If the current publisher list $publishers is not empty and the publisher ID is 0zero, which indicates ‘everyone’is in the list of $publishers, then the user list in the HTML template sho
Trang 1■ The user list is sorted and the sorted list is reset.
■ The $pub_everyis set to false to indicate that, by default, not everyone
is allowed to publish If the current publisher list ($publishers) is not empty and the publisher ID is 0(zero), which indicates ‘everyone’is
in the list of $publishers, then the user list in the HTML template shows ‘everyone’selected as the chosen list of publishers
■ The $view_everyis set to false to indicate that, by default, not every-one is allowed to view If the current viewer list ($viewers) is not empty and the viewer ID is 0(zero), which indicates ‘everyone’is in the list of $viewers, then the user list in the HTML template shows
‘everyone’selected as the chosen list of viewers
■ The Web form is displayed using the standard template The user fills out the Web form and submits the new or existing category for addi-tion or modificaaddi-tion, respectively
◆ deleteDoc() : This method deletes an existing document The document
ID ($nid) must be supplied as a query parameter It works as follows:
■ If the document ID ($nid) is not found, the method returns NULL
■ If document ID is provided, a new document object called $docObjis created
■ Because the user is allowed to delete multiple documents, the $nidcan
be a list of document IDs, and a loop is used to delete each of the doc-uments mentioned in the list
■ For each document, it retrieves the header ($heading) using
getHeading()on the $docObj
■ Each document is deleted using deleteDoc()
■ If a document is deleted successfully, all responses to the document are also deleted using deleteResponsesByDocID()
■ If there are MOTD messages corresponding to the deleted document, they are removed using deleteMessage()on a Messageobject called $msgObj
■ A status message is displayed using showStatusMessage()
◆ deleteCategory() : This method is used to delete chosen categories Here
is how it works:
■ If the category ID ($cid) list is not supplied as a query parameter, the method shows an alert message and returns null Otherwise, it creates a
Categoryobject called $catObjand uses a loop to delete all the cate-gories mentioned in the category ID list For each to-be-deleted category, all the documents within the category are also deleted A Docobject called $docObjis created, and getDocesByCatID() is used to retrieve the entire document IDs for a given to-be-deleted category If there are
Trang 2documents in a category, deleteDocsByCatID()is used to delete all the documents in that category In addition, for each document, all responses are deleted using the deleteResponsesByDocID()method
■ If the categories are successfully deleted, a status message is shown using showStatusMessage() A new navigation file is created using
generateCategoryNavigator()
■ If the categories could not be deleted, a status message stating the fail-ure is shown using showStatusMessage()
◆ deleteResponse() : This method is used to delete a response to a
pub-lished document It works as follows:
■ If the response ID ($rid) list is not supplied as a query parameter, the method shows an alert message and returns null
■ It creates a Responseobject called $respObjand uses a loop to delete all the responses mentioned in the response ID list Each response is deleted using deleteResponse()
■ If the responses are successfully deleted, a status message is shown using showStatusMessage()
■ If the responses could not be deleted, a status message stating the fail-ure is shown using showStatusMessage()
◆ showStatusMessage() : This method displays a message in a template.
The method is called with the message ($statusMessage) and it simply loads a template object and displays the message in the template
◆ authorize() : This method is used to authorize access to this application.
It works as follows:
■ It uses getUID()to check whether the current user ID is positive
Because all valid user ID are positive numbers, it creates a DBI object called $user_dbithat points to the central user authentication data-base (USER_DB_URL)
■ A user object called $userObjis created using $user_dbiand the cur-rent user ID
■ getType()tests whether the current user type is administrator (LD_ADMIN_TYPE) If the current user is of type administrator, the
$isAdminvariable is set to TRUEand the method returns true
■ If the application is called with category name (stored in $catquery parameter), a new Categoryobject called $catObjis created The cate-gory ID ($cid) for the supplied category ($cat) is retrieved by calling
getCategoryIDbyName()
■ If the current user does not have publishing rights to the current cate-gory, the method returns FALSE Otherwise, it returns TRUE
Trang 3The document index display application
The document index application, ld_mngr.php, shows document indexes for each category or all categories when the category is not specified This application is included on the CD-ROM in the ch08/appsdirectory
Here are its methods:
◆ run() : This method is responsible for running the application It works as
follows:
■ It creates a theme object called $themeObjand assigns it to
$this->themeObj The theme object identifies the user’s preferred theme using
getUserTheme()
■ It calls displayDocHome()to display the document index home page
◆ authorize() : This method is called by the application to authorize the
user It works as follows:
■ It calls setUserType()to find out if the user is an administrator or a regular user It returns TRUEif the user is an administrator
■ If the user is not an administrator, it checks if the category name is passed
as a query parameter called $cat If the category name is passed, a
Categoryobject called $catObjis used to call getCategoryIDbyName()
to get the category ID ($cid) by the category name ($cat)
■ Using the category ID, the Categoryobject $catObjectcalls
isViewable()to find if the user can view the category Similarly, it uses isPublishable()to check whether the user can publish in the chosen category
■ If the user can either view or publish, the method returns TRUE; other-wise, it returns FALSE
◆ setUserType() : This method sets $this->isAdminto TRUEif the user is administrator; otherwise, it sets it to FALSE Here is how it works:
■ It sets the $this->isAdminvariable to FALSE Therefore, the default is that user is not assumed an administrator
■ If the current user’s UID is greater than 0, which means valid, then it creates a DBI object called $user_dbiand passes that to the construc-tor of the Userobject called $userObj
■ The $userObjcalls getType()to find out if the current user’s type matches LD_ADMIN_TYPE If the user is an administrator, then
$this->isAdminis set to true
◆ displayDocHome() : This method displays the document index page for a
given category or shows all the categories with their document lists when
a category is not provided It works as follows:
Trang 4■ A theme template object called $themeTemplateloads the current user’s template
■ A template object called $templateloads the template file,
$templateFile, passed to the method
■ A Categoryobject called $catObj, a Docobject called $docObj, and a
Responseobject called $resObjare created
■ If the user did not supply a category name in $catas a query parame-ter to the application, the method loads all the available categories in the associative array called $categoriesby calling the
getCategories()method of the $catObj
■ On the other hand, if a category name is supplied in $cat,
getCategoryIDbyName()is used to retrieve the category ID in $cid The $categorieslist is populated with the current category name and
ID as an entry in the associative array
■ Now the category list $categoriesis looped to retrieve each category name $cnameand category ID $cid
■ If the current user is not an administrator, the category list check box
is set to NULL This ensures that a regular user cannot select a category
to modify or delete
■ If the current user is not an administrator and she cannot publish in the current category, then the method gets the document list, $docs, for the current category using the getdocsByCatID()method
Otherwise, it gets all the documents for the category by the
getAlldocsByCatID()method
■ If the document list associative array ($docs) is not empty, then the method loops through each document
■ For each document, the method calls getTotalResponseByDocID()
using the Response object $resObj
■ The total response per document is shown in a listing
■ If the current user is not an administrator or does not have publishing rights, the check box next to the document is disabled Otherwise, it is enabled
■ Using the Categoryobject $catObj, category description is retrieved using getCategoryDesc() The description text is filtered for slashes using stripslashes()and shown in the template
■ If the user is an administrator or has publishing rights to the category being displayed, the category and the documents are shown with check boxes that the user can click on to modify or delete the category or document
Trang 5The document details application
The document details application, ld_details_mngr.php, shows the details of a document This application is included on the CD-ROM in the ch08/appsdirectory
It has the following methods:
◆ run() : This method calls the displayDocDetail()to display the chosen document’s contents
◆ authorize() : This method sets $this->isAdminto TRUEif the user is an administrator; otherwise, it sets it to FALSE Here is how it works:
■ It sets the $this->isAdminvariable to FALSE Therefore, the default is that user is not assumed an administrator
■ If the current user’s UID is greater then 0, which means valid, then it creates a DBI object called $user_dbiand passes that to the construc-tor of the Userobject called $userObj If the current UID is less then 0, the method returns false and the PHP Applicationobject
$DocDetailsMngraborts the application
■ The $userObj is used to call the getType()method to find out if the current user’s type matches LD_ADMIN_TYPE If the user is an adminis-trator, then the $this->isAdminis set to TRUE
◆ displayDocDetail() : This method displays the contents of the chosen
document The chosen document ID is supplied by query parameter, $nid
It works as follows:
■ If the $nidis not provided when the application is called, an alert mes-sage is shown and application is aborted by its alert()method
■ It creates a theme object called $themeTemplateand loads the current user’s theme template
■ A template object called $templateis loaded with the document details template ($LD_DETAILS_TEMPLATE)
■ A document object called $docObjis created The trackVisit()of the
Documentobject is called to record that this user is visiting the docu-ment page
■ A Responseobject called $resObjis created A response listing called
$responsesis created by calling the document’s
getResponsesByDocID()method
■ If there are one or more responses for this document, they are linked at the end of the document Otherwise, the response block section of the template is set to null