■ The user list is sorted and the sorted list is reset. ■ The $pub_every is set to false to indicate that, by default, not everyone is allowed to publish. If the current publisher list ($publishers) is not empty and the publisher ID is 0 (zero), which indicates ‘everyone’ is in the list of $publishers, then the user list in the HTML template shows ‘everyone’ selected as the chosen list of publishers. ■ The $view_every is set to false to indicate that, by default, not every- one is allowed to view. If the current viewer list ($viewers) is not empty and the viewer ID is 0 (zero), which indicates ‘everyone’ is in the list of $viewers, then the user list in the HTML template shows ‘everyone’ selected as the chosen list of viewers. ■ The Web form is displayed using the standard template. The user fills out the Web form and submits the new or existing category for addi- tion or modification, respectively. ◆ deleteDoc(): This method deletes an existing document. The document ID ($nid) must be supplied as a query parameter. It works as follows: ■ If the document ID ($nid) is not found, the method returns NULL. ■ If document ID is provided, a new document object called $docObj is created. ■ Because the user is allowed to delete multiple documents, the $nid can be a list of document IDs, and a loop is used to delete each of the doc- uments mentioned in the list. ■ For each document, it retrieves the header ($heading) using getHeading() on the $docObj. ■ Each document is deleted using deleteDoc(). ■ If a document is deleted successfully, all responses to the document are also deleted using deleteResponsesByDocID(). ■ If there are MOTD messages corresponding to the deleted document, they are removed using deleteMessage()on a Message object called $msgObj. ■ A status message is displayed using showStatusMessage(). ◆ deleteCategory(): This method is used to delete chosen categories. Here is how it works: ■ If the category ID ($cid) list is not supplied as a query parameter, the method shows an alert message and returns null. Otherwise, it creates a Category object called $catObj and uses a loop to delete all the cate- gories mentioned in the category ID list. For each to-be-deleted category, all the documents within the category are also deleted. A Doc object called $docObj is created, and getDocesByCatID() is used to retrieve the entire document IDs for a given to-be-deleted category. If there are 276 Part II: Developing Intranet Solutions 11 549669 ch08.qxd 4/4/03 9:25 AM Page 276 documents in a category, deleteDocsByCatID() is used to delete all the documents in that category. In addition, for each document, all responses are deleted using the deleteResponsesByDocID() method. ■ If the categories are successfully deleted, a status message is shown using showStatusMessage(). A new navigation file is created using generateCategoryNavigator(). ■ If the categories could not be deleted, a status message stating the fail- ure is shown using showStatusMessage(). ◆ deleteResponse(): This method is used to delete a response to a pub- lished document. It works as follows: ■ If the response ID ($rid) list is not supplied as a query parameter, the method shows an alert message and returns null. ■ It creates a Response object called $respObj and uses a loop to delete all the responses mentioned in the response ID list. Each response is deleted using deleteResponse(). ■ If the responses are successfully deleted, a status message is shown using showStatusMessage(). ■ If the responses could not be deleted, a status message stating the fail- ure is shown using showStatusMessage(). ◆ showStatusMessage(): This method displays a message in a template. The method is called with the message ($statusMessage) and it simply loads a template object and displays the message in the template. ◆ authorize(): This method is used to authorize access to this application. It works as follows: ■ It uses getUID() to check whether the current user ID is positive. Because all valid user ID are positive numbers, it creates a DBI object called $user_dbi that points to the central user authentication data- base (USER_DB_URL). ■ A user object called $userObj is created using $user_dbi and the cur- rent user ID. ■ getType() tests whether the current user type is administrator (LD_ADMIN_TYPE). If the current user is of type administrator, the $isAdmin variable is set to TRUE and the method returns true. ■ If the application is called with category name (stored in $cat query parameter), a new Category object called $catObj is created. The cate- gory ID ($cid) for the supplied category ($cat) is retrieved by calling getCategoryIDbyName(). ■ If the current user does not have publishing rights to the current cate- gory, the method returns FALSE. Otherwise, it returns TRUE. Chapter 8: Intranet Simple Document Publisher 277 11 549669 ch08.qxd 4/4/03 9:25 AM Page 277 The document index display application The document index application, ld_mngr.php, shows document indexes for each category or all categories when the category is not specified. This application is included on the CD-ROM in the ch08/apps directory. Here are its methods: ◆ run(): This method is responsible for running the application. It works as follows: ■ It creates a theme object called $themeObj and assigns it to $this- >themeObj . The theme object identifies the user’s preferred theme using getUserTheme(). ■ It calls displayDocHome() to display the document index home page. ◆ authorize(): This method is called by the application to authorize the user. It works as follows: ■ It calls setUserType() to find out if the user is an administrator or a regular user. It returns TRUE if the user is an administrator. ■ If the user is not an administrator, it checks if the category name is passed as a query parameter called $cat. If the category name is passed, a Category object called $catObj is used to call getCategoryIDbyName() to get the category ID ($cid) by the category name ($cat). ■ Using the category ID, the Category object $catObject calls isViewable() to find if the user can view the category. Similarly, it uses isPublishable() to check whether the user can publish in the chosen category. ■ If the user can either view or publish, the method returns TRUE; other- wise, it returns FALSE. ◆ setUserType(): This method sets $this->isAdmin to TRUE if the user is administrator; otherwise, it sets it to FALSE. Here is how it works: ■ It sets the $this->isAdmin variable to FALSE. Therefore, the default is that user is not assumed an administrator. ■ If the current user’s UID is greater than 0, which means valid, then it creates a DBI object called $user_dbi and passes that to the construc- tor of the User object called $userObj. ■ The $userObj calls getType() to find out if the current user’s type matches LD_ADMIN_TYPE. If the user is an administrator, then $this- >isAdmin is set to true. ◆ displayDocHome(): This method displays the document index page for a given category or shows all the categories with their document lists when a category is not provided. It works as follows: 278 Part II: Developing Intranet Solutions 11 549669 ch08.qxd 4/4/03 9:25 AM Page 278 ■ A theme template object called $themeTemplate loads the current user’s template. ■ A template object called $template loads the template file, $templateFile, passed to the method. ■ A Category object called $catObj, a Doc object called $docObj, and a Response object called $resObj are created. ■ If the user did not supply a category name in $cat as a query parame- ter to the application, the method loads all the available categories in the associative array called $categories by calling the getCategories() method of the $catObj. ■ On the other hand, if a category name is supplied in $cat, getCategoryIDbyName() is used to retrieve the category ID in $cid. The $categories list is populated with the current category name and ID as an entry in the associative array. ■ Now the category list $categories is looped to retrieve each category name $cname and category ID $cid. ■ If the current user is not an administrator, the category list check box is set to NULL. This ensures that a regular user cannot select a category to modify or delete. ■ If the current user is not an administrator and she cannot publish in the current category, then the method gets the document list, $docs, for the current category using the getdocsByCatID() method. Otherwise, it gets all the documents for the category by the getAlldocsByCatID() method. ■ If the document list associative array ($docs) is not empty, then the method loops through each document. ■ For each document, the method calls getTotalResponseByDocID() using the Response object $resObj. ■ The total response per document is shown in a listing. ■ If the current user is not an administrator or does not have publishing rights, the check box next to the document is disabled. Otherwise, it is enabled. ■ Using the Category object $catObj, category description is retrieved using getCategoryDesc(). The description text is filtered for slashes using stripslashes() and shown in the template. ■ If the user is an administrator or has publishing rights to the category being displayed, the category and the documents are shown with check boxes that the user can click on to modify or delete the category or document. Chapter 8: Intranet Simple Document Publisher 279 11 549669 ch08.qxd 4/4/03 9:25 AM Page 279 The document details application The document details application, ld_details_mngr.php, shows the details of a document. This application is included on the CD-ROM in the ch08/apps directory. It has the following methods: ◆ run(): This method calls the displayDocDetail() to display the chosen document’s contents. ◆ authorize(): This method sets $this->isAdmin to TRUE if the user is an administrator; otherwise, it sets it to FALSE. Here is how it works: ■ It sets the $this->isAdmin variable to FALSE . Therefore, the default is that user is not assumed an administrator. ■ If the current user’s UID is greater then 0, which means valid, then it creates a DBI object called $user_dbi and passes that to the construc- tor of the User object called $userObj. If the current UID is less then 0, the method returns false and the PHP Application object $DocDetailsMngr aborts the application. ■ The $userObj is used to call the getType() method to find out if the current user’s type matches LD_ADMIN_TYPE. If the user is an adminis- trator, then the $this->isAdmin is set to TRUE. ◆ displayDocDetail(): This method displays the contents of the chosen document. The chosen document ID is supplied by query parameter, $nid. It works as follows: ■ If the $nid is not provided when the application is called, an alert mes- sage is shown and application is aborted by its alert() method. ■ It creates a theme object called $themeTemplate and loads the current user’s theme template. ■ A template object called $template is loaded with the document details template ($LD_DETAILS_TEMPLATE). ■ A document object called $docObj is created. The trackVisit() of the Document object is called to record that this user is visiting the docu- ment page. ■ A Response object called $resObj is created. A response listing called $responses is created by calling the document’s getResponsesByDocID() method. ■ If there are one or more responses for this document, they are linked at the end of the document. Otherwise, the response block section of the template is set to null. 280 Part II: Developing Intranet Solutions 11 549669 ch08.qxd 4/4/03 9:25 AM Page 280 . 9:25 AM Page 277 The document index display application The document index application, ld_mngr .php, shows document indexes for each category or all categories when the category is not specified AM Page 279 The document details application The document details application, ld_details_mngr .php, shows the details of a document. This application is included on the CD-ROM in the ch08/apps. User object called $userObj. If the current UID is less then 0, the method returns false and the PHP Application object $DocDetailsMngr aborts the application. ■ The $userObj is used to call the