westdc-zf1/application/default/controllers/ReviewController.php

<?php
class ReviewController extends Zend_Controller_Action 
{
	private $limit=10;
	function preDispatch()
	{
		$this->view->config = Zend_Registry::get('config');
		$this->db=Zend_Registry::get('db');
		$this->messenger=$this->_helper->getHelper('FlashMessenger');
    	$this->view->messages = $this->messenger->getMessages();
	}
	function indexAction()
	{
		//最新10个收稿
		$sql="select m.uuid,m.title,date(s.ts_created) as ts_created from mdstatus s left join metadata m on m.uuid=s.uuid where s.status=0 order by s.ts_created desc limit 10";
		$this->view->mdreceived = $this->db->fetchAll($sql);
		//最新10个接收
		$sql="select m.uuid,m.title,s.ts_accepted from mdstatus s left join metadata m on m.uuid=s.uuid where s.status=1 order by s.ts_created desc limit 10";
		$this->view->mdaccepted = $this->db->fetchAll($sql);
		//最新10个送审
		$sql="select m.uuid,m.title,s.ts_accepted from mdstatus s left join metadata m on m.uuid=s.uuid where s.status in (2,3,4) order by s.ts_created desc limit 10";
		$this->view->mdinreview = $this->db->fetchAll($sql);
		//最新10个已审
		$sql="select m.uuid,m.title,s.ts_accepted from mdstatus s left join metadata m on m.uuid=s.uuid where s.status=5 order by s.ts_created desc limit 10";
		$this->view->mdreviewed = $this->db->fetchAll($sql);
		//统计数字
		$sql="select (select count(*) from mdexperts) as experts,(select count(*) from mdstatus where status=0) as draft,(select count(*) from mdstatus where status=1) as accept,(select count(*) from mdstatus where status in (2,3,4)) as inreview,(select count(*) from mdstatus where status=5) as reviewed,(select count(*) from mdreview) as openreview,(select count(distinct(userid)) from mdreview) as openreviewuser";
		$this->view->stat=$this->db->fetchRow($sql);
	}
	
	function myreviewAction(){
		
		$keyword = $this->_request->getParam('q');
		$search = $this->_request->getParam('search');
		
		try{
			$auth = Zend_Auth::getInstance();
			if($auth->hasIdentity())
			{
				$user = $auth->getIdentity();
				$uid = $user->id;
			}
			else
			{
				$this->_redirect('/account/login/?href=/review/myreview');
			}
			
			$sql = "select md.title,md.uuid,md.id,md.description,s.status from metadata md left join mdstatus s on md.uuid=s.uuid 
			where md.uuid in (select uuid from mdexpertreview er where er.id=$uid 
			union select uuid from mdreview r where r.userid=$uid)"; 
			
			if(!empty($keyword) && !empty($search))
			{
				if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$keyword) || !is_numeric($search))
				{
					$this->messenger->addMessage('您的输入的搜索条件包含非法请求，请不要输入特殊符号');
					$this->_redirect('/review/myreview');
				}//非法请求过滤
				$this->view->keyword = $keyword;
				$sql.= " and md.title like '%$keyword%' ";
								// e.g. (... or md.author like '%keyword%')
			}
			
			$rs = $this->db->query($sql);
			$rows = $rs->fetchAll();
			
			foreach($rows as $k=>$v)
			{
				$rows[$k]['status']=$this->rewritestatus($v['status']);
			}
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage($this->view->config->page->max);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;
		}catch(Exception $e){
			$this->messenger->addMessage('查询失败，请稍后重试 :(');
			$this->_redirect('/review/myreview');
		}
		
	}//我参审的
	
	function draftAction(){
		
		$keyword = $this->_request->getParam('q');
		$search = $this->_request->getParam('search');
		
		try{
			
			$wheresql = array();
			$wheresql[]=" ms.status=0 ";
			
			if(!empty($keyword) && !empty($search))
			{
				if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$keyword) || !is_numeric($search))
				{
					$this->messenger->addMessage('您的输入的搜索条件包含非法请求，请不要输入特殊符号');
					$this->_redirect('/review/draft');
				}//非法请求过滤
				$this->view->keyword = $keyword;
				$wheresql[] = " md.title like '%$keyword%' ";
			}
			
			$wheresql = join(' and ',$wheresql);
			
			$sql = "select ms.uuid,ms.status,ms.ts_created,md.title,md.author from mdstatus ms
					left join metadata md on md.uuid=ms.uuid
					where $wheresql";
			
			$rs = $this->db->query($sql);
			$rows = $rs->fetchAll();
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage($this->view->config->page->max);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;
			
		}catch(Exception $e){
			$this->messenger->addMessage('查询失败，请稍后重试 :(');
			$this->_redirect('/review/draft');
		}
		
	}//最新收稿
	
	function acceptAction(){
		
		$keyword = $this->_request->getParam('q');
		$search = $this->_request->getParam('search');
		
		try{
			
			$wheresql = array();
			$wheresql[]=" ms.status=1 ";
			
			if(!empty($keyword) && !empty($search))
			{
				if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$keyword) || !is_numeric($search))
				{
					$this->messenger->addMessage('您的输入的搜索条件包含非法请求，请不要输入特殊符号');
					$this->_redirect('/review/draft');
				}//非法请求过滤
				$this->view->keyword = $keyword;
				$wheresql[] = " md.title like '%$keyword%' ";
			}
			
			$wheresql = join(' and ',$wheresql);
			
			$sql = "select ms.uuid,ms.status,ms.ts_created,md.title,md.author from mdstatus ms
					left join metadata md on md.uuid=ms.uuid
					where $wheresql";
			
			$rs = $this->db->query($sql);
			$rows = $rs->fetchAll();
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage($this->view->config->page->max);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;
			
		}catch(Exception $e){
			$this->messenger->addMessage('查询失败，请稍后重试 :(');
			$this->_redirect('/review/draft');
		}
		
	}//最新收稿
	
	function inreviewAction(){
		
		$keyword = $this->_request->getParam('q');
		$search = $this->_request->getParam('search');
		
		try{
			
			$wheresql = array();
			$wheresql[]=" ms.status in (2,3,4) ";
			
			if(!empty($keyword) && !empty($search))
			{
				if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$keyword) || !is_numeric($search))
				{
					$this->messenger->addMessage('您的输入的搜索条件包含非法请求，请不要输入特殊符号');
					$this->_redirect('/review/inreview');
				}//非法请求过滤
				$this->view->keyword = $keyword;
				$wheresql[] = " md.title like '%$keyword%' ";
			}
			
			$wheresql = join(' and ',$wheresql);
			
			$sql = "select ms.uuid,ms.status,ms.ts_created,md.title,md.author from mdstatus ms
					left join metadata md on md.uuid=ms.uuid
					where $wheresql";
			
			$rs = $this->db->query($sql);
			$rows = $rs->fetchAll();
			
			foreach($rows as $k=>$v)
			{
				$rows[$k]['status']=$this->rewritestatus($v['status']);
			}
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage($this->view->config->page->max);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;
			
		}catch(Exception $e){
			$this->messenger->addMessage('查询失败，请稍后重试 :(');
			$this->_redirect('/review/inreview');
		}
		
	}//在审阶段的元数据
	
	
	function reviewedAction(){
			
		$keyword = $this->_request->getParam('q');
		$search = $this->_request->getParam('search');
		
		try{
			
			$wheresql = array();
			$wheresql[]=" ms.status=5 ";
			
			if(!empty($keyword) && !empty($search))
			{
				if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$keyword) || !is_numeric($search))
				{
					$this->messenger->addMessage('您的输入的搜索条件包含非法请求，请不要输入特殊符号');
					$this->_redirect('/review/reviewed');
				}//非法请求过滤
				$this->view->keyword = $keyword;
				$wheresql[] = " md.title like '%$keyword%' ";
			}
			
			$wheresql = join(' and ',$wheresql);
			
			$sql = "select ms.uuid,ms.status,ms.ts_created,ts_finished,md.title,md.author from mdstatus ms
					left join metadata md on md.uuid=ms.uuid
					where $wheresql";
			
			$rs = $this->db->query($sql);
			$rows = $rs->fetchAll();
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage($this->view->config->page->max);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;
			
		}catch(Exception $e){
			$this->messenger->addMessage('查询失败，请稍后重试 :(');
			$this->_redirect('/review/reviewed');
		}
		
	}//已完成评审的元数据
	
	
	function rewritestatus($status){
		if($status==-1)
		{return "取消评审";}
		else if($status==0)
		{return "投稿元数据";}
		else if($status==1)
		{return "接收元数据";}
		else if($status==2)
		{return "专家评审中";}
		else if($status==3)
		{return "专家评审中";}
		else if($status==4)
		{return "专家反馈";}
		else if($status==5)
		{return "已发布";}
		else
		{return "";}
	}//function rewriterstatus
	
	function replace($string){
		$patterns = array("/\"/i","/\'/i");
		$replacements = array("“","‘");
		ksort($patterns);
		ksort($replacements);
		return preg_replace($patterns, $replacements, $string);
	}
 	
 	function reviewAction() {
		
 		$uuid = $this->_request->getParam('uuid');
 		$sql=$this->db->quoteInto("select m.id,m.uuid,m.title,m.description,m.title_en,r.status from metadata m
									left join mdstatus r on r.uuid=m.uuid 
									where m.uuid=?",$uuid);
 		$this->view->metadata = $md = $this->db->fetchRow($sql);
		$auth = Zend_Auth::getInstance();
		if($auth->hasIdentity())
		{
			$user = $auth->getIdentity();
			$userid = $user->id;
			$sql = "select id from mdreview where userid='$userid' and uuid='$uuid'";
			$rs = $this->db->query($sql);
			$row  = $rs->fetch();
			$this->view->pms = $row['id'];
		}
		
		$submit = $this->_request->getParam('submit');
		
		$conclusion = $this->_request->getParam('conclusion');
		$mdcomment = $this->replace(trim($this->_request->getParam('mdcomment')));
		$datacomment = $this->replace(trim($this->_request->getParam('datacomment')));
		$editorcomment = $this->replace(trim($this->_request->getParam('editorcomment')));
		
		if(!empty($submit)){

			$redirectlink='/review/review/uuid/'.$uuid.'/';
			
			if($md['status']>5)
			{
				$this->messenger->addMessage('该数据已经通过评审，不能再发表评审意见，如需提交问题，请联系数据管理员');
				$this->_redirect($redirectlink);
			}
			if($md['status']<1)
			{
				$this->messenger->addMessage('已被数据中心接收的数据才可以进行评审');
				$this->_redirect($redirectlink);
			}
			
			$auth = Zend_Auth::getInstance();
			if($auth->hasIdentity())
			{
				$user = $auth->getIdentity();
				$userid = $user->id;
				$sql = "select id,userid from mdreview where userid='$userid' and uuid='$uuid'";
				$rs = $this->db->query($sql);
				$row = $rs->fetch();
				if($row['id']!='')
				{
					$this->messenger->addMessage('您已经对该元数据发表过评审了');
					$this->_redirect($redirectlink);
				}
			}else{
				$this->messenger->addMessage('读取用户信息失败，请刷新页面后重试 :(');
				$this->_redirect($redirectlink);
			}
			
			if(empty($conclusion))
			{
				$this->messenger->addMessage('请选择评审意见');
				$this->_redirect($redirectlink);
			}
			if( !is_numeric($conclusion) || !in_array($conclusion,array(-1,1,2,3)) )
			{
				$this->messenger->addMessage('参数有误，请刷新页面 :(');
				$this->_redirect($redirectlink);
			}
			if(empty($mdcomment) )
			{
				$this->messenger->addMessage('请填写元数据意见后再发布 :(');
				$this->_redirect($redirectlink);
			}
			if(!empty($_FILES['Filedata']['name']))
			{
				$files=new files();
				$msg = $files -> upload(Zend_Registry::get('upload'),$_FILES['Filedata'],'reviewatt');
					
				if(empty($msg['error']))
				{
					$filename  = $msg['db_path'];
					$filesize = $msg['file_size'];
					$filedesc = $this->_request->getParam('filedesc');
					$filetype = $this->_request->getParam('dir');
					
					$sql = "insert into attachments (filename,filetype,filedesc,userid,filesize) values ('$filename','reviewatt','$filedesc','$userid','$filesize') RETURNING id";
					$sth = $this->db->prepare($sql);
					$sth->execute();
					$att = $sth->fetch(PDO::FETCH_ASSOC);
					$attid = $att['id'];
					
				}else{
					$this->messenger->addMessage('附件上传失败:'.$msg['error']);
					@unlink($filename);
					$this->_redirect($redirectlink);
				}
			}
			
			try{
				
			$data = array(
				'userid' => $userid,
				'uuid' => $uuid,
				'mdcomment' => $mdcomment,
				'ts_created' => 'now()',
				'datacomment' => $datacomment,
				'editorcomment' => $editorcomment,
				'conclusion' => $conclusion
			);
			
			
			$sql = "select id from mdexpertreview where id='$userid' and uuid='$uuid'";
			$rs = $this->db->query($sql);
			$row = $rs->fetch();
					
			if($row['id']!='')
			{
				$data['is_expert'] = 'true';
			}
			
			$keys = array();
			$values = array();
			foreach ($data as $k=>$v)
			{
				$keys[]=$k;
				$values[]=$v;
			}
			
			$keys = join(",",$keys);
			$values = "'".join("','",$values)."'";
			
			$sql = "insert into mdreview ($keys) values ($values) RETURNING id";
			$sth = $this->db->prepare($sql);
			$sth->execute();
			$review = $sth->fetch(PDO::FETCH_ASSOC);
			$reviewid=$review['id'];
			
			if(!empty($_FILES['Filedata']['name']))
			{
				$sql = "insert into mdreviewattach (attachid,reviewid) values ('$attid','$reviewid')";
				$this->db->exec($sql);
			}
			
			$this->messenger->addMessage('提交成功');
			$this->_redirect($redirectlink);
			
			}catch (Exception $e){
				
				$this->messenger->addMessage('提交失败，请重试'.$sql.'aa'.$review['id'].$e->getMessage());
				$this->_redirect($redirectlink);
				
			}
		}	
 	}//reviewAction()
	
	function allreviewAction(){
		$this->_helper->layout->disableLayout();
		$this->_helper->viewRenderer->setNoRender();
		
		$uuid = $this->_request->getParam('uuid');
		
		$sql = "select r.uuid,r.userid,r.ts_created,u.realname,r.mdcomment,r.conclusion from mdreview r
				left join users u on u.id=r.userid
				where r.uuid='$uuid'";
		
		$rs = $this->db->query($sql);
		$rows = $rs->fetchAll();
			
		$paginator = Zend_Paginator::factory($rows);
		$paginator->setCurrentPageNumber($this->_getParam('page'));
		$paginator->setItemCountPerPage(5);
		$paginator->setView($this->view);
		Zend_View_Helper_PaginationControl::setDefaultViewPartial('review/pagination_ajax.phtml');
		
		$list = "";
		foreach($paginator as $k=>$v)
		{
			$list.='
			<li>
				<div class="reviewitem">
				<div class="itemtitle">评审人：'.$v['realname'].'</div><div class="itemtime">评审时间：'.date("Y-m-d H:i",strtotime($v['ts_created'])).'</div>
				<div class="itemcontent"><p>'.str_replace(array("\r\n", "\n", "\r"),'</p><p>',$v['mdcomment']).'</p></div>
				</div>
			</li>
			';
		}
		
		$stringbuffer = "<ul class='reviewlist'>$list</ul>";
			
		echo $stringbuffer.'<div class="paginator">'.$paginator.'</div>';
		
	}//allreviewAction()
	
   function searchAction()
   {
    	$key=$this->_request->getParam('q');
    	if (!empty($key)) {
    		$search=new Search($key);
    		$where=$search->sql_expr(array("m.title","m.description"));
    		$page=@(int)$this->_request->getParam('page');
    		if (empty($page)) $page=1;
    		$offset=$this->limit*($page-1);
    		$row=$this->db->fetchAll("select count(s.*) from mdstatus s left join normalmetadata m on s.uuid=m.uuid where s.status>0 and ".$where);
    		$sum=$row[0]['count'];
    		$sql="select m.uuid,m.title,m.id,m.description,s.status,g.id as gid,t.filename from mdstatus s left join normalmetadata m on s.uuid=m.uuid left join geonetworkmetadata g on g.uuid=m.uuid left join thumbnail t on t.id=m.id where s.status>0 and ".$where." order by s.ts_created desc,m.title limit ? offset ?";
			$this->view->metadata=$this->db->fetchAll($sql,array($this->limit,$offset));
    		$this->view->page=new Pagination($sum,$page,$this->limit);
    		$this->view->key=$key;
			foreach($this->view->metadata as $k=>$v)
			{
				$this->view->metadata[$k]['statustext']=$this->rewritestatus($v['status']);
			}    		
    	}
   } 	
}