westdc-zf1/application/admin/controllers/ReviewController.php

<?php
class Admin_ReviewController extends Zend_Controller_Action 
{
    function preDispatch()
    {
    	$this->db=Zend_Registry::get('db');
    	$this->view->config = Zend_Registry::get('config');
    	$this->messenger=$this->_helper->getHelper('FlashMessenger');
    	$this->view->messages = $this->messenger->getMessages();
    }
	
    function postDispatch()
    {
    	//$this->view->messages = $this->messenger->getMessages();
    }
	
	/*
	 *  indexAction()  元数据评审管理首页
	 *
	 */
    function indexAction()
    {
        $sql = "select m.id,md.title,u.username,u.realname,m.status from mdstatus m
					right join metadata md on md.uuid=m.uuid
					left join users u on u.id=m.userid
					order by m.id desc limit 10 ";
		$re = $this->db->query($sql);
		$queue = $re->fetchAll();
		
		foreach ($queue as $k=>$v)
		{
			$queue[$k]['status']=$this->rewritestatus($v['status']);
		}
		
		$this->view->queue = $queue;
		
		
		$auth = Zend_Auth::getInstance();
		if($auth->hasIdentity())
		{
			$user = $auth->getIdentity();
			$userid = $user->id;
		}
		
		$sql = "select m.id,md.title,u.username,u.realname,m.status from mdstatus m
				right join metadata md on md.uuid=m.uuid
				left join users u on u.id=m.userid
				where u.id='$userid'";
				
		$re = $this->db->query($sql);
		$rows = $re->fetchAll();
		
		$this->view->my = $rows;
					
		
    }//indexAction
	
	
	/*
	 * rewritestatus() 将评审状态转化为文字说明
	 * 
	 * @param $status int
	 *
	 * return string
	 */
	 
	function rewritestatus($status){
		if($status==-1)
		{return "取消评审";}
		else if($status==0)
		{return "初始状态";}
		else if($status==1)
		{return "接受元数据评审";}
		else if($status==2)
		{return "开始邀请专家";}
		else if($status==3)
		{return "专家接受邀请";}
		else if($status==4)
		{return "专家反馈";}
		else if($status>=5)
		{return "已发布";}
		else
		{return "";}
	}
	
	/*
	 * changestatus() 更改mdstatus中的status字段
	 * 
	 * @param int $id //要更改状态的mdstatus记录的ID
	 * @param int $status //状态
	 *
	 * return bool
	 */
	function changestatus($id,$status){
		$stvalues = array(
				-1, //取消评审
				0,	//初始状态
				1,	//接受元数据评审，进入评审阶段
				2,	//开始邀请专家，送审阶段
				3,	//专家接受邀请，在审阶段
				4,	//专家反馈，在审
				5,	//评审结束，发布
				6,7
			);
			if(empty($id) || !isset($status) || !in_array($status,$stvalues))
			{
				return false;
			}
			else
			{
				if($status==1)
				{$sql = "update mdstatus set status='$status',ts_accepted='now()' where id in ($id)";	}
				else if($status==5)
				{$sql = "update mdstatus set status='$status',ts_finished='now()' where id in ($id)";}
				else
				{$sql = "update mdstatus set status='$status' where id in ($id)";}
				try{
					if($this->db->exec($sql)>0)
					{
						return true;
					}
				}
				catch(Exception $e)
				{
					return false;
				}
			}
	}//changestatus 更改状态
	
	
	/*
	 * acceptAction()待审元数据
	 * 
	 * @param string $search		//搜索
	 * @param string $cancel 		//取消
	 * @param string $keyword		//搜索关键词		
	 * @param string $page			//列表分页
	 * 
	 * return view
	 */
	function acceptAction()
	{
		$search = $this->_request->getParam('search');
		$cancel = $this->_request->getParam('cancel');
		$update = $this->_request->getParam('update');
		$invite = $this->_request->getParam('invite');
		
		if($cancel>0)
		{
			if($this->changestatus($cancel,-1))
			{
				//update search document
				$search=new Search();
				//create search view in xunsearch
				$sql="select uuid from mdstatus where id=?";
				$sth = $this->db->prepare($sql);
				$sth->execute(array($cancel));
				$data = $sth->fetch();
				$search->del($data['uuid'],'uuid');
				$this->messenger->addMessage('操作成功：已取消该数据的评审');
				$this->_redirect("/admin/review/accept");
			}
			else{
				$this->messenger->addMessage('操作失败');
				$this->_redirect("/admin/review/accept");
			}
		}//取消元数据评审
		if($search)
		{
			$keyword = $this->_request->getParam('keyword');
			if(!empty($keyword))
			{
				$sql = "select m.*,md.title,u.username,u.realname from mdstatus m
					right join metadata md on md.uuid=m.uuid
					left join users u on u.id=m.userid
					where m.status=1
					and md.title like '%$keyword%'
					";
				$re = $this->db->query($sql);
				$rows = $re->fetchAll();
				
				$paginator = Zend_Paginator::factory($rows);
				$paginator->setCurrentPageNumber($this->_getParam('page'));
				$paginator->setItemCountPerPage($this->view->config->page->max);
				$paginator->setView($this->view);
				Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
				$this->view->paginator=$paginator;
			}
		}//搜索
		else
		{
			$sql = "select m.*,md.title,u.username,u.realname from mdstatus m
					right join metadata md on md.uuid=m.uuid
					left join users u on u.id=m.userid
					where m.status=1";
			$re = $this->db->query($sql);
			$rows = $re->fetchAll();
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage($this->view->config->page->max);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;
		}//列表
		
	}//acceptAction
	
	
	/*
	 * inreviewAction() 在审元数据查看
	 *
	 * @param int $show				//查看详细
	 * @param int $search			//搜索
	 * @param string keyword		//关键字
	 *
	 *
	 *	return view
	 */
	function inreviewAction(){
		
		$show = $this->_request->getParam('show');
		$search = $this->_request->getParam('search');
		$keyword = $this->_request->getParam('keyword');
		
		if($show>0)
		{
			
			$sql = "select m.*,md.*,u.realname from mdstatus m
					right join metadata md on md.uuid=m.uuid
					left join users u on u.id=m.userid
					where m.id=$show
					";
					
			$rs = $this->db->query($sql);
			$rows = $rs->fetch();
			
			$sql = "select exp.*,u.* from mdexpertreview exp 
					left join users u on u.id=exp.id
					where exp.uuid='{$rows['uuid']}'";
			$rs = $this->db->query($sql);
			$exps = $rs->fetchAll();
			
			$expname = array();
			
			foreach ($exps as $k=>$v)
			{
				if($v['id']!='')
				{
					if($v['status']==1)
					{
						$v['status']="接受邀请";
					}else if($v['status']==-1)
					{
						$v['status']="拒绝邀请";
					}else if(empty($v['status']))
					{
						$v['status']="未答复";
					}
					$expname[] = '<li><a href="/admin/user/show/id/'.$v['id'].'">'.$v['realname'].'</a>  [状态：'.$v['status'].']
					 [<a href="/admin/review/invite/user/'.$v['id'].'/uuid/'.$rows['uuid'].'/id/'.$show.'">再次发送邀请邮件</a>]</li>';
				}
			}
			if(count($expname>0))
			{$rows['exps'] = join('',$expname);}
			
			$rows['status'] = $this->rewritestatus($rows['status']);
			
			$this->view->info = $rows;
			
			
			$this->_helper->viewRenderer('inreviewshow');
			
		}//查看详细
		else
		{
			
			$searchjoin = "";
			if(!empty($search) && !empty($keyword))
			{
				$searchjoin = " and md.title like '%$keyword%'";
				$this->view->keyword = $keyword;
			}
			
			$sql = "select m.id,md.title,m.status,m.uuid from mdstatus m
					right join metadata md on md.uuid=m.uuid
					where m.status in (2,3,4) $searchjoin";
			$rs = $this->db->query($sql);
			$rows = $rs->fetchAll();
			
			foreach ($rows as $k=>$v)
			{
				$rows[$k]['status']=$this->rewritestatus($v['status']);
			}
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage($this->view->config->page->max);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;
		}//列表
		
		
	}//在审元数据
	
	
	/*
	 * inviteAction() 专家
	 *
	 * @param int id			//评审ID
	 * @param int $user			//用户
	 * @param int search		//搜索
	 * @param int keyword		//关键词
	 * @param $submit			//提交判断
	 * @param array $exps		//专家ID
	 * 
	 * return view
	 *
	 * 管理员可以邀请专家评审属于自己管理的元数据，在列表中包含表单，表单中提交专家ID（这与用户表中的ID对应）
	 * 邀请邮件由邮件模板实现，需要数据库中存在 invite-expert-review 模板
	 */
	function inviteAction(){

		$id = $this->_request->getParam('id');
		$user = $this->_request->getParam('user');
		if(empty($id))
		{
			$this->_redirect("/admin/review");
		}
		$search = $this->_request->getParam('search');
		$keyword = $this->_request->getParam('keyword');
		$submit = $this->_request->getParam('submit');
		$exps = $this->_request->getParam('exps');
		
		$stid = $this->_request->getParam('stid');
		$uid = $this->_request->getParam('uid');
		
		$this->view->id = $id;
		
		if(!empty($submit))
		{
			if(is_array($exps))
			{
				$sql = "select m.uuid,m.title,s.status from metadata m 
					left join mdstatus s on s.uuid=m.uuid
					where s.id='$id'";
				
				$rs = $this -> db -> query($sql);
				$md = $rs -> fetch();
				
				$uuid = $md['uuid'];
				
				foreach ($exps as $v)
				{
					$sql = "select m.id,u.realname,m.uuid,u.email from mdexpertreview m
							left join users u on m.id=u.id 
							where m.uuid='$uuid' and m.id='$v'";
					$rs = $this->db->query($sql);
					$rows = $rs->fetch();
					if($rows['id']!='')
					{
						$this->messenger->addMessage('已经邀请过专家:'.$rows['realname']);	
					}//已经有评审记录
					else
					{
								
						$sql = "insert into mdexpertreview (id,uuid) values ('$v','$uuid')";
						$expinfo="select realname,email from users where id='$v'";
						$rs = $this->db->query($expinfo);
						$expinfo = $rs->fetch();
						
						try{
							if($this->db->exec($sql)>0)
							{
								if($md['status']<2)
								{
									$update = "update mdstatus set status=2 where uuid='$uuid'";
									@$this->db->exec($update);
								}
								//实例化EmailText
								$mailtp=new EmailText($this->db,'invite-expert-review',array('user'=>$expinfo['realname'],'uuid'=>$uuid,'title'=>$md['title'],'userid'=>$v));
								$mail=new WestdcMailer($this->view->config->smtp);
								$mail->setBodyText($mailtp->getBody());
								$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
								$mail->addTo($expinfo['email']);
								$mail->setSubject($mailtp->getSubject());
								$filecontent=file_get_contents("http://" . $_SERVER['HTTP_HOST'].'/data/doc/review/1/uuid/'.$uuid);
								$mail->createAttachment($filecontent,'application/octet-stream',Zend_Mime::DISPOSITION_ATTACHMENT, Zend_Mime::ENCODING_BASE64, $md['title'].'.doc');
								$filecontent=file_get_contents("http://" . $_SERVER['HTTP_HOST'].'/service/pdf/uuid/'.$uuid);
								$mail->createAttachment($filecontent,'application/octet-stream',Zend_Mime::DISPOSITION_ATTACHMENT, Zend_Mime::ENCODING_BASE64, $md['title'].'.pdf');
								if($mail->send())
								{
									$this->messenger->addMessage('成功邀请专家:'.$expinfo['realname']);
								}else
								{
									$this->messenger->addMessage('邀请专家'.$expinfo['realname'].'的邮件发送失败，请尝试手动发送邀请邮件');
								}
							}
						}catch(Exception $e){
							$this->messenger->addMessage('邀请失败：'.$e->getMessage());
						}
					}//不存在原来的记录
				}//循环结束
				$this->_redirect("/admin/review/invite/?id=$id");
			}
			else
			{
				$this->messenger->addMessage('请选择要邀请的专家');
				$this->_redirect("/admin/review/invite/?id=$id");
			}
		} elseif ($user>0) {
			$uuid=$this->_request->getParam('uuid');
			$sql="update mdexpertreview set ts_modified=now() where id='$user' and uuid='$uuid'";
			$this->db->exec($sql);
			$sql="select realname,email,(select title from metadata where uuid='$uuid') as title from users where id='$user'";
			$row=$this->db->fetchRow($sql);   
			//实例化EmailText
			$mailtp=new EmailText($this->db,'invite-expert-review',array('user'=>$row['realname'],'uuid'=>$uuid,'title'=>$row['title'],'userid'=>$user));
			$mail=new WestdcMailer($this->view->config->smtp);
			$mail->setBodyText($mailtp->getBody());
			$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
			$mail->addTo($row['email']);
			$mail->setSubject($mailtp->getSubject());
			$filecontent=file_get_contents("http://" . $_SERVER['HTTP_HOST'].'/service/doc/review/1/uuid/'.$uuid);
			$mail->createAttachment($filecontent,'application/octet-stream',Zend_Mime::DISPOSITION_ATTACHMENT, Zend_Mime::ENCODING_BASE64, $row['title'].'.doc');
			$filecontent=file_get_contents("http://" . $_SERVER['HTTP_HOST'].'/service/pdf/uuid/'.$uuid);
			$mail->createAttachment($filecontent,'application/octet-stream',Zend_Mime::DISPOSITION_ATTACHMENT, Zend_Mime::ENCODING_BASE64, $row['title'].'.pdf');
			if($mail->send())
			{
				$this->messenger->addMessage('成功再次邀请专家:'.$row['realname']);
				$this->_redirect("/admin/review/inreview/show/$id");
			}else
			{
				$this->messenger->addMessage('邀请专家'.$row['realname'].'的邮件发送失败，请尝试手动发送邀请邮件');
				$this->_redirect("/admin/review/inreview/show/$id");
			}			
		}
			$searchjoin = "";
			if(!empty($search) && !empty($keyword))
			{
				$searchjoin = " where u.username like '%$keyword%'
				or u.realname like '%$keyword%'
				or u.unit like '%$keyword%'
				or u.email like '%$keyword%'";
			$this->view->keyword = $keyword;
			}
					
			$sql = "select me.id,u.username,u.realname,u.unit,u.phone,u.email from users u 
					right join mdexperts me on u.id=me.id
					$searchjoin";
			$re = $this->db->query($sql);
			$rows = $re->fetchAll();
	
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage($this->view->config->page->max);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;
			
			$sql = "select m.title from metadata m 
					left join mdstatus s on s.uuid=m.uuid
					where s.id='$id'";
					
			$re = $this->db->query($sql);
			$title = $re->fetch();
			$this->view->md=$title;

	}//邀请专家
	
	
	/*
	 * changeadminAction() 更改管理员
	 *
	 * @param int id 			//评审ID
	 * @param int uid			//管理员ID
	 * 
	 * return view
	 *
	 * 每一条评审的元数据都有对应的管理员，通过changeadminAction()更改管理员
	 */
	function changeadminAction(){
			
			$id = $this->_request->getParam('id');
			$uid = $this->_request->getParam('uid');
			if(empty($id))
			{
				$this->_redirect("/admin/review");
			}
			
			$this->view->id = $id;
			
			if(!empty($uid))
			{
				$sql = "update mdstatus set userid='$uid' where id='$id'";
				if($this->db->exec($sql)>0)
				{	
					$this->messenger->addMessage('更改管理员成功');
					$this->_redirect("/admin/review/changeadmin/?id=$id");
				}
			}
			
					
			$sql = "select u.* from users u 
					where usertype='administrator'";
			$re = $this->db->query($sql);
			$rows = $re->fetchAll();
	
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage($this->view->config->page->max);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;
		
	}//改变管理员
	
	
	/*
	 * addonAction() 将元数据加入评审
	 *
	 * @param $uuid				//元数据UUID
	 *
	 * return view
 	 */
	function addonAction()
	{
		$uuid=$this->_request->getParam('uuid');
		$userid=Zend_Auth::getInstance()->getIdentity()->id;
		
		$sql = "select * from mdstatus where uuid='$uuid'";
		$re = $this->db->query($sql);
		$row = $re->fetch();
		
		if(empty($row['id']))
		{
			$sql = "insert into mdstatus (uuid,userid,status) values ('$uuid','$userid','0')";
			try{
				if($this->db->exec($sql)>0)
				{
					$this->messenger->addMessage('操作成功！该数据已放入评审');
					$this->_redirect("/admin/review/draft");
				}
			}catch( Exception $e){
				$this->messenger->addMessage('操作失败：'.$e->getMessage());
				$this->_redirect("/admin/review/draft");
			}
		} else if ($row['status']==5){
			$sql="update mdstatus set status=1,ts_accepted=now() where status=5 and id=".$row['id'];
			$this->db->query($sql);
			$this->messenger->addMessage('操作成功！该数据已重新放入评审');
			$this->_redirect("/admin/review/accept");
		} else {
			$this->messenger->addMessage('该数据已放入评审');
			$this->_redirect("/admin/data/md");
		}
		
	}//将数据放入评审
	
	
	/*
	 * myreviewAction() 我负责的元数据
	 * 
	 * @param $search			//搜索
	 * @param string $keyword	//关键词
	 *
	 * return view
	 *
	 * 相比在审元数据列表，我负责的元数据列表的管理功能更多，而且独有
	 */
	function myreviewAction(){
		
		$auth = Zend_Auth::getInstance();
		if($auth->hasIdentity())
		{
			$user = $auth->getIdentity();
			$userid = $user->id;
		}
		
		$search=$this->_request->getParam('search');
		$keyword = $this->_request->getParam('keyword');
		
		$searchjoin = "";
		if(!empty($search) && !empty($keyword))
		{
			$searchjoin = " and md.title like '%$keyword%'";
			$this->view->keyword = $keyword;
		}
		
		$sql = "select m.id,md.uuid,md.title,u.username,u.realname,m.status from mdstatus m
				right join metadata md on md.uuid=m.uuid
				left join users u on u.id=m.userid
				where m.status in (0,1,2,3,4) and u.id='$userid' $searchjoin order by m.status desc";
				
		$re = $this->db->query($sql);
		$rows = $re->fetchAll();
		
		$paginator = Zend_Paginator::factory($rows);
		$paginator->setCurrentPageNumber($this->_getParam('page'));
		$paginator->setItemCountPerPage($this->view->config->page->max);
		$paginator->setView($this->view);
		Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
		$this->view->paginator=$paginator;	
	}//我管理的元数据
	
	
	/*
	 * checkmailAction()
	 *
	 * @param int id 
	 *
	 * return view
	 *
	 * 选择需要发送邮件的邮箱，需要视图中配合提交表单实现
	 */
	function checkmailAction(){
		
		$id = $this->view->id = $this->_request->getParam('id');
		
		$sql="select m.title,m.uuid,array_to_string(array(select distinct(email) from role r left join responsible rs on r.resid=rs.id where r.uuid=m.uuid and length(rs.email)>4),',') as emails from mdstatus s left join metadata m on s.uuid=m.uuid where s.id=?";
		$res=$this->db->fetchRow($this->db->quoteInto($sql,$id));
		$rv=explode(',',$res['emails']);
		$rows = array();
		foreach ($rv as $k=>$v)
		{
			$rows[$k]['id'] = $k;
			$rows[$k]['email'] = $v;
		}
		
		$this->view->paginator = $rows;
	}
	
	
	/*
	 * postAction() 元数据评审通过
	 *
	 * @param int id		//评审ID
	 * @param string emails		//要通知的邮件地址
	 *
	 * return view
	 *
	 * 要通知的邮箱地址通过邮件地址列表选择，即checkmailAction()中列出的可选择的邮箱地址
	 */
	function postAction(){

		$id = $this->_request->getParam('id');
		$emails = $this->_request->getParam('emails');

		$auth = Zend_Auth::getInstance();
		if($auth->hasIdentity())
		{
			$user = $auth->getIdentity();
			$userid = $user->id;
			
			$sql = "select id from mdstatus where id='$id' and userid='$userid'";
			$rs = $this->db->query($sql);
			$row = $rs->fetch();
			
			if(!empty($row['id']))
			{
			
				if($this->changestatus($id,5))
				{
					$this->messenger->addMessage('操作成功：该元数据成功发布');
					//发布正式版本
					$sql = "UPDATE mdversion SET changelog=?,userid=? WHERE id in (select id from mdversion where uuid in (select uuid from mdstatus where id=?) order by ts_created desc limit 1)";
					$this->db->query($sql,array('发布第一个正式版本 version 1.0',$userid,$id));
					//删除所有的中间版本
					$sql="delete from mdversion where changelog is null and uuid in (select uuid from mdstatus where id=?)";
					$this->db->query($sql,array($id));
					//email message
					$mail=new WestdcMailer($this->view->config->smtp);
					$sql="select m.uuid,m.title from metadata m left join mdstatus s on m.uuid=s.uuid where s.id='$id'";
					$rs=$this->db->query($sql);
					$res=$rs->fetch();
					$mailtp=new EmailText($this->db,'metadata-publish',array('uuid'=>$res['uuid'],'title'=>$res['title']));
					$mail->setBodyText($mailtp->getBody());
					$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
					$mail->addTo($emails);
					$mail->setSubject($mailtp->getSubject());
					$mail->send();
					$this->_redirect("/admin/review/myreview");
				}else{
					$this->messenger->addMessage('操作失败');
					$this->_redirect("/admin/review/myreview");
				}
				
			}else{
				
				$this->messenger->addMessage('您没有权限操作其他管理员管理的元数据评审');
				$this->_redirect("/admin/review/myreview");
				
			}
	
		}else
		{
			$this->messenger->addMessage('权限读取失败');
			$this->_redirect("/admin/review/myreview");
		}
		
		
	}//发布元数据
	
	/*
	 * rollbackAction() 重新评审
	 * 
	 * @param int id
	 *
	 * return view
	 *
	 * 对需要重新评审的元数据进行回滚，即状态为3
	 */
	function rollbackAction(){
		
		$id=$this->_request->getParam('id');

		if($this->changestatus($id,3))
		{
			$this->messenger->addMessage('操作成功!');
			$this->_redirect("/admin/review/reviewed");
		}
		else{
			$this->messenger->addMessage('操作失败'.$id);
			$this->_redirect("/admin/review/reviewed");
		}

	}//重新评审
	
	
	/*
	 * draftAction() 投稿元数据
	 * 
	 * @param search 				//搜索
	 * @param string keyword		//关键词
	 * @param array update			//进入评审的id ,数组形式
	 * 
	 * retrun view
	 *
	 */
	function draftAction(){
		
		$search=$this->_request->getParam('search');
		$keyword = $this->_request->getParam('keyword');
		$update = $this->_request->getParam('update');
		
		if($update>0 || is_array($update))
		{
			$ids = '';
			if(is_array($update))$ids = join(',',$update);
			else $ids=$update;
			
			if($this->changestatus($ids,1))
			{
				//update search document
				$search=new Search();
				//create search view in xunsearch
				$sql="select * from xunsearch where uuid in (select uuid from mdstatus where id in (".$ids."))";
				$sth = $this->db->prepare($sql);
				$sth->execute();
				while ($data = $sth->fetch())
				{
					$search->update($data);
				}
								
				//仅对单条数据发送email信息，并且注册为数据作者
				if (is_numeric($ids))
				{
					$sql="select distinct u.email,m.title,m.uuid from mdstatus s left join metadata m on s.uuid=m.uuid 
						left join mdauthor a on s.uuid=a.uuid left join users u on a.userid=u.id where s.id=? order by u.email";
					$rs=$this->db->query($sql,array($ids));
					$rows=$rs->fetchAll($rs);
					if ($rows)
					{
						//有数据作者
						$mail=array();
						foreach ($rows as $row)
						{
							$mail[]=$row['email'];
						}
						$title=$rows[0]['title'];
						$uuid=$rows[0]['uuid'];
						//send email
						$mail=new WestdcMailer($this->view->config->smtp);
						$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
						$mailtp=new EmailText($this->db,"review-new-accept",array(
									'uuid' => $iso->uuid,
									'title'=> $iso->resTitle
									));
						$mail->setBodyText($mailtp->getBody());
						$mail->setSubject($mailtp->getSubject());
						$mail->addTo($mail);
						$mail->addCC($this->view->config->service->email);
						$mail->send();
					}
				}
				$this->messenger->addMessage('操作成功!');
				$this->_redirect("/admin/review/draft");
			}
			else{
				$this->messenger->addMessage('操作失败');
				$this->_redirect("/admin/review/accept");
			}
			
		}//开始评审
		
		$searchjoin = "";
		if(!empty($search) && !empty($keyword))
		{
			$searchjoin = " and md.title like '%$keyword%'";
			$this->view->keyword = $keyword;
		}
		
		$sql = "select m.id,md.title,md.uuid,u.username,u.realname,m.status,m.ts_created from mdstatus m
				right join metadata md on md.uuid=m.uuid
				left join users u on u.id=m.userid
				where status=0 $searchjoin order by m.ts_created desc";
				
		$re = $this->db->query($sql);
		$rows = $re->fetchAll();
		
		$paginator = Zend_Paginator::factory($rows);
		$paginator->setCurrentPageNumber($this->_getParam('page'));
		$paginator->setItemCountPerPage($this->view->config->page->max);
		$paginator->setView($this->view);
		Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
		$this->view->paginator=$paginator;
		
	}// draftAction 投稿元数据
	
	
	
	/*
	 * canceledAction() 取消元数据评审
	 *
	 * @param search 				//搜索
	 * @param string keyword		//关键词
	 * @param array update			//进入评审的id ,数组形式
	 *
	 * return view
	 *
	 * 这里的取消不等于删除，评审记录不能随意删除
	 */
	function canceledAction(){
		
		$search=$this->_request->getParam('search');
		$keyword = $this->_request->getParam('keyword');
		$update = $this->_request->getParam('update');
		
		if($update>0 || is_array($update))
		{
			$ids = '';
			if(is_array($update))$ids = join(',',$update);
			else $ids=$update;
			
			if($this->changestatus($ids,0))
			{
				$this->messenger->addMessage('操作成功!');
				$this->_redirect("/admin/review/canceled");
			}
			else{
				$this->messenger->addMessage('操作失败'.$ids);
				$this->_redirect("/admin/review/canceled");
			}
			
		}//取消评审
		
		$searchjoin = "";
		if(!empty($search) && !empty($keyword))
		{
			$searchjoin = " and md.title like '%$keyword%'";
			$this->view->keyword = $keyword;
		}
		
		$sql = "select m.id,md.title,md.uuid,u.username,u.realname,m.status from mdstatus m
				right join metadata md on md.uuid=m.uuid
				left join users u on u.id=m.userid
				where status=-1 $searchjoin";
				
		$re = $this->db->query($sql);
		$rows = $re->fetchAll();
		
		$paginator = Zend_Paginator::factory($rows);
		$paginator->setCurrentPageNumber($this->_getParam('page'));
		$paginator->setItemCountPerPage($this->view->config->page->max);
		$paginator->setView($this->view);
		Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
		$this->view->paginator=$paginator;
		
	}//被取消评审的元数据
	
	
	/*
	 * reviewedAction() 已结束评审的元数据列表
	 * 
	 * @param search 				//搜索
	 * @param string keyword		//关键词
	 *
	 * return view
	 *
	 *
	 */
	function reviewedAction(){
		
		$search=$this->_request->getParam('search');
		$keyword = $this->_request->getParam('keyword');
	
		$searchjoin = "";
		if(!empty($search) && !empty($keyword))
		{
			$searchjoin = " and md.title like '%$keyword%'";
			$this->view->keyword = $keyword;
		}
		
		$sql = "select m.id,md.title,md.uuid,u.username,u.realname,m.status,m.ts_finished from mdstatus m
				right join metadata md on md.uuid=m.uuid
				left join users u on u.id=m.userid
				where status=5 $searchjoin";
				
		$re = $this->db->query($sql);
		$rows = $re->fetchAll();
		
		$paginator = Zend_Paginator::factory($rows);
		$paginator->setCurrentPageNumber($this->_getParam('page'));
		$paginator->setItemCountPerPage($this->view->config->page->max);
		$paginator->setView($this->view);
		Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
		$this->view->paginator=$paginator;
		
	}//已结束评审
	
	
	/*
	 * deleteAction() 删除元数据评审记录
	 * 
	 * @param $id 			//评审记录的ID
	 *
	 * return view
	 *
	 * 删除功能需要权限判断，没个管理员只能删除自己管理的评审元数据
	 */ 
	function deleteAction(){
		
		$id=$this->_request->getParam('id');
		try{
		$auth = Zend_Auth::getInstance();
		if($auth->hasIdentity())
		{
			$user = $auth->getIdentity();
			$userid = $user->id;
			
			$sql = "select id from mdstatus where userid='$userid' and id='$id'";
			$rs = $this->db->query($sql);
			$row = $rs->fetch();
			
			if(!empty($row['id']))
			{
				$sql = "delete from mdstatus where id='$id'";
				if($this->db->exec($sql))
				{
					$this->messenger->addMessage('删除成功');
					$this->_redirect("/admin/review/myreview");
				}else{
					$this->messenger->addMessage('删除失败');
					$this->_redirect("/admin/review/myreview");
				}
				
			}else{
				
				$this->messenger->addMessage('您没有权限操作其他管理员管理的元数据评审');
				$this->_redirect("/admin/review/myreview");
				
			}
	
		}else
		{
			$this->messenger->addMessage('权限读取失败');
			$this->_redirect("/admin/review/myreview");
		}
		}catch(Exception $e){
			$this->messenger->addMessage('删除失败：'.$e->getMessage());
			$this->_redirect("/admin/review/myreview");
		}
		
	}
	
	
	/*
	 * expertsAction() 评审专家管理
	 * 
	 * @param $search				//搜索
	 * @param string $keyword		//关键词
	 * @param string $submit		//添加新专家时的提交动作
	 * @param int $edit				//编辑管理员
	 * @param int $del				//删除
	 *
	 *
	 * return view
	 */
	function expertsAction()
	{
		
		$search = $this->_request->getParam('search');
		$keyword= $this->_request->getParam('keyword');
		$submit = $this->_request->getParam('submit');
		$edit   = $this->_request->getParam('edit');
		$del    = $this->_request->getParam('del');
		$add	= $this->_request->getParam('add');
		
		if($add)
		{
			if(!empty($submit))
			{
				
				foreach($_POST as $k=>$v)
				{
					$$k=$v;
				}
				
				$speciality = $_POST['speciality'];
				  
				$chars = array(
					"a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", 
					"l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", 
					"w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", 
					"H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", 
					"S", "T", "U", "V", "W", "X", "Y", "Z", "0", "1", "2", 
					"3", "4", "5", "6", "7", "8", "9"
				);
				$charsLen = count($chars) - 1;
			 
				shuffle($chars);
			
				$output = "";
				for ($i=0; $i<8; $i++)
				{
					$output .= $chars[mt_rand(0, $charsLen)];
				}
				
				$password=$output;
				
				
				$testsql="select id from users where username='$username' or email='$email'";
				$re=$this->db->query($testsql);
				$test=$re->fetch();
				
				if(!empty($test['id']))
				{
					$this->messenger->addMessage('用户名或邮箱重复');
					$this->_redirect("/admin/review/experts");
					
				}
				
				else
				{
					
					$data = array(
						'username' 	=> $username,
						'realname'  => $realname,
						'email' 	=> $email,
						'unit' 		=> $unit,
						'address' 	=> $address,
						'phone' 	=> $phone,
						'project' 	=> $project,
						'password'	=> md5($password)
					);
					
					if($this->db->insert('users',$data))
					{	
						$mail=new WestdcMailer($this->view->config->smtp);
						$mailtp=new EmailText($this->db,'expert-register',array('user'=>$username,'password'=>$password));
						$mail->setBodyText($mailtp->getBody());
						$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
						$mail->addTo($email);
						$mail->setSubject($mailtp->getSubject());
						$mail->send();
						
						$sql="select id from users where username='{$data['username']}'";
						$re=$this->db->query($sql);
						$row = $re->fetch();
						
						$sql="insert into mdexperts (id,speciality) values ('{$row['id']}','$speciality')";
							if($this->db->exec($sql)>0)
							{
								$this->messenger->addMessage('成功添加评审专家');
								$this->_redirect("/admin/review/experts");
							}
						
					}
				
				}
			}
			else
			{
				$this->_helper->viewRenderer('expertsadd');
			}
		}
				
		if($del>0)
		{
			$sql="delete from mdexperts where id='$del'";
			if($this->db->exec($sql)>0)
			{
				$this->messenger->addMessage('删除成功！');
				$this->_redirect('/admin/review/experts');	
			}
		}
		
		if($edit>0)
		{
			if(!empty($submit))
			{
				$speciality = $this->_request->getParam('speciality');
				$sql = "update mdexperts set speciality='$speciality',ts_modified='".date("Y-m-d H:i:s",time())."' where id='$edit'";
				if($this->db->exec($sql)>0)
				{
					$this->messenger->addMessage('编辑成功！');
					$this->_redirect('/admin/review/experts');	
				}
			}
			else
			{
				$sql = "select m.*,m.id as mid,u.* from mdexperts m left join users u on u.id=m.id
						where m.id='$edit'";
				$re  = $this->db->query($sql);
				$row = $re->fetch();
				$this->view->infos = $row;
				$this->view->id=$edit;
				
				$this->_helper->viewRenderer('expertsedit');
			}
		}//编辑
		
		if($search)
		{
			
			$sql = "select m.*,m.id as mid,u.* from mdexperts m left join users u on u.id=m.id
					where u.realname like '%$keyword%' or m.speciality like '%$keyword%' or u.unit like '%$keyword%'";
					
			$re = $this->db->query($sql);
			$rows = $re->fetchAll();
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage($this->view->config->page->max);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;
			
		}//搜索
		
		else
		{
			$sql="select m.*,m.id as mid,u.* from mdexperts m left join users u on u.id=m.id";
			$re = $this->db->query($sql);
			$rows = $re->fetchAll();

			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage($this->view->config->page->max);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination.phtml');
			$this->view->paginator=$paginator;
		}//列表
		
		
	}//expertsAction 专家库
	
	
	/*
	 * commentsAction() 评审意见
	 * 
	 * @param string $ac		//动作:  view 查看(详细单条)
	 *									list 评审意见列表
	 *									listbyuser 按用户查看评审意见列表
	 *									del	删除评审意见
	 *									rollback 重置为草稿状态
	 * @param $uuid				//评审元数据uuid
	 * @param $id				//评审id
	 * @param $q				//搜索关键词
	 * @param $search			//搜索
	 *
	 * return view
	 *
	 * 默认视图是评审意见列表视图
	 * 
	 */
	function commentsAction(){
		
		$ac = $this->_request->getParam('ac');
		$uuid = $this->_request->getParam('uuid');
		$id = $this->_request->getParam('id');
		$q = $this->_request->getParam('q');
		$search = $this->_request->getParam('search');
		
		if($ac=='view' && !empty($id))
		{
			$redirect = "/admin/review/comments/ac/view/id/$id";
			
			if(!is_numeric($id))
			{
				$this->messenger->addMessage('参数不正确，请按正确的步骤进行访问');
				$this->_redirect($redirect);
			}
			
			$sql = "select r.*,md.title,u.realname,u.id as uid from mdreview r
					left join metadata md on md.uuid=r.uuid
					left join users u on u.id=r.userid
					where r.id='$id'
					";
					
			$rs = $this->db->query($sql);
			
			$row = $rs->fetch();
			
			if(empty($row['id']))
			{
				$this->messenger->addMessage('该评审不存在或者已删除');
				$this->_redirect($redirect);
			}
			
			$sql = "select att.realname,att.id from attachments att
					left join mdreviewattach ratt on att.id=ratt.attachid
					where ratt.reviewid=$id";
			$rs = $this->db->query($sql);
			$rows = $rs->fetchAll();
			
			$row['attid'] = "";
			if(!empty($rows))
			{
				foreach($rows as $v)
				{
					$row['attid'] .=  '<li>'.$v['realname'].'<a href="/admin/data/attachments/down/'.$v['id'].'">下载</a></li>';
				}
			}
			else
			{
				$row['attid'] =  '无附件';
			}
			
			
			$this->view->info = $row;
			
			$this->_helper->viewRenderer('commentsview');
			
		}//查看单个元数据的评审
		
		else if($ac=='list')
		{
			try{
			
			$redirect = "/admin/review/comments/ac/list/";
	
			$wheresql = array();
			
			$userid = $this->_request->getParam('userid');
			
			if(!empty($userid))
			{
				$redirect.="/uuid/$userid";
				$wheresql[] = " r.userid='$userid' ";
			}
			
			if(!empty($uuid))
			{
				$redirect.="/uuid/$uuid";
				$wheresql[] = " md.uuid='$uuid' ";
			}
			
			$wheresql[]=' r.status>-1 ';
			
			if(!empty($q) && !empty($search))
			{
				if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$q) || !is_numeric($search))
				{
					$this->messenger->addMessage('您的输入的搜索条件包含非法请求，请不要输入特殊符号');
					$this->_redirect($redirect);
				}
				$this->view->q = $q;
				$wheresql[] = " (md.title like '%$q%' or u.realname like '%$q%') ";
			}
			
			if(count($wheresql>0))$wheresql = join(' and ',$wheresql);
			else $wheresql='';
			
			if($wheresql!='')
			{
				$wheresql = 'where '.$wheresql;
			}		
		
			$sql = "select md.title,md.uuid,u.realname,r.id,r.ts_created,r.is_expert from mdreview r
					left join metadata md on md.uuid=r.uuid
					left join users u on u.id=r.userid
					$wheresql
					order by r.ts_created desc
					";
			$rs = $this->db->query($sql);
			$rows = $rs->fetchAll();
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage($this->view->config->page->max);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination.phtml');
			$this->view->paginator=$paginator;
			}catch(Exception $e){
				echo $e->getMessage().'<br />';
			}
			
			$this->_helper->viewRenderer('commentslist');
		}//评审意见列表 or 某条元数据的评审意见列表
		
		else if($ac=='listbyuser')
		{
			try{
			
			$redirect = "/admin/review/comments/ac/list/";
	
			$wheresql = array();
			
			$wheresql[]=' r.status>-1 ';
			
			if(!empty($q) && !empty($search))
			{
				if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$q) || !is_numeric($search))
				{
					$this->messenger->addMessage('您的输入的搜索条件包含非法请求，请不要输入特殊符号');
					$this->_redirect($redirect);
				}
				$this->view->q = $q;
				$wheresql[] = " u.realname like '%$q%' ";
			}
			
			if(count($wheresql>0))$wheresql = join(' and ',$wheresql);
			else $wheresql='';
			
			if($wheresql!='')
			{
				$wheresql = 'where '.$wheresql;
			}		
		
			$sql = "select u.id,u.realname as title,count(r.id) as c from mdreview r
					left join metadata md on md.uuid=r.uuid
					left join users u on u.id=r.userid
					$wheresql
					GROUP BY u.id,u.realname
					";
			
			$rs = $this->db->query($sql);
			$rows = $rs->fetchAll();
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage($this->view->config->page->max);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination.phtml');
			$this->view->paginator=$paginator;
			}catch(Exception $e){
				echo $e->getMessage().'<br />';
			}
			
			$this->_helper->viewRenderer('commentslistbyuser');
		}//按评审用户查看
		
		else if($ac=='del' && !empty($id))
		{
			
			$redirect = "/admin/review/comments/ac/list/";
			
			if(!is_numeric($id))
			{
				$this->messenger->addMessage('参数不正确，请按正确的步骤进行访问');
				$this->_redirect($redirect);
			}
			
			$sql = "select r.id,att.filename,ratt.attachid as attid from mdreview r
					left join mdreviewattach ratt on ratt.reviewid=r.id
					left join attachments att on att.id=ratt.attachid
					where r.id='$id'";
			
			$rs = $this->db->query($sql);
			
			$row = $rs->fetch();
			
			if(!empty($row['filename']))
			{
				//需要删除文件，通过Zend_Registry::get('upload')获得上传文件的根目录
				$basepath = $this->view->config->upload;	
				$filepath = $basepath.$row['filename'];
				
				if(unlink($filepath))
				{
					$sql = "delete from mdreview where id='$id'";
					if($this->db->exec($sql)>0)
					{
						$this->messenger->addMessage('评审意见删除成功!');
						$this->_redirect($redirect);
					}
				}
				else
				{
					$sql = "delete from mdreview where id='$id'";
					if($this->db->exec($sql)>0)
					{
						$this->messenger->addMessage('评审意见删除成功!但附件删除失败，请手动删除文件:'.$row['filename']);
						$this->_redirect($redirect);
					}
				}
			}else{
				$sql = "delete from mdreview where id='$id'";
				if($this->db->exec($sql)>0)
				{
					$this->messenger->addMessage('评审意见删除成功!');
					$this->_redirect($redirect);
				}
			}	
		}//删除评审意见 同时删除附件
		
		else if($ac=='rollback' && !empty($id))
		{
			
			$redirect = "/admin/review/comments/ac/list/";
			
			$sql = "update mdreview set status=-1 where id=$id";
			
			try{
				
				if($this->db->exec($sql))
				{
					$this->messenger->addMessage('更改成功');
					$this->_redirect($redirect);
				}else{
					$this->messenger->addMessage('更新失败');
				$this->_redirect($redirect);
				}
				
			}catch(Exception $e){
				$this->messenger->addMessage('更新失败:'.$e->getMessage());
				$this->_redirect($redirect);
			}
			
		}//为用户重置为草稿状态
		
		else
		{
			try{
			$redirect = "/admin/review/comments";
				
			$wheresql = array();
			
			$wheresql[]=' r.status>-1 ';
			
			if(!empty($q) && !empty($search))
			{
				if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$q) || !is_numeric($search))
				{
					$this->messenger->addMessage('您的输入的搜索条件包含非法请求，请不要输入特殊符号');
					$this->_redirect($redirect);
				}//非法请求过滤
				$this->view->q = $q;
				$wheresql[] = " md.title like '%$q%' ";
			}
			
			if(count($wheresql>0))$wheresql = join(' and ',$wheresql);
			else $wheresql='';
			
			if($wheresql!='')
			{
				$wheresql = 'where '.$wheresql;
			}		
		
			$sql = "select md.title,md.uuid,count(r.id) as c from mdreview r
			left join metadata md on md.uuid=r.uuid
			$wheresql
			GROUP BY md.title,md.uuid
			";
			$rs = $this->db->query($sql);
			$rows = $rs->fetchAll();
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage($this->view->config->page->max);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination.phtml');
			$this->view->paginator=$paginator;
			}catch(Exception $e){
				echo $e->getMessage().'<br />';
			}
		}//列表
		
		
	}//commentsAction 查看所有评审意见
	
	
	//replyAction() 数据评审信息反馈
	function replyAction(){
		
		$uuid = $this->_getParam('uuid');
		$send = $this->_getParam('send');
		
		if(empty($uuid))
		{
			$jump_url = $this->view->jump_url = 'javascript:history.go(-1);';
			$this->view->msg = "参数错误,<a href='$jump_url'>如果页面没有跳转请点击这里</a>";
			return true;
		}
		
		$this->view->uuid = $uuid;
		
		$sql = "SELECT mr.*,u.username,u.realname FROM mdreview mr
				LEFT JOIN users u ON mr.userid = u.id
				WHERE mr.uuid = '$uuid'";
		
		$sth = $this->db->query($sql);
		$reviews = $sth->fetchAll();
		
		$this->view->review = $reviews;
		
		if(!empty($send))
		{
			$sql = "SELECT md.title,u.email FROM metadata md
					LEFT JOIN mdauthor a ON md.uuid=a.uuid
					WHERE md.uuid='$uuid'";
			$sth = $this->db->query($sql);
			$rows = $sth->fetchAll();
			
			$emails = array();
			foreach($rows as $v);
			{
				if(!empty($v['email']))
				{
					$emails[] = $v['email'];
				}
			}
			
			if(count($emails)<1)
			{
				$jump_url = $this->view->jump_url = 'javascript:history.go(-1);';
				$this->view->msg = "该元数据未指派作者,<a href='$jump_url'>如果页面没有跳转请点击这里</a>";
				return true;
			}
			
			$title = $rows[0]['title'];
			
			$this->_helper->layout->disableLayout();
			$this->_helper->viewRenderer->setNoRender();
			
			$body = "元数据《$title》的作者，您好：\r\n 
您的元数据《$title》有反馈信息。\r\n";
			
			foreach($reviews as $k=>$v)
			{
				$body .= $v['username'].":".$v['mdcomment']."\r\n";
			}
			
			$body .= "\r\n　　　　　　　　　　　西部数据中心服务组";			
			
			$mail=new WestdcMailer($this->view->config->smtp);
			$mail->setBodyText($body);
			$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
			foreach($emails as $v)
			{
				$mail->addTo($v);
			}
			$mail->setSubject("您的元数据《$title》有新的反馈");
			$mail->send();
		}
		
	}//replyAction()
	
}