OXIESEC PANEL
- Current Dir:
/
/
var
/
www
/
reader
/
knaadu
/
cms
/
process
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
01/14/2024 11:47:41 AM
rwxr-xr-x
📄
chk.login.php
936 bytes
12/18/2021 04:01:00 AM
rwxr-xr-x
📄
get.section.article.php
41.34 KB
01/14/2024 11:25:58 AM
rw-r--r--
📄
get.section.author.php
12.17 KB
12/28/2021 03:21:00 AM
rwxr-xr-x
📄
get.section.category.php
9.29 KB
12/18/2021 04:01:00 AM
rwxr-xr-x
📄
get.section.general.php
32.43 KB
02/21/2023 05:59:26 AM
rwxr-xr-x
📄
get.section.issue.php
16.68 KB
12/28/2021 02:59:00 AM
rwxr-xr-x
📄
get.section.tag.php
8.79 KB
12/18/2021 04:29:00 AM
rwxr-xr-x
📄
get.section.user.php
14.23 KB
12/18/2021 04:13:00 AM
rwxr-xr-x
📄
get.section.volume.php
12 KB
12/18/2021 04:01:00 AM
rwxr-xr-x
📄
logout.php
93 bytes
12/18/2021 04:01:00 AM
rwxr-xr-x
📄
upload.php
2.3 KB
12/20/2021 11:28:00 PM
rwxr-xr-x
Editing: get.section.article.php
Close
<? // ACCS Journal: Article include '../inc/validate.logged.php'; include '../../inc/config.php'; $act = ''; if (!empty($_POST)) $act = isset($_POST["act"]) ? $_POST["act"] : ''; // Check if already exists on creation if ($act == 'chkExist') { $editId = isset($_POST['editId']) ? $_POST['editId'] : ''; $articleDOI = isset($_POST['articleDOI']) ? $_POST['articleDOI'] : ''; if ($articleDOI != '') { if ($editId == '') { $sql = "SELECT article_id FROM articles WHERE article_doi='$articleDOI '"; } else { $sql = "SELECT article_id FROM articles WHERE article_doi='$articleDOI' AND article_id<>$editId"; } $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows == 0) { echo 'OK'; } else { echo 'ERROR: Article DOI already exists!'; } } else { echo 'OK'; } } // Remove Author from Article if ($act == 'delArticleAuthor') { $articleId = isset($_POST['articleId']) ? $_POST['articleId'] : ''; $authorId = isset($_POST['authorId']) ? $_POST['authorId'] : ''; if ($articleId != '' && $authorId != '') { $sql = "DELETE FROM article_authors WHERE article_id=$articleId AND author_id=$authorId"; mysqli_query($dbpro, $sql); echo 'OK'; } } // Search Author for Input if ($act == 'searchInputAuthor') { $srcId = isset($_POST['id']) ? $_POST['id'] : ''; $srcFirstName = isset($_POST['firstName']) ? $_POST['firstName'] : ''; $srcLastName = isset($_POST['lastName']) ? $_POST['lastName'] : ''; if ($srcId != '' || $srcFirstName != '' || $srcLastName != '') { $sql = "SELECT author_id,first_name,last_name,affiliation FROM authors WHERE 1=1"; if ($srcFirstName != '') $sql .= " AND first_name LIKE '%$srcFirstName%'"; if ($srcLastName != '') $sql .= " AND last_name LIKE '%$srcLastName%'"; $sql .= " ORDER BY first_name,last_name"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows == 0) { echo '<b>No authors found matching your criteria!</b><br>'; } else { echo '<b>Search Results:</b> (unckeck if you want to use the author above)<br>'; for ($i=0;$i<$numRows;$i++) { $row = mysqli_fetch_array($result); $authorId = $row['author_id']; $authorFirstName = $row['first_name']; $authorLastName = $row['last_name']; $authorAffiliation = $row['affiliation']; echo '<div class="my-3"><div class="float-left" style="width:25px"><input type="checkbox" class="setInputAuthor" onclick="setInputAuthor(this,' . $srcId . ')" value="' . $authorId . '"></div><div class="float-left"><b>' . $authorFirstName . ' ' . $authorLastName . '</b><br>' . $authorAffiliation . '</div><br clear="all"></div>'; } } } else { echo ''; } } // Add More Author if ($act == 'addAuthorMore') { $numAuthors = isset($_POST['numAuthors']) ? $_POST['numAuthors'] : ''; if ($numAuthors <> '') { $tmpHTML = ''; $tmpHTML .= ' <div class="w-100 card mb-4">'; $tmpHTML .= ' <div class="card-header">Author ' . ($numAuthors+1) . '</div>'; $tmpHTML .= ' <div class="card-body">'; $tmpHTML .= ' <div id="panelAuthor_' . ($numAuthors+1) . '" class="form-row">'; $tmpHTML .= ' <div class="col-5">'; $tmpHTML .= ' <label>First Name</label>'; $tmpHTML .= ' <input type="text" id="uploadAuthorFirstName[]" name="uploadAuthorFirstName[]" class="form-control" maxlength="100" />'; $tmpHTML .= ' </div>'; $tmpHTML .= ' <div class="col-5">'; $tmpHTML .= ' <label>Last Name</label>'; $tmpHTML .= ' <input type="text" id="uploadAuthorLastName[]" name="uploadAuthorLastName[]" class="form-control" maxlength="100" />'; $tmpHTML .= ' </div>'; $tmpHTML .= ' <div class="col-2">'; $tmpHTML .= ' <label></label>'; $tmpHTML .= ' <input type="button" class="form-control btn-outline-primary mt-2" onclick="searchInputAuthor(' . ($numAuthors+1) . ')" value="Search" />'; $tmpHTML .= ' </div>'; $tmpHTML .= ' <input type="hidden" id="uploadAuthorIdExist[]" name="uploadAuthorIdExist[]" value="" />'; $tmpHTML .= ' </div>'; $tmpHTML .= ' <div class="form-row mt-2">'; $tmpHTML .= ' <div class="col">'; $tmpHTML .= ' <label>Affiliation</label>'; $tmpHTML .= ' <input type="text" id="uploadAuthorAffiliation[]" name="uploadAuthorAffiliation[]" class="form-control" />'; $tmpHTML .= ' </div>'; $tmpHTML .= ' </div>'; $tmpHTML .= ' <div id="panelSrchAuthor_' . ($numAuthors+1) . '" class="mt-2"></div>'; echo $tmpHTML; } } // Upload New Article - Step 1 if ($act == 'uploadNew') { ?> <ol class="breadcrumb my-4"> <li class="breadcrumb-item"><a href="dashboard.php">Dashboard</a></li> <li class="breadcrumb-item">Articles</a></li> <li class="breadcrumb-item active">Upload New Article</li> </ol> <div id="panelUpload"> <div class="card p-2 mt-2 mb-3"><b>Article Meta Data</b></div> <div class="form-row"> <div class="form-group col-md-6"> <label for="articleTitle">Title</label> <input type="text" class="form-control" id="articleTitle" name="articleTitle" /> </div> <div class="form-group col-md-3"> <label for="articleCategoryId">Category</label> <select id="articleCategoryId" name="articleCategoryId" class="form-control"> <option value="">--[select]-- <? $sql = "SELECT category_id,category_name FROM categories ORDER BY category_name"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { for ($i=0;$i<$numRows;$i++) { $row = mysqli_fetch_array($result); $tmpCategoryId = $row['category_id']; $tmpCategoryName = $row['category_name']; echo ' <option value="' . $tmpCategoryId . '">' . $tmpCategoryName; } } ?> </select> </div> <div class="form-group col-md-3"> <label for="uploadPdf1">Article Image</label> <input type="file" class="form-control" id="articleImg" name="articleImg" accept="image/*" /> </div> </div> <div class="form-row"> <div class="form-group col-md-4"> <label for="articleTag1">Article Tag 1 (optional)</label> <select id="articleTag1" name="articleTag1" class="form-control"> <option value="">--[select]-- <? $sql = "SELECT tag_name FROM tags ORDER BY tag_name"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { for ($i=0;$i<$numRows;$i++) { $row = mysqli_fetch_array($result); $tmpTagName = $row['tag_name']; echo ' <option value="' . $tmpTagName . '">' . $tmpTagName; } } ?> </select> </div> <div class="form-group col-md-4"> <label for="articleTag2">Article Tag 2 (optional)</label> <select id="articleTag2" name="articleTag2" class="form-control"> <option value="">--[select]-- <? $sql = "SELECT tag_name FROM tags ORDER BY tag_name"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { for ($i=0;$i<$numRows;$i++) { $row = mysqli_fetch_array($result); $tmpTagName = $row['tag_name']; echo ' <option value="' . $tmpTagName . '">' . $tmpTagName; } } ?> </select> </div> <div class="form-group col-md-4"> <label for="articleTag3">Article Tag 3 (optional)</label> <select id="articleTag3" name="articleTag3" class="form-control"> <option value="">--[select]-- <? $sql = "SELECT tag_name FROM tags ORDER BY tag_name"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { for ($i=0;$i<$numRows;$i++) { $row = mysqli_fetch_array($result); $tmpTagName = $row['tag_name']; echo ' <option value="' . $tmpTagName . '">' . $tmpTagName; } } ?> </select> </div> </div> <div class="card p-2 mt-2 mb-3"><b>Author(s)</b></div> <div class="form-row"> <div id="panelAuthor" class="form-group col"> <? $tmpHTML = ''; for ($i=0;$i<3;$i++) { $tmpHTML .= ' <div class="w-100 card mb-4">'; $tmpHTML .= ' <div class="card-header">Author ' . ($i+1) . '</div>'; $tmpHTML .= ' <div class="card-body">'; $tmpHTML .= ' <div id="panelAuthor_' . ($i+1) . '" class="form-row">'; $tmpHTML .= ' <div class="col-5">'; $tmpHTML .= ' <label>First Name</label>'; $tmpHTML .= ' <input type="text" id="uploadAuthorFirstName[]" name="uploadAuthorFirstName[]" class="form-control" maxlength="100" />'; $tmpHTML .= ' </div>'; $tmpHTML .= ' <div class="col-5">'; $tmpHTML .= ' <label>Last Name</label>'; $tmpHTML .= ' <input type="text" id="uploadAuthorLastName[]" name="uploadAuthorLastName[]" class="form-control" maxlength="100" />'; $tmpHTML .= ' </div>'; $tmpHTML .= ' <div class="col-2">'; $tmpHTML .= ' <label></label>'; $tmpHTML .= ' <input type="button" class="form-control btn-outline-primary mt-2" onclick="searchInputAuthor(' . ($i+1) . ')" value="Search" />'; $tmpHTML .= ' </div>'; $tmpHTML .= ' <input type="hidden" id="uploadAuthorIdExist[]" name="uploadAuthorIdExist[]" value="" />'; $tmpHTML .= ' </div>'; $tmpHTML .= ' <div class="form-row mt-2">'; $tmpHTML .= ' <div class="col">'; $tmpHTML .= ' <label>Affiliation</label>'; $tmpHTML .= ' <input type="text" id="uploadAuthorAffiliation[]" name="uploadAuthorAffiliation[]" class="form-control" />'; $tmpHTML .= ' </div>'; $tmpHTML .= ' </div>'; $tmpHTML .= ' <div id="panelSrchAuthor_' . ($i+1) . '" class="mt-2"></div>'; $tmpHTML .= ' </div>'; $tmpHTML .= ' </div>'; } echo $tmpHTML; ?> </div> </div> <div align="right"> <input type="hidden" id="numAuthors" name="numAuthors" value="3" /> <button type="button" class="btn btn-secondary mt-1 mb-3" onclick="addAuthorMore()">Add more Author</button> </div> <div class="form-row mt-0"> <div class="form-group col-md-6"> <label for="isActive">Status</label> <div class="form-check form-check-inline ml-0 ml-sm-2 w-50"> <label class="form-control radio-inline border-0 pl-1 pr-0"><input type="radio" id="isActive" name="isActive" value="1" CHECKED> Active</label> <label class="form-control radio-inline border-0 pl-1 pr-0"><input type="radio" id="isActive" name="isActive" value="0"> Inactive</label> </div> </div> </div> <button type="button" class="btn btn-primary mt-1 mb-3" onclick="chkAddArticle()">Proceed to Step 2</button> </div> <? } // Upload New Article - Step 2 if ($act == 'uploadNewStep2') { $articleId = $_SESSION['articleId']; $articleTitle = ''; $sql = "SELECT article_title FROM articles WHERE article_id=$articleId"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { $row = mysqli_fetch_array($result); $articleTitle = $row['article_title']; } ?> <ol class="breadcrumb my-4"> <li class="breadcrumb-item"><a href="dashboard.php">Dashboard</a></li> <li class="breadcrumb-item">Articles</a></li> <li class="breadcrumb-item active">Upload New Article</li> </ol> <div id="panelUpload"> <div class="card p-2 mt-2 mb-3"><b>Article Content</b></div> <div class="form-row"> <div class="form-group col"> <label for="articleTitle">Title</label> <input type="text" class="form-control" id="articleTitle" name="articleTitle" value="<?=$articleTitle?>" readonly /> </div> </div> <div class="form-row"> <div class="form-group col"> <label for="articleKeywords">Article</label> <textarea class="form-control" id="articleText" name="articleText" /></textarea> </div> </div> <button type="button" class="btn btn-primary mt-1 mb-3" onclick="chkAddArticleStep2()">Upload Article</button> </div> <div id="panelUploadProcessing" class="d-none"> <img src="inc/loader.gif"> </div> <div id="panelUploadStatus" class="d-none"> <div id="panelUploadStatusBody"></div> </div> <script type="text/javascript"> $(function() { tinymce.remove(); tinymce.init({ selector: 'textarea#articleText', encoding: "UTF-8", height: 400, statusbar: false, forced_root_block: '', force_br_newlines: true, force_p_newlines: false, file_picker_types: 'image', automatic_uploads: true, paste_data_images: true, invalid_elements: 'span', extended_valid_elements: 'script[src|async|defer|type|charset]', images_upload_url: 'process/upload.php', file_picker_callback: function(callback, value, meta) { var input = document.createElement('input'); input.setAttribute('type', 'file'); input.setAttribute('accept', 'image/*'); input.onchange = function() { var file = this.files[0]; var reader = new FileReader(); reader.onload = function () { var id = 'blob' + (new Date()).getTime(); var blobCache = tinymce.activeEditor.editorUpload.blobCache; var base64 = reader.result.split(',')[1]; var blobInfo = blobCache.create(id, file, base64); blobCache.add(blobInfo); callback(blobInfo.blobUri(), { title: file.name }); }; reader.readAsDataURL(file); }; input.click(); }, body_class: 'panelArticle', content_css: 'http://139.59.41.116/knaadu/inc/style.css', document_base_url: 'http://139.59.41.116/knaadu/', relative_urls: false, menubar: 'edit format', toolbar: 'undo redo | bold italic underline | alignleft aligncenter alignright alignjustify | outdent indent | numlist bullist | table | forecolor backcolor removeformat | code fullscreen preview | hr charmap image media link', plugins: 'image imagetools code preview table charmap paste media autolink link hr fullscreen lists', contextmenu: 'link image imagetools table spellchecker lists' }); }); </script> <? } // Insert Article - Step 1 if ($act == 'insert') { $uploadCategory = isset($_POST['uploadCategory']) ? trim($_POST['uploadCategory']) : ''; $uploadTitle = isset($_POST['uploadTitle']) ? trim($_POST['uploadTitle']) : ''; $uploadTag1 = isset($_POST['uploadTag1']) ? trim($_POST['uploadTag1']) : ''; $uploadTag2 = isset($_POST['uploadTag2']) ? trim($_POST['uploadTag2']) : ''; $uploadTag3 = isset($_POST['uploadTag3']) ? trim($_POST['uploadTag3']) : ''; $uploadAuthorFirstName = isset($_POST['uploadAuthorFirstName']) ? $_POST['uploadAuthorFirstName'] : ''; $uploadAuthorLastName = isset($_POST['uploadAuthorLastName']) ? $_POST['uploadAuthorLastName'] : ''; $uploadAuthorAffiliation = isset($_POST['uploadAuthorAffiliation']) ? $_POST['uploadAuthorAffiliation'] : ''; $uploadAuthorIdExist = isset($_POST['uploadAuthorIdExist']) ? $_POST['uploadAuthorIdExist'] : ''; $isActive = isset($_POST['isActive']) ? trim($_POST['isActive']) : ''; $uploadTitle = mysqli_real_escape_string($dbpro, $uploadTitle); $sql = "INSERT INTO articles(category_id,article_title,article_tag1,article_tag2,article_tag3,created_id,date_created,is_active) VALUES($uploadCategory,'$uploadTitle','$uploadTag1','$uploadTag2','$uploadTag3',$gUserId,Now(),$isActive)"; mysqli_query($dbpro, $sql); $articleId = mysqli_insert_id($dbpro); $_SESSION['articleId'] = $articleId; // Author(s) foreach($uploadAuthorFirstName as $key => $value) { $singleAuthorFirstName = trim($value); $singleAuthorLastName = trim($uploadAuthorLastName[$key]); $singleAuthorAffiliation = trim($uploadAuthorAffiliation[$key]); $singleAuthorIdExist = trim($uploadAuthorIdExist[$key]); if ($singleAuthorIdExist <> '') { $sql = "INSERT INTO article_authors(article_id,author_id) VALUES($articleId,$singleAuthorIdExist)"; mysqli_query($dbpro, $sql); } else { if ($singleAuthorFirstName <> '') { $sql = "INSERT INTO authors(first_name,last_name,affiliation,created_id,date_created,is_active) VALUES('$singleAuthorFirstName','$singleAuthorLastName','$singleAuthorAffiliation',$gUserId,Now(),0)"; mysqli_query($dbpro, $sql); $authorId = mysqli_insert_id($dbpro); $sql = "INSERT INTO article_authors(article_id,author_id) VALUES($articleId,$authorId)"; mysqli_query($dbpro, $sql); } } } // Article Image if (isset($_FILES['articleImg'])) { $temp = $_FILES['articleImg']; if (is_uploaded_file($temp['tmp_name'])) { $fileExt = strtolower(pathinfo($temp['name'], PATHINFO_EXTENSION)); move_uploaded_file($temp['tmp_name'], "../../data/articles/" . $articleId . "." . $fileExt); $sql = "UPDATE articles SET article_img='$fileExt' WHERE article_id=$articleId"; mysqli_query($dbpro, $sql); } } } // Insert Article - Step 2 if ($act == 'insertStep2') { $articleId = $_SESSION['articleId']; $uploadArticle = isset($_POST['uploadArticle']) ? $_POST['uploadArticle'] : ''; $uploadArticle = mysqli_real_escape_string($dbpro, $uploadArticle); $sql = "UPDATE articles SET article_text='$uploadArticle' WHERE article_id=$articleId"; mysqli_query($dbpro, $sql); echo "Article has been uploaded!<br><br>"; echo "<a href=\"../show.article.php?id=$articleId\" target=\"_blank\">View Article</a><br>"; if (isset($_FILES['articleImg'])) echo "<a href=\"../data/articles/$articleId.$fileExt\" target=\"_blank\">View Article Image</a><br>"; } // Update Article if ($act == 'edit') { $editId = isset($_POST['editId']) ? $_POST['editId'] : ''; $articleTitle = isset($_POST['articleTitle']) ? trim($_POST['articleTitle']) : ''; if ($editId != '' && $articleTitle != '') { $articleCategoryId = isset($_POST['articleCategoryId']) ? trim($_POST['articleCategoryId']) : ''; $articleText = isset($_POST['articleText']) ? trim($_POST['articleText']) : ''; $articleTag1 = isset($_POST['articleTag1']) ? trim($_POST['articleTag1']) : ''; $articleTag2 = isset($_POST['articleTag2']) ? trim($_POST['articleTag2']) : ''; $articleTag3 = isset($_POST['articleTag3']) ? trim($_POST['articleTag3']) : ''; $uploadAuthorFirstName = isset($_POST['uploadAuthorFirstName']) ? $_POST['uploadAuthorFirstName'] : ''; $uploadAuthorLastName = isset($_POST['uploadAuthorLastName']) ? $_POST['uploadAuthorLastName'] : ''; $uploadAuthorAffiliation = isset($_POST['uploadAuthorAffiliation']) ? $_POST['uploadAuthorAffiliation'] : ''; $uploadAuthorIdExist = isset($_POST['uploadAuthorIdExist']) ? $_POST['uploadAuthorIdExist'] : ''; $isActive = isset($_POST['isActive']) ? trim($_POST['isActive']) : ''; $articleTitle = mysqli_real_escape_string($dbpro, $articleTitle); $articleText = mysqli_real_escape_string($dbpro, $articleText); $sql = "UPDATE articles SET category_id=$articleCategoryId,article_title='$articleTitle',article_tag1='$articleTag1',article_tag2='$articleTag2',article_tag3='$articleTag3',article_text='$articleText',modified_id=$gUserId,is_active=$isActive,date_modified=Now() WHERE article_id=$editId"; mysqli_query($dbpro, $sql); // Author(s) foreach($uploadAuthorFirstName as $key => $value) { $singleAuthorFirstName = trim($value); $singleAuthorLastName = trim($uploadAuthorLastName[$key]); $singleAuthorAffiliation = trim($uploadAuthorAffiliation[$key]); $singleAuthorIdExist = trim($uploadAuthorIdExist[$key]); if ($singleAuthorIdExist <> '') { $sql = "INSERT INTO article_authors(article_id,author_id) VALUES($editId,$singleAuthorIdExist)"; mysqli_query($dbpro, $sql); } else { if ($singleAuthorFirstName <> '') { $sql = "INSERT INTO authors(first_name,last_name,affiliation,created_id,date_created,is_active) VALUES('$singleAuthorFirstName','$singleAuthorLastName','$singleAuthorAffiliation',$gUserId,Now(),0)"; mysqli_query($dbpro, $sql); $authorId = mysqli_insert_id($dbpro); $sql = "INSERT INTO article_authors(article_id,author_id) VALUES($editId,$authorId)"; mysqli_query($dbpro, $sql); } } } // Article Image $fileExt = ''; if (isset($_FILES['articleImg'])) { $temp = $_FILES['articleImg']; if (is_uploaded_file($temp['tmp_name'])) { $fileExt = strtolower(pathinfo($temp['name'], PATHINFO_EXTENSION)); move_uploaded_file($temp['tmp_name'], "../../data/articles/" . $editId . "." . $fileExt); $sql = "UPDATE articles SET article_img='$fileExt' WHERE article_id=$editId"; mysqli_query($dbpro, $sql); } } else { $sql = "SELECT article_img FROM articles WHERE article_id=$editId"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { $row = mysqli_fetch_array($result); $fileExt = $row['article_img']; } } echo "Article has been updated!<br><br>"; echo "<a href=\"../show.article.php?id=$editId\" target=\"_blank\">View Article</a><br>"; echo "<a href=\"../data/articles/$editId.$fileExt\" target=\"_blank\">View Article Image</a><br>"; } } // Deactivate if ($act == 'deactivate') { $delId = isset($_POST['delId']) ? $_POST['delId'] : ''; if ($delId != '') { $sql = "UPDATE articles SET is_active=0,modified_id=$gUserId,date_modified=Now() WHERE article_id=$delId"; mysqli_query($dbpro, $sql); echo "OK"; } } // Delete if ($act == 'delete') { $delId = isset($_POST['delId']) ? $_POST['delId'] : ''; if ($delId != '') { $sql = "SELECT article_img FROM articles WHERE article_id=$delId"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { $row = mysqli_fetch_array($result); $articleImg = $row['article_img']; $sql = "DELETE FROM articles WHERE article_id=$delId"; mysqli_query($dbpro, $sql); $sql = "DELETE FROM authors WHERE author_id IN (SELECT author_id FROM article_authors WHERE article_id=$delId AND author_id NOT IN (SELECT author_id FROM article_authors WHERE article_id<>$delId))"; mysqli_query($dbpro, $sql); $sql = "DELETE FROM article_authors WHERE article_id=$delId"; mysqli_query($dbpro, $sql); $articleImg = "../../data/articles/$delId.$articleImg"; if (file_exists($articleImg)) unlink($articleImg); } echo "OK"; } } // Show Edit if ($act == 'editForm') { $isValid = 0; $articleId = isset($_POST['id']) ? $_POST['id'] : ''; $_SESSION['articleId'] = $articleId; $sql = "SELECT * FROM articles WHERE article_id=$articleId"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { $row = mysqli_fetch_assoc($result); $categoryId = $row['category_id']; $articleTitle = $row['article_title']; $articleText = $row['article_text']; $articleTag1 = $row['article_tag1']; $articleTag2 = $row['article_tag2']; $articleTag3 = $row['article_tag3']; $articleImg = $row['article_img']; $articleImg = "../../data/articles/$articleId.$articleImg"; $isActive = $row['is_active']; $isValid = 1; } ?> <div class="popup" style="width:1000px"> <div class="widget"> <form id="frmEdit" name="frmEdit"> <div class="card"> <div class="card-header">Edit Article</div> </div> <div id="widgetEdit_B" style="padding:15px 25px; max-height:calc(100vh - 200px);overflow-y: auto;"> <? if($isValid == 1) { ?> <div class="form-row"> <div class="form-group col"> <label for="articleTitle">Title</label> <input type="text" class="form-control" id="articleTitle" name="articleTitle" value="<?=$articleTitle?>" /> </div> <div class="form-group col-md-3"> <label for="articleCategoryId">Category</label> <select id="articleCategoryId" name="articleCategoryId" class="form-control"> <option value="">--[select]-- <? $sql = "SELECT category_id,category_name FROM categories ORDER BY category_name"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { for ($i=0;$i<$numRows;$i++) { $row = mysqli_fetch_array($result); $tmpCategoryId = $row['category_id']; $tmpCategoryName = $row['category_name']; if ($tmpCategoryId == $categoryId) { echo ' <option value="' . $tmpCategoryId . '" SELECTED>' . $tmpCategoryName; } else { echo ' <option value="' . $tmpCategoryId . '">' . $tmpCategoryName; } } } ?> </select> </div> <div class="form-group col-md-3"> <label for="articleImg">Article Image</label> <input type="file" class="form-control" id="articleImg" name="articleImg" accept="image/*" /> <div class="mb-2"><a href="../<?=$articleId?>.<?=$articleImg?>" target="_blank">View Uploaded Image</a></div> </div> </div> <div class="form-row"> <div class="form-group col"> <label for="articleTitle">Article</label> <textarea class="form-control" id="articleText" name="articleText"><?=$articleText?></textarea> </div> </div> <div class="form-row"> <div class="form-group col-md-4"> <label for="articleTag1">Article Tag 1 (optional)</label> <select id="articleTag1" name="articleTag1" class="form-control"> <option value="">--[select]-- <? $sql = "SELECT tag_name FROM tags ORDER BY tag_name"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { for ($i=0;$i<$numRows;$i++) { $row = mysqli_fetch_array($result); $tmpTagName = $row['tag_name']; if ($tmpTagName == $articleTag1) { echo ' <option value="' . $tmpTagName . '" SELECTED>' . $tmpTagName; } else { echo ' <option value="' . $tmpTagName. '">' . $tmpTagName; } } } ?> </select> </div> <div class="form-group col-md-4"> <label for="articleTag2">Article Tag 2 (optional)</label> <select id="articleTag2" name="articleTag2" class="form-control"> <option value="">--[select]-- <? $sql = "SELECT tag_name FROM tags ORDER BY tag_name"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { for ($i=0;$i<$numRows;$i++) { $row = mysqli_fetch_array($result); $tmpTagName = $row['tag_name']; if ($tmpTagName == $articleTag2) { echo ' <option value="' . $tmpTagName . '" SELECTED>' . $tmpTagName; } else { echo ' <option value="' . $tmpTagName. '">' . $tmpTagName; } } } ?> </select> </div> <div class="form-group col-md-4"> <label for="articleTag3">Article Tag 3 (optional)</label> <select id="articleTag3" name="articleTag3" class="form-control"> <option value="">--[select]-- <? $sql = "SELECT tag_name FROM tags ORDER BY tag_name"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { for ($i=0;$i<$numRows;$i++) { $row = mysqli_fetch_array($result); $tmpTagName = $row['tag_name']; if ($tmpTagName == $articleTag3) { echo ' <option value="' . $tmpTagName . '" SELECTED>' . $tmpTagName; } else { echo ' <option value="' . $tmpTagName. '">' . $tmpTagName; } } } ?> </select> </div> </div> <div class="form-row"> <div class="form-group col-md-6"> <label for="isActive">Status</label> <div class="form-check form-check-inline ml-0 ml-sm-2 w-50"> <label class="form-control radio-inline border-0 pl-1 pr-0"><input type="radio" id="isActive" name="isActive" value="1"<? if ($isActive == 1) {?> CHECKED<? } ?>> Active</label> <label class="form-control radio-inline border-0 pl-1 pr-0"><input type="radio" id="isActive" name="isActive" value="0"<? if ($isActive == 0) {?> CHECKED<? } ?>> Inactive</label> </div> </div> </div> <div class="card p-2 mt-2 mb-3"><b>Author(s)</b></div> <div class="form-row"> <div id="panelAuthor" class="form-group col"> <? $tmpHTML = ''; $sql = "SELECT B.author_id,first_name,last_name,affiliation FROM article_authors A INNER JOIN authors B ON A.author_id=B.author_id WHERE A.article_id=$articleId"; $resultAuthor = mysqli_query($dbpro,$sql); $numRows = mysqli_num_rows($resultAuthor); for ($i=0;$i<$numRows;$i++) { $rowAuthor = $resultAuthor->fetch_assoc(); $authorId = $rowAuthor['author_id']; $authorFirstName = $rowAuthor['first_name']; $authorLastName = $rowAuthor['last_name']; $authorAffiliation = $rowAuthor['affiliation']; ?> <div class="my-2"> <div class="float-left" style="width:25px"><?=$i+1?>.</div> <div class="float-left"><?=$authorFirstName?> <?=$authorLastName?><br><?=$authorAffiliation?></div> <div class="float-right" id="articleAuthor_<?=$articleId?>_<?=$authorId?>"><a href="javascript:np()" onclick="confirmDelArticleAuthor(<?=$articleId?>,<?=$authorId?>)"><i class="cursorHand far fa-trash-alt fa-lg"></i></a></div> <br clear="all"> </div> <? } for ($i=0;$i<3;$i++) { $tmpHTML .= ' <div class="w-100 card my-4">'; $tmpHTML .= ' <div class="card-header">New Author ' . ($i+1) . '</div>'; $tmpHTML .= ' <div class="card-body">'; $tmpHTML .= ' <div id="panelAuthor_' . ($i+1) . '" class="form-row">'; $tmpHTML .= ' <div class="col-5">'; $tmpHTML .= ' <label>First Name</label>'; $tmpHTML .= ' <input type="text" id="uploadAuthorFirstName[]" name="uploadAuthorFirstName[]" class="form-control" maxlength="100" />'; $tmpHTML .= ' </div>'; $tmpHTML .= ' <div class="col-5">'; $tmpHTML .= ' <label>Last Name</label>'; $tmpHTML .= ' <input type="text" id="uploadAuthorLastName[]" name="uploadAuthorLastName[]" class="form-control" maxlength="100" />'; $tmpHTML .= ' </div>'; $tmpHTML .= ' <div class="col-2">'; $tmpHTML .= ' <label></label>'; $tmpHTML .= ' <input type="button" class="form-control btn-outline-primary mt-2" onclick="searchInputAuthor(' . ($i+1) . ')" value="Search" />'; $tmpHTML .= ' </div>'; $tmpHTML .= ' <input type="hidden" id="uploadAuthorIdExist[]" name="uploadAuthorIdExist[]" value="" />'; $tmpHTML .= ' </div>'; $tmpHTML .= ' <div class="form-row mt-2">'; $tmpHTML .= ' <div class="col">'; $tmpHTML .= ' <label>Affiliation</label>'; $tmpHTML .= ' <input type="text" id="uploadAuthorAffiliation[]" name="uploadAuthorAffiliation[]" class="form-control" />'; $tmpHTML .= ' </div>'; $tmpHTML .= ' </div>'; $tmpHTML .= ' <div id="panelSrchAuthor_' . ($i+1) . '" class="mt-2"></div>'; $tmpHTML .= ' </div>'; $tmpHTML .= ' </div>'; } echo $tmpHTML; ?> </div> </div> <div align="right"> <input type="hidden" id="numAuthors" name="numAuthors" value="3" /> <button type="button" class="btn btn-secondary mt-1 mb-3" onclick="addAuthorMore()">Add more Author</button> </div> <? } ?> </div> <div id="widgetEdit_F" style="border-top:1px solid #ebedf2;padding:20px 15px;"> <div class="col"> <button type="submit" class="btn btn-primary" onclick="return chkEditArticle()">Update</button> <button type="submit" class="btn btn-light ml-1" onclick="return clearForm('frmEdit')">Reset</button> <div id="panelStatus" class="float-right text-sm text-danger" style="margin-top:5px" align="right"></div> </div> </div> <input type="hidden" id="editId" name="editId" value="<?=$articleId?>" /> <input type="hidden" id="act" name="act" value="edit" /> </form> </div> </div> <? } // Show Deactivate if ($act == 'decForm') { $isValid = 0; $articleId = isset($_POST['id']) ? $_POST['id'] : ''; $sql = "SELECT article_title FROM articles WHERE article_id=$articleId"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { $row = mysqli_fetch_assoc($result); $articleTitle = $row['article_title']; $isValid = 1; } ?> <div class="popup" style="width:500px"> <div class="widget"> <form id="frmDel" name="frmDel"> <div class="card"> <div class="card-header">Deactivate Article</div> </div> <div id="widgetDel_B" style="padding:15px 25px"> <? if($isValid == 1) { ?> You are about to deactivate Article: <b><?=$articleTitle?></b> <? } ?> </div> <div id="widgetDel_F" style="border-top:1px solid #ebedf2;padding:20px 25px;"> <div class="col"> <button type="submit" class="btn btn-primary" onclick="return chkDecArticle()">Confirm</button> <div id="panelStatus" class="float-right text-sm text-danger" style="margin-top:5px" align="right"></div> </div> </div> <input type="hidden" id="delId" name="delId" value="<?=$articleId?>" /> <input type="hidden" id="act" name="act" value="deactivate" /> </form> </div> </div> <? } // Show Delete if ($act == 'delForm') { $isValid = 0; $articleId = isset($_POST['id']) ? $_POST['id'] : ''; $sql = "SELECT article_title FROM articles WHERE article_id=$articleId"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { $row = mysqli_fetch_assoc($result); $articleTitle = $row['article_title']; $isValid = 1; } ?> <div class="popup" style="width:500px"> <div class="widget"> <form id="frmDel" name="frmDel"> <div class="card"> <div class="card-header">Delete Article</div> </div> <div id="widgetDel_B" style="padding:15px 25px"> <? if($isValid == 1) { ?> You are about to delete Article: <b><?=$articleTitle?></b> <? } ?> </div> <div id="widgetDel_F" style="border-top:1px solid #ebedf2;padding:20px 25px;"> <div class="col"> <button type="submit" class="btn btn-primary" onclick="return chkDelArticle()">Confirm</button> <div id="panelStatus" class="float-right text-sm text-danger" style="margin-top:5px" align="right"></div> </div> </div> <input type="hidden" id="delId" name="delId" value="<?=$articleId?>" /> <input type="hidden" id="act" name="act" value="delete" /> </form> </div> </div> <? } // Search Form if ($act == 'search') { ?> <ol class="breadcrumb mt-4 mb-3"> <li class="breadcrumb-item"><a href="dashboard.php">Dashboard</a></li> <li class="breadcrumb-item">Articles</li> <li class="breadcrumb-item active">Manage Articles</li> </ol> <form id="frmSearch" name="frmSearch"> <div class="card"> <div class="card-header">Search Articles</div> <div class="card-body"> <div class="form-inline"> <div class="form-group mr-2"> <label for="srcCategoryId" class="col-form-label-sm">Category</label> <select id="srcCategoryId" name="srcCategoryId" class="form-control ml-2"> <option value="">--[select]-- <? $sql = "SELECT category_id,category_name FROM categories ORDER BY category_name"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { for ($i=0;$i<$numRows;$i++) { $row = mysqli_fetch_array($result); $categoryId = $row['category_id']; $categoryName = $row['category_name']; echo ' <option value="' . $categoryId . '">' . $categoryName; } } ?> </select> </div> <div class="form-group ml-0 ml-sm-4"> <label for="srcIsActive" class="col-form-label-sm">Status</label> <div class="form-check form-check-inline ml-0 ml-sm-4"> <label class="form-control radio-inline border-0 pl-1"><input type="radio" id="srcIsActive" name="srcIsActive" value="1"> Active</label> <label class="form-control radio-inline border-0 pl-1"><input type="radio" id="srcIsActive" name="srcIsActive" value="0"> Inactive</label> <label class="form-control radio-inline border-0 pl-1"><input type="radio" id="srcIsActive" name="srcIsActive" value="" CHECKED> All</label> </div> </div> <div class="col text-right"> <button type="submit" class="btn btn-primary mt-2 mt-sm-0" onclick="return searchArticle()">Show</button> </div> </div> </div> </div> <div id="panelSearch"></div> <input type="hidden" id="act" name="act" value="searchResults" /> </form> <? } // Search Result if ($act == 'searchResults') { $pageNum = isset($_POST["pageNum"]) ? $_POST["pageNum"] : 1; $srcCategoryId = isset($_POST["srcCategoryId"]) ? $_POST["srcCategoryId"] : ''; $srcIsActive = isset($_POST["srcIsActive"]) ? $_POST["srcIsActive"] : ''; $numRecords = 50; $startOrder = (($pageNum - 1) * $numRecords); $sql = "SELECT SQL_CALC_FOUND_ROWS A.*,B.category_name FROM articles A INNER JOIN categories B ON A.category_id=B.category_id WHERE A.article_id>0"; if ($srcCategoryId != '') $sql .= " AND A.category_id=$srcCategoryId"; if ($srcIsActive == '0') $sql .= " AND A.is_active=0"; if ($srcIsActive == '1') $sql .= " AND A.is_active=1"; $sql .= " ORDER BY A.article_title LIMIT " . $startOrder . "," . ($numRecords+1); $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); $sql = "SELECT FOUND_ROWS()"; $resultCount = mysqli_query($dbpro, $sql); $rowCount = mysqli_fetch_array($resultCount); $totalCount = $rowCount[0]; if ($numRows == 0) { echo '<div class="m-2">No results found!</div>'; } else { ?> <table class="table table-sm mt-3"> <thead class="thead-light"> <tr> <th width="20"></th> <th>Category</th> <th>Article</th> <th>Downloads</th> <th>Status</th> <th width="30"></th> <th width="30"></th> <th width="30"></th> <th width="30"></th> </tr> </thead> <? $j = 0; for ($i=0;$i<$numRows;$i++) { if ($i < $numRecords) { $row = mysqli_fetch_array($result); $categoryName = $row['category_name']; $articleId = $row['article_id']; $articleTitle = $row['article_title']; $articleDownload = $row['article_downloads']; $isActive = $row['is_active']; $txtStatus = ($isActive) ? 'Active' : '<span class="text-danger">Inactive</span>'; $j += 1; ?> <tr> <th><?=$startOrder+$i+1?>.</th> <td><?=$categoryName?></td> <td><?=$articleTitle?></td> <td><?=$articleDownload?></td> <td><?=$txtStatus?></td> <td align="center" title="Preview Article"><a href="../show.article.php?id=<?=$articleId?>" target="_blank"><i data-id="<?=$articleId?>" class="far fa-eye fa-lg" style="color:#000"></i></a></td> <td align="center" title="Edit Article"><i data-id="<?=$articleId?>" class="editRow cursorHand far fa-edit fa-lg"></i></td> <td align="center" <? if ($txtStatus == 'Active') { ?>title="Deactivate Article"<? } ?>><? if ($txtStatus == 'Active') { ?><i data-id="<?=$articleId?>" class="decRow cursorHand far fa-trash-alt fa-lg"></i><? } ?></td> <td align="center" title="Delete Article"><i data-id="<?=$articleId?>" class="delRow cursorHand fas fa-times fa-lg"></i></td> </tr> <? } } ?> </table> <div id="listingPageNum" class="float-left text-success" data-pagenum="<?=$pageNum?>">Showing <?=$startOrder+1?> to <?=$startOrder+$j?> of <?=$totalCount?> entries</div> <div class="float-right" align="right"> <? if ($pageNum > 1) { ?><button class="btn btn-warning" onclick="return searchArticle(<?=$pageNum-1?>)"><</button><? } ?> <? if ($numRows > $numRecords) { ?><button class="btn btn-warning" style="margin-left:5px" onclick="return searchArticle(<?=$pageNum+1?>)">></button><? } ?> </div> <div class="cleaner"></div> <br> <br> <? } ?> <script type="text/javascript"> $(function() { $('.editRow').magnificPopup({ type: 'ajax', closeBtnInside: true, ajax: { settings: { method: 'POST', url: 'process/get.section.article.php' } }, callbacks: { open: function() { $.magnificPopup.instance._onFocusIn = function(e) { if( $(e.target).closest('.mce-window')) { return true; } $.magnificPopup.proto._onFocusIn.call(this,e); }; }, elementParse: function(item){ postData = { act: 'editForm', id: $(item.el[0]).data('id') } this.st.ajax.settings.data = postData; }, ajaxContentAdded: function(e) { tinymce.remove(); tinymce.init({ selector: 'textarea#articleText', encoding: "UTF-8", height: 400, statusbar: false, forced_root_block: '', force_br_newlines: true, force_p_newlines: false, file_picker_types: 'image', automatic_uploads: true, paste_data_images: true, invalid_elements: 'span', extended_valid_elements: 'script[src|async|defer|type|charset]', images_upload_url: 'process/upload.php', file_picker_callback: function(callback, value, meta) { var input = document.createElement('input'); input.setAttribute('type', 'file'); input.setAttribute('accept', 'image/*'); input.onchange = function () { var file = this.files[0]; var reader = new FileReader(); reader.onload = function() { var id = 'blob' + (new Date()).getTime(); var blobCache = tinymce.activeEditor.editorUpload.blobCache; var base64 = reader.result.split(',')[1]; var blobInfo = blobCache.create(id, file, base64); blobCache.add(blobInfo); callback(blobInfo.blobUri(), { title: file.name }); }; reader.readAsDataURL(file); }; input.click(); }, body_class: 'panelArticle', content_css: 'http://139.59.41.116/knaadu/inc/style.css', document_base_url: 'http://139.59.41.116/knaadu/', relative_urls: false, menubar: 'edit format', toolbar: 'undo redo | bold italic underline | alignleft aligncenter alignright alignjustify | outdent indent | numlist bullist | table | forecolor backcolor removeformat | code fullscreen preview | hr charmap image media link', plugins: 'image imagetools code preview table charmap paste media autolink link hr fullscreen lists', contextmenu: 'link image imagetools table spellchecker lists' }); } } }); $('.decRow').magnificPopup({ type: 'ajax', closeBtnInside: true, ajax: { settings: { method: 'POST', url: 'process/get.section.article.php' } }, callbacks: { elementParse: function(item){ postData = { act: 'decForm', id: $(item.el[0]).data('id') } this.st.ajax.settings.data = postData; } } }); $('.delRow').magnificPopup({ type: 'ajax', closeBtnInside: true, ajax: { settings: { method: 'POST', url: 'process/get.section.article.php' } }, callbacks: { elementParse: function(item){ postData = { act: 'delForm', id: $(item.el[0]).data('id') } this.st.ajax.settings.data = postData; } } }); }); </script> <? }