db = $db; } //接受或者拒绝评审 function invite($id,$uuid,$uid,$status) { if(empty($id) || empty($uuid) || !is_numeric($id) ||!preg_match("/^[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}$/",$uuid)) { return"参数错误"; } if($id != $uid) { return "您无权使用此通知"; }//非本人操作 try{ $sql = "update ".$this->tbl_reviewexp." set status=$status where id='$id' and uuid='$uuid'"; if($this->db->exec($sql)) { return true; }else{ return "您无权限进行此操作"; } }catch(Exception $e){ return "处理中出现错误"; } } //根据UUID获得评审意见 function getReviews($uuid) { $sql = "SELECT mr.*,u.username,u.realname FROM ".$this->tbl_mdreview." mr LEFT JOIN ".$this->tbl_user." u ON mr.userid = u.id WHERE mr.uuid = '$uuid'"; $sth = $this->db->query($sql); $reviews = $sth->fetchAll(); return $reviews; } //后台我负责的评审 function adminReviews($keyword = "",$order="") { include_once('helper/view.php'); $uid = view::User('id'); $wheresql = array(); $wheresql[] = " m.status in (0,1,2,3,4) "; $wheresql[] = " u.id=$uid "; if(!empty($keyword)) { $wheresql[] = " md.title like '%$keyword%' "; } if(count($wheresql)>0) { $wheresql = " WHERE ".join(" AND ",$wheresql); }else{ $wheresql = ""; } $sql = "select m.id,md.uuid,md.title,u.username,u.realname,m.status,md.id as mdid,md.author,m.ts_accepted FROM mdstatus m right join metadata md on md.uuid=m.uuid left join users u on u.id=m.userid $wheresql order by m.status desc,m.ts_accepted desc"; $re = $this->db->query($sql); $rows = $re->fetchAll(); return $rows; } }