westdc-zf1/application/default/controllers/ReviewController.php

347 lines
12 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
class ReviewController extends Zend_Controller_Action
{
function preDispatch()
{
$this->view->config = Zend_Registry::get('config');
$this->db=Zend_Registry::get('db');
$this->messenger=$this->_helper->getHelper('FlashMessenger');
$this->view->messages = $this->messenger->getMessages();
}
function indexAction()
{
//最新10个收稿
$sql="select m.uuid,m.title,date(s.ts_created) as ts_created from mdstatus s left join metadata m on m.uuid=s.uuid where s.status=0 order by s.ts_created desc limit 10";
$this->view->mdreceived = $this->db->fetchAll($sql);
//最新10个接收
$sql="select m.uuid,m.title,s.ts_accepted from mdstatus s left join metadata m on m.uuid=s.uuid where s.status=1 order by s.ts_created desc limit 10";
$this->view->mdaccepted = $this->db->fetchAll($sql);
//最新10个送审
$sql="select m.uuid,m.title,s.ts_accepted from mdstatus s left join metadata m on m.uuid=s.uuid where s.status in (2,3,4) order by s.ts_created desc limit 10";
$this->view->mdinreview = $this->db->fetchAll($sql);
//最新10个已审
$sql="select m.uuid,m.title,s.ts_accepted from mdstatus s left join metadata m on m.uuid=s.uuid where s.status=5 order by s.ts_created desc limit 10";
$this->view->mdreviewed = $this->db->fetchAll($sql);
//统计数字
$sql="select (select count(*) from mdexperts) as experts,(select count(*) from mdstatus where status=0) as draft,(select count(*) from mdstatus where status=1) as accept,(select count(*) from mdstatus where status in (2,3,4)) as inreview,(select count(*) from mdstatus where status=5) as reviewed,(select count(*) from mdreview) as openreview,(select count(distinct(userid)) from mdreview) as openreviewuser";
$this->view->stat=$this->db->fetchRow($sql);
}
/*
* 数据浏览
*/
function browseAction()
{
$md=new MetadataTable();
$db=$md->getAdapter();
$page=(int)$this->_request->getParam('page');
if (empty($page)) $page=1;
$limit=10;
$offset=$limit*($page-1);
$state=$db->query('select count(*) from metadata');
$row=$state->fetchAll();
$sum=$row[0]['count'];
$select=$db->select();
$select->from('metadata','*')->order('id desc')->limitPage($page,$limit);
$this->view->metadata = $db->fetchAll($select);
$this->view->page=new Pagination($sum,$page,$limit);
}
function myreviewAction(){
$keyword = $this->_request->getParam('q');
$search = $this->_request->getParam('search');
try{
$auth = Zend_Auth::getInstance();
if($auth->hasIdentity())
{
$user = $auth->getIdentity();
$uid = $user->id;
}
else
{
$this->_redirect('/account/login/?href=/review/myreview');
}
$wheresql = array();
$wheresql[]=" mdexp.id='$uid' ";
if(!empty($keyword) && !empty($search))
{
if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$keyword) || !is_numeric($search))
{
$this->messenger->addMessage('您的输入的搜索条件包含非法请求,请不要输入特殊符号');
$this->_redirect('/review/myreview');
}//非法请求过滤
$this->view->keyword = $keyword;
$wheresql[] = " md.title like '%$keyword%' ";
// e.g. (... or md.author like '%keyword%')
}
$wheresql = join(' and ',$wheresql);
$sql = "select mdexp.id,mdexp.uuid,md.title from mdexpertreview mdexp
left join metadata md on md.uuid=mdexp.uuid
where $wheresql";
$rs = $this->db->query($sql);
$rows = $rs->fetchAll();
$paginator = Zend_Paginator::factory($rows);
$paginator->setCurrentPageNumber($this->_getParam('page'));
$paginator->setItemCountPerPage($this->view->config->page->max);
$paginator->setView($this->view);
Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
$this->view->paginator=$paginator;
}catch(Exception $e){
$this->messenger->addMessage('查询失败,请稍后重试 :(');
$this->_redirect('/review/myreview');
}
}//我参审的
function draftAction(){
$keyword = $this->_request->getParam('q');
$search = $this->_request->getParam('search');
try{
$wheresql = array();
$wheresql[]=" ms.status=1 ";
if(!empty($keyword) && !empty($search))
{
if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$keyword) || !is_numeric($search))
{
$this->messenger->addMessage('您的输入的搜索条件包含非法请求,请不要输入特殊符号');
$this->_redirect('/review/draft');
}//非法请求过滤
$this->view->keyword = $keyword;
$wheresql[] = " md.title like '%$keyword%' ";
}
$wheresql = join(' and ',$wheresql);
$sql = "select ms.uuid,ms.status,ms.ts_created,md.title,md.author from mdstatus ms
left join metadata md on md.uuid=ms.uuid
where $wheresql";
$rs = $this->db->query($sql);
$rows = $rs->fetchAll();
$paginator = Zend_Paginator::factory($rows);
$paginator->setCurrentPageNumber($this->_getParam('page'));
$paginator->setItemCountPerPage($this->view->config->page->max);
$paginator->setView($this->view);
Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
$this->view->paginator=$paginator;
}catch(Exception $e){
$this->messenger->addMessage('查询失败,请稍后重试 :(');
$this->_redirect('/review/draft');
}
}//最新收稿
function inreviewAction(){
$keyword = $this->_request->getParam('q');
$search = $this->_request->getParam('search');
try{
$wheresql = array();
$wheresql[]=" ms.status in (2,3,4) ";
if(!empty($keyword) && !empty($search))
{
if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$keyword) || !is_numeric($search))
{
$this->messenger->addMessage('您的输入的搜索条件包含非法请求,请不要输入特殊符号');
$this->_redirect('/review/inreview');
}//非法请求过滤
$this->view->keyword = $keyword;
$wheresql[] = " md.title like '%$keyword%' ";
}
$wheresql = join(' and ',$wheresql);
$sql = "select ms.uuid,ms.status,ms.ts_created,md.title,md.author from mdstatus ms
left join metadata md on md.uuid=ms.uuid
where $wheresql";
$rs = $this->db->query($sql);
$rows = $rs->fetchAll();
foreach($rows as $k=>$v)
{
$rows[$k]['status']=$this->rewiterstatus($v['status']);
}
$paginator = Zend_Paginator::factory($rows);
$paginator->setCurrentPageNumber($this->_getParam('page'));
$paginator->setItemCountPerPage($this->view->config->page->max);
$paginator->setView($this->view);
Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
$this->view->paginator=$paginator;
}catch(Exception $e){
$this->messenger->addMessage('查询失败,请稍后重试 :(');
$this->_redirect('/review/inreview');
}
}//在审阶段的元数据
function reviewedAction(){
$keyword = $this->_request->getParam('q');
$search = $this->_request->getParam('search');
try{
$wheresql = array();
$wheresql[]=" ms.status=5 ";
if(!empty($keyword) && !empty($search))
{
if (preg_match("/[<|>|#|$|%|^|*|(|)|{|}|'|\"|;|:]/i",$keyword) || !is_numeric($search))
{
$this->messenger->addMessage('您的输入的搜索条件包含非法请求,请不要输入特殊符号');
$this->_redirect('/review/reviewed');
}//非法请求过滤
$this->view->keyword = $keyword;
$wheresql[] = " md.title like '%$keyword%' ";
}
$wheresql = join(' and ',$wheresql);
$sql = "select ms.uuid,ms.status,ms.ts_created,ts_finished,md.title,md.author from mdstatus ms
left join metadata md on md.uuid=ms.uuid
where $wheresql";
$rs = $this->db->query($sql);
$rows = $rs->fetchAll();
$paginator = Zend_Paginator::factory($rows);
$paginator->setCurrentPageNumber($this->_getParam('page'));
$paginator->setItemCountPerPage($this->view->config->page->max);
$paginator->setView($this->view);
Zend_View_Helper_PaginationControl::setDefaultViewPartial('pagination_param.phtml');
$this->view->paginator=$paginator;
}catch(Exception $e){
$this->messenger->addMessage('查询失败,请稍后重试 :(');
$this->_redirect('/review/reviewed');
}
}//已完成评审的元数据
function rewiterstatus($status){
if($status==-1)
{return "取消评审";}
else if($status==0)
{return "初始状态";}
else if($status==1)
{return "接受元数据评审";}
else if($status==2)
{return "专家评审中";}
else if($status==3)
{return "专家评审中";}
else if($status==4)
{return "专家反馈";}
else if($status==5)
{return "已发布";}
else
{return "";}
}//function rewriterstatus
function replace($string){
$patterns = array("/\"/i","/\'/i");
$replacements = array("","");
ksort($patterns);
ksort($replacements);
return preg_replace($patterns, $replacements, $string);
}
function reviewAction() {
$uuid = $this->_request->getParam('uuid');
$sql=$this->db->quoteInto("select m.id,m.uuid,m.title,m.description,m.title_en from metadata m where m.uuid=?",$uuid);
$this->view->metadata=$this->db->fetchRow($sql);
$submit = $this->_request->getParam('submit');
if(!empty($submit)){
$redirectlink='/review/review/uuid/'.$uuid;
$auth = Zend_Auth::getInstance();
if($auth->hasIdentity())
{
$user = $auth->getIdentity();
$userid = $user->id;
}else{
$this->messenger->addMessage('读取用户信息失败,请刷新页面后重试 :(');
$this->_redirect($redirectlink);
}
$conclusion = $this->_request->getParam('conclusion');
$mdcomment = $this->replace(trim($this->_request->getParam('mdcomment')));
$datacomment = $this->replace(trim($this->_request->getParam('datacomment')));
$editorcomment = $this->replace(trim($this->_request->getParam('editorcomment')));
$this->view->conclusion = $_POST['conclusion'];
$this->view->mdcomment = $mdcomment;
$this->view->datacomment = $datacomment;
$this->view->editorcomment = $editorcomment;
if(empty($conclusion))
{
$this->messenger->addMessage('请选择评审意见');
$this->_redirect($redirectlink);
}
if( !is_numeric($conclusion) || !in_array($conclusion,array(-1,1,2,3)) )
{
$this->messenger->addMessage('参数有误,请刷新页面 :(');
$this->_redirect($redirectlink);
}
if(empty($mdcomment) )
{
$this->messenger->addMessage('请填写元数据意见后再发布 :(');
$this->_redirect($redirectlink);
}
if(!empty($_FILES['Filedata']))
{
$files=new files();
$msg = $files -> upload(Zend_Registry::get('upload'),$_FILES['Filedata'],$_POST['dir']);
if(empty($msg['error']))
{
$filename = $msg['db_path'];
$filesize = $msg['file_size'];
$filedesc = $this->_request->getParam('filedesc');
$filetype = $this->_request->getParam('dir');
$sql = "insert into attachments (filename,filetype,filedesc,userid,filesize) values ('$filename','$filetype','$filedesc','$userid','$filesize') RETURNING id";
$sth = $this->db->prepare($sql);
$sth->execute();
$temp = $sth->fetch();
}else{
$this->messenger->addMessage('附件上传失败:'.$msg['error']);
@unlink($filename);
$this->_redirect($redirectlink);
}
}
$sql = "";
}
}//reviewAction()
}