* Copyright (c) 2001 by Nico Stuurman * * ------------------------------------------------------------------------ * * This program is free software; you can redistribute it and/or modify it * * under the terms of the GNU General Public License as published by the * * Free Software Foundation; either version 2 of the License, or (at your * * option) any later version. * \**************************************************************************/ // main include thingies require "include.php"; allowonly($SUPER, $USER['permissions']); // register variables $PHP_SELF = $_SERVER['PHP_SELF']; $get_vars = 'mod,groupid,groupname,'; globalize_vars($get_vars, $_GET); $post_vars = "add,groupid,groupname,submit,"; globalize_vars($post_vars, $_POST); // main global vars $title = 'Admin Groups'; /** * Adds group to database. * * An error string is returned when problems occur */ function add_new_group($db, $groupname) { // check if a groupname is entered if ($groupname) { $query = "SELECT * FROM groups WHERE name='{$groupname}'"; $r = $db->Execute($query); // test if a result is found if (!$r->EOF) {
* Copyright (c) 2001 by Nico Stuurman * * ------------------------------------------------------------------------ * * This program is free software; you can redistribute it and/or modify it * * under the terms of the GNU General Public License as published by the * * Free Software Foundation; either version 2 of the License, or (at your * * option) any later version. * \**************************************************************************/ require './include.php'; require './includes/db_inc.php'; require './includes/general_inc.php'; require './includes/tablemanage_inc.php'; include './includes/defines_inc.php'; $post_vars = 'delimiter,delimiter_type,quote,quote_type,tableid,nrfields,pkey,pkeypolicy,skipfirstline,tmpfile,ownerid,localfile'; globalize_vars($post_vars, $_POST); $get_vars = 'tableid'; globalize_vars($get_vars, $_GET); $permissions = $USER['permissions']; /** * Prevent unauthorized assignment to other users: */ if (!($permissions & $SUPER)) { $ownerid = $USER['id']; } /** * Make sure this user is allowed to work with the desired table */ if (isset($tableid)) { $query = "SELECT label,id FROM tableoftables LEFT JOIN groupxtable_display on tableoftables.id=groupxtable_display.tableid where display='Y' AND permission='Users' AND tableoftables.id={$tableid} AND (groupid={$USER['group_array'][0]} "; for ($i = 1; $i < sizeof($USER['group_array']); $i++) { $query .= "OR groupid='" . $USER['group_array'][$i] . "' "; }
/** * Assembles the search SQL statement and remembers it in _SESSION * */ function make_search_SQL($db, $tableinfo, $fields, $USER, $search, $searchsort, $whereclause = false) { global $db_type; // apparently searchsort can be passed as an empty string. that is bad if (!$searchsort) { $searchsort = $tableinfo->realname . '.date DESC'; } $fieldvarsname = $tableinfo->short . '_fieldvars'; global ${$fieldvarsname}; $queryname = $tableinfo->short . '_query'; if (!$whereclause) { $whereclause = may_read_SQL($db, $tableinfo, $USER); } if (!$whereclause) { $whereclause = -1; } if ($search == 'Search') { ${$queryname} = search($db, $tableinfo, $fields, $_GET, " {$whereclause} ORDER BY {$searchsort}"); ${$fieldvarsname} = $_GET; } elseif (session_is_registered($queryname) && isset($_SESSION[$queryname])) { ${$queryname} = $_SESSION[$queryname]; ${$fieldvarsname} = $_SESSION[$fieldvarsname]; } else { // This must be a 'Show All' // terrible: some postgres version need the temp table in the FROM clause: if ($db_type == 'mysql') { ${$queryname} = "SELECT {$fields} FROM {$tableinfo->realname} WHERE {$whereclause} ORDER BY date DESC"; } else { ${$queryname} = "SELECT {$fields} FROM tempb, {$tableinfo->realname} WHERE {$whereclause} ORDER BY date DESC"; } ${$fieldvarsname} = $_GET; } $_SESSION[$queryname] = ${$queryname}; if (!${$fieldvarsname}) { ${$fieldvarsname} = $_GET; } $_SESSION[$fieldvarsname] = ${$fieldvarsname}; if ($search != 'Show All') { // globalize _GET $column = strtok($fields, ','); while ($column) { global ${$column}; ${$column} = $_GET[$column]; $column = strtok(','); } // extract variables from session globalize_vars($fields, ${$fieldvarsname}); } // do one last error control: replace double commas with singles ${$queryname} = preg_replace("/,,/", ",", ${$queryname}); return ${$queryname}; }
<?php require './include.php'; // register variables $pdbid = $_POST['pdbid']; globalize_vars($post_vars, $_POST, $DBNAME, $DB_DESNAME, $system_settings); printheader($httptitle); if ($pdbid) { $string = "http://www.rcsb.org/pdb/cgi/export.cgi/{$pdbid}.pdb?format=PDB&pdbId={$pdbid}&compression=None"; echo "<meta http-equiv='refresh' content='1;url={$string}'>"; } ?> <form method='post' id='pdbform' enctype='multipart/form-data' action='<?php echo $PHP_SELF; ?> ?<?php echo SID; ?> '> <?php echo "<center><h3> This will download pdb files to your local machine<br></center></h3>"; echo "<table border=0 align='center'>\n"; echo "<tr><th>PDBID:</th><td></td>\n"; echo "<td><input type='text' name='pdbid' value='{$pdbid}' size=60>"; echo "<td colspan=7 align='center'><input type='submit' name='submit' value='{$value}'>\n"; echo "<input type='submit' name='submit' value='Cancel'></td></tr>\n"; echo "</table></form>\n"; ?> <center><a href="#" onClick="MyWindow2=window.open('http://www.rcsb.org/pdb/searchlite.html','MyWindow2','toolbar=yes,location=no,directories=no,status=no,menubar=yes,scrollbars=yes,resizable=yes,width=600,height=300'); return false;"> Click here</a> to open another window to browse the rcsb database<br><p>