Page Menu
Home
c4science
Search
Configure Global Search
Log In
Files
F68589931
viewActionEDS.php.wml
No One
Temporary
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Fri, Jun 28, 02:16
Size
22 KB
Mime Type
text/x-c
Expires
Sun, Jun 30, 02:16 (2 d)
Engine
blob
Format
Raw Data
Handle
18605921
Attached To
R3600 invenio-infoscience
viewActionEDS.php.wml
View Options
## $Id$
## This file is part of the CERN Document Server Software (CDSware).
## Copyright (C) 2002 CERN.
##
## The CDSware is free software; you can redistribute it and/or
## modify it under the terms of the GNU General Public License as
## published by the Free Software Foundation; either version 2 of the
## License, or (at your option) any later version.
##
## The CDSware is distributed in the hope that it will be useful, but
## WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
## General Public License for more details.
##
## You should have received a copy of the GNU General Public License
## along with CDSware; if not, write to the Free Software Foundation, Inc.,
## 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
<?
require("commonPhpFunctions.php");
?>
#include "cdspage.wml" \
title="Details of the <i><protect><?print "$actname";?></protect></I> action" \
navtrail_previous_links="<a class=navtrail href=<WEBURL>/admin/<lang:star: index.*.html>><MSG_ADMIN_AREA></a> > <a class=navtrail href=<WEBURL>/admin/websubmit/><MSG_ADMIN_SUBMIT></a>" \
navbar_name="admin" \
navbar_select="websubmit_listactions" \
cdspageboxlefttopadd="<protect><?displayLoginMenu('submit');?></protect>"
<?
<protect>
## $Id$
## DO NOT EDIT THIS FILE! IT WAS AUTOMATICALLY GENERATED FROM CDSware WML SOURCES.
?>
<SCRIPT LANGUAGE="JavaScript">
<!-- hide
function validateIsInt(param)
// This function validates its parameter to ensure that it is an integer
// value.
// Author: Nicholas Robinson
// Email: Nicholas.Robinson@cern.ch
// ca8nro@yahoo.co.uk
// Created: 16/11/2000
// Last Modified: 16/11/2000
{
// Create a flag to indicate that we have found a non-digit value
var nonDigit = false;
for(index = 0; index < param.length; index++)
{
if(!(param[index] >= 0 && param[index] <= 9))
{
// In this case, we've found a non-digit value, and can stop
// searching, as the parameter is clearly not an integer
nonDigit = true;
break;
} // END if
} // END for
return true;
} // END function validateIsInt(param)
function verifyChanges(curLactname, sugLactname, curDir, sugDir,
curActionbutton, sugActionbutton, curStatustext, sugStatustext)
// Function to test whether the values for the parameters to be changed
// have actually been changed by the user when they submit them to the
// database for update. If not, the function returns false. If so, the
// function returns true.
// Author: Nicholas Robinson
// Email: Nicholas.Robinson@cern.ch
// Created: 27/07/2000
// Last Modified: 16/11/2000
{
if((curLactname == sugLactname) &&
(curDir == sugDir) && (curActionbutton == sugActionbutton) &&
(curStatustext == sugStatustext))
{
alert("No Change In The Data Has Been Made! Cannot Submit.");
return false;
} // End if
else
{
return true;
} // End else
} // End function verifyChanges()
// -->
</SCRIPT>
<?
function makeButtons($dataRow, $caller, $doctype = "")
{
/**************************************************************
This function has the simple task of creating and displaying the
"SAVE CHANGES" button and the "FINISHED" button for the action
details form. It is bundled into a function, as it is quite a
messy piece of code due to the large parameters to the
JavaScript function "verifyChanges".
Author: Nicholas Robinson
Email: Nicholas.Robinson@cern.ch
ca8nro@yahoo.co.uk
Created: 16/11/2000
Last Modified: 19/12/2000
**************************************************************/
print("<P>\n");
print("<TABLE ALIGN='center' BORDER=0 CELLSPACING=0 "
. "CELLPADDING=0 WIDTH='100%'>\n<TR>\n<TD ALIGN='right'>"
. "\n<INPUT TYPE='button' VALUE='SAVE CHANGES' onClick=\""
. "if(verifyChanges(escape('" . ereg_replace("'","\\'",
htmlspecialchars($dataRow["lactname"]))
. "'), escape(lactname.value), escape('"
. ereg_replace("'","\\'",
htmlspecialchars($dataRow["dir"]))
. "'), escape(dir.value), escape('"
. ereg_replace("'","\\'",
htmlspecialchars($dataRow["actionbutton"]))
. "'), escape(actionbutton.value), escape('"
. ereg_replace("'","\\'",
htmlspecialchars($dataRow["statustext"]))
. "'), escape(statustext.value))) { submit(); } }\">\n</TD>\n</FORM>\n<FORM ACTION='$caller"
. "' METHOD='post'>\n");
if($caller == "documentEDS.php")
{
# Pass a doctype back to it...
print("<INPUT TYPE='hidden' NAME='doctype' VALUE='$doctype'>\n");
} // END if
print("<TD ALIGN='left'>\n<INPUT TYPE='button' VALUE='FINISHED' "
. "onClick=\"submit();\">\n</TD>\n</FORM>\n</TR>\n</TABLE>\n</P>"
. "\n");
} // END function makeButtons()
//*************
function displayEDSaction($actname, $caller, $doctype = "")
{
/*******************************************************************
This function has the task of displaying the details of an EDS
action. The details are displayed in a form, so that they can be
modified and resubmitted to the database. This function
basically has the task of producing the page to be displayed for
the 'viewActionEDS.php' page.
Author: Nicholas Robinson
Email: Nicholas.Robinson@cern.ch
ca8nro@yahoo.co.uk
Created: 16/11/2000
Last Modified: 17/01/2001
*******************************************************************/
# Execute a query on the sbmACTION table for the given action...
$queryResult = mysql_query("SELECT * from sbmACTION WHERE sactname = "
. "'$actname'");
if($queryResult)
{
# The query has executed successfully, so we can continue with
# the production of the page...
# Produce the appropriate output, depending upon the number of
# rows returned by the query...
if(mysql_num_rows($queryResult) == 1)
{
# In this case, as expected, there is one entry for the given
# action in the sbmACTION table..
# Now, display a quick set of page instructions for the user..
print("<TABLE WIDTH='90%' BGCOLOR='#D3DCE3' ALIGN='center' "
. "CELLSPACING=0 CELLPADDING=0 BORDER=1>\n<TR><TD "
. "ALIGN='center'>\n<P STYLE=\"color: blue; text-align: "
. "center; font-size: small; font-weight: bold\">Below are "
. "the details of the <EM>$actname</EM> action.<BR>You can "
. "edit them by alterring values in boxes, and clicking on "
. "\"SAVE CHANGES\".</P>\n</TD>\n</TR>\n</TABLE>\n");
# Make a horizontal rule to divide the page sections...
drawSeparator();
# Now, we are ready to display the details of the given action
# in a table. Each data item will be contained within a form
# input box so that it can be edited if this is desirable.
print("<FORM ACTION='viewActionEDS.php' METHOD='post'>\n"
. "<INPUT TYPE='hidden' NAME='update' VALUE='true'>\n"
. "<INPUT TYPE='hidden' NAME='caller' VALUE='$caller'>\n");
if($caller == "documentEDS.php")
{
# Add a doctype into the equation
print("<INPUT TYPE='hidden' NAME='doctype' VALUE='$doctype"
. "'>\n");
} // END if
print("<TABLE BORDER=1 CELLSPACING=0 CELLPADDING=0 "
. "ALIGN='center' WIDTH='100%'>\n");
# Now make the table: names & fields...
# Get the columns list
$columns = mysql_list_fields(DOCS_DATABASE, "sbmACTION");
# Get the number of field
$numTblFlds = mysql_num_fields($columns);
# Get the row of data
$dataRow = mysql_fetch_array($queryResult);
# Before we display most of the table, we can first display
# the upper part of the table, which will be the sactname, cd,
# and md fields, that can't be modified...
print("<TABLE WIDTH='100%' ALIGN='center' CELLSPACING=0 "
. "CELLPADDING=0 BORDER=0>\n<TR>\n<TH BGCOLOR='#D3DCE3' ALIGN"
. "='right' WIDTH='20%'>\nAction Code: </TH>\n<TD "
. "ALIGN='left' BGCOLOR='#FFFFCC' WIDTH='80%'><INPUT "
. "TYPE='readonly' NAME='sactname' VALUE='"
. $dataRow["sactname"] . "'>\n</TD>\n</TR>\n<TR>\n<TH "
. "BGCOLOR='#D3DCE3' ALIGN='right' WIDTH='20%'>\nCreation "
. "Date: </TH>\n<TD WIDTH='80%' ALIGN='left' BGCOLOR="
. "'#FFFFCC'><INPUT TYPE='readonly' NAME='cd' VALUE='"
. $dataRow["cd"] . "'>\n</TD>\n</TR>\n<TR>\n<TH WIDTH='20%'"
. " BGCOLOR='#D3DCE3' ALIGN='right'>\nModification "
. "Date: </TH>\n<TD WIDTH='80%' ALIGN='left' "
. "BGCOLOR='#FFFFCC'><INPUT TYPE='readonly' NAME='md' "
. "VALUE='" . $dataRow["md"] . "'>\n</TD>\n</TR>\n");
# Now fill this new table with all of the details...
for($indx = 0; $indx < $numTblFlds; $indx++)
{
# Get the name of the current field...
$currentField = mysql_field_name($columns, $indx);
# Ensure that we don't once again print our non-editable
# fields out...
if(($currentField != "sactname") && ($currentField != "cd")
&& ($currentField != "md"))
{
# First, display the field name...
print("<TR>\n<TH BGCOLOR='#87CEFA' ALIGN='right' "
. "WIDTH='20%'>\n");
if($currentField == "lactname")
{
print("Action Description: ");
} // END if
else
{
print("$currentField" . ": ");
} // END else
print(" </TH>\n<TD ALIGN='left' WIDTH='80%' "
. "BGCOLOR='#FFFFCC'>\n<INPUT TYPE='text' NAME="
. "'$currentField' SIZE=");
if(mysql_field_type($columns, $indx) == "blob")
{
print("60");
} // END if
else
{
print(mysql_field_len($columns, $indx));
} // END else
print(" VALUE='" . ereg_replace("'", "'",
htmlspecialchars($dataRow[$indx]))
. "'>\n</TD>\n</TR>\n");
} // END if
} // END for
# Now that the table has been filled with all of the actions
# details, it can be closed..
print("</TABLE>\n</TABLE>\n");
# Now that the form has been drawn, it is possible to produce
# a new table underneath, containing buttons. There will be a
# "SAVE" button, and a "FINISHED button.
if($caller == "documentEDS.php")
{
makeButtons($dataRow, $caller, $doctype);
} // END if
else
{
makeButtons($dataRow, $caller);
} // END else
} // END if
elseif(mysql_num_rows($queryResult) > 1)
{
# In this case, there are many rows for the given action in
# the sbmACTIONS table, which means that the sbmACTIONS table has
# primary key violations..
print("<P CLASS='errorMsg'><SPAN STYLE=\"color: red\">"
. "ERROR:</SPAN> More "
. "than one row of data concerning the <EM>$actname</EM> "
. "action was returned from the <EM>sbmACTION</EM> table of "
. "the" . DOCS_DATABASE . ".<BR>This indicates primary key "
. "duplication in this table.<BR>Please inform system "
. "administrator.</P>\n");
# Send a mail to the system admin people to warn them about
# this serious error..
$msgTxt = "When a user attempted to look at the details of "
. "the $actname action using the WebSubmit Administrator, several "
. "rows were returned for this action from the sbmACTION table."
. " The query was made using the \"sactname\" as the search"
. " key. As the \"sactname\" field is the primary key for "
. "the sbmACTION table, this means that there must be key "
. "violations in this table.\n\nThis problem should be "
. "corrected immediately.\n\nWebSubmit Administrator (";
$msgTxt .= makeDate();
$msgTxt .= ")";
# Now send the mail..
mail(ADMIN_EMAIL, "sbmACTION Table Key Violation!", $msgTxt,
"From: WebSubmit_Administrator");
} // END elseif
elseif(mysql_num_rows($queryResult) == 0)
{
# This means that the given action has no row in the sbmACTIONS
# table..Signifies a database inconsistency error.
print("<P CLASS='errorMsg'><SPAN STYLE=\"color: red\">"
. "ERROR:</SPAN> No data"
. " concerning the <EM>$actname</EM> action was found in the"
. " <EM>sbmACTION</EM> table.<BR>This suggests a data "
. "consistency error in the " . DOCS_DATABASE . " database."
. "<BR>Please inform the system administrator.</P>\n");
# Now send an email to the administrator(s) to inform them of
# this serious error...
# Get the current date and time...
$dateDets = getdate();
$msgTxt = "When a user attempted to look at the details of "
. "the $actname action using the WebSubmit Administrator, no rows "
. "were returned from the sbmACTION table for this "
. "action.\n\nBecause the user had to click a link to view "
. "the details of this action, it must be referred to in "
. "other tables of EDS. This means that there are data "
. "inconsistencies within EDS.\n\nThis should be investigated"
. " and corrected ASAP.\n\nWebSubmit Administrator (";
$msgTxt .= makeDate();
$msgTxt .= ")";
# Now send the mail..
mail(ADMIN_EMAIL, "Data Inconsistency Error!", $msgTxt,
"From: WebSubmit_Administrator");
} // END elseif
else
{
# Some other sort of error has ocurred, so present the error
# message on the screen.
print("<P CLASS='errorMsg'><SPAN STYLE=\"color: red\">"
. "ERROR:</SPAN> Unable"
. " to correctly retrieve data from the <EM>sbmACTION</EM> "
. "table of " . DOCS_DATABASE . ".<BR>Please inform system "
. "administrator.</P>\n");
} // END else
} // END if
else
{
# Unfortunately, the query has failed, so we can display an error
# message.
print("<P CLASS='errorMsg'><SPAN STYLE=\"color: red\">"
. "ERROR:</SPAN> Unable to conduct a query on the "
. "<EM>sbmACTION</EM> table of " . DOCS_DATABASE . ".<BR>Please"
. " inform system administrator.</P>\n");
} // END else
} // END function displayEDSaction()
function displayPage($update,$actname)
{
global $lactname,$sactname,$dir,$actionbutton,$statustext;
# Conduct a test to see if this is the first call to this script, or
# if it is a self-referential call, whereby the user has chosen to
# update values of the given action...
if($update)
{
# In this case, this is a call to update the actions details...
# Free memory space associated with $update...
unset($update);
# Get the data, so that it can be committed for the modification
# date field (md)...
$dateDets = getdate();
# Now put the date into a variable in a nice MySQL friendly
# format
$modifiedDate = $dateDets['year'] . "-" . $dateDets['mon'] . "-"
. $dateDets['mday'];
# Begin constructing the UPDATE query string...
$queryString = "UPDATE sbmACTION SET lactname = '$lactname', dir ="
. " '$dir', md = '$modifiedDate', actionbutton = '$actionbutton'"
. ", statustext = '$statustext' "
. "WHERE sactname = '$sactname'";
# Now actually execute the update query
$updateResult = mysql_query($queryString);
if($updateResult)
{
# If the query could actually be executed without error
if(mysql_affected_rows() == 1)
{
# In this case, only 1 rows was updated, which is as
# expected
# Send the administrator a message to inform them of the
# update that has taken place...
# Get the current date and time...
$dateDets = getdate();
$msgTxt = "An update has been carried out on the $sactname"
. " action in the " . DOCS_DATABASE . " database.\n\nEDS "
. "Administrator (";
$msgTxt .= makeDate();
$msgTxt .= ")";
# Now send the mail..
mail(ADMIN_EMAIL, "EDS Action Updated", $msgTxt,
"From: WebSubmit_Administrator");
# We can now redisplay all of the details for the action
if($caller == "documentEDS.php")
{
displayEDSaction($sactname, $caller, $doctype);
} // END if
else
{
displayEDSaction($sactname, $caller);
} // END else
} // END if
elseif(mysql_affected_rows() > 1)
{
# More than 1 row was updated -> bad news: key duplication
# Display an error message about this...
print("<P CLASS='errorMsg'><SPAN STYLE=\"color: red\">"
. "ERROR:</SPAN> Multiple rows have been updated in the "
. "<EM>sbmACTION</EM> table.<BR>This has resulted from an "
. "attempt to update the <EM>$sactname</EM> action.<BR>"
. "Please inform the system administrator.</P>\n");
# Now, email the administrator to let them know this, as it
# is a potentially dangerous error.
$msgTxt = "When a user updated the details of "
. "the $sactname action using the WebSubmit Administrator, seve"
. "ral rows were affected in the sbmACTION table. The update"
. " was conducted using the \"sactname\" field as the key."
. " As the \"sactname\" field is the primary key for the "
. "sbmACTION table, this means that there must be key violati"
. "ons in this table. There should only have been 1 row "
. "affected by this update.\n\nThis problem should be "
. "investigated and corrected immediately.\n\nEDS Administ"
. "rator (";
$msgTxt .= makeDate();
$msgTxt .= ")";
# Now send the mail..
mail(ADMIN_EMAIL, "ERROR: sbmACTIONS Table Multiple Row "
. "Update!", $msgTxt, "From: WebSubmit_Administrator");
} // END elseif
else
{
# No rows were updated -> Something strange here!
# Display an error message about this...
print("<P CLASS='errorMsg'><SPAN STYLE=\"color: red\">"
. "ERROR:</SPAN> No rows have been updated in the <EM>"
. "sbmACTION</EM> table.<BR>This suggests that there could "
. "be data inconsistencies or concurrency problems.<BR>"
. "Please inform the system administrator.</P>\n");
# Better email the administrator & let them know...
$msgTxt = "When a user attempted to update the details of "
. "the $sactname action using the WebSubmit Administrator, no "
. "rows were affected in the sbmACTION table by this update."
. "\n\nBecause the user must have altered an actions "
. "details to submit an update on it, it must have been "
. "present at around the time that the user submitted thei"
. "r update.\n\n"
. "This suggests the possibility of concurrency or data "
. "inconsistency problems in this table.\n\nThis should be"
. " investigated and corrected ASAP.\n\nWebSubmit Administrator "
. "(";
$msgTxt .= makeDate();
$msgTxt .= ")";
# Now send the mail..
mail(ADMIN_EMAIL, "Error: Possible Concurrency Problems",
$msgTxt, "From: WebSubmit_Administrator");
} // END else
} // END if
else
{
# The query couldn't be executed due to error(s) ocurring, so
# display an error message
print("<P CLASS='errorMsg'><SPAN STYLE=\"color: red\">ERROR:"
. "</SPAN> Unable to update deatails for <EM>$sactname</EM> "
. "action in <EM>sbmACTION</EM> table.<BR>Please inform system "
. "administrator.</P>\n");
} // END else
} // END if
else
{
# In this case, this is the first call to the page, so we can
# basically just display the details of the given action...
if($caller == "documentEDS.php")
{
displayEDSaction($actname, $caller, $doctype);
} // END if
else
{
displayEDSaction($actname, $caller);
} // END else
} // END else
}
/**********************Start of main script***************************/
# Connect to the MySQL server
serverConnect(MYSQLDOCMACHINE, MYSQLDOCUSERID, MYSQLDOCPASSWORD);
# Select the CDS Search database...
dbSelect(DOCS_DATABASE);
if (!canUseWebSubmitAdmin($uid))
outWarning("You are not allowed to access WebSubmit Admin for this "
. "type of documents");
else
displayPage($update,$actname);
/************************End of main script***************************/
</protect>
?>
Event Timeline
Log In to Comment