westdc-zf1/application/default/controllers/ReviewController.php

<?php
class ReviewController extends Zend_Controller_Action 
{
	private $limit=10;
	function preDispatch()
	{
		$this->view->config = Zend_Registry::get('config');
		$this->db=Zend_Registry::get('db');
		$this->messenger=$this->_helper->getHelper('FlashMessenger');
    	$this->view->messages = $this->messenger->getMessages();
	}
	function indexAction()
	{
		//最新10个收稿
		$sql="select m.uuid,m.title,date(s.ts_created) as ts_created from mdstatus s left join metadata m on m.uuid=s.uuid where s.status=0 order by s.ts_created desc limit 10";
		$this->view->mdreceived = $this->db->fetchAll($sql);
		//最新10个接收
		$sql="select m.uuid,m.title,s.ts_accepted from mdstatus s left join metadata m on m.uuid=s.uuid where s.status=1 order by s.ts_created desc limit 10";
		$this->view->mdaccepted = $this->db->fetchAll($sql);
		//最新10个送审
		$sql="select m.uuid,m.title,s.ts_accepted from mdstatus s left join metadata m on m.uuid=s.uuid where s.status in (2,3,4) order by s.ts_created desc limit 10";
		$this->view->mdinreview = $this->db->fetchAll($sql);
		//最新10个已审
		$sql="select m.uuid,m.title,s.ts_accepted from mdstatus s left join metadata m on m.uuid=s.uuid where s.status=5 order by s.ts_created desc limit 10";
		$this->view->mdreviewed = $this->db->fetchAll($sql);
		//统计数字
		$sql="select (select count(*) from mdexperts) as experts,(select count(*) from mdstatus where status=0) as draft,(select count(*) from mdstatus where status=1) as accept,(select count(*) from mdstatus where status in (2,3,4)) as inreview,(select count(*) from mdstatus where status=5) as reviewed,(select count(*) from mdreview) as openreview,(select count(distinct(userid)) from mdreview) as openreviewuser";
		$this->view->stat=$this->db->fetchRow($sql);
	}
	
	function myreviewAction(){
		$auth = Zend_Auth::getInstance();
		if($auth->hasIdentity())
		{
			$user = $auth->getIdentity();
			$uid = $user->id;
		}else{
			$this->_redirect('/account/login/?href=/review/myreview');
		}
		$page=@(int)$this->_request->getParam('page');
		if (empty($page)) $page=1;
		$offset=$this->limit*($page-1);
		$row=$this->db->fetchAll("select count(s.*) from mdstatus s left join normalmetadata m on s.uuid=m.uuid where m.uuid in (select uuid from mdexpertreview er where er.id=$uid union select uuid from mdreview r where r.userid=$uid)");
		$sum=$row[0]['count'];
    	$sql="select m.uuid,m.title,m.id,m.description,s.status,s.ts_accepted,s.ts_finished,g.id as gid,t.filename from mdstatus s left join normalmetadata m on s.uuid=m.uuid left join geonetworkmetadata g on g.uuid=m.uuid left join thumbnail t on t.id=m.id where m.uuid in (select uuid from mdexpertreview er where er.id=$uid union select uuid from mdreview r where r.userid=$uid) order by s.ts_created desc,m.title limit ? offset ?";
		$this->view->metadata=$this->db->fetchAll($sql,array($this->limit,$offset));
    	$this->view->page=new Pagination($sum,$page,$this->limit);	
		foreach($this->view->metadata as $k=>$v)
		{
			$this->view->metadata[$k]['statustext']=$this->rewritestatus($v['status']);
		}	
	}//我参审的
	
	function draftAction(){
		$page=@(int)$this->_request->getParam('page');
		if (empty($page)) $page=1;
		$offset=$this->limit*($page-1);
		$row=$this->db->fetchAll("select count(s.*) from mdstatus s left join metadata m on s.uuid=m.uuid where s.status in (0)");
		$sum=$row[0]['count'];
    	$sql="select m.uuid,m.title,m.id,m.description,s.status,s.ts_created,g.id as gid,t.filename from mdstatus s left join metadata m on s.uuid=m.uuid left join geonetworkmetadata g on g.uuid=m.uuid left join thumbnail t on t.id=m.id where s.status in (0) order by s.ts_created desc,m.title limit ? offset ?";
		$this->view->metadata=$this->db->fetchAll($sql,array($this->limit,$offset));
    	$this->view->page=new Pagination($sum,$page,$this->limit);			
	}//最新收稿
	
	function acceptAction(){
		$page=@(int)$this->_request->getParam('page');
		if (empty($page)) $page=1;
		$offset=$this->limit*($page-1);
		$row=$this->db->fetchAll("select count(s.*) from mdstatus s left join normalmetadata m on s.uuid=m.uuid where s.status in (1)");
		$sum=$row[0]['count'];
    	$sql="select m.uuid,m.title,m.id,m.description,s.status,s.ts_accepted,g.id as gid,t.filename from mdstatus s left join normalmetadata m on s.uuid=m.uuid left join geonetworkmetadata g on g.uuid=m.uuid left join thumbnail t on t.id=m.id where s.status in (1) order by s.ts_created desc,m.title limit ? offset ?";
		$this->view->metadata=$this->db->fetchAll($sql,array($this->limit,$offset));
    	$this->view->page=new Pagination($sum,$page,$this->limit);	
	}//最新收稿
	
	function inreviewAction(){
		$page=@(int)$this->_request->getParam('page');
		if (empty($page)) $page=1;
		$offset=$this->limit*($page-1);
		$row=$this->db->fetchAll("select count(s.*) from mdstatus s left join normalmetadata m on s.uuid=m.uuid where s.status in (2,3,4)");
		$sum=$row[0]['count'];
    	$sql="select m.uuid,m.title,m.id,m.description,s.status,s.ts_accepted,g.id as gid,t.filename from mdstatus s left join normalmetadata m on s.uuid=m.uuid left join geonetworkmetadata g on g.uuid=m.uuid left join thumbnail t on t.id=m.id where s.status in (2,3,4) order by s.ts_created desc,m.title limit ? offset ?";
		$this->view->metadata=$this->db->fetchAll($sql,array($this->limit,$offset));
    	$this->view->page=new Pagination($sum,$page,$this->limit);
	}//在审阶段的元数据
	
	
	function reviewedAction(){
		$page=@(int)$this->_request->getParam('page');
		if (empty($page)) $page=1;
		$offset=$this->limit*($page-1);
		$row=$this->db->fetchAll("select count(s.*) from mdstatus s left join normalmetadata m on s.uuid=m.uuid where s.status in (5)");
		$sum=$row[0]['count'];
    	$sql="select m.uuid,m.title,m.id,m.description,s.status,s.ts_finished,g.id as gid,t.filename from mdstatus s left join normalmetadata m on s.uuid=m.uuid left join geonetworkmetadata g on g.uuid=m.uuid left join thumbnail t on t.id=m.id where s.status in (5) order by s.ts_created desc,m.title limit ? offset ?";
		$this->view->metadata=$this->db->fetchAll($sql,array($this->limit,$offset));
    	$this->view->page=new Pagination($sum,$page,$this->limit);
	}//已完成评审的元数据
	
	
	function rewritestatus($status){
		if($status==-1)
		{return "取消评审";}
		else if($status==0)
		{return "投稿元数据";}
		else if($status==1)
		{return "接收元数据";}
		else if($status==2)
		{return "专家评审中";}
		else if($status==3)
		{return "专家评审中";}
		else if($status==4)
		{return "专家反馈";}
		else if($status==5)
		{return "已发布";}
		else
		{return "";}
	}//function rewriterstatus
	
	function replace($string){
		$patterns = array("/\"/i","/\'/i");
		$replacements = array("“","‘");
		ksort($patterns);
		ksort($replacements);
		return preg_replace($patterns, $replacements, $string);
	}
 	
 	function reviewAction() {
		
 		$uuid = $this->_request->getParam('uuid');
 		$sql=$this->db->quoteInto("select m.id,m.uuid,m.title,m.description,m.title_en,r.status from metadata m
									left join mdstatus r on r.uuid=m.uuid 
									where m.uuid=?",$uuid);
		$md = $this->db->fetchRow($sql);
				
 		$this->view->metadata = $md;
		$auth = Zend_Auth::getInstance();
		if($auth->hasIdentity())
		{
			$user = $auth->getIdentity();
			$userid = $user->id;
			$sql = "select * from mdreview where userid='$userid' and uuid='$uuid'";
			$rs = $this->db->query($sql);
			$row  = $rs->fetch();
			$this->view->review = $row;
		}	
 	}//reviewAction()
	
	function allreviewAction(){
		$this->_helper->layout->disableLayout();
		$this->_helper->viewRenderer->setNoRender();
		
		$uuid = $this->_request->getParam('uuid');
		
		$sql = "select r.id,r.is_expert,r.uuid,r.userid,r.ts_created,u.username,r.mdcomment,r.conclusion,ratt.reviewid from mdreview r
				left join users u on u.id=r.userid
				left join mdreviewattach ratt on r.id=ratt.reviewid 
				where r.uuid='$uuid' and r.status>-1
				group by r.id,r.is_expert,r.uuid,r.userid,r.ts_created,u.username,r.mdcomment,r.conclusion,ratt.reviewid
				order by r.id desc
				";
		
		$rs = $this->db->query($sql);
		$rows = $rs->fetchAll();
			
		$paginator = Zend_Paginator::factory($rows);
		$paginator->setCurrentPageNumber($this->_getParam('page'));
		$paginator->setItemCountPerPage(5);
		$paginator->setView($this->view);
		Zend_View_Helper_PaginationControl::setDefaultViewPartial('review/pagination_ajax.phtml');
		
		$list = "";
		foreach($paginator as $k=>$v)
		{
			$list.='
			<li>
			<div class="reviewitem">
			<div class="itemtitle">评审人：';
				if(!$v['is_expert'])
				{
					$list .= $v['username'];
				}else
				{
					$list.= '专家';
				}
			$list .= '</div><div class="itemtime">';
			if($v['reviewid']!="")
			{
			$list.='[<a href="javascript:;" onclick="checkfiles(\''.$v['id'].'\')">查看评审附件</a>]&nbsp;&nbsp;';
			}
			$list .='
			评审时间：'.date("Y-m-d H:i",strtotime($v['ts_created'])).'</div>
				<div class="itemcontent"><p>'.str_replace(array("\r\n", "\n", "\r"),'</p><p>',$v['mdcomment']).'</p></div>
				<div id="filelist_'.$v['id'].'" class="filelist"></div>
				</div>
			</li>
			';
		}
		
		if(empty($list))
		{
			$list="<p style='text-align:center'>暂无评审数据</p>";
		}
		
		$stringbuffer = "<ul class='reviewlist'>$list</ul>";
			
		echo $stringbuffer.'<div class="paginator">'.$paginator.'</div>';
		
	}//allreviewAction() 所有评论 ajax
	
	function saveAction(){
		
		$this->_helper->layout->disableLayout();
		$this->_helper->viewRenderer->setNoRender();
		
		$do = $this->_request->getParam('do');
		$conclusion = $this->_request->getParam('conclusion');
		$mdcomment = $this->replace(trim($this->_request->getParam('mdcomment')));
		$datacomment = $this->replace(trim($this->_request->getParam('datacomment')));
		$editorcomment = $this->replace(trim($this->_request->getParam('editorcomment')));
		
		$uuid = $this->_request->getParam('uuid');
 		$sql=$this->db->quoteInto("select m.id,m.uuid,m.title,m.description,m.title_en,r.status from metadata m
									left join mdstatus r on r.uuid=m.uuid 
									where m.uuid=?",$uuid);
		$md = $this->db->fetchRow($sql);
		
		if($md['status']>4)
		{
			echo '<div class="box box-info">该数据已经通过评审，不能再发表评审意见，如需提交问题，请联系数据管理员</div>';
			exit();
		}
		if($md['status']<1)
		{
			echo '<div class="box box-info">已被数据中心接收的数据才可以进行评审</div>';
			exit();
		}
			
		$auth = Zend_Auth::getInstance();
		if($auth->hasIdentity())
		{
			$user = $auth->getIdentity();
			$userid = $user->id;
			$sql = "select id,userid,status from mdreview where userid='$userid' and uuid='$uuid'";
			$rs = $this->db->query($sql);
			$row = $rs->fetch();
			if($row['id']!='' && $row['status']>-1)
			{
				echo '<div class="box box-info">您已经对该元数据发表过评审了</div>';
				exit();
			}
		}else{
			echo '<div class="box box-info">读取用户信息失败，请刷新页面后重试 :(</div>';
			exit();
		}
		
		if(empty($conclusion))
		{
			echo '<div class="box box-info">请选择评审意见</div>';
			exit();
		}
		if(!is_numeric($conclusion) || !in_array($conclusion,array(-1,1,2,3)))
		{
			echo '<div class="box box-info">参数有误，请刷新页面 :(</div>';
			exit();
		}
		if(empty($mdcomment) )
		{
			echo '<div class="box box-info">请填写元数据意见 :(</div>';
			exit();
		}
		
		try{
			
			if($row['status']<0)
			{
				$sql = "delete from mdreview where id='{$row['id']}'";
				if($this->db->exec($sql)<1)
				{
					echo '<div class="box box-error">处理出错，请重试</div>';
					exit();
				}
			}
				
			$data = array(
				'userid' => $userid,
				'uuid' => $uuid,
				'mdcomment' => $mdcomment,
				'ts_created' => 'now()',
				'datacomment' => $datacomment,
				'editorcomment' => $editorcomment,
				'conclusion' => $conclusion,
				'status' => -1
			);
			
			if($do=='submit')
			{
				$data['status'] = 0;
			}
			
			
			$sql = "select id from mdexpertreview where id='$userid' and uuid='$uuid'";
			$rs = $this->db->query($sql);
			$row = $rs->fetch();
					
			if($row['id']!='')
			{
				$data['is_expert'] = 'true';
			}
			
			$keys = array();
			$values = array();
			foreach ($data as $k=>$v)
			{
				$keys[]=$k;
				$values[]=$v;
			}
			
			$keys = join(",",$keys);
			$values = "'".join("','",$values)."'";
			
			$sql = "insert into mdreview ($keys) values ($values) RETURNING id";
			$sth = $this->db->prepare($sql);
			if($sth->execute())
			{
				$review = $sth->fetch(PDO::FETCH_ASSOC);
				$reviewid=$review['id'];
				if(isset($_POST['atts']))
				{	
					foreach($_POST['atts'] as $v)
					{
						$sql = "insert into mdreviewattach (attachid,reviewid) values ('$v','$reviewid')";
						$this->db->exec($sql);
					}
					echo '<div class="box box-success">保存成功！';
					echo "</div>";
				}
				if($data['status']>=0)
				{
					echo '<script>$("#postcomment").remove();</script>';
					$title = "收到新元数据评审意见";
					$msg = "用户".$user->username."对元数据《".$md['title']."》发布了评审意见，<a href=\"/admin/review/comments/ac/view/id/".$reviewid."\">点击查看</a>";
					include_once("message.php");
					message::post($this->db,0,-1,$title,$msg);

					$mail=new WestdcMailer($this->view->config->smtp);
					$mail->setFrom($this->view->config->service->email,'西部数据中心服务组');
					if(@$data['is_expert']=='true')
					{
						$mailtp=new EmailText($this->db,"review-expert-comment",array(
							'user' => $user->username,
							'uuid' => $uuid,
							'title'=> $md['title'],
							'content' => $mdcomment
							));
						$mail->setBodyText($mailtp->getBody());
						$mail->setSubject($mailtp->getSubject());
						$mail->addTo($this->view->config->service->email); 	//管理员邮箱
					}else{
						$mailtp=new EmailText($this->db,"review-post-comment",array(
							'user' => $user->username,
							'uuid' => $uuid,
							'title'=> $md['title'],
							'content' => $mdcomment
							));
						$mail->setBodyText($mailtp->getBody());
						$mail->setSubject($mailtp->getSubject());
						$sql="select distinct(res.email) from responsible res left join role r on res.id=r.resid where r.role in ('author','resourceProvider') and r.uuid=?";
						$rows=$this->db->fetchAll($this->db->quoteInto($sql,$uuid));
						foreach($rows as $row)
							$mail->addTo($row['email']);	//元数据作者
						$mail->addCc($this->view->config->service->email);	//管理员
					}
					$mail->send();
				}
			}else{
				echo '<div class="box box-error">保存出错，请稍后再试！</div>';
				exit();
			}
		}catch (Exception $e){	
			echo '<div class="box box-error">保存失败，请重试！</div>';
			exit();
		}
		
	}// saveAction 存草稿 ajax
	
   function searchAction()
   {
    	$key=$this->_request->getParam('q');
    	if (!empty($key)) {
    		$search=new Search($key);
    		$where=$search->sql_expr(array("m.title","m.description"));
    		$page=@(int)$this->_request->getParam('page');
    		if (empty($page)) $page=1;
    		$offset=$this->limit*($page-1);
    		$row=$this->db->fetchAll("select count(s.*) from mdstatus s left join normalmetadata m on s.uuid=m.uuid where s.status>0 and ".$where);
    		$sum=$row[0]['count'];
    		$sql="select m.uuid,m.title,m.id,m.description,s.status,g.id as gid,t.filename from mdstatus s left join normalmetadata m on s.uuid=m.uuid left join geonetworkmetadata g on g.uuid=m.uuid left join thumbnail t on t.id=m.id where s.status>0 and ".$where." order by s.ts_created desc,m.title limit ? offset ?";
			$this->view->metadata=$this->db->fetchAll($sql,array($this->limit,$offset));
    		$this->view->page=new Pagination($sum,$page,$this->limit);
    		$this->view->key=$key;
			foreach($this->view->metadata as $k=>$v)
			{
				$this->view->metadata[$k]['statustext']=$this->rewritestatus($v['status']);
			}    		
    	}
   }
   
   function helpAction()
   {
   }
   
	function attlistAction()
	{
		
		$this->_helper->layout->disableLayout();
		$this->_helper->viewRenderer->setNoRender();
		
		$rid = $this->_request->getParam('id');
		
		$list = array();
		$list[]= '
			<li style="border:none">
				附件列表：
				<span><a href="javascript:void(0);" onclick="$(\'#filelist_'.$rid.' ul\').remove();">[关闭]</a></span>
			</li>
		';
		
		$sql = "select att.realname,att.id,att.filesize from attachments att
				left join mdreviewattach ratt on ratt.attachid = att.id
				where ratt.reviewid = $rid";
				
		$rs  = $this->db->query($sql);
		
		$rows = $rs->fetchAll();
		
		foreach($rows as $k=>$v)
		{
			if($v['filesize'] > 1024*1024)
			{
				$v['filesize'] = round($v['filesize']/1024/1024,2) . "MB";
			}
			else
			{
				$v['filesize'] = round($v['filesize']/1024,2) . "KB";
			}
			$list[] = '
			<li>'.$v['realname'].' &nbsp;('.$v['filesize'].')
			<span><a href="/review/downatt/id/'.$v['id'].'" target="_blank">下载</a></span>
			</li>
			';
		}
		if(count($rows)>0)
		{
			echo "<ul>".join('',$list)."</ul>";
		}else{
			echo "无附件";
		}
		
		exit();
		
	}// ajax 评审附件列表
	
	function downattAction(){
		
		$this->_helper->layout->disableLayout();
		$this->_helper->viewRenderer->setNoRender();
		
		$id = $this->_request->getParam('id');
		
		$auth = Zend_Auth::getInstance();
		if($auth->hasIdentity())
		{
			try{
			$sql = "select * from attachments where id='$id'";
			
			$re = $this->db->query($sql);
			
			$row = $re->fetch();
			
			$fullPath = $this->view->config->upload.$row['filename'];
			
			if(!file_exists($fullPath))
			{
				echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
					<html xmlns="http://www.w3.org/1999/xhtml">
					<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
					<title>错误提示！</title></head><body>文件读取出错，请稍后重试</body></html>';
					exit();
			}
			
			$fsize = filesize($fullPath);
			$path_parts = pathinfo($fullPath);
			$ext = strtolower($path_parts["extension"]);
	
			switch ($ext) {
			  case "pdf": $ctype="application/pdf"; break;
			  case "exe": $ctype="application/octet-stream"; break;
			  case "zip": $ctype="application/zip"; break;
			  case "doc": $ctype="application/msword"; break;
			  case "xls": $ctype="application/vnd.ms-excel"; break;
			  case "ppt": $ctype="application/vnd.ms-powerpoint"; break;
			  case "gif": $ctype="image/gif"; break;
			  case "png": $ctype="image/png"; break;
			  case "jpeg":
			  case "jpg": $ctype="image/jpg"; break;
			  default: $ctype="application/force-download";
			}
				
			$content=file_get_contents($fullPath);
			$this->_helper->layout->disableLayout();
			$this->_helper->viewRenderer->setNoRender();
			$this->getResponse()->setHeader('Content-Type', 'application/octet-stream')
								->setHeader('Content-Disposition','attachment; filename="'.$row['realname'].'"')
								->setHeader('Content-Length', $fsize)
								->setHeader('Content-Type','application/force-download')
								->setHeader('Content-Type','application/download')
								->setHeader('Content-Type',$ctype)
								->setHeader('Content-Description','File Transfer')
								->setHeader('Content-Transfer-Encoding','binary')
								->setHeader('Expires',0)
								->setHeader('Cache-Control','must-revalidate, post-check=0, pre-check=0')
								->setHeader('Pragma','public')
								->setBody($content);
			$sql = "update attachments set downtimes=downtimes+1 where id = $id";
			@$this->db->exec($sql);
			}catch(Exception $e){
				echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
					<html xmlns="http://www.w3.org/1999/xhtml">
					<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
					<title>错误提示！</title></head><body>文件读取出错，请稍后重试</body></html>';
				exit();
			}
		}else{
			echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
					<html xmlns="http://www.w3.org/1999/xhtml">
					<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
					<title>错误提示！</title></head><body>读取用户信息出错，请先登录再下载附件重试</body></html>';
					exit();
		}
		
		
	}// downattAction 下载附件
	
	function denyinviteAction()
	{
	
		$id = $this->_request->getParam('id');
		$uuid = $this->_request->getParam('uuid');
		
		if(empty($id) || empty($uuid) || !is_numeric($id) ||!preg_match("/^[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}$/",$uuid))
		{
			$this->view->message = "参数错误";
		}else{
		
		$auth = Zend_Auth::getInstance();
		if($auth->hasIdentity())
		{
			$user = $auth->getIdentity();
			$userid = $user->id;
			
			if($id==$userid)
			{
				try{
					$sql = "update mdexpertreview set status=-1 where id='$id' and uuid='$uuid'";
					if($this->db->exec($sql))
						$this->view->message = "您已经拒绝该元数据的评审邀请";
					else 
						$this->view->message = "您无权限进行此操作";
				}catch(Exception $e){
					$this->view->message = $e->getMessage();
				}
				
			}//end if
			else
			{
				$this->view->message = "您无权使用此通知";
			}//非本人操作，或尝试删除他人信息
			
		}//end if
		else
		{
			$this->view->message = '请登录后再执行此操作，请<a href="/account/login/?href=/review/denyinvite/id/'.$id.'/uuid/'.$uuid.'">点击此处登录</a>';
		}//未登录
		}
		
	}// denyinviteAction() 专家拒绝邀请
   
}