sql_query($query); if(!$result){ $indication="unknown error please try again"; } else{ $indication="Contribution number $id NOT Updated!"; $to = $data['contact_email']; $message = 'The Paper "' . get_paper_title($data['title']) . '" was not approved. ' . 'If you have any questions please feel free to reply to this email.'; mail($to,"Paper Submission Not Approved",$message,"From: " . PAPER_ADMIN . "\r\nCc: " . PAPER_ADMIN); } } // if($_POST['but'] == "Reject") elseif($_POST['but'] == "Accept"){ $suf = ''; // compiles the SET statement foreach($data as $key => $value){ if($key == "but" || $key == "contrib_num") $value = ''; else $value = addslashes($data[$key]); if(!empty($value)) $suf .= $key . "='" . $value . "', "; if(empty($value) && $key != "contrib_num" && $key != "but") $suf .= $key . "=NULL, "; } // foreach($data as $key => $value) $suf = substr($suf, 0, -2); //cuts the last ", " off $tbname = TABLE_PAPERS; $primary = "contrib_num"; $query = "SELECT $primary FROM $tbname WHERE $primary='$id'"; $result = $db->sql_query($query); $num = $db->sql_numrows($result); if($num==1){ $query = "UPDATE " . TABLE_PAPERS . " SET $suf WHERE contrib_num=$id"; //echo $query; $result = $db->sql_query($query); if(!$result) $indication="unknown error please try again"; else{ $query = "DELETE FROM " . TABLE_PAPERS_PURG . " WHERE contrib_num=$id"; $result = $db->sql_query($query); $indication = get_paper_title($data['title']) . " Updated Successfully!"; $to = $data['contact_email']; $message = 'The Paper "' . get_paper_title($data['title']) . '" changes were approved. ' . 'If you have any questions please feel free to reply to this email.'; mail($to,"Paper Update Approved",$message,"From: " . PAPER_ADMIN . "\r\nCc: " . PAPER_ADMIN); } } // if($num==1) else{ $query = "INSERT INTO " . TABLE_PAPERS . " SET contrib_num=$id, $suf"; //echo $query; $result = $db->sql_query($query); if(!$result) $indication="unknown error please try again"; else{ $query = "DELETE FROM " . TABLE_PAPERS_PURG . " WHERE contrib_num=$id"; $result = $db->sql_query($query); $indication = get_paper_title($data['title']) . " Inserted Successfully!"; $to = $data['contact_email']; $message = 'The Paper "' . get_paper_title($data['title']) . '" was approved. ' . 'Your contribution number is ' . $id . '. If you have any questions please feel free to reply to this email.'; mail($to,"Paper Submission Approved",$message,"From: " . PAPER_ADMIN . "\r\nCc: " . PAPER_ADMIN); } } } // elseif($_POST['but'] == "Accept") elseif($_POST['but'] == "Preview"){ $suf = ''; // compiles the SET statement foreach($data as $key => $value){ if($key == "but" || $key == "contrib_num") $value = ''; else $value = addslashes($data[$key]); if(!empty($value)) $suf .= $key . "='" . $value . "', "; if(empty($value) && $key != "contrib_num" && $key != "but") $suf .= $key . "=NULL, "; } // foreach($data as $key => $value) $suf = substr($suf, 0, -2); //cuts the last ", " off $tbname = TABLE_PAPERS_PURG; $primary = "contrib_num"; $query = "SELECT $primary FROM $tbname WHERE $primary='$id'"; $result = $db->sql_query($query); $num = $db->sql_numrows($result); if($num==1){ $query = "UPDATE $tbname SET $suf WHERE contrib_num=$id"; //echo $query; $result = $db->sql_query($query); if(!$result) $indication = "unknown error please try again"; else{ $indication = get_paper_title($data['title']) . " Preview Updated Successfully!"; } } // if($num==1) else{ $query = "UPDATE $tbname SET contrib_num=$id, $suf WHERE contrib_num=" . $_GET['ind']; //echo $query; $result = $db->sql_query($query); if(!$result) $indication = "unknown error please try again"; else{ $refresh=true; $indication = get_paper_title($data['title']) . " Preview Updated Successfully!"; } } } else{ //$indication = 'No unauthorized $_POST arrays allowed!'; } } // if(isset($_POST)) ?>