"; echo "

Attach metadata to your template.

"; echo "
\n"; } elseif ($action == "delete") { echo ""; echo "

Are you sure you want to delete this item?

"; echo "
\n"; } if ($errors) { echo "\n"; while (list ($name, $message) = each ($errors)) { echo "\n"; } echo "

Oops, please fix the following errors!
$name:	$message

\n"; } echo "

\n"; echo "\n"; # # Template GUID and Version. These are read-only fields. # echo "\n"; echo "\n"; echo "\n"; echo "\n"; if ($action == "modify" || $action == "delete") { echo "\n"; echo "\n"; echo "\n"; echo "\n"; } if (isset($metadata_type) && $metadata_type != "") { echo "\n"; } $readonly_name = ($action == "add" ? "" : "readonly"); $readonly_value = ($action == "delete" ? "readonly" : ""); # # Name of the item # echo "\n"; echo "\n"; if ($action == "modify") { $tag = "Modify Metadata"; } elseif ($action == "delete") { $tag = "Delete Metadata"; } else { $tag = "Add Metadata"; } echo "

Template GUID:	$template_guid/$template_vers
Metadata GUID:	$metadata_guid/$metadata_vers
*Name: (something short and pithy)
Value (use this area to enter the value of your metadata item).
" . ereg_replace("\r", "", $formfields[value]) . "

\n"; } # Objects $metadata = NULL; $template = NULL; # # On first load, display virgin form and exit. # if (!isset($submit)) { # # Verify page arguments. # if (!isset($guid) || strcmp($guid, "") == 0) { USERERROR("You must provide a GUID.", 1); } if (!isset($version) || strcmp($version, "") == 0) { USERERROR("You must provide a version", 1); } if (!TBvalid_guid($guid)) { PAGEARGERROR("Invalid characters in GUID!"); } if (!TBvalid_integer($version)) { PAGEARGERROR("Invalid characters in version!"); } # # In show mode, we can show any metadata entry, but it cannot be modified # unless its in the context of a template. That might change later? # if ($action == "show") { $metadata_guid = $guid; $metadata_vers = $version; # # Find this metadata item. # $metadata = TemplateMetadata::Lookup($metadata_guid, $metadata_vers); if (! $metadata) { USERERROR("Invalid metadata $guid/$version", 1); } # # Verify Permission. Need permission for the template, any version. # $template = Template::Lookup($metadata->template_guid(), 1); if (!$template || !$template->AccessCheck($uid, $TB_EXPT_READINFO)) { USERERROR("You do not have permission to view metadata in ". " template $template_guid!", 1); } PAGEHEADER("Show Metadata"); $metadata->Show(); PAGEFOOTER(); return; } elseif ($action == "modify" || $action == "delete") { $template_guid = $guid; $template_vers = $version; # Must get the metadata guid and vers we want to change. if (!isset($metadata_guid) || $metadata_guid == "") { USERERROR("You must provide a metadata GUID", 1); } if (!isset($metadata_vers) || $metadata_vers == "") { USERERROR("You must provide a metadata version", 1); } if (!TBvalid_guid($metadata_guid)) { PAGEARGERROR("Invalid characters in GUID!"); } if (!TBvalid_integer($metadata_vers)) { PAGEARGERROR("Invalid characters in metadata version!"); } # # Verify this metadata is attached to the template. # $template = Template::Lookup($template_guid, $template_vers); if (!$template) { USERERROR("Invalid template $template_guid/$template_vers", 1); } $metadata = $template->LookupMetadataByGUID($metadata_guid, $metadata_vers); if (!$template) { USERERROR("Invalid metadata $metadata_guid/$metadata_vers", 1); } $metadata_type = $metadata->type(); } else { $template_guid = $guid; $template_vers = $version; if (isset($type) && $type != "") { if (!TBvalid_template_metadata_type($type)) { PAGEARGERROR("Invalid characters in metadata type!"); } $metadata_type = $type; } else { unset($type); unset($metadata_type); } # # Check to make sure this is a valid template. # $template = Template::Lookup($template_guid, $template_vers); if (!$template) { USERERROR("Invalid template $template_guid/$template_vers", 1); } } # Perm check for add/modify to the template. if (!$template->AccessCheck($uid, $TB_EXPT_MODIFY)) { USERERROR("You do not have permission to $action metadata in ". " template $template_guid!", 1); } # Defaults for the form come from the DB. $defaults = array(); if ($action == "modify" || $action == "delete") { $defaults["name"] = $metadata->name(); $defaults["value"] = $metadata->value(); } # # Allow formfields that are already set to override defaults # if (isset($formfields)) { while (list ($field, $value) = each ($formfields)) { $defaults[$field] = $formfields[$field]; } } SPITFORM($action, $defaults, 0); PAGEFOOTER(); return; } elseif (! isset($formfields)) { PAGEARGERROR(); } # # Verify page arguments, which depend on action. # if ($action == "modify" || $action == "delete") { if (!isset($metadata_guid) || $metadata_guid == "") { USERERROR("You must provide a Metadata GUID.", 1); } if (!isset($metadata_vers) || $metadata_vers == "") { USERERROR("You must provide a Metadata version", 1); } if (!TBvalid_guid($metadata_guid)) { PAGEARGERROR("Invalid characters in GUID!"); } if (!TBvalid_integer($metadata_vers)) { PAGEARGERROR("Invalid characters in version!"); } if (!isset($template_guid) || $template_guid == "") { USERERROR("You must provide a Template GUID.", 1); } if (!isset($template_vers) || $template_vers == "") { USERERROR("You must provide a Template version", 1); } if (!TBvalid_guid($template_guid)) { PAGEARGERROR("Invalid characters in GUID!"); } if (!TBvalid_integer($template_vers)) { PAGEARGERROR("Invalid characters in version!"); } # # Verify this metadata is attached to the template. # $template = Template::Lookup($template_guid, $template_vers); if (!$template) { USERERROR("Invalid template $template_guid/$template_vers", 1); } $metadata = $template->LookupMetadataByGUID($metadata_guid,$metadata_vers); if (!$template) { USERERROR("Invalid metadata $metadata_guid/$metadata_vers", 1); } # For checks below; $metadata_type = $metadata->type(); } else { if (!isset($template_guid) || $template_guid == "") { USERERROR("You must provide a Template GUID.", 1); } if (!isset($template_vers) || $template_vers == "") { USERERROR("You must provide a Template version", 1); } if (!TBvalid_guid($template_guid)) { PAGEARGERROR("Invalid characters in GUID!"); } if (!TBvalid_integer($template_vers)) { PAGEARGERROR("Invalid characters in version!"); } if (isset($metadata_type) && $metadata_type != "") { if (!TBvalid_template_metadata_type($metadata_type)) { PAGEARGERROR("Invalid characters in metadata type!"); } } else { unset($metadata_type); } # # Check to make sure this is a valid template. # $template = Template::Lookup($template_guid, $template_vers); if (!$template) { USERERROR("Invalid template $template_guid/$template_vers", 1); } } # Perm check for add/modify to the template. if (!$template->AccessCheck($uid, $TB_EXPT_MODIFY)) { USERERROR("You do not have permission to $action metadata in ". " template $template_guid!", 1); } # # Okay, validate form arguments. # $errors = array(); $command_opts = ""; # # Name # if (!isset($formfields[name]) || $formfields[name] == "") { $errors["Metadata Name"] = "Missing Field"; } elseif (!TBvalid_template_metadata_name($formfields[name])) { $errors["Metadata Name"] = TBFieldErrorString(); } if ($action == "add") { if ($template->LookupMetadataByName($formfields[name])) { $errors["Metadata Name"] = "Name already in use"; } if (isset($metadata_type)) { $command_opts .= "-t $metadata_type "; } $command_opts .= "-a add " . escapeshellarg($formfields[name]); } elseif ($action == "delete") { $command_opts .= "-a delete " . escapeshellarg($formfields[name]); } else { # Had to already exist above. $command_opts .= "-a modify " . escapeshellarg($formfields[name]); } # # Value: # if ($action != "delete") { if (!isset($formfields[value]) || $formfields[value] == "") { $errors["Metadata Value"] = "Missing Field"; } elseif (!TBvalid_template_metadata_value($formfields[value])) { $errors["Metadata Value"] = TBFieldErrorString(); } if ($action == "modify" && $formfields[value] == $metadata_data[value]) { $errors["Metadata Value"] = "New value identical to old value"; } } # # XXX Some metadata is special ... # if (isset($metadata_type)) { if ($metadata_type == "tid") { if ($action == "delete") { $errors["TID"] = "Not allowed to delete this"; } elseif (!TBvalid_eid($formfields[value])) { $errors["TID"] = TBFieldErrorString(); } } elseif ($metadata_type == "template_description") { if ($action == "delete") { $errors["Description"] = "Not allowed to delete this"; } elseif (!TBvalid_template_description($formfields[value])) { $errors["Description"] = TBFieldErrorString(); } } elseif ($metadata_type == "parameter_description") { if (!TBvalid_template_parameter_description($formfields[value])) { $errors["Description"] = TBFieldErrorString(); } } } if (count($errors)) { SPITFORM($action, $formfields, $errors); PAGEFOOTER(); exit(1); } # # Generate a temporary file and write in the data. # if ($action != "delete") { list($usec, $sec) = explode(' ', microtime()); srand((float) $sec + ((float) $usec * 100000)); $foo = rand(); $datafile = "/tmp/$uid-$foo.txt"; if (! ($fp = fopen($datafile, "w"))) { TBERROR("Could not create temporary file $datafile", 1); } fwrite($fp, $formfields[value]); fclose($fp); chmod($datafile, 0666); $command_opts = " -f $datafile $command_opts"; } # # The backend does the actual work. # $pid = $template->pid(); $gid = $template->gid(); TBGroupUnixInfo($pid, $gid, $unix_gid, $unix_name); $retval = SUEXEC($uid, "$pid,$unix_gid", "webtemplate_metadata ". "$command_opts $template_guid/$template_vers", SUEXEC_ACTION_IGNORE); if ($action != "delete") { unlink($datafile); } # # Fatal Error. Report to the user, even though there is not much he can # do with the error. Also reports to tbops. # if ($retval < 0) { SUEXECERROR(SUEXEC_ACTION_CONTINUE); } # User error. Tell user and exit. if ($retval) { SUEXECERROR(SUEXEC_ACTION_USERERROR); return; } header("Location: ". "template_show.php?guid=$template_guid&version=$template_vers");