diff --git a/modules/websubmit/web/admin/viewActionEDS.php.wml b/modules/websubmit/web/admin/viewActionEDS.php.wml
index ba3ca2705..b8a123798 100644
--- a/modules/websubmit/web/admin/viewActionEDS.php.wml
+++ b/modules/websubmit/web/admin/viewActionEDS.php.wml
@@ -1,574 +1,574 @@
## $Id$
## This file is part of the CERN Document Server Software (CDSware).
## Copyright (C) 2002 CERN.
##
## The CDSware is free software; you can redistribute it and/or
## modify it under the terms of the GNU General Public License as
## published by the Free Software Foundation; either version 2 of the
## License, or (at your option) any later version.
##
## The CDSware is distributed in the hope that it will be useful, but
## WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
## General Public License for more details.
##
## You should have received a copy of the GNU General Public License
## along with CDSware; if not, write to the Free Software Foundation, Inc.,
## 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
<?
require("commonPhpFunctions.php");
?>
#include "cdspage.wml" \
title="Details of the <i><protect><?print "$actname";?></protect></I> action" \
- navtrail_previous_links="<a class=navtrail href=<WEBURL>/admin/<lang:star: index.*.html>><MSG_ADMIN_AREA></a> > <a class=navtrail href=<WEBURL>/admin/websubmit/><MSG_ADMIN_SUBMIT></a>" \
+ navtrail_previous_links="<a class=navtrail href=<WEBURL>/admin/<lang:star: index.*.html>><MSG_ADMIN_AREA></a> > <a class=navtrail href=<WEBURL>/admin/websubmit/><MSG_ADMIN_SUBMIT></a>" \
navbar_name="admin" \
navbar_select="websubmit_listactions"
-
+
<?
<protect>
## $Id$
## DO NOT EDIT THIS FILE! IT WAS AUTOMATICALLY GENERATED FROM CDSware WML SOURCES.
?>
<SCRIPT LANGUAGE="JavaScript">
<!-- hide
function validateIsInt(param)
// This function validates its parameter to ensure that it is an integer
// value.
// Author: Nicholas Robinson
// Email: Nicholas.Robinson@cern.ch
// ca8nro@yahoo.co.uk
// Created: 16/11/2000
// Last Modified: 16/11/2000
{
// Create a flag to indicate that we have found a non-digit value
var nonDigit = false;
for(index = 0; index < param.length; index++)
{
if(!(param[index] >= 0 && param[index] <= 9))
{
// In this case, we've found a non-digit value, and can stop
// searching, as the parameter is clearly not an integer
nonDigit = true;
break;
} // END if
} // END for
return true;
} // END function validateIsInt(param)
function verifyChanges(curLactname, sugLactname, curDir, sugDir,
curActionbutton, sugActionbutton, curStatustext, sugStatustext)
// Function to test whether the values for the parameters to be changed
// have actually been changed by the user when they submit them to the
// database for update. If not, the function returns false. If so, the
// function returns true.
// Author: Nicholas Robinson
// Email: Nicholas.Robinson@cern.ch
// Created: 27/07/2000
// Last Modified: 16/11/2000
{
if((curLactname == sugLactname) &&
(curDir == sugDir) && (curActionbutton == sugActionbutton) &&
(curStatustext == sugStatustext))
{
alert("No Change In The Data Has Been Made! Cannot Submit.");
return false;
} // End if
else
{
return true;
} // End else
} // End function verifyChanges()
// -->
</SCRIPT>
<?
function makeButtons($dataRow, $caller, $doctype = "")
{
/**************************************************************
This function has the simple task of creating and displaying the
"SAVE CHANGES" button and the "FINISHED" button for the action
details form. It is bundled into a function, as it is quite a
messy piece of code due to the large parameters to the
JavaScript function "verifyChanges".
Author: Nicholas Robinson
Email: Nicholas.Robinson@cern.ch
ca8nro@yahoo.co.uk
Created: 16/11/2000
Last Modified: 19/12/2000
**************************************************************/
print("<P>\n");
print("<TABLE ALIGN='center' BORDER=0 CELLSPACING=0 "
. "CELLPADDING=0 WIDTH='100%'>\n<TR>\n<TD ALIGN='right'>"
- . "\n<INPUT TYPE='button' VALUE='SAVE CHANGES' onClick=\""
+ . "\n<INPUT TYPE='button' VALUE='SAVE CHANGES' onClick=\""
. "if(verifyChanges(escape('" . ereg_replace("'","\\'",
- htmlspecialchars($dataRow["lactname"]))
+ htmlspecialchars($dataRow["lactname"]))
. "'), escape(lactname.value), escape('"
. ereg_replace("'","\\'",
htmlspecialchars($dataRow["dir"]))
. "'), escape(dir.value), escape('"
. ereg_replace("'","\\'",
htmlspecialchars($dataRow["actionbutton"]))
. "'), escape(actionbutton.value), escape('"
. ereg_replace("'","\\'",
- htmlspecialchars($dataRow["statustext"]))
- . "'), escape(statustext.value))) { submit(); } }\">\n</TD>\n</FORM>\n<FORM ACTION='$caller"
+ htmlspecialchars($dataRow["statustext"]))
+ . "'), escape(statustext.value))) { submit(); }\">\n</TD>\n</FORM>\n<FORM ACTION='$caller"
. "' METHOD='post'>\n");
if($caller == "documentEDS.php")
{
# Pass a doctype back to it...
print("<INPUT TYPE='hidden' NAME='doctype' VALUE='$doctype'>\n");
} // END if
print("<TD ALIGN='left'>\n<INPUT TYPE='button' VALUE='FINISHED' "
. "onClick=\"submit();\">\n</TD>\n</FORM>\n</TR>\n</TABLE>\n</P>"
. "\n");
} // END function makeButtons()
//*************
function displayEDSaction($actname, $caller, $doctype = "")
{
/*******************************************************************
This function has the task of displaying the details of an EDS
action. The details are displayed in a form, so that they can be
modified and resubmitted to the database. This function
basically has the task of producing the page to be displayed for
the 'viewActionEDS.php' page.
Author: Nicholas Robinson
Email: Nicholas.Robinson@cern.ch
ca8nro@yahoo.co.uk
Created: 16/11/2000
Last Modified: 17/01/2001
*******************************************************************/
# Execute a query on the sbmACTION table for the given action...
- $queryResult = mysql_query("SELECT * from sbmACTION WHERE sactname = "
+ $queryResult = mysql_query("SELECT * from sbmACTION WHERE sactname = "
. "'$actname'");
if($queryResult)
{
- # The query has executed successfully, so we can continue with
+ # The query has executed successfully, so we can continue with
# the production of the page...
-
+
# Produce the appropriate output, depending upon the number of
# rows returned by the query...
if(mysql_num_rows($queryResult) == 1)
{
# In this case, as expected, there is one entry for the given
# action in the sbmACTION table..
-
+
# Now, display a quick set of page instructions for the user..
print("<TABLE WIDTH='90%' BGCOLOR='#D3DCE3' ALIGN='center' "
. "CELLSPACING=0 CELLPADDING=0 BORDER=1>\n<TR><TD "
. "ALIGN='center'>\n<P STYLE=\"color: blue; text-align: "
- . "center; font-size: small; font-weight: bold\">Below are "
+ . "center; font-size: small; font-weight: bold\">Below are "
. "the details of the <EM>$actname</EM> action.<BR>You can "
. "edit them by alterring values in boxes, and clicking on "
. "\"SAVE CHANGES\".</P>\n</TD>\n</TR>\n</TABLE>\n");
-
+
# Make a horizontal rule to divide the page sections...
drawSeparator();
-
+
# Now, we are ready to display the details of the given action
- # in a table. Each data item will be contained within a form
+ # in a table. Each data item will be contained within a form
# input box so that it can be edited if this is desirable.
print("<FORM ACTION='viewActionEDS.php' METHOD='post'>\n"
. "<INPUT TYPE='hidden' NAME='update' VALUE='true'>\n"
. "<INPUT TYPE='hidden' NAME='caller' VALUE='$caller'>\n");
if($caller == "documentEDS.php")
{
# Add a doctype into the equation
print("<INPUT TYPE='hidden' NAME='doctype' VALUE='$doctype"
. "'>\n");
} // END if
print("<TABLE BORDER=1 CELLSPACING=0 CELLPADDING=0 "
. "ALIGN='center' WIDTH='100%'>\n");
-
+
# Now make the table: names & fields...
-
+
# Get the columns list
$columns = mysql_list_fields(DOCS_DATABASE, "sbmACTION");
# Get the number of field
$numTblFlds = mysql_num_fields($columns);
-
+
# Get the row of data
$dataRow = mysql_fetch_array($queryResult);
-
- # Before we display most of the table, we can first display
+
+ # Before we display most of the table, we can first display
# the upper part of the table, which will be the sactname, cd,
# and md fields, that can't be modified...
-
+
print("<TABLE WIDTH='100%' ALIGN='center' CELLSPACING=0 "
. "CELLPADDING=0 BORDER=0>\n<TR>\n<TH BGCOLOR='#D3DCE3' ALIGN"
. "='right' WIDTH='20%'>\nAction Code: </TH>\n<TD "
. "ALIGN='left' BGCOLOR='#FFFFCC' WIDTH='80%'><INPUT "
. "TYPE='readonly' NAME='sactname' VALUE='"
. $dataRow["sactname"] . "'>\n</TD>\n</TR>\n<TR>\n<TH "
. "BGCOLOR='#D3DCE3' ALIGN='right' WIDTH='20%'>\nCreation "
. "Date: </TH>\n<TD WIDTH='80%' ALIGN='left' BGCOLOR="
. "'#FFFFCC'><INPUT TYPE='readonly' NAME='cd' VALUE='"
. $dataRow["cd"] . "'>\n</TD>\n</TR>\n<TR>\n<TH WIDTH='20%'"
. " BGCOLOR='#D3DCE3' ALIGN='right'>\nModification "
. "Date: </TH>\n<TD WIDTH='80%' ALIGN='left' "
. "BGCOLOR='#FFFFCC'><INPUT TYPE='readonly' NAME='md' "
. "VALUE='" . $dataRow["md"] . "'>\n</TD>\n</TR>\n");
print("<input type=\"hidden\" name=\"actionbutton\" value=\"\">");
# Now fill this new table with all of the details...
for($indx = 0; $indx < $numTblFlds; $indx++)
{
# Get the name of the current field...
$currentField = mysql_field_name($columns, $indx);
-
- # Ensure that we don't once again print our non-editable
+
+ # Ensure that we don't once again print our non-editable
# fields out...
-
+
if(($currentField != "sactname") && ($currentField != "cd")
&& ($currentField != "md") && ($currentField != "actionbutton"))
{
# First, display the field name...
print("<TR>\n<TH BGCOLOR='#87CEFA' ALIGN='right' "
. "WIDTH='20%'>\n");
-
+
if($currentField == "lactname")
{
print("Action Description: ");
} // END if
else
{
print("$currentField" . ": ");
} // END else
print(" </TH>\n<TD ALIGN='left' WIDTH='80%' "
. "BGCOLOR='#FFFFCC'>\n<INPUT TYPE='text' NAME="
. "'$currentField' SIZE=");
if(mysql_field_type($columns, $indx) == "blob")
{
print("60");
} // END if
else
{
print(mysql_field_len($columns, $indx));
} // END else
- print(" VALUE='" . ereg_replace("'", "'",
+ print(" VALUE='" . ereg_replace("'", "'",
htmlspecialchars($dataRow[$indx]))
. "'>\n</TD>\n</TR>\n");
} // END if
} // END for
-
+
# Now that the table has been filled with all of the actions
# details, it can be closed..
print("</TABLE>\n</TABLE>\n");
-
+
# Now that the form has been drawn, it is possible to produce
# a new table underneath, containing buttons. There will be a
# "SAVE" button, and a "FINISHED button.
if($caller == "documentEDS.php")
{
makeButtons($dataRow, $caller, $doctype);
} // END if
else
{
makeButtons($dataRow, $caller);
} // END else
} // END if
elseif(mysql_num_rows($queryResult) > 1)
{
- # In this case, there are many rows for the given action in
+ # In this case, there are many rows for the given action in
# the sbmACTIONS table, which means that the sbmACTIONS table has
# primary key violations..
-
+
print("<P CLASS='errorMsg'><SPAN STYLE=\"color: red\">"
. "ERROR:</SPAN> More "
. "than one row of data concerning the <EM>$actname</EM> "
- . "action was returned from the <EM>sbmACTION</EM> table of "
+ . "action was returned from the <EM>sbmACTION</EM> table of "
. "the" . DOCS_DATABASE . ".<BR>This indicates primary key "
. "duplication in this table.<BR>Please inform system "
. "administrator.</P>\n");
-
- # Send a mail to the system admin people to warn them about
+
+ # Send a mail to the system admin people to warn them about
# this serious error..
-
+
$msgTxt = "When a user attempted to look at the details of "
. "the $actname action using the WebSubmit Administrator, several "
. "rows were returned for this action from the sbmACTION table."
. " The query was made using the \"sactname\" as the search"
. " key. As the \"sactname\" field is the primary key for "
. "the sbmACTION table, this means that there must be key "
. "violations in this table.\n\nThis problem should be "
. "corrected immediately.\n\nWebSubmit Administrator (";
$msgTxt .= makeDate();
$msgTxt .= ")";
- # Now send the mail..
+ # Now send the mail..
mail(ADMIN_EMAIL, "sbmACTION Table Key Violation!", $msgTxt,
"From: WebSubmit_Administrator");
} // END elseif
elseif(mysql_num_rows($queryResult) == 0)
{
# This means that the given action has no row in the sbmACTIONS
# table..Signifies a database inconsistency error.
print("<P CLASS='errorMsg'><SPAN STYLE=\"color: red\">"
. "ERROR:</SPAN> No data"
. " concerning the <EM>$actname</EM> action was found in the"
. " <EM>sbmACTION</EM> table.<BR>This suggests a data "
- . "consistency error in the " . DOCS_DATABASE . " database."
+ . "consistency error in the " . DOCS_DATABASE . " database."
. "<BR>Please inform the system administrator.</P>\n");
# Now send an email to the administrator(s) to inform them of
# this serious error...
-
+
# Get the current date and time...
$dateDets = getdate();
$msgTxt = "When a user attempted to look at the details of "
. "the $actname action using the WebSubmit Administrator, no rows "
. "were returned from the sbmACTION table for this "
. "action.\n\nBecause the user had to click a link to view "
. "the details of this action, it must be referred to in "
- . "other tables of EDS. This means that there are data "
+ . "other tables of EDS. This means that there are data "
. "inconsistencies within EDS.\n\nThis should be investigated"
. " and corrected ASAP.\n\nWebSubmit Administrator (";
$msgTxt .= makeDate();
$msgTxt .= ")";
# Now send the mail..
mail(ADMIN_EMAIL, "Data Inconsistency Error!", $msgTxt,
"From: WebSubmit_Administrator");
} // END elseif
else
{
# Some other sort of error has ocurred, so present the error
# message on the screen.
print("<P CLASS='errorMsg'><SPAN STYLE=\"color: red\">"
. "ERROR:</SPAN> Unable"
. " to correctly retrieve data from the <EM>sbmACTION</EM> "
. "table of " . DOCS_DATABASE . ".<BR>Please inform system "
. "administrator.</P>\n");
} // END else
} // END if
else
{
# Unfortunately, the query has failed, so we can display an error
# message.
print("<P CLASS='errorMsg'><SPAN STYLE=\"color: red\">"
. "ERROR:</SPAN> Unable to conduct a query on the "
. "<EM>sbmACTION</EM> table of " . DOCS_DATABASE . ".<BR>Please"
. " inform system administrator.</P>\n");
} // END else
} // END function displayEDSaction()
function displayPage($update,$actname)
{
global $lactname,$sactname,$dir,$actionbutton,$statustext;
# Conduct a test to see if this is the first call to this script, or
# if it is a self-referential call, whereby the user has chosen to
# update values of the given action...
if($update)
{
# In this case, this is a call to update the actions details...
# Free memory space associated with $update...
unset($update);
# Get the data, so that it can be committed for the modification
# date field (md)...
$dateDets = getdate();
# Now put the date into a variable in a nice MySQL friendly
# format
$modifiedDate = $dateDets['year'] . "-" . $dateDets['mon'] . "-"
. $dateDets['mday'];
# Begin constructing the UPDATE query string...
$queryString = "UPDATE sbmACTION SET lactname = '$lactname', dir ="
. " '$dir', md = '$modifiedDate', actionbutton = '$actionbutton'"
. ", statustext = '$statustext' "
. "WHERE sactname = '$sactname'";
# Now actually execute the update query
$updateResult = mysql_query($queryString);
if($updateResult)
{
# If the query could actually be executed without error
if(mysql_affected_rows() == 1)
{
# In this case, only 1 rows was updated, which is as
# expected
# Send the administrator a message to inform them of the
# update that has taken place...
# Get the current date and time...
$dateDets = getdate();
$msgTxt = "An update has been carried out on the $sactname"
. " action in the " . DOCS_DATABASE . " database.\n\nEDS "
. "Administrator (";
$msgTxt .= makeDate();
$msgTxt .= ")";
# Now send the mail..
mail(ADMIN_EMAIL, "EDS Action Updated", $msgTxt,
"From: WebSubmit_Administrator");
# We can now redisplay all of the details for the action
if($caller == "documentEDS.php")
{
displayEDSaction($sactname, $caller, $doctype);
} // END if
else
{
displayEDSaction($sactname, $caller);
} // END else
} // END if
elseif(mysql_affected_rows() > 1)
{
# More than 1 row was updated -> bad news: key duplication
# Display an error message about this...
print("<P CLASS='errorMsg'><SPAN STYLE=\"color: red\">"
. "ERROR:</SPAN> Multiple rows have been updated in the "
. "<EM>sbmACTION</EM> table.<BR>This has resulted from an "
. "attempt to update the <EM>$sactname</EM> action.<BR>"
. "Please inform the system administrator.</P>\n");
# Now, email the administrator to let them know this, as it
# is a potentially dangerous error.
$msgTxt = "When a user updated the details of "
. "the $sactname action using the WebSubmit Administrator, seve"
. "ral rows were affected in the sbmACTION table. The update"
. " was conducted using the \"sactname\" field as the key."
. " As the \"sactname\" field is the primary key for the "
. "sbmACTION table, this means that there must be key violati"
. "ons in this table. There should only have been 1 row "
. "affected by this update.\n\nThis problem should be "
. "investigated and corrected immediately.\n\nEDS Administ"
. "rator (";
$msgTxt .= makeDate();
$msgTxt .= ")";
# Now send the mail..
mail(ADMIN_EMAIL, "ERROR: sbmACTIONS Table Multiple Row "
. "Update!", $msgTxt, "From: WebSubmit_Administrator");
} // END elseif
else
{
# No rows were updated -> Something strange here!
# Display an error message about this...
print("<P CLASS='errorMsg'><SPAN STYLE=\"color: red\">"
. "ERROR:</SPAN> No rows have been updated in the <EM>"
. "sbmACTION</EM> table.<BR>This suggests that there could "
. "be data inconsistencies or concurrency problems.<BR>"
. "Please inform the system administrator.</P>\n");
# Better email the administrator & let them know...
$msgTxt = "When a user attempted to update the details of "
. "the $sactname action using the WebSubmit Administrator, no "
. "rows were affected in the sbmACTION table by this update."
. "\n\nBecause the user must have altered an actions "
. "details to submit an update on it, it must have been "
. "present at around the time that the user submitted thei"
. "r update.\n\n"
. "This suggests the possibility of concurrency or data "
. "inconsistency problems in this table.\n\nThis should be"
. " investigated and corrected ASAP.\n\nWebSubmit Administrator "
. "(";
$msgTxt .= makeDate();
$msgTxt .= ")";
# Now send the mail..
mail(ADMIN_EMAIL, "Error: Possible Concurrency Problems",
$msgTxt, "From: WebSubmit_Administrator");
} // END else
} // END if
else
{
# The query couldn't be executed due to error(s) ocurring, so
# display an error message
print("<P CLASS='errorMsg'><SPAN STYLE=\"color: red\">ERROR:"
. "</SPAN> Unable to update deatails for <EM>$sactname</EM> "
. "action in <EM>sbmACTION</EM> table.<BR>Please inform system "
. "administrator.</P>\n");
} // END else
} // END if
else
{
# In this case, this is the first call to the page, so we can
# basically just display the details of the given action...
if($caller == "documentEDS.php")
{
displayEDSaction($actname, $caller, $doctype);
} // END if
else
{
displayEDSaction($actname, $caller);
} // END else
} // END else
}
/**********************Start of main script***************************/
# Connect to the MySQL server
serverConnect(MYSQLDOCMACHINE, MYSQLDOCUSERID, MYSQLDOCPASSWORD);
# Select the CDS Search database...
dbSelect(DOCS_DATABASE);
$auth = canUseWebSubmitAdmin($uid);
if (!$auth[0])
outWarning($auth[1]);
else
displayPage($update,$actname);
/************************End of main script***************************/
</protect>
?>
-
+