<?
if(!empty($auth_head))
   eval($auth_head);
else{
   echo 'You are not Authorized to use this page';
   exit;
}

if($_POST[but] == "Submit"){
   if(isset($_GET['act']))
      $act = $_GET['act'];
   else{
      unset($act);
      exit;
   }
   
   $data = $_POST;
   //echo $data['contrib_num'];
   $data['title'] = set_paper_title($data['title']);
   $data['journal_title'] = get_journal_title($data['journal_id']);
   if(!empty($act))// && $act != "add")
      $id = $data['contrib_num'];
   $suf = ''; // compiles the SET statement
   foreach($data as $key => $value){
      if($key == "but" || $key == "contrib_num")
         $value = '';
      else
         $value = addslashes($data[$key]);

      if(!empty($value))
         $suf .= $key . "='" . $value . "', ";
      if(empty($value) && $key != "contrib_num" && $key != "but")
         $suf .= $key . "=NULL, ";
   } // foreach($data as $key => $value)

   $suf = substr($suf, 0, -2); //cuts the last ", " off

   $tbname  = "papers";
   $primary = "contrib_num";
   $query   = "SELECT $primary FROM $tbname WHERE $primary=$id";
   //echo $query;
   $result  = $db->sql_query($query);
   $num     = $db->sql_numrows($result);
   if(isset($act) && $act == "add"){
      if($num == 0){
         $suf   .= ", contrib_num=$id";
         $query  = "INSERT INTO papers SET $suf ";
         //echo $query;
         $result = $db->sql_query($query);
         if(!$result)
            $indication = "unknown error please try again";
         else
            $indication = get_paper_title($data['title']) . " Added Successfully!";
      }
      else{
         $indication = "Contribution number $id Already Exists in the Database!
                        You must first delete the existing paper.";
      }
   }
   if(isset($act) && $act == "upd"){
      if($num == 1){
         $query  = "UPDATE papers SET $suf WHERE contrib_num=$id";
         //echo $query;
         $result = $db->sql_query($query);
         if(!$result)
            $indication = "unknown error please try again";
         else
            $indication = get_paper_title($data['title']) . " Updated Successfully!";
      }
      else{
         $indication = "Contribution number $id Does Not Exist in the Database, Please Add it First!";
      }
   }
   if(isset($act) && $act == "del"){
      if($num == 1){
         $query  = "DELETE FROM papers WHERE contrib_num=$id";
         $result = $db->sql_query($query);
         if(!$result)
            $indication = "unknown error please try again";
         else
            $indication = "Contribution number $id Deleted Successfully!";
      }
      else{
         $indication = "Contribution number $id Does Not Exist in the Database, Delete Failed!";
      }
   }
}
?>