View This Submission | View All Submissions

'; } elseif ($_POST['ocaction'] == 'Submit Changes') { // check token $pq = "SELECT `edittoken`, `edittime` FROM `" . OCC_TABLE_PAPER . "` WHERE `paperid`='" . safeSQLstr($_POST['pid']) . "'"; $pr = ocsql_query($pq) or err(oc_('Unable to retrieve submission (tokeninfo)')); if (ocsql_num_rows($pr) != 1) { err(oc_('Submission ID or password entered is incorrect')); } $pl = ocsql_fetch_assoc($pr); if (!isset($_POST['edittoken']) || ($_POST['edittoken'] != $pl['edittoken']) || ((time() - $pl['edittime']) > (60 * 60 * $editTimeout)) ) { warn(sprintf(oc_('There is a %1$d hour timeout for editing the submission. Please edit submission once again'), $editTimeout, $_SERVER['PHP_SELF'])); exit; } } // Set number of author fields to display if Submit Changes, else populate $_POST with database fields if (isset($_POST['authornum']) && ctype_digit($_POST['authornum'])) { $oc_authorNum = $_POST['authornum']; } else { // get sub $anr = ocsql_query("SELECT * FROM `" . OCC_TABLE_PAPER . "` WHERE `paperid`=" . (int) $_POST['pid']) or err("Unable to retrieve submission information"); if (ocsql_num_rows($anr) != 1) { err(oc_('Submission ID or password entered is incorrect')); } $_POST = array_merge($_POST, ocsql_fetch_assoc($anr)); // get authors $authorCount = 0; $anr = ocsql_query("SELECT * FROM `" . OCC_TABLE_AUTHOR . "` WHERE `paperid`=" . (int) $_POST['pid'] . " ORDER BY `position`") or err(oc_('Unable to retrieve author(s) information')); while ($anl = ocsql_fetch_assoc($anr)) { foreach ($anl as $anli => $anlv) { if (($anli == 'paperid') || ($anli == 'position')) { continue; } $_POST[$anli . $anl['position']] = $anlv; } $authorCount = $anl['position']; // track highest position } // get topics $anr = ocsql_query("SELECT `topicid` FROM `" . OCC_TABLE_PAPERTOPIC . "` WHERE `paperid`=" . (int) $_POST['pid']) or err(oc_('Unable to retrieve topic(s) information')); $_POST['topics'] = array(); while ($anl = ocsql_fetch_assoc($anr)) { $_POST['topics'][] = $anl['topicid']; } // set author num to either use min display or actual author count, whichever is greater $oc_authorNum = (($authorCount > $OC_configAR['OC_authorsMinDisplay']) ? $authorCount : $OC_configAR['OC_authorsMinDisplay']); // set token if (! $chair) { $_POST['edittoken'] = $token; } } if (oc_hookSet('author-edit-preprocess')) { foreach ($GLOBALS['OC_hooksAR']['author-edit-preprocess'] as $hook) { require_once $hook; } } require_once OCC_FORM_INC_FILE; require_once OCC_SUBMISSION_INC_FILE; // Set non-editable fields to disabled if submissions closed (and it's not Chair) if (! $chair && ! $OC_statusAR['OC_submissions_open']) { foreach ($OC_submissionFieldAR as $fid => $far) { if (isset($far['closeedit']) && ! $far['closeedit']) { $OC_submissionFieldAR[$fid]['enabled'] = false; } } } // Update topic field? if ( isset($OC_submissionFieldAR['topics']['type']) && ($OC_submissionFieldAR['topics']['type'] == 'radio') && isset($_POST['topics']) && is_array($_POST['topics']) && isset($_POST['topics'][0]) ) { $_POST['topics'] = $_POST['topics'][0]; // change from array to single value } // Update password fieldset $OC_submissionFieldSetAR['fs_passwords']['fieldset'] = oc_('Change Password'); $OC_submissionFieldSetAR['fs_passwords']['note'] = oc_('Leave these fields blank if you do not want to change the password'); $OC_submissionFieldAR['password1']['name'] = oc_('New Password'); // Check whether we're submitting changes if ($_POST['ocaction'] == "Submit Changes") { if ($chair && !validToken('chair')) { warn(oc_('Invalid submission')); } $err = ''; $errInc = ''; $qfields = array(); // fields to insert into submission table $afields = array(); // fields to insert into authors table $tfields = array(); // fields to insert into topics table $fileUploaded = false; require_once 'submission-validate.inc'; // process if no errors if (!empty($err)) { print '

' . oc_('Please check the following:') . '

'; } else { $q = "UPDATE `" . OCC_TABLE_PAPER . "` SET `lastupdate`='" . safeSQLstr(date("Y-m-d")) . "', `edittoken`=NULL, `edittime`=NULL"; foreach ($qfields as $qid => $qval) { $q .= ", `" . $qid . "`=" . $qval; } $q .= " WHERE `paperid`=" . (int) $_POST['pid']; $r = ocsql_query($q) or err(oc_('Unable to update submission')); $q = "DELETE FROM `" . OCC_TABLE_AUTHOR . "` WHERE `paperid`=" . (int) $_POST['pid']; $r = ocsql_query($q) or err(oc_('Unable to update authors or topics (2)')); foreach ($afields as $qid => $qar) { $q = "INSERT INTO `" . OCC_TABLE_AUTHOR . "` SET `paperid`=" . (int) $_POST['pid'] . ", `position`=" . (int) $qid; foreach ($qar as $qqid => $qqval) { $q .= ", `" . $qqid . "`=" . $qqval; } $r = ocsql_query($q) or err(oc_('Unable to add one or more authors or topics.')); } if (!empty($tfields)) { $q = "DELETE FROM `" . OCC_TABLE_PAPERTOPIC . "` WHERE `paperid`='" . safeSQLstr($_POST['pid']) . "'"; $r = ocsql_query($q) or err(oc_('Unable to update topics')); $q = "INSERT INTO `" . OCC_TABLE_PAPERTOPIC . "` (`paperid`,`topicid`) VALUES"; foreach ($tfields as $t) { $q .= " (" . safeSQLstr($_POST['pid']) . ",$t),"; } $r = ocsql_query(rtrim($q, ',')) or err(oc_('Unable to add topics')); } // Get and update notification template // ocIgnore included so poEdit picks up (DB) template translation //T: [:sid:] is the numeric submission ID $ocIgnoreSubject = oc_('Submission Update ID [:sid:]'); $ocIgnoreBody = '[:fields:]'; // don't bother with translation $fields = oc_genFieldMessage($OC_submissionFieldSetAR, $OC_submissionFieldAR, $_POST); list($mailsubject, $mailbody) = oc_getTemplate('author-edit'); $templateExtraAR = array( 'sid' => $_POST['pid'], 'fields' => (oc_('Submission ID') . ': ' . $_POST['pid'] . "\n\n" . $fields) ); $mailsubject = oc_replaceVariables($mailsubject, $templateExtraAR); $mailbody = oc_replaceVariables($mailbody, $templateExtraAR); // Set up confirmation $confirmmsg = '

' . safeHTMLstr(oc_('The submission has been updated. Below is the information submitted.')) . '

' . safeHTMLstr($fields) . '
'; if (! $chair) { $confirmmsg .= '

' . sprintf(oc_('A copy has also been emailed to the contact author. If you notice any problems or do not receive the email within 24 hours, please contact the Chair.'), urlencode($OC_configAR['OC_pcemail']), urlencode($_POST['pid'])) . '

'; } if (oc_hookSet('author-edit-save')) { foreach ($GLOBALS['OC_hooksAR']['author-edit-save'] as $hook) { require_once $hook; } } //confirm it print $confirmmsg; if (! $chair) { sendEmail($contactemail, $mailsubject, $mailbody, $OC_configAR['OC_notifyAuthorEdit']); } printFooter(); // log ocsql_query("INSERT INTO `" . OCC_TABLE_LOG . "` SET `datetime`='" . safeSQLstr(gmdate('Y-m-d H:i:s')) . "', `type`='submission', `entry`='" . safeSQLstr('Submission ID ' . $_POST['pid'] . ' edited. Title: ' . $_POST['title']) . "'"); exit; } // else no $err } // if Submit Changes // Display form print '
'; if ($chair) { print ' '; } else { print ' '; } oc_displayFieldSet($OC_submissionFieldSetAR, $OC_submissionFieldAR, $_POST); if (oc_hookSet('author-edit-fields')) { foreach ($GLOBALS['OC_hooksAR']['author-edit-fields'] as $hook) { require_once $hook; } } print ''; if (! $chair) { print '         ' . oc_('Cancel Changes') . '

'; } print '

'; printFooter(); exit; } // if Submission // display login form by default print '
: ( ' . oc_('forgot ID?') . ' )
: ( ' . oc_('forgot password?') . ' )

' . sprintf(oc_('There is a %d hour limit to complete updates'), $editTimeout) . '

'; if (oc_hookSet('author-edit-bottom')) { foreach ($GLOBALS['OC_hooksAR']['author-edit-bottom'] as $hook) { require_once $hook; } } printFooter(); exit; ?>