Page MenuHomec4science

parameterUpdate.php.wml
No OneTemporary

File Metadata

Created
Mon, Nov 18, 16:31

parameterUpdate.php.wml

## $Id$
## This file is part of the CERN Document Server Software (CDSware).
## Copyright (C) 2002, 2003, 2004, 2005 CERN.
##
## The CDSware is free software; you can redistribute it and/or
## modify it under the terms of the GNU General Public License as
## published by the Free Software Foundation; either version 2 of the
## License, or (at your option) any later version.
##
## The CDSware is distributed in the hope that it will be useful, but
## WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
## General Public License for more details.
##
## You should have received a copy of the GNU General Public License
## along with CDSware; if not, write to the Free Software Foundation, Inc.,
## 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
<?
require("commonPhpFunctions.php");
?>
#include "cdspage.wml" \
title="Update value of parameter <I><protect><?print $param;?></protect></i> for the <I><protect><?print $doctype;?></protect></i> document type" \
navtrail_previous_links="<a class=navtrail href=<WEBURL>/admin/<lang:star: index.*.html>><MSG_ADMIN_AREA></a> &gt; <a class=navtrail href=<WEBURL>/admin/websubmit/><MSG_ADMIN_SUBMIT></a>" \
navbar_name="admin" \
navbar_select="websubmit"
<?
<protect>
## $Id$
## DO NOT EDIT THIS FILE! IT WAS AUTOMATICALLY GENERATED FROM CDSware WML SOURCES.
function displayParamToUpdate($doctype, $param,
$functionName, $action, $returnTo)
{
/*****************************************************************
This function is used by the "parameterUpdate.php" script. It
executes a select query on the relevant table, retrieving the
value of the required parameter, and placing it into a text input
box in a form. A submit button is also produced for the form.
The purpose of this form is so that the user can alter the value
of the given parameter, and submit the alterations to the
database for update. When the form is submitted, it recursively
calls itself, updates the parameter value, and then redirects to
the 'func.php' script.
Author: Nicholas Robinson
Email: Nicholas.Robinson@cern.ch
Created: 22/08/2000
Last Modified: 22/03/2001
*****************************************************************/
# LOCK the given table as READ...
if(!$lockRes = mysql_query("LOCK TABLES sbmPARAMETERS READ"))
{
# We couldn't get a lock, so we just display the error message
# and return from this function.
print("<DIV STYLE='color: navy; font-weight: bold; font-size:"
. " large; text-align: center'><SPAN STYLE='color: "
. "red'>Error:</SPAN> Unable to retrieve information.</DIV>\n"
. "<BR>\n");
print("<TABLE ALIGN='center' CELLSPACING=0 CELLPADDING=0 "
. "BORDER=0>\n<TR>\n<FORM ACTION='func.php' METHOD='post'>\n"
. "<INPUT TYPE='hidden' NAME='doctype' VALUE='$doctype'>\n"
. "<INPUT TYPE='hidden' NAME='action' VALUE='$action'>\n"
. "<INPUT TYPE='hidden' NAME='functionName' "
. "VALUE='$functionName'>\n"
. "<INPUT TYPE='hidden' NAME='returnTo' VALUE='$returnTo'>\n"
. "<TD ALIGN='center'>\n<INPUT TYPE='button' VALUE='OK' onClick"
. "='submit();'>\n</TD>\n</FORM>\n</TR>\n</TABLE>\n");
return;
} # END if
# Execute a select query on the WebSubmit2 database, getting the value of
# the required parameter...
$queryResult = mysql_query("SELECT value FROM sbmPARAMETERS WHERE
doctype='$doctype' and name='$param'");
# We must unlock our table...
$unlockRes = mysql_query("UNLOCK TABLES");
/******************************************************************
Now, we can test to see if any rows were retrieved by this query.
If there were, then the function has parameters, and we can
display them in a table. If no rows were returned by the query,
then the function has no parameters, and there is no point in
displaying a table. Instead, we can display an appropriate
informative message stating that there are no parameters stored
for the function.
*******************************************************************/
$numRows = mysql_num_rows($queryResult);
if($numRows == 0)
{
/**************************************************************
This query should have returned rows. If none have been
returned, it means that when the function is called for this
doctype, it will search for a value for its parameter in the
column of the table that this query was performed on, but
won't be able to find a result. I.e. the tables are out of
sync.
There could be different reasons for this occurring, but the
most likely is that the user has just added this parameter to
the function, but has not yet updated all of the rows that
utilise it. The best course of action in this case is to give
a message stating that the database stores no value for this
parameter, and that the user should enter one asap. A text
input can also be provided to take care of this.
**************************************************************/
print("<TABLE ALIGN='center' WIDTH='95%' BORDER=1 CELLPADDING=0"
. " CELLSPACING=0 BGCOLOR='#E0E0E0'>\n<TR>\n<TD>\n");
print("<H4>WARNING: There is no value stored in the $param"
. " column of the parameters table for the $doctype document"
. " type. This means that there is no value for this "
. "parameter when the function is used on the $doctype "
. "document type. It is strongly advisable that "
. "a value for the parameter be entered now:</H4>\n");
print("</TD>\n</TR>\n</TABLE>\n<BR>\n");
# Now that the user has been informed about the need for updating
# the parameter value, an input box can be displayed, which the
# user can then use to enter & submit a value for the parameter.
print("<TABLE BORDER=0 CELLSPACING=0 CELLPADDING=0 "
. "ALIGN='center'>\n"
. "<FORM ACTION='parameterUpdate.php' METHOD='post'>\n"
. "<INPUT TYPE='hidden' NAME='doctype' VALUE='"
. ereg_replace("'", "&#39;", htmlspecialchars($doctype))
. "'>\n"
. "<INPUT TYPE='hidden' NAME='param' VALUE='"
. ereg_replace("'", "&#39;", htmlspecialchars($param))
. "'>\n"
. "<INPUT TYPE='hidden' NAME='functionName' VALUE='"
. ereg_replace("'", "&#39;", htmlspecialchars($functionName))
. "'>\n"
. "<INPUT TYPE='hidden' NAME='action' VALUE='"
. ereg_replace("'", "&#39;", htmlspecialchars($action))
. "'>\n"
. "<INPUT TYPE='hidden' NAME='calledBefore' "
. "VALUE='true'>\n"
. "<INPUT TYPE='hidden' NAME='newValue' VALUE='true'>\n"
. "<INPUT TYPE='hidden' NAME='returnTo' "
. "VALUE='$returnTo'>\n");
if ($param == "textMailFTT")
{
print("<TR>\n<TD>\n"
. "<TEXTAREA NAME='paramValue' COLS=60 ROWS=6 "
. "></TEXTAREA>\n</TD>\n</TR>\n</TABLE>\n");
}
else
{
print("<TR>\n<TD>\n"
. "<INPUT TYPE='text' NAME='paramValue' SIZE=60 "
. ">\n</TD>\n</TR>\n</TABLE>\n");
}
# Now display buttons to allow the user to save the new parameter
# value, or to exit from this form...
print("<TABLE ALIGN='center' BORDER=0 CELLSPACING=0 "
. "CELLPADDING=0>\n<TR>\n<TD>\n"
. "<INPUT TYPE='button' VALUE='SAVE PARAMETER'"
. " onClick=\"submit();\"></FORM>\n</TD>\n");
# Add a blank between columns...
print("<TD>&nbsp;</TD>\n");
# Add a 'finished' button...
print("<TD>");
displayparamEditFinishedButton($doctype, $action,
$functionName, $returnTo);
# Close up the table...
print("</TD>\n</TR>\n</TABLE>\n");
} // END if
elseif($numRows ==1) # If 1 row was returned, everything is fine!
{
print("<H3 ALIGN='center'>Value Of The <EM>$param");
print("</EM> Parameter:</H3>\n");
# Read the parameter into item, from queryResult...
list($item) = mysql_fetch_row($queryResult);
# Replace all special html characters (<, >, " and &) with the
# html code for them. This prevents html errors.
$item=htmlspecialchars($item);
/***********************************************************
Find the length of the parameter field as defined in the WebSubmit2
database. This field length will be used in the JavaScript
input validation.
***********************************************************/
$fieldLength = mysql_field_len($queryResult, 0);
# Here, we can display the value of the parameter in a text input
# field in a form. There is also a submit button to allow the
# user to submit updates. There are also many hidden fields that
# contain data that is needed elsewhere in the system when the
# FINISHED buttons are used to return to other areas.
print("<TABLE ALIGN='center'><TR><TD>");
print("<FORM ACTION='parameterUpdate.php' METHOD='post'>");
if ($param == "textMailFTT")
{
print("<TR>\n<TD>\n"
. "<TEXTAREA NAME='paramValue' COLS=60 ROWS=6 "
. ">$item</TEXTAREA>\n</TD>\n</TR>\n</TABLE>\n");
}
else
{
print("<INPUT TYPE='text' NAME='paramValue' SIZE=60 VALUE=");
print("\"$item\"></TD>\n</TR>\n</TABLE>\n");
}
# Now open a new table in which to place the hidden fields and
# the submit buttons. This table will be located below the table
# with the text input form...
print("<TABLE ALIGN='center' CELLPADDING=0 CELLSPACING=0 "
. "BORDER=0>\n<TR>\n");
print("<INPUT TYPE='hidden' NAME='doctype' VALUE='"
. ereg_replace("'", "&#39;", htmlspecialchars($doctype))
. "'>");
print("<INPUT TYPE='hidden' NAME='param' VALUE='"
. ereg_replace("'", "&#39;", htmlspecialchars($param))
. "'>");
print("<INPUT TYPE='hidden' NAME='functionName' VALUE='"
. ereg_replace("'", "&#39;", htmlspecialchars($functionName))
. "'>");
print("<INPUT TYPE='hidden' NAME='action' VALUE='"
. ereg_replace("'", "&#39;", htmlspecialchars($action))
. "'>");
print("\n<INPUT TYPE='hidden' NAME='calledBefore' "
. "VALUE='true'>\n"
. "<INPUT TYPE='hidden' NAME='returnTo' "
. "VALUE='$returnTo'>\n");
print("<TD><INPUT TYPE=button VALUE='UPDATE PARAMETER'");
print(" onClick=");
print( "\"submit()\"></FORM>\n</TD>\n");
# Add a blank column between buttons...
print("<TD>&nbsp;</TD>\n");
# Add a finish button, to allow the user to change their mind
# about adjusting the parameter value, and go back to the
# 'func.php' page...
print("<TD>");
displayparamEditFinishedButton($doctype, $action,
$functionName, $returnTo);
# Close up the table...
print("</TD>\n</TR>\n</TABLE>\n");
} // End elseif
else # IF more than 1 row returned from the query, there
# are definite problems, as there should only be 1
# value for a given function parameter, for a given
# action on a given doctype!
{
print("<P>\n<H3 ALIGN='center'>SQL Error: Too Many");
print(" Rows Returned From Query!</H3>\n</P>\n");
} // END else
} // END function displayParamToUpdate($doctype, $param)
//***********************
function displayparamEditFinishedButton($doctype, $action,
$functionName, $returnTo)
{
/*****************************************************************
This function is used by the "parameterUpdate.php" script. It
displays a "Finished" button, which returns the administrator to
the "func.php" script.
Author: Nicholas Robinson
Email: Nicholas.Robinson@cern.ch
Created: 22/08/2000
Last Modified: 28/08/2000
*****************************************************************/
print("<FORM ACTION='func.php' METHOD='post'>\n");
print("<INPUT TYPE='hidden' NAME='doctype' VALUE='$doctype'>");
print("<INPUT TYPE='hidden' NAME='action' VALUE='$action'>");
print("<INPUT TYPE='hidden' NAME='functionName' "
. "VALUE='$functionName'>"
. "<INPUT TYPE='hidden' NAME='returnTo' VALUE='$returnTo'>");
print("<INPUT TYPE='button' VALUE='FINISHED' onClick=\"");
print("submit()\">\n</FORM>\n");
} // END function displayparamEditFinishedButton()
// ******************************
function displayPage()
{
global $calledBefore,$doctype,$param,$functionName,$action,$returnTo,$paramValue,$newValue;
# Now test to see if the script has been called before...
if(!($calledBefore))
{
# If the page has not been called before, we must offer the user
# the opportunity to alter the parameter...
# Get the value of the parameter which is to be updated, and put
# it in a text input box in a form, along with an update button.
# The user will be able to update and save changes to this
# parameters value by using this form...
displayParamToUpdate($doctype, $param, $functionName,
$action, $returnTo);
}// End if
else
{
# If this is the second calling of the script, this is where our
# updating fun starts...
/*******************************************************
We must now execute the update query on the database. The
update query will update the parameter value that is held in
the relevant table, to that which was entered by the user
before the "UPDATE" button was pressed. Incidentally, if this
calling of the page is to insert a value in a table for a
parameter that does not have a value, the query will be an
insert query instead of an update query...
*******************************************************/
# Place a lock on the relevant table...
if($lockRes = mysql_query("LOCK TABLES sbmPARAMETERS WRITE"))
{
# Determine the kind of update that must be carried out...
if($newValue)
{
# If this is a call to add a parameter to the system,
# execute an insert query on WebSubmit...
$queryResult = mysql_query("INSERT INTO sbmPARAMETERS
(doctype, name, value) VALUES('$doctype','$param','$paramValue')");
} // END if
else
{
# If this is a call to update the parameters value...
# Execute the update query on the WebSubmit2 database.
$queryResult = mysql_query("UPDATE sbmPARAMETERS SET
value='$paramValue'
WHERE doctype = '$doctype' and name='$param'");
} // END else
if(mysql_affected_rows() == 1) // Update has worked...
{
# We must unlock our table...
$unlockRes = mysql_query("UNLOCK TABLES");
print("<BR><H3 STYLE='color: red; text-align: "
. "center'>Parameter Updated</H3>");
# Now redirect the browser to the "func.php" page once
# more, in order to display all parameter values for the
# function concerned...
print("<FORM ACTION='func.php' METHOD='post' "
. "NAME='referForm'>\n"
. "<INPUT TYPE='hidden' NAME='doctype' "
. "VALUE='$doctype'>\n"
. "<INPUT TYPE='hidden' NAME='action' VALUE='$action'>\n"
. "<INPUT TYPE='hidden' NAME='functionName' "
. "VALUE='$functionName'>\n"
. "<INPUT TYPE='hidden' NAME='returnTo' "
. "VALUE='$returnTo'>\n"
. "</FORM>\n");
# Now submit the form...
print("<SCRIPT TYPE='text/javascript'>\n"
. "setTimeout(\"document.referForm.submit();\", 0);\n"
. "</SCRIPT>\n");
} // END if
elseif(mysql_affected_rows() > 1)
{
# If the number of rows updated was greater than 1, there
# has been some DB consistency error, and the administrator
# should be notified...
# We must unlock our table...
$unlockRes = mysql_query("UNLOCK TABLES");
print("<SCRIPT TYPE='text/javascript'>alert('ERROR:\\n\\n"
. "More than 1 row was affected by this update.');"
. "</SCRIPT>");
# Get the date and time of the error occurrence...
$dateDets = getdate();
# Now email the administrator with an error email...
$errMailTxt = "An error has occurred when attempting to "
. "update a parameter value for the $param "
. "parameter of the $functionName function. The data was"
. "selected from the parameters table "
. "for the $doctype document type.\n\nPlease look "
. "into this problem, as it suggests that there are "
. "multiple values for this parameter, which breaks DB"
. "consistency.\n\n"
. "This error occurred on " . $dateDets['weekday'] . " "
. $dateDets['mday'] . " " . $dateDets['month'] . " "
. $dateDets['year'] . ", at " . $dateDets['hours'] . ":"
. $dateDets['minutes'] . ".";
mail(ADMIN_EMAIL, "Error: Multiple Values For A Parameter",
$errMailTxt, "From: WebSubmit_Administrator");
} // END elseif
else
{
# If this condition has been reached, it means that the
# query has not updated any rows, which is erroneous, as a
# row should have been updated.
# We must unlock our table...
$unlockRes = mysql_query("UNLOCK TABLES");
print("<SCRIPT TYPE='text/javascript'>alert('ERROR:\\n\\n"
. "No parameter value was updated');</SCRIPT>\n");
displayParamToUpdate($doctype, $param,
$functionName, $action, $returnTo);
} // END else
} # END if
else
{
# Couldn't lock the tables. Don't allow update.
print("<DIV STYLE='color: navy; font-weight: bold; font-size:"
. " large; text-align: center'><SPAN STYLE='color: "
. "red'>Error:</SPAN> Unable to commit updates.</DIV>\n"
. "<BR>\n");
displayParamToUpdate($doctype, $param,
$functionName, $action, $returnTo);
} # END else
} // END else
}
/**********************Start of main script***************************/
# Connect to the MySQL server
serverConnect(MYSQLDOCMACHINE, MYSQLDOCUSERID, MYSQLDOCPASSWORD);
# Select the CDS Search database...
dbSelect(DOCS_DATABASE);
$auth = canUseWebSubmitAdmin($uid,$doctype);
if (!$auth[0])
outWarning($auth[1]. "<br><br>" . "You are not allowed to access WebSubmit Admin for this type of documents");
else
displayPage();
/************************End of main script***************************/
</protect>
?>

Event Timeline