OXIESEC PANEL
- Current Dir:
/
/
var
/
www
/
knaadu
/
cms
/
process
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
01/14/2024 12:04:40 PM
rwxr-xr-x
📄
chk.login.php
936 bytes
12/18/2021 04:01:00 AM
rwxr-xr-x
📄
get.section.article.php
41.34 KB
01/14/2024 11:25:58 AM
rw-r--r--
📄
get.section.author.php
12.17 KB
12/28/2021 03:21:00 AM
rwxr-xr-x
📄
get.section.category.php
9.29 KB
12/18/2021 04:01:00 AM
rwxr-xr-x
📄
get.section.general.php
32.43 KB
02/21/2023 05:59:26 AM
rwxr-xr-x
📄
get.section.issue.php
16.68 KB
12/28/2021 02:59:00 AM
rwxr-xr-x
📄
get.section.tag.php
8.79 KB
12/18/2021 04:29:00 AM
rwxr-xr-x
📄
get.section.user.php
14.23 KB
12/18/2021 04:13:00 AM
rwxr-xr-x
📄
get.section.volume.php
12 KB
12/18/2021 04:01:00 AM
rwxr-xr-x
📄
logout.php
93 bytes
12/18/2021 04:01:00 AM
rwxr-xr-x
📄
upload.php
2.3 KB
12/20/2021 11:28:00 PM
rwxr-xr-x
Editing: get.section.author.php
Close
<? // ACCS Journal: Author include '../inc/validate.logged.php'; include '../../inc/config.php'; $act = ''; if (!empty($_POST)) $act = isset($_POST["act"]) ? $_POST["act"] : ''; // Update if ($act == 'edit') { $editId = isset($_POST['editId']) ? $_POST['editId'] : ''; $authorFirstName = trim(isset($_POST['authorFirstName']) ? trim($_POST['authorFirstName']) : ''); $authorLastName = trim(isset($_POST['authorLastName']) ? trim($_POST['authorLastName']) : ''); $authorAffiliation = trim(isset($_POST['authorAffiliation']) ? trim($_POST['authorAffiliation']) : ''); $authorProfile = trim(isset($_POST['authorProfile']) ? trim($_POST['authorProfile']) : ''); $isActive = isset($_POST['isActive']) ? trim($_POST['isActive']) : ''; if ($editId != '' && $authorFirstName != '' && $authorLastName != '') { if (isset($_FILES['uploadImg'])) { $temp = $_FILES['uploadImg']; if (is_uploaded_file($temp['tmp_name'])) { $fileExt = strtolower(pathinfo($temp['name'], PATHINFO_EXTENSION)); $fileUpload = time() . '.' . $fileExt; move_uploaded_file($temp['tmp_name'], '../../data/authors/' . $fileUpload); $sql = "UPDATE authors SET first_name='$authorFirstName',last_name='$authorLastName',affiliation='$authorAffiliation',profile='$authorProfile',author_img='$fileUpload',modified_id=$gUserId,is_active=$isActive,date_modified=Now() WHERE author_id=$editId"; } } else { $sql = "UPDATE authors SET first_name='$authorFirstName',last_name='$authorLastName',affiliation='$authorAffiliation',profile='$authorProfile',modified_id=$gUserId,is_active=$isActive,date_modified=Now() WHERE author_id=$editId"; } mysqli_query($dbpro, $sql); echo "OK"; } } // Deactivate if ($act == 'delete') { $delId = isset($_POST['delId']) ? $_POST['delId'] : ''; if ($delId != '') { $sql = "UPDATE authors SET is_active=0,modified_id=$gUserId,date_modified=Now() WHERE author_id=$delId"; mysqli_query($dbpro, $sql); echo "OK"; } } // Show Edit if ($act == 'editForm') { $isValid = 0; $authorId = isset($_POST['id']) ? $_POST['id'] : ''; $sql = "SELECT * FROM authors WHERE author_id=$authorId"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { $row = mysqli_fetch_assoc($result); $authorFirstName = $row['first_name']; $authorLastName = $row['last_name']; $authorAffiliation = $row['affiliation']; $authorProfile = $row['profile']; $authorImg = $row['author_img']; $isActive = $row['is_active']; $isValid = 1; } ?> <div class="popup" style="width:550px"> <div class="widget"> <form id="frmEdit" name="frmEdit"> <div class="card"> <div class="card-header">Edit Author</div> </div> <div id="widgetEdit_B" style="padding:15px 25px"> <? if($isValid == 1) { ?> <div class="form-row"> <div class="form-group col-6"> <label for="authorFirstName">First Name</label> <input type="text" class="form-control" id="authorFirstName" name="authorFirstName" value="<?=$authorFirstName?>" /> </div> <div class="form-group col-6"> <label for="authorLastName">Last Name</label> <input type="text" class="form-control" id="authorLastName" name="authorLastName" value="<?=$authorLastName?>" /> </div> </div> <div class="form-group"> <label for="authorAffiliation">Affiliation</label> <input type="text" class="form-control" id="authorAffiliation" name="authorAffiliation" value="<?=$authorAffiliation?>" /> </div> <div class="form-group"> <label for="authorProfile">Profile</label> <textarea class="form-control" id="authorProfile" name="authorProfile"><?=$authorProfile?></textarea> </div> <div class="form-row"> <div class="form-group col-6"> <label for="uploadImg">Cover image</label> <input type="file" class="form-control" id="uploadImg" name="uploadImg" accept=".jpg" /> <? if ($authorImg <> '') { ?> <a href="../data/authors/<?=$authorImg?>" target="_blank"><img src="../data/authors/<?=$authorImg?>" width="75" /></a> <? } ?> </div> <div class="form-group col-6"> <label for="isActive">Status</label> <div class="form-check form-check-inline ml-0 ml-sm-4 w-50"> <label class="form-control radio-inline border-0"><input type="radio" id="isActive" name="isActive" value="1"<? if ($isActive == 1) {?> CHECKED<? } ?>> Active</label> <label class="form-control radio-inline border-0"><input type="radio" id="isActive" name="isActive" value="0"<? if ($isActive == 0) {?> CHECKED<? } ?>> Inactive</label> </div> </div> </div> <? } ?> </div> <div id="widgetEdit_F" style="border-top:1px solid #ebedf2;padding:20px 25px;"> <div class="col"> <button type="submit" class="btn btn-primary" onclick="return chkEditAuthor()">Update</button> <button type="submit" class="btn btn-light ml-1" onclick="return clearForm('frmEdit')">Reset</button> <div id="panelStatus" class="float-right text-sm text-danger" style="margin-top:5px" align="right"></div> </div> </div> <input type="hidden" id="editId" name="editId" value="<?=$authorId?>" /> <input type="hidden" id="act" name="act" value="edit" /> </form> </div> </div> <? } // Show Deactivate if ($act == 'delForm') { $isValid = 0; $authorId = isset($_POST['id']) ? $_POST['id'] : ''; $sql = "SELECT first_name,last_name FROM authors WHERE author_id=$authorId"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { $row = mysqli_fetch_assoc($result); $authorName = $row['first_name'] . ' ' . $row['last_name']; $isValid = 1; } ?> <div class="popup" style="width:500px"> <div class="widget"> <form id="frmDel" name="frmDel"> <div class="card"> <div class="card-header">Deactivate Author</div> </div> <div id="widgetDel_B" style="padding:15px 25px"> <? if($isValid == 1) { ?> You are about to deactivate Author: <b><?=$authorName?></b> <? } ?> </div> <div id="widgetDel_F" style="border-top:1px solid #ebedf2;padding:20px 25px;"> <div class="col"> <button type="submit" class="btn btn-primary" onclick="return chkDelAuthor()">Confirm</button> <div id="panelStatus" class="float-right text-sm text-danger" style="margin-top:5px" align="right"></div> </div> </div> <input type="hidden" id="delId" name="delId" value="<?=$authorId?>" /> <input type="hidden" id="act" name="act" value="delete" /> </form> </div> </div> <? } // Search Form if ($act == 'search') { ?> <ol class="breadcrumb mt-4 mb-3"> <li class="breadcrumb-item"><a href="dashboard.php">Dashboard</a></li> <li class="breadcrumb-item active">Authors</li> </ol> <form id="frmSearch" name="frmSearch"> <div class="card"> <div class="card-header">Search Authors</div> <div class="card-body"> <div class="form-inline"> <div class="form-group mr-1"> <label for="srcAuthorName" class="col-form-label-sm">First Name</label> <input type="txt" class="form-control ml-0 ml-sm-2" id="srcAuthorFirstName" name="srcAuthorFirstName" style="width:135px" /> </div> <div class="form-group ml-0 ml-sm-4 mr-1"> <label for="srcAuthorName" class="col-form-label-sm">Last Name</label> <input type="txt" class="form-control ml-0 ml-sm-2" id="srcAuthorLastName" name="srcAuthorLastName" style="width:135px" /> </div> <div class="form-group ml-0 ml-sm-4 mr-1"> <label for="srcAffiliation" class="col-form-label-sm">Affiliation</label> <input type="txt" class="form-control ml-0 ml-sm-2" id="srcAffiliation" name="srcAffiliation" style="width:135px" /> </div> <div class="form-group ml-0 ml-sm-4"> <label for="srcIsActive" class="col-form-label-sm">Status</label> <div class="form-check form-check-inline ml-0 ml-sm-4"> <label class="form-control radio-inline border-0 pl-1"><input type="radio" id="srcIsActive" name="srcIsActive" value="1"> Active</label> <label class="form-control radio-inline border-0 pl-1"><input type="radio" id="srcIsActive" name="srcIsActive" value="0"> Inactive</label> <label class="form-control radio-inline border-0 pl-1"><input type="radio" id="srcIsActive" name="srcIsActive" value="" CHECKED> All</label> </div> </div> <div class="col text-right"> <button type="submit" class="btn btn-primary mt-2 mt-sm-0" onclick="return searchAuthor()">Show</button> </div> </div> </div> </div> <div id="panelSearch"></div> <input type="hidden" id="act" name="act" value="searchResults" /> </form> <? } // Search Result if ($act == 'searchResults') { $pageNum = isset($_POST["pageNum"]) ? $_POST["pageNum"] : 1; $srcAuthorFirstName = isset($_POST["srcAuthorFirstName"]) ? $_POST["srcAuthorFirstName"] : ''; $srcAuthorLastName = isset($_POST["srcAuthorLastName"]) ? $_POST["srcAuthorLastName"] : ''; $srcAffiliation = isset($_POST["srcAffiliation"]) ? $_POST["srcAffiliation"] : ''; $srcIsActive = isset($_POST["srcIsActive"]) ? $_POST["srcIsActive"] : ''; $numRecords = 50; $startOrder = (($pageNum - 1) * $numRecords); $sql = "SELECT SQL_CALC_FOUND_ROWS * FROM authors WHERE author_id>0"; if ($srcAuthorFirstName != '') $sql .= " AND first_name LIKE '%$srcAuthorFirstName%'"; if ($srcAuthorLastName != '') $sql .= " AND last_name LIKE '%$srcAuthorLastName%'"; if ($srcAffiliation != '') $sql .= " AND affiliation LIKE '%$srcAffiliation%'"; if ($srcIsActive == '0') $sql .= " AND is_active=0"; if ($srcIsActive == '1') $sql .= " AND is_active=1"; $sql .= " ORDER BY first_name,last_name LIMIT " . $startOrder . "," . ($numRecords+1); $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); $sql = "SELECT FOUND_ROWS()"; $resultCount = mysqli_query($dbpro, $sql); $rowCount = mysqli_fetch_array($resultCount); $totalCount = $rowCount[0]; if ($numRows == 0) { echo '<div class="m-2">No results found!</div>'; } else { ?> <div class="table-responsive"> <table class="table table-sm mt-3"> <thead class="thead-light"> <tr> <th width="20"></th> <th>Author</th> <th>Affiliation</th> <th>Status</th> <th width="30"></th> <th width="30"></th> </tr> </thead> <? $j = 0; for ($i=0;$i<$numRows;$i++) { if ($i < $numRecords) { $row = mysqli_fetch_array($result); $authorId = $row['author_id']; $authorName = $row['first_name'] . ' ' . $row['last_name']; $authorAffiliation = $row['affiliation']; $isActive = $row['is_active']; $txtStatus = ($isActive) ? 'Active' : '<span class="text-danger">Inactive</span>'; $j += 1; ?> <tr> <th><?=$startOrder+$i+1?>.</th> <td><?=$authorName?></td> <td><?=$authorAffiliation?></td> <td><?=$txtStatus?></td> <td align="center" title="Edit Author"><i data-id="<?=$authorId?>" class="editRow cursorHand far fa-edit fa-lg"></i></td> <td align="center" title="Deactivate Author"><? if ($txtStatus == 'Active') { ?><i data-id="<?=$authorId?>" class="delRow cursorHand far fa-trash-alt fa-lg"></i><? } ?></td> </tr> <? } } ?> </table> </div> <div id="listingPageNum" class="float-left text-success" data-pagenum="<?=$pageNum?>">Showing <?=$startOrder+1?> to <?=$startOrder+$j?> of <?=$totalCount?> entries</div> <div class="float-right" align="right"> <? if ($pageNum > 1) { ?><button class="btn btn-warning" onclick="return searchAuthor(<?=$pageNum-1?>)"><</button><? } ?> <? if ($numRows > $numRecords) { ?><button class="btn btn-warning" style="margin-left:5px" onclick="return searchAuthor(<?=$pageNum+1?>)">></button><? } ?> </div> <div class="cleaner"></div> <br> <br> <? } ?> <script type="text/javascript"> $(function () { $('.editRow').magnificPopup({ type: 'ajax', closeBtnInside: true, ajax: { settings: { method: 'POST', url: 'process/get.section.author.php' } }, callbacks: { elementParse: function(item){ postData = { act: 'editForm', id: $(item.el[0]).data('id') } this.st.ajax.settings.data = postData; } } }); $('.delRow').magnificPopup({ type: 'ajax', closeBtnInside: true, ajax: { settings: { method: 'POST', url: 'process/get.section.author.php' } }, callbacks: { elementParse: function(item){ postData = { act: 'delForm', id: $(item.el[0]).data('id') } this.st.ajax.settings.data = postData; } } }); }); </script> <? }