diff --git a/application/default/controllers/AccountController.php b/application/default/controllers/AccountController.php index 53789af8..7ad19371 100755 --- a/application/default/controllers/AccountController.php +++ b/application/default/controllers/AccountController.php @@ -1,300 +1,654 @@ -_redirect('/'); - } - function init() - { - $this->messenger=$this->_helper->getHelper('FlashMessenger'); - } - function postDispatch() - { - //$this->view->messages = $this->messenger->getMessages(); - } - function preDispatch() - { - $this->view->config = Zend_Registry::get('config'); - $this->_request->setParam('return', $this->_request->getServer('REQUEST_URI')); - //$this->db=Zend_Registry::get('db'); - $this->view->messages = $this->messenger->getMessages(); - } - - function registerAction() - { - $form = new RegisterForm(); - $this->view->form = $form; - - if ($this->_request->isPost()) { - $formData = $this->_request->getPost(); - if ($form->isValid($formData)) { - $ut = new UsersTable(); - $u = $ut->createRow(); - $u->username = $form->getValue('username'); - $u->password = $form->getValue('password'); - $u->email=$form->getValue('email'); - if ($form->getValue('realname')) $u->realname=$form->getValue('realname'); - if ($form->getValue('phone')) $u->phone=$form->getValue('phone'); - if ($form->getValue('address')) $u->address=$form->getValue('address'); - if ($form->getValue('unit')) $u->unit=$form->getValue('unit'); - if ($form->getValue('project')) $u->project=$form->getValue('project'); - if ($u->save()) { - //发送欢迎邮件 - $mail=new WestdcMailer($this->view->config->smtp); - $body=file_get_contents($this->view->config->register->email->template); - $body=str_replace("[username]",$formData['username'],$body); - $mail->setBodyText($body); - $mail->setFrom($this->view->config->service->email,'西部数据中心服务组'); - $mail->addTo($formData['email']); - //中文标题有乱码,在1.5版本中尚未解决 - //ref: http://framework.zend.com/issues/browse/ZF-2532 - $mail->setSubject('欢迎使用中国西部环境与生态数据中心'); - $mail->send(); - - //自动登录系统 - $this->login($formData['username'],$formData['password']); - $this->_redirect('/'); - } - } else { - $form->populate($formData); - } - } - } - function editAction() - { - $form=new UsereditForm(); - $this->view->form=$form; - $auth = Zend_Auth::getInstance(); - $user = $auth->getIdentity(); - if ($this->_request->isPost()) { - $formData = $this->_request->getPost(); - if ($form->isValid($formData)) { - //save user info - $ut=new UsersTable(); - $row=$ut->fetchRow('id='.$formData['id']); - if (md5($formData['oldpassword'])==$row->password && $formData['password']) { - //修改密码 - $row->password=md5($formData['password']); - } - if ($formData['email']) $row->email=$formData['email']; - if ($formData['phone']) $row->phone=$formData['phone']; - if ($formData['realname']) $row->realname=$formData['realname']; - if ($formData['unit']) $row->unit=$formData['unit']; - if ($formData['address']) $row->address=$formData['address']; - if ($formData['project']) $row->project=$formData['project']; - $row->save(); - //todo:更新session信息 - } - } else { - /*$formData['id']=$user->id; - $formData['email']=$user->email; - $formData['phone']=$user->phone; - $formData['realname']=$user->realname; - $formData['unit']=$user->unit; - $formData['address']=$user->address; - $formData['project']=$user->project;*/ - $ut=new UsersTable(); - $row=$ut->fetchRow('id='.$user->id); - $formData['email']=$row->email; - $formData['phone']=$row->phone; - $formData['realname']=$row->realname; - $formData['unit']=$row->unit; - $formData['address']=$row->address; - $formData['project']=$row->project; - $formData['id']=$row->id; - $form->populate($formData); - } - } - function loginAction() - { - $form = new LoginForm(); - $success=false; - $message=''; - $this->view->form = $form; - $auth = Zend_Auth::getInstance(); - if ($auth->hasIdentity()) $this->_redirect('/account'); - if ($this->_request->isPost()) { - $formData = $this->_request->getPost(); - if ($form->isValid($formData)) { - if (!$this->login($formData['username'],$formData['password'])) - { - $this->messenger->addMessage('登录失败,请检查您的用户名和密码。'); - } else $success=true; - } - - if(!$success) { - $flashMessenger = $this->_helper->getHelper('FlashMessenger'); - $flashMessenger->setNamespace('actionErrors'); - $flashMessenger->addMessage($message); - $this->_redirect('/account/login'); - } else - { - $tohref = $this->_request->getParam('href'); - if(!empty($tohref)) - { - $this->_redirect($tohref); - }else{ - $this->_redirect($this->_request->getParam('return')); - } - - } - } else { - //$formData['redirect'] = $redirect; - //$form->populate($formData); - } - } - - function logoutAction() - { - $auth = Zend_Auth::getInstance(); - $auth->clearIdentity(); - require_once 'member.php'; - $mb=new member(); - $mb::flushcookie(); - $this->_redirect('/'); - } - - private function default_login($u,$p) - { - $auth = Zend_Auth::getInstance(); - $db=Zend_Registry::get('db'); - - $authAdapter = new Zend_Auth_Adapter_DbTable($db); - $authAdapter->setTableName('users') - ->setIdentityColumn('username') - ->setCredentialColumn('password'); - $authAdapter->setIdentity($u)->setCredential(md5($p)); - $result = $auth->authenticate($authAdapter); - if ($result->isValid()) { - - // success: store database row to auth's storage - $data = $authAdapter->getResultRowObject(null,'password'); - $auth->getStorage()->write($data); - $db->query("update users set ts_last_login=now() where username=?",array($u)); - - if ($this->_request->getParam('remember')) { - $sql="select usertype from users where username='$u'"; - $rs=$db->query($sql); - $row=$rs->fetch(); - //if($row['usertype']!='administrator') - { - require_once 'member.php'; - $mb = new member(); - $mb -> putcookie($u,md5($p)); - } - } - - return true; - } - return false; - } - private function aspnet_login($p,$salt,$password) - { - $p1=implode("\x00",str_split($p))."\x00"; - $ball=base64_decode($salt).$p1; - return trim($password)==base64_encode(sha1($ball,true)); - } - // 首先判断是否存在salt - // 若有salt,则按照aspnet membership加密算法进行判断 - function login($u,$p) - { - $ut= new UsersTable(); - $db=$ut->getAdapter(); - $sql="select password,salt from users where username=?"; - $uq=$db->query($sql,array($u)); - if ($urow=$uq->fetchObject()) - { - if (empty($urow->salt)) - return $this->default_login($u,$p); - else { - //进行判断并进行转换到默认 - if ($this->aspnet_login($p,$urow->salt,$urow->password)) - { - $sql="update users set password=md5(?),salt='' where username=?"; - $db->query($sql,array($p,$u)); - return $this->default_login($u,$p); - } else - return false; - } - } else { - //没有对应的用户,登录失败 - return false; - } - } - function fetchpwdAction() - { - $ut= new UsersTable(); - $db=$ut->getAdapter(); - $form = new LostpwdForm(); - $key=$this->_request->getParam('key'); - $login=$this->_request->getParam('login'); - if (empty($key) && empty($login)) { - $this->view->form = $form; - if ($this->_request->isPost()) { - $formData = $this->_request->getPost(); - if ($form->isValid($formData)) { - $sql="select * from users where email=?"; - $uq=$db->query($sql,array($formData['email'])); - if ($urow=$uq->fetchObject()) - { - //email the url to user - $username=$urow->username; - $sql="update users set activation=? where email=?"; - $uid=uniqid(); - $db->query($sql,array($uid,$formData['email'])); - $mail=new WestdcMailer($this->view->config->smtp); - $body="尊敬的西部数据中心用户: - 有人提出了针对此用户名的密码重置请求。 - - 用户名:"; - $body.=$username; - $body.=" - - 若想重置您的密码请打开下面的链接,否则请忽略此邮件,一切如常。 -"; - $body.="http://westdc.westgis.ac.cn/account/fetchpwd/".$username."/".$uid; - $mail->setBodyText($body); - $mail->setFrom($this->view->config->service->email,'西部数据中心服务组'); - $mail->addTo($formData['email']); - $mail->setSubject('密码已重置'); - $mail->send(); - $this->view->messages[]='请检查您的新邮件中的确认激活链接。'; - $this->view->form=false;//do not echo form - } else - $this->messenger->addMessage('对不起,没有找到对应的电子邮件地址。'); - } - } else - $this->view->messages[]='请输入您的电子邮件地址。您将通过电子邮件收到新密码。'; - } else { - $sql="select * from users where username=? and activation=?"; - $uq=$db->query($sql,array($login,$key)); - $tmp_pwd=uniqid(); - if ($urow=$uq->fetchObject()) - { - $sql="update users set salt='',activation='',password=md5('".$tmp_pwd."') where username=? and activation=?"; - $db->query($sql,array($login,$key)); - $mail=new WestdcMailer($this->view->config->smtp); - $body="尊敬的西部数据中心用户: - 您的密码已修改。 - - 用户名:"; - $body.=$login; - $body.="密码:".$tmp_pwd; - $body.=" - http://westdc.westgis.ac.cn/account/login"; - $mail->setBodyText($body); - $mail->setFrom($this->view->config->service->email,'西部数据中心服务组'); - $mail->addTo($urow->email); - $mail->setSubject('您的新密码'); - $mail->send(); - $this->view->messages[]='请查收您新邮件中的新密码'; - $this->view->form=false;//do not echo form - - } - } - - } -} - +_redirect('/'); + } + function init() + { + $this->messenger=$this->_helper->getHelper('FlashMessenger'); + } + function postDispatch() + { + //$this->view->messages = $this->messenger->getMessages(); + } + function preDispatch() + { + $this->view->config = Zend_Registry::get('config'); + $this->_request->setParam('return', $this->_request->getServer('REQUEST_URI')); + $this->db=Zend_Registry::get('db'); + $this->view->messages = $this->messenger->getMessages(); + } + + function registerAction() + { + $reg = $this->_request->getParam('submit'); + if(!empty($reg)) + { + $this->_helper->layout->disableLayout(); + $this->_helper->viewRenderer->setNoRender(); + try{ + + $username = mb_substr(trim($this->_request->getParam('username')),0,100,'utf-8'); + $name = mb_substr(trim($this->_request->getParam('name')),0,100,'utf-8'); + $email = mb_substr(trim($this->_request->getParam('email')),0,100,'utf-8'); + $phone = mb_substr(trim($this->_request->getParam('phone')),0,100,'utf-8'); + $unit = mb_substr(trim($this->_request->getParam('employer')),0,200,'utf-8'); + $address = mb_substr(trim($this->_request->getParam('address')),0,250,'utf-8'); + $project = mb_substr(trim($this->_request->getParam('project')),0,500,'utf-8'); + $password = mb_substr(trim($this->_request->getParam('password')),0,22,'utf-8'); + $password_confirm = mb_substr(trim($this->_request->getParam('password_confirm')),0,22,'utf-8'); + $vdcode = strtolower(substr(trim($this->_request->getParam('vdcode')),0,4)); + + include_once('ajax/box.php'); + + if(strlen($username)<6) + { + echo box::warning('用户名不能少于6个字符'); + exit(); + } + + if(strlen($username)>20) + { + echo box::warning('用户名不能超过20个字符'); + exit(); + } + + if(!preg_match("/^[a-zA-Z][a-zA-Z0-9_]{4,19}$/",$username)) + { + echo box::warning("用户名只能包含英文字母及数字"); + exit(); + } + + if(strlen($name)<2) + { + echo box::warning("姓名太短"); + exit(); + } + + if(strlen($name)>32) + { + echo box::warning("姓名太长"); + exit(); + } + + if(preg_match("/[\"|'|~|!|#|\$|%|\^|\&|\*|\+|\{|\}|\[|\]|:|;|<|>|\?|\/]/",$name)) + { + echo box::warning("姓名中包含非法字符"); + exit(); + } + + if(!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i",$email)) + { + echo box::warning("请输入正确的Email地址"); + exit(); + } + + if(!empty($phone) && preg_match("/[\"|'|~|!|#|\$|%|\^|\&|\*|\{|\}|\[|\]|:|;|<|>|\?|\/]/",$phone)) + { + echo box::warning("请输入正确的电话号码"); + exit(); + } + + if(!empty($unit) && preg_match("/[\"|'|~|!|#|\$|%|\^|\&|\*|\{|\}|\[|\]|:|;|<|>|\?|\/]/",$unit)) + { + echo box::warning("输入的内容中包含非法字符"); + exit(); + } + + if(!empty($address) && preg_match("/[\"|'|~|!|\$|%|\^|\&|\*|\{|\}|\?|\/]/",$address)) + { + echo box::warning("地址中包含非法字符"); + exit(); + } + + $match = "/[\"|'|\\\]/i"; + + if(preg_match($match,$password) || preg_match($match,$password_confirm)) + { + echo box::warning("密码中包含非法字符,请重新输入"); + exit(); + } + + if(empty($password)) + { + echo box::warning("请输入密码"); + exit(); + } + + if(strlen($password)<6) + { + echo box::warning("密码太短"); + exit(); + } + + if(strlen($password)>20) + { + echo box::warning("密码长度不能超过20个字符"); + exit(); + } + + if($password!==$password_confirm) + { + echo box::warning("两次输入的密码不同"); + exit(); + } + + $sql = "select id from users where username like '%$username%'"; + $rs = $this->db->query($sql); + $row = $rs->fetch(); + + if($row['id']>0) + { + echo box::warning("该用户名已经被占用,请更换"); + exit(); + } + + $sql = "select id from users where email like '%$email%'"; + $rs = $this->db->query($sql); + $row = $rs->fetch(); + + if($row['id']>0) + { + echo box::warning("该Email已经被使用,请更换"); + exit(); + } + + if($vdcode != $_SESSION['vdcodes']) + { + echo box::warning("验证码错误"); + exit(); + } + + $sql = "INSERT INTO users (username,password,email,realname,unit,address,project,phone,usertype) + VALUES (?,?,?,?,?,?,?,?,?)"; + + $sth = $this->db->prepare($sql); + $ec = $sth->execute(array($username,md5($password),$email,$name,$unit,$address,$project,$phone,'member')); + + //$sql = "INSERT INTO users (username,password,usertype,email,realname,unit,address,project,phone) + // VALUES ('$username','".md5($password)."','member','$email','$name','$unit','$address','$project','$phone')"; + //$ec = $this->db->exec($sql); + if($ec) + { + $this->login($username,md5($password)); + echo box::success(""); + exit(); + } + else + { + echo box::warning("An error occurred!Re-try please!"); + exit(); + } + }catch(Exception $e){ + echo box::warning("An error occurred!".$e->getMessage()); + exit(); + } + }//ajax 注册 + } + + + function editAction() + { + $auth = Zend_Auth::getInstance(); + if ($auth->hasIdentity()) + { + $user = $auth->getIdentity(); + $username = $user->username; + $sql = "select * from users where username='$username'"; + $rs = $this->db->query($sql); + $rows = $rs->fetch(); + $this->view->user = $rows; + } + } + + + function saveoptAction() + { + $this->_helper->layout->disableLayout(); + $this->_helper->viewRenderer->setNoRender(); + + $opt = $this->_request->getParam('opt'); + + $auth = Zend_Auth::getInstance(); + if ($auth->hasIdentity()) + { + $user = $auth->getIdentity(); + $username = $user->username; + $sql = "select * from users where username='$username'"; + $rs = $this->db->query($sql); + $rows = $rs->fetch(); + $this->view->user = $rows; + } + else + { + echo "You must log in"; + exit(); + } + + if($opt == 'general') + { + $realname = mb_substr(trim($this->_request->getParam('name')),0,100,'utf-8'); + $phone = mb_substr(trim($this->_request->getParam('phone')),0,100,'utf-8'); + $unit = mb_substr(trim($this->_request->getParam('employer')),0,200,'utf-8'); + $address = mb_substr(trim($this->_request->getParam('address')),0,250,'utf-8'); + $project = mb_substr(trim($this->_request->getParam('project')),0,500,'utf-8'); + + try{ + + if(empty($realname)) + { + echo "Please enter your Name"; + exit(); + } + + $sql = "UPDATE users SET realname='$realname',phone='$phone',unit='$unit',address='$address',project='$project' WHERE id='{$rows['id']}'"; + if($this->db->query($sql)) + { + echo "Saved!"; + exit(); + }else{ + echo "Failed!"; + exit(); + } + + //Error!Retry please!SQLSTATE[42P02]: Undefined parameter: 7 错误: 没有参数 $1 CONTEXT: Error occurred on dblink connection named "unnamed": could not execute command. + }catch (Exception $e){ + echo "An error occurred!"; + exit(); + } + } + + else if ($opt == 'email') + { + $email = substr(trim($this->_request->getParam('email')),0,100); + $password = trim($this->_request->getParam('password')); + + try{ + + if(empty($email)) + { + echo "Please enter your E-mail"; + exit(); + } + + if(empty($password)) + { + echo "Please enter your password"; + exit(); + } + + if(!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i",$email)) + { + echo "Incorrect email"; + exit(); + } + + if(md5($password)!==$rows['password']){ + echo "The password you entered is incorrect.Please re-enter your password"; + exit(); + } + + $sql = "UPDATE users SET email='$email' where id='{$rows['id']}'"; + if($this->db->query($sql)) + { + echo "Saved!"; + exit(); + }else{ + echo "Failed!"; + exit(); + } + }catch(Exception $e){ + echo "An error occurred!"; + exit(); + } + + } + + else if ($opt == 'password') + { + $password = trim($this->_request->getParam('password')); + $password_new = trim($this->_request->getParam('password_new')); + $password_confirm = trim($this->_request->getParam('password_confirm')); + + $match = "/[\"|'|\\\]/i"; + + if(empty($password)) + { + echo "Please enter your password"; + exit(); + } + + if(empty($password_new)) + { + echo "Please enter your new password"; + exit(); + } + + if($password==$password_new) + { + echo "New password cannot be same as the old"; + exit(); + } + + if(empty($password_confirm)) + { + echo "Please re-enter your new password"; + exit(); + } + + if(preg_match($match,$password) || preg_match($match,$password_new) || preg_match($match,$password_confirm) || $rows['password']!== md5($password)) + { + echo "The password you entered is incorrect.Please re-enter your password"; + exit(); + } + + if(strlen($password_new)<6) + { + echo "Your new password is too short"; + exit(); + } + + if(strlen($password_new)>20) + { + echo "Your new password is too long"; + exit(); + } + + if(md5($password_new) !== md5($password_confirm)) + { + echo "Entered passwords differ from the another"; + exit(); + } + + try{ + + $sql = "UPDATE users SET password='".md5($password_new)."' WHERE username='$username'"; + if($this->db->query($sql)) + { + echo "Changes Saved!"; + exit(); + }else{ + echo "Failed!Please check the input content"; + exit(); + } + + }catch(Exception $e){ + echo "An error occurred!"; + exit(); + } + + } + + else + { + exit(); + } + } //saveopt ajax修改用户信息 + + function loginAction() + { + $submit = $this->_request->getParam('submit'); + + if(!empty($submit)) + { + + $this->_helper->layout->disableLayout(); + $this->_helper->viewRenderer->setNoRender(); + + $success=false; + $message=''; + + $auth = Zend_Auth::getInstance(); + if ($auth->hasIdentity()) + $this->_redirect('/account'); + + $username = trim($this->_request->getParam('username')); + $password = trim($this->_request->getParam('password')); + $vdcode = strtolower(substr(trim($this->_request->getParam('vdcode')),0,4)); + + include_once('ajax/box.php'); + + if(empty($username)) + { + echo box::warning('请输入用户名'); + exit(); + } + + if(empty($password)) + { + echo box::warning('请输入密码'); + exit(); + } + + if(empty($vdcode)) + { + echo box::warning('请输入验证码'); + exit(); + } + + if($vdcode != $_SESSION['vdcodes']) + { + echo box::warning("验证码错误"); + exit(); + } + + if (!$this->login($username,$password)) + { + echo box::error('用户名或密码错误'); + exit(); + } + + else + { + echo box::success('登录成功,如果页面没有跳转请点击这里'); + exit(); + } + + + + $tohref = $this->_request->getParam('href'); + if(!empty($tohref)) + { + $this->_redirect($tohref); + }else{ + $this->_redirect($this->_request->getParam('return')); + } + + } + } + + function logoutAction() + { + $this->_helper->layout->disableLayout(); + $this->_helper->viewRenderer->setNoRender(); + + $auth = Zend_Auth::getInstance(); + if ($auth->hasIdentity()) + { + $auth->clearIdentity(); + require_once 'member.php'; + member::flushcookie(); + $this->_redirect('/'); + } + } + + private function default_login($u,$p) + { + $auth = Zend_Auth::getInstance(); + $db=Zend_Registry::get('db'); + + $authAdapter = new Zend_Auth_Adapter_DbTable($db); + $authAdapter->setTableName('users') + ->setIdentityColumn('username') + ->setCredentialColumn('password'); + $authAdapter->setIdentity($u)->setCredential(md5($p)); + $result = $auth->authenticate($authAdapter); + if ($result->isValid()) { + + // success: store database row to auth's storage + $data = $authAdapter->getResultRowObject(null,'password'); + $auth->getStorage()->write($data); + $db->query($db->quoteInto("update users set ts_last_login=now() where username=?",$u)); + + if ($this->_request->getParam('remember')) { + require_once 'member.php'; + $mb = new member(); + $mb -> putcookie($u,md5($p)); + } + + return true; + } + return false; + } + private function aspnet_login($p,$salt,$password) + { + $p1=implode("\x00",str_split($p))."\x00"; + $ball=base64_decode($salt).$p1; + return trim($password)==base64_encode(sha1($ball,true)); + } + // 首先判断是否存在salt + // 若有salt,则按照aspnet membership加密算法进行判断 + function login($u,$p) + { + $db=Zend_Registry::get('db'); + $sql="select password,salt from users where username=?"; + $uq=$db->query($sql,array($u)); + if ($urow=$uq->fetchObject()) + { + if (empty($urow->salt)) + return $this->default_login($u,$p); + else { + //进行判断并进行转换到默认 + if ($this->aspnet_login($p,$urow->salt,$urow->password)) + { + $sql="update users set password=md5(?),salt='' where username=?"; + $db->query($sql,array($p,$u)); + return $this->default_login($u,$p); + } else + return false; + } + } else { + //没有对应的用户,登录失败 + return false; + } + } + + function fetchpwdAction() + { + + $this->_helper->layout->disableLayout(); + $this->_helper->viewRenderer->setNoRender(); + + $auth = Zend_Auth::getInstance(); + if ($auth->hasIdentity()) + $this->_redirect('/account'); + + $email = $this->_request->getParam('email'); + + include_once('ajax/box.php'); + if(empty($email)) + { + echo box::warning('请输入要找回密码的账户所对应的Email地址'); + exit(); + } + + if(!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i",$email)) + { + echo box::warning("请输入正确的Email地址"); + exit(); + } + + $sql = "SELECT * FROM users WHERE email=?"; + $sth = $this->db->prepare($sql); + $sth->execute(array($email)); + $row = $sth->fetch(); + + if($row['id']=='') + { + echo box::error("未找到对应用户"); + exit(); + } + + + //email the url to user + $username=$row['username']; + $sql="update users set activation=? where email=?"; + $uid=uniqid(); + $db->query($sql,array($uid,$formData['email'])); + $mail=new WestdcMailer($this->view->config->smtp); + $mailtp=new EmailText($this->db, + 'member-fetchpwd', + array('user' => $username,'uid'=>$uid) + ); + $mail->setBodyText($mailtp->getBody()); + $mail->setFrom($this->view->config->service->email,'WDSCAR Service Team'); + $mail->setSubject($mailtp->getSubject()); + $mail->addTo($email); + $mail->send(); + $this->view->messages[]='Please check the activation link in your email.'; + $this->view->form=false;//do not echo form + + + + $ut= new UsersTable(); + $db=$ut->getAdapter(); + $form = new LostpwdForm(); + $key=$this->_request->getParam('key'); + $login=$this->_request->getParam('login'); + if (empty($key) && empty($login)) { + $this->view->form = $form; + if ($this->_request->isPost()) { + $formData = $this->_request->getPost(); + if ($form->isValid($formData)) { + $sql="select * from users where email=?"; + $uq=$db->query($sql,array($formData['email'])); + if ($urow=$uq->fetchObject()) + { + //email the url to user + $username=$urow->username; + $sql="update users set activation=? where email=?"; + $uid=uniqid(); + $db->query($sql,array($uid,$formData['email'])); + $mail=new WestdcMailer($this->view->config->smtp); + $mailtp=new EmailText($this->db, + 'member-fetchpwd', + array('user' => $username,'uid'=>$uid) + ); + $mail->setBodyText($mailtp->getBody()); + $mail->setFrom($this->view->config->service->email,'WDSCAR Service Team'); + $mail->setSubject($mailtp->getSubject()); + $mail->addTo($formData['email']); + $mail->send(); + $this->view->messages[]='Please check the activation link in your email.'; + $this->view->form=false;//do not echo form + } else + $this->messenger->addMessage('Sorry, the email is not found.'); + } + } else + $this->view->messages[]='Please input your email, you will get the new password in your email.'; + } else { + $sql="select * from users where username=? and activation=?"; + $uq=$db->query($sql,array($login,$key)); + $tmp_pwd=uniqid(); + if ($urow=$uq->fetchObject()) + { + $sql="update users set salt='',activation='',password=md5('".$tmp_pwd."') where username=? and activation=?"; + $db->query($sql,array($login,$key)); + $mail=new WestdcMailer($this->view->config->smtp); + $mailtp=new EmailText($this->db,'member-resetpwd', + array('user' => $login,'pwd'=>$tmp_pwd)); + $mail->setBodyText($mailtp->getBody()); + $mail->setFrom($this->view->config->service->email,'WDSCAR Service Team'); + $mail->setSubject($mailtp->getSubject()); + $mail->addTo($urow->email); + $mail->send(); + $this->view->messages[]='Please check your new password in your email.'; + $this->view->form=false;//do not echo form + } + } + }// function fetchpwdAction() +} + diff --git a/application/default/controllers/ServiceController.php b/application/default/controllers/ServiceController.php index 7cad0074..4a556c82 100644 --- a/application/default/controllers/ServiceController.php +++ b/application/default/controllers/ServiceController.php @@ -56,6 +56,13 @@ class ServiceController extends Zend_Controller_Action print base64_decode($thumb['data']); } } + + public function getFileinfo($id){ + $sql = "select * from attachments where id='$id'"; + $re= $this->db->query($sql); + $row= $re->fetch(); + return $row; + } /* * 查看数据缩略大图 @@ -115,8 +122,8 @@ class ServiceController extends Zend_Controller_Action $sql="select id,title,uuid,description,filesize,fileformat from metadata where east? and north?"; if (!empty($key)) { $search=new Search($key); - $where=$search->sql_expr(array("title","description")); - $sql.= " and ".$where; + $where=$search->sql_expr(array("title","description")); + $sql.= " and ".$where; $sql.= " order by title"; $rows=$this->db->fetchAll($sql,array($e,$w,$n,$s,'%'.$key.'%','%'.$key.'%')); } else { @@ -240,7 +247,7 @@ class ServiceController extends Zend_Controller_Action $sql="select uuid,title,datatype,filesize,id from normalmetadata"; $md=$this->db->fetchAll($sql); foreach($md as $m) - { + { print $m["uuid"].","; print $m["title"].","; print ($m["datatype"]?"内部":"公开").","; @@ -1052,7 +1059,7 @@ class ServiceController extends Zend_Controller_Action { if($page > 0) { - $pre = '
'; + $pre = '
'; } if($num > $pageSize*($page+1)) { @@ -1187,7 +1194,7 @@ class ServiceController extends Zend_Controller_Action { $pre = '<'; }else{ - $pre = '<'; + $pre = '<'; } if($num <= $pageSize*($page+1)) { @@ -1214,42 +1221,42 @@ class ServiceController extends Zend_Controller_Action } echo ''; echo $pagnation; - }//文档页面相关数据 - function geonetworkAction() - { + }//文档页面相关数据 + function geonetworkAction() + { $this->_helper->viewRenderer->setNoRender(); - $this->_helper->layout->disableLayout(); + $this->_helper->layout->disableLayout(); $auth = Zend_Auth::getInstance(); - $url = $this->config->geonetwork->url.'/srv/cn/'.urldecode($this->_request->getParam('url')); - if (!$auth->hasIdentity()) - { - $this->_redirect('/account/login?href=/service/geonetwork?url='.$url); - } - $user = $auth->getIdentity(); - //need to get pwd from database - $sql='select username,md5(password) as pwd from users where id='.$user->id; - $this->db->setFetchMode(Zend_Db::FETCH_OBJ); - $row=$this->db->fetchRow($sql); - $login=$this->config->geonetwork->url.'/srv/en/xml.user.login?username='.$row->username.'&password='.$row->pwd; - $body=' - - - + $url = $this->config->geonetwork->url.'/srv/cn/'.urldecode($this->_request->getParam('url')); + if (!$auth->hasIdentity()) + { + $this->_redirect('/account/login?href=/service/geonetwork?url='.$url); + } + $user = $auth->getIdentity(); + //need to get pwd from database + $sql='select username,md5(password) as pwd from users where id='.$user->id; + $this->db->setFetchMode(Zend_Db::FETCH_OBJ); + $row=$this->db->fetchRow($sql); + $login=$this->config->geonetwork->url.'/srv/en/xml.user.login?username='.$row->username.'&password='.$row->pwd; + $body=' + + + '; $this->getResponse()->setHeader('Content-Type', 'text/html') - ->setBody($body); + ->setBody($body); } /* @@ -1262,30 +1269,30 @@ class ServiceController extends Zend_Controller_Action include_once('ImgCode.php'); $imagecode=new Custom_Controller_Plugin_ImgCode(); $imagecode->image2(); - } - - //header output - function headerAction() - { + } + + //header output + function headerAction() + { $this->_helper->layout->disableLayout(); - $this->_helper->viewRenderer->setNoRender(); - $header=file_get_contents('../application/default/views/scripts/header.phtml'); + $this->_helper->viewRenderer->setNoRender(); + $header=file_get_contents('../application/default/views/scripts/header.phtml'); $content=''; - $content.=eval('?>'.$header); - $content.=''; + href="/css/default.css" />'; + $content.=eval('?>'.$header); + $content.=''; $this->getResponse()->setHeader('Content-Type', 'text/html') - ->setBody($content); - } - - //footer output - function footerAction() - { + ->setBody($content); + } + + //footer output + function footerAction() + { $this->_helper->layout->disableLayout(); - $this->_helper->viewRenderer->setNoRender(); - $footer=file_get_contents('../application/default/views/scripts/footer.phtml'); + $this->_helper->viewRenderer->setNoRender(); + $footer=file_get_contents('../application/default/views/scripts/footer.phtml'); $this->getResponse()->setHeader('Content-Type', 'text/html') - ->setBody($footer); - } + ->setBody($footer); + } } diff --git a/application/default/controllers/SubmitController.php b/application/default/controllers/SubmitController.php index 63eeea8b..4ec1ce0b 100644 --- a/application/default/controllers/SubmitController.php +++ b/application/default/controllers/SubmitController.php @@ -32,12 +32,12 @@ class SubmitController extends Zend_Controller_Action function helpAction(){ }//helpAction()帮助文档 - - //新建元数据 - function newdataAction() - { + + //新建元数据 + function newdataAction() + { $ac = $this->_request->getParam('ac'); - $id = $this->_request->getParam('id'); + $id = $this->_request->getParam('id'); $this->wdb=Zend_Db::factory($this->view->config->geonetwork); $auth = Zend_Auth::getInstance(); @@ -49,10 +49,10 @@ class SubmitController extends Zend_Controller_Action //在geonetwork中查看单条数据 if (!empty($id) && empty($ac)) - { + { $this->view->url='metadata.show?id='.$id; $this->_helper->viewRenderer('newdata-view'); - } + } //查看属于自己的所有的未提交数据列表 else if((empty($ac) && empty($uuid))|| $ac=='list') { @@ -71,168 +71,333 @@ class SubmitController extends Zend_Controller_Action $paginator->setView($this->view); Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml'); $this->view->paginator=$paginator; - } + } //元数据导入 else if($ac=="import") { $this->_helper->viewRenderer('newdata-import'); - } + } //从模板新建元数据 else if($ac=="add") - { + { $keywords = $this->_request->getParam('q'); - if(!empty($keywords)) + if(!empty($keywords)) { $this->view->q = $keywords; - $sql = "SELECT md.title,md.uuid,md.description,gn.id as gid FROM normalmetadata md + $sql = "SELECT md.title,md.uuid,md.description,gn.id as gid FROM normalmetadata md left join geonetworkmetadata gn on md.uuid=gn.uuid WHERE gn.id is not null"; $search=new Search($keywords); $where=$search->sql_expr(array("md.title","md.description")); - $sql.=' and '.$where; + $sql.=' and '.$where; $sql.=" order by md.ts_created desc"; $sth = $this->db->prepare($sql); $sth->execute(); $rows = $sth->fetchAll(); - + $paginator = Zend_Paginator::factory($rows); $paginator->setCurrentPageNumber($this->_getParam('page')); $paginator->setItemCountPerPage(10); $paginator->setView($this->view); Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml'); - $this->view->paginator=$paginator; - } - $sql="select id,(regexp_matches(data,'(.*)'))[1] as title from metadata where istemplate='y' and schemaid='iso19115'"; - $sth=$this->wdb->prepare($sql); - $sth->execute(); - $this->view->templates=$sth->fetchAll(); + $this->view->paginator=$paginator; + } + $sql="select id,(regexp_matches(data,'(.*)'))[1] as title from metadata where istemplate='y' and schemaid='iso19115'"; + $sth=$this->wdb->prepare($sql); + $sth->execute(); + $this->view->templates=$sth->fetchAll(); $this->_helper->viewRenderer('newdata-add'); - } - - //提交数据 - else if($ac=="commit") - { - $this->_helper->layout->disableLayout(); - $this->_helper->viewRenderer->setNoRender(); - - $data = ""; - try{ - $id = $this->_request->getParam('id'); - if(empty($id) || !is_numeric($id)) - { - $data = array("error"=>"参数错误"); - $this->jsonexit($data); - return true; - } - - $changelog = $this->_request->getParam('changelog'); - if(empty($changelog)) - { - $data = array("error"=>$this->alertbox('warning','请输入变更信息')); - $this->jsonexit($data); - return true; - } - - // 1. 权限认定:当前用户必须和其owner相同 - // 数据应当没有评审状态,没有作者信息 - $sql="select gn.id from geonetworkmetadata gn - left join mdstatus s on gn.uuid=s.uuid - left join mdauthor a on s.uuid=a.uuid - where s.id is not null and a.id is not null and gn.id=?"; - $sth=$this->db->prepare($sql); - $sth->execute(array($id)); - $row=$sth->fetch(); - if (!emtpy($row)) - { - $data = array("error"=>'错误的入口'); - $this->jsonexit($data); - return true; - } - - $sql="select uuid from metadata where id=? and owner=?"; - $sth=$this->wdb->prepare($sql); - $sth->execute(array($id,$u_id)); - $row=$sth->fetch(); - if (empty($row)) - { - $data = array("error"=>'无权限修改数据'); - $this->jsonexit($data); - return true; - } - // 保存数据作者信息 - $sql="insert into mdauthor (uuid,userid,ts_activated,status) values(?,?,now(),1)"; - $sth=$this->db->query($sql,array($row['uuid'],$u_id)); - - // 2. 保存变化记录 save changelog & userid for the latest version - $sql = "UPDATE mdversion SET changelog=?,userid=? WHERE id in (select id from mdversion where uuid=? order by ts_created desc limit 1)"; - $this->db->query($sql,array($changelog,$u_id,$row['uuid'])); - - // 3. 保存数据评审状态 - //导入元数据 - $iso=new ISO19115(); - $iso->saveDB($this->db,$row['xml']); - //进入评审库 - $sql="insert into mdstatus (uuid,status,userid) select uuid,0,? from mdversion where id=?"; - $this->db->query($sql,array($u_id,$id)); - - //email to admin - $mail=new WestdcMailer($this->view->config->smtp); - $mail->setFrom($this->view->config->service->email,'西部数据中心服务组'); - $mailtp=new EmailText($this->db,"metadata-new-admin",array( - 'user' => $user->username, - 'uuid' => $iso->uuid, - 'email'=> $user->email, - //元数据标题 - 'title'=> $iso->resTitle, - )); - $mail->setBodyText($mailtp->getBody()); - $mail->setSubject($mailtp->getSubject()); - if($this->debug==0) - { - $mail->addTo($this->view->config->service->email); - }else{ - $mail->addTo($this->debug_email); - } - $mail->send(); - - unset($mail); - unset($mailtp); - //email to author - $mail=new WestdcMailer($this->view->config->smtp); - $mail->setFrom($this->view->config->service->email,'西部数据中心服务组'); - $mailtp=new EmailText($this->db,"metadata-new-author",array( - 'user' => $user->username, - 'uuid' => $iso->uuid, - 'email'=> $user->email, - //元数据标题 - 'title'=> $iso->resTitle, - )); - $mail->setBodyText($mailtp->getBody()); - $mail->setSubject($mailtp->getSubject()); - if($this->debug==0) - { - $mail->addTo($user->email); - $mail->addCc($this->view->config->service->email); - }else{ - $mail->addTo($this->debug_email); - } - @$mail->send(); - - $data = array("commited"=>1,"error"=>$this->alertbox('ok','该版本已经成功提交,请等待数据中心进一步处理!')); - $this->jsonexit($data); - return true; - }catch(Exception $e) { - $msg = "提交失败,请确认权限后重试"; - if($this->debug>0) - {$msg .= $e->getMessage();} - $data = array("error"=>$this->alertbox('error',$msg)); - $this->jsonexit($data); - return true; - } - } + } + + //提交数据 + else if($ac=="commit") + { + $this->_helper->layout->disableLayout(); + $this->_helper->viewRenderer->setNoRender(); + + $data = ""; + try{ + $id = $this->_request->getParam('id'); + if(empty($id) || !is_numeric($id)) + { + $data = array("error"=>"参数错误"); + $this->jsonexit($data); + return true; + } + + $changelog = $this->_request->getParam('changelog'); + if(empty($changelog)) + { + $data = array("error"=>$this->alertbox('warning','请输入变更信息')); + $this->jsonexit($data); + return true; + } + + // 1. 权限认定:当前用户必须和其owner相同 + // 数据应当没有评审状态,没有作者信息 + $sql="select gn.id from geonetworkmetadata gn + left join mdstatus s on gn.uuid=s.uuid + left join mdauthor a on s.uuid=a.uuid + where s.id is not null and a.id is not null and gn.id=?"; + $sth=$this->db->prepare($sql); + $sth->execute(array($id)); + $row=$sth->fetch(); + if (!emtpy($row)) + { + $data = array("error"=>'错误的入口'); + $this->jsonexit($data); + return true; + } + + $sql="select uuid from metadata where id=? and owner=?"; + $sth=$this->wdb->prepare($sql); + $sth->execute(array($id,$u_id)); + $row=$sth->fetch(); + if (empty($row)) + { + $data = array("error"=>'无权限修改数据'); + $this->jsonexit($data); + return true; + } + // 保存数据作者信息 + $sql="insert into mdauthor (uuid,userid,ts_activated,status) values(?,?,now(),1)"; + $sth=$this->db->query($sql,array($row['uuid'],$u_id)); + + // 2. 保存变化记录 save changelog & userid for the latest version + $sql = "UPDATE mdversion SET changelog=?,userid=? WHERE id in (select id from mdversion where uuid=? order by ts_created desc limit 1)"; + $this->db->query($sql,array($changelog,$u_id,$row['uuid'])); + + // 3. 保存数据评审状态 + //导入元数据 + $iso=new ISO19115(); + $iso->saveDB($this->db,$row['xml']); + //进入评审库 + $sql="insert into mdstatus (uuid,status,userid) select uuid,0,? from mdversion where id=?"; + $this->db->query($sql,array($u_id,$id)); + + //email to admin + $mail=new WestdcMailer($this->view->config->smtp); + $mail->setFrom($this->view->config->service->email,'西部数据中心服务组'); + $mailtp=new EmailText($this->db,"metadata-new-admin",array( + 'user' => $user->username, + 'uuid' => $iso->uuid, + 'email'=> $user->email, + //元数据标题 + 'title'=> $iso->resTitle, + )); + $mail->setBodyText($mailtp->getBody()); + $mail->setSubject($mailtp->getSubject()); + if($this->debug==0) + { + $mail->addTo($this->view->config->service->email); + }else{ + $mail->addTo($this->debug_email); + } + $mail->send(); + + unset($mail); + unset($mailtp); + //email to author + $mail=new WestdcMailer($this->view->config->smtp); + $mail->setFrom($this->view->config->service->email,'西部数据中心服务组'); + $mailtp=new EmailText($this->db,"metadata-new-author",array( + 'user' => $user->username, + 'uuid' => $iso->uuid, + 'email'=> $user->email, + //元数据标题 + 'title'=> $iso->resTitle, + )); + $mail->setBodyText($mailtp->getBody()); + $mail->setSubject($mailtp->getSubject()); + if($this->debug==0) + { + $mail->addTo($user->email); + $mail->addCc($this->view->config->service->email); + }else{ + $mail->addTo($this->debug_email); + } + @$mail->send(); + + $data = array("commited"=>1,"error"=>$this->alertbox('ok','该版本已经成功提交,请等待数据中心进一步处理!')); + $this->jsonexit($data); + return true; + }catch(Exception $e) { + $msg = "提交失败,请确认权限后重试"; + if($this->debug>0) + {$msg .= $e->getMessage();} + $data = array("error"=>$this->alertbox('error',$msg)); + $this->jsonexit($data); + return true; + } + } } + function uploadAction(){ + + $uuid = $this->_request->getParam('uuid'); + + $this->view->uuid=$uuid; + + $ac = $this->_request->getParam('ac'); + + $dataFilePath = "../data/"; + + if($ac=='submit') + { + + $this->_helper->layout()->disableLayout(); + $this->_helper->viewRenderer->setNoRender(); + + $auth = Zend_Auth::getInstance(); + if($auth->hasIdentity()) + { + $user = $auth->getIdentity(); + $userid = $user->id; + } + + if(empty($userid)) + { + $data = array("error"=>'请先登录后进行操作'); + $this->jsonexit($data); + return true; + } + + if(empty($uuid)) + { + $data = array("error"=>'参数错误'.$uuid); + $this->jsonexit($data); + return true; + } + + $files = $_REQUEST['files']; + + if(empty($files) || !is_array($files)) + { + $data = array("error"=>'请先上传文件'); + $this->jsonexit($data); + return true; + } + + //sql + + $data = array("error"=>'数据文件保存成功'); + $this->jsonexit($data); + return true; + + + + + } + + + if(empty($ac) && !empty($_FILES['Filedata'])) + { + $this->_helper->layout()->disableLayout(); + $this->_helper->viewRenderer->setNoRender(); + $data = ""; + try{ + $auth = Zend_Auth::getInstance(); + if($auth->hasIdentity()) + { + $user = $auth->getIdentity(); + $userid = $user->id; + } + + if(empty($userid)||!is_numeric($userid)){ + $data = array("error"=>'请先登录'); + $this->jsonexit($data); + return true; + } + + include("files.php"); + $msg = files::dataFilesUpload($dataFilePath,$_FILES['Filedata'],'datafiles',$uuid); + + if(empty($msg['error'])) + { + $filename = $msg['db_path']; + $filesize = $msg['file_size']; + $filedesc = $this->_request->getParam('filedesc'); + $filetype = $this->_request->getParam('dir'); + $realname = $msg['realname']; + $fileurl = $msg['file_url']; + + $sql = "insert into attachments (filename,filetype,filedesc,userid,filesize,realname) values ('$filename','datafiles','$filedesc','$userid','$filesize','$realname') RETURNING id"; + $sth = $this->db->prepare($sql); + $sth->execute(); + $att = $sth->fetch(PDO::FETCH_ASSOC); + $attid = $att['id']; + + $html = $realname.'[已完成]
'; + + $data = array( + 'html'=>$html, + 'attid'=>$attid, + 'error'=>'' + ); + echo Zend_Json::encode($data); + exit(); + }else{ + @unlink($filename); + $data = array( + 'error'=>'附件上传失败:'.$msg['error'], + ); + echo Zend_Json::encode($data); + exit(); + } + + }catch(Exception $e){ + if($this->debug>0) + { + $error="错误:".$e->getMessage(); + }else{ + $error="处理中发生错误"; + } + $data = array( + 'error'=>$error, + ); + echo Zend_Json::encode($data); + exit(); + } + } + + if($ac == 'del') + { + $this->_helper->layout()->disableLayout(); + $this->_helper->viewRenderer->setNoRender(); + + $id = $this->_request->getParam('id'); + + $info = $this->getFileinfo($id); + $filepath = $dataFilePath.$info['filename']; + try{ + $auth = Zend_Auth::getInstance(); + if($auth->hasIdentity()) + { + $user = $auth->getIdentity(); + $userid = $user->id; + $sql = "delete from attachments where id='$id' and userid='$userid'"; + if($this->db->exec($sql)>0) + { + @unlink($filepath); + echo "ok"; + } + } + + }catch(Exception $e){} + //不输出任何错误 + } + + } + + + public function getFileinfo($id){ + $sql = "select * from attachments where id='$id'"; + $re= $this->db->query($sql); + $row= $re->fetch(); + return $row; + } + //成为作者后的后继处理工作 private function author_first($uuid,$author) { diff --git a/application/default/views/scripts/account/login.phtml b/application/default/views/scripts/account/login.phtml index 65e2c98e..6172e237 100755 --- a/application/default/views/scripts/account/login.phtml +++ b/application/default/views/scripts/account/login.phtml @@ -1,23 +1,96 @@ -headTitle($this->config->title->site); - $this->headTitle('用户登录'); - $this->headTitle()->setSeparator(' - '); - $this->headLink()->appendStylesheet('/css/register.css'); - $this->breadcrumb('首页'); - $this->breadcrumb('用户登录'); - $this->breadcrumb()->setSeparator(' > '); -?> -
-西部数据中心用户登录 -form;?> -
-
-忘记密码?注册新用户 -
-messages)) : ?> -
-messages as $info)echo $info; - ?> -
- \ No newline at end of file +headTitle($this->config->title->site); + $this->headTitle('首页'); + $this->headScript()->appendFile('/static/js/ajaxform.js'); +?> + +
+
+
+ + + +
+ +
+ +
+ +

登录

+ +
+ +

+
+ +

+ +

+
+ +

+ +

+
+  
+ 请输入图片中的字母和或数字,看不清? +

+ +

+ + +

+ +

+   Forgot password? +

+

+
 
+ + +
+ + + +
+ + +
+ +
+ \ No newline at end of file diff --git a/application/default/views/scripts/account/register.phtml b/application/default/views/scripts/account/register.phtml index 7e7c24e8..2c2d1285 100755 --- a/application/default/views/scripts/account/register.phtml +++ b/application/default/views/scripts/account/register.phtml @@ -1,18 +1,90 @@ -headTitle($this->config->title->site); - $this->headTitle('用户注册'); - $this->headTitle()->setSeparator(' - '); - $this->headLink()->appendStylesheet('/css/register.css'); - $this->breadcrumb('首页'); - $this->breadcrumb('用户注册'); - $this->breadcrumb()->setSeparator(' > '); -?> -
- 确认服务条款   -   - 填写基本信息   -   - 注册完成 - - -form;?>
\ No newline at end of file +headTitle($this->config->title->site); + $this->headTitle('首页'); + $this->headScript()->appendFile('/static/js/ajaxform.js'); + $this->headScript()->appendFile('/static/js/jquery.passwordStrength.js'); +?> + +
+
+
+ + + +
+ +
+ +
+
+
+ 注册 +

+
+
+ 用于在网站登录 +

+

+
+
+ 请填写真实姓名 +

+

+
+ +

+

+
+ +

+

+
+ +

+

+
+ +

+

+
+ +

+

+
+ +

+

+

+

+

+
+ +

+

+
+  
+ 请输入图片中的字母和或数字 +

+

+

+ +

+
+
+

+ +

+ +
+
+
+ + \ No newline at end of file diff --git a/application/default/views/scripts/account/sign.phtml b/application/default/views/scripts/account/sign.phtml new file mode 100644 index 00000000..1d7a8259 --- /dev/null +++ b/application/default/views/scripts/account/sign.phtml @@ -0,0 +1,90 @@ +headTitle($this->config->title->site); + $this->headTitle('首页'); + $this->headScript()->appendFile('/static/js/ajaxform.js'); + $this->headScript()->appendFile('/static/js/jquery.passwordStrength.js'); +?> + +
+
+
+ + + +
+ +
+ +
+
+
+ 注册 +

+
+
+ 用于在网站登录 +

+

+
+
+ 请填写真实姓名 +

+

+
+ +

+

+
+ +

+

+
+ +

+

+
+ +

+

+
+ +

+

+
+ +

+

+

+

+

+
+ +

+

+
+  
+ 请输入图片中的字母和或数字 +

+

+

+ +

+
+
+

+ +

+ +
+
+
+ + \ No newline at end of file diff --git a/application/default/views/scripts/index/index.phtml b/application/default/views/scripts/index/index.phtml index f7fccada..dd9710e3 100755 --- a/application/default/views/scripts/index/index.phtml +++ b/application/default/views/scripts/index/index.phtml @@ -16,7 +16,11 @@ 详细 - +
+ +
mdrandom->title; ?>更多数据>>
@@ -58,7 +62,7 @@
-
    +
      mdrandoms as $v) { diff --git a/application/default/views/scripts/submit/navi.phtml b/application/default/views/scripts/submit/navi.phtml index 977a5d86..998b6382 100644 --- a/application/default/views/scripts/submit/navi.phtml +++ b/application/default/views/scripts/submit/navi.phtml @@ -1,6 +1,5 @@ \ No newline at end of file diff --git a/application/default/views/scripts/submit/newdata.phtml b/application/default/views/scripts/submit/newdata.phtml index 45731886..e93ab552 100644 --- a/application/default/views/scripts/submit/newdata.phtml +++ b/application/default/views/scripts/submit/newdata.phtml @@ -43,6 +43,7 @@ $this->breadcrumb()->setSeparator(' > '); | 在geonetwork里修改 | 删除此条数据 | 提交评审发布 + | 上传数据

      headTitle($this->config->title->site); +$this->headTitle($this->config->title->submit); +$this->headTitle()->setSeparator(' - '); +$this->headScript()->appendFile('/js/jquery-1.7.min.js'); +$this->headLink()->appendStylesheet('/css/author.css'); +if(!empty($this->uuid)) +{ +$this->headLink()->appendStylesheet('/static/js/uploadify/uploadify.css'); +$this->headScript()->appendFile('/static/js/uploadify/swfobject.js'); +$this->headScript()->appendFile('/static/js/uploadify/jquery.uploadify.v2.1.4.min.js'); +} +$this->headScript()->appendFile('/js/jquery.colorbox-min.js'); +$this->headLink()->appendStylesheet('/css/colorbox.css'); +$this->breadcrumb('首页'); +$this->breadcrumb($this->config->title->submit); +$this->breadcrumb()->setSeparator(' > '); +?> + + + + + +
      + +
      + + uuid)) + { + ?> + + +

      + +

      + +
      +

      + + + + + +
      +
      + + \ No newline at end of file diff --git a/application/models/ajax/box.php b/application/models/ajax/box.php new file mode 100644 index 00000000..d2be2d3d --- /dev/null +++ b/application/models/ajax/box.php @@ -0,0 +1,23 @@ +'.$text.'
'; + } + + static function success($text) + { + return '
'.$text.'
'; + } + + static function error($text) + { + return '
'.$text.'
'; + } +} \ No newline at end of file diff --git a/application/models/files.php b/application/models/files.php index c8ebebf3..14ab9aa6 100644 --- a/application/models/files.php +++ b/application/models/files.php @@ -27,7 +27,8 @@ class files{ 'media' => array('swf', 'flv', 'mp3', 'wav', 'wma', 'wmv', 'mid', 'avi', 'mpg', 'asf', 'rm', 'rmvb'), 'file' => array('doc', 'docx', 'xls', 'xlsx', 'ppt', 'htm', 'html', 'txt', 'zip', 'rar', 'gz', 'bz2'), 'reviewatt'=>array('doc', 'docx', 'xls', 'xlsx', 'ppt', 'htm', 'html', 'txt', 'zip', 'rar', 'gz', 'bz2','gif', 'jpg', 'jpeg', 'png', 'bmp','pdf','odt'), - 'md'=>array('doc', 'docx', 'xls', 'xlsx', 'ppt', 'htm', 'html', 'txt', 'zip', 'rar', 'gz', 'bz2','gif', 'jpg', 'jpeg', 'png', 'bmp','pdf','odt') + 'md'=>array('doc', 'docx', 'xls', 'xlsx', 'ppt', 'htm', 'html', 'txt', 'zip', 'rar', 'gz', 'bz2','gif', 'jpg', 'jpeg', 'png', 'bmp','pdf','odt'), + 'datafiles'=>array('zip','*') ); //最大文件大小 $max_size = 10485760; @@ -75,8 +76,9 @@ class files{ $file_ext = array_pop($temp_arr); $file_ext = trim($file_ext); $file_ext = strtolower($file_ext); + //检查扩展名 - if (in_array($file_ext, $ext_arr[$dir_name]) === false) { + if (in_array($file_ext, $ext_arr[$dir_name]) === false && !in_array('*',$ext_arr[$dir_name])) { $msg['error'] = "上传文件扩展名是不允许的扩展名。\n只允许" . implode(",", $ext_arr[$dir_name]) . "格式。"; } else @@ -142,6 +144,132 @@ class files{ } }//文件上传 + static function dataFilesUpload($path,$files,$dir,$uuid) + { + $msg=array(); + + //判断UUID + if(empty($uuid)) + { + $msg['error']="缺少参数"; + return $msg; + } + + if(empty($files)) + { + $msg['error']="缺少文件"; + return $msg; + } + + + //文件保存目录路径 + $save_path = $path; + //文件保存目录URL + $save_url = $path; + //定义允许上传的文件扩展名 + $ext_arr = array( + 'datafiles'=>array('zip','*') + ); + //最大文件大小 + $max_size = 10485760; + + //$save_path = realpath($save_path). '/'; + + //有上传文件时 + if (empty($files) === false) { + + //原文件名 + $file_name = $files['name']; + //服务器上临时文件名 + $tmp_name = $files['tmp_name']; + //文件大小 + $file_size = $files['size']; + //目录名 + $dir_name = empty($dir) ? 'image' : trim($dir); + //检查文件名 + if (!$file_name) { + $msg['error'] = "请选择文件。"; + } + //检查目录 + else if (@is_dir($save_path) === false) { + $msg['error'] = "上传目录不存在。请联系管理员"; + } + //检查目录写权限 + else if (@is_writable($save_path) === false) { + $msg['error'] = "上传目录没有写权限。请联系管理员"; + } + //检查是否已上传 + else if (@is_uploaded_file($tmp_name) === false) { + $msg['error'] = "临时文件可能不是上传文件。或者文件类型不在允许的范围内,请重新上传"; + } + //检查文件大小 + else if ($file_size > $max_size) { + $msg['error'] = "上传文件大小超过限制。"; + } + //检查目录名 + else if (empty($ext_arr[$dir_name])) { + $msg['error'] = "目录名不正确。"; + } + else + { + //获得文件扩展名 + $temp_arr = explode(".", $file_name); + $file_ext = array_pop($temp_arr); + $file_ext = trim($file_ext); + $file_ext = strtolower($file_ext); + + //检查扩展名 + if (in_array($file_ext, $ext_arr[$dir_name]) === false && !in_array('*',$ext_arr[$dir_name])) { + $msg['error'] = "上传文件扩展名是不允许的扩展名。\n只允许" . implode(",", $ext_arr[$dir_name]) . "格式。"; + } + else + { + //创建文件夹 + + $dbsave = ""; //数据库中存放的路径 + + if ($dir_name !== '') { + $save_path .= $dir_name . "/"; + $save_url .= $dir_name . "/"; + $dbsave = $dir_name.'/'; + if (!file_exists($save_path)) { + mkdir($save_path); + } + } + + if($uuid!='') + { + $save_path .= $uuid . "/"; + $save_url .= $uuid . "/"; + $dbsave = $uuid.'/'; + if (!file_exists($save_path)) { + mkdir($save_path); + } + } + + //新文件名 + $new_file_name = date("YmdHis") . '_' . rand(10000, 99999) . '.' . $file_ext; + //移动文件 + $file_path = $save_path . $new_file_name; + + if (move_uploaded_file($tmp_name, $file_path) === false) { + $msg['error'] = "上传文件失败。"; + } + //数据库最终存储的文件 + $dbsave .= $new_file_name; + @chmod($file_path, 0644); + $file_url = $save_url . $new_file_name; + $msg['file_url'] = $file_url; + $msg['file_size'] = $file_size; + $msg['db_path'] = $dbsave; + $msg['realname'] = $file_name; + $msg['file_type'] = $dir_name; + }//检查扩展名 + }//目录正确性 + return $msg; + } + }//数据文件上传 + /** * getOne() * diff --git a/htdocs/static/css/default.css b/htdocs/static/css/default.css index 042360d4..f5ae03c0 100644 --- a/htdocs/static/css/default.css +++ b/htdocs/static/css/default.css @@ -27,7 +27,7 @@ input, select {vertical-align:middle;} ul,ul li{list-style:none;} /* Base ---------------------------------------------------------------------*/ -body {font-family:"Helvetica Neue",Helvetica,Arial,sans-serif;line-height:1.5;font-size:12px;background-color:#FFF;color:#666;margin:0 auto;} +body {font-family:Arial, Helvetica, sans-serif;line-height:1.5;font-size:12px;background-color:#FFF;color:#666;margin:0 auto;} a {outline:none;} h1,h2,h3,h4,h5,h6 {color:#4D5762;position:relative;word-spacing:-0.1em;} h4,h5,h6 {font-weight:bold;} @@ -181,6 +181,8 @@ input[type="submit"]:hover,.btn:hover, .btn:focus, .btn:active {outline:medium n .header .nav .main ul li{float:right;background:url(/static/images/nav_tab.png) 0 0 no-repeat;width:130px;height:32px;line-height:32px;text-align:center;margin:0 2px;font-size:14px;font-weight:bold;} .header .nav .main ul li:hover{background:url(/static/images/nav_tab_hover.gif) 0 0 no-repeat;} .header .nav .main ul li.current{background:url(/static/images/nav_tab_hover.gif) 0 0 no-repeat;} +.header .nav .main ul li a span{font-size:16px;font-family:"黑体",Tahoma, Geneva, sans-serif;font-weight:normal;} + .footer{border-top:1px solid #003e67;border-bottom:1px solid #003e67;text-align:center;padding:10px 0;margin:10px 0 10px 0;} @@ -230,4 +232,7 @@ input[type="submit"]:hover,.btn:hover, .btn:focus, .btn:active {outline:medium n #slideshowHolder{ background-repeat:no-repeat; background-position:center center;} #featureimg{border-width:1px;border-style:solid;float:left;margin:5px;width:250px;} -.thumbimg{border-width:1px;border-style:solid;float:left;margin:5px;} \ No newline at end of file +.thumbimg{border-width:1px;border-style:solid;float:left;margin:5px;} + +#dmadslider{position: relative; height: 120px; width: 660px;} +#dmadslider li{height:120px;width:660px;position:absolute;left:0px;top: 0px;} \ No newline at end of file diff --git a/htdocs/static/images/dmad.jpg b/htdocs/static/images/dmad.jpg index 4a79a2e0..85f3e4bb 100644 Binary files a/htdocs/static/images/dmad.jpg and b/htdocs/static/images/dmad.jpg differ diff --git a/htdocs/static/js/ajaxform.js b/htdocs/static/js/ajaxform.js new file mode 100644 index 00000000..f43e052c --- /dev/null +++ b/htdocs/static/js/ajaxform.js @@ -0,0 +1,54 @@ +(function( $ ){ + + $.fn.ajaxform = function(options) { + + var defualts = { + //提交按钮 + 'submitBtn':'#submit', + //method + 'method':'POST', + //返回信息的容器 + 'returnInfoBox':'', + //加载时按钮上显示的文字 + 'loadingText':'Submit...', + //ajax url + 'url':'' + }; + var opts = $.extend({}, defualts, options); + var form = $(this); + //this.each(function() { + if(opts.submitBtn=='' || opts.url=='') + { + return false; + } + + var savebtn = opts.submitBtn; + var reinfo = opts.returnInfoBox; + var btn = $(savebtn).html(); + + if(opts.returnInfoBox == '') + { + $(this).append('

'); + reinfo = opts.form + ' .ajax-return-info-box'; + } + + $(opts.submitBtn).bind('click', function() { + $.ajax({ + 'type':"POST", + 'url':opts.url, + 'data':form.serialize(), + 'success':function(html){ + $(savebtn).html(btn); + $(reinfo).html(html); + setTimeout("$('"+savebtn+"').removeAttr('disabled');$('"+reinfo+"').html('')",3000); + }, + 'beforeSend':function(){ + $(savebtn).attr('disabled','disabled'); + $(savebtn).html(opts.loadingText); + } + }); + }); + + //}); + }; +})( jQuery ); \ No newline at end of file diff --git a/htdocs/static/js/ie6.js b/htdocs/static/js/ie6.js new file mode 100644 index 00000000..b4b8dbae --- /dev/null +++ b/htdocs/static/js/ie6.js @@ -0,0 +1,11 @@ + +$(function(){ + if($.browser.msie && $.browser.version<7) + $('#top').before( + '
'+ + 'It has been detected that you are using Internet Explorer 6 or lower.
Unfortunately this is an unsupported '+ + 'browser and you won\'t be able to view this website properly.
We recommend upgrading to a newer version of '+ + 'Internet Explorer or FireFox.'+ + '
' + ); +}); diff --git a/htdocs/static/js/jquery.floom.js b/htdocs/static/js/jquery.floom.js new file mode 100644 index 00000000..8b8bac92 --- /dev/null +++ b/htdocs/static/js/jquery.floom.js @@ -0,0 +1,181 @@ + +window.onerror=function(desc,page,line,chr){ +/* alert('JavaScript error occurred! \n' + +'\nError description: \t'+desc + +'\nPage address: \t'+page + +'\nLine number: \t'+line + );*/ +} + +$(function(){ + $('a').focus(function(){this.blur();}); + SI.Files.stylizeAll(); + slider.init(); + + $('input.text-default').each(function(){ + $(this).attr('default',$(this).val()); + }).focus(function(){ + if($(this).val()==$(this).attr('default')) + $(this).val(''); + }).blur(function(){ + if($(this).val()=='') + $(this).val($(this).attr('default')); + }); + + $('input.text,textarea.text').focus(function(){ + $(this).addClass('textfocus'); + }).blur(function(){ + $(this).removeClass('textfocus'); + }); + + var popopenobj=0,popopenaobj=null; + $('a.popup').click(function(){ + var pid=$(this).attr('rel').split('|')[0],_os=parseInt($(this).attr('rel').split('|')[1]); + var pobj=$('#'+pid); + if(!pobj.length) + return false; + if(typeof popopenobj=='object' && popopenobj.attr('id')!=pid){ + popopenobj.hide(50); + $(popopenaobj).parent().removeClass(popopenobj.attr('id').split('-')[1]+'-open'); + popopenobj=null; + } + return false; + }); + $('p.images img').click(function(){ + var newbg=$(this).attr('src').split('bg/bg')[1].split('-thumb')[0]; + $(document.body).css('backgroundImage','url('+_siteRoot+'images/bg/bg'+newbg+'.jpg)'); + + $(this).parent().find('img').removeClass('on'); + $(this).addClass('on'); + return false; + }); + $(window).load(function(){ + $.each(css_ims,function(){(new Image()).src=_siteRoot+'css/images/'+this;}); + $.each(css_cims,function(){ + var css_im=this; + $.each(['blue','purple','pink','red','grey','green','yellow','orange'],function(){ + (new Image()).src=_siteRoot+'css/'+this+'/'+css_im; + }); + }); + }); + $('div.sc-large div.img:has(div.tml)').each(function(){ + $('div.tml',this).hide(); + $(this).append(' ').find('a').css({ + left:parseInt($(this).offset().left)+864,top:parseInt($(this).offset().top)+1 + }).click(function(){ + $(this).siblings('div.tml').slideToggle(); + return false; + }).focus(function(){this.blur();}); + }); +}); +var slider={ + num:-1, + cur:0, + cr:[], + al:null, + at:10*1000, + ar:true, + init:function(){ + if(!slider.data || !slider.data.length) + return false; + + var d=slider.data; + slider.num=d.length; + var pos=Math.floor(Math.random()*1);//slider.num); + for(var i=0;i'+(i+1)+''); + } + + $('img,div#slide-controls',$('div#slide-holder')).fadeIn(); + slider.text(d[pos]); + slider.on(pos); + slider.cur=pos; + window.setTimeout('slider.auto();',slider.at); + }, + auto:function(){ + if(!slider.ar) + return false; + + var next=slider.cur+1; + if(next>=slider.num) next=0; + slider.slide(next); + }, + slide:function(pos){ + if(pos<0 || pos>=slider.num || pos==slider.cur) + return; + + window.clearTimeout(slider.al); + slider.al=window.setTimeout('slider.auto();',slider.at); + + var d=slider.data; + for(var i=0;i | 2007-09-07 +if(!window.SI){var SI={};}; +SI.Files={ + htmlClass:'SI-FILES-STYLIZED', + fileClass:'file', + wrapClass:'cabinet', + + fini:false, + able:false, + init:function(){ + this.fini=true; + }, + stylize:function(elem){ + if(!this.fini){this.init();}; + if(!this.able){return;}; + + elem.parentNode.file=elem; + elem.parentNode.onmousemove=function(e){ + if(typeof e=='undefined') e=window.event; + if(typeof e.pageY=='undefined' && typeof e.clientX=='number' && document.documentElement){ + e.pageX=e.clientX+document.documentElement.scrollLeft; + e.pageY=e.clientY+document.documentElement.scrollTop; + }; + var ox=oy=0; + var elem=this; + if(elem.offsetParent){ + ox=elem.offsetLeft; + oy=elem.offsetTop; + while(elem=elem.offsetParent){ + ox+=elem.offsetLeft; + oy+=elem.offsetTop; + }; + }; + }; + }, + stylizeAll:function(){ + if(!this.fini){this.init();}; + if(!this.able){return;}; + } +}; \ No newline at end of file diff --git a/htdocs/static/js/jquery.passwordStrength.js b/htdocs/static/js/jquery.passwordStrength.js new file mode 100644 index 00000000..724daf6f --- /dev/null +++ b/htdocs/static/js/jquery.passwordStrength.js @@ -0,0 +1,62 @@ +$.fn.passwordStrength = function(options){ + return this.each(function(){ + var that = this;that.opts = {}; + that.opts = $.extend({}, $.fn.passwordStrength.defaults, options); + + that.div = $(that.opts.targetDiv); + that.defaultClass = that.div.attr('class'); + + that.percents = (that.opts.classes.length) ? 100 / that.opts.classes.length : 100; + v = $(this).keyup(function(){ + if( typeof el == "undefined" ) + this.el = $(this); + var s = getPasswordStrength (this.value); + var p = this.percents; + var t = Math.floor( s / p ); + if( 100 <= s ) t = this.opts.classes.length - 1; + this.div.removeAttr('class').addClass( this.defaultClass ).addClass( this.opts.classes[ t ]); + }) + }); + //ȡǿ + function getPasswordStrength(H){ + var D=(H.length); + if(D>5){ + D=5 + } + var F=H.replace(/[0-9]/g,""); + var G=(H.length-F.length); + if(G>3){G=3} + var A=H.replace(/\W/g,""); + var C=(H.length-A.length); + if(C>3){C=3} + var B=H.replace(/[A-Z]/g,""); + var I=(H.length-B.length); + if(I>3){I=3} + var E=((D*10)-20)+(G*10)+(C*15)+(I*10); + if(E<0){E=0} + if(E>100){E=100} + return E + } + +}; + +$.fn.passwordStrength.defaults = { + classes : Array('is10','is20','is30','is40','is50','is60','is70','is80','is90','is100'), + targetDiv : '#passwordStrengthDiv', + cache : {} +} +$.passwordStrength = {}; +$.passwordStrength.getRandomPassword = function(size){ + var chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; + var size = size || 8; + var i = 1; + var ret = "" + while ( i <= size ) { + $max = chars.length-1; + $num = Math.floor(Math.random()*$max); + $temp = chars.substr($num, 1); + ret += $temp; + i++; + } + return ret; +} \ No newline at end of file