From fe980a437de0f97a069f10a9eff7031eab819969 Mon Sep 17 00:00:00 2001
From: "psychoticwolf%carolina.rr.com" <psychoticwolf%carolina.rr.com>
Date: Mon, 1 Nov 2004 21:17:15 +0000
Subject: [PATCH] More approval queue and add item fixes. Add duplicate item
 Name check/error, Finish Implementing and hook up trusted mode, Move the
 process_approval() function to a shared location. Bug 267094 and Bug 254925.

---
 webtools/update/developers/additem.php      | 49 ++++++++++----
 webtools/update/developers/approval.php     | 70 +-------------------
 webtools/update/developers/inc_approval.php | 71 +++++++++++++++++++++
 3 files changed, 108 insertions(+), 82 deletions(-)
 create mode 100755 webtools/update/developers/inc_approval.php

diff --git a/webtools/update/developers/additem.php b/webtools/update/developers/additem.php
index ab43b21d4e0..2e49f41f318 100755
--- a/webtools/update/developers/additem.php
+++ b/webtools/update/developers/additem.php
@@ -479,13 +479,39 @@ $description = $_POST["description"];
 $item_id = $_POST["item_id"];
 $guid = $_POST["guid"];
 $type = $_POST["type"];
+
+//Check to ensure tha the name isn't already taken, if it is, throw an error and halt.
+$sql = "SELECT `Name` from `t_main` WHERE `Name`='$name'";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   if (mysql_num_rows($sql_result)=="0") {
+
 if ($_POST["mode"]=="update") { 
 $sql = "UPDATE `t_main` SET `Name`='$name', `Homepage`='$homepage', `Description`='$description', `DateUpdated`=NOW(NULL) WHERE `ID`='$item_id' LIMIT 1";
 } else {
 $sql = "INSERT INTO `t_main` (`GUID`, `Name`, `Type`, `Homepage`,`Description`,`DateAdded`,`DateUpdated`) VALUES ('$guid', '$name', '$type', '$homepage', '$description', NOW(NULL), NOW(NULL));";
 }
  $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
-if ($sql_result) {echo"Updating/Adding record for $name...<br>\n";}
+if ($sql_result) {echo"Updating/Adding record for $name...<br>\n";
+    } else {
+    //Handle Error Case and Abort
+    $failure = "true";
+    echo"Failure to successfully add/update main record. Unrecoverable Error, aborting.<br>\n";
+    include"$page_footer";
+    echo"</body>\n</html>\n";
+    exit;
+    }
+
+} else {
+//Name wasn't unique, error time. :-)
+    //Handle Error Case and Abort
+    $failure = "true";
+    echo"<strong>Error!</strong>The Name for your extension or theme already exists in the Update database.<br>\nCannot Continue, aborting.<br>\n";
+    include"$page_footer";
+    echo"</body>\n</html>\n";
+    exit;
+}
+
+
 
 
 //Get ID for inserted row... if we don't know it already
@@ -643,24 +669,16 @@ foreach ($vid_array as $vid) {
 }
 
 //Approval Queue
-$_SESSION["trusted"]=="FALSE";
- //Trusted User Code Not Yet Implemented, needs a shared function w/ the approval queue
- // for file moving, creation. (and sql updating?)
   //Check if the item belongs to the user, (special case for where admins are trusted, the trust only applies to their own work.)
   $sql = "SELECT `UserID` from `t_authorxref` WHERE `ID`='$id' AND `UserID` = '$_SESSION[uid]' LIMIT 1";
     $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
     if (mysql_num_rows($sql_result)=="1" AND $_SESSION["trusted"]=="TRUE") {
     //User is trusted and the item they're modifying inheirits that trust.
+    include"inc_approval.php"; //Get the resuable process_approval() function.
     $action = "Approval+";
+    $file = $uri;
     $comments = "Auto-Approval for Trusted User";
-    //$typenames = array("E"=>"extensions","T"=>"themes");
-    //$typename = $typenames[$type];
-
-    //$uri = strtolower(str_replace("http://$sitehostname/developers/approvalfile.php/","http://ftp.mozilla.org/pub/mozilla.org/$typename/$itemname/",$newpath));
-    //foreach ($vid_array as $vid) {
-    //   $sql = "UPDATE `t_version` SET `URI`='$uri' WHERE `vID`='$vid'";
-    //   $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
-    //}
+       $approval_result = process_approval($type, $file, "approve");
 
     } else {
     $action="Approval?";
@@ -679,7 +697,12 @@ $sql = "INSERT INTO `t_approvallog` (`ID`, `vID`, `UserID`, `action`, `date`, `c
 
 
 echo"Process Complete...<br><br>\n";
-echo"$name version $version has been added to the Mozilla Update database and is awaiting review by an editor, you will be notified when an editor reviews it.<br>\n";
+echo"$name version $version has been added to the Mozilla Update database";
+if ($_SESSION["trusted"]=="FALSE") { echo"and is awaiting review by an editor, you will be notified when an editor reviews it.";
+} else if ($_SESSION["trusted"]=="TRUE") {
+echo" and has been auto-approved. It should be up on the website within the next half-hour.";
+}
+echo"<br>\n";
 echo"To review or make changes to your submission, visit the <A HREF=\"itemoverview.php?id=$id\">Item Details page</A>...<br>\n";
 
 echo"<br><br>\n";
diff --git a/webtools/update/developers/approval.php b/webtools/update/developers/approval.php
index 5f44e7a366b..b4fca69745c 100755
--- a/webtools/update/developers/approval.php
+++ b/webtools/update/developers/approval.php
@@ -30,75 +30,7 @@ if (!$function or $function=="approvalqueue") {
 ?>
 <?php
 if ($_POST["submit"]=="Submit") {
-
-//Function: process_approval(file, action)
-// Reusable function for handling the approval process, file should be the DB URI and action is either approve or deny.
-// Returns true on success, false on failure.
-
-function process_approval($type, $file, $action) {
-global $connection, $sitehostname, $ftpurl, $repositorypath;
-if ($action=="approve") {
-  $action_comment = "Approval+";
-  $approved = "YES";
- } else if ($action=="deny") {
-  $action_comment = "Approval-";
-  $approved = "NO";
- }
-
-//Firstly, log the comments and action taken..
-$userid = $_SESSION["uid"];
-$sql = "SELECT TM.ID, `Name`, `vID` from `t_main` TM INNER JOIN `t_version` TV ON TM.ID = TV.ID WHERE TV.URI = '$file' ORDER BY `vID` ASC";
-    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
-    while ($row = mysql_fetch_array($sql_result)) {
-      $id = $row["ID"];
-      $vid = $row["vID"];
-      $name = $row["Name"];
-
-global $installation, $uninstallation, $newchrome, $appworks, $visualerrors, $allelementsthemed, $cleanprofile, $worksasdescribed, $testbuild, $testos, $comments;
-        $sql2 = "INSERT INTO `t_approvallog` (`ID`, `vID`, `UserID`, `action`, `date`, `Installation`, `Uninstallation`, `NewChrome`, `AppWorks`, `VisualErrors`, `AllElementsThemed`, `CleanProfile`, `WorksAsDescribed`, `TestBuild`, `TestOS`, `comments`) VALUES ('$id', '$vid', '$userid', '$action_comment', NOW(NULL), '$installation', '$uninstallation', '$newchrome', '$appworks', '$visualerrors', '$allelementsthemed', '$cleanprofile', '$worksasdescribed', '$testbuild', '$testos', '$comments');";
-          $sql_result2 = mysql_query($sql2, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
-          if ($sql_result2) {} else { $operations_failed=="true";}
-    }
-    if ($sql_result) {} else { $operations_failed=="true";}
-
-//Secondly, If Stage 1 was successful (and we're approving the file), let's move the file to it's new home in /ftp/ for staging...
-$filename = str_replace ("http://$sitehostname/developers/approvalfile.php", "$repositorypath/approval", $file);
-if ($action=="approve") {
-    if (file_exists($filename)) {
-        if ($type=="T") {$type="themes";} else if ($type=="E") {$type="extensions";}
-        $path = strtolower("$type/$name");
-        $destination = str_replace("approval",strtolower("ftp/$path"),$filename);
-        $dirpath = "$repositorypath/ftp/$path";
-        if (!file_exists($dirpath)) {
-            mkdir($dirpath,0755);
-        }
-        if (rename("$filename", "$destination")) {
-            //Rename Successfull
-        } else {
-            //Rename Unsuccessfull
-            $operations_failed=="true";
-        }
-        //$ftpurl defined in config.php
-        $uri = str_replace("$repositorypath/ftp","$ftpurl","$destination");
-    }
-
-} else if ($action=="deny") {
-    //We're denying approval on this item, delete the file and set URI to null.
-    if (file_exists($filename)) {unlink($filename); }
-    $uri = "";
-
-}
-
-//Thirdly, update version record...
-$sql = "UPDATE `t_version` SET `URI`='$uri', `approved`='$approved', `DateUpdated`=NOW(NULL) WHERE `URI`='$file'";
- $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
-   if ($sql_result) {} else { $operations_failed=="true";}
-
-@include"mail_approval.php";
-
-if ($operations_failed=="true") { return false; } else { return true; }
-
-}
+include"inc_approval.php"; //Get the resuable process_approval() function.
 
 echo"<h2>Processing changes to approval queue, please wait...</h2>\n";
 //echo"<pre>"; print_r($_POST); echo"</pre>\n";
diff --git a/webtools/update/developers/inc_approval.php b/webtools/update/developers/inc_approval.php
new file mode 100755
index 00000000000..24d5706c06f
--- /dev/null
+++ b/webtools/update/developers/inc_approval.php
@@ -0,0 +1,71 @@
+<?php
+//Function: process_approval(file, action)
+// Reusable function for handling the approval process, file should be the DB URI and action is either approve or deny.
+// Returns true on success, false on failure.
+
+function process_approval($type, $file, $action) {
+global $connection, $sitehostname, $ftpurl, $repositorypath;
+if ($action=="approve") {
+  $action_comment = "Approval+";
+  $approved = "YES";
+ } else if ($action=="deny") {
+  $action_comment = "Approval-";
+  $approved = "NO";
+ }
+
+//Firstly, log the comments and action taken..
+$userid = $_SESSION["uid"];
+$sql = "SELECT TM.ID, `Name`, `vID` from `t_main` TM INNER JOIN `t_version` TV ON TM.ID = TV.ID WHERE TV.URI = '$file' ORDER BY `vID` ASC";
+    $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+    while ($row = mysql_fetch_array($sql_result)) {
+      $id = $row["ID"];
+      $vid = $row["vID"];
+      $name = $row["Name"];
+
+global $installation, $uninstallation, $newchrome, $appworks, $visualerrors, $allelementsthemed, $cleanprofile, $worksasdescribed, $testbuild, $testos, $comments;
+        $sql2 = "INSERT INTO `t_approvallog` (`ID`, `vID`, `UserID`, `action`, `date`, `Installation`, `Uninstallation`, `NewChrome`, `AppWorks`, `VisualErrors`, `AllElementsThemed`, `CleanProfile`, `WorksAsDescribed`, `TestBuild`, `TestOS`, `comments`) VALUES ('$id', '$vid', '$userid', '$action_comment', NOW(NULL), '$installation', '$uninstallation', '$newchrome', '$appworks', '$visualerrors', '$allelementsthemed', '$cleanprofile', '$worksasdescribed', '$testbuild', '$testos', '$comments');";
+          $sql_result2 = mysql_query($sql2, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+          if ($sql_result2) {} else { $operations_failed=="true";}
+    }
+    if ($sql_result) {} else { $operations_failed=="true";}
+
+//Secondly, If Stage 1 was successful (and we're approving the file), let's move the file to it's new home in /ftp/ for staging...
+$filename = str_replace ("http://$sitehostname/developers/approvalfile.php", "$repositorypath/approval", $file);
+if ($action=="approve") {
+    if (file_exists($filename)) {
+        if ($type=="T") {$type="themes";} else if ($type=="E") {$type="extensions";}
+        $path = strtolower("$type/$name");
+        $destination = str_replace("approval",strtolower("ftp/$path"),$filename);
+        $dirpath = "$repositorypath/ftp/$path";
+        if (!file_exists($dirpath)) {
+            mkdir($dirpath,0755);
+        }
+        if (rename("$filename", "$destination")) {
+            //Rename Successfull
+        } else {
+            //Rename Unsuccessfull
+            $operations_failed=="true";
+        }
+        //$ftpurl defined in config.php
+        $uri = str_replace("$repositorypath/ftp","$ftpurl","$destination");
+    }
+
+} else if ($action=="deny") {
+    //We're denying approval on this item, delete the file and set URI to null.
+    if (file_exists($filename)) {unlink($filename); }
+    $uri = "";
+
+}
+
+//Thirdly, update version record...
+$sql = "UPDATE `t_version` SET `URI`='$uri', `approved`='$approved', `DateUpdated`=NOW(NULL) WHERE `URI`='$file'";
+ $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE);
+   if ($sql_result) {} else { $operations_failed=="true";}
+
+@include"mail_approval.php";
+
+if ($operations_failed=="true") { return false; } else { return true; }
+
+}
+
+?>
\ No newline at end of file