westdc-zf1/application/default/controllers/ReviewController.php

590 lines
22 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
class ReviewController extends Zend_Controller_Action
{
private $limit=10;
function preDispatch()
{
$this->view->config = Zend_Registry::get('config');
$this->db=Zend_Registry::get('db');
$this->messenger=$this->_helper->getHelper('FlashMessenger');
$this->view->messages = $this->messenger->getMessages();
}
function indexAction()
{
//最新10个收稿
$sql="select m.uuid,m.title,date(s.ts_created) as ts_created from mdstatus s left join metadata m on m.uuid=s.uuid where s.status=0 order by s.ts_created desc limit 10";
$this->view->mdreceived = $this->db->fetchAll($sql);
//最新10个接收
$sql="select m.uuid,m.title,s.ts_accepted from mdstatus s left join metadata m on m.uuid=s.uuid where s.status=1 order by s.ts_created desc limit 10";
$this->view->mdaccepted = $this->db->fetchAll($sql);
//最新10个送审
$sql="select m.uuid,m.title,s.ts_accepted from mdstatus s left join metadata m on m.uuid=s.uuid where s.status in (2,3,4) order by s.ts_created desc limit 10";
$this->view->mdinreview = $this->db->fetchAll($sql);
//最新10个已审
$sql="select m.uuid,m.title,s.ts_accepted from mdstatus s left join metadata m on m.uuid=s.uuid where s.status=5 order by s.ts_created desc limit 10";
$this->view->mdreviewed = $this->db->fetchAll($sql);
//统计数字
$sql="select (select count(*) from mdexperts) as experts,(select count(*) from mdstatus where status=0) as draft,(select count(*) from mdstatus where status=1) as accept,(select count(*) from mdstatus where status in (2,3,4)) as inreview,(select count(*) from mdstatus where status=5) as reviewed,(select count(*) from mdreview) as openreview,(select count(distinct(userid)) from mdreview) as openreviewuser";
$this->view->stat=$this->db->fetchRow($sql);
}
function myreviewAction(){
$auth = Zend_Auth::getInstance();
if($auth->hasIdentity())
{
$user = $auth->getIdentity();
$uid = $user->id;
}else{
$this->_redirect('/account/login/?href=/review/myreview');
}
$page=@(int)$this->_request->getParam('page');
if (empty($page)) $page=1;
$offset=$this->limit*($page-1);
$row=$this->db->fetchAll("select count(s.*) from mdstatus s left join normalmetadata m on s.uuid=m.uuid where m.uuid in (select uuid from mdexpertreview er where er.id=$uid union select uuid from mdreview r where r.userid=$uid)");
$sum=$row[0]['count'];
$sql="select m.uuid,m.title,m.id,m.description,s.status,s.ts_accepted,s.ts_finished,g.id as gid,t.filename from mdstatus s left join normalmetadata m on s.uuid=m.uuid left join geonetworkmetadata g on g.uuid=m.uuid left join thumbnail t on t.id=m.id where m.uuid in (select uuid from mdexpertreview er where er.id=$uid union select uuid from mdreview r where r.userid=$uid) order by s.ts_created desc,m.title limit ? offset ?";
$this->view->metadata=$this->db->fetchAll($sql,array($this->limit,$offset));
$this->view->page=new Pagination($sum,$page,$this->limit);
foreach($this->view->metadata as $k=>$v)
{
$this->view->metadata[$k]['statustext']=$this->rewritestatus($v['status']);
}
}//我参审的
function draftAction(){
$page=@(int)$this->_request->getParam('page');
if (empty($page)) $page=1;
$offset=$this->limit*($page-1);
$row=$this->db->fetchAll("select count(s.*) from mdstatus s left join metadata m on s.uuid=m.uuid where s.status in (0)");
$sum=$row[0]['count'];
$sql="select m.uuid,m.title,m.id,m.description,s.status,s.ts_created,g.id as gid,t.filename from mdstatus s left join metadata m on s.uuid=m.uuid left join geonetworkmetadata g on g.uuid=m.uuid left join thumbnail t on t.id=m.id where s.status in (0) order by s.ts_created desc,m.title limit ? offset ?";
$this->view->metadata=$this->db->fetchAll($sql,array($this->limit,$offset));
$this->view->page=new Pagination($sum,$page,$this->limit);
}//最新收稿
function acceptAction(){
$page=@(int)$this->_request->getParam('page');
if (empty($page)) $page=1;
$offset=$this->limit*($page-1);
$row=$this->db->fetchAll("select count(s.*) from mdstatus s left join normalmetadata m on s.uuid=m.uuid where s.status in (1)");
$sum=$row[0]['count'];
$sql="select m.uuid,m.title,m.id,m.description,s.status,s.ts_accepted,g.id as gid,t.filename from mdstatus s left join normalmetadata m on s.uuid=m.uuid left join geonetworkmetadata g on g.uuid=m.uuid left join thumbnail t on t.id=m.id where s.status in (1) order by s.ts_created desc,m.title limit ? offset ?";
$this->view->metadata=$this->db->fetchAll($sql,array($this->limit,$offset));
$this->view->page=new Pagination($sum,$page,$this->limit);
}//最新收稿
function inreviewAction(){
$page=@(int)$this->_request->getParam('page');
if (empty($page)) $page=1;
$offset=$this->limit*($page-1);
$row=$this->db->fetchAll("select count(s.*) from mdstatus s left join normalmetadata m on s.uuid=m.uuid where s.status in (2,3,4)");
$sum=$row[0]['count'];
$sql="select m.uuid,m.title,m.id,m.description,s.status,s.ts_accepted,g.id as gid,t.filename from mdstatus s left join normalmetadata m on s.uuid=m.uuid left join geonetworkmetadata g on g.uuid=m.uuid left join thumbnail t on t.id=m.id where s.status in (2,3,4) order by s.ts_created desc,m.title limit ? offset ?";
$this->view->metadata=$this->db->fetchAll($sql,array($this->limit,$offset));
$this->view->page=new Pagination($sum,$page,$this->limit);
}//在审阶段的元数据
function reviewedAction(){
$page=@(int)$this->_request->getParam('page');
if (empty($page)) $page=1;
$offset=$this->limit*($page-1);
$row=$this->db->fetchAll("select count(s.*) from mdstatus s left join normalmetadata m on s.uuid=m.uuid where s.status in (5)");
$sum=$row[0]['count'];
$sql="select m.uuid,m.title,m.id,m.description,s.status,s.ts_finished,g.id as gid,t.filename from mdstatus s left join normalmetadata m on s.uuid=m.uuid left join geonetworkmetadata g on g.uuid=m.uuid left join thumbnail t on t.id=m.id where s.status in (5) order by s.ts_created desc,m.title limit ? offset ?";
$this->view->metadata=$this->db->fetchAll($sql,array($this->limit,$offset));
$this->view->page=new Pagination($sum,$page,$this->limit);
}//已完成评审的元数据
function rewritestatus($status){
if($status==-1)
{return "取消评审";}
else if($status==0)
{return "投稿元数据";}
else if($status==1)
{return "接收元数据";}
else if($status==2)
{return "专家评审中";}
else if($status==3)
{return "专家评审中";}
else if($status==4)
{return "专家反馈";}
else if($status==5)
{return "已发布";}
else
{return "";}
}//function rewriterstatus
function replace($string){
$patterns = array("/\"/i","/\'/i");
$replacements = array("","");
ksort($patterns);
ksort($replacements);
return preg_replace($patterns, $replacements, $string);
}
function reviewAction() {
$uuid = $this->_request->getParam('uuid');
$sql=$this->db->quoteInto("select m.id,m.uuid,m.title,m.description,m.title_en,r.status from metadata m
left join mdstatus r on r.uuid=m.uuid
where m.uuid=?",$uuid);
$md = $this->db->fetchRow($sql);
$this->view->metadata = $md;
$auth = Zend_Auth::getInstance();
if($auth->hasIdentity())
{
$user = $auth->getIdentity();
$userid = $user->id;
$sql = "select * from mdreview where userid='$userid' and uuid='$uuid'";
$rs = $this->db->query($sql);
$row = $rs->fetch();
$this->view->review = $row;
}
}//reviewAction()
function allreviewAction(){
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
$uuid = $this->_request->getParam('uuid');
$sql = "select r.id,r.is_expert,r.uuid,r.userid,r.ts_created,u.username,r.mdcomment,r.conclusion,ratt.reviewid from mdreview r
left join users u on u.id=r.userid
left join mdreviewattach ratt on r.id=ratt.reviewid
where r.uuid='$uuid' and r.status>-1
group by r.id,r.is_expert,r.uuid,r.userid,r.ts_created,u.username,r.mdcomment,r.conclusion,ratt.reviewid
order by r.id desc
";
$rs = $this->db->query($sql);
$rows = $rs->fetchAll();
$paginator = Zend_Paginator::factory($rows);
$paginator->setCurrentPageNumber($this->_getParam('page'));
$paginator->setItemCountPerPage(5);
$paginator->setView($this->view);
Zend_View_Helper_PaginationControl::setDefaultViewPartial('review/pagination_ajax.phtml');
$list = "";
foreach($paginator as $k=>$v)
{
$list.='
<li>
<div class="reviewitem">
<div class="itemtitle">评审人:';
if(!$v['is_expert'])
{
$list .= $v['username'];
}else
{
$list.= '专家';
}
$list .= '</div><div class="itemtime">';
if($v['reviewid']!="")
{
$list.='[<a href="javascript:;" onclick="checkfiles(\''.$v['id'].'\')">查看评审附件</a>]&nbsp;&nbsp;';
}
$list .='
评审时间:'.date("Y-m-d H:i",strtotime($v['ts_created'])).'</div>
<div class="itemcontent"><p>'.str_replace(array("\r\n", "\n", "\r"),'</p><p>',$v['mdcomment']).'</p></div>
<div id="filelist_'.$v['id'].'" class="filelist"></div>
</div>
</li>
';
}
if(empty($list))
{
$list="<p style='text-align:center'>暂无评审数据</p>";
}
$stringbuffer = "<ul class='reviewlist'>$list</ul>";
echo $stringbuffer.'<div class="paginator">'.$paginator.'</div>';
}//allreviewAction() 所有评论 ajax
function saveAction(){
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
$do = $this->_request->getParam('do');
$conclusion = $this->_request->getParam('conclusion');
$mdcomment = $this->replace(trim($this->_request->getParam('mdcomment')));
$datacomment = $this->replace(trim($this->_request->getParam('datacomment')));
$editorcomment = $this->replace(trim($this->_request->getParam('editorcomment')));
$uuid = $this->_request->getParam('uuid');
$sql=$this->db->quoteInto("select m.id,m.uuid,m.title,m.description,m.title_en,r.status from metadata m
left join mdstatus r on r.uuid=m.uuid
where m.uuid=?",$uuid);
$md = $this->db->fetchRow($sql);
if($md['status']>4)
{
echo '<div class="box box-info">该数据已经通过评审,不能再发表评审意见,如需提交问题,请联系数据管理员</div>';
exit();
}
if($md['status']<1)
{
echo '<div class="box box-info">已被数据中心接收的数据才可以进行评审</div>';
exit();
}
$auth = Zend_Auth::getInstance();
if($auth->hasIdentity())
{
$user = $auth->getIdentity();
$userid = $user->id;
$sql = "select id,userid,status from mdreview where userid='$userid' and uuid='$uuid'";
$rs = $this->db->query($sql);
$row = $rs->fetch();
if($row['id']!='' && $row['status']>-1)
{
echo '<div class="box box-info">您已经对该元数据发表过评审了</div>';
exit();
}
}else{
echo '<div class="box box-info">读取用户信息失败,请刷新页面后重试 :(</div>';
exit();
}
if(empty($conclusion))
{
echo '<div class="box box-info">请选择评审意见</div>';
exit();
}
if(!is_numeric($conclusion) || !in_array($conclusion,array(-1,1,2,3)))
{
echo '<div class="box box-info">参数有误,请刷新页面 :(</div>';
exit();
}
if(empty($mdcomment) )
{
echo '<div class="box box-info">请填写元数据意见 :(</div>';
exit();
}
try{
if($row['status']<0)
{
$sql = "delete from mdreview where id='{$row['id']}'";
if($this->db->exec($sql)<1)
{
echo '<div class="box box-error">处理出错,请重试</div>';
exit();
}
}
$data = array(
'userid' => $userid,
'uuid' => $uuid,
'mdcomment' => $mdcomment,
'ts_created' => 'now()',
'datacomment' => $datacomment,
'editorcomment' => $editorcomment,
'conclusion' => $conclusion,
'status' => -1
);
if($do=='submit')
{
$data['status'] = 0;
}
$sql = "select id from mdexpertreview where id='$userid' and uuid='$uuid'";
$rs = $this->db->query($sql);
$row = $rs->fetch();
if($row['id']!='')
{
$data['is_expert'] = 'true';
}
$keys = array();
$values = array();
foreach ($data as $k=>$v)
{
$keys[]=$k;
$values[]=$v;
}
$keys = join(",",$keys);
$values = "'".join("','",$values)."'";
$sql = "insert into mdreview ($keys) values ($values) RETURNING id";
$sth = $this->db->prepare($sql);
if($sth->execute())
{
$review = $sth->fetch(PDO::FETCH_ASSOC);
$reviewid=$review['id'];
if(isset($_POST['atts']))
{
foreach($_POST['atts'] as $v)
{
$sql = "insert into mdreviewattach (attachid,reviewid) values ('$v','$reviewid')";
$this->db->exec($sql);
}
echo '<div class="box box-success">保存成功!';
echo "</div>";
}
if($data['status']>=0)
{
echo '<script>$("#postcomment").remove();</script>';
$title = "收到新元数据评审意见";
$msg = "用户".$user->username."对元数据《".$md['title']."》发布了评审意见,<a href=\"/admin/review/comments/ac/view/id/".$reviewid."\">点击查看</a>";
include_once("message.php");
message::post($this->db,0,-1,$title,$msg);
$mail=new WestdcMailer($this->view->config->smtp);
$mail->setFrom($this->view->config->service->email,$this->view->config->service->poster);
if(@$data['is_expert']=='true')
{
$mailtp=new EmailText($this->db,"review-expert-comment",array(
'user' => $user->username,
'uuid' => $uuid,
'title'=> $md['title'],
'content' => $mdcomment
));
$mail->setBodyText($mailtp->getBody());
$mail->setSubject($mailtp->getSubject());
$mail->addTo($this->view->config->service->email); //管理员邮箱
}else{
$mailtp=new EmailText($this->db,"review-post-comment",array(
'user' => $user->username,
'uuid' => $uuid,
'title'=> $md['title'],
'content' => $mdcomment
));
$mail->setBodyText($mailtp->getBody());
$mail->setSubject($mailtp->getSubject());
$sql="select distinct(res.email) from responsible res left join role r on res.id=r.resid where r.role in ('author','resourceProvider') and r.uuid=?";
$rows=$this->db->fetchAll($this->db->quoteInto($sql,$uuid));
foreach($rows as $row)
$mail->addTo($row['email']); //元数据作者
$mail->addCc($this->view->config->service->email); //管理员
}
$mail->send();
}
}else{
echo '<div class="box box-error">保存出错,请稍后再试!</div>';
exit();
}
}catch (Exception $e){
echo '<div class="box box-error">保存失败,请重试!</div>';
exit();
}
}// saveAction 存草稿 ajax
function searchAction()
{
$key=$this->_request->getParam('q');
if (!empty($key)) {
$search=new Search($key);
$where=$search->sql_expr(array("m.title","m.description"));
$page=@(int)$this->_request->getParam('page');
if (empty($page)) $page=1;
$offset=$this->limit*($page-1);
$row=$this->db->fetchAll("select count(s.*) from mdstatus s left join normalmetadata m on s.uuid=m.uuid where s.status>0 and ".$where);
$sum=$row[0]['count'];
$sql="select m.uuid,m.title,m.id,m.description,s.status,g.id as gid,t.filename from mdstatus s left join normalmetadata m on s.uuid=m.uuid left join geonetworkmetadata g on g.uuid=m.uuid left join thumbnail t on t.id=m.id where s.status>0 and ".$where." order by s.ts_created desc,m.title limit ? offset ?";
$this->view->metadata=$this->db->fetchAll($sql,array($this->limit,$offset));
$this->view->page=new Pagination($sum,$page,$this->limit);
$this->view->key=$key;
foreach($this->view->metadata as $k=>$v)
{
$this->view->metadata[$k]['statustext']=$this->rewritestatus($v['status']);
}
}
}
function helpAction()
{
}
function attlistAction()
{
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
$rid = $this->_request->getParam('id');
$list = array();
$list[]= '
<li style="border:none">
附件列表:
<span><a href="javascript:void(0);" onclick="$(\'#filelist_'.$rid.' ul\').remove();">[关闭]</a></span>
</li>
';
$sql = "select att.realname,att.id,att.filesize from attachments att
left join mdreviewattach ratt on ratt.attachid = att.id
where ratt.reviewid = $rid";
$rs = $this->db->query($sql);
$rows = $rs->fetchAll();
foreach($rows as $k=>$v)
{
if($v['filesize'] > 1024*1024)
{
$v['filesize'] = round($v['filesize']/1024/1024,2) . "MB";
}
else
{
$v['filesize'] = round($v['filesize']/1024,2) . "KB";
}
$list[] = '
<li>'.$v['realname'].' &nbsp;('.$v['filesize'].')
<span><a href="/review/downatt/id/'.$v['id'].'" target="_blank">下载</a></span>
</li>
';
}
if(count($rows)>0)
{
echo "<ul>".join('',$list)."</ul>";
}else{
echo "无附件";
}
exit();
}// ajax 评审附件列表
function downattAction(){
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
$id = $this->_request->getParam('id');
$auth = Zend_Auth::getInstance();
if($auth->hasIdentity())
{
try{
$sql = "select * from attachments where id='$id'";
$re = $this->db->query($sql);
$row = $re->fetch();
$fullPath = $this->view->config->upload.$row['filename'];
if(!file_exists($fullPath))
{
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>错误提示!</title></head><body>文件读取出错,请稍后重试</body></html>';
exit();
}
$fsize = filesize($fullPath);
$path_parts = pathinfo($fullPath);
$ext = strtolower($path_parts["extension"]);
switch ($ext) {
case "pdf": $ctype="application/pdf"; break;
case "exe": $ctype="application/octet-stream"; break;
case "zip": $ctype="application/zip"; break;
case "doc": $ctype="application/msword"; break;
case "xls": $ctype="application/vnd.ms-excel"; break;
case "ppt": $ctype="application/vnd.ms-powerpoint"; break;
case "gif": $ctype="image/gif"; break;
case "png": $ctype="image/png"; break;
case "jpeg":
case "jpg": $ctype="image/jpg"; break;
default: $ctype="application/force-download";
}
$content=file_get_contents($fullPath);
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
$this->getResponse()->setHeader('Content-Type', 'application/octet-stream')
->setHeader('Content-Disposition','attachment; filename="'.$row['realname'].'"')
->setHeader('Content-Length', $fsize)
->setHeader('Content-Type','application/force-download')
->setHeader('Content-Type','application/download')
->setHeader('Content-Type',$ctype)
->setHeader('Content-Description','File Transfer')
->setHeader('Content-Transfer-Encoding','binary')
->setHeader('Expires',0)
->setHeader('Cache-Control','must-revalidate, post-check=0, pre-check=0')
->setHeader('Pragma','public')
->setBody($content);
$sql = "update attachments set downtimes=downtimes+1 where id = $id";
@$this->db->exec($sql);
}catch(Exception $e){
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>错误提示!</title></head><body>文件读取出错,请稍后重试</body></html>';
exit();
}
}else{
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>错误提示!</title></head><body>读取用户信息出错,请先登录再下载附件重试</body></html>';
exit();
}
}// downattAction 下载附件
function denyinviteAction()
{
$id = $this->_request->getParam('id');
$uuid = $this->_request->getParam('uuid');
if(empty($id) || empty($uuid) || !is_numeric($id) ||!preg_match("/^[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}$/",$uuid))
{
$this->view->message = "参数错误";
}else{
$auth = Zend_Auth::getInstance();
if($auth->hasIdentity())
{
$user = $auth->getIdentity();
$userid = $user->id;
if($id==$userid)
{
try{
$sql = "update mdexpertreview set status=-1 where id='$id' and uuid='$uuid'";
if($this->db->exec($sql))
$this->view->message = "您已经拒绝该元数据的评审邀请";
else
$this->view->message = "您无权限进行此操作";
}catch(Exception $e){
$this->view->message = $e->getMessage();
}
}//end if
else
{
$this->view->message = "您无权使用此通知";
}//非本人操作,或尝试删除他人信息
}//end if
else
{
$this->view->message = '请登录后再执行此操作,请<a href="/account/login/?href=/review/denyinvite/id/'.$id.'/uuid/'.$uuid.'">点击此处登录</a>';
}//未登录
}
}// denyinviteAction() 专家拒绝邀请
}