From fc1690719721105bf34aee9224d21870658fe7f6 Mon Sep 17 00:00:00 2001
From: wlx <wangliangxu@lzb.ac.cn>
Date: Tue, 24 Jun 2014 09:03:03 +0000
Subject: [PATCH 1/8] fix #621

---
 application/module/Order/Order.php | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/application/module/Order/Order.php b/application/module/Order/Order.php
index c55a7be5..bdd0ecb4 100644
--- a/application/module/Order/Order.php
+++ b/application/module/Order/Order.php
@@ -153,10 +153,14 @@ class Order
 		{
 			$uid = view::User('id');
 		}
-		
+
+		$sql = "select count(*) as cnt from dataorder where status=1 and uuid in (select uuid from $this->config->sub->metadata) and userid=".$uid;
+		$row=$this->db->FetchRow($sql);
+		if ($row['cnt']>=$this->config->download->max) return "一次申请不能大于5条数据！请移除部分数据。";
+			
 		if($id == -1)
-		{
-			$sql = $this->db->quoteInto("update dataorder set status=2 where status=1 and userid=?",$uid);
+		{		
+			$sql = $this->db->quoteInto("update dataorder set status=2 where status=1 and uuid in (select uuid from $this->config->sub->metadata) and userid=?",$uid);
     		if($this->db->exec($sql))
 			{
 				return true;

From 2d46a2be15bf274fe90b183e596e6cfa2f85200d Mon Sep 17 00:00:00 2001
From: wlx <wangliangxu@lzb.ac.cn>
Date: Tue, 15 Jul 2014 06:11:27 +0000
Subject: [PATCH 2/8] #624, remove the newdata link

---
 application/admin/views/scripts/data/left.phtml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/application/admin/views/scripts/data/left.phtml b/application/admin/views/scripts/data/left.phtml
index 8ec3a7f9..6f215142 100644
--- a/application/admin/views/scripts/data/left.phtml
+++ b/application/admin/views/scripts/data/left.phtml
@@ -3,7 +3,6 @@
     <li class="nav-header"><h4>数据管理</h4></li>
     <li class="divider"></li>
     <li><a href="/admin/data/md">元数据管理</a></li>
-    <li><a href="/admin/data/newdata">新建元数据</a></li>
     <li><a href="/admin/data/author">数据作者管理</a></li>
     <li><a href="/admin/data/version">数据版本管理</a></li>
     <li><a href="/admin/data/comment">数据反馈管理</a></li>

From 576b389bfa9333c88128f6c22f653a368b01f931 Mon Sep 17 00:00:00 2001
From: wlx <wangliangxu@lzb.ac.cn>
Date: Tue, 15 Jul 2014 06:45:23 +0000
Subject: [PATCH 3/8] =?UTF-8?q?=E7=A7=BB=E9=99=A4=E6=94=AF=E6=8C=81?=
 =?UTF-8?q?=E9=A1=B9=E7=9B=AE=E7=AE=A1=E7=90=86=E5=8A=9F=E8=83=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 application/admin/views/scripts/data/left.phtml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/application/admin/views/scripts/data/left.phtml b/application/admin/views/scripts/data/left.phtml
index 6f215142..480b898b 100644
--- a/application/admin/views/scripts/data/left.phtml
+++ b/application/admin/views/scripts/data/left.phtml
@@ -7,7 +7,6 @@
     <li><a href="/admin/data/version">数据版本管理</a></li>
     <li><a href="/admin/data/comment">数据反馈管理</a></li>
     <li><a href="/admin/data/attachments">数据附件管理</a></li>
-    <li><a href="/admin/data/fund">支持项目</a></li>
     <li><a href="/admin/data/visual">可视化数据</a></li>
     </ul>
 </div>
\ No newline at end of file

From 04064a2030db4e18c5c9f03c0f0caea5366a8764 Mon Sep 17 00:00:00 2001
From: Li Heng <shayupi@qq.com>
Date: Tue, 15 Jul 2014 23:39:31 +0000
Subject: [PATCH 4/8] =?UTF-8?q?=E6=96=B0=E9=97=BB=E8=AF=A6=E7=BB=86?=
 =?UTF-8?q?=E9=A1=B5=E9=9D=A2=E6=A0=B7=E5=BC=8F?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../default/views/scripts/archives/archive.phtml       | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/application/default/views/scripts/archives/archive.phtml b/application/default/views/scripts/archives/archive.phtml
index 9e39d78f..0b89c6ed 100644
--- a/application/default/views/scripts/archives/archive.phtml
+++ b/application/default/views/scripts/archives/archive.phtml
@@ -34,16 +34,16 @@ $this->headLink()->appendStylesheet('/css/news.css');
         </div>
     </div>
     <div class="span9" id="archive_body">
-    		<h3 class="text-center"><?php echo $this->infos['title'];?></h3>
-            <div class="text-center">[<?php echo date("Y-m-d",strtotime($this->infos['ts_published']));?>]&nbsp;&nbsp;来源&nbsp;:&nbsp;<?php echo $this->infos['source'];?></div>
+    		<h3 class="text-center" style="font-family:'微软雅黑', '宋体'; color:#08c"><?php echo $this->infos['title'];?></h3>
+            <div class="text-center" style="font-size:11px; color:#BCBCBC">&nbsp;&nbsp;发布时间&nbsp;:&nbsp;<span style="font-size:11px; color:#08c"><?php echo date("Y-m-d",strtotime($this->infos['ts_published']));?></span>&nbsp;&nbsp;来源&nbsp;:&nbsp;<span style="font-size:11px; color:#08c"><?php echo $this->infos['source'];?></span></div>
             <?php  if(!empty($this->mdinfo)){?>
             <?php foreach($this->mdinfo as $v){ ?>
             <div class="info">相关数据：《<a href="/data/<?= $v['uuid']?>"><?= $v['title']?></a>》</div>
 			<?php } }	?>
-            <div class="media">
+            <div class="media" style="font-family:'微软雅黑'，'宋体';font-size:18px; line-height:200%">
 						<div class="pull-left">
                     	<?php echo $this->infos['body'];?>
-                    	</div>
+                    	</div>
         	<?php 
 						if(!empty($this->infos['image']))
 						{
@@ -52,4 +52,4 @@ $this->headLink()->appendStylesheet('/css/news.css');
 						?>
             </div>
     </div>
-</div>
+</div>
\ No newline at end of file

From bcc7146f812c1c19155c84f5df16d8b890145d15 Mon Sep 17 00:00:00 2001
From: Li Jianxuan <la5c@qq.com>
Date: Wed, 16 Jul 2014 02:28:38 +0000
Subject: [PATCH 5/8] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E5=90=8E=E5=8F=B0ftp?=
 =?UTF-8?q?=E4=B8=8A=E4=BC=A0=E6=95=B0=E6=8D=AE=E7=9A=84=E6=93=8D=E4=BD=9C?=
 =?UTF-8?q?=E6=8C=89=E9=92=AE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../admin/controllers/DataController.php      | 123 +++++++++++++++++-
 application/admin/views/scripts/data/md.phtml |  35 ++++-
 2 files changed, 155 insertions(+), 3 deletions(-)

diff --git a/application/admin/controllers/DataController.php b/application/admin/controllers/DataController.php
index 084f5711..cd31e0a6 100755
--- a/application/admin/controllers/DataController.php
+++ b/application/admin/controllers/DataController.php
@@ -2693,8 +2693,127 @@ class Admin_DataController extends Zend_Controller_Action
 		return;
 	}
 	
-
-
+	public function ftpAction()
+	{
+		$this->_helper->layout->disableLayout();
+		$this->_helper->viewRenderer->setNoRender();
+	
+		$uuid = $this->_getParam('uuid');
+		
+		$this->view->uuid = $uuid;
+		
+		if(empty($uuid) || !preg_match("/^[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}$/",$uuid))
+		{
+			$data = array(
+				'error'=>"参数错误"
+			);
+			$this->jsonexit($data);
+			return true;
+		}
+		//安全检查: uuid必须是当前用户且为新建数据
+		$sql="select * from geonetworkmetadata where uuid=? and uuid not in (select uuid from metadata) and owner=?";
+		$sth=$this->db->prepare($sql);
+		$sth->execute(array($uuid,$u_id));
+		$row=$sth->fetch();
+		if (empty($row))
+		{
+			$data = array(
+				'error'=>"参数错误"
+			);
+			$this->jsonexit($data);
+			return true;
+		}
+		
+		//ftp 用户名
+		$uname = 'sjy'.$u_id.'upload';
+		
+		//ftp路径
+		$homedir = "/data/upload/".$uuid."/";
+		//ftp用户表
+		$ftptable=' pureftp ';//ftp2.westgis.ac.cn
+		$uid = 1002;
+		$gid = 1002;
+		
+		$sql = "SELECT * FROM $ftptable WHERE userid='$uname' ORDER BY pkid DESC";
+		$sth = $this->db->prepare($sql);
+		$sth->execute();
+		$row = $sth->fetch();
+		
+		//create directory for upload
+		//server is not localhost, so we need a trick
+		//$old=umask(0);
+		//@mkdir($homedir,0777);
+		//umask($old);
+		$page=file_get_contents('http://ftp.sanjiangyuan.org.cn/proftp_upload.php?uuid='.$uuid);
+		if (!empty($page)) die($page);//there are errors in visit ftp page
+		
+		
+		if(!empty($row['pkid']))
+		{
+			if(preg_match("/.*".$uuid.".*/",$row['homedir']))
+			{
+				$data = array(
+					'statu'=>1,
+					'user'=>$row['userid'],
+					'passwd'=>$row['passwd']
+				);
+				
+				$this->jsonexit($data);
+				return true;
+				
+			}else{
+				$passwd = $this->genRandomString(16);
+				//$sql = "UPDATE proftpusers SET passwd=?,uid=?,gid=?,homedir=? WHERE userid=?";
+				//$sth = $this->db->prepare($sql);
+				//$rs = $sth->execute(array($passwd,$uid,$gid,$homedir,$uname));
+				$sql="update ".$ftptable."  SET passwd='".$passwd."',uid=".$uid.",gid=".$gid.",homedir='".$homedir."' WHERE userid='".$uname."'";
+				$rs=$this->db->query($sql);
+				if($rs)
+				{
+					$data = array(
+						'statu'=>1,
+						'user'=>$uname,
+						'passwd'=>$passwd
+					);
+					$this->jsonexit($data);
+					return true;
+				}else{
+					$data = array(
+						'error'=>"FTP信息更新失败，请重试"
+					);
+					$this->jsonexit($data);
+					return true;
+				}
+			}
+		}
+		
+		else{
+			$passwd = $this->genRandomString(16);
+			
+			//$sql = "INSERT INTO proftpusers (userid,passwd,uid,gid,homedir) VALUES (?,?,?,?,?)";
+			//$sth = $this->db->prepare($sql);
+			//$rs = $sth->execute(array($uname,$passwd,$uid,$gid,$homedir));
+			$sql="insert into ".$ftptable." (userid,passwd,uid,gid,homedir) values('".$uname."','".$passwd."',".$uid.",".$gid.",'".$homedir."')";
+			$rs=$this->db->query($sql);
+			if($rs)
+			{
+				$data = array(
+					'statu'=>1,
+					'user'=>$uname,
+					'passwd'=>$passwd
+				);
+				$this->jsonexit($data);
+				return true;
+			}else{
+				$data = array(
+					'error'=>"FTP信息更新失败，请重试"
+				);
+				$this->jsonexit($data);
+				return true;
+			}
+		}//end if
+	}
+	
 	/*
 	获得单个文件的信息
 	return array row
diff --git a/application/admin/views/scripts/data/md.phtml b/application/admin/views/scripts/data/md.phtml
index e437e616..0cdfa305 100644
--- a/application/admin/views/scripts/data/md.phtml
+++ b/application/admin/views/scripts/data/md.phtml
@@ -73,7 +73,8 @@
             <?php endif;?>	
             <a href="/admin/down/sendmail/uuid/<?php echo $item['uuid'];?>" title="向数据下载者发送通知邮件">邮件通知</a> | 
             <a href="/admin/data/fund/uuid/<?php echo $item['uuid'];?>">支持项目</a> | 
-            <a href="/admin/data/visual/uuid/<?php echo $item['uuid'];?>">数据可视化</a>
+            <a href="/admin/data/visual/uuid/<?php echo $item['uuid'];?>">数据可视化</a> | 
+            <a href="javascript:void(0);" onclick="getFtp('<?= $item['uuid'] ?>')">FTP数据上传</a>
             </p>
         </li>
         <?php endforeach; ?>
@@ -89,4 +90,36 @@ $(".inline").colorbox({inline:true, width:"50%"});
 function Alert(html){
 	$.colorbox({'innerWidth':'50%','html':'<h4 style="font-size:16px;font-weight:bold;">'+html+'</h4>'});
 }
+function getFtp(uuid){
+	$.ajax({
+	  'type':"POST",
+	  'url':'/admin/data/ftp/uuid/'+uuid,
+	  'data':'',
+	  'success':function(data){
+		  if (typeof(data)=='object')
+		  {
+			if(typeof(data.error)!='undefined')
+			{Alert(data.error);return false;}
+			if(typeof(data.statu)!='undefined')
+			{
+				if(data.statu > 0)
+				{
+					var html = '<p>临时FTP帐号信息<b>(此帐号仅对应当前数据集！)</b></p><p>ftp://ftp.sanjiangyuan.org.cn/</p>'+
+								'<p>用户名：'+data.user+
+								'</p><p>密码：'+data.passwd+'</p>'
+								+'<p><a href="ftp://'+data.user+':'+data.passwd+'@ftp.sanjiangyuan.org.cn/">或直接点击此链接</a></p>';
+					Alert(html);
+				}
+			}
+		  }
+		  else{ 
+		  	Alert('出现错误，请稍候再试</h4>');
+		  }
+	  },
+	  'timeout': 30000,
+	  'error': function(){
+		  Alert('处理中出现错误，请刷新页面后重试</h4>');
+	   }
+  });
+}
 </script>
\ No newline at end of file

From 83424373503e8fcdbe8e147b0a20f254084749a4 Mon Sep 17 00:00:00 2001
From: wlx <wangliangxu@lzb.ac.cn>
Date: Wed, 16 Jul 2014 08:24:16 +0000
Subject: [PATCH 6/8] =?UTF-8?q?=E6=9B=B4=E6=96=B0=E5=AE=89=E5=85=A8?=
 =?UTF-8?q?=E8=AE=A4=E8=AF=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 application/admin/controllers/DataController.php | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/application/admin/controllers/DataController.php b/application/admin/controllers/DataController.php
index cd31e0a6..93780c91 100755
--- a/application/admin/controllers/DataController.php
+++ b/application/admin/controllers/DataController.php
@@ -2701,6 +2701,7 @@ class Admin_DataController extends Zend_Controller_Action
 		$uuid = $this->_getParam('uuid');
 		
 		$this->view->uuid = $uuid;
+		$submd=$this->view->config->sub->metadata;
 		
 		if(empty($uuid) || !preg_match("/^[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}$/",$uuid))
 		{
@@ -2710,10 +2711,10 @@ class Admin_DataController extends Zend_Controller_Action
 			$this->jsonexit($data);
 			return true;
 		}
-		//安全检查: uuid必须是当前用户且为新建数据
-		$sql="select * from geonetworkmetadata where uuid=? and uuid not in (select uuid from metadata) and owner=?";
+		//安全检查: uuid必须是当前子平台数据
+		$sql="select * from $submd where uuid=?";
 		$sth=$this->db->prepare($sql);
-		$sth->execute(array($uuid,$u_id));
+		$sth->execute(array($uuid));
 		$row=$sth->fetch();
 		if (empty($row))
 		{
@@ -2724,8 +2725,10 @@ class Admin_DataController extends Zend_Controller_Action
 			return true;
 		}
 		
-		//ftp 用户名
-		$uname = 'sjy'.$u_id.'upload';
+		//ftp admin 用户名
+		$auth = Zend_Auth::getInstance();
+		$uid=$auth->->getIdentity()->id;
+		$uname = $submd.'admin'.$uid;
 		
 		//ftp路径
 		$homedir = "/data/upload/".$uuid."/";

From e809f9e27f8a253c80f65105c485b60659e9fd84 Mon Sep 17 00:00:00 2001
From: wlx <wangliangxu@lzb.ac.cn>
Date: Wed, 16 Jul 2014 08:28:37 +0000
Subject: [PATCH 7/8] fix error

---
 application/admin/controllers/DataController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/application/admin/controllers/DataController.php b/application/admin/controllers/DataController.php
index 93780c91..120ff044 100755
--- a/application/admin/controllers/DataController.php
+++ b/application/admin/controllers/DataController.php
@@ -2727,7 +2727,7 @@ class Admin_DataController extends Zend_Controller_Action
 		
 		//ftp admin 用户名
 		$auth = Zend_Auth::getInstance();
-		$uid=$auth->->getIdentity()->id;
+		$uid=$auth->getIdentity()->id;
 		$uname = $submd.'admin'.$uid;
 		
 		//ftp路径

From b355511a2e537e739c6fbdc1ddd7d326030f6696 Mon Sep 17 00:00:00 2001
From: wlx <wangliangxu@lzb.ac.cn>
Date: Wed, 16 Jul 2014 08:33:15 +0000
Subject: [PATCH 8/8] fix missed function

---
 .../admin/controllers/DataController.php      | 24 ++++++++++++++++++-
 application/admin/views/scripts/data/md.phtml |  2 +-
 2 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/application/admin/controllers/DataController.php b/application/admin/controllers/DataController.php
index 120ff044..e199295d 100755
--- a/application/admin/controllers/DataController.php
+++ b/application/admin/controllers/DataController.php
@@ -2839,5 +2839,27 @@ class Admin_DataController extends Zend_Controller_Action
 	public function jsonexit($data){
 		$this->getResponse()->setHeader('Content-Type', 'application/json')->appendBody(json_encode($data,JSON_NUMERIC_CHECK));
 		return true;  
-	}//jsonexit() 退出并返回json数据	 	  	
+	}//jsonexit() 退出并返回json数据
+	
+	private function genRandomString($len)
+	{
+		$chars = array(
+			"a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k",  
+			"l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v",  
+			"w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G",  
+			"H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R",  
+			"S", "T", "U", "V", "W", "X", "Y", "Z", "0", "1", "2",  
+			"3", "4", "5", "6", "7", "8", "9"
+		);
+		$charsLen = count($chars) - 1;
+	 
+		shuffle($chars);    // 将数组打乱
+		 
+		$output = "";
+		for ($i=0; $i<$len; $i++)
+		{
+			$output .= $chars[mt_rand(0, $charsLen)];
+		}
+		return $output;
+	}  	
 }
diff --git a/application/admin/views/scripts/data/md.phtml b/application/admin/views/scripts/data/md.phtml
index 0cdfa305..c3135e85 100644
--- a/application/admin/views/scripts/data/md.phtml
+++ b/application/admin/views/scripts/data/md.phtml
@@ -74,7 +74,7 @@
             <a href="/admin/down/sendmail/uuid/<?php echo $item['uuid'];?>" title="向数据下载者发送通知邮件">邮件通知</a> | 
             <a href="/admin/data/fund/uuid/<?php echo $item['uuid'];?>">支持项目</a> | 
             <a href="/admin/data/visual/uuid/<?php echo $item['uuid'];?>">数据可视化</a> | 
-            <a href="javascript:void(0);" onclick="getFtp('<?= $item['uuid'] ?>')">FTP数据上传</a>
+            <a href="javascript:void(0);" onclick="getFtp('<?= $item['uuid'] ?>')">FTP数据管理</a>
             </p>
         </li>
         <?php endforeach; ?>