// TODO: figure out a better way (which isn't based on user agent sniffing); the problem could also be avoided by simply stacking <input> fields & their labels on top of each other if (isset($_SERVER['HTTP_USER_AGENT']) and preg_match("/AppleWebKit/i", $_SERVER['HTTP_USER_AGENT'])) { $rightColumnWidth = "215"; } else { $rightColumnWidth = "225"; } // Get the total number of records: $recordCount = getTotalNumberOfRecords(); // function 'getTotalNumberOfRecords()' is defined in 'include.inc.php' // Show the login status: showLogin(); // (function 'showLogin()' is defined in 'include.inc.php') // (4) DISPLAY header: // call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'): displayHTMLhead(encodeHTML($officialDatabaseName) . " -- " . $loc["Home"], "index,follow", "Search the " . encodeHTML($officialDatabaseName), "", true, "", $viewType, $rssURLArray); showPageHeader($HeaderString); // Define variables holding common drop-down elements, i.e. build properly formatted <option> tag elements: // - "Browse My Refs" form: $dropDownFieldNameArray2 = array("author" => $loc["DropDownFieldName_Author"], "year" => $loc["DropDownFieldName_Year"], "publication" => $loc["DropDownFieldName_Publication"], "keywords" => $loc["DropDownFieldName_Keywords"], "user_keys" => $loc["DropDownFieldName_UserKeys"]); $dropDownItems2 = buildSelectMenuOptions($dropDownFieldNameArray2, "//", "\t\t\t\t\t", true); // function 'buildSelectMenuOptions()' is defined in 'include.inc.php' // -------------------------------------------------------------------- ?> <table align="center" width="95%" summary="This table explains features, goals and usage of the <?php echo encodeHTML($officialDatabaseName); ?> "> <tr> <td colspan="2"><h3><?php echo $loc["RecentChanges"];
function showQueryPage($operation, $viewType, $showRows, $rowOffset) { global $officialDatabaseName; // defined in 'ini.inc.php' global $displayType; global $loc; // defined in 'locales/core.php' global $client; // If there's no stored message available: if (!isset($_SESSION['HeaderString'])) { $HeaderString = $loc["SearchDB"] . ":"; } else { $HeaderString = $_SESSION['HeaderString']; // extract 'HeaderString' session variable (only necessary if register globals is OFF!) // Note: though we clear the session variable, the current message is still available to this script via '$HeaderString': deleteSessionVariable("HeaderString"); // function 'deleteSessionVariable()' is defined in 'include.inc.php' } // For HTML output, we'll need to reset the value of the '$displayType' variable // (which, by default, is set to "Export"; see above); otherwise, the 'originalDisplayType' // parameter in the 'quickSearch' form of the page header would be incorrectly set to "Export" $displayType = ""; // if '$displayType' is empty, 'show.php' will use the default view that's given in session variable 'userDefaultView' // Show the login status: showLogin(); // (function 'showLogin()' is defined in 'include.inc.php') // DISPLAY header: // call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'): displayHTMLhead(encodeHTML($officialDatabaseName) . " -- " . $loc["Search"], "index,follow", "Search the " . encodeHTML($officialDatabaseName), "", true, "", $viewType, array()); if (!preg_match("/^Mobile\$/i", $viewType) and !preg_match("/^inc/i", $client)) { // Note: we omit the visible header in mobile view ('viewType=Mobile') and for include mechanisms! showPageHeader($HeaderString); } // Define variables holding common drop-down elements, i.e. build properly formatted <option> tag elements: $dropDownConditionals1Array = array("contains" => $loc["contains"], "does not contain" => $loc["contains not"], "is equal to" => $loc["equal to"], "is not equal to" => $loc["equal to not"], "starts with" => $loc["starts with"], "ends with" => $loc["ends with"]); $dropDownItems1 = buildSelectMenuOptions($dropDownConditionals1Array, "//", "\t\t\t", true); // function 'buildSelectMenuOptions()' is defined in 'include.inc.php' $dropDownConditionals2Array = array("is greater than" => $loc["is greater than"], "is less than" => $loc["is less than"], "is within range" => $loc["is within range"], "is within list" => $loc["is within list"]); $dropDownItems2 = buildSelectMenuOptions($dropDownConditionals2Array, "//", "\t\t\t", true); $dropDownFieldNames1Array = array("author" => $loc["DropDownFieldName_Author"], "address" => $loc["DropDownFieldName_Address"], "corporate_author" => $loc["DropDownFieldName_CorporateAuthor"], "thesis" => $loc["DropDownFieldName_Thesis"], "", "title" => $loc["DropDownFieldName_Title"], "orig_title" => $loc["DropDownFieldName_OrigTitle"], "", "year" => $loc["DropDownFieldName_Year"], "publication" => $loc["DropDownFieldName_Publication"], "abbrev_journal" => $loc["DropDownFieldName_AbbrevJournal"], "editor" => $loc["DropDownFieldName_Editor"], "", "volume_numeric" => $loc["DropDownFieldName_Volume"], "issue" => $loc["DropDownFieldName_Issue"], "pages" => $loc["DropDownFieldName_Pages"], "", "series_title" => $loc["DropDownFieldName_SeriesTitle"], "abbrev_series_title" => $loc["DropDownFieldName_AbbrevSeriesTitle"], "series_editor" => $loc["DropDownFieldName_SeriesEditor"], "series_volume_numeric" => $loc["DropDownFieldName_SeriesVolume"], "series_issue" => $loc["DropDownFieldName_SeriesIssue"], "", "publisher" => $loc["DropDownFieldName_Publisher"], "place" => $loc["DropDownFieldName_Place"], "", "edition" => $loc["DropDownFieldName_Edition"], "medium" => $loc["DropDownFieldName_Medium"], "issn" => $loc["DropDownFieldName_Issn"], "isbn" => $loc["DropDownFieldName_Isbn"], "", "language" => $loc["DropDownFieldName_Language"], "summary_language" => $loc["DropDownFieldName_SummaryLanguage"], "", "keywords" => $loc["DropDownFieldName_Keywords"], "abstract" => $loc["DropDownFieldName_Abstract"], "", "area" => $loc["DropDownFieldName_Area"], "expedition" => $loc["DropDownFieldName_Expedition"], "conference" => $loc["DropDownFieldName_Conference"], "", "doi" => $loc["DropDownFieldName_Doi"], "url" => $loc["DropDownFieldName_Url"]); if (isset($_SESSION['loginEmail'])) { // we only include the 'file' field if the user is logged in $dropDownFieldNames1Array["file"] = $loc["DropDownFieldName_File"]; } $dropDownFieldNames1Array[] = ""; $dropDownFieldNames1Array["notes"] = $loc["DropDownFieldName_Notes"]; if (isset($_SESSION['loginEmail'])) { // we only include the 'location' field if the user is logged in $dropDownFieldNames1Array["location"] = $loc["DropDownFieldName_Location"]; } $dropDownFieldNames2Array = array("call_number" => $loc["DropDownFieldName_CallNumber"], "", "serial" => $loc["DropDownFieldName_Serial"], "type" => $loc["DropDownFieldName_Type"], "approved" => $loc["DropDownFieldName_Approved"], "", "created_date" => $loc["DropDownFieldName_CreatedDate"], "created_time" => $loc["DropDownFieldName_CreatedTime"]); if (isset($_SESSION['loginEmail'])) { // we only include the 'created_by' field if the user is logged in $dropDownFieldNames2Array["created_by"] = $loc["DropDownFieldName_CreatedBy"]; } $dropDownFieldNames2Array[] = ""; $dropDownFieldNames2Array["modified_date"] = $loc["DropDownFieldName_ModifiedDate"]; $dropDownFieldNames2Array["modified_time"] = $loc["DropDownFieldName_ModifiedTime"]; if (isset($_SESSION['loginEmail'])) { // we only include the 'modified_by' field if the user is logged in $dropDownFieldNames2Array["modified_by"] = $loc["DropDownFieldName_ModifiedBy"]; } $dropDownItems3 = buildSelectMenuOptions(array_merge($dropDownFieldNames1Array, $dropDownFieldNames2Array), "//", "\t\t\t", true); $dropDownConditionals3Array = array("html" => "html", "atom" => "Atom XML", "rss" => "RSS XML", "srw_dc" => "SRW_DC XML", "srw_mods" => "SRW_MODS XML"); $dropDownItems4 = buildSelectMenuOptions($dropDownConditionals3Array, "//", "\t\t\t", true); // Map CQL indexes to refbase field names: $indexNamesArray = mapCQLIndexes(); // function 'mapCQLIndexes()' is defined in 'webservice.inc.php' // -------------------------------------------------------------------- // TODO: when the simple CQL Query Builder interface is done, a call to 'opensearch.php' (or 'opensearch.php?operation=simple') // should activate that simple GUI-based interface (currently, it activates the advanced interface that you'd normally only // get via 'opensearch.php?operation=cql' or 'opensearch.php?operation=advanced') // if (preg_match("/^(advanced|CQL)$/i", $operation)) showQueryFormAdvanced($dropDownItems1, $dropDownItems2, $dropDownItems3, $dropDownItems4, $showRows, $rowOffset, $indexNamesArray, $viewType); // let's you enter a standard CQL query directly // else // showQueryFormSimple($dropDownItems1, $dropDownItems2, $dropDownItems3, $dropDownItems4, $showRows, $rowOffset, $indexNamesArray, $viewType); // let's you build a CQL query via dropdown menues // -------------------------------------------------------------------- // DISPLAY THE HTML FOOTER: // call the 'showPageFooter()' and 'displayHTMLfoot()' functions (which are defined in 'footer.inc.php') if (!preg_match("/^Mobile\$/i", $viewType) and !preg_match("/^inc/i", $client)) { // Note: we omit the visible footer in mobile view ('viewType=Mobile') and for include mechanisms! showPageFooter($HeaderString); } displayHTMLfoot(); }
function showMainPage($csrf, $content = NULL) { showPageHeader($csrf); showPageContent($content); showPageFooter(); }
// echo <<<end // <script> // (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ // (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), // m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) // })(window,document,'script','//www.google-analytics.com/analytics.js','ga'); // ga('create', 'UA-58136019-1', 'auto'); // ga('send', 'pageview'); // $(document).ajaxSuccess(function(){ga('send', 'pageview');}); // </script> // end; echo "</head>"; /////////////////////////////////////////////////////////////// echo "<body class='page'>"; echo "<a href='/site/mainbtc' style='display: none;'>main</a>"; showPageHeader(); showPageContent($content); showPageFooter(); echo "</body></html>"; return; ///////////////////////////////////////////////////////////////////// function showItemHeader($selected, $url, $name) { if ($selected) { $selected_text = "class='selected'"; } else { $selected_text = ''; } echo "<span><a {$selected_text} href='{$url}'>{$name}</a></span>"; echo " "; }
function login_page($referer) { global $HeaderString; global $viewType; global $loginWelcomeMsg; global $loginStatus; global $loginLinks; global $officialDatabaseName; global $loc; // Show login status (should be logged out!) showLogin(); // (function 'showLogin()' is defined in 'include.inc.php') // If there's no stored message available: if (!isset($_SESSION['HeaderString'])) { $HeaderString = $loc['YouNeedToLoginInOrderToMakeChangesToTheDatabase']; } else { $HeaderString = $_SESSION['HeaderString']; // extract 'HeaderString' session variable (only necessary if register globals is OFF!) // Note: though we clear the session variable, the current message is still available to this script via '$HeaderString': deleteSessionVariable("HeaderString"); // function 'deleteSessionVariable()' is defined in 'include.inc.php' } // Call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'): displayHTMLhead(encodeHTML($officialDatabaseName) . " -- User Login", "index,follow", "User login page. You must be logged in to the " . encodeHTML($officialDatabaseName) . " in order to add, edit or delete records", "", false, "", $viewType, array()); showPageHeader($HeaderString); // Build the login form: // Note: we use the fact here, that a page can have both, a GET and POST request. // (if you POST, but add ?blah=foo to the end of the action URL, the client will GET, then POST) ?> <form method="POST" action="user_login.php?referer=<?php echo rawurlencode($referer); ?> "> <div class="row"> <div class="small-12 column"> <div class="row"> <div class="small-2 columns"> <label for=""><?php echo $loc["EmailAddress"]; ?> :</label> </div> <div class="small-10 columns"> <input type="text" name="loginEmail" size="30"> </div> </div> </div> </div> <div class="row"> <div class="small-12 column"> <div class="row"> <div class="small-2 columns"> <label for=""><?php echo $loc["EmailAdressPassword"]; ?> :</label> </div> <div class="small-10 columns"> <input type="password" name="loginPassword" size="30"> </div> </div> </div> </div> <div class="row"> <div class="small-12 column"> <input class="button secondary right" style="margin-bottom: 15px" type="submit" value="Login"> </div> </div> <!--<table align="center" border="0" cellpadding="2" cellspacing="5" width="95%" summary="This table holds a login form for the --><?php //echo encodeHTML($officialDatabaseName); ?> <!--">--> <!-- <tr>--> <!-- <td width="174" valign="bottom">--> <!-- <b>--><?php //echo $loc["EmailAddress"]; ?> <!--:</b>--> <!-- </td>--> <!-- <td valign="bottom">--> <!-- <input type="text" name="loginEmail" size="30">--> <!-- </td>--> <!-- </tr>--> <!-- <tr>--> <!-- <td valign="bottom">--> <!-- <b>--><?php //echo $loc["EmailAdressPassword"]; ?> <!--:</b>--> <!-- </td>--> <!-- <td valign="bottom">--> <!-- <input type="password" name="loginPassword" size="30">--> <!-- </td>--> <!-- </tr>--> <!-- <tr>--> <!-- <td valign="bottom">--> <!-- --> <!-- </td>--> <!-- <td valign="bottom">--> <!-- <input class="button secondary" type="submit" value="Login">--> <!-- </td>--> <!-- </tr>--> <!--</table>--> </form><?php // -------------------------------------------------------------------- // DISPLAY THE HTML FOOTER: // call the 'showPageFooter()' and 'displayHTMLfoot()' functions (which are defined in 'footer.inc.php') showPageFooter($HeaderString); displayHTMLfoot(); // -------------------------------------------------------------------- }
function showUserData($userID, $userAction, $connection) { global $HeaderString; global $viewType; global $loginWelcomeMsg; global $loginStatus; global $loginLinks; global $loginEmail; global $adminLoginEmail; global $officialDatabaseName; global $defaultLanguage; global $tableUsers; // defined in 'db.inc.php' global $loc; // '$loc' is made globally available in 'core.php' // CONSTRUCT SQL QUERY: $query = "SELECT * FROM {$tableUsers} WHERE user_id = " . quote_smart($userID); // (3) RUN the query on the database through the connection: $result = queryMySQLDatabase($query); // function 'queryMySQLDatabase()' is defined in 'include.inc.php' // (4) EXTRACT results (since 'user_id' is the unique primary key for the 'users' table, there will be only one matching row) $row = @mysql_fetch_array($result); // Build the correct header message: if (!isset($_SESSION['HeaderString'])) { // if there's no saved message if ($userAction == "Delete") { // provide an appropriate header message: $HeaderString = "<b><span class=\"warning\">Delete user</span> " . encodeHTML($row["first_name"]) . " " . encodeHTML($row["last_name"]) . " (" . $row["email"] . ")</b>:"; } elseif (empty($userID)) { $HeaderString = "Account details and options for anyone who isn't logged in:"; } else { // provide the default message: $HeaderString = "Account details and options for <b>" . encodeHTML($row["first_name"]) . " " . encodeHTML($row["last_name"]) . " (" . $row["email"] . ")</b>:"; } } else { $HeaderString = $_SESSION['HeaderString']; // extract 'HeaderString' session variable (only necessary if register globals is OFF!) // Note: though we clear the session variable, the current message is still available to this script via '$HeaderString': deleteSessionVariable("HeaderString"); // function 'deleteSessionVariable()' is defined in 'include.inc.php' } // Get the list of "main fields" preferred by the current user: // NOTE: We have to call function 'getMainFields()' up here since it updates // session variable 'userMainFields' which gets used in function // 'buildQuickSearchElements()' (which, in turn, is called from within // function 'showPageHeader()') $mainFieldsArray = getMainFields($userID); // function 'getMainFields()' is defined in 'include.inc.php' // Get the user's preference for displaying auto-completions: // (see note for '$mainFieldsArray' which also applies here) $showAutoCompletions = getPrefAutoCompletions($userID); // function 'getPrefAutoCompletions()' is defined in 'include.inc.php' // Map MySQL field names to localized column names: $fieldNamesArray = mapFieldNames(); // function 'mapFieldNames()' is defined in 'include.inc.php' $localizedMainFieldsArray = array(); foreach ($mainFieldsArray as $field) { if (isset($fieldNamesArray[$field])) { $localizedMainFieldsArray[$field] = $fieldNamesArray[$field]; } else { // no localized field name exists, so we use the original field name $localizedMainFieldsArray[$field] = $field; } } // Call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'): displayHTMLhead(encodeHTML($officialDatabaseName) . " -- User Receipt", "noindex,nofollow", "Receipt page confirming correct entry of user details and options for the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array()); showPageHeader($HeaderString); // Start main table: echo "\n<table id=\"accountinfo\" align=\"center\" border=\"0\" cellpadding=\"0\" cellspacing=\"10\" width=\"95%\" summary=\"This table displays user account details and options\">"; echo "\n<tr>" . "\n\t<td valign=\"top\" width=\"28%\">"; // Start left sub-table: echo "\n\t\t<table id=\"accountdetails\" border=\"0\" cellpadding=\"0\" cellspacing=\"10\" summary=\"User account details\">"; echo "\n\t\t<tr>\n\t\t\t<td align=\"left\"><b>Account Details:</b></td>"; if (mysql_num_rows($result) == 1) { // Add edit/delete button: echo "\n\t\t\t<td align=\"left\">"; // If the admin is logged in, allow the display of a button that will delete the currently shown user: if (isset($_SESSION['loginEmail']) && $loginEmail == $adminLoginEmail) { if ($userAction == "Delete") { echo "<a href=\"user_removal.php?userID=" . $userID . "\"><img src=\"img/delete.gif\" alt=\"" . $loc["delete"] . "\" title=\"" . $loc["LinkTitle_DeleteUser"] . "\" width=\"11\" height=\"17\" hspace=\"0\" border=\"0\"></a>"; } } if ($userAction != "Delete") { echo "<a href=\"user_details.php?userID=" . $userID . "\"><img src=\"img/edit.gif\" alt=\"" . $loc["edit"] . "\" title=\"" . $loc["LinkTitle_EditDetails"] . "\" width=\"11\" height=\"17\" hspace=\"0\" border=\"0\"></a>"; } echo "</td>\n\t\t</tr>"; // Display a password reminder: // (but only if a normal user is logged in -OR- the admin is logged in AND the updated user data are his own!) if ($loginEmail != $adminLoginEmail | ($loginEmail == $adminLoginEmail && $userID == getUserID($loginEmail))) { echo "\n\t\t<tr>\n\t\t\t<td colspan=\"2\"><i>Please record your password somewhere safe for future use!</i></td>\n\t\t</tr>"; } // Print title, first name, last name and institutional abbreviation: echo "\n\t\t<tr>\n\t\t\t<td colspan=\"2\">\n\t\t\t\t"; if (!empty($row["title"])) { echo $row["title"] . ". "; } echo encodeHTML($row["first_name"]) . " " . encodeHTML($row["last_name"]) . " (" . encodeHTML($row["abbrev_institution"]) . ")"; // Since the first name, last name and abbrev. institution fields are mandatory, we don't need to check if they're empty // Print institution name: if (!empty($row["institution"])) { echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["institution"]); } // Print corporate institution name: if (!empty($row["corporate_institution"])) { echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["corporate_institution"]); } // If any of the address lines contain data, add a spacer row: if (!empty($row["address_line_1"]) || !empty($row["address_line_2"]) || !empty($row["address_line_3"]) || !empty($row["zip_code"]) || !empty($row["city"]) || !empty($row["state"]) || !empty($row["country"])) { echo "\n\t\t\t\t<br>"; } // Print first address line: if (!empty($row["address_line_1"])) { echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["address_line_1"]); } // Print second address line: if (!empty($row["address_line_2"])) { echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["address_line_2"]); } // Print third address line: if (!empty($row["address_line_3"])) { echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["address_line_3"]); } // Print zip code and city: if (!empty($row["zip_code"]) && !empty($row["city"])) { // both fields are available echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["zip_code"]) . " " . encodeHTML($row["city"]); } elseif (!empty($row["zip_code"]) && empty($row["city"])) { // only 'zip_code' available echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["zip_code"]); } elseif (empty($row["zip_code"]) && !empty($row["city"])) { // only 'city' field available echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["city"]); } // Print state: if (!empty($row["state"])) { echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["state"]); } // Print country: if (!empty($row["country"])) { echo "\n\t\t\t\t<br>\n\t\t\t\t" . encodeHTML($row["country"]); } // If any of the phone/url/email fields contain data, add a spacer row: if (!empty($row["phone"]) || !empty($row["url"]) || !empty($row["email"])) { echo "\n\t\t\t\t<br>"; } // Print phone number: if (!empty($row["phone"])) { echo "\n\t\t\t\t<br>\n\t\t\t\t" . "Phone: " . encodeHTML($row["phone"]); } // Print URL: if (!empty($row["url"])) { echo "\n\t\t\t\t<br>\n\t\t\t\t" . "URL: <a href=\"" . $row["url"] . "\">" . $row["url"] . "</a>"; } // Print email: echo "\n\t\t\t\t<br>\n\t\t\t\t" . "Email: <a href=\"mailto:" . $row["email"] . "\">" . $row["email"] . "</a>"; // Since the email field is mandatory, we don't need to check if it's empty echo "\n\t\t\t</td>\n\t\t</tr>"; } else { echo "\n\t\t\t<td align=\"right\"></td>\n\t\t</tr>"; echo "\n\t\t<tr>\n\t\t\t<td colspan=\"2\">(none)</td>\n\t\t</tr>"; } // Close left sub-table: echo "\n\t\t</table>"; // Close left table cell of main table: echo "\n\t</td>"; if ($userAction != "Delete") { // ------------------------------------------------------------ // Start middle table cell of main table: echo "\n\t<td valign=\"top\">"; // Start middle sub-table: echo "\n\t\t<table id=\"accountopt\" border=\"0\" cellpadding=\"0\" cellspacing=\"10\" summary=\"User account options\">"; echo "\n\t\t<tr>\n\t\t\t<td align=\"left\"><b>Display Options:</b></td>" . "\n\t\t\t<td align=\"right\">"; if (mysql_num_rows($result) == 1 or $userID == 0) { // If there's a user associated with this user ID (or if we're supposed to display options/permissions for anyone who isn't logged in) echo "<a href=\"user_options.php?userID=" . $userID . "\"><img src=\"img/options.gif\" alt=\"" . $loc["options"] . "\" title=\"" . $loc["LinkTitle_EditOptions"] . "\" width=\"11\" height=\"17\" hspace=\"0\" border=\"0\"></a>"; } echo "</td>\n\t\t</tr>"; // Show the user's selected interface language: echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>Use language:</td>"; if (mysql_num_rows($result) == 1) { // If there's a user associated with this user ID echo "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . $row["language"] . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>"; } else { // no user exists with this user ID echo "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . $defaultLanguage . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>"; } echo "\n\t\t</tr>"; // get the default number of records per page preferred by the current user: $recordsPerPage = getDefaultNumberOfRecords($userID); // function 'getDefaultNumberOfRecords()' is defined in 'include.inc.php' // show the user's default number of records per page: echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>Show records per page:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . $recordsPerPage . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>"; // show the user's preference for displaying auto-completions: echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>Show auto-completions:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . $loc[$showAutoCompletions] . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>"; if ($loginEmail == $adminLoginEmail) { $ShowEnabledDescriptor = "Enabled"; // get all formats/styles/types that are available and were enabled by the admin for the current user: $userTypesArray = getEnabledUserFormatsStylesTypes($userID, "type", "", false); // function 'getEnabledUserFormatsStylesTypes()' is defined in 'include.inc.php' $citationStylesArray = getEnabledUserFormatsStylesTypes($userID, "style", "", false); $citationFormatsArray = getEnabledUserFormatsStylesTypes($userID, "format", "cite", false); $exportFormatsArray = getEnabledUserFormatsStylesTypes($userID, "format", "export", false); } else { $ShowEnabledDescriptor = "Show"; // get all formats/styles/types that were selected by the current user // and (if some formats/styles/types were found) save them as semicolon-delimited string to an appropriate session variable: $userTypesArray = getVisibleUserFormatsStylesTypes($userID, "type", ""); // function 'getVisibleUserFormatsStylesTypes()' is defined in 'include.inc.php' $citationStylesArray = getVisibleUserFormatsStylesTypes($userID, "style", ""); $citationFormatsArray = getVisibleUserFormatsStylesTypes($userID, "format", "cite"); $exportFormatsArray = getVisibleUserFormatsStylesTypes($userID, "format", "export"); // Note: the function 'getVisibleUserFormatsStylesTypes()' will only update the appropriate session variables if // either a normal user is logged in -OR- the admin is logged in AND the updated user data are his own(*); // otherwise, the function will simply return an array containing all matching values // (*) the admin-condition won't apply here, though, since this function gets only called for normal users. This means, that // the admin is currently not able to hide any items from his popup lists via the admin interface (he'll need to hack the MySQL tables)! } // list types: echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>" . $ShowEnabledDescriptor . " reference types:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>"; if (empty($userTypesArray)) { echo "(none)"; } else { echo implode("</li>\n\t\t\t\t\t<li>", $userTypesArray); } echo "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>"; // list styles: echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>" . $ShowEnabledDescriptor . " citation styles:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>"; if (empty($citationStylesArray)) { echo "(none)"; } else { echo implode("</li>\n\t\t\t\t\t<li>", $citationStylesArray); } echo "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>"; // list cite formats: echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>" . $ShowEnabledDescriptor . " citation formats:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>"; if (empty($citationFormatsArray)) { echo "(none)"; } else { echo implode("</li>\n\t\t\t\t\t<li>", $citationFormatsArray); } echo "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>"; // list export formats: echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>" . $ShowEnabledDescriptor . " export formats:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>"; if (empty($exportFormatsArray)) { echo "(none)"; } else { echo implode("</li>\n\t\t\t\t\t<li>", $exportFormatsArray); } echo "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>"; // list all fields that were selected by the current user as "main fields": echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>\"Main fields\" searches:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>"; if (empty($localizedMainFieldsArray)) { echo "(none)"; } else { echo implode("</li>\n\t\t\t\t\t<li>", $localizedMainFieldsArray); } echo "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>"; // Close middle sub-table: echo "\n\t\t</table>"; // Close middle table cell of main table: echo "\n\t</td>"; // ------------------------------------------------------------ // Start right table cell of main table: echo "\n\t<td valign=\"top\">"; // Start right sub-table: echo "\n\t\t<table id=\"accountperm\" border=\"0\" cellpadding=\"0\" cellspacing=\"10\" summary=\"User account permissions\">"; if ($loginEmail == $adminLoginEmail) { // get all user permissions for the current user: $userPermissionsArray = getPermissions($userID, "user", false); // function 'getPermissions()' is defined in 'include.inc.php' // map raw field names from table 'user_permissions' with items of the global localization array ('$loc'): $localizedUserPermissionsArray = array('allow_add' => 'UserPermission_AllowAdd', 'allow_edit' => 'UserPermission_AllowEdit', 'allow_delete' => 'UserPermission_AllowDelete', 'allow_download' => 'UserPermission_AllowDownload', 'allow_upload' => 'UserPermission_AllowUpload', 'allow_list_view' => 'UserPermission_AllowListView', 'allow_details_view' => 'UserPermission_AllowDetailsView', 'allow_print_view' => 'UserPermission_AllowPrintView', 'allow_browse_view' => 'UserPermission_AllowBrowseView', 'allow_sql_search' => 'UserPermission_AllowSQLSearch', 'allow_user_groups' => 'UserPermission_AllowUserGroups', 'allow_user_queries' => 'UserPermission_AllowUserQueries', 'allow_rss_feeds' => 'UserPermission_AllowRSSFeeds', 'allow_import' => 'UserPermission_AllowImport', 'allow_export' => 'UserPermission_AllowExport', 'allow_cite' => 'UserPermission_AllowCite', 'allow_batch_import' => 'UserPermission_AllowBatchImport', 'allow_batch_export' => 'UserPermission_AllowBatchExport', 'allow_modify_options' => 'UserPermission_AllowModifyOptions', 'allow_edit_call_number' => 'UserPermission_AllowEditCallNumber'); $enabledUserActionsArray = array(); // initialize array variables $disabledUserActionsArray = array(); // separate enabled permission settings from disabled ones and assign localized permission names: foreach ($userPermissionsArray as $permissionKey => $permissionValue) { if ($permissionValue == 'yes') { $enabledUserActionsArray[] = $loc[$localizedUserPermissionsArray[$permissionKey]]; } else { $disabledUserActionsArray[] = $loc[$localizedUserPermissionsArray[$permissionKey]]; } // append this field's localized permission name to the array of disabled user actions } if (empty($enabledUserActionsArray)) { $enabledUserActionsArray[] = "(none)"; } if (empty($disabledUserActionsArray)) { $disabledUserActionsArray[] = "(none)"; } echo "\n\t\t<tr>\n\t\t\t<td align=\"left\"><b>User Permissions:</b></td>" . "\n\t\t\t<td align=\"right\">"; if (mysql_num_rows($result) == 1 or $userID == 0) { // If there's a user associated with this user ID (or if we're supposed to display options/permissions for anyone who isn't logged in) echo "<a href=\"user_options.php?userID=" . $userID . "#permissions\"><img src=\"img/options.gif\" alt=\"" . $loc["permissions"] . "\" title=\"" . $loc["LinkTitle_EditPermissions"] . "\" width=\"11\" height=\"17\" hspace=\"0\" border=\"0\"></a>"; } echo "</td>\n\t\t</tr>"; echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>Enabled features:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . implode("</li>\n\t\t\t\t\t<li>", $enabledUserActionsArray) . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>"; echo "\n\t\t<tr valign=\"top\">" . "\n\t\t\t<td>Disabled features:</td>" . "\n\t\t\t<td>\n\t\t\t\t<ul>\n\t\t\t\t\t<li>" . implode("</li>\n\t\t\t\t\t<li>", $disabledUserActionsArray) . "</li>\n\t\t\t\t</ul>\n\t\t\t</td>" . "\n\t\t</tr>"; } // Close right sub-table: echo "\n\t\t</table>"; // Close right table cell of main table: echo "\n\t</td>"; } echo "\n</tr>"; // Close main table: echo "\n</table>"; }