Page Menu
Home
c4science
Search
Configure Global Search
Log In
Files
F61857292
editActionDets.php.wml
No One
Temporary
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Thu, May 9, 10:03
Size
21 KB
Mime Type
text/x-c
Expires
Sat, May 11, 10:03 (1 d, 23 h)
Engine
blob
Format
Raw Data
Handle
17568040
Attached To
R3600 invenio-infoscience
editActionDets.php.wml
View Options
## $Id$
## This file is part of the CERN Document Server Software (CDSware).
## Copyright (C) 2002 CERN.
##
## The CDSware is free software; you can redistribute it and/or
## modify it under the terms of the GNU General Public License as
## published by the Free Software Foundation; either version 2 of the
## License, or (at your option) any later version.
##
## The CDSware is distributed in the hope that it will be useful, but
## WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
## General Public License for more details.
##
## You should have received a copy of the GNU General Public License
## along with CDSware; if not, write to the Free Software Foundation, Inc.,
## 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
<?
require("commonPhpFunctions.php");
?>
#include "cdspage.wml" \
title="Edit <i><protect><?print $actname;?></protect></i> action implementation details" \
navtrail_previous_links="<a class=navtrail href=<WEBURL>/admin/<lang:star: index.*.html>><MSG_ADMIN_AREA></a> > <a class=navtrail href=<WEBURL>/admin/websubmit/><MSG_ADMIN_SUBMIT></a>" \
navbar_name="admin" \
navbar_select="websubmit"
<?
<protect>
## $Id$
## DO NOT EDIT THIS FILE! IT WAS AUTOMATICALLY GENERATED FROM CDSware WML SOURCES.
?>
<SCRIPT TYPE='text/javascript'>
<!-- hide
function validateMandOpt(theParameter)
// This is a very simple function, to ensure that the user enters
// either M or O in the level field. (The level can be either Mandatory
// or Optional.
// The function caters for upper and lower case values.
{
if(theParameter == "M" || theParameter == "O" || theParameter == "m"
|| theParameter == "o")
{ // If the parameter passed is M or O...
return true; // ...return true, as everything is fine.
} // end if
else // otherwise, if the parameter is not M or O...
{ // ...alert the user of this, and return false.
alert("You Must Enter M or O For The level Parameter.");
return false;
} // end else
} // End function validateMandOpt(theParameter)
function checkScoreStpage(score, stpage)
// This function checks that the user has entered either a numeric
// value for level, or a
{
// create a variable, foundNonNumeric, which will be a boolean
// variable, to determine whether or not the user has input a
// non-numeric value for score or stpage.
var foundNonNumericScore = false;
var foundNonNumericStpage = false;
if(score != "" || stpage != "")
{
for(index = 0; index < score.length; index++)
{
if(!(score.charAt(index) >= 0 && score.charAt(index) <= 9))
{
foundNonNumericScore = true;
break;
} // End if
} // End for
if (!foundNonNumericScore)
{
for (index = 0; index < stpage.length; index++)
{
if (!(stpage.charAt(index) >= 0 && stpage.charAt(index) <= 9))
{
foundNonNumericStpage = true;
break;
} // End if
}
if (!foundNonNumericStpage)
{
return true;
}
else
{
alert('Only Numeric Values Are Legal For stpage');
return false;
} // End else
} // End if
else
{
alert('Only Numeric Values Are Legal For score');
return false;
} // End else
} // End if
else
return true;
} // End function checkScoreStpage(score, stpage)
// -->
</SCRIPT>
<?
/***********Function Declarations**********************************/
# This function simply displays an ok button, which when pressed,
# returns to the page that displays the doctype and its actions
# (document.php)...
function displayOKButton($doctype)
{
print("<BR><FORM ACTION='documentEDS.php' METHOD='post'>");
print("<TABLE ALIGN='center' BORDER=0 CELLSPACING=0><TR><TD>"
. "<INPUT TYPE='hidden' NAME='doctype' value='$doctype'>"
. "<INPUT TYPE='button' VALUE='OK' onClick=\"submit()\">"
. "</TD></TR></TABLE></FORM>");
} // End function displayOKButton($doctype)
# This function produces an HTML form containing the values of the
# details of the relevant action on a given doctype. It is passed the
# values of $doctype, and $actname, and from these produces the table.
function allowEditOfActionDets($doctype, $actname)
{
global $URLPATH;
# Lock the sbmIMPLEMENT table as READ
if($lockRes = mysql_query("LOCK TABLES sbmIMPLEMENT READ"))
{
# Execute a query on the sbmIMPLEMENT table in the WebSubmit2 DB to
# find the values of the given action ($actname) for the relevant
# doctype ($doctype)
$queryResult = mysql_query("SELECT * FROM sbmIMPLEMENT WHERE
docname = '$doctype' AND actname = '$actname'");
# Unlock the sbmIMPLEMENT table - we are finished with it for now
$unlockRes = mysql_query("UNLOCK TABLES");
# If the query was successful...
if($queryResult)
{
if(mysql_num_rows($queryResult) < 1)
{
# If there were no rows returned by the query...
print("<BR><H3 STYLE='text-align: center; color: "
. "navy'>Error:"
. " No matching actions were found for this document "
. "type.</H3>\n<BR>\n");
} // End if
elseif(mysql_num_rows($queryResult) > 1)
{
# If too many rows ( > 1) were returned by the query, then
# there is obviously some DB consistency error...
print("<BR><H3 STYLE='color: red; text-align: center'>"
. "Error: Too many matching rows found.</H3><BR>");
} // End elseif
else
{
# If 1 row is found, then this is the expected and correct
# result
# Get information about the columns in sbmIMPLEMENT
$columns = mysql_list_fields(DOCS_DATABASE,
"sbmIMPLEMENT");
# Get the data from $queryResult and store it in an array
$dataRow = mysql_fetch_array($queryResult);
# Now, we can display the details of the action on the
# given
# doctype in a form for editing. This requires the fields
# to be put in a table...
print("<FORM ACTION='editActionDets.php' METHOD='post'>");
print("<TABLE ALIGN='center' BORDER=0 CELLSPACING=0>\n");
for($index = 1; $index < mysql_num_fields($columns);
$index++)
{
if(mysql_field_name($queryResult, $index) != "actname" &&
mysql_field_name($queryResult, $index) != "subname" &&
mysql_field_name($queryResult, $index) != "nbpg" &&
mysql_field_name($queryResult, $index) != "cd" &&
mysql_field_name($queryResult, $index) != "md")
{
# Print the field name in the first column...
print("<TR><TD ALIGN='right'><STRONG STYLE='color: "
. "navy'>" . mysql_field_name($columns, $index)
. "</STRONG></TD>\n");
# Add a blank separator column between the 2 main
# columns...
print("<TD> </TD>\n");
# Print the field data in the second column...
print("<TD ALIGN='left'>");
}
if(mysql_field_name($queryResult, $index) == "actname" ||
mysql_field_name($queryResult, $index) == "subname" ||
mysql_field_name($queryResult, $index) == "nbpg" ||
mysql_field_name($queryResult, $index) == "cd" ||
mysql_field_name($queryResult, $index) == "md")
{
# If it is the actname field, we don't want the user
# to update it, so make it read only...
print("<INPUT TYPE='hidden' NAME='");
print(mysql_field_name($queryResult, $index));
print("' VALUE='");
print(ereg_replace("'", "'",
htmlspecialchars($dataRow[$index])));
print("'>");
} # END if
elseif(mysql_field_name($columns, $index) == "displayed")
{
# The level fiel can either be N or Y. This means
# that we can simply make it a SELECT list.
print("<SELECT NAME='"
. mysql_field_name($columns, $index)
. "'><OPTION VALUE='Y'");
if($dataRow[$index] == "Y" ||
$dataRow[$index] == "y")
{
print(" SELECTED");
} # END if
print(">YES</OPTION>\n<OPTION VALUE='N'");
if($dataRow[$index] == "N" ||
$dataRow[$index] == "n")
{
print(" SELECTED");
} # END if
print(">NO</OPTION>\n</SELECT>\n");
} # END elseif
else
{
# If it is any other field, allow the user to update
# it...
print("<INPUT TYPE='text' NAME='");
print(mysql_field_name($columns, $index));
print("' VALUE='");
print(ereg_replace("'", "'",
htmlspecialchars($dataRow[$index])));
print("' SIZE=");
if(mysql_field_name($columns, $index) != "txt")
{
print(mysql_field_len($columns, $index) + 3);
} // END if
else
{
print(mysql_field_len($columns, $index) - 15);
} // END else
print(">");
}
if(mysql_field_name($queryResult, $index) != "actname" &&
mysql_field_name($queryResult, $index) != "subname" &&
mysql_field_name($queryResult, $index) != "nbpg" &&
mysql_field_name($queryResult, $index) != "cd" &&
mysql_field_name($queryResult, $index) != "md")
print("</TD></TR>\n");
} // End for
print("</TR>\n");
/**********************************************************
Before we close up the table, and the form, it is
necessary to add more inputs to the form. One input will
be a hidden input, and will be called calledBefore. It will
be used after the form has been submitted, to determine
whether the call to the page is a recursive call or not
(i.e. the details of the action for the given doctype have
been ammended by the user).
It is also necessary to add a hidden input field to the
form for the doctype field. This will contain the value of
doctype and is necessary because if we didn't include it,
doctype would not be sent.
**********************************************************/
print("<TR><TD><INPUT TYPE='hidden' NAME='calledBefore' "
. "VALUE='true'></TD>\n");
print("<TD><INPUT TYPE='hidden' NAME='doctype' ");
print("VALUE='$doctype'>");
print("</TD>\n</TR></TABLE>\n");
# Let's make a nice on-the-fly javascript function to
# handle our form checking.
print("<SCRIPT TYPE='text/javascript'>\n<!--\n"
. "function verifyChanges(curA, sugA");
for($theIndex = 4; mysql_field_name($columns, $theIndex) !=
""; $theIndex++)
{
print(", cur" . $theIndex . ", sug" . $theIndex);
} # END for
print(")\n{\n if((curA == sugA)");
for($theIndex = 4; mysql_field_name($columns, $theIndex) !=
""; $theIndex++)
{
print(" && (cur" . $theIndex . " == sug" . $theIndex
. ")");
} # END for
print(")\n {\n return false;\n }\n else"
. "\n {\n return true;\n }\n}\n\n// -->\n"
. "</SCRIPT>\n");
# Now, we can add a submit button to the form...
print("<TABLE ALIGN='center' BORDER=0 CELLSPACING=0><TR>\n"
. "<TD><INPUT TYPE='button' VALUE='SAVE'");
print(" onClick=\"for(i=0; i < "
. "level.length; i++) { if(level[i].selected) { break; } }"
. " if((verifyChanges(escape('");
print(ereg_replace("'","\\'",
htmlspecialchars($dataRow[3])));
print("'), escape(score.value)");
for($theIndex = 4; mysql_field_name($columns, $theIndex) !=
""; $theIndex++)
{
print(", escape('");
print(ereg_replace("'", "\\'",
htmlspecialchars($dataRow[$theIndex])));
print("'), escape(");
print(mysql_field_name($columns, $theIndex));
print(".value)");
} // End for
print(")) || (level[i].value != '"
. ereg_replace("'", "'",
htmlspecialchars($dataRow["level"]))
. "')) { ");
print("if(checkScoreStpage(score.value, stpage.value)) { ");
print("if(confirm('Really Alter These Details?')) { ");
print("submit() } } } else { alert('No Changes Made To "
. "Data! Cannot Submit.'); }\">");
print("</TD>\n<TD> </TD>\n");
print("<TD><INPUT TYPE='reset' "
. "VALUE='RESET'></TD>\n</FORM>");
print("<TD> </TD>\n");
print("<FORM ACTION='documentEDS.php' METHOD='post'><TD>"
. "<INPUT TYPE='hidden' NAME='doctype' VALUE='$doctype'>"
. "<INPUT TYPE='button' VALUE='FINISHED' "
. "onClick=\"submit()\"></TD></FORM>\n");
print("</TR></TABLE>\n");
} // End else
} // End if
else
{
# If the query caused an error to be returned...
print("<BR><H3 STYLE='color: red; text-align: center'>"
. "Database Query Error!</H3><BR>\n");
} // End else
} # END if
else
{
# Damn, we couldn't lock the table. We should therefore not
# allow the query to be processed as it is unsafe. We don't want
# to tell the user this fact though, so we should actually just
# lie and tell them that we couldn't get the information from the
# DB.
print("<DIV STYLE='color: navy; font-weight: bold; font-size: "
. "large; text-align: center'><SPAN STYLE='color: red'>Error:"
. "</SPAN> Unable to lock sbmIMPLEMENT table.<br>"
. mysql_error() . "</DIV>\n<BR>\n"
. "<A STYLE='font-size: medium; text-align: center' HREF='"
. "editActionDets.php?doctype=$doctype&actname=$actname'>Please"
. " retry.</A>\n<BR>\n");
} # END else
} // End function allowEditOfActionDets($doctype, $actname)
function displayPage($doctype)
{
global $calledBefore,$x,$y,$actname,$level,$score,$stpage,$endtxt,$displayed,$buttonorder,$statustext;
if(!isset($calledBefore))
{
# Destroy $x and $y, hence freeing wasted memory space...
unset($x);
unset($y);
allowEditOfActionDets($doctype, $actname);
}
else
{
/****************************************************************
If $calledBefore is set, then it means that this is a
recursive call to the page, hence meaning that the user is
updating some details of an action on a document type. This
means that we need to process an update query, followed by
re-displaying the updated data.
****************************************************************/
# Free memory space associated with $calledBefore (and also unset
# it for future processing...
unset($calledBefore);
# Ensure that $doctype, $actname, and $level are all in
# uppercase.
$doctype = strtoupper($doctype);
$actname = strtoupper($actname);
$level = strtoupper($level);
# Now, we can run an update query on the database, updating the
# relevant fields in the sbmIMPLEMENT table for the relevant
# action on the relevant doctype...
/*
Before we run this update query however, we must test the
values of score and stpage. It has been noted that if these
fields are empty, the query will set their values in the DB to
0, not NULL as it should do. This can be corrected by testing
if score and stpage are empty, or have simply been filled with
a value of '0' (zero). If they have a zero value, this can
be inserted, but if they have a NULL value, the keyword 'NULL'
can be explicitly inserted into the query string.
*/
$theDate = makeEDSmdDate();
$queryString = "UPDATE sbmIMPLEMENT SET level = '$level', "
. "score = ";
# Test value of $score...
if(!$score)
{
if($score == '0')
$queryString = $queryString . " '$score', stpage = ";
else
$queryString = $queryString . " NULL, stpage = ";
} // END if
else
{
$queryString = $queryString . " '$score', stpage = ";
} // End testing value of $score
# Test value of $stpage...
if(!$stpage)
{
if($stpage == '0')
$queryString = $queryString . "'$stpage', ";
else
$queryString = $queryString . "NULL, ";
} // END if
else
{
$queryString = $queryString . "'$stpage', ";
} // End testing value of stpage
$queryString .= "endtxt = '$endtxt', displayed='$displayed',buttonorder='$buttonorder',statustext='$statustext',md='$theDate' "
. "WHERE ";
$queryString .= "docname = '$doctype' AND "
. "actname ";
$queryString .= "= '$actname'";
# Apply a WRITE lock to sbmIMPLEMENT...
if($lockRes = mysql_query("LOCK TABLES sbmIMPLEMENT WRITE"))
{
# Now the actual query can be executed...
$queryResult = mysql_query("$queryString");
if($queryResult)
{ # If the query was able to execute successfully...
if(mysql_affected_rows() == 1)
{ # If the query only updated 1 row (as was
# intended)...
# Free the lock...
$unlockRes = mysql_query("UNLOCK TABLES");
# Call the allowEditOFActionDets function to give the
# user the option of further editing the details...
allowEditOfActionDets($doctype, $actname);
} // End if
elseif(mysql_affected_rows() > 1)
{ # If more than 1 row was updated in the query (bad)
# Free the lock...
$unlockRes = mysql_query("UNLOCK TABLES");
print("<H3 STYLE='text-align: center; color: "
. "red'>ERROR: Too Many Rows Updated. There Are "
. "Database Consistency Problems!</H3>\n");
# Display a button to return to the document.php page...
displayOKButton($doctype);
} // End elseif
else
{ # If no rows were updated by the query (bad news)
# Free the lock...
$unlockRes = mysql_query("UNLOCK TABLES");
print("<H3 STYLE='text-align: center; color: red'>ERROR"
. ": Unable To Update Action Details.</H3>\n");
# Display a button to return to the document.php page...
displayOKButton($doctype);
} // End else
} // End if
else
{
# Else, if the query didn't execute properly...
# Free the lock...
$unlockRes = mysql_query("UNLOCK TABLES");
print("<H3 STYLE='text-align: center; color: red'>ERROR: "
. "Unable To Execute Database Update!</H3>");
# Display a button to return to the document.php page...
displayOKButton($doctype);
} // End else
} # END if
else
{
# Damn, we couldn't lock the table. We should therefore not
# allow the query to be processed as it is unsafe. We don't
# want to tell the user this fact though, so we should
# actually just lie and tell them that we couldn't get the
# information from the DB.
print("<DIV STYLE='color: navy; font-weight: bold; font-size:"
. " large; text-align: center'><SPAN STYLE='color: "
. "red'>Error:</SPAN> Unable to lock sbmIMPLEMENT table.</DIV>\n");
# Call the allowEditOFActionDets function to give the
# user the option of further editing the details...
allowEditOfActionDets($doctype, $actname);
} # END else
} // End else
}
/**********************Start of main script***************************/
# Connect to the MySQL server
serverConnect(MYSQLDOCMACHINE, MYSQLDOCUSERID, MYSQLDOCPASSWORD);
# Select the CDS Search database...
dbSelect(DOCS_DATABASE);
if (!canUseWebSubmitAdmin($uid,$doctype))
outWarning("You are not allowed to access WebSubmit Admin for this "
. "type of documents");
else
displayPage($doctype);
/************************End of main script***************************/
</protect>
?>
Event Timeline
Log In to Comment