package WebGUI::Widget::UserSubmission; #------------------------------------------------------------------- # WebGUI is Copyright 2001 Plain Black Software. #------------------------------------------------------------------- # Please read the legal notices (docs/legal.txt) and the license # (docs/license.txt) that came with this distribution before using # this software. #------------------------------------------------------------------- # http://www.plainblack.com info@plainblack.com #------------------------------------------------------------------- use strict; use WebGUI::Privilege; use WebGUI::Session; use WebGUI::SQL; use WebGUI::Utility; use WebGUI::Widget; #------------------------------------------------------------------- sub purge { WebGUI::SQL->write("delete from submission where widgetId=$_[0]",$_[1]); WebGUI::SQL->write("delete from UserSubmission where widgetId=$_[0]",$_[1]); purgeWidget($_[0],$_[1]); } #------------------------------------------------------------------- sub widgetName { return "User Submission System"; } #------------------------------------------------------------------- sub www_add { my ($output, %hash); tie %hash, "Tie::IxHash"; if (WebGUI::Privilege::canEditPage()) { $output = '

Add User Submission System

'; $output .= WebGUI::Form::hidden("widget","UserSubmission"); $output .= WebGUI::Form::hidden("func","addSave"); $output .= ''; $output .= ''; $output .= ''; $output .= ''; %hash = WebGUI::SQL->buildHash("select groupId,groupName from groups where groupName<>'Reserved' order by groupName",$session{dbh}); $output .= ''; $output .= ''; %hash = ("Approved"=>"Approved","Denied"=>"Denied","Pending"=>"Pending"); $output .= ''; $output .= ''; $output .= '

Title	'.WebGUI::Form::text("title",20,30,'User Submission System').'
Display the title?	'.WebGUI::Form::checkbox("displayTitle","1").'
Description	'.WebGUI::Form::textArea("description",'',50,5,1).'
Who can contribute?	'.WebGUI::Form::selectList("groupToContribute",\%hash,'',1).'
Submissions Per Page	'.WebGUI::Form::text("submissionsPerPage",20,2,50).'
Default Status	'.WebGUI::Form::selectList("defaultStatus",\%hash,'',1).'
	'.WebGUI::Form::submit("save").'

'; return $output; } else { return WebGUI::Privilege::insufficient(); } return $output; } #------------------------------------------------------------------- sub www_addSave { my ($widgetId); if (WebGUI::Privilege::canEditPage()) { $widgetId = create(); WebGUI::SQL->write("insert into UserSubmission set widgetId=$widgetId, groupToContribute=$session{form}{groupToContribute}, submissionsPerPage=$session{form}{submissionsPerPage}, defaultStatus='$session{form}{defaultStatus}'",$session{dbh}); return ""; } else { return WebGUI::Privilege::insufficient(); } } #------------------------------------------------------------------- sub www_addSubmission { my ($output, $groupToContribute, @submission, $sth); ($groupToContribute) = WebGUI::SQL->quickArray("select groupToContribute from UserSubmission where widgetId=$session{form}{wid}",$session{dbh}); if (WebGUI::Privilege::isInGroup($groupToContribute,$session{user}{userId})) { $output = '

Add Submission

'; $output .= ''; $output .= ''; $sth = WebGUI::SQL->read("select title,submissionId,date_format(dateSubmitted,'%c/%e/%Y'),status from submission where widgetId='$session{form}{wid}' and userId=$session{user}{userId} order by dateSubmitted desc",$session{dbh}); while (@submission = $sth->array) { $output .= ''; } $sth->finish; $output .= '

Edit/Delete	Title	Date Submitted	Status
	'.$submission[0].'	'.$submission[2].'	'.$submission[3].'

'; } else { $output = WebGUI::Privilege::insufficient(); } return $output; } #------------------------------------------------------------------- sub www_addSubmissionSave { my ($title, $submissionId, $image, $attachment, $status, $groupToContribute); ($status, $groupToContribute) = WebGUI::SQL->quickArray("select defaultStatus,groupToContribute from UserSubmission where widgetId=$session{form}{wid}",$session{dbh}); if (WebGUI::Privilege::isInGroup($groupToContribute,$session{user}{userId})) { $submissionId = getNextId("submissionId"); $image = saveAttachment("image",$session{form}{wid},$submissionId); $attachment = saveAttachment("attachment",$session{form}{wid},$submissionId); if ($session{form}{title} ne "") { $title = $session{form}{title}; } else { $title = "Untitled"; } WebGUI::SQL->write("insert into submission set widgetId=$session{form}{wid}, submissionId=$submissionId, convertCarriageReturns='$session{form}{convertCarriageReturns}', title=".quote($title).", username=".quote($session{user}{username}).", status='$status', dateSubmitted=now(), userId='$session{user}{userId}', content=".quote($session{form}{content}).", image=".quote($image).", attachment=".quote($attachment),$session{dbh}); return ""; } else { return WebGUI::Privilege::insufficient(); } } #------------------------------------------------------------------- sub www_deleteAttachment { my ($owner); ($owner) = WebGUI::SQL->quickArray("select userId from submission where submissionId=$session{form}{sid}",$session{dbh}); if ($owner == $session{user}{userId}) { WebGUI::SQL->write("update submission set attachment='' where widgetId=$session{form}{wid}",$session{dbh}); return www_editSubmission(); } else { return WebGUI::Privilege::insufficient(); } } #------------------------------------------------------------------- sub www_deleteImage { my ($owner); ($owner) = WebGUI::SQL->quickArray("select userId from submission where submissionId=$session{form}{sid}",$session{dbh}); if ($owner == $session{user}{userId}) { WebGUI::SQL->write("update submission set image='' where widgetId=$session{form}{wid}",$session{dbh}); return www_editSubmission(); } else { return WebGUI::Privilege::insufficient(); } } #------------------------------------------------------------------- sub www_deleteSubmission { my ($output, $owner); ($owner) = WebGUI::SQL->quickArray("select userId from submission where submissionId=$session{form}{sid}",$session{dbh}); if ($owner == $session{user}{userId}) { $output = '

Please Confirm

'; $output .= 'Are you certain that you want to delete this submission?

Yes, I\'m sure. No, I made a mistake.

'; return $output; } else { return WebGUI::Privilege::insufficient(); } } #------------------------------------------------------------------- sub www_deleteSubmissionConfirm { my ($output, $owner); ($owner) = WebGUI::SQL->quickArray("select userId from submission where submissionId=$session{form}{sid}",$session{dbh}); if ($owner == $session{user}{userId}) { WebGUI::SQL->write("delete from submission where submissionId=$session{form}{sid}",$session{dbh}); return www_addSubmission(); } else { return WebGUI::Privilege::insufficient(); } } #------------------------------------------------------------------- sub www_edit { my ($output, %data, @array, $sth, %hash); if (WebGUI::Privilege::canEditPage()) { %data = WebGUI::SQL->quickHash("select * from widget,UserSubmission where widget.widgetId=$session{form}{wid} and widget.widgetId=UserSubmission.widgetId",$session{dbh}); $output = '

Edit User Submission System

'; $output .= WebGUI::Form::hidden("wid",$session{form}{wid}); $output .= WebGUI::Form::hidden("func","editSave"); $output .= ''; $output .= ''; $output .= ''; $output .= ''; $array[0] = $data{groupToContribute}; %hash = WebGUI::SQL->buildHash("select groupId,groupName from groups where groupName<>'Reserved' order by groupName",$session{dbh}); $output .= ''; $output .= ''; %hash = ("Approved"=>"Approved","Denied"=>"Denied","Pending"=>"Pending"); $array[0] = $data{defaultStatus}; $output .= ''; $output .= ''; $output .= '

Title	'.WebGUI::Form::text("title",20,30,$data{title}).'
Display the title?	'.WebGUI::Form::checkbox("displayTitle","1",$data{displayTitle}).'
Description	'.WebGUI::Form::textArea("description",$data{description}).'
Who can contribute?	'.WebGUI::Form::selectList("groupToContribute",\%hash,\@array,1).'
Submissions Per Page	'.WebGUI::Form::text("submissionsPerPage",20,2,$data{submissionsPerPage}).'
Default Status	'.WebGUI::Form::selectList("defaultStatus",\%hash,\@array,1).'
	'.WebGUI::Form::submit("save").'

'; return $output; } else { return WebGUI::Privilege::insufficient(); } } #------------------------------------------------------------------- sub www_editSave { if (WebGUI::Privilege::canEditPage()) { update(); WebGUI::SQL->write("update UserSubmission set groupToContribute=$session{form}{groupToContribute}, submissionsPerPage=$session{form}{submissionsPerPage}, defaultStatus='$session{form}{defaultStatus}' where widgetId=$session{form}{wid}",$session{dbh}); return ""; } else { return WebGUI::Privilege::insufficient(); } } #------------------------------------------------------------------- sub www_editSubmission { my ($output, %submission, $owner); ($owner) = WebGUI::SQL->quickArray("select userId from submission where submissionId=$session{form}{sid}",$session{dbh}); if ($owner == $session{user}{userId}) { %submission = WebGUI::SQL->quickHash("select * from submission where submissionId='$session{form}{sid}'",$session{dbh}); $output = '

Edit Submission

'; $output .= WebGUI::Form::hidden("wid",$session{form}{wid}); $output .= WebGUI::Form::hidden("sid",$session{form}{sid}); $output .= WebGUI::Form::hidden("func","editSubmissionSave"); $output .= ''; $output .= ''; $output .= ''; if ($submission{image} ne "") { $output .= ''; } else { $output .= ''; } if ($submission{attachment} ne "") { $output .= ''; } else { $output .= ''; } $output .= ''; $output .= ''; $output .= '

Title	'.WebGUI::Form::text("title",20,30,$submission{title}).'
Content	'.WebGUI::Form::textArea("content",$submission{content},50,10).'
Image	Delete Image
Image	'.WebGUI::Form::file("image").'
Attachment	Delete Attachment
Attachment	'.WebGUI::Form::file("attachment").'
Convert Carriage Returns	'.WebGUI::Form::checkbox("convertCarriageReturns",1,$submission{convertCarriageReturns}).' (uncheck if you\'re writing an HTML submission)
	'.WebGUI::Form::submit("save").'

'; return $output; } else { return WebGUI::Privilege::insufficient(); } return $output; } #------------------------------------------------------------------- sub www_editSubmissionSave { my ($owner,$status,$image,$attachment,$title); ($owner) = WebGUI::SQL->quickArray("select userId from submission where submissionId=$session{form}{sid}",$session{dbh}); if ($owner == $session{user}{userId}) { ($status) = WebGUI::SQL->quickArray("select defaultStatus from UserSubmission where widgetId=$session{form}{wid}",$session{dbh}); $image = saveAttachment("image",$session{form}{wid},$session{form}{sid}); if ($image ne "") { $image = 'image='.quote($image).', '; } $attachment = saveAttachment("attachment",$session{form}{wid},$session{form}{sid}); if ($attachment ne "") { $attachment = 'attachment='.quote($attachment).', '; } if ($session{form}{title} ne "") { $title = $session{form}{title}; } else { $title = "Untitled"; } WebGUI::SQL->write("update submission set convertCarriageReturns='$session{form}{convertCarriageReturns}', title=".quote($title).", content=".quote($session{form}{content}).", ".$image.$attachment." status='$status' where submissionId=$session{form}{sid}",$session{dbh}); return www_viewSubmission(); } else { return WebGUI::Privilege::insufficient(); } } #------------------------------------------------------------------- sub www_view { my (%data, @submission, $output, $widgetId, $sth, @row, $i, $pn); $widgetId = shift; %data = WebGUI::SQL->quickHash("select * from widget,UserSubmission where widget.widgetId=$widgetId and widget.widgetId=UserSubmission.widgetId",$session{dbh}); if (%data) { if ($data{displayTitle} == 1) { $output = "

".$data{title}."

"; } if ($data{description} ne "") { $output .= $data{description}.'

'; } $sth = WebGUI::SQL->read("select title,submissionId,date_format(dateSubmitted,'%c/%e/%Y'),username,userId from submission where widgetId='$widgetId' and status='Approved' order by dateSubmitted desc",$session{dbh}); while (@submission = $sth->array) { $row[$i] = ''.$submission[0].''.$submission[2].''.$submission[3].''; $i++; } $sth->finish; $output .= '
Post New Submission
'; $output .= ''; $output .= ''; if ($session{form}{pn} < 1) { $pn = 0; } else { $pn = $session{form}{pn}; } for ($i=($data{submissionsPerPage}*$pn); $i<($data{submissionsPerPage}*($pn+1));$i++) { $output .= $row[$i]; } $output .= '
Title Date Submitted Submitted By
'; $output .= '

'; if ($pn > 0) { $output .= '«Previous Page'; } else { $output .= '«Previous Page'; } $output .= ' · '; if ($pn < round($#row/$data{submissionsPerPage})) { $output .= 'Next Page»'; } else { $output .= 'Next Page»'; } $output .= '

'; } return $output; } #------------------------------------------------------------------- sub www_viewSubmission { my ($output, %submission); %submission = WebGUI::SQL->quickHash("select * from submission where submissionId=$session{form}{sid}",$session{dbh}); $output = "

".$submission{title}."

"; $output .= 'Submitted By: '.$submission{username}.'
'; $output .= 'Date Submitted: '.$submission{dateSubmitted}.'

'; if ($submission{image} ne "") { $output .= ''; } if ($submission{status} eq "Pending" && (WebGUI::Privilege::isInGroup(3,$session{user}{userId}) || WebGUI::Privilege::isInGroup(4,$session{user}{userId}))) { $output .= '

'; $output .= 'Approve · '; $output .= 'Leave Pending · '; $output .= 'Deny '; $output .= '

'; } if ($submission{convertCarriageReturns}) { $submission{content} =~ s/\n/\/g; } $output .= $submission{content}.'

'; if ($submission{attachment} ne "") { $output .= '

'; } $output .= '

'; if ($submission{userId} == $session{user}{userId}) { $output .= 'Delete · '; $output .= 'Edit · '; } $output .= 'Return To Submissions List'; $output .= '

'; return $output; } 1;

Title	'.WebGUI::Form::text("title",20,30).'
Content	'.WebGUI::Form::textArea("content",'',50,10,1).'
Image	'.WebGUI::Form::file("image").'
Attachment	'.WebGUI::Form::file("attachment").'
Convert Carriage Returns	'.WebGUI::Form::checkbox("convertCarriageReturns",1,1).' (uncheck if you\'re writing an HTML submission)
	'.WebGUI::Form::submit("save").'