" value=\"record\">";
echo "\n<input type=\"hidden\" name=\"submit\" value=\"" . $addEditButtonTitle . "\">";
// provide a default value for the 'submit' form tag (then, hitting <enter> within a text entry field will act as if the user clicked the 'Add/Edit Record' button)
echo "\n<input type=\"hidden\" name=\"recordAction\" value=\"" . $recordAction . "\">";
echo "\n<input type=\"hidden\" name=\"contributionIDName\" value=\"" . rawurlencode($contributionID) . "\">";
echo "\n<input type=\"hidden\" name=\"origRecord\" value=\"" . $origRecord . "\">";
if ($recordAction == "edit") {
    // the following hidden form tags are included in order to have their values available when a record is moved to the 'deleted' table:
    echo "\n<input type=\"hidden\" name=\"createdDate\" value=\"" . $createdDate . "\">";
    echo "\n<input type=\"hidden\" name=\"createdTime\" value=\"" . $createdTime . "\">";
Example #18
0
}
// Get the query URL of the last multi-record query:
if (isset($_SESSION['oldMultiRecordQuery'])) {
    $oldMultiRecordQuery = $_SESSION['oldMultiRecordQuery'];
} else {
    $oldMultiRecordQuery = "";
}
// --------------------------------------------------------------------
// (4) DISPLAY HEADER & RESULTS
//     (NOTE: Since there's no need to query the database here, we won't perform any of the following: (1) OPEN CONNECTION, (2) SELECT DATABASE, (3) RUN QUERY, (5) CLOSE CONNECTION)
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (4a) DISPLAY header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- Record Action Feedback", "noindex,nofollow", "Feedback page that confirms any adding, editing or deleting of records in the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// (4b) DISPLAY results:
// construct the correct SQL query that will link back to the added/edited record:
$sqlQuery = buildSELECTclause("Display", "1", "", true, false);
// function 'buildSELECTclause()' is defined in 'include.inc.php'
if (isset($_SESSION['loginEmail'])) {
    // if a user is logged in, show user specific fields:
    $sqlQuery .= " FROM {$tableRefs} LEFT JOIN {$tableUserData} ON serial = record_id AND user_id = " . quote_smart($loginUserID) . " WHERE serial RLIKE " . quote_smart("^(" . $serialNo . ")\$") . " ORDER BY author, year DESC, publication";
} else {
    // if NO user logged in, don't display any user specific fields:
    $sqlQuery .= " FROM {$tableRefs} WHERE serial RLIKE " . quote_smart("^(" . $serialNo . ")\$") . " ORDER BY author, year DESC, publication";
}
// we simply use the fixed default ORDER BY clause here
$sqlQuery = rawurlencode($sqlQuery);
// Generate a 'search.php' URL that points to the formerly displayed results page:
Example #19
0
    // function 'returnMsg()' is defined in 'include.inc.php'
    header("Location: " . $referer);
    // variable '$referer' is globally defined in function 'start_session()' in 'include.inc.php'
    exit;
    // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> !EXIT! <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
}
// --------------------------------------------------------------------
// (4) DISPLAY HEADER & RESULTS
//     (NOTE: Since there's no need to query the database here, we won't perform any of the following: (1) OPEN CONNECTION, (2) SELECT DATABASE, (3) RUN QUERY, (5) CLOSE CONNECTION)
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (4a) DISPLAY header:
// Call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
if ($wrapResults != "0") {
    displayHTMLhead(encodeHTML($officialDatabaseName) . " -- Query History", "noindex,nofollow", "Displays links to previous search results", "", false, "", $viewType, array());
    if (!preg_match("/^(Print|Mobile)\$/i", $viewType)) {
        // Note: we omit the visible header in print/mobile view ('viewType=Print' or 'viewType=Mobile')
        showPageHeader($HeaderString);
    }
    echo "\n";
}
// (4b) DISPLAY results:
echo "<div id=\"queryhistory\">";
// Print a link to the current query:
if (!empty($oldQuery)) {
    echo "\n\t<div id=\"currentquery\">" . "\n\t\t<h5>Current Query</h5>";
    // Extract the 'WHERE' clause from the current SQL query:
    $queryWhereClause = extractWHEREclause($oldQuery["sqlQuery"]);
    // function 'extractWHEREclause()' is defined in 'include.inc.php'
    $queryTitle = encodeHTML(explainSQLQuery($queryWhereClause));
Example #20
0
// NOTE: strictly, this isn't really necessary but it helps to achieve a similar appearance of the login form on Firefox/Gecko & Safari/WebKit browsers (with all supported GUI languages)
// TODO: figure out a better way (which isn't based on user agent sniffing); the problem could also be avoided by simply stacking <input> fields & their labels on top of each other
if (isset($_SERVER['HTTP_USER_AGENT']) and preg_match("/AppleWebKit/i", $_SERVER['HTTP_USER_AGENT'])) {
    $rightColumnWidth = "215";
} else {
    $rightColumnWidth = "225";
}
// Get the total number of records:
$recordCount = getTotalNumberOfRecords();
// function 'getTotalNumberOfRecords()' is defined in 'include.inc.php'
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (4) DISPLAY header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- " . $loc["Home"], "index,follow", "Search the " . encodeHTML($officialDatabaseName), "", true, "", $viewType, $rssURLArray);
showPageHeader($HeaderString);
// Define variables holding common drop-down elements, i.e. build properly formatted <option> tag elements:
// - "Browse My Refs" form:
$dropDownFieldNameArray2 = array("author" => $loc["DropDownFieldName_Author"], "year" => $loc["DropDownFieldName_Year"], "publication" => $loc["DropDownFieldName_Publication"], "keywords" => $loc["DropDownFieldName_Keywords"], "user_keys" => $loc["DropDownFieldName_UserKeys"]);
$dropDownItems2 = buildSelectMenuOptions($dropDownFieldNameArray2, "//", "\t\t\t\t\t", true);
// function 'buildSelectMenuOptions()' is defined in 'include.inc.php'
// --------------------------------------------------------------------
?>

<table align="center" width="95%" summary="This table explains features, goals and usage of the <?php 
echo encodeHTML($officialDatabaseName);
?>
">
	<tr>
		<td colspan="2"><h3><?php 
Example #21
0
$selectedFields = implode("|", $selectedFieldsArray);
// merge array of fields that shall be selected
$matchFieldsOptionTags = preg_replace("/<option([^>]*)>({$selectedFields})<\\/option>/", "<option\\1 selected>\\2</option>", $matchFieldsOptionTags);
// define variable holding the 'nonASCIIChars' drop-down elements:
$dropDownItemArray2 = array("strip" => "strip", "transliterate" => "transliterate", "keep" => "don't change");
// build properly formatted <option> tag elements from array items given in '$dropDownItemArray2':
$nonASCIICharsOptionTags = buildSelectMenuOptions($dropDownItemArray2, "//", "\t\t\t\t", true);
// add 'selected' attribute:
$nonASCIICharsOptionTags = preg_replace("/<option([^>]*)>({$dropDownItemArray2[$nonASCIICharsSelected]})<\\/option>/", "<option\\1 selected>\\2</option>", $nonASCIICharsOptionTags);
// --------------------------------------------------------------------
// Show the login status:
showLogin();
// (function 'showLogin()' is defined in 'include.inc.php')
// (2a) Display header:
// call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'):
displayHTMLhead(encodeHTML($officialDatabaseName) . " -- " . "Find Duplicates", "index,follow", "Search for duplicates within the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array());
showPageHeader($HeaderString);
// (2b) Start <form> and <table> holding the form elements:
// note: we provide a default value for the 'submit' form tag so that hitting <enter> within a text entry field will act as if the user clicked the 'Add/Edit Query' button
?>

<form action="search.php" method="GET">
<input type="hidden" name="formType" value="duplicateSearch">
<input type="hidden" name="originalDisplayType" value="<?php 
echo $displayType;
?>
">
<input type="hidden" name="submit" value="Find Duplicates">
<input type="hidden" name="citeStyle" value="<?php 
echo rawurlencode($citeStyle);
?>