westdc-zf1/application/admin/controllers/AuthorController.php

<?php
/* 

	@version    $Id: AuthorController.php 2012-5-28 11:50 Z
	@package	Admin_Author
	@copyright  Copyright (c) 2012, CAREERI.
	@license    http://
	@link       http://
*/
class Admin_AuthorController extends Zend_Controller_Action 
{
	private $limit=10;
	
	//调试模式 
	// 调试模式中将显示全部错误细节，电子邮件将发往调试邮箱 
	// 1 为开启
	// 0 为关闭
	public $debug = 1; 
	
	//调试模式邮箱地址
	public $debug_email = "la5c@qq.com";
	
	
	function preDispatch()
	{
		$this->view->config = Zend_Registry::get('config');
		$this->db=Zend_Registry::get('db');
	}
	
	function indexAction()
	{
		
	}
	
	
	/*
    * datasAction() 我的数据
	*
	* param string $ac		// list|search
	* param string $keyword
	*
	* return view
	*/
   function datasAction()
   {
	    $ac  = $this->_request->getParam("ac");
		
		$auth = Zend_Auth::getInstance();
		if($auth->hasIdentity())
		{
			$user = $auth->getIdentity();
			$u_id = $user->id;
			$u_email = $user->email;
		}
		
		//列表
		if(empty($ac) || $ac=='list' || $ac=='search'){
		
			$sql = "SELECT a.*,m.title,m.description,g.id as gid,mds.status as mdstatus FROM normalmetadata m
					LEFT JOIN mdauthor a ON m.uuid=a.uuid
					LEFT JOIN geonetworkmetadata g on m.uuid=g.uuid 
					LEFT JOIN mdstatus mds ON m.uuid=mds.uuid
					WHERE a.status>=0";
			if ($ac=='search')
			{
				$key = trim($this->_request->getParam('q'));
				$this->view->q = $key;
	    		$search=new Search($key);
   	 		$where=$search->sql_expr(array("m.title","m.description"));
   	 		$sql.=' and '.$where;
			}
			$sql.="ORDER BY mds.status DESC,a.id DESC";
					
			$sth = $this->db->prepare($sql);
			$sth->execute();
			$rows = $sth->fetchAll();
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage(5);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;
			
		}//list

   }//datasAction() 数据管理
   
   
   
   
	/*
    * inauthorAction() 数据申请管理
	*
	* param string $ac 
	* param string $keywords
	* param string $pr			//对离线数据申请的操作
	* param string $uuid
	*
	* return view|ajax-responds
	*/
   function inauthorAction()
   {
	   
		$ac = $this->_request->getParam("ac");
		
		$auth = Zend_Auth::getInstance();
		if($auth->hasIdentity())
		{
			$user = $auth->getIdentity();
			$u_id = $user->id;
			$u_email = $user->email;
		}
		
		if(empty($ac) || $ac=="online" || $ac == "searchonline")
		{
			$sql = "SELECT o.id,o.userid,o.unit,o.username,o.ts_created,o.project,m.title,m.uuid FROM onlineapp as o
					LEFT JOIN metadata as m ON o.uuid=m.uuid
					LEFT JOIN mdauthor as a ON a.uuid=o.uuid
					WHERE (o.id in (SELECT distinct(onlineappid) from dataorder where status>=0)) AND a.userid = ? AND a.status=1";
			if ($ac=="searchonline")
			{
				$keywords = $this->_request->getParam('q');
				if(!empty($keywords))
					$this->view->q = $keywords;
				$search=new Search($keywords);
				$where=$search->sql_expr(array("m.title","m.description"));
				$sql.=' and '.$where;
			}
			$sql.=" ORDER BY o.id desc";
			
			$sth = $this->db->prepare($sql);
			$sth->execute(array($u_id));
			$rows = $sth->fetchAll();
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage(10);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;
		}//在线申请记录
		
		if($ac == "offline" || $ac=="searchoffline")
		{
			$pr = $this->_request->getParam('pr');
			$oid = $this->_request->getParam('oid');
			$pdf = $this->_request->getParam('pdf');
			
			if(!empty($pr))
			{
				try{
				$this->_helper->layout->disableLayout();
				$this->_helper->viewRenderer->setNoRender();
				
				$uuid = $this->_request->getParam('uuid');
				
				if(!preg_match("/^[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}$/",$uuid))
				{
					echo "参数有误！";exit();
				}
				
				//如果用户已经下载过了，就无法在更改对数据申请的意见
				$sql = "select md.title,d.uuid,d.status as datastatus,d.authorpermitted,d.id from dataorder d 
						left join offlineapp o on o.id=d.offlineappid 
						left join metadata md on md.uuid=d.uuid
						where o.ts_approved is null and o.pdflink is not null 
						AND d.uuid=? AND d.id=? AND d.datastatus=7
						order by o.ts_created desc";
				
				$sth = $this->db->prepare($sql);
				$sth->execute(array($uuid,$oid));
				$row = $sth->fetch();
				
				if($row['datastatus']>4)
				{
					echo "该申请已经通过并且发放数据";
					exit();
				} 
				else if (empty($row) || $row['datastatus']!=4)
				{
					echo "该数据申请存在问题，请联系数据中心！";
					exit();
				} 
				
				//同意用户下载
				if($pr=="confirm")
				{
					$sql = "UPDATE dataorder SET authorpermitted=1 WHERE uuid=? and id=?";
					$sth = $this->db->prepare($sql);
					if($sth->execute(array($uuid,$oid)))
					{
						$btn = $this->createOfflineCtBtn($uuid,'c',$oid);
						echo ''.$btn.'<script>alert("您已经同意用户的离线数据申请");</script>';
						exit();
					}else{
						echo "<script>alert('处理过程中遇到错误，请刷新页面');</script>";
						exit();
					}	
				}
				
				//反对用户下载
				if($pr == "objection")
				{
					$sql = "UPDATE dataorder SET authorpermitted=-1 WHERE uuid=? AND id=?";
					$sth = $this->db->prepare($sql);
					if($sth->execute(array($uuid,$oid)))
					{
						$btn = $this->createOfflineCtBtn($uuid,'o',$oid);
						echo ''.$btn.'<script>alert("您已经拒绝该用户的此次离线数据申请");</script>';
						exit();
					}else{
						echo "<script>alert('处理过程中遇到错误，请刷新页面');</script>";
						exit();
					}	
				}
				}catch(Exception $e)
				{
					echo "处理中遇到错误，请刷新页面后重试";
					exit();
				}
			}
			else if (!empty($pdf)) 
			{
				$sql="select o.pdflink from dataorder d left join offlineapp o on d.offlineappid=o.id
				 left join mdauthor m on d.uuid=m.uuid
				 where d.id=? and m.userid=?";
				$sth = $this->db->prepare($sql);
				$sth->execute(array($pdf,$u_id));
				$row = $sth->fetch();
				$content=file_get_contents($this->view->config->offline->savepath."/".$row['pdflink']);
				header("Content-Disposition: inline; filename=".$row['pdflink']);
				header("Content-Type:application/pdf");
				echo $content;
				die(); // do not change current html output
			}
			else
			{
				$this->_helper->viewRenderer('inauthor-offline');
				
				$select="select distinct(o.*),md.title,d.id as doid,d.uuid,d.status as datastatus,d.authorpermitted from offlineapp o 
						left join dataorder d on o.id=d.offlineappid 
						left join metadata md on md.uuid=d.uuid
						where o.ts_approved is null and o.pdflink is not null and d.status=4 ";
				if($ac == "searchoffline")
				{
					$keywords = $this->_request->getParam('q');
					if(!empty($keywords))
						$this->view->q = $keywords;
					$search=new Search($keywords);
					$where=$search->sql_expr(array("md.title","md.description"));
					$select.=' and '.$where;
				}
				$select.=" order by o.ts_created desc";
				
				$sth = $this->db->prepare($select);
				$sth->execute();
				$rows = $sth->fetchAll();
				
				foreach ($rows as $k=>$v)
				{
					if($v['authorpermitted']==0)
					{$rows[$k]['btns']=$this->createOfflineCtBtn($v['uuid'],'',$v['doid']);}
					if($v['authorpermitted']>0)
					{$rows[$k]['btns']=$this->createOfflineCtBtn($v['uuid'],'c',$v['doid']);}
					if($v['authorpermitted']<0)
					{$rows[$k]['btns']=$this->createOfflineCtBtn($v['uuid'],'o',$v['doid']);}
				}
				
				$paginator = Zend_Paginator::factory($rows);
				$paginator->setCurrentPageNumber($this->_getParam('page'));
				$paginator->setItemCountPerPage(10);
				$paginator->setView($this->view);
				Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
				$this->view->paginator=$paginator;
			}
		}//离线申请
		
		
		//按数据显示
		if($ac == 'datalist' || $ac == "searchdata")
		{
			$uuid = $this->_request->getParam('uuid');
			if(!empty($uuid))
			{
				$this->_helper->viewRenderer('view-dataoreder');
				
				if(preg_match("/^[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}$/",$uuid))
				{
					$sql = "select md.title,d.id as doid,d.uuid,d.authorpermitted,d.status
							,offa.id as offa_id,offa.username as offa_name,offa.unit as offa_unit,offa.email as offa_email,offa.project as offa_project
							,ona.id as ona_id,ona.username as ona_name,ona.unit as ona_unit,ona.email as ona_email,ona.project as ona_project
							from dataorder d
							left join metadata md on md.uuid=d.uuid
							left join mdauthor a on a.uuid=d.uuid
							LEFT JOIN offlineapp offa on offa.id=d.offlineappid
							LEFT JOIN onlineapp ona on ona.id=d.onlineappid
							WHERE (offa.id IS NOT NULL OR ona.id IS NOT NULL) and d.status>=0 
							AND d.uuid=?
							ORDER BY d.ts_created DESC";
							
					$sth = $this->db->prepare($sql);
					$sth->execute(array($uuid));
					$rows = $sth->fetchAll();
					@$this->view->mdtitle=$rows[0]['title'];
					
					foreach ($rows as $k=>$v)
					{
						if($v['authorpermitted']==0)
						{$rows[$k]['btns']=$this->createOfflineCtBtn($v['uuid'],'',$v['doid']);}
						if($v['authorpermitted']>0)
						{$rows[$k]['btns']=$this->createOfflineCtBtn($v['uuid'],'c',$v['doid']);}
						if($v['authorpermitted']<0)
						{$rows[$k]['btns']=$this->createOfflineCtBtn($v['uuid'],'o',$v['doid']);}
					}
					
					$paginator = Zend_Paginator::factory($rows);
					$paginator->setCurrentPageNumber($this->_getParam('page'));
					$paginator->setItemCountPerPage(10);
					$paginator->setView($this->view);
					Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
					$this->view->paginator=$paginator;
				}else{
					$this->view->error = "参数有误";
				}
			}else{
				$this->_helper->viewRenderer('inauthor-datalist');
				$sql = "select md.title,d.uuid,count(md.id) as c from dataorder d
						left join metadata md on md.uuid=d.uuid
						where d.uuid IS NOT NULL ";
				if($ac == "searchdata")
				{
					$keywords = $this->_request->getParam('q');
					if(!empty($keywords))
						$this->view->q = $keywords;
					$search=new Search($keywords);
					$where=$search->sql_expr(array("md.title","md.description"));
					$sql.=' and '.$where;
				}
				$sql.=" GROUP BY md.title,d.uuid";
				
				$sth = $this->db->prepare($sql);
				$sth->execute();
				$rows = $sth->fetchAll();
				
				$paginator = Zend_Paginator::factory($rows);
				$paginator->setCurrentPageNumber($this->_getParam('page'));
				$paginator->setItemCountPerPage(10);
				$paginator->setView($this->view);
				Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
				$this->view->paginator=$paginator;
			}
			
		}//按数据显示
		
   } // inauthorAction() 数据申请管理
   
   /*
    * createOfflineCtBtn() 创建离线申请记录的操作按钮
	*
	*/
   function createOfflineCtBtn($uuid, $type="",$oid){
	   $urlHref = 'href="javascript:;"';
	   $baseStyle = "offline-ct-btns box-shadow";
	   $selectedStyle = "offline-select";
	   
	   $confrimText = "同意";
	   $confrimFunc = 'onclick="confirm(\''.$uuid.'\',\''.$oid.'\')"';
	   
	   $objectionText = "反对";
	   $objectionFunc = 'onclick="objection(\''.$uuid.'\',\''.$oid.'\')"';
	   
	   $btns='';
	   if(empty($type))
	   {
			$confrimBtn = "<a $urlHref class=\"$baseStyle\" $confrimFunc>$confrimText</a>";
			$objectionBtn = "<a $urlHref class=\"$baseStyle\" $objectionFunc>$objectionText</a>";
			$btns = $confrimBtn.$objectionBtn;
	   }
	   if($type=='c')
	   {
		    $confrimBtn = "<a class=\"$baseStyle $selectedStyle\">$confrimText</a>";
			$objectionBtn = "<a $urlHref class=\"$baseStyle\" $objectionFunc>$objectionText</a>";
			$btns = $confrimBtn.$objectionBtn;
	   }
	   if($type=='o')
	   {
		    $confrimBtn = "<a $urlHref class=\"$baseStyle\" $confrimFunc>$confrimText</a>";
			$objectionBtn = "<a class=\"$baseStyle $selectedStyle\">$objectionText</a>";
			$btns = $confrimBtn.$objectionBtn;
	   }
	   
	   return $btns;
	   
   } //createOfflineCtBtn()
     


	/*
	* versionAction() 版本控制
	*
	*
	*/
	function versionAction()
	{
		$ac = $this->_request->getParam('ac');
		$uuid = $this->_request->getParam('uuid');
	   
		$auth = Zend_Auth::getInstance();
		if($auth->hasIdentity())
		{
			$user = $auth->getIdentity();
			$u_id = $user->id;
		}
	   
		//查看单条数据的所有版本
		if (!empty($uuid) && empty($ac))
		{
			//view the versions of the data
			$sql = "SELECT md.title,md.uuid,v.ts_created,v.changelog,v.userid,v.id,u.username,u.realname FROM mdversion v
					LEFT JOIN metadata md ON md.uuid=v.uuid
					LEFT JOIN mdauthor a ON md.uuid=a.uuid
					left join users u on v.userid=u.id
					WHERE md.title IS NOT NULL AND v.uuid=? AND a.status=1
					order by v.ts_created desc
					";
			$sth = $this->db->prepare($sql);
			$sth->execute(array($uuid));
			$rows = $sth->fetchAll();
			@$this->view->mdtitle=$rows[0]['title'];
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage(15);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;
		}
	   
		//查看所有版本列表
		else if((empty($ac) && empty($uuid))|| $ac=='list')
		{
			$sql = "SELECT md.title,md.uuid,v.ts_created,v.changelog,v.userid,v.id,u.username,u.realname FROM mdversion v
					LEFT JOIN metadata md ON md.uuid=v.uuid
					left join users u on v.userid=u.id
					WHERE md.title IS NOT NULL
					order by v.ts_created desc
					";
			$sth = $this->db->prepare($sql);
			$sth->execute();
			$rows = $sth->fetchAll();
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage(15);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;			
		}
	   
		//按数据浏览
		else if($ac=="bydata")
		{
			$keywords = $this->_request->getParam('q');
			if(!empty($keywords))
				$this->view->q = $keywords;
			$sql = "SELECT md.title,md.uuid,count(v.id) as c FROM mdversion v
					LEFT JOIN metadata md ON md.uuid=v.uuid
					WHERE md.title IS NOT NULL";
			if(!empty($keywords))
			{
				$search=new Search($keywords);
				$where=$search->sql_expr(array("md.title","md.description"));
				$sql.=' and '.$where;
			}
			$sql.=" group by md.uuid,md.title";

			$sth = $this->db->prepare($sql);
			$sth->execute();
			$rows = $sth->fetchAll();
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage(10);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;
		   
			$this->_helper->viewRenderer('version-bydata');
	   }
	   
	   
	   //删除某个版本
	   else if($ac=="delete")
	   {
		   $this->_helper->layout->disableLayout();
		   $this->_helper->viewRenderer->setNoRender();
		   
		   $data = "";
		   
		   try{
		   $id = $this->_request->getParam('id');
		   if(empty($id) || !is_numeric($id))
		   {
				$data = array("error"=>"参数错误");
				$this->jsonexit($data);
				return true;
		   }
		   
		   $sql = "DELETE FROM mdversion WHERE id=?";
		   $sth = $this->db->prepare($sql);
		   $ex = $sth -> execute(array($id));
		   
		   if($ex)
		   {
			   $data = array("deleted"=>$id,"error"=>$this->alertbox('ok','删除成功'));
			   $this->jsonexit($data);
				return true;
		   }else{
			   $data = array("error"=>$this->alertbox('error','删除失败，请确认权限后重试'));
			   $this->jsonexit($data);
				return true;
		   }
		   }catch(Exception $e) {
			   $msg = "删除失败，请确认权限后重试";
			   if($this->debug>0)
			   {$msg .= $e->getMessage();}
			   $data = array("error"=>$this->alertbox('error',$msg));
			   $this->jsonexit($data);
				return true;
		   }
	   }
	   
	   //恢复到geonetwork
	   else if($ac == "restore")
	   {
		   $this->_helper->layout->disableLayout();
		   $this->_helper->viewRenderer->setNoRender();
		   
		   $data = "";
		   try{
		   $id = $this->_request->getParam('id');
		   if(empty($id) || !is_numeric($id))
		   {
				$data = array("error"=>"参数错误");
				$this->jsonexit($data);
				return true;
		   }
		   
			$this->wdb=Zend_Db::factory($this->view->config->geonetwork);
			$sql = "SELECT v.xml,v.uuid FROM mdversion v 
					WHERE v.id=?";
			$sth = $this->db->prepare($sql);
			$sth ->execute(array($id));
			$row = $sth->fetch();
			
			$sql = "SELECT data FROM metadata WHERE uuid=?";
			$sth = $this->wdb->prepare($sql);
			$sth ->execute(array($row['uuid']));
			$row_geo = $sth->fetch();
			
			if($row['xml']==$row_geo['data'])
			{
				$data = array("error"=>$this->alertbox('warning','无须恢复，元数据相同'));
				$this->jsonexit($data);
				return true;
			}

			$sql = "UPDATE metadata SET data=? WHERE uuid=?";
			$sth = $this->wdb->prepare($sql);
			$ex = $sth ->execute(array($row['xml'],$row['uuid']));
			
			if($ex)
			{
				$data = array("error"=>$this->alertbox('ok','恢复成功'));
				$this->jsonexit($data);
				return true;
			}else{
				$data = array("error"=>$this->alertbox('error','恢复失败，请确认权限后重试'));
				$this->jsonexit($data);
				return true;
			}
		   }catch(Exception $e) {
			   $msg = "恢复失败，请确认权限后重试";
			   if($this->debug>0)
			   {$msg .= $e->getMessage();}
			   $data = array("error"=>$this->alertbox('error',$msg));
			   $this->jsonexit($data);
				return true;
		   }
	   }
	   
	   //发布到评审
	   else if($ac == "commit")
	   {
		   $this->_helper->layout->disableLayout();
		   $this->_helper->viewRenderer->setNoRender();
		   
		   $data = "";
		   try{
			   $id = $this->_request->getParam('id');
			   if(empty($id) || !is_numeric($id))
			   {
					$data = array("error"=>"参数错误");
					$this->jsonexit($data);
					return true;
			   }
			   
				$changelog = $this->_request->getParam('changelog');
			   if(empty($changelog))
			   {
					$data = array("error"=>$this->alertbox('warning','请输入变更信息'));
					$this->jsonexit($data);
					return true;
			   }
			   				
			   // 1. 权限认定
			   $sql="select a.* from mdauthor a left join mdversion v on a.uuid=v.uuid 
			   	where a.status=1 and a.userid=? and v.id=?";
			   $sth=$this->db->prepare($sql);
			   $sth->execute(array($u_id,$id));
			   $row=$sth->fetch();
			   if (empty($row))
			   {
					$data = array("error"=>'无权限修改数据');
					$this->jsonexit($data);
					return true;
				}
				// 2. 保存变化记录 save changelog & userid
				$sql = "UPDATE mdversion SET changelog=?,userid=? WHERE id=?";
				$this->db->query($sql,array($changelog,$u_id,$id));
				
				// 3. 获取数据评审状态
				$sql = "SELECT s.*,v.xml,m.title FROM mdstatus s left join mdversion v on s.uuid=v.uuid
					left join metadata m on s.uuid=m.uuid WHERE v.id=?";
				$sth = $this->db->prepare($sql);
				$sth->execute(array($id));
				$row = $sth->fetch();
				
				if (empty($row)) //无对应记录
				{
					$sql="select m.id from metadata m left join mdversion v on m.uuid=v.uuid where v.id=?";
					$sth=$this->db->prepare($sql);
					$sth->execute(array($id));
					$mrow=$sth->fetch();
					if (empty($mrow)) //说明是新数据
					{
						//导入元数据
						$iso=new ISO19115();
						$iso->saveDB($this->db,$row['xml']);
						//进入评审库
						$sql="insert into mdstatus (uuid,status,userid) select uuid,0,? from mdversion where id=?";
						$this->db->query($sql,array($u_id,$id));
						
						//email to admin
						$mail=new WestdcMailer($this->view->config->smtp);
						$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
						$mailtp=new EmailText($this->db,"metadata-new-admin",array(
									'user' => $user->username,
									'uuid' => $iso->uuid,
									'email'=> $user->email,
									//元数据标题
									'title'=> $iso->resTitle,
									));
						$mail->setBodyText($mailtp->getBody());
						$mail->setSubject($mailtp->getSubject());
						if($this->debug==0)
						{
							$mail->addTo($this->view->config->service->email);
						}else{
							$mail->addTo($this->debug_email);
						}
						$mail->send();
								
						unset($mail);
						unset($mailtp);
						//email to author
						$mail=new WestdcMailer($this->view->config->smtp);
						$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
						$mailtp=new EmailText($this->db,"metadata-new-author",array(
									'user' => $user->username,
									'uuid' => $iso->uuid,
									'email'=> $user->email,
									//元数据标题
									'title'=> $iso->resTitle,
									));
						$mail->setBodyText($mailtp->getBody());
						$mail->setSubject($mailtp->getSubject());
						if($this->debug==0)
						{
							$mail->addTo($user->email);
							$mail->addCc($this->view->config->service->email);
						}else{
							$mail->addTo($this->debug_email);
						}
						@$mail->send();
					
						$data = array("commited"=>1,"error"=>$this->alertbox('ok','该版本已经成功提交，请等待数据中心进一步处理!'));
						$this->jsonexit($data);
						return true;			
					} else { //说明是已发布的数据且数据不存在评审信息
						//同步元数据
						$iso=new ISO19115();
						$iso->saveDB($this->db,$row['xml']);
						//移除中间版本
						$sql="delete from mdversion where uuid in (select uuid from mdversion where v.id=?) and char_length(changelog)<3";
						$this->db->query($sql,array($id));
						//修改评审状态为发布，且由其提交的用户进行管理
						$sql="insert into mdstatus (uuid,status,userid) select uuid,6,? from mdversion where id=?";
						$this->db->query($sql,array($u_id,$id));
					
						//email to admin & author
						$mail=new WestdcMailer($this->view->config->smtp);
						$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
						$mailtp=new EmailText($this->db,"metadata-release",array(
									'user' => $user->username,
									'uuid' => $row['uuid'],
									'email'=> $user->email,
									//元数据标题
									'title'=> $row['title'],
									'changelog'=>$changelog,
									));
						$mail->setBodyText($mailtp->getBody());
						$mail->setSubject($mailtp->getSubject());
						if($this->debug==0)
						{
							$mail->addTo($this->view->config->service->email);
							$mail->addCc($this->view->config->service->email);
						}else{
							$mail->addTo($this->debug_email);
						}
						@$mail->send();
						
						$data = array("commited"=>1,"error"=>$this->alertbox('ok','该版本已经成功发布!'));
						$this->jsonexit($data);
						return true;		
					}
				}
				else if ($row['id']==-1 || $row['id']==0 || $row['id']==1) //取消发布的数据，初始状态，已接收
				{
					//同步元数据
					$iso=new ISO19115();
					$iso->saveDB($this->db,$row['xml']);
					//email to admin
					$mail=new WestdcMailer($this->view->config->smtp);
					$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
					$mailtp=new EmailText($this->db,"version-commit-admin",array(
									'user' => $user->username,
									'uuid' => $row['uuid'],
									'email'=> $user->email,
									//元数据标题
									'title'=> $row['title'],
									'changelog'=>$changelog,
									));
					$mail->setBodyText($mailtp->getBody());
					$mail->setSubject($mailtp->getSubject());
					if($this->debug==0)
					{
						$mail->addTo($this->view->config->service->email);
					}else{
						$mail->addTo($this->debug_email);
					}
					$mail->send();
								
					unset($mail);
					unset($mailtp);
					//email to author
					$mail=new WestdcMailer($this->view->config->smtp);
					$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
					$mailtp=new EmailText($this->db,"version-commit-author",array(
									'user' => $user->username,
									'uuid' => $row['uuid'],
									'email'=> $user->email,
									//元数据标题
									'title'=> $row['title'],
									));
					$mail->setBodyText($mailtp->getBody());
					$mail->setSubject($mailtp->getSubject());
					if($this->debug==0)
					{
						$mail->addTo($user->email);
						$mail->addCc($this->view->config->service->email);
					}else{
						$mail->addTo($this->debug_email);
					}
					@$mail->send();					
					
					$data = array("commited"=>1,"error"=>$this->alertbox('ok','该版本已经成功提交并同步，请等待数据中心进一步处理!'));
					$this->jsonexit($data);
					return true;
				}
				else if ($row['id']==2 || $row['id']==3 || $row['id']==4)//已发送过外审邮件，需由编辑告知变化信息
				{
					//email to admin
					$mail=new WestdcMailer($this->view->config->smtp);
					$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
					$mailtp=new EmailText($this->db,"version-commit-admin",array(
									'user' => $user->username,
									'uuid' => $row['uuid'],
									'email'=> $user->email,
									//元数据标题
									'title'=> $row['title'],
									'changelog'=>$changelog,
									));
					$mail->setBodyText($mailtp->getBody());
					$mail->setSubject($mailtp->getSubject());
					if($this->debug==0)
					{
						$mail->addTo($this->view->config->service->email);
					}else{
						$mail->addTo($this->debug_email);
					}
					$mail->send();
								
					unset($mail);
					unset($mailtp);
					//email to author
					$mail=new WestdcMailer($this->view->config->smtp);
					$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
					$mailtp=new EmailText($this->db,"version-commit-author",array(
									'user' => $user->username,
									'uuid' => $row['uuid'],
									'email'=> $user->email,
									//元数据标题
									'title'=> $row['title'],
									));
					$mail->setBodyText($mailtp->getBody());
					$mail->setSubject($mailtp->getSubject());
					if($this->debug==0)
					{
						$mail->addTo($user->email);
						$mail->addCc($this->view->config->service->email);
					}else{
						$mail->addTo($this->debug_email);
					}
					@$mail->send();
					
					//email to experts, sync to database?
					//todo!!!
					//should generate new pdf? or user could not commit a new version when it is in the reviewing process?
					/*
					unset($mail);
					unset($mailtp);
					$mail=new WestdcMailer($this->view->config->smtp);
					$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
					$mailtp=new EmailText($this->db,"version-commit-expert",array(
									'user' => $user->username,
									'uuid' => $row['uuid'],
									'email'=> $user->email,
									//元数据标题
									'title'=> $row['title'],
									));
					$mail->setBodyText($mailtp->getBody());
					$mail->setSubject($mailtp->getSubject());
					if($this->debug==0)
					{
						$mail->addTo($user->email);
						$mail->addCc($this->view->config->service->email);
					}else{
						$mail->addTo($this->debug_email);
					}
					@$mail->send();
					*/
					$data = array("commited"=>1,"error"=>$this->alertbox('ok','该版本已经成功提交，请等待数据中心进一步处理!'));
					$this->jsonexit($data);
					return true;					
				}
				else if ($row['id']>=5)//数据已经发布，再次修改后将只通知管理员，保留发布状态
				{
					//同步元数据
					$iso=new ISO19115();
					$iso->saveDB($this->db,$row['xml']);
					//移除中间版本
					$sql="delete from mdversion where uuid in (select uuid from mdversion where v.id=?) and char_length(changelog)<3";
					$this->db->query($sql,array($id));
					
					//email to admin & author
					$mail=new WestdcMailer($this->view->config->smtp);
					$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
					$mailtp=new EmailText($this->db,"metadata-release",array(
									'user' => $user->username,
									'uuid' => $row['uuid'],
									'email'=> $user->email,
									//元数据标题
									'title'=> $row['title'],
									'changelog'=>$changelog,
									));
					$mail->setBodyText($mailtp->getBody());
					$mail->setSubject($mailtp->getSubject());
					if($this->debug==0)
					{
						$mail->addTo($this->view->config->service->email);
						$mail->addCc($this->view->config->service->email);
					}else{
						$mail->addTo($this->debug_email);
					}
					@$mail->send();
					
					$data = array("commited"=>1,"error"=>$this->alertbox('ok','该版本已经成功发布!'));
					$this->jsonexit($data);
					return true;
				}	
			}catch(Exception $e) {
			   $msg = "提交失败，请确认权限后重试";
			   if($this->debug>0)
			   {$msg .= $e->getMessage();}
			   $data = array("error"=>$this->alertbox('error',$msg));
			   $this->jsonexit($data);
			   return true;
			}
	   }//发布到评审
	   
	   //与前一个版本对比
	   else if($ac == "diff")
	   {
		    $this->_helper->viewRenderer('version-diff');
			$id = $this->_request->getParam('id');
			if(empty($id) || !is_numeric($id))
			{
				$this->view->error = "参数错误";
				return true;
			}
			
			$sql = "SELECT v.uuid,md.title FROM mdversion v
					LEFT JOIN metadata md ON v.uuid=md.uuid
					WHERE v.id=?";
			$sth = $this->db->prepare($sql);
			$sth -> execute(array($id));
			
			$row = $sth->fetch();
			
			$sql = "SELECT v.* FROM mdversion v
					WHERE v.uuid=? AND v.id<=?
					ORDER BY v.ts_created DESC
					LIMIT ?";
			$sth = $this->db->prepare($sql);
			$sth -> execute(array($row['uuid'],$id,2));
			
			$rows = $sth->fetchAll();
			
			if(count($rows)<2)
			{
				$this->view->error = "对比失败：之前没有版本可以对比";
				return true;
			}
			
			$this->view->info = $row;
			$this->view->data = $rows;
			   
	   }
	   
	   
   }// versionAction() 数据版本管理
   
   //新建元数据
   function newdataAction()
   {
	   $ac = $this->_request->getParam('ac');
	   $id = $this->_request->getParam('id');
	   $this->wdb=Zend_Db::factory($this->view->config->geonetwork);
	   
	   $auth = Zend_Auth::getInstance();
		if($auth->hasIdentity())
		{
			$user = $auth->getIdentity();
			$u_id = $user->id;
		}
	   
	   //在geonetwork中查看单条数据
	   if (!empty($id) && empty($ac))
	   {
	   	$this->view->url='metadata.show?id='.$id;
	   	$this->_helper->viewRenderer('newdata-view');	   	
	   }
	   //查看属于自己的所有的未提交数据列表
	   else if((empty($ac) && empty($uuid))|| $ac=='list')
	   {
			$sql = "SELECT (regexp_matches(gn.data,'<resTitle>(.*)</resTitle>'))[1] as title,gn.id,gn.uuid FROM geonetworkmetadata gn
					WHERE gn.uuid not in (select uuid from metadata) and gn.owner=?
					order by gn.id desc
					";
			$sth = $this->db->prepare($sql);
			$sth->execute(array($u_id));
			$rows = $sth->fetchAll();
			
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage(15);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;			
	   }
	   //元数据导入
	   else if($ac=="import")
	   {
			$this->_helper->viewRenderer('newdata-import');
	   }	   	   
		//从模板新建元数据
		else if($ac=="add-by-template")
		{
			$keywords = $this->_request->getParam('q');
			$sql="select id,(regexp_matches(data,'<resTitle>(.*)</resTitle>'))[1] as title,(owner-$u_id) as isowner from metadata where istemplate='y' and schemaid='iso19115'";
			if(!empty($keywords))
			{
				$this->view->q = $keywords;
				$search=new Search($keywords);
				$where=$search->sql_expr(array("data"));
				$sql.=' and '.$where;
			}
			$sql.=" order by changedate desc";
			$sth = $this->wdb->prepare($sql);
			$sth->execute();
			$rows = $sth->fetchAll();

			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage(10);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;
			$this->_helper->viewRenderer('newdata-add');
		}
		
		else if($ac=="add-by-data")
		{
			$keywords = $this->_request->getParam('q');
			$sql = "SELECT md.title,md.uuid,md.description,gn.id as gid FROM normalmetadata md 
					left join geonetworkmetadata gn on md.uuid=gn.uuid
					WHERE gn.id is not null";
			if(!empty($keywords))
			{
				$this->view->q = $keywords;
				$search=new Search($keywords);
				$where=$search->sql_expr(array("md.title","md.description"));
				$sql.=' and '.$where;
			}
			$sql.=" order by md.ts_created desc";
			$sth = $this->db->prepare($sql);
			$sth->execute();
			$rows = $sth->fetchAll();
		
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage(10);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;
			$this->_helper->viewRenderer('newdata-add-bydata');
		}	   
		//提交数据
		else if($ac=="commit")
		{
			$this->_helper->layout->disableLayout();
			$this->_helper->viewRenderer->setNoRender();
		   
			$data = "";
			try{
				$id = $this->_request->getParam('id');
				if(empty($id) || !is_numeric($id))
				{
					$data = array("error"=>"参数错误");
					$this->jsonexit($data);
					return true;
				}
			   
				$changelog = $this->_request->getParam('changelog');
				if(empty($changelog))
				{
					$data = array("error"=>$this->alertbox('warning','请输入变更信息'));
					$this->jsonexit($data);
					return true;
				}
			   				
				// 1. 权限认定：当前用户必须和其owner相同
				// 数据应当没有评审状态，没有作者信息
				$sql="select gn.id from geonetworkmetadata gn
					left join mdstatus s on gn.uuid=s.uuid
					left join mdauthor a on s.uuid=a.uuid
					where s.id is not null and a.id is not null and gn.id=?";
				$sth=$this->db->prepare($sql);
				$sth->execute(array($id));
				$row=$sth->fetch();
				if (!empty($row))
				{
					$data = array("error"=>'错误的入口');
					$this->jsonexit($data);
					return true;
				}
				
				$sql="select uuid,data from metadata where id=? and owner=?";
				$sth=$this->wdb->prepare($sql);
				$sth->execute(array($id,$u_id));
				$row=$sth->fetch();
				if (empty($row))
				{
					$data = array("error"=>'无权限修改数据');
					$this->jsonexit($data);
					return true;
				}
				// 保存数据作者信息
				$sql="insert into mdauthor (uuid,userid,ts_activated,status) values(?,?,now(),1)";
				$this->db->query($sql,array($row['uuid'],$u_id));
				
				// 2. 保存变化记录 save changelog & userid for the latest version
				$sql = "UPDATE mdversion SET changelog=?,userid=? WHERE id in (select id from mdversion where uuid=? order by ts_created desc limit 1)";
				$this->db->query($sql,array($changelog,$u_id,$row['uuid']));
				
				// 3. 保存数据评审状态
				//导入元数据
				$iso=new ISO19115();
				@$iso->saveDB($this->db,$row['data']);
				//进入评审库
				$sql="insert into mdstatus (uuid,status,userid) select uuid,0,? from geonetworkmetadata where id=?";
				$this->db->query($sql,array($u_id,$id));
						
				//email to admin
				$mail=new WestdcMailer($this->view->config->smtp);
				$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
				$mailtp=new EmailText($this->db,"metadata-new-admin",array(
									'user' => $user->username,
									'uuid' => $iso->uuid,
									'email'=> $user->email,
									//元数据标题
									'title'=> $iso->resTitle,
									));
				$mail->setBodyText($mailtp->getBody());
				$mail->setSubject($mailtp->getSubject());
				if($this->debug==0)
				{
					$mail->addTo($this->view->config->service->email);
				}else{
					$mail->addTo($this->debug_email);
				}
				$mail->send();
								
				unset($mail);
				unset($mailtp);
				//email to author
				$mail=new WestdcMailer($this->view->config->smtp);
				$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
				$mailtp=new EmailText($this->db,"metadata-new-author",array(
									'user' => $user->username,
									'uuid' => $iso->uuid,
									'email'=> $user->email,
									//元数据标题
									'title'=> $iso->resTitle,
									));
				$mail->setBodyText($mailtp->getBody());
				$mail->setSubject($mailtp->getSubject());
				if($this->debug==0)
				{
					$mail->addTo($user->email);
					$mail->addCc($this->view->config->service->email);
				}else{
					$mail->addTo($this->debug_email);
				}
				@$mail->send();
					
				$data = array("commited"=>1,"error"=>$this->alertbox('ok','该版本已经成功提交，请等待数据中心进一步处理!'));
				$this->jsonexit($data);
				return true;			
			}catch(Exception $e) {
			   $msg = "提交失败，请确认权限后重试";
			   if($this->debug>0)
			   {$msg .= $e->getMessage();}
			   $data = array("error"=>$this->alertbox('error',$msg));
			   $this->jsonexit($data);
			   return true;
			}
	   }
   }
 	//新建元数据
   
   //文献管理
   function literatureAction()
   {
	   $ac = $this->_request->getParam('ac');
	   $uuid = $this->_request->getParam('uuid');
	   $id = $this->_request->getParam('id');
	   
	   $auth = Zend_Auth::getInstance();
		if($auth->hasIdentity())
		{
			$user = $auth->getIdentity();
			$u_id = $user->id;
		}
	   
	   //查看单条数据的所有文献
	   if (!empty($uuid) && empty($ac))
	   {
			$sql = "SELECT md.title,md.uuid,r.id,r.reference,r.link FROM mdref mr
					LEFT JOIN metadata md ON md.uuid=mr.uuid
					LEFT JOIN mdauthor a ON md.uuid=a.uuid
					left join reference r on mr.refid=r.id
					WHERE md.title IS NOT NULL AND a.userid=? and mr.uuid=? AND a.status=1
					order by md.ts_created desc
					";
			$sth = $this->db->prepare($sql);
			$sth->execute(array($u_id,$uuid));
			$rows = $sth->fetchAll();
			@$this->view->mdtitle=$rows[0]['title'];
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage(15);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;	
			$this->_helper->viewRenderer('literature-viewdata');			
	   }

	   //查看单条文献的所有数据
	   if (!empty($id) && empty($ac))
	   {
			$sql = "SELECT md.title,md.uuid,r.id,r.reference,r.link,(a.userid-?) as isauthor FROM mdref mr
					LEFT JOIN metadata md ON md.uuid=mr.uuid
					LEFT JOIN mdauthor a ON md.uuid=a.uuid
					left join reference r on mr.refid=r.id
					WHERE md.title IS NOT NULL AND mr.refid=? AND a.status=1
					order by md.ts_created desc
					";
			$sth = $this->db->prepare($sql);
			$sth->execute(array($u_id,$id));
			$rows = $sth->fetchAll();
			@$this->view->mdtitle=$rows[0]['reference'];
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage(15);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;	
			$this->_helper->viewRenderer('literature-viewliter');			
	   }
	   	   
	   //查看所有文献列表
	   else if((empty($ac) && empty($uuid)) && empty($id))
	   {
	   	$keywords = $this->_request->getParam('q');
			$sql = "SELECT md.title,md.uuid,r.reference,r.id,mr.id as mrid FROM mdref mr
					LEFT JOIN metadata md ON md.uuid=mr.uuid
					LEFT JOIN mdauthor a ON md.uuid=a.uuid
					left join reference r on mr.refid=r.id
					WHERE md.title IS NOT NULL AND a.userid=? AND a.status=1";
			if(!empty($keywords))
				$this->view->q = $keywords;
			if(!empty($keywords))
			{
				$search=new Search($keywords);
				$where=$search->sql_expr(array("r.reference","md.title","md.description"));
				$sql.=' and '.$where;
			}
			$sql.=" order by md.ts_created desc";
			$sth = $this->db->prepare($sql);
			$sth->execute(array($u_id));
			$rows = $sth->fetchAll();
			
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage(15);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;			
	   }

	   //按文献浏览
	   else if($ac=="byliter")
	   {
	   	$keywords = $this->_request->getParam('q');
			if(!empty($keywords))
				$this->view->q = $keywords;
			$sql = "SELECT count(md.uuid) as c,r.reference,r.id FROM reference r
				left join mdref mr on r.id=mr.refid
					LEFT JOIN metadata md ON md.uuid=mr.uuid
					LEFT JOIN mdauthor a ON md.uuid=a.uuid
	
					WHERE md.title IS NOT NULL AND a.userid=? AND a.status=1";
			if(!empty($keywords))
			{
				$search=new Search($keywords);
				$where=$search->sql_expr(array("r.reference"));
				$sql.=' and '.$where;
			}
			$sql.=" group by r.reference,r.id";

			$sth = $this->db->prepare($sql);
			$sth->execute(array($u_id));
			$rows = $sth->fetchAll();
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage(10);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;
		   
			$this->_helper->viewRenderer('literature-byliter');
	   }
	   
	   //按数据浏览
	   else if($ac=="bydata")
	   {
	   	$keywords = $this->_request->getParam('q');
			if(!empty($keywords))
				$this->view->q = $keywords;
			$sql = "SELECT md.title,md.uuid,count(mr.id) as c FROM metadata md
					LEFT JOIN mdref mr ON md.uuid=mr.uuid
					LEFT JOIN mdauthor a ON md.uuid=a.uuid
					left join reference r on mr.refid=r.id
					WHERE md.title IS NOT NULL AND a.userid=? AND a.status=1";
			if(!empty($keywords))
			{
				$search=new Search($keywords);
				$where=$search->sql_expr(array("md.title","md.description"));
				$sql.=' and '.$where;
			}
			$sql.=" group by md.uuid,md.title";

			$sth = $this->db->prepare($sql);
			$sth->execute(array($u_id));
			$rows = $sth->fetchAll();
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage(10);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;
		   
			$this->_helper->viewRenderer('literature-bydata');
	   }
	   
	   //添加文献信息
	   else if($ac == "add")
	   {
		   $submit = $this->_request->getParam('submit');
		   if(!empty($submit))
		   {
		   $this->_helper->layout->disableLayout();
		   $this->_helper->viewRenderer->setNoRender();
		   
		   $data = "";
		   try{
			   $uuid = $this->_request->getParam('uuid');
			   $ref=$this->_request->getParam('ref');
			   $reftype=$this->_request->getParam('reftype');
			   $url = $this->_request->getParam('url');
			   if(empty($uuid) || empty($ref) || !is_numeric($reftype))
			   {
					$data = array("error"=>"参数错误");
					$this->jsonexit($data);
					return true;
			   }
			   
			   $sql="select * from mdauthor where userid=? and uuid=? and status=1";
				$sth = $this->db->prepare($sql);
				$sth->execute(array($u_id,$uuid));
			   $row = $sth->fetch();				
			   if (empty($row))
			   {
					$data = array("error"=>$this->alertbox('warning','您不是该数据作者，无法添加对应文献信息。'));
					$this->jsonexit($data);
					return true;
			   }			   

				$sql="select id from reference where reference=?";
				$sth = $this->db->prepare($sql);
				$sth->execute(array($ref));
			   $row = $sth->fetch();				
				if (!$row) 
				{
					$sql="insert into reference (reference,link) values(?,?)";
					$sth = $this->db->prepare($sql);
					$sth->execute(array(trim($ref),$url));
					$sql="select id from reference where reference=?";
					$sth = $this->db->prepare($sql);
					$sth->execute(array(trim($ref)));
					$row = $sth->fetch();
				}
				$sql="insert into mdref (uuid,refid,reftype) values(?,?,?)";
				$sth = $this->db->prepare($sql);
				$ex=$sth->execute(array($uuid,$row['id'],$reftype));

	   		if($ex)
				{
					$data = array("commited"=>1,"error"=>$this->alertbox('ok','成功添加文献!'));
					$this->jsonexit($data);
					return true;
				}else{
					$data = array("error"=>$this->alertbox('error','提交失败，请确认权限后重试'));
					$this->jsonexit($data);
					return true;
				}	   
		   }catch(Exception $e) {
			   $msg = "提交失败，请确认权限后重试";
			   if($this->debug>0)
			   {$msg .= $e->getMessage();}
			   $data = array("error"=>$this->alertbox('error',$msg));
			   $this->jsonexit($data);
			   return true;
		   }
		   }else{
			   $this->_helper->layout->disableLayout();
				$this->_helper->viewRenderer('literature-add');
				$this->view->uuid = $this->_request->getParam('uuid');
		   }
	   }//添加文献 
	   
	   //删除某个文献
	   else if($ac=="delete")
	   {
		   $this->_helper->layout->disableLayout();
		   $this->_helper->viewRenderer->setNoRender();
		   
		   $data = "";
		   
		   $id = $this->_request->getParam('id');
		   $uuid = $this->_request->getParam('uuid');
		   if(empty($uuid) || !is_numeric($id))
		   {
				$data = array("error"=>"参数错误");
				$this->jsonexit($data);
				return true;
		   }
		   try{		   
		   $sql = "DELETE FROM mdref r
		   			USING mdauthor a
		   			WHERE r.uuid=a.uuid and r.refid=? and r.uuid=? AND a.userid=? AND a.status=1";
		   $sth = $this->db->prepare($sql);
		   $ex = $sth -> execute(array($id,$uuid,$u_id));
		   
		   if($ex)
		   {
			   $data = array("deleted"=>$id.$uuid,"error"=>$this->alertbox('ok','删除成功'));
			   $this->jsonexit($data);
				return true;
		   }else{
			   $data = array("error"=>$this->alertbox('error','删除失败，请确认权限后重试'));
			   $this->jsonexit($data);
				return true;
		   }
		   }catch(Exception $e) {
			   $msg = "删除失败，请确认权限后重试";
			   if($this->debug>0)
			   {$msg .= $e->getMessage();}
			   $data = array("error"=>$this->alertbox('error',$msg));
			   $this->jsonexit($data);
				return true;
		   }
	   }
	   
	   //文献附件上传
	   else if($ac=='upload')
	   {

			   $this->_helper->layout()->disableLayout();
				$this->_helper->viewRenderer->setNoRender();
				
				$uuid = $this->_getParam('uuid');
				
				try{
					
					$files=new files();
					$msg = $files -> upload($this->view->config->upload,$_FILES['Filedata'],'literature');
					
					if(empty($msg['error']))
					{
						$msg['error']="";
						$filename = $msg['db_path'];
						$filesize = $msg['file_size'];
						$filedesc = $this->_request->getParam('filedesc');
						$filetype = $msg['file_type'];
						$realname = $msg['realname'];
						
						
						$sql = "insert into attachments (filename,filetype,filedesc,userid,filesize,realname) values ('$filename','$filetype','$filedesc','$u_id','$filesize','$realname') RETURNING id";
						$sth = $this->db->prepare($sql);
						$sth->execute();
						$att = $sth->fetch(PDO::FETCH_ASSOC);
						$msg['attid'] = $attid = $att['id'];
						
							$msg['html'] = $realname.'['. round($filesize/1024,2) .' kb]<input type="hidden" name="url" value="/service/attach/id/'.$attid.'" /><div class="cancel"><a href="javascript:;" id="deletebtn_'.$attid.'" title="删除该文件"><img border="0" src="/static/js/uploadify/cancel.png" /></a></div>';
							echo Zend_Json::encode($msg);
							exit();

						
						
					}else{
						$msg['error'] = '附件上传失败:'.$msg['error'];
						@unlink($filename);
						echo Zend_Json::encode($msg);
						exit();
					}
		
				}catch(Exception $e){
					$msg['error'] = "错误：".$e->getMessage();
					echo Zend_Json::encode($msg);
					exit();
				}
	   }//文件上传
	        
   }//文献管理

	//文档管理
	function documentAction(){
	   
	   $ac = $this->_request->getParam('ac');
	   
	   $auth = Zend_Auth::getInstance();
		if($auth->hasIdentity())
		{
			$user = $auth->getIdentity();
			$u_id = $user->id;
		}
	   
	   if(empty($ac) || $ac == 'list' || $ac=='search')
	   {
		   
		   $wheresql = "";
		   
		   $keyword = $this->_request->getParam('q');
		   
		   if($ac=='search' && !empty($keyword))
		   {
				$this->view->q = $keyword;
				$search = new Search($keyword);
                $wheresql = $search->sql_expr(array("md.title")); 
		   }
		   if(!empty($wheresql))
			{
				$wheresql = " AND ".$wheresql;
			}
		   
		   
		   $sql = "select count(att.id) as aid,md.title,md.uuid from metadata md
					LEFT JOIN mdauthor a ON a.uuid=md.uuid
					LEFT JOIN mdattach att ON att.uuid=md.uuid
					WHERE a.status>=1 AND a.userid=? $wheresql
					GROUP BY md.title,md.uuid";
					
			$sth = $this->db->prepare($sql);
			$sth->execute(array($u_id));
			$rows = $sth->fetchAll();
			
			
			$paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage(10);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;		   
		}
	   
	   if($ac=='view')
	   {
		   $uuid = $this->_request->getParam('uuid');
		   
		   if(empty($uuid) || !preg_match("/^[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}$/",$uuid))
		   {
			   $this->view->error = "参数有误!";
			   return true;
		   }
		   
		   $sql = "SELECT title FROM metadata WHERE uuid=?";
		   $sth = $this->db->prepare($sql);
		   $sth->execute(array($uuid));
		   $row = $sth->fetch();
		   
		   $this->view->title = $row['title'];
		   
		   $sql = "SELECT att.*,md.title,md.uuid FROM mdattach mda 
					LEFT JOIN attachments att ON mda.id=att.id
					LEFT JOIN metadata md ON mda.uuid=md.uuid
					LEFT JOIN users u ON att.userid=u.id
					WHERE md.uuid=?
					";
			
			$sth = $this->db->prepare($sql);
			$sth->execute(array($uuid));
			$rows = $sth->fetchAll();
			
			$this->view->info=$rows;
			
		    $paginator = Zend_Paginator::factory($rows);
			$paginator->setCurrentPageNumber($this->_getParam('page'));
			$paginator->setItemCountPerPage(10);
			$paginator->setView($this->view);
			Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
			$this->view->paginator=$paginator;
		   
		   $this->_helper->viewRenderer('document-view');
	   }
	   
	   if($ac == 'del')
	   {
		   
		   $this->_helper->layout()->disableLayout();
			$this->_helper->viewRenderer->setNoRender();
			
			(int)$id = $this->_request->getParam('id');
			$uuid = $this->_request->getParam('uuid');
			if(!preg_match("/^[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}$/",$uuid))
			{
				exit();
			}
			
			$info = $this->getFileinfo($id);
			$filepath = $dataFilePath.$info['filename'];
			try{
				$auth = Zend_Auth::getInstance();
				if($auth->hasIdentity())
				{
					$user = $auth->getIdentity();
					$userid = $user->id;
					$sql_mdattach = "delete from mdattach where uuid='$uuid' and id='$id'";
					$sql = "delete from attachments where id='$id' and userid='$userid'";
					if($this->db->exec($sql_mdattach)>0 && $this->db->exec($sql)>0)
					{
						@unlink($filepath);
						echo "ok";
					}
				}
				
			}catch(Exception $e){}
			//不输出任何错误
		   
	   }//删除
	   
	   if($ac=='upload')
	   {
		   $submit = $this->_request->getParam('submit');
		   if(empty($submit))
		   {
			   $uuid = $this->_request->getParam('uuid');
			   $this->view->uuid=$uuid;
			   $this->_helper->layout->disableLayout();
			   $this->_helper->viewRenderer('document-upload');
			   return true;
		   }
		   else
		   {
			   $this->_helper->layout()->disableLayout();
				$this->_helper->viewRenderer->setNoRender();
				
				$uuid = $this->_getParam('uuid');
				
				try{
					
					$files=new files();
					$msg = $files -> upload($this->view->config->upload,$_FILES['Filedata'],'document');
					
					if(empty($msg['error']))
					{
						$msg['error']="";
						$filename = $msg['db_path'];
						$filesize = $msg['file_size'];
						$filedesc = $this->_request->getParam('filedesc');
						$filetype = $msg['file_type'];
						$realname = $msg['realname'];
						
						
						$sql = "insert into attachments (filename,filetype,filedesc,userid,filesize,realname) values ('$filename','$filetype','$filedesc','$u_id','$filesize','$realname') RETURNING id";
						$sth = $this->db->prepare($sql);
						$sth->execute();
						$att = $sth->fetch(PDO::FETCH_ASSOC);
						$msg['attid'] = $attid = $att['id'];
						
						$sql = "insert into mdattach (uuid,id) values ('$uuid','$attid')";
						if($this->db->exec($sql))
						{
							$msg['html'] = $realname.'['. round($filesize/1024,2) .' kb]<input type="hidden" name="atts[]" value="'.$attid.'" /><div class="cancel"><a href="javascript:;" id="deletebtn_'.$attid.'"><img border="0" src="/static/js/uploadify/cancel.png" /></a></div>';
							echo Zend_Json::encode($msg);
							exit();
						}else{
							$msg['error'] = '附件上传失败:写入附件表出错';
							@unlink($filename);
							echo Zend_Json::encode($msg);
							exit();
						}
						
						
					}else{
						$msg['error'] = '附件上传失败:'.$msg['error'];
						@unlink($filename);
						echo Zend_Json::encode($msg);
						exit();
					}
		
				}catch(Exception $e){
					$msg['error'] = "错误：".$e->getMessage();
					echo Zend_Json::encode($msg);
					exit();
				}
		   }
	   }//文件上传
	   
	   if($ac == 'download')
	   {
		   (int)$id = $this->_request->getParam('id');
		   
		   $sql = "select * from attachments where id='$id'";
			
			$re = $this->db->query($sql);
			
			$row = $re->fetch();
			
			$file = new files();
			
			$fullPath = $this->view->config->upload.$row['filename'];
			
			
				// Parse Info / Get Extension
				$fsize = filesize($fullPath);
				$path_parts = pathinfo($fullPath);
				$ext = strtolower($path_parts["extension"]);
			   
				// Determine Content Type
				switch ($ext) {
				  case "pdf": $ctype="application/pdf"; break;
				  case "exe": $ctype="application/octet-stream"; break;
				  case "zip": $ctype="application/zip"; break;
				  case "doc": $ctype="application/msword"; break;
				  case "xls": $ctype="application/vnd.ms-excel"; break;
				  case "ppt": $ctype="application/vnd.ms-powerpoint"; break;
				  case "gif": $ctype="image/gif"; break;
				  case "png": $ctype="image/png"; break;
				  case "jpeg":
				  case "jpg": $ctype="image/jpg"; break;
				  default: $ctype="application/force-download";
				}
				
				$content=file_get_contents($fullPath);
				$this->_helper->layout->disableLayout();
				$this->_helper->viewRenderer->setNoRender();
				$this->getResponse()->setHeader('Content-Type', 'application/octet-stream')
									->setHeader('Content-Disposition','attachment; filename="'.$row['realname'].'"')
									->setHeader('Content-Length', $fsize)
									->setHeader('Content-Type','application/force-download')
									->setHeader('Content-Type','application/download')
									->setHeader('Content-Type',$ctype)
									->setHeader('Content-Description','File Transfer')
									->setHeader('Content-Transfer-Encoding','binary')
									->setHeader('Expires',0)
									->setHeader('Cache-Control','must-revalidate, post-check=0, pre-check=0')
									->setHeader('Pragma','public')
									->setBody($content);
	   }//文件下载
	   
   }//文档管理
   
   /*
   * delegateAction() 委托
   *
   * 
   */
   public function delegateAction(){
	   
	   $ac = $this->_request->getParam('ac');
	   $uuid = $this->_request->getParam('uuid');
	   
	   if($ac == '' && !empty($uuid))
	   {
		   
			$auth = Zend_Auth::getInstance();
			if($auth->hasIdentity())
			{
				$user = $auth->getIdentity();
				$uid = $user->id;
			}

			if(!preg_match("/^[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}$/",$uuid))
			{
				$this->view->info = "参数错误";
				return true;
			}
		   
			$sql = "SELECT * FROM metadata WHERE uuid=?";
			$sth = $this->db->prepare($sql);
			$sth ->execute(array($uuid));
			$row = $sth->fetch();
		   
			$this->view->metadata = $row;
			
			//确认一下用户有权限，如果直接使用update语句无法得到已更改过的状态
			//只要是认证后的数据作者，都可以修改数据的委托状态
			$sql = "SELECT * FROM mdstatus 
					WHERE uuid=? AND userid in (select userid from mdauthor where status=1 and uuid=?) AND status=?";
			
			$sth = $this->db->prepare($sql);
			$sth->execute(array($uuid,$uuid,6));
			$mds = $sth->fetch();
			
			if(!empty($mds['id']))
			{
				$sql = "UPDATE mdstatus SET status=7,ts_changed='now()',userid=$uid WHERE uuid='$uuid'";
				if($this->db->exec($sql))
				{
					$this->view->info = "委托成功！";
					return true;
				}
				else
				{
					$this->view->info = "委托失败！";
					return true;
				}
			}else{
				$this->view->info = "该数据无法委托，请确定数据状态已经可以进行委托，或数据尚未进行委托";
			}
	   }
	   
	   if($ac == 'cancel')
	   {
		   
		   $auth = Zend_Auth::getInstance();
			if($auth->hasIdentity())
			{
				$user = $auth->getIdentity();
				$uid = $user->id;
			}

			if(!preg_match("/^[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}$/",$uuid))
			{
				$this->view->info = "参数错误";
				return true;
			}
			
			$sql = "SELECT * FROM metadata WHERE uuid=?";
			$sth = $this->db->prepare($sql);
			$sth ->execute(array($uuid));
			$row = $sth->fetch();
		   
			$this->view->metadata = $row;
			
			$sql = "SELECT * FROM mdstatus 
					WHERE uuid=? AND userid in (select userid from mdauthor where status=1 and uuid=?) AND status=?";
			
			$sth = $this->db->prepare($sql);
			$sth->execute(array($uuid,$uuid,7));
			$mds = $sth->fetch();
			
			if(!empty($mds['id']))
			{
				$sql = "UPDATE mdstatus SET status=6,ts_changed='now()',userid=$uid WHERE uuid='$uuid'";
				if($this->db->exec($sql))
				{
					$this->view->info = "取消委托成功！";
					return true;
				}
				else
				{
					$this->view->info = "取消委托失败！";
					return true;
				}
			}else{
				$this->view->info = "操作失败！该数据尚未进行委托";
			}
			
			
	   }
	   
	   
   }//委托
   
   
   /*
   * staticsAction() 数据统计
   *
   *
   */
   public function staticsAction(){
	   
	   $ac = $this->_getParam('ac');
	   
	   if(empty($ac))
	   {
		   $this->view->alldata = $this->getClick();
	   }
	   
	   if($ac=="md")
	   {
		   $this->_helper->viewRenderer('statics-md');
		   $this->view->allorder = $this->getStatic("allorder");
		   $this->view->offlineorder = $this->getStatic("offline");
		   $this->view->onlineorder = $this->getStatic("online");
	   }
	   
	   if($ac == "time")
	   {
		   $this->_helper->viewRenderer('statics-time');
		   $this->view->datas = $this->getStaticByYear("dataorder");
		   
	   }
	   
   }//staticsAction() 数据统计
   
	public function getClick(){
		
		$auth = Zend_Auth::getInstance();
		if($auth->hasIdentity())
		{
			$user = $auth->getIdentity();
			$uid = $user->id;
		}
		
		$sql = "SELECT md.title,md.uuid,s.viewed,count(o.id) as down FROM metadata md
				LEFT JOIN mdstat s ON md.uuid=s.uuid
				LEFT JOIN mdauthor a ON md.uuid=a.uuid
				LEFT JOIN dataorder o ON md.uuid=o.uuid
				WHERE a.userid=? OR (o.status=0 or o.status=5)
				GROUP BY md.title,md.uuid,s.viewed";
		$sth = $this->db->prepare($sql);
		$sth->execute(array($uid));
		$rows = $sth->fetchAll();
		
		return $rows;
	}
   
	/*
	* getStaticByYear按月份获取统计数据 
	*/
	public function getStaticByYear($ac,$year=0){
			
		if(empty($year))
		{
			$year = date("Y",time());
		}
		
		
		if($ac == "dataorder")
		{
			$table = "dataorder";
			$time_field = "ts_created";
			$count_field = "id";
		}
		
		$sql = "select to_char(o.$time_field, 'YYYY-MM') as d , count(o.$count_field) as c from $table o
				where o.ts_created between '$year-01-01' and '$year-12-12' group by d";
				
		$sth = $this->db->prepare($sql);
		$sth->execute();
		$rows = $sth->fetchAll();
		
		return $rows;	
	}
   
	public function getStatic($ac){
		$auth = Zend_Auth::getInstance();
		if($auth->hasIdentity())
		{
			$user = $auth->getIdentity();
			$uid = $user->id;
		}
		
		if(empty($uid)){
			return false;
		}
	   
	   if($ac == "allorder"){
			$sql = " SELECT count(o.id) as c FROM metadata md
					LEFT JOIN dataorder o ON md.uuid=o.uuid
					LEFT JOIN mdauthor a ON md.uuid=a.uuid
					WHERE a.userid=? AND a.status>0";
			$sth = $this->db->prepare($sql);
			$sth->execute(array($uid));
			$row = $sth->fetch();
			return $row['c'];
	   }
	   
	   if($ac == "offline"){
			$sql = " SELECT count(o.id) as c FROM metadata md
					LEFT JOIN dataorder o ON md.uuid=o.uuid
					LEFT JOIN mdauthor a ON md.uuid=a.uuid
					WHERE o.offlineappid > 0 AND a.userid=? AND a.status>0";
			$sth = $this->db->prepare($sql);
			$sth->execute(array($uid));
			$row = $sth->fetch();
			return $row['c'];
	   }
	   
	   if($ac == "online"){
		   $sql = " SELECT count(o.id) as c FROM metadata md
					LEFT JOIN dataorder o ON md.uuid=o.uuid
					LEFT JOIN mdauthor a ON md.uuid=a.uuid
					WHERE o.onlineappid > 0 AND a.userid=? AND a.status>0";
			$sth = $this->db->prepare($sql);
			$sth->execute(array($uid));
			$row = $sth->fetch();
			return $row['c'];
	   }
	   
   }
   
   
   public function getFileinfo($id){	
		$sql = "select * from attachments where id='$id'";
		$re= $this->db->query($sql);
		$row= $re->fetch();
		return $row;
	}
	
   //成为作者后的后继处理工作
   private function author_first($uuid,$author)
   {
   	$sql="insert into mdversion (xml,ts_created,uuid,changelog,userid) 
   		select x.data,m.ts_created,?,?,? from metadata m left join xml x on m.id=x.id
   		left join mdversion v on m.uuid=v.uuid
   		where m.uuid=? and v.changelog is null";
   	$sth=$this->db->prepare($sql);
   	try
   	{
   		$sth->execute(array($uuid,'初始版本 version 1.0',$author,$uuid));
   	} catch(Exception $e){
   		// do nothing here.
   		// 说明之前已经有对应数据
   	}
   	$this->wdb=Zend_Db::factory($this->view->config->geonetwork);
   	$sql="update metadata set owner=? where uuid=?";
   	$sth=$this->wdb->prepare($sql);
   	$sth->execute(array($author,$uuid));
   }   
   
   /*
    * jsonexit() 退出并返回json数据
    *
    * param array $data		要返回的JSON数据，可以是任意数组
    *
	* return JSON-response
    */
	public function jsonexit($data){
		$this->getResponse()->setHeader('Content-Type', 'application/json')->appendBody(Zend_Json::encode($data));
		return true;  
	}//jsonexit() 退出并返回json数据
   
   
   //ajax 提示框
   public function alertbox($type='',$body){
	   if($type == "error")
	   {
		   $img = '<img src="/images/alert_big_error.png" />';
		   $text = '<h4>'.$body.'</h4>';
		   return $img.$text;
	   }
	   if($type == "ok")
	   {
		   $img = '<img src="/images/alert_big_ok.png" />';
		   $text = '<h4>'.$body.'</h4>';
		   return $img.$text;
	   }
	   if($type == "warning")
	   {
		   $img = '<img src="/images/alert_big_warning.png" />';
		   $text = '<h4>'.$body.'</h4>';
		   return $img.$text;
	   }
	   if(empty($type))
	   {
		   $text = '<h4>'.$body.'</h4>';
		   return $text;
	   }
   }
}