westdc-zf1/application/default/controllers/ReviewController.php

489 lines
16 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
class ReviewController extends Zend_Controller_Action
{
function preDispatch()
{
$this->view->config = Zend_Registry::get('config');
$this->db=Zend_Registry::get('db');
$this->messenger=$this->_helper->getHelper('FlashMessenger');
$this->view->messages = $this->messenger->getMessages();
}
function indexAction()
{
//最新10个收稿
$sql="select m.uuid,m.title,date(s.ts_created) as ts_created from mdstatus s left join metadata m on m.uuid=s.uuid where s.status=0 order by s.ts_created desc limit 10";
$this->view->mdreceived = $this->db->fetchAll($sql);
//最新10个接收
$sql="select m.uuid,m.title,s.ts_accepted from mdstatus s left join metadata m on m.uuid=s.uuid where s.status=1 order by s.ts_created desc limit 10";
$this->view->mdaccepted = $this->db->fetchAll($sql);
//最新10个送审
$sql="select m.uuid,m.title,s.ts_accepted from mdstatus s left join metadata m on m.uuid=s.uuid where s.status in (2,3,4) order by s.ts_created desc limit 10";
$this->view->mdinreview = $this->db->fetchAll($sql);
//最新10个已审
$sql="select m.uuid,m.title,s.ts_accepted from mdstatus s left join metadata m on m.uuid=s.uuid where s.status=5 order by s.ts_created desc limit 10";
$this->view->mdreviewed = $this->db->fetchAll($sql);
//统计数字
$sql="select (select count(*) from mdexperts) as experts,(select count(*) from mdstatus where status=0) as draft,(select count(*) from mdstatus where status=1) as accept,(select count(*) from mdstatus where status in (2,3,4)) as inreview,(select count(*) from mdstatus where status=5) as reviewed,(select count(*) from mdreview) as openreview,(select count(distinct(userid)) from mdreview) as openreviewuser";
$this->view->stat=$this->db->fetchRow($sql);
}
function myreviewAction(){
$keyword = $this->_request->getParam('q');
$search = $this->_request->getParam('search');
try{
$auth = Zend_Auth::getInstance();
if($auth->hasIdentity())
{
$user = $auth->getIdentity();
$uid = $user->id;
}
else
{
$this->_redirect('/account/login/?href=/review/myreview');
}
$wheresql = array();
$wheresql[]=" r.userid='$uid' ";
if(!empty($keyword) && !empty($search))
{
if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$keyword) || !is_numeric($search))
{
$this->messenger->addMessage('您的输入的搜索条件包含非法请求,请不要输入特殊符号');
$this->_redirect('/review/myreview');
}//非法请求过滤
$this->view->keyword = $keyword;
$wheresql[] = " md.title like '%$keyword%' ";
// e.g. (... or md.author like '%keyword%')
}
$wheresql = join(' and ',$wheresql);
$sql = "select r.id,md.title,r.uuid from mdreview r
left join metadata md on md.uuid=r.uuid
where $wheresql";
$rs = $this->db->query($sql);
$rows = $rs->fetchAll();
$paginator = Zend_Paginator::factory($rows);
$paginator->setCurrentPageNumber($this->_getParam('page'));
$paginator->setItemCountPerPage($this->view->config->page->max);
$paginator->setView($this->view);
Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
$this->view->paginator=$paginator;
}catch(Exception $e){
$this->messenger->addMessage('查询失败,请稍后重试 :(');
$this->_redirect('/review/myreview');
}
}//我参审的
function draftAction(){
$keyword = $this->_request->getParam('q');
$search = $this->_request->getParam('search');
try{
$wheresql = array();
$wheresql[]=" ms.status=0 ";
if(!empty($keyword) && !empty($search))
{
if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$keyword) || !is_numeric($search))
{
$this->messenger->addMessage('您的输入的搜索条件包含非法请求,请不要输入特殊符号');
$this->_redirect('/review/draft');
}//非法请求过滤
$this->view->keyword = $keyword;
$wheresql[] = " md.title like '%$keyword%' ";
}
$wheresql = join(' and ',$wheresql);
$sql = "select ms.uuid,ms.status,ms.ts_created,md.title,md.author from mdstatus ms
left join metadata md on md.uuid=ms.uuid
where $wheresql";
$rs = $this->db->query($sql);
$rows = $rs->fetchAll();
$paginator = Zend_Paginator::factory($rows);
$paginator->setCurrentPageNumber($this->_getParam('page'));
$paginator->setItemCountPerPage($this->view->config->page->max);
$paginator->setView($this->view);
Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
$this->view->paginator=$paginator;
}catch(Exception $e){
$this->messenger->addMessage('查询失败,请稍后重试 :(');
$this->_redirect('/review/draft');
}
}//最新收稿
function acceptAction(){
$keyword = $this->_request->getParam('q');
$search = $this->_request->getParam('search');
try{
$wheresql = array();
$wheresql[]=" ms.status=1 ";
if(!empty($keyword) && !empty($search))
{
if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$keyword) || !is_numeric($search))
{
$this->messenger->addMessage('您的输入的搜索条件包含非法请求,请不要输入特殊符号');
$this->_redirect('/review/draft');
}//非法请求过滤
$this->view->keyword = $keyword;
$wheresql[] = " md.title like '%$keyword%' ";
}
$wheresql = join(' and ',$wheresql);
$sql = "select ms.uuid,ms.status,ms.ts_created,md.title,md.author from mdstatus ms
left join metadata md on md.uuid=ms.uuid
where $wheresql";
$rs = $this->db->query($sql);
$rows = $rs->fetchAll();
$paginator = Zend_Paginator::factory($rows);
$paginator->setCurrentPageNumber($this->_getParam('page'));
$paginator->setItemCountPerPage($this->view->config->page->max);
$paginator->setView($this->view);
Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
$this->view->paginator=$paginator;
}catch(Exception $e){
$this->messenger->addMessage('查询失败,请稍后重试 :(');
$this->_redirect('/review/draft');
}
}//最新收稿
function inreviewAction(){
$keyword = $this->_request->getParam('q');
$search = $this->_request->getParam('search');
try{
$wheresql = array();
$wheresql[]=" ms.status in (2,3,4) ";
if(!empty($keyword) && !empty($search))
{
if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$keyword) || !is_numeric($search))
{
$this->messenger->addMessage('您的输入的搜索条件包含非法请求,请不要输入特殊符号');
$this->_redirect('/review/inreview');
}//非法请求过滤
$this->view->keyword = $keyword;
$wheresql[] = " md.title like '%$keyword%' ";
}
$wheresql = join(' and ',$wheresql);
$sql = "select ms.uuid,ms.status,ms.ts_created,md.title,md.author from mdstatus ms
left join metadata md on md.uuid=ms.uuid
where $wheresql";
$rs = $this->db->query($sql);
$rows = $rs->fetchAll();
foreach($rows as $k=>$v)
{
$rows[$k]['status']=$this->rewiterstatus($v['status']);
}
$paginator = Zend_Paginator::factory($rows);
$paginator->setCurrentPageNumber($this->_getParam('page'));
$paginator->setItemCountPerPage($this->view->config->page->max);
$paginator->setView($this->view);
Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
$this->view->paginator=$paginator;
}catch(Exception $e){
$this->messenger->addMessage('查询失败,请稍后重试 :(');
$this->_redirect('/review/inreview');
}
}//在审阶段的元数据
function reviewedAction(){
$keyword = $this->_request->getParam('q');
$search = $this->_request->getParam('search');
try{
$wheresql = array();
$wheresql[]=" ms.status=5 ";
if(!empty($keyword) && !empty($search))
{
if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$keyword) || !is_numeric($search))
{
$this->messenger->addMessage('您的输入的搜索条件包含非法请求,请不要输入特殊符号');
$this->_redirect('/review/reviewed');
}//非法请求过滤
$this->view->keyword = $keyword;
$wheresql[] = " md.title like '%$keyword%' ";
}
$wheresql = join(' and ',$wheresql);
$sql = "select ms.uuid,ms.status,ms.ts_created,ts_finished,md.title,md.author from mdstatus ms
left join metadata md on md.uuid=ms.uuid
where $wheresql";
$rs = $this->db->query($sql);
$rows = $rs->fetchAll();
$paginator = Zend_Paginator::factory($rows);
$paginator->setCurrentPageNumber($this->_getParam('page'));
$paginator->setItemCountPerPage($this->view->config->page->max);
$paginator->setView($this->view);
Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
$this->view->paginator=$paginator;
}catch(Exception $e){
$this->messenger->addMessage('查询失败,请稍后重试 :(');
$this->_redirect('/review/reviewed');
}
}//已完成评审的元数据
function rewiterstatus($status){
if($status==-1)
{return "取消评审";}
else if($status==0)
{return "初始状态";}
else if($status==1)
{return "接受元数据评审";}
else if($status==2)
{return "专家评审中";}
else if($status==3)
{return "专家评审中";}
else if($status==4)
{return "专家反馈";}
else if($status==5)
{return "已发布";}
else
{return "";}
}//function rewriterstatus
function replace($string){
$patterns = array("/\"/i","/\'/i");
$replacements = array("","");
ksort($patterns);
ksort($replacements);
return preg_replace($patterns, $replacements, $string);
}
function reviewAction() {
$uuid = $this->_request->getParam('uuid');
$sql=$this->db->quoteInto("select m.id,m.uuid,m.title,m.description,m.title_en,r.status from metadata m
left join mdstatus r on r.uuid=m.uuid
where m.uuid=?",$uuid);
$this->view->metadata = $md = $this->db->fetchRow($sql);
$auth = Zend_Auth::getInstance();
if($auth->hasIdentity())
{
$user = $auth->getIdentity();
$userid = $user->id;
$sql = "select id from mdreview where userid='$userid' and uuid='$uuid'";
$rs = $this->db->query($sql);
$row = $rs->fetch();
$this->view->pms = $row['id'];
}
$submit = $this->_request->getParam('submit');
$conclusion = $this->_request->getParam('conclusion');
$mdcomment = $this->replace(trim($this->_request->getParam('mdcomment')));
$datacomment = $this->replace(trim($this->_request->getParam('datacomment')));
$editorcomment = $this->replace(trim($this->_request->getParam('editorcomment')));
if(!empty($submit)){
$redirectlink='/review/review/uuid/'.$uuid.'/';
if($md['status']==5)
{
$this->messenger->addMessage('该数据已经通过评审,不能再发表评审意见,如需提交问题,请联系数据管理员');
$this->_redirect($redirectlink);
}
if($md['status']==0)
{
$this->messenger->addMessage('已被数据中心接收的数据才可以进行评审');
$this->_redirect($redirectlink);
}
$auth = Zend_Auth::getInstance();
if($auth->hasIdentity())
{
$user = $auth->getIdentity();
$userid = $user->id;
$sql = "select id,userid from mdreview where userid='$userid' and uuid='$uuid'";
$rs = $this->db->query($sql);
$row = $rs->fetch();
if($row['id']!='')
{
$this->messenger->addMessage('您已经对该元数据发表过评审了');
$this->_redirect($redirectlink);
}
}else{
$this->messenger->addMessage('读取用户信息失败,请刷新页面后重试 :(');
$this->_redirect($redirectlink);
}
if(empty($conclusion))
{
$this->messenger->addMessage('请选择评审意见');
$this->_redirect($redirectlink);
}
if( !is_numeric($conclusion) || !in_array($conclusion,array(-1,1,2,3)) )
{
$this->messenger->addMessage('参数有误,请刷新页面 :(');
$this->_redirect($redirectlink);
}
if(empty($mdcomment) )
{
$this->messenger->addMessage('请填写元数据意见后再发布 :(');
$this->_redirect($redirectlink);
}
if(!empty($_FILES['Filedata']['name']))
{
$files=new files();
$msg = $files -> upload(Zend_Registry::get('upload'),$_FILES['Filedata'],'reviewatt');
if(empty($msg['error']))
{
$filename = $msg['db_path'];
$filesize = $msg['file_size'];
$filedesc = $this->_request->getParam('filedesc');
$filetype = $this->_request->getParam('dir');
$sql = "insert into attachments (filename,filetype,filedesc,userid,filesize) values ('$filename','reviewatt','$filedesc','$userid','$filesize') RETURNING id";
$sth = $this->db->prepare($sql);
$sth->execute();
$att = $sth->fetch(PDO::FETCH_ASSOC);
$attid = $att['id'];
}else{
$this->messenger->addMessage('附件上传失败:'.$msg['error']);
@unlink($filename);
$this->_redirect($redirectlink);
}
}
try{
$data = array(
'userid' => $userid,
'uuid' => $uuid,
'mdcomment' => $mdcomment,
'ts_created' => 'now()',
'datacomment' => $datacomment,
'editorcomment' => $editorcomment,
'conclusion' => $conclusion
);
$sql = "select id from mdexpertreview where id='$userid' and uuid='$uuid'";
$rs = $this->db->query($sql);
$row = $rs->fetch();
if($row['id']!='')
{
$data['is_expert'] = 'true';
}
$keys = array();
$values = array();
foreach ($data as $k=>$v)
{
$keys[]=$k;
$values[]=$v;
}
$keys = join(",",$keys);
$values = "'".join("','",$values)."'";
$sql = "insert into mdreview ($keys) values ($values) RETURNING id";
$sth = $this->db->prepare($sql);
$sth->execute();
$review = $sth->fetch(PDO::FETCH_ASSOC);
$reviewid=$review['id'];
if(!empty($_FILES['Filedata']['name']))
{
$sql = "insert into mdreviewattach (attachid,reviewid) values ('$attid','$reviewid')";
$this->db->exec($sql);
}
$this->messenger->addMessage('提交成功');
$this->_redirect($redirectlink);
}catch (Exception $e){
$this->messenger->addMessage('提交失败,请重试'.$sql.'aa'.$review['id'].$e->getMessage());
$this->_redirect($redirectlink);
}
}
}//reviewAction()
function allreviewAction(){
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
$uuid = $this->_request->getParam('uuid');
$sql = "select r.uuid,r.userid,r.ts_created,u.realname,r.mdcomment,r.conclusion from mdreview r
left join users u on u.id=r.userid
where r.uuid='$uuid'";
$rs = $this->db->query($sql);
$rows = $rs->fetchAll();
$paginator = Zend_Paginator::factory($rows);
$paginator->setCurrentPageNumber($this->_getParam('page'));
$paginator->setItemCountPerPage(5);
$paginator->setView($this->view);
Zend_View_Helper_PaginationControl::setDefaultViewPartial('review/pagination_ajax.phtml');
$list = "";
foreach($paginator as $k=>$v)
{
$list.='
<li>
<div class="reviewitem">
<div class="itemtitle">评审人:'.$v['realname'].'</div><div class="itemtime">评审时间:'.date("Y-m-d H:i",strtotime($v['ts_created'])).'</div>
<div class="itemcontent"><p>'.str_replace(array("\r\n", "\n", "\r"),'</p><p>',$v['mdcomment']).'</p></div>
</div>
</li>
';
}
$stringbuffer = "<ul class='reviewlist'>$list</ul>";
echo $stringbuffer.'<div class="paginator">'.$paginator.'</div>';
}//allreviewAction()
}