diff --git a/modules/websubmit/lib/websubmit_engine.py b/modules/websubmit/lib/websubmit_engine.py
index e5baf7461..cb2bea736 100644
--- a/modules/websubmit/lib/websubmit_engine.py
+++ b/modules/websubmit/lib/websubmit_engine.py
@@ -1,1304 +1,1304 @@
## $Id$
## CDSware WebSubmit in mod_python.
## This file is part of the CERN Document Server Software (CDSware).
## Copyright (C) 2002 CERN.
##
## The CDSware is free software; you can redistribute it and/or
## modify it under the terms of the GNU General Public License as
## published by the Free Software Foundation; either version 2 of the
## License, or (at your option) any later version.
##
## The CDSware is distributed in the hope that it will be useful, but
## WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
## General Public License for more details.
##
## You should have received a copy of the GNU General Public License
## along with CDSware; if not, write to the Free Software Foundation, Inc.,
## 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
## read config variables:
#include "config.wml"
#include "configbis.wml"
## start Python:
<protect>## $Id$</protect>
<protect>## DO NOT EDIT THIS FILE! IT WAS AUTOMATICALLY GENERATED FROM CDSware WML SOURCES.</protect>
"""CDSware Submission Web Interface."""
## fill config variables:
pylibdir = "<LIBDIR>/python"
<protect>
## import interesting modules:
import string
import os
import sys
import time
import types
import re
import MySQLdb
import shutil
sys.path.append('%s' % pylibdir)
from cdsware.config import *
from cdsware.dbquery import run_sql
from cdsware.access_control_engine import acc_authorize_action
from cdsware.access_control_admin import acc_isRole
from cdsware.webpage import page, create_error_box
from cdsware.webuser import getUid, get_email
from cdsware.messages import *
from mod_python import apache
from cdsware.websubmit_config import *
from cdsware.file import *
def interface(req,c=cdsname,ln=cdslang, doctype="", act="", startPg=1, indir="", access="",mainmenu="",fromdir="",file="",nextPg="",nbPg="",curpage=1):
ln = wash_language(ln)
sys.stdout = req
# get user ID:
try:
uid = getUid(req)
uid_email = get_email(uid)
except MySQLdb.Error, e:
return errorMsg(e.value,req)
# variable initialisation
t = ""
field = []
fieldhtml = []
level = []
fullDesc = []
text = []
check = []
select = []
radio = []
upload = []
txt = []
noPage = []
# Preliminary tasks
# check that the user is logged in
if uid_email == "" or uid_email == "guest":
warningMsg("<center><font color=red>Sorry, you must log in to perform this action. Please use the top right menu to do so.</font></center>",req)
# check we have minimum fields
if doctype=="" or act=="" or access=="":
return errorMsg("invalid parameter",req)
# retrieve the action and doctype data
if indir == "":
res = run_sql("select dir from sbmACTION where sactname=%s",(act,))
if len(res) == 0:
return errorMsg("cannot find submission directory",req)
else:
row = res[0]
indir = row[0]
res = run_sql("SELECT ldocname FROM sbmDOCTYPE WHERE sdocname=%s",(doctype,))
if len(res) == 0:
return errorMsg("unknown document type",req)
else:
docname = res[0][0]
docname = string.replace(docname," "," ")
res = run_sql("SELECT lactname FROM sbmACTION WHERE sactname=%s",(act,))
if len(res) == 0:
return errorMsg("unknown action",req)
else:
actname = res[0][0]
actname = string.replace(actname," "," ")
subname = "%s%s" % (act,doctype)
res = run_sql("SELECT nbpg FROM sbmIMPLEMENT WHERE subname=%s", (subname,))
if len(res) == 0:
return errorMsg("can't figure number of pages",req)
else:
nbpages = res[0][0]
#Get current page
if startPg != "" and (curpage=="" or curpage==0):
curpage = startPg
# retrieve the name of the file in which the reference of
# the submitted document will be stored
res = run_sql("SELECT value FROM sbmPARAMETERS WHERE doctype=%s and name='edsrn'", (doctype,))
if len(res) == 0:
edsrn = ""
else:
edsrn = res[0][0]
# This defines the path to the directory containing the action data
curdir = "%s/%s/%s/%s" % (storage,indir,doctype,access)
# if this submission comes from another one ($fromdir is then set)
# We retrieve the previous submission directory and put it in the proper one
if fromdir != "":
olddir = "%s/%s/%s/%s" % (storage,fromdir,doctype,access)
if os.path.exists(olddir):
os.rename(olddir,curdir)
# If the submission directory still does not exist, we create it
if not os.path.exists(curdir):
try:
os.makedirs(curdir)
except:
return errorMsg("can't create submission directory",req)
# retrieve the original main menu url ans save it in the "mainmenu" file
if mainmenu != "":
fp = open("%s/mainmenu" % curdir,"w+")
fp.write(mainmenu)
fp.close()
# and if the file containing the URL to the main menu exists
# we retrieve it and store it in the $mainmenu variable
if os.path.exists("%s/mainmenu" % curdir):
fp = open("%s/mainmenu" % curdir,"r");
mainmenu = fp.read()
fp.close()
else:
mainmenu = "%s/submit.py" %urlpath
# various authentication related tasks...
if uid_email != "guest" and uid_email != "":
#First save the username (email address) in the SuE file. This way bibconvert will be able to use it if needed
fp = open("%s/SuE" % curdir,"w+")
fp.write(uid_email)
fp.close()
# is user authorized to perform this action?
if acc_isRole("submit",doctype=doctype,act=act) and not acc_authorize_action(uid, "submit",verbose=0,doctype=doctype, act=act):
return warningMsg("<center><font color=red>Sorry, user %s does not have the right to perform this action. Try logging with another user.</font></center>" % uid_email,req)
# then we update the "journal of submission"
res = run_sql("SELECT * FROM sbmSUBMISSIONS WHERE doctype=%s and action=%s and id=%s and email=%s", (doctype,act,access,uid_email,))
if len(res) == 0:
run_sql("INSERT INTO sbmSUBMISSIONS values (%s,%s,%s,'pending',%s,'',NOW(),NOW())", (uid_email,doctype,act,access,))
else:
run_sql("UPDATE sbmSUBMISSIONS SET md=NOW() WHERE doctype=%s and action=%s and id=%s and email=%s", (doctype,act,access,uid_email,))
# Save the form fields entered in the previous submission page
# If the form was sent with the GET method
form = req.form
value = ""
# we parse all the form variables
for key in form.keys():
formfields = form[key]
if re.search("\[\]",key):
filename = key.replace("[]","")
else:
filename = key
# the field is an array
if isinstance(formfields,types.ListType):
fp = open("%s/%s" % (curdir,filename),"w+")
for formfield in formfields:
#stripslashes(value)
value = specialchars(formfield)
fp.write(value+"\n")
fp.close()
# the field is a normal string
elif isinstance(formfields,types.StringTypes) and formfields != "":
value = formfields
fp = open("%s/%s" % (curdir,filename),"w+")
fp.write(specialchars(value))
fp.close()
# the field is a file
elif hasattr(formfields,"filename"):
if not os.path.exists("%s/files/%s" % (curdir,key)):
try:
os.makedirs("%s/files/%s" % (curdir,key))
except:
return errorMsg("can't create submission directory",req)
filename = formfields.filename
if filename != "":
# This may be dangerous if the file size is bigger than the available memory
data = formfields.file.read()
fp = open("%s/files/%s/%s" % (curdir,key,filename),"w")
fp.write(data)
fp.close()
fp = open("%s/lastuploadedfile" % curdir,"w+")
fp.write(filename)
fp.close()
fp = open("%s/%s" % (curdir,key),"w+")
fp.write(filename)
fp.close()
# if the found field is the reference of the document
# we save this value in the "journal of submissions"
if uid_email != "" and uid_email != "guest":
if key == edsrn:
run_sql("UPDATE sbmSUBMISSIONS SET reference=%s WHERE doctype=%s and id=%s and email=%s", (value,doctype,access,uid_email,))
# Now deal with the cookies
# If the fields must be saved as a cookie, we do so
# In this case, the value of the field will be retrieved and
# displayed as the default value of the field next time the user
# does a submission
if value!="":
res = run_sql("SELECT cookie FROM sbmFIELDDESC WHERE name=%s", (key,))
if len(res) > 0:
if res[0][0] == 1:
setCookie(key,value,uid)
# create interface
# top menu
t=t+"<FORM method=\"POST\" action=\"submit.py\" onSubmit=\"return tester();\">"
t=t+"<center><TABLE cellspacing=0 cellpadding=0 border=0><TR>"
t=t+" <TD class=submitHeader><B>%s </B></TD>" % docname
t=t+" <TD class=submitHeader><small> %s </small></TD>" % actname
t=t+"""
<TD valign=bottom>
<TABLE cellspacing=0 cellpadding=0 border=0 width=100%>
<TR><TD class=submitEmptyPage> </TD>"""
for i in range(1,nbpages+1):
if i == int(curpage):
t=t+"<TD class=submitCurrentPage><small> page:%s </small></TD>" % curpage
else:
t=t+"<TD class=submitPage><small> <A HREF='' onClick=\"if (tester2() == 1){document.forms[0].curpage.value=%s;document.forms[0].submit();return false;} else { return false; }\">%s</A> </small></TD>" % (i,i)
t=t+"<TD class=submitEmptyPage> </TD></TR></TABLE></TD>\n"
t=t+"<TD class=submitHeader align=right> <A HREF='' onClick=\"window.open('summary.py?doctype=%s&act=%s&access=%s&indir=%s','summary','scrollbars=yes,menubar=no,width=500,height=250');return false;\"><font color=white><small>SUMMARY(2)</small></font></A> </TD>\n" % (doctype,act,access,indir)
t=t+"</TR>"
# main cell
t=t+"<TR><TD colspan=5 class=submitHeader><TABLE border=0 cellspacing=0 cellpadding=15 width=\"100%\" class=submitBody><TR><TD><BR>"
# display the static form fields
t=t+"<INPUT type=\"hidden\" name=\"file\" value=\"%s\">\n" % file
t=t+"<INPUT type=\"hidden\" name=\"nextPg\" value=\"%s\">\n" % nextPg
t=t+"<INPUT type=\"hidden\" name=\"access\" value=\"%s\">\n" % access
t=t+"<INPUT type=\"hidden\" name=\"curpage\" value=\"%s\">\n" % curpage
t=t+"<INPUT type=\"hidden\" name=\"nbPg\" value=\"%s\">\n" % nbPg
t = t +"<INPUT type=\"hidden\" name=\"doctype\" value=\"%s\">\n" % doctype
t=t+"<INPUT type=\"hidden\" name=\"act\" value=\"%s\">\n" % act
t=t+"<INPUT type=\"hidden\" name=\"indir\" value=\"%s\">\n" % indir
t=t+"<INPUT type=\"hidden\" name=\"mode\" value=\"U\">\n"
t=t+"<INPUT type=\"hidden\" name=\"step\" value=\"0\">\n"
# For each field to be displayed on the page
subname = "%s%s" % (act,doctype)
res = run_sql("SELECT * FROM sbmFIELD WHERE subname=%s and pagenb=%s ORDER BY fieldnb,fieldnb", (subname,curpage,))
nbFields = 0
for arr in res:
# We retrieve its HTML description
res3 = run_sql("SELECT * FROM sbmFIELDDESC WHERE name=%s", (arr[3],))
arr3 = res3[0]
if arr3[8]==None:
val=""
else:
val=arr3[8]
# we also retrieve and add the javascript code of the checking function, if needed
if arr[7] != '':
res2 = run_sql("SELECT chdesc FROM sbmCHECKS WHERE chname=%s", (arr[7],))
t=t+"<SCRIPT LANGUAGE=\"JavaScript1.1\" TYPE=\"text/javascript\">\n";
t=t+res2[0][0]
t=t+"</SCRIPT>\n"
# If the field is a textarea
if arr3[3] == 'T':
text="<TEXTAREA name=\"%s\" rows=%s cols=%s>%s</TEXTAREA>" % (arr[3],arr3[5],arr3[6],val)
# If the field is a file upload
elif arr3[3] == 'F':
text="<INPUT TYPE=file name=\"%s\" size=%s maxlength=%s>" % (arr[3],arr3[4],arr3[7]);
# If the field is a text input
elif arr3[3] == 'I':
text="<INPUT name=\"%s\" size=%s value=\"%s\">" % (arr[3],arr3[4],val)
# If the field is a hidden input
elif arr3[3] == 'H':
text="<INPUT type=\"hidden\" name=\"%s\" value=\"%s\">" % (arr[3],val)
# If the field is user-defined
elif arr3[3] == 'D':
text=arr3[9]
# If the field is a select box
elif arr3[3] == 'S':
text=arr3[9]
# If the field is an evaluated script
# the execed code should set variable text
elif arr3[3] == 'R':
co = compile(arr3[9].replace("\r\n","\n"),"<string>","exec")
exec(co)
# If the field type is not recognized
else:
text="%s: unknown field type" % arr[1]
# we now determine the exact type of the created field
if arr3[3] not in [ 'D','R']:
field.append(arr[3])
level.append(arr[5])
fullDesc.append(arr[4])
txt.append(arr[6])
check.append(arr[7])
# If the field is not user-defined, we try to determine its type
# (select, radio, file upload...)
# check whether it is a select field or not
if re.search("SELECT",text,re.IGNORECASE) != None:
select.append(1)
else:
select.append(0)
# checks whether it is a radio field or not
if re.search("TYPE=radio",text,re.IGNORECASE) != None:
radio.append(1)
else:
radio.append(0)
# checks whether it is a file upload or not
if re.search("TYPE=file",text,re.IGNORECASE) != None:
upload.append(1)
else:
upload.append(0)
# if the field description contains the "<COMBO>" string, replace
# it by the category selected on the document page submission page
combofile = "combo%s" % doctype
if os.path.exists("%s/%s" % (curdir,combofile)):
f = open("%s/%s" % (curdir,combofile),"r")
combo = f.read()
f.close()
else:
combo=""
text = text.replace("<COMBO>",combo)
# if there is a <YYYY> tag in it, replace it by the current year
year = time.strftime("%Y");
text = text.replace("<YYYY>",year)
fieldhtml.append(text)
# increment the fields counter
nbFields = nbFields + 1
else:
select.append(0)
radio.append(0)
upload.append(0)
field.append(value)
level.append(arr[5])
txt.append(arr[6])
level.append(arr[5])
fullDesc.append(arr[4])
txt.append(arr[6])
check.append(arr[7])
fieldhtml.append(text)
nbFields = nbFields+1
# now displays the html form field(s)
t+="%s\n" % fullDesc[nbFields-1]
t+=text+"\n"
# if there is a file upload field, we change the encoding type
t=t+"<SCRIPT LANGUAGE=\"JavaScript1.1\" TYPE=\"text/javascript\">\n"
for i in range(0,nbFields):
if upload[i] == 1:
t=t+"document.forms[0].encoding = \"multipart/form-data\";\n"
# we don't want the form to be submitted if the user enters 'Return'
t=t+"function tester(){return false;}\n"
# tests if mandatory fields are well filled
t=t+"function tester2(){\n"
for i in range(0,nbFields):
if re.search("%s\[\]"%field[i],fieldhtml[i]):
fieldname = "%s[]" % field[i]
else:
fieldname = field[i]
t=t+" el = document.forms[0].elements['%s'];\n" % fieldname
# If the field must be checked we call the checking function
if check[i] != "":
t=t+"if (%s(el.value)== 0){\n" % check[i]
t=t+" el.focus();\n"
t=t+" return 0;\n"
t=t+"}\n"
# If the field is mandatory, we check a value has been selected
if level[i] == 'M':
if select[i] != 0:
# If the field is a select box
t=t+"if ((el.selectedIndex == -1)||(el.selectedIndex == 0)){\n"
t=t+" alert(\"The field `%s` is Mandatory.\\n Please make a choice in the 'Select:' box\");\n" % txt[i]
t=t+" return 0;\n"
t=t+"}\n"
elif radio[i] != 0:
# If the field is a radio buttonset
t=t+"var check=0;\n"
t=t+"for (var j=0;j<el.length;j++){\n"
t=t+" if (el.options[j].checked){check++;}\n"
t=t+"}\n"
t=t+"if (check == 0){\n"
t=t+" alert(\"Please press a button.\");\n"
t=t+" return 0;\n"
t=t+"}\n"
else:
# If the field is a text input
t=t+"if (el.value == ''){\n"
t=t+" alert(\"The field `%s` is Mandatory. Please fill it in.\");\n" % txt[i]
t=t+" return 0;\n"
t=t+"}\n"
t=t+"return 1;\n"
t=t+"}\n"
t=t+"</SCRIPT><BR> <BR> </TD></TR></TABLE></TD></TR>\n"
# Display the navigation cell
# Display "previous page" navigation arrows
t=t+"<TR><TD colspan=5><TABLE border=0 cellpadding=0 cellspacing=0 width=\"100%\"><TR>\n"
if int(curpage) != 1:
t=t+" <TD class=submitHeader align=left> \n"
t=t+" <A HREF='' onClick=\"if (tester2() == 1){document.forms[0].curpage.value=%s;document.forms[0].submit();return false;} else { return false; }\">" % (int(curpage)-1)
t=t+" <IMG SRC=\"%s/left-trans.gif\" alt=\"previous page\" border=0>\n" % images
t=t+" <strong><font color=white>previous page</A></font></strong></TD>\n"
else:
t=t+" <TD class=submitHeader> </TD>\n"
# Display the submission number
t=t+" <TD class=submitHeader align=center><small>Submission no(1): %s</small></TD>\n" % access
# Display the "next page" navigation arrow
if int(curpage) != int(nbpages):
t=t+" <TD class=submitHeader align=right>\n"
t=t+" <A HREF='' onClick=\"if (tester2()){document.forms[0].curpage.value=%s;document.forms[0].submit();return false;} else {return false;}; return false;\">\n" % (int(curpage)+1)
t=t+" <strong><font color=white> next page</font></strong>\n"
t=t+" <IMG SRC=\"%s/right-trans.gif\" alt=\"next page\" border=0></A> " % images
else:
t=t+" <TD class=submitHeader> </TD>\n"
t=t+"</TR></TABLE></TD></TR></TABLE></center></FORM>"
# # # # # # # # # # # # # # # # # # # # # # # # #
# Fill the fields with the previously saved values
# # # # # # # # # # # # # # # # # # # # # # # # #
t=t+"<SCRIPT LANGUAGE=\"JavaScript1.1\" TYPE=\"text/javascript\">\n"
t=t+"<!-- Fill the fields in with the previous saved values-->\n"
# For each actual form field
for i in range(0,nbFields):
if re.search("%s\[\]"%field[i],fieldhtml[i]):
fieldname = "%s[]" % field[i]
else:
fieldname = field[i]
text = ''
# If a file exists with the name of the field we extract the saved value
if os.path.exists("%s/%s" % (curdir,field[i])):
file = open("%s/%s" % (curdir,field[i]),"r");
text = file.read()
text = re.compile("[\n\r]*$").sub("",text)
text = re.compile("\n").sub("\\n",text)
text = re.compile("\r").sub("",text)
file.close()
# Or if a cookie is set
# If a cookie is found corresponding to the name of the current
# field, we set the value of the field to the cookie's value
elif getCookie(field[i],uid) != None:
value = getCookie(field[i],uid)
value = re.compile("\r").sub("",value)
value = re.compile("\n").sub("\\n",value)
text = value
# If the value isn't empty
if text != '':
if select[i] != 0:
# If the field is a SELECT element
values = text.split("\n")
tmp=""
for val in values:
if tmp != "":
tmp = tmp + " || "
tmp = tmp + "el.options[j].value == \"%s\" || el.options[j].text == \"%s\"" % (val,val)
if tmp != "":
t=t+"\n<!--SELECT field found-->\n"
t=t+"el = document.forms[0].elements['%s'];\n" % fieldname
t=t+"for (var j=0;j<el.length;j++){\n"
t=t+" if (%s){\n" % tmp
t=t+" el.options[j].selected = true;}}\n"
elif radio[i] != 0:
# If the field is a RADIO element
t=t+"\n<!--RADIO field found-->\n"
t=t+"el = document.forms[0].elements['%s'];\n" % fieldname
t=t+"if (el.value == \"%s\"){\n" % text
t=t+" el.checked=true;}\n"
elif upload[i] == 0:
# If the field is not an upload element
t=t+"\n<!--INPUT field found-->\n"
t=t+"el = document.forms[0].elements['%s'];\n" % fieldname
text = text.replace('"','\"')
text = text.replace("\n","\\n")
t=t+"el.value=\"%s\";\n" % text
t=t+"<!--End Fill in section-->\n"
# JS function finish
# This function tests each mandatory field in the whole submission and checks whether
# the field has been correctly filled in or not
# This function is called when the user presses the "End
# Submission" button
if int(curpage) == int(nbpages):
t=t+"\n\nfunction finish() {\n"
subname = "%s%s" % (act,doctype)
res = run_sql("SELECT * FROM sbmFIELD WHERE subname=%s and pagenb!=%s", (subname,curpage,))
nbFields=0
message = ""
select = []
radio = []
upload = []
field = []
level = []
txt = []
for arr in res:
if arr[5] == "M":
res2 = run_sql("SELECT * FROM sbmFIELDDESC WHERE name=%s", (arr[3],));
row2 = res2[0]
if row2[3] in ['D','R']:
if row2[3] == "D":
text = row2[9]
else:
text = eval(row2[9])
formfields = text.split(">")
for formfield in formfields:
match = re.match("name=([^ <>]+)",formfield,re.IGNORECASE)
if match != None:
names = match.groups
for value in names:
if value != "":
value = re.compile("[\"']+").sub("",value)
field.append(value)
level.append(arr[5])
txt.append(arr[6])
noPage.append(arr[1])
check.append(arr[7])
nbFields = nbFields+1
else:
noPage.append(arr[1])
field.append(arr[3])
level.append(arr[5])
txt.append(arr[6])
check.append(arr[7])
nbFields = nbFields+1
# tests each mandatory field
for i in range (0,nbFields):
res = 1
if not os.path.exists("%s/%s" % (curdir,field[i])):
res=0
else:
file = open("%s/%s" % (curdir,field[i]),"r")
text = file.read()
if text == '':
res=0
else:
if text == "Select:":
res=0
if res==0:
message = " alert (\"The field '%s' is mandatory.\\nGoing back to page %s\");\n" % (txt[i],noPage[i])
message = message + " document.forms[0].curpage.value=\"%s\";\n" % noPage[i]
message = message + " document.forms[0].submit();\n"
if message != "":
t=t+message
else:
t=t+"if (tester2()){\n";
t=t+" document.forms[0].action=\"submit.py\";\n"
t=t+" document.forms[0].step.value=1;\n"
t=t+" document.forms[0].submit();\n"
t=t+" } \n"
t=t+" else \n"
t=t+" { \n"
t=t+" return false;\n"
t=t+" }\n"
t=t+"}\n"
t=t+"""
</SCRIPT>
<BR>
<BR>"""
# Display the "back to main menu" button
t=t+"<A HREF=\"%s\" onClick=\"return confirm('Are you sure you want to quit this submission?')\">\n" % mainmenu
t=t+"<IMG SRC=\"%s/mainmenu.gif\" border=0 ALT=\"back to main menu\" align=right></A><BR><BR>\n" % images
t=t+"""
<HR>
<small>(1) you should take note of this number at the beginning of the submission, it will allow you to get your information back in case your browser crashes before the end of the submission.</small><BR>"""
# Add the summary window definition if needed
t=t+" <small>(2) mandatory fields appear in red in the 'Summary' window.</small><BR>\n"
# start display:
req.content_type = "text/html"
req.send_http_header()
p_navtrail = "<a href=\"submit.py\">Submit</a> > <a href=\"submit.py?doctype=%s\">%s</a> > %s" % (doctype,docname,actname)
return page(title="" ,
body=t,
navtrail = p_navtrail,
description="",
keywords="",
uid=uid,
language=ln,
urlargs=req.args)
def endaction(req,c=cdsname,ln=cdslang, doctype="", act="", startPg=1, indir="", access="",mainmenu="",fromdir="",file="",nextPg="",nbPg="",curpage=1,step=1,mode="U"):
global rn,sysno,dismode,curdir,uid,uid_email,lats_step,action_score
dismode = mode
ln = wash_language(ln)
sys.stdout = req
t=""
# get user ID:
try:
uid = getUid(req)
uid_email = get_email(uid)
except MySQLdb.Error, e:
return errorMsg(e.value)
# Preliminary tasks
# check that the user is logged in
if uid_email == "" or uid_email == "guest":
return warningMsg("<center><font color=red>Sorry, you must log in to perform this action. Please use the top right menu to do so.</font></center>",req,cdsname,ln)
# check we have minimum fields
if doctype=="" or act=="" or access=="":
return errorMsg("invalid parameter",req,cdsname,ln)
# retrieve the action and doctype data
if indir == "":
res = run_sql("select dir from sbmACTION where sactname=%s", (act,))
if len(res) == 0:
return errorMsg("cannot find submission directory",req,cdsname,ln)
else:
row = res[0]
indir = row[0]
# The following words are reserved and should not be used as field names
reserved_words = ["stop","file","nextPg","startPg","access","curpage","nbPg","act","indir","doctype","mode","step","deleted","file_path","userfile_name"]
# This defines the path to the directory containing the action data
curdir = "%s/%s/%s/%s" % (storage,indir,doctype,access)
# If the submission directory still does not exist, we create it
if not os.path.exists(curdir):
try:
os.makedirs(curdir)
except:
return errorMsg("can't create submission directory",req,cdsname,ln)
# retrieve the original main menu url ans save it in the "mainmenu" file
if mainmenu != "":
fp = open("%s/mainmenu" % curdir,"w+")
fp.write(mainmenu)
fp.close()
# and if the file containing the URL to the main menu exists
# we retrieve it and store it in the $mainmenu variable
if os.path.exists("%s/mainmenu" % curdir):
fp = open("%s/mainmenu" % curdir,"r");
mainmenu = fp.read()
fp.close()
else:
mainmenu = "%s/submit.py" % urlpath
# retrieve the name of the file in which the reference of
# the submitted document will be stored
res = run_sql("SELECT value FROM sbmPARAMETERS WHERE doctype=%s and name='edsrn'",(doctype,))
if len(res) == 0:
edsrn = ""
else:
edsrn = res[0][0]
# Now we test whether the user has already completed the action and
# reloaded the page (in this case we don't want the functions to be called
# once again
reloaded = Test_Reload(uid_email,doctype,act,access)
# if the action has been completed
#if reloaded:
# return warningMsg("<b> Sorry, this action has already been completed. Please go back to the main menu to start a new action.</b>",req)
# We must determine if the action is finished (ie there is no other steps after the current one
res = run_sql("SELECT step FROM sbmFUNCTIONS WHERE action=%s and doctype=%s and step > %s", (act,doctype,step,))
if len(res) == 0:
finished = 1
else:
finished = 0
# Save the form fields entered in the previous submission page
# If the form was sent with the GET method
form = req.form
value = ""
# we parse all the form variables
for key in form.keys():
formfields = form[key]
if re.search("\[\]",key):
filename = key.replace("[]","")
else:
filename = key
# the field is an array
if isinstance(formfields,types.ListType):
fp = open("%s/%s" % (curdir,filename),"w+")
for formfield in formfields:
#stripslashes(value)
value = specialchars(formfield)
fp.write(value+"\n")
fp.close()
# the field is a normal string
elif isinstance(formfields,types.StringTypes) and formfields != "":
value = formfields
fp = open("%s/%s" % (curdir,filename),"w+")
fp.write(specialchars(value))
fp.close()
# the field is a file
elif hasattr(formfields,"filename"):
if not os.path.exists("%s/files/%s" % (curdir,key)):
try:
os.makedirs("%s/files/%s" % (curdir,key))
except:
return errorMsg("can't create submission directory",req,cdsname,ln)
filename = formfields.filename
if filename != "":
# This may be dangerous if the file size is bigger than the available memory
data = formfields.file.read()
fp = open("%s/files/%s/%s" % (curdir,key,filename),"w")
fp.write(data)
fp.close()
fp = open("%s/lastuploadedfile" % curdir,"w+")
fp.write(filename)
fp.close()
fp = open("%s/%s" % (curdir,key),"w+")
fp.write(filename)
fp.close()
# if the found field is the reference of the document
# we save this value in the "journal of submissions"
if uid_email != "" and uid_email != "guest":
if key == edsrn:
run_sql("UPDATE sbmSUBMISSIONS SET reference=%s WHERE doctype=%s and id=%s and email=%s", (value,doctype,access,uid_email,))
# Now deal with the cookies
# If the fields must be saved as a cookie, we do so
# In this case, the value of the field will be retrieved and
# displayed as the default value of the field next time the user
# does a submission
if value!="":
res = run_sql("SELECT cookie FROM sbmFIELDDESC WHERE name=%s", (key,))
if len(res) > 0:
if res[0][0] == 1:
setCookie(key,value,uid)
# those fields are necessary for the navigation
t=t+"<FORM ENCTYPE=\"multipart/form-data\" action=\"submit.py\" method=\"POST\">\n"
t=t+"<INPUT type=\"hidden\" name=\"file\" value=\"%s\">\n" % file
t=t+"<INPUT type=\"hidden\" name=\"nextPg\" value=\"%s\">\n" % nextPg
t=t+"<INPUT type=\"hidden\" name=\"startPg\" value=\"%s\">\n" % startPg
t=t+"<INPUT type=\"hidden\" name=\"access\" value=\"%s\">\n" % access
t=t+"<INPUT type=\"hidden\" name=\"curpage\" value=\"%s\">\n" % curpage
t=t+"<INPUT type=\"hidden\" name=\"nbPg\" value=\"%s\">\n" % nbPg
t=t+"<INPUT type=\"hidden\" name=\"doctype\" value=\"%s\">\n" % doctype
t=t+"<INPUT type=\"hidden\" name=\"act\" value=\"%s\">\n" %act
t=t+"<INPUT type=\"hidden\" name=\"indir\" value=\"%s\">\n" % indir
t=t+"<INPUT type=\"hidden\" name=\"fromdir\" value=\"\">\n"
t=t+"<INPUT type=\"hidden\" name=\"mainmenu\" value=\"%s\">\n" % mainmenu
# parameters for new MESS end scripts
t=t+"<INPUT type=\"hidden\" name=\"mode\" value=\"U\">\n"
t=t+"<INPUT type=\"hidden\" name=\"step\" value=\"1\">\n"
t=t+"<INPUT type=\"hidden\" name=\"deleted\" value=\"no\">\n"
t=t+"<INPUT type=\"hidden\" name=\"file_path\" value=\"\">\n"
t=t+"<INPUT type=\"hidden\" name=\"userfile_name\" value=\"\">\n"
# Get document name
res = run_sql("SELECT ldocname FROM sbmDOCTYPE WHERE sdocname=%s", (doctype,))
if len(res) > 0:
docname = res[0][0]
else:
return errorMsg("unknown type of document",req,cdsname,ln)
# Get action name
res = run_sql("SELECT lactname FROM sbmACTION WHERE sactname=%s", (act,))
if len(res) > 0:
actname = res[0][0]
else:
return errorMsg("unknown action",req,cdsname,ln)
# Get number of pages
subname = "%s%s" % (act,doctype)
res = run_sql("SELECT nbpg FROM sbmIMPLEMENT WHERE subname=%s",(subname,))
if len(res) > 0:
nbpages = res[0][0]
else:
return errorMsg("this action does not apply on this type of document",req,cdsname,ln)
# Display table header
t=t+"<center><TABLE cellspacing=0 cellpadding=0 border=0><TR>"
t=t+" <TD class=submitHeader><B>%s </B></TD>" % docname
t=t+" <TD class=submitHeader><small> %s </small></TD>" % actname
t=t+"""
<TD valign=bottom>
<TABLE cellspacing=0 cellpadding=0 border=0 width=100%>
<TR><TD class=submitEmptyPage> </TD>"""
if finished == 1:
t=t+"<TD class=submitCurrentPage>finished!</TD><TD class=submitEmptyPage> </TD></TR></TABLE></TD>\n"
t=t+"<TD class=submitEmptyPage align=right> </TD>\n"
else:
for i in range(1,nbpages+1):
t=t+"<TD class=submitPage><small> <A HREF='' onClick=\"document.forms[0].curpage.value=%s;document.forms[0].action='submit.py';document.forms[0].step.value=0;document.forms[0].submit();return false;\">%s</A> </small></TD>" % (i,i)
t=t+"<TD class=submitCurrentPage>end of action</TD><TD class=submitEmptyPage> </TD></TR></TABLE></TD>\n"
t=t+"<TD class=submitHeader align=right> <A HREF='' onClick=\"window.open('summary.py?doctype=%s&act=%s&access=%s&indir=%s','summary','scrollbars=yes,menubar=no,width=500,height=250');return false;\"><font color=white><small>SUMMARY(2)</small></font></A> </TD>\n" % (doctype,act,access,indir)
t=t+"</TR>\n"
# Display main cell
t=t+"<TR>\n"
t=t+" <TD colspan=5 class=submitBody>\n"
t=t+" <small><BR><BR>\n"
# we specify here whether we are in the last step of the action or not
res = run_sql("SELECT step FROM sbmFUNCTIONS WHERE action=%s and doctype=%s and step>%s", (act,doctype,step,))
if len(res) == 0:
last_step = 1
else:
last_step = 0
# Prints the action details, returning the mandatory score
action_score = action_details(doctype,act)
current_level = get_level(doctype, act)
# Calls all the function's actions
try:
t=t+print_function_calls(doctype, act, step, form)
except functionError,e:
return errorMsg(e.value,req)
except functionStop,e:
if e.value != None:
t=t+e.value
else:
t=t+e
# If the action was mandatory we propose the next mandatory action (if any)
if action_score != -1 and last_step == 1:
t=t+Propose_Next_Action(doctype,action_score,access,current_level,indir)
# If we are in the last step of an action, we can update the "journal of submissions"
if last_step == 1:
if uid_email != "" and uid_email != "guest" and rn != "":
res = run_sql("SELECT * FROM sbmSUBMISSIONS WHERE doctype=%s and action=%s and id=%s and email=%s", (doctype,act,access,uid_email,))
if len(res) == 0:
run_sql("INSERT INTO sbmSUBMISSIONS values(%s,%s,%s,'finished',%s,%s,NOW(),NOW())", (uid_email,doctype,act,access,rn,))
else:
run_sql("UPDATE sbmSUBMISSIONS SET md=NOW(),reference=%s,status='finished' WHERE doctype=%s and action=%s and id=%s and email=%s", (rn,doctype,act,access,uid_email,))
t=t+""" <BR><BR>
</TD>
</TR>
<TR class=submitHeader>
<TD class=submitHeader colspan=5 align=center>"""
if finished == 0:
t=t+"<small>Submission no</small>²:\n"
t=t+"<small>%s</small>\n" % access
else:
t=t+" \n"
t=t+"""
</TD>
</TR>
</TABLE>
</center>
</form>
<br>
<br>"""
# Add the "back to main menu" button
if finished == 0:
t=t+ " <A HREF=\"%s\" onClick=\"return confirm('Are you sure you want to quit this submission?')\">\n" % mainmenu
else:
t=t+" <A HREF=\"%s\">\n" % mainmenu
t=t+"<IMG SRC=\"%s/mainmenu.gif\" border=0 ALT=\"back to main menu\" align=\"right\"></A><BR><BR>\n" % images
# start display:
req.content_type = "text/html"
req.send_http_header()
p_navtrail = "<a href=\"submit.py\">Submit</a> > <a href=\"submit.py?doctype=%s\">%s</a> > %s" % (doctype,docname,actname)
return page(title="",
body=t,
navtrail = p_navtrail,
description="",
keywords="",
uid=uid,
language=ln,
urlargs=req.args)
def home(req,c=cdsname,ln=cdslang):
ln = wash_language(ln)
# get user ID:
try:
uid = getUid(req)
except MySQLdb.Error, e:
return errorMsg(e.value)
# start display:
req.content_type = "text/html"
req.send_http_header()
finaltext = ""
finaltext = finaltext + """
<SCRIPT TYPE="text/javascript" LANGUAGE="Javascript1.2">
var allLoaded = 1;
</SCRIPT>
<table class="searchbox" width="100%" summary="">
<tr>
<th class="portalboxheader">Document types available for submission:</th>
</tr>
<tr>
<td class="portalboxbody">
<BR>
Please select the type of document you want to submit:
<BR><BR>
<TABLE width="100%">
<TR>
<TD width="50%" class="narrowsearchboxbody">
"""
finaltext = finaltext + "<FORM method=get action=\"submit.py\">\n"
finaltext = finaltext + "<INPUT type=\"hidden\" name=\"doctype\">"
# Initialise catalogues array
finaltext = finaltext + makeCataloguesTable()
finaltext = finaltext + """
</TD>
</TR>
</TABLE>
</FORM>
</td>
</tr>
</table>"""
p_navtrail = "Submit"
return page(title="",
body=finaltext,
navtrail=p_navtrail,
description="toto",
keywords="keywords",
uid=uid,
language=ln,
urlargs=req.args
)
def makeCataloguesTable():
text = ""
catalogues = []
queryResult = run_sql("SELECT id_son FROM sbmCOLLECTION_sbmCOLLECTION WHERE id_father=0 ORDER BY catalogue_order");
if len(queryResult) != 0:
# Query has executed successfully, so we can proceed to display all
# catalogues in the EDS system...
text = "<UL>\n"
for row in queryResult:
catalogues.append(row[0])
text = text + displayCatalogueBranch(row[0],1,catalogues)
text = text + "</UL>\n"
else:
text = "<h3>No document types yet...</h3>\n"
return text
def displayCatalogueBranch(id_father,level,catalogues):
text = ""
queryResult = run_sql("SELECT name, id FROM sbmCOLLECTION WHERE id=%s", (id_father,))
if len(queryResult) != 0:
row = queryResult[0]
if level == 1:
text = "<LI><font size=\"+1\"><strong>%s</strong></font>\n" % row[0]
else:
if level == 2:
text = "<LI>%s\n" % row[0]
else:
if level > 2:
text = "<LI>%s\n" % row[0]
# display the son document types
res1 = run_sql("SELECT id_son FROM sbmCOLLECTION_sbmDOCTYPE WHERE id_father=%s ORDER BY catalogue_order", (id_father,))
res2 = run_sql("SELECT id_son FROM sbmCOLLECTION_sbmCOLLECTION WHERE id_father=%s ORDER BY catalogue_order", (id_father,))
if len(res1) != 0 or len(res2) != 0:
text = text + "<UL>\n"
if len(res1) != 0:
for row in res1:
text = text + displayDoctypeBranch(row[0],catalogues)
# display the son catalogues
for row in res2:
catalogues.append(row[0])
- text = text + displayCatalogueBranch(row[0],llevel+1,catalogues)
+ text = text + displayCatalogueBranch(row[0],level+1,catalogues)
if len(res1) != 0 or len(res2) != 0:
text = text + "</UL>\n"
return text
def displayDoctypeBranch(doctype,catalogues):
text = ""
res = run_sql("SELECT ldocname FROM sbmDOCTYPE WHERE sdocname=%s", (doctype,))
row = res[0]
text = "<LI><a href=\"\" onmouseover=\"javascript:popUpTextWindow('%s',true,event);\" onmouseout=\"javascript:popUpTextWindow('%s',false,event);\" onClick=\"document.forms[0].doctype.value='%s';document.forms[0].submit();return false;\">%s</a>\n" % (doctype,doctype,doctype,row[0])
return text
def action(req,c=cdsname,ln=cdslang,doctype=""):
nbCateg = 0
snameCateg = []
lnameCateg = []
actionShortDesc = []
indir = []
actionbutton = []
statustext = []
t = ""
ln = wash_language(ln)
# get user ID:
try:
uid = getUid(req)
uid_email = get_email(uid)
except MySQLdb.Error, e:
return errorMsg(e.value, req)
#parses database to get all data
#first the list of categories
res = run_sql("SELECT * FROM sbmCATEGORIES WHERE doctype=%s ORDER BY lname", (doctype,))
if len(res) > 0:
for arr in res:
nbCateg = nbCateg+1
snameCateg.append(arr[1])
lnameCateg.append(arr[2])
#then data about the document type
res = run_sql("SELECT * FROM sbmDOCTYPE WHERE sdocname=%s", (doctype,))
if len(res) > 0:
arr = res[0]
docFullDesc = arr[0]
docShortDesc = arr[1]
description = arr[4]
else:
return errorMsg ("Cannot find document %s" % doctype, req)
#then data about associated actions
res2 = run_sql("SELECT * FROM sbmIMPLEMENT LEFT JOIN sbmACTION on sbmACTION.sactname=sbmIMPLEMENT.actname WHERE docname=%s and displayed='Y' ORDER BY sbmIMPLEMENT.buttonorder", (docShortDesc,))
for arr2 in res2:
res = run_sql("SELECT * FROM sbmACTION WHERE sactname=%s", (arr2[1],))
for arr in res:
actionShortDesc.append(arr[1])
indir.append(arr[2])
actionbutton.append(arr[5])
statustext.append(arr[6])
t = """
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
var checked=0;
function tester()
{
"""
if (uid_email == "" or uid_email == "guest"):
t = t + "alert(\"please log in first.\\nUse the top right menu to log in.\");return false;\n";
t = t + """
if (checked == 0)
{
alert ("please select a category");
return false;
}
else
{
return true;
}
}
function clicked()
{
checked=1;
}
function selectdoctype(nb)
{
document.forms[0].act.value = docname[nb];
}
</SCRIPT>
<FORM method=get action="submit.py">"""
t = t + "<INPUT type=\"hidden\" name=\"doctype\" value=\"%s\">\n" % doctype
t = t + "<INPUT type=\"hidden\" name=\"indir\">"
pid = os.getpid()
now = time.time()
t = t + "<input type=hidden name=access value=\"%i_%s\">" % (now,pid)
t = t + """
<INPUT type="hidden" name="act">
<INPUT type="hidden" name="startPg" value=1>"""
t = t + "<INPUT type=hidden name=mainmenu value=\"submit.py?doctype=%s\">\n" % doctype
t = t + """
<table class="searchbox" width="100%" summary="">
<tr>"""
t+=" <th class=\"portalboxheader\">%s</th>" % docFullDesc
t+="""
</tr>
<tr>
<td class="portalboxbody">"""
if description != "":
t = t + "%s" % description
t = t + """
<BR>
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
var nbimg = document.images.length + 1;
</SCRIPT>
<BR>
<TABLE align=center cellpadding=0 cellspacing=0 border=0>
<TR>"""
if nbCateg != 0:
t = t + "<TD align=right>\n"
for i in range(0,nbCateg):
t = t + "%s<INPUT TYPE=radio NAME=\"combo%s\" value=\"%s\" onClick=\"clicked()\"> <BR>\n" % (lnameCateg[i],doctype,snameCateg[i])
t = t + "</TD>\n"
else:
t = t + "<SCRIPT>checked=1;</SCRIPT>\n"
t = t + """
<TD>
</TD>
<TD>
<TABLE>"""
#display list of actions
for i in range(0,len(actionShortDesc)):
t+="<input type=\"submit\" class=\"adminbutton\" value=\"%s\" onClick=\"if (tester()){document.forms[0].indir.value='%s';document.forms[0].act.value='%s';document.forms[0].submit();}; return false;\"><br>" % (statustext[i],indir[i],actionShortDesc[i])
t = t + """
</TABLE>
</TD>
</TR>
</TABLE>
<BR>"""
if nbCateg != 0:
t = t + "<STRONG class=headline>Notice:</STRONG><BR>\nSelect a category and then click the button to perform the action you chose.\n"
t = t + """
<BR><BR>
<BR>
</FORM>
<FORM action="submit.py"><HR>
<font color=black><small>To continue an interrupted submission,
enter your access number directly in the input box.</small></FONT>
<TABLE border=0 bgcolor="#CCCCCC" width="100%"><TR>
<TD width="100%">
<small>Access Number: <INPUT size=15 name=AN>"""
t = t + "<INPUT type=hidden name=doctype value=\"%s\"> <INPUT class=\"adminbutton\" type=submit value=\" go! \">" % doctype
t = t + """</small></TD></TR></TABLE><HR></FORM>
</td>
</tr>
</table>"""
p_navtrail = "<a href=\"submit.py\">Submit</a> > %s" % docFullDesc
return page(title="",
body=t,
navtrail=p_navtrail,
description="toto",
keywords="keywords",
uid=uid,
language=ln,
urlargs=req.args
)
def set_report_number (newrn):
global uid_email,doctype,access,rn
# First we save the value in the global object
rn = newrn
# then we save this value in the "journal of submissions"
if uid_email != "" and uid_email != "guest":
run_sql("UPDATE sbmSUBMISSIONS SET reference=%s WHERE doctype=%s and id=%s and email=%s", (newrn,doctype,access,uid_email,))
def get_report_number():
global rn
return rn
def set_sysno (newsn) :
global sysno
sysno = newsn
def get_sysno() :
global sysno
return sysno
def Request_Print(m, txt):
# The argumemts to this function are the display mode (m) and the text to be displayed (txt)
# If the argument mode is 'ALL' then the text is unconditionally echoed
# m can also take values S (Supervisor Mode) and U (User Mode). In these
# circumstances txt is only echoed if the argument mode is the same as
# the current mode
global dismode
if m == "A" or m == dismode:
return txt
else:
return ""
def Evaluate_Parameter (field, doctype):
# Returns the literal value of the parameter. Assumes that the value is
# uniquely determined by the doctype, i.e. doctype is the primary key in
# the table
# If the table name is not null, evaluate the parameter
res = run_sql("SELECT value FROM sbmPARAMETERS WHERE doctype=%s and name=%s", (doctype,field,))
# If no data is found then the data concerning the DEF(ault) doctype is used
if len(res) == 0:
res = run_sql("SELECT value FROM sbmPARAMETERS WHERE doctype='DEF' and name=%s", (field,))
if len(res) == 0:
return ""
else:
if res[0][0] != None:
return res[0][0]
else:
return ""
def Get_Parameters (function, doctype):
# Returns the function parameters, in an array, for the function
# Gets a description of the parameter
parray = {}
res = run_sql("SELECT * FROM sbmFUNDESC WHERE function=%s", (function,))
for i in range(0,len(res)):
parameter = res[i][1]
parray[parameter] = Evaluate_Parameter (parameter , doctype)
return parray
def get_level (doctype, action):
res = run_sql("SELECT * FROM sbmIMPLEMENT WHERE docname=%s and actname=%s", (doctype,action,))
if len(res) > 0:
return res[0][9]
else:
return 0
def action_details (doctype, action):
# Prints whether the action is mandatory or optional. The score of the
# action is returned (-1 if the action was optional)
res = run_sql("SELECT * FROM sbmIMPLEMENT WHERE docname=%s and actname=%s", (doctype,action,))
if len(res)>0:
if res[0][9] != "0":
return res[0][10]
else:
return -1
else:
return -1
def print_function_calls (doctype, action, step, form):
# Calls the functions required by an "action" action on a "doctype" document
# In supervisor mode, a table of the function calls is produced
global htdocsdir,storage,access,pylibdir
t=""
# Get the list of functions to be called
res = run_sql("SELECT * FROM sbmFUNCTIONS WHERE action=%s and doctype=%s and step=%s ORDER BY score", (action,doctype,step,))
# If no data is found then the data concerning the DEF(ault) doctype is used
if len(res) == 0:
res = run_sql("SELECT * FROM sbmFUNCTIONS WHERE action=%s and doctype='DEF' and step=%s ORDER BY score", (action,step,))
if len(res) > 0:
t=t+Request_Print("S", "<br><br>Here is the %s function list for %s documents at level %s <P>" % (action,doctype,step))
t=t+Request_Print("S", "<table border cellpadding = 15><tr><th>Function</th><th>Score</th><th>Running Function</th></tr>")
# while there are functions left...
for function in res:
function_name = function[2]
function_score = function[3]
if os.path.exists("%s/cdsware/websubmit_functions/%s.py" % (pylibdir,function_name)):
t=t+Request_Print("S", "<tr><td>%s</td><td>%s</td><td>" % (function_name,function_score))
# import the function itself
#function = getattr(cdsware.websubmit_functions, function_name)
execfile("%s/cdsware/websubmit_functions/%s.py" % (pylibdir,function_name),globals())
if not globals().has_key(function_name):
t=t+"function %s does not exist...<br>" % function_name
else:
function = globals()[function_name]
# Evaluate the parameters, and place them in an array
parameters = Get_Parameters(function_name,doctype)
# Call function
t=t+function(parameters,curdir,form)
t=t+Request_Print("S","</td></tr>")
else:
t=t+"function %s does not exist...<br>" % function_name
t=t+Request_Print("S","</table>")
else :
t=t+Request_Print("S","<br><br><b>Your chosen action is not supported by the document</b>")
return t
def Propose_Next_Action (doctype,action_score,access,currentlevel,indir):
global machine,storage,act,rn
t=""
res = run_sql("SELECT * FROM sbmIMPLEMENT WHERE docname=%s and level!='0' and level=%s and score>%s ORDER BY score", (doctype,currentlevel,action_score,))
if len(res) > 0:
t=t+Request_Print("A","<BR><BR>You now have to<ul>")
first_score = res[0][10]
for i in range(0,len(res)):
action = res[i]
if action[10] == first_score:
if i > 0:
t=t+Request_Print("A"," <b>or</b>");
res2 = run_sql("SELECT dir FROM sbmACTION WHERE sactname=%s", (action[1],))
nextdir = res2[0][0]
t=t+Request_Print("A","<LI><A HREF=\"\" onClick=\"document.forms[0].action='submit.py';document.forms[0].curpage.value='%s';document.forms[0].startPg.value='%s';document.forms[0].act.value='%s';document.forms[0].doctype.value='%s';document.forms[0].indir.value='%s';document.forms[0].access.value='%s';document.forms[0].fromdir.value='%s';document.forms[0].submit();return false;\"> %s </a>" % (action[11],action[11],action[1],doctype,nextdir,access,indir,action[12]))
t=t+Request_Print("A","</ul>")
return t
def Test_Reload(uid_email,doctype,act,access):
res = run_sql("SELECT * FROM sbmSUBMISSIONS WHERE doctype=%s and action=%s and id=%s and email=%s and status='finished'", (doctype,act,access,uid_email,))
if len(res) > 0:
return 1
else:
return 0
class functionError(Exception):
def __init__(self, value):
self.value = value
def __str__(self):
return repr(self.value)
class functionStop(Exception):
def __init__(self, value):
self.value = value
def __str__(self):
return repr(self.value)
def errorMsg(title,req,c=cdsname,ln=cdslang):
return page(title="error",
body = create_error_box(req, title=title,verbose=0, ln=ln),
description="%s - Internal Error" % c,
keywords="%s, CDSware, Internal Error" % c,
language=ln,
urlargs=req.args)
def warningMsg(title,req,c=cdsname,ln=cdslang):
return page(title="warning",
body = title,
description="%s - Internal Error" % c,
keywords="%s, CDSware, Internal Error" % c,
language=ln,
urlargs=req.args)
def getCookie(name,uid):
# these are not real http cookies but are stored in the DB
res = run_sql("select value from sbmCOOKIES where uid=%s and name=%s", (uid,name,))
if len(res) > 0:
return res[0][0]
else:
return None
def setCookie(name,value,uid):
# these are not real http cookies but are stored in the DB
res = run_sql("select id from sbmCOOKIES where uid=%s and name=%s", (uid,name,))
if len(res) > 0:
run_sql("update sbmCOOKIES set value=%s where uid=%s and name=%s", (value,uid,name,))
else:
run_sql("insert into sbmCOOKIES(name,value,uid) values(%s,%s,%s)", (name,value,uid,))
return 1
def specialchars(text):
text = string.replace(text,"“","\042");
text = string.replace(text,"”","\042");
text = string.replace(text,"’","\047");
text = string.replace(text,"—","\055");
text = string.replace(text,"\221","\047"); #single-quote left
text = string.replace(text,"\222","\047"); #apostrophe
text = string.replace(text,"\223","\042"); #double quote left
text = string.replace(text,"\224","\042"); #double quote right
text = string.replace(text,"\226","\055"); #long dash
text = string.replace(text,"\205","\056\056\056"); #ellipse
text = string.replace(text,"…","\056\056\056");
return text
</protect>
diff --git a/modules/websubmit/lib/websubmit_engine.py.wml b/modules/websubmit/lib/websubmit_engine.py.wml
index e5baf7461..cb2bea736 100644
--- a/modules/websubmit/lib/websubmit_engine.py.wml
+++ b/modules/websubmit/lib/websubmit_engine.py.wml
@@ -1,1304 +1,1304 @@
## $Id$
## CDSware WebSubmit in mod_python.
## This file is part of the CERN Document Server Software (CDSware).
## Copyright (C) 2002 CERN.
##
## The CDSware is free software; you can redistribute it and/or
## modify it under the terms of the GNU General Public License as
## published by the Free Software Foundation; either version 2 of the
## License, or (at your option) any later version.
##
## The CDSware is distributed in the hope that it will be useful, but
## WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
## General Public License for more details.
##
## You should have received a copy of the GNU General Public License
## along with CDSware; if not, write to the Free Software Foundation, Inc.,
## 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
## read config variables:
#include "config.wml"
#include "configbis.wml"
## start Python:
<protect>## $Id$</protect>
<protect>## DO NOT EDIT THIS FILE! IT WAS AUTOMATICALLY GENERATED FROM CDSware WML SOURCES.</protect>
"""CDSware Submission Web Interface."""
## fill config variables:
pylibdir = "<LIBDIR>/python"
<protect>
## import interesting modules:
import string
import os
import sys
import time
import types
import re
import MySQLdb
import shutil
sys.path.append('%s' % pylibdir)
from cdsware.config import *
from cdsware.dbquery import run_sql
from cdsware.access_control_engine import acc_authorize_action
from cdsware.access_control_admin import acc_isRole
from cdsware.webpage import page, create_error_box
from cdsware.webuser import getUid, get_email
from cdsware.messages import *
from mod_python import apache
from cdsware.websubmit_config import *
from cdsware.file import *
def interface(req,c=cdsname,ln=cdslang, doctype="", act="", startPg=1, indir="", access="",mainmenu="",fromdir="",file="",nextPg="",nbPg="",curpage=1):
ln = wash_language(ln)
sys.stdout = req
# get user ID:
try:
uid = getUid(req)
uid_email = get_email(uid)
except MySQLdb.Error, e:
return errorMsg(e.value,req)
# variable initialisation
t = ""
field = []
fieldhtml = []
level = []
fullDesc = []
text = []
check = []
select = []
radio = []
upload = []
txt = []
noPage = []
# Preliminary tasks
# check that the user is logged in
if uid_email == "" or uid_email == "guest":
warningMsg("<center><font color=red>Sorry, you must log in to perform this action. Please use the top right menu to do so.</font></center>",req)
# check we have minimum fields
if doctype=="" or act=="" or access=="":
return errorMsg("invalid parameter",req)
# retrieve the action and doctype data
if indir == "":
res = run_sql("select dir from sbmACTION where sactname=%s",(act,))
if len(res) == 0:
return errorMsg("cannot find submission directory",req)
else:
row = res[0]
indir = row[0]
res = run_sql("SELECT ldocname FROM sbmDOCTYPE WHERE sdocname=%s",(doctype,))
if len(res) == 0:
return errorMsg("unknown document type",req)
else:
docname = res[0][0]
docname = string.replace(docname," "," ")
res = run_sql("SELECT lactname FROM sbmACTION WHERE sactname=%s",(act,))
if len(res) == 0:
return errorMsg("unknown action",req)
else:
actname = res[0][0]
actname = string.replace(actname," "," ")
subname = "%s%s" % (act,doctype)
res = run_sql("SELECT nbpg FROM sbmIMPLEMENT WHERE subname=%s", (subname,))
if len(res) == 0:
return errorMsg("can't figure number of pages",req)
else:
nbpages = res[0][0]
#Get current page
if startPg != "" and (curpage=="" or curpage==0):
curpage = startPg
# retrieve the name of the file in which the reference of
# the submitted document will be stored
res = run_sql("SELECT value FROM sbmPARAMETERS WHERE doctype=%s and name='edsrn'", (doctype,))
if len(res) == 0:
edsrn = ""
else:
edsrn = res[0][0]
# This defines the path to the directory containing the action data
curdir = "%s/%s/%s/%s" % (storage,indir,doctype,access)
# if this submission comes from another one ($fromdir is then set)
# We retrieve the previous submission directory and put it in the proper one
if fromdir != "":
olddir = "%s/%s/%s/%s" % (storage,fromdir,doctype,access)
if os.path.exists(olddir):
os.rename(olddir,curdir)
# If the submission directory still does not exist, we create it
if not os.path.exists(curdir):
try:
os.makedirs(curdir)
except:
return errorMsg("can't create submission directory",req)
# retrieve the original main menu url ans save it in the "mainmenu" file
if mainmenu != "":
fp = open("%s/mainmenu" % curdir,"w+")
fp.write(mainmenu)
fp.close()
# and if the file containing the URL to the main menu exists
# we retrieve it and store it in the $mainmenu variable
if os.path.exists("%s/mainmenu" % curdir):
fp = open("%s/mainmenu" % curdir,"r");
mainmenu = fp.read()
fp.close()
else:
mainmenu = "%s/submit.py" %urlpath
# various authentication related tasks...
if uid_email != "guest" and uid_email != "":
#First save the username (email address) in the SuE file. This way bibconvert will be able to use it if needed
fp = open("%s/SuE" % curdir,"w+")
fp.write(uid_email)
fp.close()
# is user authorized to perform this action?
if acc_isRole("submit",doctype=doctype,act=act) and not acc_authorize_action(uid, "submit",verbose=0,doctype=doctype, act=act):
return warningMsg("<center><font color=red>Sorry, user %s does not have the right to perform this action. Try logging with another user.</font></center>" % uid_email,req)
# then we update the "journal of submission"
res = run_sql("SELECT * FROM sbmSUBMISSIONS WHERE doctype=%s and action=%s and id=%s and email=%s", (doctype,act,access,uid_email,))
if len(res) == 0:
run_sql("INSERT INTO sbmSUBMISSIONS values (%s,%s,%s,'pending',%s,'',NOW(),NOW())", (uid_email,doctype,act,access,))
else:
run_sql("UPDATE sbmSUBMISSIONS SET md=NOW() WHERE doctype=%s and action=%s and id=%s and email=%s", (doctype,act,access,uid_email,))
# Save the form fields entered in the previous submission page
# If the form was sent with the GET method
form = req.form
value = ""
# we parse all the form variables
for key in form.keys():
formfields = form[key]
if re.search("\[\]",key):
filename = key.replace("[]","")
else:
filename = key
# the field is an array
if isinstance(formfields,types.ListType):
fp = open("%s/%s" % (curdir,filename),"w+")
for formfield in formfields:
#stripslashes(value)
value = specialchars(formfield)
fp.write(value+"\n")
fp.close()
# the field is a normal string
elif isinstance(formfields,types.StringTypes) and formfields != "":
value = formfields
fp = open("%s/%s" % (curdir,filename),"w+")
fp.write(specialchars(value))
fp.close()
# the field is a file
elif hasattr(formfields,"filename"):
if not os.path.exists("%s/files/%s" % (curdir,key)):
try:
os.makedirs("%s/files/%s" % (curdir,key))
except:
return errorMsg("can't create submission directory",req)
filename = formfields.filename
if filename != "":
# This may be dangerous if the file size is bigger than the available memory
data = formfields.file.read()
fp = open("%s/files/%s/%s" % (curdir,key,filename),"w")
fp.write(data)
fp.close()
fp = open("%s/lastuploadedfile" % curdir,"w+")
fp.write(filename)
fp.close()
fp = open("%s/%s" % (curdir,key),"w+")
fp.write(filename)
fp.close()
# if the found field is the reference of the document
# we save this value in the "journal of submissions"
if uid_email != "" and uid_email != "guest":
if key == edsrn:
run_sql("UPDATE sbmSUBMISSIONS SET reference=%s WHERE doctype=%s and id=%s and email=%s", (value,doctype,access,uid_email,))
# Now deal with the cookies
# If the fields must be saved as a cookie, we do so
# In this case, the value of the field will be retrieved and
# displayed as the default value of the field next time the user
# does a submission
if value!="":
res = run_sql("SELECT cookie FROM sbmFIELDDESC WHERE name=%s", (key,))
if len(res) > 0:
if res[0][0] == 1:
setCookie(key,value,uid)
# create interface
# top menu
t=t+"<FORM method=\"POST\" action=\"submit.py\" onSubmit=\"return tester();\">"
t=t+"<center><TABLE cellspacing=0 cellpadding=0 border=0><TR>"
t=t+" <TD class=submitHeader><B>%s </B></TD>" % docname
t=t+" <TD class=submitHeader><small> %s </small></TD>" % actname
t=t+"""
<TD valign=bottom>
<TABLE cellspacing=0 cellpadding=0 border=0 width=100%>
<TR><TD class=submitEmptyPage> </TD>"""
for i in range(1,nbpages+1):
if i == int(curpage):
t=t+"<TD class=submitCurrentPage><small> page:%s </small></TD>" % curpage
else:
t=t+"<TD class=submitPage><small> <A HREF='' onClick=\"if (tester2() == 1){document.forms[0].curpage.value=%s;document.forms[0].submit();return false;} else { return false; }\">%s</A> </small></TD>" % (i,i)
t=t+"<TD class=submitEmptyPage> </TD></TR></TABLE></TD>\n"
t=t+"<TD class=submitHeader align=right> <A HREF='' onClick=\"window.open('summary.py?doctype=%s&act=%s&access=%s&indir=%s','summary','scrollbars=yes,menubar=no,width=500,height=250');return false;\"><font color=white><small>SUMMARY(2)</small></font></A> </TD>\n" % (doctype,act,access,indir)
t=t+"</TR>"
# main cell
t=t+"<TR><TD colspan=5 class=submitHeader><TABLE border=0 cellspacing=0 cellpadding=15 width=\"100%\" class=submitBody><TR><TD><BR>"
# display the static form fields
t=t+"<INPUT type=\"hidden\" name=\"file\" value=\"%s\">\n" % file
t=t+"<INPUT type=\"hidden\" name=\"nextPg\" value=\"%s\">\n" % nextPg
t=t+"<INPUT type=\"hidden\" name=\"access\" value=\"%s\">\n" % access
t=t+"<INPUT type=\"hidden\" name=\"curpage\" value=\"%s\">\n" % curpage
t=t+"<INPUT type=\"hidden\" name=\"nbPg\" value=\"%s\">\n" % nbPg
t = t +"<INPUT type=\"hidden\" name=\"doctype\" value=\"%s\">\n" % doctype
t=t+"<INPUT type=\"hidden\" name=\"act\" value=\"%s\">\n" % act
t=t+"<INPUT type=\"hidden\" name=\"indir\" value=\"%s\">\n" % indir
t=t+"<INPUT type=\"hidden\" name=\"mode\" value=\"U\">\n"
t=t+"<INPUT type=\"hidden\" name=\"step\" value=\"0\">\n"
# For each field to be displayed on the page
subname = "%s%s" % (act,doctype)
res = run_sql("SELECT * FROM sbmFIELD WHERE subname=%s and pagenb=%s ORDER BY fieldnb,fieldnb", (subname,curpage,))
nbFields = 0
for arr in res:
# We retrieve its HTML description
res3 = run_sql("SELECT * FROM sbmFIELDDESC WHERE name=%s", (arr[3],))
arr3 = res3[0]
if arr3[8]==None:
val=""
else:
val=arr3[8]
# we also retrieve and add the javascript code of the checking function, if needed
if arr[7] != '':
res2 = run_sql("SELECT chdesc FROM sbmCHECKS WHERE chname=%s", (arr[7],))
t=t+"<SCRIPT LANGUAGE=\"JavaScript1.1\" TYPE=\"text/javascript\">\n";
t=t+res2[0][0]
t=t+"</SCRIPT>\n"
# If the field is a textarea
if arr3[3] == 'T':
text="<TEXTAREA name=\"%s\" rows=%s cols=%s>%s</TEXTAREA>" % (arr[3],arr3[5],arr3[6],val)
# If the field is a file upload
elif arr3[3] == 'F':
text="<INPUT TYPE=file name=\"%s\" size=%s maxlength=%s>" % (arr[3],arr3[4],arr3[7]);
# If the field is a text input
elif arr3[3] == 'I':
text="<INPUT name=\"%s\" size=%s value=\"%s\">" % (arr[3],arr3[4],val)
# If the field is a hidden input
elif arr3[3] == 'H':
text="<INPUT type=\"hidden\" name=\"%s\" value=\"%s\">" % (arr[3],val)
# If the field is user-defined
elif arr3[3] == 'D':
text=arr3[9]
# If the field is a select box
elif arr3[3] == 'S':
text=arr3[9]
# If the field is an evaluated script
# the execed code should set variable text
elif arr3[3] == 'R':
co = compile(arr3[9].replace("\r\n","\n"),"<string>","exec")
exec(co)
# If the field type is not recognized
else:
text="%s: unknown field type" % arr[1]
# we now determine the exact type of the created field
if arr3[3] not in [ 'D','R']:
field.append(arr[3])
level.append(arr[5])
fullDesc.append(arr[4])
txt.append(arr[6])
check.append(arr[7])
# If the field is not user-defined, we try to determine its type
# (select, radio, file upload...)
# check whether it is a select field or not
if re.search("SELECT",text,re.IGNORECASE) != None:
select.append(1)
else:
select.append(0)
# checks whether it is a radio field or not
if re.search("TYPE=radio",text,re.IGNORECASE) != None:
radio.append(1)
else:
radio.append(0)
# checks whether it is a file upload or not
if re.search("TYPE=file",text,re.IGNORECASE) != None:
upload.append(1)
else:
upload.append(0)
# if the field description contains the "<COMBO>" string, replace
# it by the category selected on the document page submission page
combofile = "combo%s" % doctype
if os.path.exists("%s/%s" % (curdir,combofile)):
f = open("%s/%s" % (curdir,combofile),"r")
combo = f.read()
f.close()
else:
combo=""
text = text.replace("<COMBO>",combo)
# if there is a <YYYY> tag in it, replace it by the current year
year = time.strftime("%Y");
text = text.replace("<YYYY>",year)
fieldhtml.append(text)
# increment the fields counter
nbFields = nbFields + 1
else:
select.append(0)
radio.append(0)
upload.append(0)
field.append(value)
level.append(arr[5])
txt.append(arr[6])
level.append(arr[5])
fullDesc.append(arr[4])
txt.append(arr[6])
check.append(arr[7])
fieldhtml.append(text)
nbFields = nbFields+1
# now displays the html form field(s)
t+="%s\n" % fullDesc[nbFields-1]
t+=text+"\n"
# if there is a file upload field, we change the encoding type
t=t+"<SCRIPT LANGUAGE=\"JavaScript1.1\" TYPE=\"text/javascript\">\n"
for i in range(0,nbFields):
if upload[i] == 1:
t=t+"document.forms[0].encoding = \"multipart/form-data\";\n"
# we don't want the form to be submitted if the user enters 'Return'
t=t+"function tester(){return false;}\n"
# tests if mandatory fields are well filled
t=t+"function tester2(){\n"
for i in range(0,nbFields):
if re.search("%s\[\]"%field[i],fieldhtml[i]):
fieldname = "%s[]" % field[i]
else:
fieldname = field[i]
t=t+" el = document.forms[0].elements['%s'];\n" % fieldname
# If the field must be checked we call the checking function
if check[i] != "":
t=t+"if (%s(el.value)== 0){\n" % check[i]
t=t+" el.focus();\n"
t=t+" return 0;\n"
t=t+"}\n"
# If the field is mandatory, we check a value has been selected
if level[i] == 'M':
if select[i] != 0:
# If the field is a select box
t=t+"if ((el.selectedIndex == -1)||(el.selectedIndex == 0)){\n"
t=t+" alert(\"The field `%s` is Mandatory.\\n Please make a choice in the 'Select:' box\");\n" % txt[i]
t=t+" return 0;\n"
t=t+"}\n"
elif radio[i] != 0:
# If the field is a radio buttonset
t=t+"var check=0;\n"
t=t+"for (var j=0;j<el.length;j++){\n"
t=t+" if (el.options[j].checked){check++;}\n"
t=t+"}\n"
t=t+"if (check == 0){\n"
t=t+" alert(\"Please press a button.\");\n"
t=t+" return 0;\n"
t=t+"}\n"
else:
# If the field is a text input
t=t+"if (el.value == ''){\n"
t=t+" alert(\"The field `%s` is Mandatory. Please fill it in.\");\n" % txt[i]
t=t+" return 0;\n"
t=t+"}\n"
t=t+"return 1;\n"
t=t+"}\n"
t=t+"</SCRIPT><BR> <BR> </TD></TR></TABLE></TD></TR>\n"
# Display the navigation cell
# Display "previous page" navigation arrows
t=t+"<TR><TD colspan=5><TABLE border=0 cellpadding=0 cellspacing=0 width=\"100%\"><TR>\n"
if int(curpage) != 1:
t=t+" <TD class=submitHeader align=left> \n"
t=t+" <A HREF='' onClick=\"if (tester2() == 1){document.forms[0].curpage.value=%s;document.forms[0].submit();return false;} else { return false; }\">" % (int(curpage)-1)
t=t+" <IMG SRC=\"%s/left-trans.gif\" alt=\"previous page\" border=0>\n" % images
t=t+" <strong><font color=white>previous page</A></font></strong></TD>\n"
else:
t=t+" <TD class=submitHeader> </TD>\n"
# Display the submission number
t=t+" <TD class=submitHeader align=center><small>Submission no(1): %s</small></TD>\n" % access
# Display the "next page" navigation arrow
if int(curpage) != int(nbpages):
t=t+" <TD class=submitHeader align=right>\n"
t=t+" <A HREF='' onClick=\"if (tester2()){document.forms[0].curpage.value=%s;document.forms[0].submit();return false;} else {return false;}; return false;\">\n" % (int(curpage)+1)
t=t+" <strong><font color=white> next page</font></strong>\n"
t=t+" <IMG SRC=\"%s/right-trans.gif\" alt=\"next page\" border=0></A> " % images
else:
t=t+" <TD class=submitHeader> </TD>\n"
t=t+"</TR></TABLE></TD></TR></TABLE></center></FORM>"
# # # # # # # # # # # # # # # # # # # # # # # # #
# Fill the fields with the previously saved values
# # # # # # # # # # # # # # # # # # # # # # # # #
t=t+"<SCRIPT LANGUAGE=\"JavaScript1.1\" TYPE=\"text/javascript\">\n"
t=t+"<!-- Fill the fields in with the previous saved values-->\n"
# For each actual form field
for i in range(0,nbFields):
if re.search("%s\[\]"%field[i],fieldhtml[i]):
fieldname = "%s[]" % field[i]
else:
fieldname = field[i]
text = ''
# If a file exists with the name of the field we extract the saved value
if os.path.exists("%s/%s" % (curdir,field[i])):
file = open("%s/%s" % (curdir,field[i]),"r");
text = file.read()
text = re.compile("[\n\r]*$").sub("",text)
text = re.compile("\n").sub("\\n",text)
text = re.compile("\r").sub("",text)
file.close()
# Or if a cookie is set
# If a cookie is found corresponding to the name of the current
# field, we set the value of the field to the cookie's value
elif getCookie(field[i],uid) != None:
value = getCookie(field[i],uid)
value = re.compile("\r").sub("",value)
value = re.compile("\n").sub("\\n",value)
text = value
# If the value isn't empty
if text != '':
if select[i] != 0:
# If the field is a SELECT element
values = text.split("\n")
tmp=""
for val in values:
if tmp != "":
tmp = tmp + " || "
tmp = tmp + "el.options[j].value == \"%s\" || el.options[j].text == \"%s\"" % (val,val)
if tmp != "":
t=t+"\n<!--SELECT field found-->\n"
t=t+"el = document.forms[0].elements['%s'];\n" % fieldname
t=t+"for (var j=0;j<el.length;j++){\n"
t=t+" if (%s){\n" % tmp
t=t+" el.options[j].selected = true;}}\n"
elif radio[i] != 0:
# If the field is a RADIO element
t=t+"\n<!--RADIO field found-->\n"
t=t+"el = document.forms[0].elements['%s'];\n" % fieldname
t=t+"if (el.value == \"%s\"){\n" % text
t=t+" el.checked=true;}\n"
elif upload[i] == 0:
# If the field is not an upload element
t=t+"\n<!--INPUT field found-->\n"
t=t+"el = document.forms[0].elements['%s'];\n" % fieldname
text = text.replace('"','\"')
text = text.replace("\n","\\n")
t=t+"el.value=\"%s\";\n" % text
t=t+"<!--End Fill in section-->\n"
# JS function finish
# This function tests each mandatory field in the whole submission and checks whether
# the field has been correctly filled in or not
# This function is called when the user presses the "End
# Submission" button
if int(curpage) == int(nbpages):
t=t+"\n\nfunction finish() {\n"
subname = "%s%s" % (act,doctype)
res = run_sql("SELECT * FROM sbmFIELD WHERE subname=%s and pagenb!=%s", (subname,curpage,))
nbFields=0
message = ""
select = []
radio = []
upload = []
field = []
level = []
txt = []
for arr in res:
if arr[5] == "M":
res2 = run_sql("SELECT * FROM sbmFIELDDESC WHERE name=%s", (arr[3],));
row2 = res2[0]
if row2[3] in ['D','R']:
if row2[3] == "D":
text = row2[9]
else:
text = eval(row2[9])
formfields = text.split(">")
for formfield in formfields:
match = re.match("name=([^ <>]+)",formfield,re.IGNORECASE)
if match != None:
names = match.groups
for value in names:
if value != "":
value = re.compile("[\"']+").sub("",value)
field.append(value)
level.append(arr[5])
txt.append(arr[6])
noPage.append(arr[1])
check.append(arr[7])
nbFields = nbFields+1
else:
noPage.append(arr[1])
field.append(arr[3])
level.append(arr[5])
txt.append(arr[6])
check.append(arr[7])
nbFields = nbFields+1
# tests each mandatory field
for i in range (0,nbFields):
res = 1
if not os.path.exists("%s/%s" % (curdir,field[i])):
res=0
else:
file = open("%s/%s" % (curdir,field[i]),"r")
text = file.read()
if text == '':
res=0
else:
if text == "Select:":
res=0
if res==0:
message = " alert (\"The field '%s' is mandatory.\\nGoing back to page %s\");\n" % (txt[i],noPage[i])
message = message + " document.forms[0].curpage.value=\"%s\";\n" % noPage[i]
message = message + " document.forms[0].submit();\n"
if message != "":
t=t+message
else:
t=t+"if (tester2()){\n";
t=t+" document.forms[0].action=\"submit.py\";\n"
t=t+" document.forms[0].step.value=1;\n"
t=t+" document.forms[0].submit();\n"
t=t+" } \n"
t=t+" else \n"
t=t+" { \n"
t=t+" return false;\n"
t=t+" }\n"
t=t+"}\n"
t=t+"""
</SCRIPT>
<BR>
<BR>"""
# Display the "back to main menu" button
t=t+"<A HREF=\"%s\" onClick=\"return confirm('Are you sure you want to quit this submission?')\">\n" % mainmenu
t=t+"<IMG SRC=\"%s/mainmenu.gif\" border=0 ALT=\"back to main menu\" align=right></A><BR><BR>\n" % images
t=t+"""
<HR>
<small>(1) you should take note of this number at the beginning of the submission, it will allow you to get your information back in case your browser crashes before the end of the submission.</small><BR>"""
# Add the summary window definition if needed
t=t+" <small>(2) mandatory fields appear in red in the 'Summary' window.</small><BR>\n"
# start display:
req.content_type = "text/html"
req.send_http_header()
p_navtrail = "<a href=\"submit.py\">Submit</a> > <a href=\"submit.py?doctype=%s\">%s</a> > %s" % (doctype,docname,actname)
return page(title="" ,
body=t,
navtrail = p_navtrail,
description="",
keywords="",
uid=uid,
language=ln,
urlargs=req.args)
def endaction(req,c=cdsname,ln=cdslang, doctype="", act="", startPg=1, indir="", access="",mainmenu="",fromdir="",file="",nextPg="",nbPg="",curpage=1,step=1,mode="U"):
global rn,sysno,dismode,curdir,uid,uid_email,lats_step,action_score
dismode = mode
ln = wash_language(ln)
sys.stdout = req
t=""
# get user ID:
try:
uid = getUid(req)
uid_email = get_email(uid)
except MySQLdb.Error, e:
return errorMsg(e.value)
# Preliminary tasks
# check that the user is logged in
if uid_email == "" or uid_email == "guest":
return warningMsg("<center><font color=red>Sorry, you must log in to perform this action. Please use the top right menu to do so.</font></center>",req,cdsname,ln)
# check we have minimum fields
if doctype=="" or act=="" or access=="":
return errorMsg("invalid parameter",req,cdsname,ln)
# retrieve the action and doctype data
if indir == "":
res = run_sql("select dir from sbmACTION where sactname=%s", (act,))
if len(res) == 0:
return errorMsg("cannot find submission directory",req,cdsname,ln)
else:
row = res[0]
indir = row[0]
# The following words are reserved and should not be used as field names
reserved_words = ["stop","file","nextPg","startPg","access","curpage","nbPg","act","indir","doctype","mode","step","deleted","file_path","userfile_name"]
# This defines the path to the directory containing the action data
curdir = "%s/%s/%s/%s" % (storage,indir,doctype,access)
# If the submission directory still does not exist, we create it
if not os.path.exists(curdir):
try:
os.makedirs(curdir)
except:
return errorMsg("can't create submission directory",req,cdsname,ln)
# retrieve the original main menu url ans save it in the "mainmenu" file
if mainmenu != "":
fp = open("%s/mainmenu" % curdir,"w+")
fp.write(mainmenu)
fp.close()
# and if the file containing the URL to the main menu exists
# we retrieve it and store it in the $mainmenu variable
if os.path.exists("%s/mainmenu" % curdir):
fp = open("%s/mainmenu" % curdir,"r");
mainmenu = fp.read()
fp.close()
else:
mainmenu = "%s/submit.py" % urlpath
# retrieve the name of the file in which the reference of
# the submitted document will be stored
res = run_sql("SELECT value FROM sbmPARAMETERS WHERE doctype=%s and name='edsrn'",(doctype,))
if len(res) == 0:
edsrn = ""
else:
edsrn = res[0][0]
# Now we test whether the user has already completed the action and
# reloaded the page (in this case we don't want the functions to be called
# once again
reloaded = Test_Reload(uid_email,doctype,act,access)
# if the action has been completed
#if reloaded:
# return warningMsg("<b> Sorry, this action has already been completed. Please go back to the main menu to start a new action.</b>",req)
# We must determine if the action is finished (ie there is no other steps after the current one
res = run_sql("SELECT step FROM sbmFUNCTIONS WHERE action=%s and doctype=%s and step > %s", (act,doctype,step,))
if len(res) == 0:
finished = 1
else:
finished = 0
# Save the form fields entered in the previous submission page
# If the form was sent with the GET method
form = req.form
value = ""
# we parse all the form variables
for key in form.keys():
formfields = form[key]
if re.search("\[\]",key):
filename = key.replace("[]","")
else:
filename = key
# the field is an array
if isinstance(formfields,types.ListType):
fp = open("%s/%s" % (curdir,filename),"w+")
for formfield in formfields:
#stripslashes(value)
value = specialchars(formfield)
fp.write(value+"\n")
fp.close()
# the field is a normal string
elif isinstance(formfields,types.StringTypes) and formfields != "":
value = formfields
fp = open("%s/%s" % (curdir,filename),"w+")
fp.write(specialchars(value))
fp.close()
# the field is a file
elif hasattr(formfields,"filename"):
if not os.path.exists("%s/files/%s" % (curdir,key)):
try:
os.makedirs("%s/files/%s" % (curdir,key))
except:
return errorMsg("can't create submission directory",req,cdsname,ln)
filename = formfields.filename
if filename != "":
# This may be dangerous if the file size is bigger than the available memory
data = formfields.file.read()
fp = open("%s/files/%s/%s" % (curdir,key,filename),"w")
fp.write(data)
fp.close()
fp = open("%s/lastuploadedfile" % curdir,"w+")
fp.write(filename)
fp.close()
fp = open("%s/%s" % (curdir,key),"w+")
fp.write(filename)
fp.close()
# if the found field is the reference of the document
# we save this value in the "journal of submissions"
if uid_email != "" and uid_email != "guest":
if key == edsrn:
run_sql("UPDATE sbmSUBMISSIONS SET reference=%s WHERE doctype=%s and id=%s and email=%s", (value,doctype,access,uid_email,))
# Now deal with the cookies
# If the fields must be saved as a cookie, we do so
# In this case, the value of the field will be retrieved and
# displayed as the default value of the field next time the user
# does a submission
if value!="":
res = run_sql("SELECT cookie FROM sbmFIELDDESC WHERE name=%s", (key,))
if len(res) > 0:
if res[0][0] == 1:
setCookie(key,value,uid)
# those fields are necessary for the navigation
t=t+"<FORM ENCTYPE=\"multipart/form-data\" action=\"submit.py\" method=\"POST\">\n"
t=t+"<INPUT type=\"hidden\" name=\"file\" value=\"%s\">\n" % file
t=t+"<INPUT type=\"hidden\" name=\"nextPg\" value=\"%s\">\n" % nextPg
t=t+"<INPUT type=\"hidden\" name=\"startPg\" value=\"%s\">\n" % startPg
t=t+"<INPUT type=\"hidden\" name=\"access\" value=\"%s\">\n" % access
t=t+"<INPUT type=\"hidden\" name=\"curpage\" value=\"%s\">\n" % curpage
t=t+"<INPUT type=\"hidden\" name=\"nbPg\" value=\"%s\">\n" % nbPg
t=t+"<INPUT type=\"hidden\" name=\"doctype\" value=\"%s\">\n" % doctype
t=t+"<INPUT type=\"hidden\" name=\"act\" value=\"%s\">\n" %act
t=t+"<INPUT type=\"hidden\" name=\"indir\" value=\"%s\">\n" % indir
t=t+"<INPUT type=\"hidden\" name=\"fromdir\" value=\"\">\n"
t=t+"<INPUT type=\"hidden\" name=\"mainmenu\" value=\"%s\">\n" % mainmenu
# parameters for new MESS end scripts
t=t+"<INPUT type=\"hidden\" name=\"mode\" value=\"U\">\n"
t=t+"<INPUT type=\"hidden\" name=\"step\" value=\"1\">\n"
t=t+"<INPUT type=\"hidden\" name=\"deleted\" value=\"no\">\n"
t=t+"<INPUT type=\"hidden\" name=\"file_path\" value=\"\">\n"
t=t+"<INPUT type=\"hidden\" name=\"userfile_name\" value=\"\">\n"
# Get document name
res = run_sql("SELECT ldocname FROM sbmDOCTYPE WHERE sdocname=%s", (doctype,))
if len(res) > 0:
docname = res[0][0]
else:
return errorMsg("unknown type of document",req,cdsname,ln)
# Get action name
res = run_sql("SELECT lactname FROM sbmACTION WHERE sactname=%s", (act,))
if len(res) > 0:
actname = res[0][0]
else:
return errorMsg("unknown action",req,cdsname,ln)
# Get number of pages
subname = "%s%s" % (act,doctype)
res = run_sql("SELECT nbpg FROM sbmIMPLEMENT WHERE subname=%s",(subname,))
if len(res) > 0:
nbpages = res[0][0]
else:
return errorMsg("this action does not apply on this type of document",req,cdsname,ln)
# Display table header
t=t+"<center><TABLE cellspacing=0 cellpadding=0 border=0><TR>"
t=t+" <TD class=submitHeader><B>%s </B></TD>" % docname
t=t+" <TD class=submitHeader><small> %s </small></TD>" % actname
t=t+"""
<TD valign=bottom>
<TABLE cellspacing=0 cellpadding=0 border=0 width=100%>
<TR><TD class=submitEmptyPage> </TD>"""
if finished == 1:
t=t+"<TD class=submitCurrentPage>finished!</TD><TD class=submitEmptyPage> </TD></TR></TABLE></TD>\n"
t=t+"<TD class=submitEmptyPage align=right> </TD>\n"
else:
for i in range(1,nbpages+1):
t=t+"<TD class=submitPage><small> <A HREF='' onClick=\"document.forms[0].curpage.value=%s;document.forms[0].action='submit.py';document.forms[0].step.value=0;document.forms[0].submit();return false;\">%s</A> </small></TD>" % (i,i)
t=t+"<TD class=submitCurrentPage>end of action</TD><TD class=submitEmptyPage> </TD></TR></TABLE></TD>\n"
t=t+"<TD class=submitHeader align=right> <A HREF='' onClick=\"window.open('summary.py?doctype=%s&act=%s&access=%s&indir=%s','summary','scrollbars=yes,menubar=no,width=500,height=250');return false;\"><font color=white><small>SUMMARY(2)</small></font></A> </TD>\n" % (doctype,act,access,indir)
t=t+"</TR>\n"
# Display main cell
t=t+"<TR>\n"
t=t+" <TD colspan=5 class=submitBody>\n"
t=t+" <small><BR><BR>\n"
# we specify here whether we are in the last step of the action or not
res = run_sql("SELECT step FROM sbmFUNCTIONS WHERE action=%s and doctype=%s and step>%s", (act,doctype,step,))
if len(res) == 0:
last_step = 1
else:
last_step = 0
# Prints the action details, returning the mandatory score
action_score = action_details(doctype,act)
current_level = get_level(doctype, act)
# Calls all the function's actions
try:
t=t+print_function_calls(doctype, act, step, form)
except functionError,e:
return errorMsg(e.value,req)
except functionStop,e:
if e.value != None:
t=t+e.value
else:
t=t+e
# If the action was mandatory we propose the next mandatory action (if any)
if action_score != -1 and last_step == 1:
t=t+Propose_Next_Action(doctype,action_score,access,current_level,indir)
# If we are in the last step of an action, we can update the "journal of submissions"
if last_step == 1:
if uid_email != "" and uid_email != "guest" and rn != "":
res = run_sql("SELECT * FROM sbmSUBMISSIONS WHERE doctype=%s and action=%s and id=%s and email=%s", (doctype,act,access,uid_email,))
if len(res) == 0:
run_sql("INSERT INTO sbmSUBMISSIONS values(%s,%s,%s,'finished',%s,%s,NOW(),NOW())", (uid_email,doctype,act,access,rn,))
else:
run_sql("UPDATE sbmSUBMISSIONS SET md=NOW(),reference=%s,status='finished' WHERE doctype=%s and action=%s and id=%s and email=%s", (rn,doctype,act,access,uid_email,))
t=t+""" <BR><BR>
</TD>
</TR>
<TR class=submitHeader>
<TD class=submitHeader colspan=5 align=center>"""
if finished == 0:
t=t+"<small>Submission no</small>²:\n"
t=t+"<small>%s</small>\n" % access
else:
t=t+" \n"
t=t+"""
</TD>
</TR>
</TABLE>
</center>
</form>
<br>
<br>"""
# Add the "back to main menu" button
if finished == 0:
t=t+ " <A HREF=\"%s\" onClick=\"return confirm('Are you sure you want to quit this submission?')\">\n" % mainmenu
else:
t=t+" <A HREF=\"%s\">\n" % mainmenu
t=t+"<IMG SRC=\"%s/mainmenu.gif\" border=0 ALT=\"back to main menu\" align=\"right\"></A><BR><BR>\n" % images
# start display:
req.content_type = "text/html"
req.send_http_header()
p_navtrail = "<a href=\"submit.py\">Submit</a> > <a href=\"submit.py?doctype=%s\">%s</a> > %s" % (doctype,docname,actname)
return page(title="",
body=t,
navtrail = p_navtrail,
description="",
keywords="",
uid=uid,
language=ln,
urlargs=req.args)
def home(req,c=cdsname,ln=cdslang):
ln = wash_language(ln)
# get user ID:
try:
uid = getUid(req)
except MySQLdb.Error, e:
return errorMsg(e.value)
# start display:
req.content_type = "text/html"
req.send_http_header()
finaltext = ""
finaltext = finaltext + """
<SCRIPT TYPE="text/javascript" LANGUAGE="Javascript1.2">
var allLoaded = 1;
</SCRIPT>
<table class="searchbox" width="100%" summary="">
<tr>
<th class="portalboxheader">Document types available for submission:</th>
</tr>
<tr>
<td class="portalboxbody">
<BR>
Please select the type of document you want to submit:
<BR><BR>
<TABLE width="100%">
<TR>
<TD width="50%" class="narrowsearchboxbody">
"""
finaltext = finaltext + "<FORM method=get action=\"submit.py\">\n"
finaltext = finaltext + "<INPUT type=\"hidden\" name=\"doctype\">"
# Initialise catalogues array
finaltext = finaltext + makeCataloguesTable()
finaltext = finaltext + """
</TD>
</TR>
</TABLE>
</FORM>
</td>
</tr>
</table>"""
p_navtrail = "Submit"
return page(title="",
body=finaltext,
navtrail=p_navtrail,
description="toto",
keywords="keywords",
uid=uid,
language=ln,
urlargs=req.args
)
def makeCataloguesTable():
text = ""
catalogues = []
queryResult = run_sql("SELECT id_son FROM sbmCOLLECTION_sbmCOLLECTION WHERE id_father=0 ORDER BY catalogue_order");
if len(queryResult) != 0:
# Query has executed successfully, so we can proceed to display all
# catalogues in the EDS system...
text = "<UL>\n"
for row in queryResult:
catalogues.append(row[0])
text = text + displayCatalogueBranch(row[0],1,catalogues)
text = text + "</UL>\n"
else:
text = "<h3>No document types yet...</h3>\n"
return text
def displayCatalogueBranch(id_father,level,catalogues):
text = ""
queryResult = run_sql("SELECT name, id FROM sbmCOLLECTION WHERE id=%s", (id_father,))
if len(queryResult) != 0:
row = queryResult[0]
if level == 1:
text = "<LI><font size=\"+1\"><strong>%s</strong></font>\n" % row[0]
else:
if level == 2:
text = "<LI>%s\n" % row[0]
else:
if level > 2:
text = "<LI>%s\n" % row[0]
# display the son document types
res1 = run_sql("SELECT id_son FROM sbmCOLLECTION_sbmDOCTYPE WHERE id_father=%s ORDER BY catalogue_order", (id_father,))
res2 = run_sql("SELECT id_son FROM sbmCOLLECTION_sbmCOLLECTION WHERE id_father=%s ORDER BY catalogue_order", (id_father,))
if len(res1) != 0 or len(res2) != 0:
text = text + "<UL>\n"
if len(res1) != 0:
for row in res1:
text = text + displayDoctypeBranch(row[0],catalogues)
# display the son catalogues
for row in res2:
catalogues.append(row[0])
- text = text + displayCatalogueBranch(row[0],llevel+1,catalogues)
+ text = text + displayCatalogueBranch(row[0],level+1,catalogues)
if len(res1) != 0 or len(res2) != 0:
text = text + "</UL>\n"
return text
def displayDoctypeBranch(doctype,catalogues):
text = ""
res = run_sql("SELECT ldocname FROM sbmDOCTYPE WHERE sdocname=%s", (doctype,))
row = res[0]
text = "<LI><a href=\"\" onmouseover=\"javascript:popUpTextWindow('%s',true,event);\" onmouseout=\"javascript:popUpTextWindow('%s',false,event);\" onClick=\"document.forms[0].doctype.value='%s';document.forms[0].submit();return false;\">%s</a>\n" % (doctype,doctype,doctype,row[0])
return text
def action(req,c=cdsname,ln=cdslang,doctype=""):
nbCateg = 0
snameCateg = []
lnameCateg = []
actionShortDesc = []
indir = []
actionbutton = []
statustext = []
t = ""
ln = wash_language(ln)
# get user ID:
try:
uid = getUid(req)
uid_email = get_email(uid)
except MySQLdb.Error, e:
return errorMsg(e.value, req)
#parses database to get all data
#first the list of categories
res = run_sql("SELECT * FROM sbmCATEGORIES WHERE doctype=%s ORDER BY lname", (doctype,))
if len(res) > 0:
for arr in res:
nbCateg = nbCateg+1
snameCateg.append(arr[1])
lnameCateg.append(arr[2])
#then data about the document type
res = run_sql("SELECT * FROM sbmDOCTYPE WHERE sdocname=%s", (doctype,))
if len(res) > 0:
arr = res[0]
docFullDesc = arr[0]
docShortDesc = arr[1]
description = arr[4]
else:
return errorMsg ("Cannot find document %s" % doctype, req)
#then data about associated actions
res2 = run_sql("SELECT * FROM sbmIMPLEMENT LEFT JOIN sbmACTION on sbmACTION.sactname=sbmIMPLEMENT.actname WHERE docname=%s and displayed='Y' ORDER BY sbmIMPLEMENT.buttonorder", (docShortDesc,))
for arr2 in res2:
res = run_sql("SELECT * FROM sbmACTION WHERE sactname=%s", (arr2[1],))
for arr in res:
actionShortDesc.append(arr[1])
indir.append(arr[2])
actionbutton.append(arr[5])
statustext.append(arr[6])
t = """
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
var checked=0;
function tester()
{
"""
if (uid_email == "" or uid_email == "guest"):
t = t + "alert(\"please log in first.\\nUse the top right menu to log in.\");return false;\n";
t = t + """
if (checked == 0)
{
alert ("please select a category");
return false;
}
else
{
return true;
}
}
function clicked()
{
checked=1;
}
function selectdoctype(nb)
{
document.forms[0].act.value = docname[nb];
}
</SCRIPT>
<FORM method=get action="submit.py">"""
t = t + "<INPUT type=\"hidden\" name=\"doctype\" value=\"%s\">\n" % doctype
t = t + "<INPUT type=\"hidden\" name=\"indir\">"
pid = os.getpid()
now = time.time()
t = t + "<input type=hidden name=access value=\"%i_%s\">" % (now,pid)
t = t + """
<INPUT type="hidden" name="act">
<INPUT type="hidden" name="startPg" value=1>"""
t = t + "<INPUT type=hidden name=mainmenu value=\"submit.py?doctype=%s\">\n" % doctype
t = t + """
<table class="searchbox" width="100%" summary="">
<tr>"""
t+=" <th class=\"portalboxheader\">%s</th>" % docFullDesc
t+="""
</tr>
<tr>
<td class="portalboxbody">"""
if description != "":
t = t + "%s" % description
t = t + """
<BR>
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript">
var nbimg = document.images.length + 1;
</SCRIPT>
<BR>
<TABLE align=center cellpadding=0 cellspacing=0 border=0>
<TR>"""
if nbCateg != 0:
t = t + "<TD align=right>\n"
for i in range(0,nbCateg):
t = t + "%s<INPUT TYPE=radio NAME=\"combo%s\" value=\"%s\" onClick=\"clicked()\"> <BR>\n" % (lnameCateg[i],doctype,snameCateg[i])
t = t + "</TD>\n"
else:
t = t + "<SCRIPT>checked=1;</SCRIPT>\n"
t = t + """
<TD>
</TD>
<TD>
<TABLE>"""
#display list of actions
for i in range(0,len(actionShortDesc)):
t+="<input type=\"submit\" class=\"adminbutton\" value=\"%s\" onClick=\"if (tester()){document.forms[0].indir.value='%s';document.forms[0].act.value='%s';document.forms[0].submit();}; return false;\"><br>" % (statustext[i],indir[i],actionShortDesc[i])
t = t + """
</TABLE>
</TD>
</TR>
</TABLE>
<BR>"""
if nbCateg != 0:
t = t + "<STRONG class=headline>Notice:</STRONG><BR>\nSelect a category and then click the button to perform the action you chose.\n"
t = t + """
<BR><BR>
<BR>
</FORM>
<FORM action="submit.py"><HR>
<font color=black><small>To continue an interrupted submission,
enter your access number directly in the input box.</small></FONT>
<TABLE border=0 bgcolor="#CCCCCC" width="100%"><TR>
<TD width="100%">
<small>Access Number: <INPUT size=15 name=AN>"""
t = t + "<INPUT type=hidden name=doctype value=\"%s\"> <INPUT class=\"adminbutton\" type=submit value=\" go! \">" % doctype
t = t + """</small></TD></TR></TABLE><HR></FORM>
</td>
</tr>
</table>"""
p_navtrail = "<a href=\"submit.py\">Submit</a> > %s" % docFullDesc
return page(title="",
body=t,
navtrail=p_navtrail,
description="toto",
keywords="keywords",
uid=uid,
language=ln,
urlargs=req.args
)
def set_report_number (newrn):
global uid_email,doctype,access,rn
# First we save the value in the global object
rn = newrn
# then we save this value in the "journal of submissions"
if uid_email != "" and uid_email != "guest":
run_sql("UPDATE sbmSUBMISSIONS SET reference=%s WHERE doctype=%s and id=%s and email=%s", (newrn,doctype,access,uid_email,))
def get_report_number():
global rn
return rn
def set_sysno (newsn) :
global sysno
sysno = newsn
def get_sysno() :
global sysno
return sysno
def Request_Print(m, txt):
# The argumemts to this function are the display mode (m) and the text to be displayed (txt)
# If the argument mode is 'ALL' then the text is unconditionally echoed
# m can also take values S (Supervisor Mode) and U (User Mode). In these
# circumstances txt is only echoed if the argument mode is the same as
# the current mode
global dismode
if m == "A" or m == dismode:
return txt
else:
return ""
def Evaluate_Parameter (field, doctype):
# Returns the literal value of the parameter. Assumes that the value is
# uniquely determined by the doctype, i.e. doctype is the primary key in
# the table
# If the table name is not null, evaluate the parameter
res = run_sql("SELECT value FROM sbmPARAMETERS WHERE doctype=%s and name=%s", (doctype,field,))
# If no data is found then the data concerning the DEF(ault) doctype is used
if len(res) == 0:
res = run_sql("SELECT value FROM sbmPARAMETERS WHERE doctype='DEF' and name=%s", (field,))
if len(res) == 0:
return ""
else:
if res[0][0] != None:
return res[0][0]
else:
return ""
def Get_Parameters (function, doctype):
# Returns the function parameters, in an array, for the function
# Gets a description of the parameter
parray = {}
res = run_sql("SELECT * FROM sbmFUNDESC WHERE function=%s", (function,))
for i in range(0,len(res)):
parameter = res[i][1]
parray[parameter] = Evaluate_Parameter (parameter , doctype)
return parray
def get_level (doctype, action):
res = run_sql("SELECT * FROM sbmIMPLEMENT WHERE docname=%s and actname=%s", (doctype,action,))
if len(res) > 0:
return res[0][9]
else:
return 0
def action_details (doctype, action):
# Prints whether the action is mandatory or optional. The score of the
# action is returned (-1 if the action was optional)
res = run_sql("SELECT * FROM sbmIMPLEMENT WHERE docname=%s and actname=%s", (doctype,action,))
if len(res)>0:
if res[0][9] != "0":
return res[0][10]
else:
return -1
else:
return -1
def print_function_calls (doctype, action, step, form):
# Calls the functions required by an "action" action on a "doctype" document
# In supervisor mode, a table of the function calls is produced
global htdocsdir,storage,access,pylibdir
t=""
# Get the list of functions to be called
res = run_sql("SELECT * FROM sbmFUNCTIONS WHERE action=%s and doctype=%s and step=%s ORDER BY score", (action,doctype,step,))
# If no data is found then the data concerning the DEF(ault) doctype is used
if len(res) == 0:
res = run_sql("SELECT * FROM sbmFUNCTIONS WHERE action=%s and doctype='DEF' and step=%s ORDER BY score", (action,step,))
if len(res) > 0:
t=t+Request_Print("S", "<br><br>Here is the %s function list for %s documents at level %s <P>" % (action,doctype,step))
t=t+Request_Print("S", "<table border cellpadding = 15><tr><th>Function</th><th>Score</th><th>Running Function</th></tr>")
# while there are functions left...
for function in res:
function_name = function[2]
function_score = function[3]
if os.path.exists("%s/cdsware/websubmit_functions/%s.py" % (pylibdir,function_name)):
t=t+Request_Print("S", "<tr><td>%s</td><td>%s</td><td>" % (function_name,function_score))
# import the function itself
#function = getattr(cdsware.websubmit_functions, function_name)
execfile("%s/cdsware/websubmit_functions/%s.py" % (pylibdir,function_name),globals())
if not globals().has_key(function_name):
t=t+"function %s does not exist...<br>" % function_name
else:
function = globals()[function_name]
# Evaluate the parameters, and place them in an array
parameters = Get_Parameters(function_name,doctype)
# Call function
t=t+function(parameters,curdir,form)
t=t+Request_Print("S","</td></tr>")
else:
t=t+"function %s does not exist...<br>" % function_name
t=t+Request_Print("S","</table>")
else :
t=t+Request_Print("S","<br><br><b>Your chosen action is not supported by the document</b>")
return t
def Propose_Next_Action (doctype,action_score,access,currentlevel,indir):
global machine,storage,act,rn
t=""
res = run_sql("SELECT * FROM sbmIMPLEMENT WHERE docname=%s and level!='0' and level=%s and score>%s ORDER BY score", (doctype,currentlevel,action_score,))
if len(res) > 0:
t=t+Request_Print("A","<BR><BR>You now have to<ul>")
first_score = res[0][10]
for i in range(0,len(res)):
action = res[i]
if action[10] == first_score:
if i > 0:
t=t+Request_Print("A"," <b>or</b>");
res2 = run_sql("SELECT dir FROM sbmACTION WHERE sactname=%s", (action[1],))
nextdir = res2[0][0]
t=t+Request_Print("A","<LI><A HREF=\"\" onClick=\"document.forms[0].action='submit.py';document.forms[0].curpage.value='%s';document.forms[0].startPg.value='%s';document.forms[0].act.value='%s';document.forms[0].doctype.value='%s';document.forms[0].indir.value='%s';document.forms[0].access.value='%s';document.forms[0].fromdir.value='%s';document.forms[0].submit();return false;\"> %s </a>" % (action[11],action[11],action[1],doctype,nextdir,access,indir,action[12]))
t=t+Request_Print("A","</ul>")
return t
def Test_Reload(uid_email,doctype,act,access):
res = run_sql("SELECT * FROM sbmSUBMISSIONS WHERE doctype=%s and action=%s and id=%s and email=%s and status='finished'", (doctype,act,access,uid_email,))
if len(res) > 0:
return 1
else:
return 0
class functionError(Exception):
def __init__(self, value):
self.value = value
def __str__(self):
return repr(self.value)
class functionStop(Exception):
def __init__(self, value):
self.value = value
def __str__(self):
return repr(self.value)
def errorMsg(title,req,c=cdsname,ln=cdslang):
return page(title="error",
body = create_error_box(req, title=title,verbose=0, ln=ln),
description="%s - Internal Error" % c,
keywords="%s, CDSware, Internal Error" % c,
language=ln,
urlargs=req.args)
def warningMsg(title,req,c=cdsname,ln=cdslang):
return page(title="warning",
body = title,
description="%s - Internal Error" % c,
keywords="%s, CDSware, Internal Error" % c,
language=ln,
urlargs=req.args)
def getCookie(name,uid):
# these are not real http cookies but are stored in the DB
res = run_sql("select value from sbmCOOKIES where uid=%s and name=%s", (uid,name,))
if len(res) > 0:
return res[0][0]
else:
return None
def setCookie(name,value,uid):
# these are not real http cookies but are stored in the DB
res = run_sql("select id from sbmCOOKIES where uid=%s and name=%s", (uid,name,))
if len(res) > 0:
run_sql("update sbmCOOKIES set value=%s where uid=%s and name=%s", (value,uid,name,))
else:
run_sql("insert into sbmCOOKIES(name,value,uid) values(%s,%s,%s)", (name,value,uid,))
return 1
def specialchars(text):
text = string.replace(text,"“","\042");
text = string.replace(text,"”","\042");
text = string.replace(text,"’","\047");
text = string.replace(text,"—","\055");
text = string.replace(text,"\221","\047"); #single-quote left
text = string.replace(text,"\222","\047"); #apostrophe
text = string.replace(text,"\223","\042"); #double quote left
text = string.replace(text,"\224","\042"); #double quote right
text = string.replace(text,"\226","\055"); #long dash
text = string.replace(text,"\205","\056\056\056"); #ellipse
text = string.replace(text,"…","\056\056\056");
return text
</protect>