' . oc_('Submission edits are no longer available.') . '

'; printFooter(); exit; } // Is this a post? if (isset($_POST['ocaction'])) { if (! isset($_POST['pid']) || ! preg_match("/^\d+$/", $_POST['pid'])) { warn(oc_('Submission ID is invalid')); } if ($_POST['ocaction'] == 'Edit Submission') { // Check password if (! $chair && (! isset($_POST['passwordfld']) || empty($_POST['passwordfld']))) { warn(oc_('Submission ID or password entered is incorrect')); printFooter(); exit; } // verify login if not chair if (! $chair) { $pq = "SELECT `password` FROM `" . OCC_TABLE_PAPER . "` WHERE `paperid`='" . safeSQLstr($_POST['pid']) . "'"; $pr = ocsql_query($pq) or err(oc_('Unable to retrieve submission')); if (mysql_num_rows($pr) != 1) { warn(oc_('Submission ID or password entered is incorrect')); printFooter(); exit; } $pl = mysql_fetch_array($pr); if ((hashPassword($_POST['passwordfld'], $pl['password']) != $pl['password']) && (!OCC_CHAIR_PWD_TRUMPS || (hashPassword($_POST['passwordfld'], $OC_configAR['OC_chair_pwd']) != $OC_configAR['OC_chair_pwd'])) ) { warn(oc_('Submission ID or password entered is incorrect')); printFooter(); exit; } unset($_POST['passwordfld']); // set token $token = oc_idGen(); $pr = ocsql_query("UPDATE `" . OCC_TABLE_PAPER . "` SET `edittoken`='" . safeSQLstr($token) . "', `edittime`=" . time() . " WHERE `paperid`=" . safeSQLstr($_POST['pid'])) or err(oc_('Unable to edit submission (token)')); } } elseif ($_POST['ocaction'] != 'Submit Changes') { warn(oc_('Invalid request.')); printFooter(); exit; } if ($chair) { // display back links print '

View This Submission | View All Submissions

'; } elseif ($_POST['ocaction'] == 'Submit Changes') { // check token $pq = "SELECT `edittoken`, `edittime` FROM `" . OCC_TABLE_PAPER . "` WHERE `paperid`='" . safeSQLstr($_POST['pid']) . "'"; $pr = ocsql_query($pq) or err(oc_('Unable to retrieve submission (tokeninfo)')); if (mysql_num_rows($pr) != 1) { err(oc_('Submission ID or password entered is incorrect')); } $pl = mysql_fetch_array($pr); if (!isset($_POST['edittoken']) || ($_POST['edittoken'] != $pl['edittoken']) || ((time() - $pl['edittime']) > (60 * 60 * $editTimeout)) ) { warn(sprintf(oc_('There is a %1$d hour timeout for editing the submission. Please edit submission once again'), $editTimeout, $_SERVER['PHP_SELF'])); printFooter(); exit; } } // Set number of author fields to display and populate $_POST with fields if needed if (isset($_POST['authornum']) && ctype_digit($_POST['authornum'])) { $oc_authorNum = $_POST['authornum']; } else { // get sub $anr = ocsql_query("SELECT * FROM `" . OCC_TABLE_PAPER . "` WHERE `paperid`=" . safeSQLstr($_POST['pid'])) or err("Unable to retrieve submission information"); if (mysql_num_rows($anr) != 1) { err(oc_('Submission ID or password entered is incorrect')); } $_POST = array_merge($_POST, mysql_fetch_assoc($anr)); // get authors $authorCount = 0; $anr = ocsql_query("SELECT * FROM `" . OCC_TABLE_AUTHOR . "` WHERE `paperid`=" . safeSQLstr($_POST['pid']) . " ORDER BY `position`") or err(oc_('Unable to retrieve author(s) information')); while ($anl = mysql_fetch_assoc($anr)) { foreach ($anl as $anli => $anlv) { if (($anli == 'paperid') || ($anli == 'position')) { continue; } $_POST[$anli . $anl['position']] = $anlv; } $authorCount = $anl['position']; // track highest position } // get topics $anr = ocsql_query("SELECT `topicid` FROM `" . OCC_TABLE_PAPERTOPIC . "` WHERE `paperid`=" . safeSQLstr($_POST['pid'])) or err(oc_('Unable to retrieve topic(s) information')); $_POST['topics'] = array(); while ($anl = mysql_fetch_assoc($anr)) { $_POST['topics'][] = $anl['topicid']; } if ( ! $OC_configAR['OC_multipleSubmissionTopics'] ) { $_POST['topics'] = $_POST['topics'][0]; } // set author num to either use min display or actual author count, whichever is greater $oc_authorNum = (($authorCount > $OC_configAR['OC_authorsMinDisplay']) ? $authorCount : $OC_configAR['OC_authorsMinDisplay']); // set token if (! $chair) { $_POST['edittoken'] = $token; } } if (oc_hookSet('author-edit-preprocess')) { foreach ($GLOBALS['OC_hooksAR']['author-edit-preprocess'] as $hook) { require_once $hook; } } require_once OCC_FORM_INC_FILE; require_once OCC_SUBMISSION_INC_FILE; // Set non-editable fields to disabled if submissions closed (and it's not Chair) if (! $chair && ! $OC_statusAR['OC_submissions_open']) { $nonEditFieldsAR = preg_split("/[\s,]+/", $OC_configAR['OC_subNonEditFields'], -1, PREG_SPLIT_NO_EMPTY); foreach ($nonEditFieldsAR as $fID) { $OC_submissionFieldAR[$fID]['enabled'] = FALSE; } } // Update password fieldset $OC_submissionFieldSetAR['fs_passwords']['fieldset'] = oc_('Change Password'); $OC_submissionFieldSetAR['fs_passwords']['note'] = oc_('Leave these fields blank if you do not want to change the password'); $OC_submissionFieldAR['password1']['name'] = oc_('New Password'); // Check whether we're submitting changes if ($_POST['ocaction'] == "Submit Changes") { if ($chair && !validToken('chair')) { warn(oc_('Invalid submission')); } $err = ''; $errInc = ''; $qfields = array(); // fields to insert into submission table $afields = array(); // fields to insert into authors table $tfields = array(); // fields to insert into topics table $fileUploaded = false; require_once 'submission-validate.inc'; // process if no errors if (!empty($err)) { print '

' . oc_('Please check the following:') . '

'; } else { $q = "UPDATE `" . OCC_TABLE_PAPER . "` SET `lastupdate`='" . safeSQLstr(date("Y-m-d")) . "', `edittoken`=NULL, `edittime`=NULL"; foreach ($qfields as $qid => $qval) { $q .= ", `" . $qid . "`=" . $qval; } $q .= " WHERE `paperid`=" . safeSQLstr($_POST['pid']); $r = ocsql_query($q) or err(oc_('Unable to update submission')); $q = "DELETE FROM `" . OCC_TABLE_AUTHOR . "` WHERE `paperid`=" . safeSQLstr($_POST['pid']); $r = ocsql_query($q) or err(oc_('Unable to update authors or topics (2)')); foreach ($afields as $qid => $qar) { $q = "INSERT INTO `" . OCC_TABLE_AUTHOR . "` SET `paperid`=" . $_POST['pid'] . ", `position`=" . $qid; foreach ($qar as $qqid => $qqval) { $q .= ", `" . $qqid . "`=" . $qqval; } $r = ocsql_query($q) or err(oc_('Unable to add one or more authors or topics.')); } if (!empty($tfields)) { $q = "DELETE FROM " . OCC_TABLE_PAPERTOPIC . " WHERE paperid='".$_POST['pid']."'"; $r = ocsql_query($q) or err(oc_('Unable to update topics')); $q = "INSERT INTO `" . OCC_TABLE_PAPERTOPIC . "` (`paperid`,`topicid`) VALUES"; foreach ($tfields as $t) { $q .= " (" . safeSQLstr($_POST['pid']) . ",$t),"; } $r = ocsql_query(rtrim($q, ',')) or err(oc_('Unable to add topics')); } $confirmmsg = oc_('Submission ID') . ': ' . $_POST['pid'] . "\n\n" . oc_genFieldMessage($OC_submissionFieldSetAR, $OC_submissionFieldAR, $_POST); if (oc_hookSet('author-edit-save')) { foreach ($GLOBALS['OC_hooksAR']['author-edit-save'] as $hook) { require_once $hook; } } //confirm it print '

' . oc_('The submission has been updated. Below is the information submitted.') . '

' . safeHTMLstr($confirmmsg) . '
'; if (! $chair) { print '

' . sprintf(oc_('A copy has also been emailed to the contact author. If you notice any problems or do not receive the email within 24 hours, please contact the Chair.'), $OC_configAR['OC_pcemail'], $_POST['pid']) . '

'; sendEmail($contactemail, sprintf(oc_('Submission Update ID %s'), $_POST['pid']), $confirmmsg, $OC_configAR['OC_notifyAuthorEdit']); } printFooter(); exit; } // else no $err } // if Submit Changes // Display form print '
'; if ($chair) { print ' '; } else { print ' '; } oc_displayFieldSet($OC_submissionFieldSetAR, $OC_submissionFieldAR, $_POST); if (oc_hookSet('author-edit-fields')) { foreach ($GLOBALS['OC_hooksAR']['author-edit-fields'] as $hook) { require_once $hook; } } print ''; if (! $chair) { print '         ' . oc_('Cancel Changes') . '

'; } print '

'; printFooter(); exit; } // if Submission // display login form by default print '
: ( ' . oc_('forgot ID?') . ' )
: ( ' . oc_('forgot password?') . ' )

' . sprintf(oc_('There is a %d hour limit to complete updates'), $editTimeout) . '

'; printFooter(); exit; ?>