OXIESEC PANEL
- Current Dir:
/
/
var
/
www
/
knaadu
/
cms
/
process
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
01/14/2024 12:04:40 PM
rwxr-xr-x
📄
chk.login.php
936 bytes
12/18/2021 04:01:00 AM
rwxr-xr-x
📄
get.section.article.php
41.34 KB
01/14/2024 11:25:58 AM
rw-r--r--
📄
get.section.author.php
12.17 KB
12/28/2021 03:21:00 AM
rwxr-xr-x
📄
get.section.category.php
9.29 KB
12/18/2021 04:01:00 AM
rwxr-xr-x
📄
get.section.general.php
32.43 KB
02/21/2023 05:59:26 AM
rwxr-xr-x
📄
get.section.issue.php
16.68 KB
12/28/2021 02:59:00 AM
rwxr-xr-x
📄
get.section.tag.php
8.79 KB
12/18/2021 04:29:00 AM
rwxr-xr-x
📄
get.section.user.php
14.23 KB
12/18/2021 04:13:00 AM
rwxr-xr-x
📄
get.section.volume.php
12 KB
12/18/2021 04:01:00 AM
rwxr-xr-x
📄
logout.php
93 bytes
12/18/2021 04:01:00 AM
rwxr-xr-x
📄
upload.php
2.3 KB
12/20/2021 11:28:00 PM
rwxr-xr-x
Editing: get.section.issue.php
Close
<? // ACCS Journal: Issue include '../inc/validate.logged.php'; include '../../inc/config.php'; $act = ''; if (!empty($_POST)) $act = isset($_POST["act"]) ? $_POST["act"] : ''; // Check if already exists on creation if ($act == 'chkExist') { $editId = isset($_POST['editId']) ? $_POST['editId'] : ''; $volumeNum = isset($_POST['volumeNum']) ? $_POST['volumeNum'] : ''; $issueNum = isset($_POST['issueNum']) ? $_POST['issueNum'] : ''; if ($volumeNum != '' && $issueNum != '') { if ($editId == '') { $sql = "SELECT issue_id FROM issues WHERE volume_num=$volumeNum AND issue_num='$issueNum'"; } else { $sql = "SELECT issue_id FROM issues WHERE volume_num=$volumeNum AND issue_num='$issueNum' AND issue_id<>$editId"; } $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows == 0) { echo 'OK'; } else { echo 'ERROR: Issue already exists!'; } } } // Check for Issues if ($act == 'getIssues') { $volumeNum = isset($_POST['volumeNum']) ? $_POST['volumeNum'] : ''; if ($volumeNum != '') { $listIssue = ''; $sql = "SELECT issue_num FROM issues WHERE volume_num=$volumeNum ORDER BY issue_num"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { for ($i=0;$i<$numRows;$i++) { $row = mysqli_fetch_array($result); $listIssue .= $row['issue_num'] . ','; } if ($listIssue <> '') $listIssue = substr($listIssue, 0, -1); echo $listIssue; } } } // Add if ($act == 'add') { $volumeNum = isset($_POST['volumeNum']) ? $_POST['volumeNum'] : ''; $issueNum = isset($_POST['issueNum']) ? trim($_POST['issueNum']) : ''; $issueDate = isset($_POST['issueDate']) ? trim($_POST['issueDate']) : ''; $isActive = isset($_POST['isActive']) ? trim($_POST['isActive']) : ''; if ($volumeNum != '' && $issueNum != '' && $issueDate != '') { $sql = "SELECT issue_id FROM issues WHERE volume_num=$volumeNum AND issue_num=$issueNum"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows == 0) { $sql = "INSERT INTO issues(volume_num,issue_num,issue_date,created_id,date_created,is_active) VALUES($volumeNum,$issueNum,'$issueDate',$gUserId,Now(),0)"; mysqli_query($dbpro, $sql); $issueId = mysqli_insert_id($dbpro); if (isset($_FILES['uploadCover'])) { $temp = $_FILES['uploadCover']; if (is_uploaded_file($temp['tmp_name'])) { $fileExt = strtolower(pathinfo($temp['name'], PATHINFO_EXTENSION)); $fileUpload = time() . '.' . $fileExt; move_uploaded_file($temp['tmp_name'], '../../data/covers/' . $fileUpload); $sql = "UPDATE issues SET issue_cover='$fileUpload' WHERE issue_id=$issueId"; mysqli_query($dbpro, $sql); } } echo "OK"; } } } // Update if ($act == 'edit') { $editId = isset($_POST['editId']) ? $_POST['editId'] : ''; $volumeNum = isset($_POST['volumeNum']) ? $_POST['volumeNum'] : ''; $issueNum = isset($_POST['issueNum']) ? trim($_POST['issueNum']) : ''; $issueDate = isset($_POST['issueDate']) ? trim($_POST['issueDate']) : ''; $isActive = isset($_POST['isActive']) ? trim($_POST['isActive']) : ''; if ($editId != '' && $volumeNum != '' && $issueNum != '' && $issueDate != '') { if (isset($_FILES['uploadCover'])) { $temp = $_FILES['uploadCover']; if (is_uploaded_file($temp['tmp_name'])) { $fileExt = strtolower(pathinfo($temp['name'], PATHINFO_EXTENSION)); $fileUpload = time() . '.' . $fileExt; move_uploaded_file($temp['tmp_name'], '../../data/covers/' . $fileUpload); $sql = "UPDATE issues SET volume_num=$volumeNum,issue_num=$issueNum,issue_cover='$fileUpload',issue_date='$issueDate',modified_id=$gUserId,is_active=$isActive,date_modified=Now() WHERE issue_id=$editId"; } } else { $sql = "UPDATE issues SET volume_num=$volumeNum,issue_num=$issueNum,issue_date='$issueDate',modified_id=$gUserId,is_active=$isActive,date_modified=Now() WHERE issue_id=$editId"; } mysqli_query($dbpro, $sql); echo "OK"; } } // Deactivate if ($act == 'delete') { $delId = isset($_POST['delId']) ? $_POST['delId'] : ''; if ($delId != '') { $sql = "UPDATE issues SET is_active=0,modified_id=$gUserId,date_modified=Now() WHERE issue_id=$delId"; mysqli_query($dbpro, $sql); echo "OK"; } } // Show Add if ($act == 'addForm') { ?> <div class="card mt-3"> <div class="card-header">Add New Issue</div> <div class="card-body"> <div class="form-row"> <div class="form-group col-md-4"> <label for="volumeNum">Volume</label> <select id="volumeNum" name="volumeNum" class="form-control"> <option value="">--[select]-- <? $sql = "SELECT volume_num FROM volumes ORDER BY volume_num DESC"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { for ($i=0;$i<$numRows;$i++) { $row = mysqli_fetch_array($result); $tmpVolumeNum = $row['volume_num']; echo ' <option value="' . $tmpVolumeNum . '">Volume ' . $tmpVolumeNum; } } ?> </select> </div> <div class="form-group col-md-4"> <label for="issueNum">Issue Number</label> <input type="number" class="form-control" id="issueNum" name="issueNum" min="1" max="12" /> </div> <div class="form-group col-md-4"> <label for="issuePageStart">Issue Date</label> <input type="date" class="form-control" id="issueDate" name="issueDate" /> </div> </div> <div class="form-row"> <div class="form-group col-md-4"> <label for="uploadCover">Cover image</label> <input type="file" class="form-control" id="uploadCover" name="uploadCover" accept=".jpg" /> </div> <div class="form-group col-md-4"> <label for="isActive">Status</label> <div class="mt-2"> <div class="form-check form-check-inline"> <input type="radio" id="isActive" name="isActive" value="1" CHECKED> <label class="form-check-label pl-2" for="isActive">Active</label> </div> <div class="form-check form-check-inline"> <input type="radio" id="isActive" name="isActive" value="0"> <label class="form-check-label pl-2" for="isActive">Inactive</label> </div> </div> </div> </div> </div> <div class="card-footer"> <button type="submit" class="btn btn-primary" onclick="return chkAddIssue()">Add</button> <div id="panelStatus" class="float-right text-sm text-danger" style="margin-top:5px" align="right"></div> </div> </div> <? } // Show Edit if ($act == 'editForm') { $isValid = 0; $issueId = isset($_POST['id']) ? $_POST['id'] : ''; $sql = "SELECT * FROM issues WHERE issue_id=$issueId"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { $row = mysqli_fetch_assoc($result); $volumeNum = $row['volume_num']; $issueNum = $row['issue_num']; $issueCover = $row['issue_cover']; $issueDate = $row['issue_date']; $isActive = $row['is_active']; $isValid = 1; } ?> <div class="popup" style="width:600px"> <div class="widget"> <form id="frmEdit" name="frmEdit"> <div class="card"> <div class="card-header">Edit Issue</div> </div> <div id="widgetEdit_B" style="padding:15px 25px"> <? if($isValid == 1) { ?> <div class="form-row"> <div class="form-group col-md-4"> <label for="volumeNum">Volume</label> <select id="volumeNum" name="volumeNum" class="form-control"> <option value="">--[select]-- <? $sql = "SELECT volume_num FROM volumes ORDER BY volume_num DESC"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { for ($i=0;$i<$numRows;$i++) { $row = mysqli_fetch_array($result); $tmpVolumeNum = $row['volume_num']; if ($tmpVolumeNum == $volumeNum) { echo ' <option value="' . $tmpVolumeNum . '" SELECTED>Volume ' . $tmpVolumeNum; } else { echo ' <option value="' . $tmpVolumeNum . '">Volume ' . $tmpVolumeNum; } } } ?> </select> </div> <div class="form-group col-md-4"> <label for="issueNum">Issue Number</label> <input type="number" class="form-control" id="issueNum" name="issueNum" value="<?=$issueNum?>" min="1" max="12" /> </div> <div class="form-group col-md-4"> <label for="issuePageStart">Issue Date</label> <input type="date" class="form-control" id="issueDate" name="issueDate" value="<?=$issueDate?>" /> </div> </div> <div class="form-row"> <div class="col-md-8"> <label for="uploadCover">Cover image</label> <input type="file" class="form-control" id="uploadCover" name="uploadCover" accept=".jpg" /> </div> <? if ($issueCover <> '') { ?> <div class="col-md-4"> <a href="../data/covers/<?=$issueCover?>" target="_blank"><img src="../data/covers/<?=$issueCover?>" width="75" /></a> </div> <? } ?> </div> <div class="form-row"> <div class="form-group col-md-6"> <label for="isActive">Status</label> <div class="mt-2"> <div class="form-check form-check-inline"> <input type="radio" id="isActive" name="isActive" value="1"<? if ($isActive == 1) {?> CHECKED<? } ?>> <label class="form-check-label pl-2" for="isActive">Active</label> </div> <div class="form-check form-check-inline"> <input type="radio" id="isActive" name="isActive" value="0"<? if ($isActive == 0) {?> CHECKED<? } ?>> <label class="form-check-label pl-2" for="isActive">Inactive</label> </div> </div> </div> </div> <? } ?> </div> <div id="widgetEdit_F" style="border-top:1px solid #ebedf2;padding:20px;"> <div class="col"> <button type="submit" class="btn btn-primary" onclick="return chkEditIssue()">Update</button> <button type="submit" class="btn btn-light ml-1" onclick="return clearForm('frmEdit')">Reset</button> <div id="panelStatus" class="float-right text-sm text-danger" style="margin-top:5px" align="right"></div> </div> </div> <input type="hidden" id="editId" name="editId" value="<?=$issueId?>" /> <input type="hidden" id="act" name="act" value="edit" /> </form> </div> </div> <? } // Show Deactivate if ($act == 'delForm') { $isValid = 0; $issueId = isset($_POST['id']) ? $_POST['id'] : ''; $sql = "SELECT issue_num FROM issues WHERE issue_id=$issueId"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { $row = mysqli_fetch_assoc($result); $issueNum = $row['issue_num']; $isValid = 1; } ?> <div class="popup" style="width:480px"> <div class="widget"> <form id="frmDel" name="frmDel"> <div class="card"> <div class="card-header">Deactivate Issue</div> </div> <div id="widgetDel_B" style="padding:15px 25px"> <? if($isValid == 1) { ?> You are about to deactivate Issue: <b><?=$issueNum?></b> <? } ?> </div> <div id="widgetDel_F" style="border-top:1px solid #ebedf2;padding:20px 25px;"> <div class="col"> <button type="submit" class="btn btn-primary" onclick="return chkDelIssue()">Confirm</button> <div id="panelStatus" class="float-right text-sm text-danger" style="margin-top:5px" align="right"></div> </div> </div> <input type="hidden" id="delId" name="delId" value="<?=$issueId?>" /> <input type="hidden" id="act" name="act" value="delete" /> </form> </div> </div> <? } // Search Form if ($act == 'search') { ?> <ol class="breadcrumb mt-4 mb-3"> <li class="breadcrumb-item"><a href="dashboard.php">Dashboard</a></li> <li class="breadcrumb-item active">Issues</li> </ol> <form id="frmSearch" name="frmSearch"> <button type="button" class="btn btn-secondary mb-2 float-right" onclick="addIssue()"><i class="fas fa-plus"></i> Add New Issue</button> <br clear="all" /> <div class="card"> <div class="card-header">Search Issues</div> <div class="card-body"> <div class="form-inline"> <div class="form-group mr-2"> <label for="srcVolumeNum" class="col-form-label-sm">Volume</label> <select id="srcVolumeNum" name="srcVolumeNum" class="form-control ml-2"> <option value="">--[select]-- <? $sql = "SELECT volume_num FROM volumes ORDER BY volume_num DESC"; $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { for ($i=0;$i<$numRows;$i++) { $row = mysqli_fetch_array($result); $volumeNum = $row['volume_num']; echo ' <option value="' . $volumeNum . '">Volume ' . $volumeNum; } } ?> </select> </div> <div class="form-group ml-0 ml-sm-4 mr-2"> <label for="srcIsActive" class="col-form-label-sm">Status</label> <div class="form-check form-check-inline ml-0 ml-sm-4"> <label class="form-control radio-inline border-0 pl-1"><input type="radio" id="srcIsActive" name="srcIsActive" value="1"> Active</label> <label class="form-control radio-inline border-0 pl-1"><input type="radio" id="srcIsActive" name="srcIsActive" value="0"> Inactive</label> <label class="form-control radio-inline border-0 pl-1"><input type="radio" id="srcIsActive" name="srcIsActive" value="" CHECKED> All</label> </div> </div> <div class="col text-right"> <button type="submit" class="btn btn-primary mt-2 mt-sm-0" onclick="return searchIssue()">Show</button> </div> </div> </div> </div> <div id="panelSearch"></div> <input type="hidden" id="act" name="act" value="searchResults" /> </form> <? } // Search Result if ($act == 'searchResults') { $pageNum = isset($_POST["pageNum"]) ? $_POST["pageNum"] : 0; $srcVolumeNum = isset($_POST["srcVolumeNum"]) ? $_POST["srcVolumeNum"] : ''; $srcIsActive = isset($_POST["srcIsActive"]) ? $_POST["srcIsActive"] : ''; $numRecords = 50; $startOrder = (($pageNum - 1) * $numRecords); $sql = "SELECT SQL_CALC_FOUND_ROWS * FROM issues WHERE issue_id>0"; if ($srcVolumeNum != '') $sql .= " AND volume_num=$srcVolumeNum"; if ($srcIsActive == '0') $sql .= " AND is_active=0"; if ($srcIsActive == '1') $sql .= " AND is_active=1"; $sql .= " ORDER BY volume_num DESC, issue_num DESC LIMIT " . $startOrder . "," . ($numRecords+1); $result = mysqli_query($dbpro, $sql); $numRows = mysqli_num_rows($result); $sql = "SELECT FOUND_ROWS()"; $resultCount = mysqli_query($dbpro, $sql); $rowCount = mysqli_fetch_array($resultCount); $totalCount = $rowCount[0]; if ($numRows == 0) { echo '<div class="m-2">No results found!</div>'; } else { ?> <table class="table table-sm mt-3"> <thead class="thead-light"> <tr> <th width="20"></th> <th>Volume</th> <th>Issue</th> <th>Issue Date</th> <th>Status</th> <th width="30"></th> <th width="30"></th> </tr> </thead> <? $j = 0; for ($i=0;$i<$numRows;$i++) { if ($i < $numRecords) { $row = mysqli_fetch_array($result); $volumeNum = $row['volume_num']; $issueId = $row['issue_id']; $issueNum = $row['issue_num']; $issueDate = date('d M, Y', strtotime($row['issue_date'])); $isActive = $row['is_active']; $txtStatus = ($isActive) ? 'Active' : '<span class="text-danger">Inactive</span>'; $j += 1; ?> <tr> <th><?=$startOrder+$i+1?>.</th> <td>Volume <?=$volumeNum?></td> <td><?=$issueNum?></td> <td><?=$issueDate?></td> <td><?=$txtStatus?></td> <td align="center" title="Edit Issue"><i data-id="<?=$issueId?>" class="editRow cursorHand far fa-edit fa-lg"></i></td> <td align="center" title="Deactivate Issue"><? if ($txtStatus == 'Active') { ?><i data-id="<?=$issueId?>" class="delRow cursorHand far fa-trash-alt fa-lg"></i><? } ?></td> </tr> <? } } ?> </table> <div id="listingPageNum" class="float-left text-success" data-pagenum="<?=$pageNum?>">Showing <?=$startOrder+1?> to <?=$startOrder+$j?> of <?=$totalCount?> entries</div> <div class="float-right" align="right"> <? if ($pageNum > 1) { ?><button class="btn btn-warning" onclick="return searchIssue(<?=$pageNum-1?>)"><</button><? } ?> <? if ($numRows > $numRecords) { ?><button class="btn btn-warning" style="margin-left:5px" onclick="return searchIssue(<?=$pageNum+1?>)">></button><? } ?> </div> <div class="cleaner"></div> <br> <br> <? } ?> <script type="text/javascript"> $(function() { $('.editRow').magnificPopup({ type: 'ajax', closeOnBgClick: false, closeBtnInside: true, ajax: { settings: { method: 'POST', url: 'process/get.section.issue.php' } }, callbacks: { elementParse: function(item){ postData = { act: 'editForm', id: $(item.el[0]).data('id') } this.st.ajax.settings.data = postData; } } }); $('.delRow').magnificPopup({ type: 'ajax', closeOnBgClick: false, closeBtnInside: true, ajax: { settings: { method: 'POST', url: 'process/get.section.issue.php' } }, callbacks: { elementParse: function(item){ postData = { act: 'delForm', id: $(item.el[0]).data('id') } this.st.ajax.settings.data = postData; } } }); }); </script> <? }