Page Menu
Home
c4science
Search
Configure Global Search
Log In
Files
F62172427
viewActionEDS.php.wml
No One
Temporary
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Sat, May 11, 09:43
Size
17 KB
Mime Type
text/x-c
Expires
Mon, May 13, 09:43 (1 d, 23 h)
Engine
blob
Format
Raw Data
Handle
17614420
Attached To
R3600 invenio-infoscience
viewActionEDS.php.wml
View Options
## $Id$
## This file is part of the CERN Document Server Software (CDSware).
## Copyright (C) 2002, 2003, 2004, 2005, 2006 CERN.
##
## The CDSware is free software; you can redistribute it and/or
## modify it under the terms of the GNU General Public License as
## published by the Free Software Foundation; either version 2 of the
## License, or (at your option) any later version.
##
## The CDSware is distributed in the hope that it will be useful, but
## WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
## General Public License for more details.
##
## You should have received a copy of the GNU General Public License
## along with CDSware; if not, write to the Free Software Foundation, Inc.,
## 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
<?
require("commonPhpFunctions.php");
?>
#include "cdspage.wml" \
title="Details of the <i><protect><?print "$actname";?></protect></I> action" \
navtrail_previous_links="<a class=navtrail href=<WEBURL>/admin/<lang:star: index.*.html>>_(Admin Area)_</a> > <a class=navtrail href=<WEBURL>/admin/websubmit/>_(WebSubmit Administration)_</a>" \
navbar_name="admin" \
navbar_select="websubmit_listactions"
<?
<protect>
## $Id$
## DO NOT EDIT THIS FILE! IT WAS AUTOMATICALLY GENERATED FROM CDSware WML SOURCES.
?>
<SCRIPT LANGUAGE="JavaScript">
<!-- hide
function validateIsInt(param)
// This function validates its parameter to ensure that it is an integer
// value.
{
// Create a flag to indicate that we have found a non-digit value
var nonDigit = false;
for(index = 0; index < param.length; index++)
{
if(!(param[index] >= 0 && param[index] <= 9))
{
// In this case, we've found a non-digit value, and can stop
// searching, as the parameter is clearly not an integer
nonDigit = true;
break;
}
}
return true;
}
function verifyChanges(curLactname, sugLactname, curDir, sugDir,
curActionbutton, sugActionbutton, curStatustext, sugStatustext)
// Function to test whether the values for the parameters to be changed
// have actually been changed by the user when they submit them to the
// database for update. If not, the function returns false. If so, the
// function returns true.
{
if((curLactname == sugLactname) &&
(curDir == sugDir) && (curActionbutton == sugActionbutton) &&
(curStatustext == sugStatustext))
{
alert("No Change In The Data Has Been Made! Cannot Submit.");
return false;
}
else
{
return true;
}
}
// -->
</SCRIPT>
<?
function makeButtons($dataRow, $caller, $doctype = "")
{
/**************************************************************
This function has the simple task of creating and displaying the
"SAVE CHANGES" button and the "FINISHED" button for the action
details form. It is bundled into a function, as it is quite a
messy piece of code due to the large parameters to the
JavaScript function "verifyChanges".
**************************************************************/
print("<P>\n");
print("<TABLE ALIGN=\"center\" BORDER=0 CELLSPACING=0 "
. "CELLPADDING=0 WIDTH=\"100%\">\n<TR>\n<TD ALIGN=\"right\">"
. "\n<INPUT TYPE=\"button\" VALUE=\"SAVE CHANGES\" onClick=\""
. "if(verifyChanges(escape('" . ereg_replace("'","\\'",
htmlspecialchars($dataRow["lactname"]))
. "'), escape(lactname.value), escape('"
. ereg_replace("'","\\'",
htmlspecialchars($dataRow["dir"]))
. "'), escape(dir.value), escape('"
. ereg_replace("'","\\'",
htmlspecialchars($dataRow["actionbutton"]))
. "'), escape(actionbutton.value), escape('"
. ereg_replace("'","\\'",
htmlspecialchars($dataRow["statustext"]))
. "'), escape(statustext.value))) { submit(); }\">\n</TD>\n</FORM>\n<FORM ACTION=\"$caller"
. "\" METHOD=\"post\">\n");
if($caller == "documentEDS.php")
{
// Pass a doctype back to it...
print("<INPUT TYPE=\"hidden\" NAME=\"doctype\" VALUE=\"$doctype\">\n");
}
print("<TD ALIGN=\"left\">\n<INPUT TYPE=\"submit\" VALUE=\"FINISHED\">"
. "</TD>\n</FORM>\n</TR>\n</TABLE>\n</P>\n");
}
//*************
function displayEDSaction($actname, $caller, $doctype = "")
{
/*******************************************************************
This function has the task of displaying the details of an EDS
action. The details are displayed in a form, so that they can be
modified and resubmitted to the database. This function
basically has the task of producing the page to be displayed for
the 'viewActionEDS.php' page.
*******************************************************************/
// Execute a query on the sbmACTION table for the given action
$queryResult = mysql_query("SELECT * from sbmACTION WHERE sactname = "
. "'$actname'");
if($queryResult)
{
if(mysql_num_rows($queryResult) == 1)
{
// as expected there is one entry for the given
// action in the sbmACTION table
print("<TABLE WIDTH=\"90%\" BGCOLOR=\"#D3DCE3\" ALIGN=\"center\" "
. "CELLSPACING=0 CELLPADDING=0 BORDER=1>\n<TR><TD "
. "ALIGN=\"center\">\n<P STYLE=\"color: blue; text-align: "
. "center; font-size: small; font-weight: bold\">Below are "
. "the details of the <EM>$actname</EM> action.<BR>You can "
. "edit them by alterring values in boxes, and clicking on "
. "\"SAVE CHANGES\".</P>\n</TD>\n</TR>\n</TABLE>\n");
drawSeparator();
print("<FORM ACTION=\"viewActionEDS.php\" METHOD=\"post\">\n"
. "<INPUT TYPE=\"hidden\" NAME=\"update\" VALUE=\"true\">\n"
. "<INPUT TYPE=\"hidden\" NAME=\"caller\" VALUE=\"$caller\">\n");
if($caller == "documentEDS.php")
{
// Add a doctype
print("<INPUT TYPE=\"hidden\" NAME=\"doctype\" VALUE=\"$doctype\">\n");
}
print("<TABLE BORDER=1 CELLSPACING=0 CELLPADDING=0 ALIGN=\"center\" WIDTH=\"100%\">\n");
$columns = mysql_list_fields(DOCS_DATABASE, "sbmACTION");
$numTblFlds = mysql_num_fields($columns);
$dataRow = mysql_fetch_array($queryResult);
// Before we display most of the table, we can first display
// the upper part of the table, which will be the sactname, cd,
// and md fields, that can't be modified...
print("<TABLE WIDTH=\"100%\" ALIGN=\"center\" CELLSPACING=0 "
. "CELLPADDING=0 BORDER=0>\n<TR>\n<TH BGCOLOR=\"#D3DCE3\" ALIGN"
. "=\"right\" WIDTH=\"20%\">\nAction Code: </TH>\n<TD "
. "ALIGN=\"left\" BGCOLOR=\"#FFFFCC\" WIDTH=\"80%\"><INPUT "
. "TYPE=\"readonly\" NAME=\"sactname\" VALUE=\""
. $dataRow["sactname"] . "\">\n</TD>\n</TR>\n<TR>\n<TH "
. "BGCOLOR=\"#D3DCE3\" ALIGN=\"right\" WIDTH=\"20%\">\nCreation "
. "Date: </TH>\n<TD WIDTH=\"80%\" ALIGN=\"left\" BGCOLOR="
. "\"#FFFFCC\"><INPUT TYPE=\"readonly\" NAME=\"cd\" VALUE=\""
. $dataRow["cd"] . "\">\n</TD>\n</TR>\n<TR>\n<TH WIDTH=\"20%\""
. " BGCOLOR=\"#D3DCE3\" ALIGN=\"right\">\nModification "
. "Date: </TH>\n<TD WIDTH=\"80%\" ALIGN=\"left\" "
. "BGCOLOR=\"#FFFFCC\"><INPUT TYPE=\"readonly\" NAME=\"md\" "
. "VALUE=\"" . $dataRow["md"] . "\">\n</TD>\n</TR>\n");
print("<input type=\"hidden\" name=\"actionbutton\" value=\"\">");
// Now fill this new table with all of the details
for($indx = 0; $indx < $numTblFlds; $indx++)
{
$currentField = mysql_field_name($columns, $indx);
if(($currentField != "sactname") && ($currentField != "cd")
&& ($currentField != "md") && ($currentField != "actionbutton"))
{
print("<TR>\n<TH BGCOLOR=\"#87CEFA\" ALIGN=\"right\" WIDTH=\"20%\">\n");
if($currentField == "lactname")
{
print("Action Description: ");
}
else
{
print("$currentField" . ": ");
}
print(" </TH>\n<TD ALIGN=\"left\" WIDTH=\"80%\" "
. "BGCOLOR=\"#FFFFCC\">\n<INPUT TYPE=\"text\" NAME="
. "\"$currentField\" SIZE=");
if(mysql_field_type($columns, $indx) == "blob")
{
print("60");
}
else
{
print(mysql_field_len($columns, $indx));
}
print(" VALUE=\"" . ereg_replace("'", "'",
htmlspecialchars($dataRow[$indx]))
. "\">\n</TD>\n</TR>\n");
}
}
print("</TABLE>\n</TABLE>\n");
// "SAVE" button, and a "FINISHED button:
if($caller == "documentEDS.php")
{
makeButtons($dataRow, $caller, $doctype);
}
else
{
makeButtons($dataRow, $caller);
}
}
elseif(mysql_num_rows($queryResult) > 1)
{
// too many rows for the action
print("<P CLASS=\"errorMsg\"><SPAN STYLE=\"color: red\">"
. "ERROR:</SPAN> More than one row of data concerning the <EM>$actname</EM> "
. "action was returned from the <EM>sbmACTION</EM> table of "
. "the" . DOCS_DATABASE . ".<BR>This indicates primary key "
. "duplication in this table.<BR>Please inform system administrator.</P>\n");
$msgTxt = "When a user attempted to look at the details of "
. "the $actname action using the WebSubmit Administrator, several "
. "rows were returned for this action from the sbmACTION table."
. " The query was made using the \"sactname\" as the search"
. " key. As the \"sactname\" field is the primary key for "
. "the sbmACTION table, this means that there must be key "
. "violations in this table.\n\nThis problem should be "
. "corrected immediately.\n\nWebSubmit Administrator (";
$msgTxt .= makeDate();
$msgTxt .= ")";
mail(ADMIN_EMAIL, "sbmACTION Table Key Violation!", $msgTxt,
"From: WebSubmit_Administrator");
}
elseif(mysql_num_rows($queryResult) == 0)
{
print("<P CLASS=\"errorMsg\"><SPAN STYLE=\"color: red\">"
. "ERROR:</SPAN> No data concerning the <EM>$actname</EM> action was found in the"
. " <EM>sbmACTION</EM> table.<BR>This suggests a data "
. "consistency error in the " . DOCS_DATABASE . " database."
. "<BR>Please inform the system administrator.</P>\n");
$dateDets = getdate();
$msgTxt = "When a user attempted to look at the details of "
. "the $actname action using the WebSubmit Administrator, no rows "
. "were returned from the sbmACTION table for this "
. "action.\n\nBecause the user had to click a link to view "
. "the details of this action, it must be referred to in "
. "other tables of EDS. This means that there are data "
. "inconsistencies within EDS.\n\nThis should be investigated"
. " and corrected ASAP.\n\nWebSubmit Administrator (";
$msgTxt .= makeDate();
$msgTxt .= ")";
mail(ADMIN_EMAIL, "Data Inconsistency Error!", $msgTxt,
"From: WebSubmit_Administrator");
}
else
{
print("<P CLASS=\"errorMsg\"><SPAN STYLE=\"color: red\">"
. "ERROR:</SPAN> Unable to correctly retrieve data from the <EM>sbmACTION</EM> "
. "table of " . DOCS_DATABASE . ".<BR>Please inform system "
. "administrator.</P>\n");
}
}
else
{
print("<P CLASS=\"errorMsg\"><SPAN STYLE=\"color: red\">"
. "ERROR:</SPAN> Unable to conduct a query on the "
. "<EM>sbmACTION</EM> table of " . DOCS_DATABASE . ".<BR>Please"
. " inform system administrator.</P>\n");
}
}
function displayPage($update,$actname)
{
global $lactname,$sactname,$dir,$actionbutton,$statustext,$caller,$doctype;
if($update)
{
// update the actions details
unset($update);
$dateDets = getdate();
$modifiedDate = $dateDets['year'] . "-" . $dateDets['mon'] . "-"
. $dateDets['mday'];
$queryString = "UPDATE sbmACTION SET lactname = '$lactname', dir ="
. " '$dir', md = '$modifiedDate', actionbutton = '$actionbutton'"
. ", statustext = '$statustext' "
. "WHERE sactname = '$sactname'";
$updateResult = mysql_query($queryString);
if($updateResult)
{
if(mysql_affected_rows() == 1)
{
$dateDets = getdate();
$msgTxt = "An update has been carried out on the $sactname"
. " action in the " . DOCS_DATABASE . " database.\n\nEDS "
. "Administrator (";
$msgTxt .= makeDate();
$msgTxt .= ")";
mail(ADMIN_EMAIL, "EDS Action Updated", $msgTxt,
"From: WebSubmit_Administrator");
// now redisplay all of the details for the action
if($caller == "documentEDS.php")
{
displayEDSaction($sactname, $caller, $doctype);
}
else
{
displayEDSaction($sactname, $caller);
}
}
elseif(mysql_affected_rows() > 1)
{
// More than 1 row was updated
print("<P CLASS=\"errorMsg\"><SPAN STYLE=\"color: red\">"
. "ERROR:</SPAN> Multiple rows have been updated in the "
. "<EM>sbmACTION</EM> table.<BR>This has resulted from an "
. "attempt to update the <EM>$sactname</EM> action.<BR>"
. "Please inform the system administrator.</P>\n");
$msgTxt = "When a user updated the details of "
. "the $sactname action using the WebSubmit Administrator, seve"
. "ral rows were affected in the sbmACTION table. The update"
. " was conducted using the \"sactname\" field as the key."
. " As the \"sactname\" field is the primary key for the "
. "sbmACTION table, this means that there must be key violati"
. "ons in this table. There should only have been 1 row "
. "affected by this update.\n\nThis problem should be "
. "investigated and corrected immediately.\n\nEDS Administ"
. "rator (";
$msgTxt .= makeDate();
$msgTxt .= ")";
mail(ADMIN_EMAIL, "ERROR: sbmACTIONS Table Multiple Row "
. "Update!", $msgTxt, "From: WebSubmit_Administrator");
}
else
{
// No rows were updated
print("<P CLASS=\"errorMsg\"><SPAN STYLE=\"color: red\">"
. "ERROR:</SPAN> No rows have been updated in the <EM>"
. "sbmACTION</EM> table.<BR>This suggests that there could "
. "be data inconsistencies or concurrency problems.<BR>"
. "Please inform the system administrator.</P>\n");
$msgTxt = "When a user attempted to update the details of "
. "the $sactname action using the WebSubmit Administrator, no "
. "rows were affected in the sbmACTION table by this update."
. "\n\nBecause the user must have altered an actions "
. "details to submit an update on it, it must have been "
. "present at around the time that the user submitted thei"
. "r update.\n\n"
. "This suggests the possibility of concurrency or data "
. "inconsistency problems in this table.\n\nThis should be"
. " investigated and corrected ASAP.\n\nWebSubmit Administrator "
. "(";
$msgTxt .= makeDate();
$msgTxt .= ")";
mail(ADMIN_EMAIL, "Error: Possible Concurrency Problems",
$msgTxt, "From: WebSubmit_Administrator");
}
}
else
{
// The query couldn't be executed
print("<P CLASS=\"errorMsg\"><SPAN STYLE=\"color: red\">ERROR:"
. "</SPAN> Unable to update deatails for <EM>$sactname</EM> "
. "action in <EM>sbmACTION</EM> table.<BR>Please inform system "
. "administrator.</P>\n");
}
}
else
{
if($caller == "documentEDS.php")
{
displayEDSaction($actname, $caller, $doctype);
}
else
{
displayEDSaction($actname, $caller);
}
}
}
/**********************Start of main script***************************/
// Connect to the MySQL server
serverConnect(MYSQLDOCMACHINE, MYSQLDOCUSERID, MYSQLDOCPASSWORD);
// Select the CDS Search database...
dbSelect(DOCS_DATABASE);
$auth = canUseWebSubmitAdmin($uid);
if (!$auth[0])
outWarning($auth[1]);
else
displayPage($update,$actname);
/************************End of main script***************************/
</protect>
?>
Event Timeline
Log In to Comment