1 PACKAGE BODY fnd_document_management AS
2 /* $Header: AFWFDMGB.pls 120.8.12000000.3 2007/02/28 08:01:54 hgandiko ship $ */
3
4 /*
5 ** We need need to fetch URL prefix from WF_WEB_AGENT in wf_resources
6 ** since this function gets called from the forms environment
7 ** which doesn't know anything about the cgi variables.
8 */
9 dm_base_url varchar2(240) := wf_core.translate('WF_WEB_AGENT');
10
11 --
12 -- Error (PRIVATE)
13 -- Print a page with an error message.
14 -- Errors are retrieved from these sources in order:
15 -- 1. wf_core errors
16 -- 2. Oracle errors
17 -- 3. Unspecified INTERNAL error
18 --
19 procedure Error
20 as
21 error_name varchar2(30);
22 error_message varchar2(2000);
23 error_stack varchar2(32000);
24 begin
25 htp.htmlOpen;
26 htp.headOpen;
27 htp.title(wf_core.translate('ERROR'));
28 htp.headClose;
29
30 begin
31 wfa_sec.Header(background_only=>TRUE);
32 exception
33 when others then
34 htp.bodyOpen;
35 end;
36
37 htp.header(nsize=>1, cheader=>wf_core.translate('ERROR'));
38
39 wf_core.get_error(error_name, error_message, error_stack);
40
41 -- Bug5161758 - XSS
42 error_message := wf_core.substitutespecialchars(error_message);
43 error_stack := wf_core.substitutespecialchars(error_stack);
44
45 if (error_name is not null) then
46 htp.p(error_message);
47 else
48 htp.p(sqlerrm);
49 end if;
50
51 htp.hr;
52 htp.p(wf_core.translate('WFENG_ERRNAME')||': '||error_name);
53 htp.br;
54 htp.p(wf_core.translate('WFENG_ERRSTACK')||': '||
55 replace(error_stack,wf_core.newline,'<br>'));
56
57 wfa_sec.Footer;
58 htp.htmlClose;
59 end Error;
60
61 /*===========================================================================
62
63 Procedure get_product_parameter_list
64
65 Purpose Retrieves the parameters for a specific implementation for
66 a function and product
67
68 ============================================================================*/
69 PROCEDURE get_product_parameter_list
70 (product_function_id IN NUMBER,
71 parameter_list OUT NOCOPY fnd_document_management.fnd_dm_product_parms_tbl_type
72 )
73 IS
74
75 /*
76 ** c_fetch_function_parameters fetches the parameters for a specific
77 ** implementation of a function by a DM vendor
78 */
79 CURSOR c_fetch_function_parameters
80 (c_product_function_id IN Number) IS
81 SELECT dmparm.parameter_name,
82 dmprod.parameter_syntax
83 FROM fnd_dm_function_parameters dmparm,
84 fnd_dm_product_parm_syntax dmprod
85 WHERE dmprod.product_function_id = c_product_function_id
86 AND dmprod.parameter_id = dmparm.parameter_id
87 ORDER BY dmparm.parameter_name;
88
89 l_record_num NUMBER := 0;
90
91 BEGIN
92
93 /*
94 ** Fetch the parameters for the display function for the vendor
95 ** that is installed on the selected node
96 */
97 OPEN c_fetch_function_parameters(product_function_id);
98
99 /*
100 ** Loop through all the parameters for the given function
101 ** building the l_parameter_list variable
102 */
103 LOOP
104
105 l_record_num := l_record_num + 1;
106
107 FETCH c_fetch_function_parameters INTO
108 parameter_list(l_record_num);
109
110 EXIT WHEN c_fetch_function_parameters%NOTFOUND;
111
112
113 END LOOP;
114
115 EXCEPTION
116 WHEN OTHERS THEN
117 Wf_Core.Context('fnd_document_management',
118 'get_product_parameter_list',
119 to_char(product_function_id));
120 RAISE;
121
122 END get_product_parameter_list;
123
124 /*===========================================================================
125
126 Procedure get_function_definition
127
128 Purpose Retrieves the node and function definition for a give node
129 function and vendor who is servicing that node.
130
131 ============================================================================*/
132 PROCEDURE get_function_definition
133 (p_node_id IN NUMBER,
134 p_function_name IN VARCHAR2,
135 p_node_syntax OUT NOCOPY VARCHAR2,
136 p_product_id OUT NOCOPY NUMBER,
137 p_function_syntax OUT NOCOPY VARCHAR2,
138 p_product_function_id OUT NOCOPY NUMBER,
139 p_icon_name OUT NOCOPY VARCHAR2)
140
141 IS
142
143 BEGIN
144
145 /*
146 ** See if you can find the name in the document management reference system
147 ** Get the URL prefix for the route to the DM host and the product id
148 ** Also get the appropriate syntax for a display function for the vendor
149 ** that is servicing this particular node.
150 */
151 BEGIN
152
153 SELECT dmnode.connect_syntax,
154 dmnode.product_id,
155 dmprod.function_syntax,
156 dmprod.product_function_id,
157 dmfunc.icon_name
158 INTO p_node_syntax,
159 p_product_id,
160 p_function_syntax,
161 p_product_function_id,
162 p_icon_name
163 FROM fnd_dm_product_function_syntax dmprod,
164 fnd_dm_functions dmfunc,
165 fnd_dm_nodes dmnode
166 WHERE dmnode.node_id = p_node_id
167 AND dmnode.product_id = dmprod.product_id
168 AND dmfunc.function_name = p_function_name
169 AND dmprod.function_id = dmfunc.function_id;
170
171 /*
172 ** No data found is an exceptable response for this query. It means that
173 ** the fetch function is not supported by the particular dm vendor
174 ** software. I can't imagine what vendor would not support a fetch
175 ** function but who knows. Set the display_document_URL to null in
176 ** this case.
177 */
178 EXCEPTION
179 WHEN no_data_found THEN
180 p_node_syntax := NULL;
181 p_product_id := 0;
182 p_function_syntax := NULL;
183 p_product_function_id := 0;
184 p_icon_name := NULL;
185 WHEN OTHERS THEN
186 Wf_Core.Context('fnd_document_management',
187 'get_function_defintion',
188 to_char(p_node_id),
189 p_function_name);
190 RAISE;
191
192 END;
193
194 EXCEPTION
195 WHEN OTHERS THEN
196 Wf_Core.Context('fnd_document_management',
197 'get_function_defintion',
198 to_char(p_node_id),
199 p_function_name);
200 RAISE;
201
202 END get_function_definition;
203
204 /*===========================================================================
205
206 Procedure create_html_syntax
207
208 Purpose Create the proper syntax for displaying the function
209 and the associate icon with proper HTML syntax.
210
211 ============================================================================*/
212 PROCEDURE create_html_syntax
213 (p_html_formatting IN BOOLEAN,
214 p_function_name IN VARCHAR2,
215 p_node_connect_syntax IN VARCHAR2,
216 p_function_syntax IN VARCHAR2,
217 p_parameter_syntax IN VARCHAR2,
218 p_resource_name IN VARCHAR2,
219 p_icon_name IN VARCHAR2,
220 p_document_html OUT NOCOPY VARCHAR2)
221
222 IS
223
224 BEGIN
225
226 /*
227 ** Check if the caller wishes to construct html syntax that includes
228 ** the appropriate icon and tranlated function name for this URL.
229 */
230 IF (p_html_formatting = TRUE AND p_function_syntax IS NOT NULL) THEN
231
232 /*
233 ** Populate the display_document_URL with the full HTML syntax to
234 ** draw and icon and a function name for the display function.
235 ** Also get the translated string for the function display name
236 */
237 if (p_function_name IN ('get_search_document_url',
238 'get_create_document_url',
239 'get_browse_document_url')) THEN
240 p_document_html :=
241 '<IMG SRC="'||wfa_html.image_loc||p_icon_name||'" alt="' ||
242 p_resource_name || '">'||
243 '<A HREF="javascript:fnd_open_dm_attach_window(' || '''' ||
244 p_node_connect_syntax||p_function_syntax||p_parameter_syntax||
245 '''' ||
246 ', 700, 600)">'||
247 p_resource_name ||
248 ' </A>';
249
250 else
251
252 p_document_html :=
253 '<IMG SRC="'||wfa_html.image_loc||p_icon_name||'" alt="' ||
254 p_resource_name || '">'||
255 '<A HREF="javascript:fnd_open_dm_display_window(' || '''' ||
256 p_node_connect_syntax||p_function_syntax||p_parameter_syntax||
257 '''' ||
258 ', 700, 600)">'||
259 p_resource_name ||
260 ' </A>';
261 end if;
262
263 ELSIF (p_function_syntax IS NOT NULL) THEN
264
265 /*
266 ** Populate the display_document_URL with just the sting for the URL
267 ** and leave the formatting up to the caller.
268 */
269 p_document_html :=
270 p_node_connect_syntax||p_function_syntax||p_parameter_syntax;
271
272 ELSE
273
274 p_document_html := null;
275
276 END IF;
277
278 EXCEPTION
279 WHEN OTHERS THEN
280 Wf_Core.Context('fnd_document_management',
281 'create_html_syntax',
282 p_function_name,
283 p_node_connect_syntax,
284 p_function_syntax,
285 p_parameter_syntax,
286 p_resource_name);
287 RAISE;
288
289 END create_html_syntax;
290
291
292 /*===========================================================================
293
294 Function get_launch_document_url
295
296 Purpose Set up the anchor to launch a new window with a frameset
297 with two frames. The upper frame has all the controls.
298 The lower frame displays the document.
299
300 ============================================================================*/
301 PROCEDURE get_launch_document_url
302 (username IN Varchar2,
303 document_identifier IN Varchar2,
304 display_icon IN Boolean,
305 launch_document_URL OUT NOCOPY Varchar2) IS
306
307 l_product_id Number := 0;
308 l_dm_node_id Number := 0;
309 l_document_id Varchar2(30) := NULL;
310 l_version Varchar2(10) := NULL;
311 l_document_name Varchar2(240) := NULL;
312 l_username Varchar2(320); -- Username to query /*Bug2001012*/
313 l_document_url Varchar2(4000) := NULL;
314 l_document_attributes fnd_document_management.fnd_document_attributes;
315 l_dummy boolean; -- Bug5161758 HTML injection
316
317 BEGIN
318 -- Bug5161758 HTML injection
319 begin
320 l_dummy := wf_core.CheckIllegalChars(username,true);
321 exception
322 when OTHERS then
323 fnd_document_management.error;
324 return;
325 end;
326 l_username := upper(username);
327
328 /*
329 ** get all the components of the document attribute
330 */
331 fnd_document_management.ParseDocInfo(document_identifier,
332 l_dm_node_id,
333 l_document_id,
337 ** get the product that is installed for that dm node
334 l_version);
335
336 /*
338 */
339 SELECT MAX(PRODUCT_ID)
340 INTO l_product_id
341 FROM fnd_dm_nodes
342 WHERE node_id = l_dm_node_id;
343
344
345 /*
346 ** get all the components of the document anchor
347 */
348 IF (display_icon = FALSE) THEN
349
350 /*
351 ** If the product id = 1 then this is an Internet Documents install
352 ** We do not display the multiframe window in this case with the
353 ** control bar on top. Internet documents has their own toolbar and
354 ** has their own mechanism for controlling the DM options.
355 */
356 IF (l_product_id = 1) THEN
357
358 /*
359 ** Get the HTML text for displaying the document
360 */
361 fnd_document_management.get_display_document_url (
362 l_username,
363 document_identifier,
364 FALSE,
365 FALSE,
366 l_document_url);
367
368 launch_document_URL := l_document_url;
369
370 ELSE
371
372 launch_document_URL := dm_base_url||
373 '/fnd_document_management.create_display_document_url?'||
374 'document_identifier='||
375 wfa_html.conv_special_url_chars(document_identifier)||
376 '&username='||l_username;
377
378 END IF;
379
380 ELSE
381
382 /*
383 ** get the document name
384 */
385 fnd_document_management.get_document_attributes(l_username,
386 document_identifier,
387 l_document_attributes);
388
389
390 l_document_name := l_document_attributes.document_name;
391
392 /*
393 ** If the product id = 1 then this is an Internet Documents install
394 ** We do not display the multiframe window in this case with the
395 ** control bar on top. Internet documents has their own toolbar and
396 ** has their own mechanism for controlling the DM options.
397 */
398 IF (l_product_id = 1) THEN
399
400 /*
401 ** Get the HTML text for displaying the document
402 */
403 fnd_document_management.get_display_document_url (
404 l_username,
405 document_identifier,
406 FALSE,
407 FALSE,
408 l_document_url);
409
410 launch_document_URL :=
411 '<A HREF="javascript:fnd_open_dm_display_window(' || '''' ||
412 l_document_url||
413 '''' ||
414 ', 700, 600)">'||
415 l_document_name||
416 ' </A>';
417
418 ELSE
419
420 launch_document_URL :=
421 '<A HREF="javascript:fnd_open_dm_display_window(' || '''' ||
422 dm_base_url||
423 '/fnd_document_management.create_display_document_url?'||
424 'document_identifier='||
425 wfa_html.conv_special_url_chars(document_identifier)||
426 '&username='||l_username||
427 '''' ||
428 ', 700, 600)">'||
429 l_document_name||
430 ' </A>';
431
432 END IF;
433
434 END IF;
435
436 EXCEPTION
437 WHEN OTHERS THEN
438 Wf_Core.Context('fnd_document_management',
439 'get_launch_document_url',
440 document_identifier);
441 RAISE;
442
443 END get_launch_document_url;
444
445 /*===========================================================================
446
447 Function create_display_document_url
448
449 Purpose Launches the toolbar in one frame for the document
450 operations and then creates another frame to display
451 the document.
452
453 ============================================================================*/
454 PROCEDURE create_display_document_url
455 (username IN Varchar2,
456 document_identifier IN Varchar2) IS
457
458 l_dm_node_id Number := 0;
459 l_document_id Varchar2(30) := NULL;
460 l_version Varchar2(10) := NULL;
461 l_document_url Varchar2(2000) := NULL;
462 l_dummy boolean; -- Bug5161758 HTML injection
463
464 BEGIN
465 -- Bug5161758 HTML injection
466 begin
467 l_dummy := wf_core.CheckIllegalChars(username,true);
468 exception
469 when OTHERS then
470 fnd_document_management.error;
471 return;
472 end;
473
474 /*
475 ** Create the top header frameset and the bottom summary/detail frameset
476 */
477 htp.p ('<FRAMESET ROWS="15%,85%" BORDER=0 LONGDESC="'||
478 owa_util.get_owa_service_path ||
479 'wfa_html.LongDesc?p_token=WFDM_LONGDESC">');
480
481 /*
482 ** Create the header frame
483 */
484 htp.p ('<FRAME NAME=CONTROLS '||
485 'SRC='||
489 wfa_html.conv_special_url_chars(document_identifier)||
486 dm_base_url||
487 '/fnd_document_management.create_document_toolbar?'||
488 'document_identifier='||
490 '&username='||username||
491 ' MARGINHEIGHT=10 MARGINWIDTH=10 '||
492 'SCROLLING="NO" NORESIZE FRAMEBORDER=YES LONGDESC="'||
493 owa_util.get_owa_service_path ||
494 'wfa_html.LongDesc?p_token=WFDM_LONGDESC">');
495
496 /*
497 ** Get the HTML text for displaying the document
498 */
499 fnd_document_management.get_display_document_url (
500 username,
501 document_identifier,
502 FALSE,
503 FALSE,
504 l_document_url);
505
506 htp.p ('<FRAME NAME=DOCUMENT '||
507 'SRC='||
508 l_document_url ||
509 ' MARGINHEIGHT=10 MARGINWIDTH=10 '||
510 'NORESIZE SCROLLING="YES" FRAMEBORDER=NO LONGDESC="'||
511 owa_util.get_owa_service_path ||
512 'wfa_html.LongDesc?p_token=WFDM_LONGDESC">');
513
514 /*
515 ** Close the summary/details frameset
516 */
517 htp.p ('</FRAMESET>');
518
519 EXCEPTION
520 WHEN OTHERS THEN
521 Wf_Core.Context('fnd_document_management',
522 'create_display_document_url',
523 document_identifier);
524 RAISE;
525
526 END create_display_document_url;
527
528
529 /*===========================================================================
530 Function get_search_document_url
531
532 Purpose Bring up a search window to allow the user to find a
533 document in their document management system. The function
534 does not take a document system argument because you'll
535 be first asked to choose which document management
536 system to search before given the actual search criteria.
537
538 The challenge here is to return the DM system id, the
539 document id, and the document name for the document that
540 you've selected during your search process. We'll likely
541 need our DM software partners to add new arguments to their
542 standard URL syntax to allow for extra url links/icons that
543 refer to Oracle Application functions that will allow us to
544 return the selected documents that you wish to attach to your
545 application business objects. The extra arguments would be
546 pushed into the standard HTML templates so you can execute
547 these functions when you've selected the appropriate document.
548
549 ============================================================================*/
550 PROCEDURE get_search_document_url
551 (username IN Varchar2,
552 callback_function IN Varchar2,
553 html_formatting IN Boolean,
554 search_document_URL OUT NOCOPY Varchar2) IS
555
556 l_product_id Number := 0;
557 l_product_function_id Number := 0;
558 l_record_num Number := 0;
559 l_node_connect_syntax Varchar2(240) := '';
560 l_parameter_str Varchar2(4000) := '';
561 l_function_syntax Varchar2(4000) := '';
562 l_icon_name Varchar2(40) := '';
563 l_parameter_list fnd_document_management.fnd_dm_product_parms_tbl_type;
564 l_username Varchar2(320); -- Username to query
565 l_dm_node_id Number; -- Document Management Home preference
566 l_dm_node_name Varchar2(240);
567 l_dummy boolean; -- Bug5161758 HTML injection
568
569 BEGIN
570 -- Bug5161758 HTML injection
571 begin
572 l_dummy := wf_core.CheckIllegalChars(username,true);
573 exception
574 when OTHERS then
575 fnd_document_management.error;
576 return;
577 end;
578 l_username := upper(username);
579
580 -- get the document management home node information
581 fnd_document_management.get_dm_home (l_username, l_dm_node_id, l_dm_node_name);
582
583 /*
584 ** Get the URL prefix for the route to the DM host and the product id
585 ** Also get the appropriate syntax for a search function for the vendor
586 ** that is servicing this particular node.
587 */
588 get_function_definition (l_dm_node_id,
589 'get_search_document_url',
590 l_node_connect_syntax,
591 l_product_id,
592 l_function_syntax,
593 l_product_function_id,
594 l_icon_name);
595
596 /*
597 ** Go get the parameters for this function for the specific
598 ** vendor software that is servicing this particular node
599 */
600 IF (l_function_syntax IS NOT NULL) THEN
601
602 /*
603 ** Get the parameters for the search function
604 */
605 get_product_parameter_list (l_product_function_id,
606 l_parameter_list);
607
608 /*
609 ** Loop through the parameter list filling in the corresponding
610 ** values
611 */
612 FOR l_record_num IN 1..l_parameter_list.count LOOP
613
614 /*
618 IF (INSTR(l_parameter_str, '?') > 0 OR
615 ** Determine which argument separator to add
616 */
617
619 INSTR(l_function_syntax, '?') > 0) THEN
620
621 l_parameter_str := l_parameter_str || '&';
622
623 ELSE
624
625 l_parameter_str := l_parameter_str || '?';
626
627 END IF;
628
629 IF (l_parameter_list(l_record_num).parameter_name = 'CALLBACK') THEN
630
631 l_parameter_str := l_parameter_str ||
632 l_parameter_list(l_record_num).parameter_syntax ||
633 callback_function;
634
635 ELSIF (l_parameter_list(l_record_num).parameter_name = 'USERNAME') THEN
636
637 l_parameter_str := l_parameter_str ||
638 l_parameter_list(l_record_num).parameter_syntax ||
639 username;
640
641 ELSIF (l_parameter_list(l_record_num).parameter_name = 'TICKET') THEN
642
643 l_parameter_str := l_parameter_str ||
644 l_parameter_list(l_record_num).parameter_syntax ||
645 fnd_document_management.get_ticket(username);
646
647 END IF;
648
649 END LOOP;
650
651 END IF;
652
653 /*
654 ** Create the proper html syntax for the document function
655 */
656 create_html_syntax (html_formatting,
657 'get_search_document_url',
658 l_node_connect_syntax,
659 l_function_syntax,
660 l_parameter_str,
661 'WFDM_SEARCH',
662 l_icon_name,
663 search_document_url);
664
665 EXCEPTION
666 WHEN OTHERS THEN
667 Wf_Core.Context('fnd_document_management',
668 'get_search_document_url');
669 RAISE;
670
671 END get_search_document_url;
672
673 /*===========================================================================
674 Function get_create_document_url
675
676 Purpose Create a new document in your Document Management System
677 for a local file stored on your file system.
678
679 The challenge here is to return the DM system name and the
680 document id/name for the document that you've just added to
681 the DM system. If your in the attachments form and you've
682 attached a file, you may wish to add that file to a DM
683 system by clicking on the Create New link. Once you provide
684 all the meta data for that document in the DM system we'll
685 need to push the document information back to the creating
686 application object. We'll likely need our DM software
687 partners to add new arguments to their standard URL
688 syntax to allow for extra url links/icons that refer to
689 Oracle Application functions that will allow us to return
690 the selected document id information once you've created
691 your document. The extra arguments would be pushed into
692 the standard HTML templates so you can execute these
693 functions when you've selected the created the document.
694
695 ============================================================================*/
696 PROCEDURE get_create_document_url
697 (username IN Varchar2,
698 callback_function IN Varchar2,
699 html_formatting IN Boolean,
700 create_document_URL OUT NOCOPY Varchar2) IS
701
702 l_product_id Number := 0;
703 l_product_function_id Number := 0;
704 l_record_num Number := 0;
705 l_node_connect_syntax Varchar2(240) := '';
706 l_parameter_str Varchar2(4000) := '';
707 l_function_syntax Varchar2(4000) := '';
708 l_icon_name Varchar2(40) := '';
709 l_parameter_list fnd_document_management.fnd_dm_product_parms_tbl_type;
710 l_username Varchar2(320); -- Username to query
711 l_dm_node_id Number; -- Document Management Home preference
712 l_dm_node_name Varchar2(240);
713 l_browser varchar2(400);
714 l_callback_function Varchar2(4000);
715 l_dummy boolean; -- Bug5161758 HTML injection
716
717 BEGIN
718 -- Bug5161758 HTML injection
719 begin
720 l_dummy := wf_core.CheckIllegalChars(username,true);
721 exception
722 when OTHERS then
723 fnd_document_management.error;
724 return;
725 end;
726 /*
727 ** The forms attachments interface calls this same function to
728 ** get the proper url to attach a document to a business object.
729 ** Since the forms launch process is not within a browser the
730 ** owa_util variables will not be available when this string
731 ** gets created. We check here whether your calling this from
732 ** a web interface or a forms interface.
733 */
734 IF (html_formatting = TRUE) THEN
735
736 l_browser := owa_util.get_cgi_env('HTTP_USER_AGENT');
737
738 ELSE
739
740 l_browser := 'NETSCAPE';
741
742 END IF;
743
747 fnd_document_management.get_dm_home (l_username, l_dm_node_id, l_dm_node_name);
744 l_username := upper(username);
745
746 -- get the document management home node information
748
749
750 /*
751 ** This is a total hack but it must be done for now for simplicity of
752 ** the interface. Netscape has another layer of objects that must
753 ** be referenced when calling it through javascript. Thus if you
754 ** are not using IE then add another opener.parent to the hierarchy.
755 ** We have two different calls because it depends if you are calling
756 ** this from the multiframe response window or from a single frame window.
757 */
758 IF (instr(owa_util.get_cgi_env('HTTP_USER_AGENT'), 'MSIE') = 0) THEN
759
760 l_callback_function := REPLACE(callback_function,
761 'opener.parent.bottom.document',
762 'opener.parent.opener.parent.bottom.document');
763
764
765 l_callback_function := REPLACE(l_callback_function,
766 'top.opener.parent.document',
767 'top.parent.opener.parent.opener.document');
768
769 ELSE
770
771 l_callback_function := callback_function;
772
773 END IF;
774
775 /*
776 ** Get the URL prefix for the route to the DM host and the product id
777 ** Also get the appropriate syntax for a create function for the vendor
778 ** that is servicing this particular node.
779 */
780 get_function_definition (l_dm_node_id,
781 'get_create_document_url',
782 l_node_connect_syntax,
783 l_product_id,
784 l_function_syntax,
785 l_product_function_id,
786 l_icon_name);
787
788 /*
789 ** Go get the parameters for this function for the specific
790 ** vendor software that is servicing this particular node
791 */
792 IF (l_function_syntax IS NOT NULL) THEN
793
794 /*
795 ** Get the parameters for the create function
796 */
797 get_product_parameter_list (l_product_function_id,
798 l_parameter_list);
799
800 /*
801 ** Loop through the parameter list filling in the corresponding
802 ** values
803 */
804 /*
805 ** Loop through the parameter list filling in the corresponding
806 ** values
807 */
808 FOR l_record_num IN 1..l_parameter_list.count LOOP
809
810 /*
811 ** Determine which argument separator to add
812 */
813
814 IF (INSTR(l_parameter_str, '?') > 0 OR
815 INSTR(l_function_syntax, '?') > 0) THEN
816
817 l_parameter_str := l_parameter_str || '&';
818
819 ELSE
820
821 l_parameter_str := l_parameter_str || '?';
822
823 END IF;
824
825 IF (l_parameter_list(l_record_num).parameter_name = 'CALLBACK') THEN
826
827 l_parameter_str := l_parameter_str ||
828 l_parameter_list(l_record_num).parameter_syntax ||
829 l_callback_function;
830
831 ELSIF (l_parameter_list(l_record_num).parameter_name = 'USERNAME') THEN
832
833 l_parameter_str := l_parameter_str ||
834 l_parameter_list(l_record_num).parameter_syntax ||
835 username;
836
837 ELSIF (l_parameter_list(l_record_num).parameter_name = 'TICKET') THEN
838
839 l_parameter_str := l_parameter_str ||
840 l_parameter_list(l_record_num).parameter_syntax ||
841 fnd_document_management.get_ticket(username);
842
843 END IF;
844
845 END LOOP;
846
847 END IF;
848
849 /*
850 ** Create the proper html syntax for the document function
851 */
852 create_html_syntax (html_formatting,
853 'get_create_document_url',
854 l_node_connect_syntax,
855 l_function_syntax,
856 l_parameter_str,
857 'WFDM_CREATE',
858 l_icon_name,
859 create_document_url);
860
861 EXCEPTION
862 WHEN OTHERS THEN
863 Wf_Core.Context('fnd_document_management',
864 'get_create_document_url',
865 callback_function);
866 RAISE;
867
868 END get_create_document_url;
869
870 /*===========================================================================
871 Function get_browse_document_url
872
873 Purpose Browse through a folder hierarchy and choose the document
874 you wish to attach then return that document to the calling
875 application.
876
877 The challenge here is to return the DM system name and the
878 document id/name for the document that you've selected in
882 system we'll need to push the document information
879 the DM system. If your in the attachments form and you've
880 attached a file, you may wish to select a file using the
881 browse feature. Once you select a document in the DM
883 back to the creating application object. We'll likely
884 need our DM software
885 partners to add new arguments to their standard URL
886 syntax to allow for extra url links/icons that refer to
887 Oracle Application functions that will allow us to return
888 the selected document id information once you've created
889 your document. The extra arguments would be pushed into
890 the standard HTML templates so you can execute these
891 functions when you've selected the created the document.
892
893 ============================================================================*/
894 PROCEDURE get_browse_document_url
895 (username IN Varchar2,
896 callback_function IN Varchar2,
897 html_formatting IN Boolean,
898 browse_document_URL OUT NOCOPY Varchar2) IS
899
900 l_product_id Number := 0;
901 l_product_function_id Number := 0;
902 l_record_num Number := 0;
903 l_node_connect_syntax Varchar2(240) := '';
904 l_parameter_str Varchar2(4000) := '';
905 l_function_syntax Varchar2(4000) := '';
906 l_icon_name Varchar2(40) := '';
907 l_parameter_list fnd_document_management.fnd_dm_product_parms_tbl_type;
908 l_username Varchar2(320); -- Username to query
909 l_dm_node_id Number; -- Document Management Home preference
910 l_dm_node_name Varchar2(240);
911 l_dummy boolean; -- Bug5161758 HTML injection
912
913 BEGIN
914 -- Bug5161758 HTML injection
915 begin
916 l_dummy := wf_core.CheckIllegalChars(username,true);
917 exception
918 when OTHERS then
919 fnd_document_management.error;
920 return;
921 end;
922 l_username := upper(username);
923
924 -- get the document management home node information
925 fnd_document_management.get_dm_home (l_username, l_dm_node_id, l_dm_node_name);
926
927 /*
928 ** Get the URL prefix for the route to the DM host and the product id
929 ** Also get the appropriate syntax for a create function for the vendor
930 ** that is servicing this particular node.
931 */
932 get_function_definition (l_dm_node_id,
933 'get_browse_document_url',
934 l_node_connect_syntax,
935 l_product_id,
936 l_function_syntax,
937 l_product_function_id,
938 l_icon_name);
939
940 /*
941 ** Go get the parameters for this function for the specific
942 ** vendor software that is servicing this particular node
943 */
944 IF (l_function_syntax IS NOT NULL) THEN
945
946 /*
947 ** Get the parameters for the create function
948 */
949 get_product_parameter_list (l_product_function_id,
950 l_parameter_list);
951
952 /*
953 ** Loop through the parameter list filling in the corresponding
954 ** values
955 */
956 /*
957 ** Loop through the parameter list filling in the corresponding
958 ** values
959 */
960 FOR l_record_num IN 1..l_parameter_list.count LOOP
961
962 /*
963 ** Determine which argument separator to add
964 */
965
966 IF (INSTR(l_parameter_str, '?') > 0 OR
967 INSTR(l_function_syntax, '?') > 0) THEN
968
969 l_parameter_str := l_parameter_str || '&';
970
971 ELSE
972
973 l_parameter_str := l_parameter_str || '?';
974
975 END IF;
976
977 IF (l_parameter_list(l_record_num).parameter_name = 'CALLBACK') THEN
978
979 l_parameter_str := l_parameter_str ||
980 l_parameter_list(l_record_num).parameter_syntax ||
981 callback_function;
982
983 ELSIF (l_parameter_list(l_record_num).parameter_name = 'USERNAME') THEN
984
985 l_parameter_str := l_parameter_str ||
986 l_parameter_list(l_record_num).parameter_syntax ||
987 username;
988
989 ELSIF (l_parameter_list(l_record_num).parameter_name = 'TICKET') THEN
990
991 l_parameter_str := l_parameter_str ||
992 l_parameter_list(l_record_num).parameter_syntax ||
993 fnd_document_management.get_ticket(username);
994
995 END IF;
996
997 END LOOP;
998
999 END IF;
1000
1001 /*
1002 ** Create the proper html syntax for the document function
1003 */
1004 create_html_syntax (html_formatting,
1005 'get_browse_document_url',
1006 l_node_connect_syntax,
1007 l_function_syntax,
1008 l_parameter_str,
1009 'WFDM_BROWSE',
1013 EXCEPTION
1010 l_icon_name,
1011 browse_document_url);
1012
1014 WHEN OTHERS THEN
1015 Wf_Core.Context('fnd_document_management',
1016 'get_browse_document_url',
1017 callback_function);
1018 RAISE;
1019
1020 END get_browse_document_url;
1021
1022 /*===========================================================================
1023
1024 Function get_display_document_url
1025
1026 Purpose Invoke the appropriate document viewer for the selected
1027 document. This function will show the latest document version
1028 for the item selected. Most document management systems
1029 support a wide range of document formats for viewing.
1030 We will rely on the document management system to
1031 display the document in it's native format whenever possible.
1032
1033 ============================================================================*/
1034 PROCEDURE get_display_document_url
1035 (username IN Varchar2,
1036 document_identifier IN Varchar2,
1037 show_document_icon IN Boolean,
1038 html_formatting IN Boolean,
1039 display_document_URL OUT NOCOPY Varchar2) IS
1040
1041 l_dm_node_id Number := 0;
1042 l_document_id Varchar2(30) := NULL;
1043 l_version Varchar2(10) := NULL;
1044 l_document_name Varchar2(240) := NULL;
1045 l_product_id Number := 0;
1046 l_product_function_id Number := 0;
1047 l_record_num Number := 0;
1048 l_node_connect_syntax Varchar2(240) := NULL;
1049 l_parameter_str Varchar2(4000) := NULL;
1050 l_function_syntax Varchar2(4000) := NULL;
1051 l_icon_name Varchar2(40) := NULL;
1052 l_parameter_list fnd_document_management.fnd_dm_product_parms_tbl_type;
1053 l_document_attributes fnd_document_management.fnd_document_attributes;
1054 l_username VARCHAR2(320) := NULL;
1055 l_dummy boolean; -- Bug5161758 HTML injection
1056
1057 BEGIN
1058 -- Bug5161758 HTML injection
1059 begin
1060 l_dummy := wf_core.CheckIllegalChars(username,true);
1061 exception
1062 when OTHERS then
1063 fnd_document_management.error;
1064 return;
1065 end;
1066 l_username := upper(username);
1067
1068 /*
1069 ** get all the components of the document attribute
1070 */
1071 fnd_document_management.ParseDocInfo(document_identifier,
1072 l_dm_node_id,
1073 l_document_id,
1074 l_version);
1075
1076 /*
1077 ** If you're calling this with full html formatting to include the
1078 ** document title in the link then go get the document title from
1079 ** the dm system. This is a very expensive operation and is not
1080 ** recommended
1081 */
1082 IF (html_formatting = TRUE) THEN
1083
1084 /*
1085 ** get the document name
1086 */
1087 fnd_document_management.get_document_attributes(l_username,
1088 document_identifier,
1089 l_document_attributes);
1090
1091 l_document_name := l_document_attributes.document_name;
1092
1093 ELSE
1094
1095 l_document_name := NULL;
1096
1097 END IF;
1098
1099 /*
1100 ** Get the URL prefix for the route to the DM host and the product id
1101 ** Also get the appropriate syntax for a display function for the vendor
1102 ** that is servicing this particular node.
1103 */
1104 get_function_definition (l_dm_node_id,
1105 'get_display_document_url',
1106 l_node_connect_syntax,
1107 l_product_id,
1108 l_function_syntax,
1109 l_product_function_id,
1110 l_icon_name);
1111
1112 /*
1113 ** Go get the parameters for this function for the specific
1114 ** vendor software that is servicing this particular node
1115 */
1116 IF (l_function_syntax IS NOT NULL) THEN
1117
1118 /*
1119 ** Get the parameters for the search function
1120 */
1121 get_product_parameter_list (l_product_function_id,
1122 l_parameter_list);
1123
1124 /*
1125 ** Loop through the parameter list filling in the corresponding
1126 ** values
1127 */
1128 FOR l_record_num IN 1..l_parameter_list.count LOOP
1129
1130 /*
1131 ** Determine which argument separator to add
1132 */
1133 IF (INSTR(l_parameter_str, '?') > 0 OR
1134 INSTR(l_function_syntax, '?') > 0) THEN
1135 l_parameter_str := l_parameter_str || '&';
1136 ELSE
1137 l_parameter_str := l_parameter_str || '?';
1138 END IF;
1139
1140 IF (l_parameter_list(l_record_num).parameter_name = 'DOCUMENT_ID') THEN
1141 l_parameter_str := l_parameter_str ||
1142 l_parameter_list(l_record_num).parameter_syntax ||
1143 l_document_id;
1147 wfa_html.conv_special_url_chars(l_username); -- Bug5161758 - XSS
1144 ELSIF (l_parameter_list(l_record_num).parameter_name = 'USERNAME') THEN
1145 l_parameter_str := l_parameter_str ||
1146 l_parameter_list(l_record_num).parameter_syntax ||
1148 ELSIF (l_parameter_list(l_record_num).parameter_name = 'TICKET') THEN
1149 l_parameter_str := l_parameter_str ||
1150 l_parameter_list(l_record_num).parameter_syntax ||
1151 wfa_html.conv_special_url_chars(
1152 fnd_document_management.get_ticket(l_username)); -- Bug5161758 - XSS
1153 END IF;
1154
1155 END LOOP;
1156
1157 END IF;
1158
1159 /*
1160 ** Create the proper html syntax for the document function
1161 */
1162 create_html_syntax (html_formatting,
1163 'get_display_document_url',
1164 l_node_connect_syntax,
1165 l_function_syntax,
1166 l_parameter_str,
1167 l_document_name,
1168 l_icon_name,
1169 display_document_url);
1170
1171
1172 EXCEPTION
1173 WHEN OTHERS THEN
1174 Wf_Core.Context('fnd_document_management',
1175 'get_display_document_url',
1176 document_identifier);
1177 RAISE;
1178
1179 END get_display_document_url;
1180
1181 /*===========================================================================
1182
1183 Function get_original_document_url
1184
1185 Purpose Invoke the appropriate document viewer for the original version
1186 of the selected document. The default operation of the DM
1187 system is to show the latest version of the document that
1188 was attached to the item.
1189 We are providing another function here to show the original
1190 version of the document.
1191 Most document management systems
1192 support a wide range of document formats for viewing.
1193 We will rely on the document management system to
1194 display the document in it's native format whenever possible.
1195
1196 ============================================================================*/
1197 PROCEDURE get_original_document_url
1198 (username IN Varchar2,
1199 document_identifier IN Varchar2,
1200 show_document_icon IN Boolean,
1201 html_formatting IN Boolean,
1202 original_document_URL OUT NOCOPY Varchar2) IS
1203
1204 l_dm_node_id Number := 0;
1205 l_document_id Varchar2(30) := NULL;
1206 l_version Varchar2(10) := NULL;
1207 l_document_name Varchar2(240) := NULL;
1208 l_product_id Number := 0;
1209 l_product_function_id Number := 0;
1210 l_record_num Number := 0;
1211 l_node_connect_syntax Varchar2(240) := NULL;
1212 l_parameter_str Varchar2(4000) := NULL;
1213 l_function_syntax Varchar2(4000) := NULL;
1214 l_icon_name Varchar2(40) := NULL;
1215 l_parameter_list fnd_document_management.fnd_dm_product_parms_tbl_type;
1216 l_document_attributes fnd_document_management.fnd_document_attributes;
1217 l_username VARCHAR2(320) := NULL;
1218 l_dummy boolean; -- Bug5161758 HTML injection
1219
1220 BEGIN
1221 -- Bug5161758 HTML injection
1222 begin
1223 l_dummy := wf_core.CheckIllegalChars(username,true);
1224 exception
1225 when OTHERS then
1226 fnd_document_management.error;
1227 return;
1228 end;
1229 l_username := upper(username);
1230
1231 /*
1232 ** get all the components of the document attribute
1233 */
1234 fnd_document_management.ParseDocInfo(document_identifier,
1235 l_dm_node_id,
1236 l_document_id,
1237 l_version);
1238
1239 /*
1240 ** If you're calling this with full html formatting to include the
1241 ** document title in the link then go get the document title from
1242 ** the dm system. This is a very expensive operation and is not
1243 ** recommended
1244 */
1245 IF (html_formatting = TRUE) THEN
1246
1247 /*
1248 ** get the document name
1249 */
1250 fnd_document_management.get_document_attributes(l_username,
1251 document_identifier,
1252 l_document_attributes);
1253
1254 l_document_name := l_document_attributes.document_name;
1255
1256 ELSE
1257
1258 l_document_name := NULL;
1259
1260 END IF;
1261
1262 /*
1263 ** Get the URL prefix for the route to the DM host and the product id
1264 ** Also get the appropriate syntax for a display function for the vendor
1265 ** that is servicing this particular node.
1266 */
1267 get_function_definition (l_dm_node_id,
1268 'get_display_document_url',
1269 l_node_connect_syntax,
1270 l_product_id,
1271 l_function_syntax,
1275 /*
1272 l_product_function_id,
1273 l_icon_name);
1274
1276 ** Go get the parameters for this function for the specific
1277 ** vendor software that is servicing this particular node
1278 */
1279 IF (l_function_syntax IS NOT NULL) THEN
1280
1281 /*
1282 ** Get the parameters for the search function
1283 */
1284 get_product_parameter_list (l_product_function_id,
1285 l_parameter_list);
1286
1287 /*
1288 ** Loop through the parameter list filling in the corresponding
1289 ** values
1290 */
1291 FOR l_record_num IN 1..l_parameter_list.count LOOP
1292
1293 /*
1294 ** Determine which argument separator to add
1295 */
1296
1297 IF (INSTR(l_parameter_str, '?') > 0 OR
1298 INSTR(l_function_syntax, '?') > 0) THEN
1299
1300 l_parameter_str := l_parameter_str || '&';
1301
1302 ELSE
1303
1304 l_parameter_str := l_parameter_str || '?';
1305
1306 END IF;
1307
1308 /*
1309 ** The only difference in the syntax from the
1310 ** get_display_document_url is to drop the version parameter
1311 */
1312
1313 IF (l_parameter_list(l_record_num).parameter_name = 'DOCUMENT_ID') THEN
1314
1315 l_parameter_str := l_parameter_str ||
1316 l_parameter_list(l_record_num).parameter_syntax ||
1317 l_document_id;
1318
1319 ELSIF (l_parameter_list(l_record_num).parameter_name = 'VERSION') THEN
1320
1321 l_parameter_str := l_parameter_str ||
1322 l_parameter_list(l_record_num).parameter_syntax ||
1323 l_version;
1324
1325 ELSIF (l_parameter_list(l_record_num).parameter_name = 'USERNAME') THEN
1326
1327 l_parameter_str := l_parameter_str ||
1328 l_parameter_list(l_record_num).parameter_syntax ||
1329 l_username;
1330
1331 ELSIF (l_parameter_list(l_record_num).parameter_name = 'TICKET') THEN
1332
1333 l_parameter_str := l_parameter_str ||
1334 l_parameter_list(l_record_num).parameter_syntax ||
1335 fnd_document_management.get_ticket(l_username);
1336
1337
1338 END IF;
1339
1340 END LOOP;
1341
1342 END IF;
1343
1344 /*
1345 ** Create the proper html syntax for the document function
1346 */
1347 create_html_syntax (html_formatting,
1348 'get_display_document_url',
1349 l_node_connect_syntax,
1350 l_function_syntax,
1351 l_parameter_str,
1352 l_document_name,
1353 l_icon_name,
1354 original_document_url);
1355
1356
1357 EXCEPTION
1358 WHEN OTHERS THEN
1359 Wf_Core.Context('fnd_document_management',
1360 'get_original_document_url',
1361 document_identifier);
1362 RAISE;
1363
1364 END get_original_document_url;
1365
1366 /*===========================================================================
1367
1368 Function get_fetch_document_url
1369
1370 Purpose Fetch a copy of a document from a document management system
1371 and place it on the local system. Always fetch the latest
1372 version of the document
1373
1374 ============================================================================*/
1375 PROCEDURE get_fetch_document_url
1376 (username IN Varchar2,
1377 document_identifier IN Varchar2,
1378 html_formatting IN Boolean,
1379 fetch_document_URL OUT NOCOPY Varchar2) IS
1380
1381 l_dm_node_id Number := 0;
1382 l_document_id Varchar2(30) := NULL;
1383 l_version Varchar2(10) := NULL;
1384 l_product_id Number := 0;
1385 l_product_function_id Number := 0;
1386 l_record_num Number := 0;
1387 l_node_connect_syntax Varchar2(240) := '';
1388 l_parameter_str Varchar2(4000) := '';
1389 l_function_syntax Varchar2(4000) := '';
1390 l_icon_name Varchar2(40) := '';
1391 l_parameter_list fnd_document_management.fnd_dm_product_parms_tbl_type;
1392 l_username Varchar2(320) := NULL;
1393 l_dummy boolean; -- Bug5161758 HTML injection
1394
1395 BEGIN
1396 -- Bug5161758 HTML injection
1397 begin
1398 l_dummy := wf_core.CheckIllegalChars(username,true);
1399 exception
1400 when OTHERS then
1401 fnd_document_management.error;
1402 return;
1403 end;
1404 l_username := upper(username);
1405
1406 /*
1407 ** get all the components of the document attribute
1408 */
1409 fnd_document_management.ParseDocInfo(document_identifier,
1410 l_dm_node_id,
1411 l_document_id,
1412 l_version);
1413
1414 /*
1415 ** Get the URL prefix for the route to the DM host and the product id
1419 get_function_definition (l_dm_node_id,
1416 ** Also get the appropriate syntax for a fetch function for the vendor
1417 ** that is servicing this particular node.
1418 */
1420 'get_fetch_document_url',
1421 l_node_connect_syntax,
1422 l_product_id,
1423 l_function_syntax,
1424 l_product_function_id,
1425 l_icon_name);
1426
1427 /*
1428 ** Go get the parameters for this function for the specific
1429 ** vendor software that is servicing this particular node
1430 */
1431 IF (l_function_syntax IS NOT NULL) THEN
1432
1433 /*
1434 ** Get the parameters for the search function
1435 */
1436 get_product_parameter_list (l_product_function_id,
1437 l_parameter_list);
1438
1439 /*
1440 ** Loop through the parameter list filling in the corresponding
1441 ** values
1442 */
1443 FOR l_record_num IN 1..l_parameter_list.count LOOP
1444
1445 /*
1446 ** Determine which argument separator to add
1447 */
1448 IF (INSTR(l_parameter_str, '?') > 0 OR
1449 INSTR(l_function_syntax, '?') > 0) THEN
1450 l_parameter_str := l_parameter_str || '&';
1451 ELSE
1452 l_parameter_str := l_parameter_str || '?';
1453 END IF;
1454
1455 IF (l_parameter_list(l_record_num).parameter_name = 'DOCUMENT_ID') THEN
1456 l_parameter_str := l_parameter_str ||
1457 l_parameter_list(l_record_num).parameter_syntax ||
1458 l_document_id;
1459 ELSIF (l_parameter_list(l_record_num).parameter_name = 'USERNAME') THEN
1460 l_parameter_str := l_parameter_str ||
1461 l_parameter_list(l_record_num).parameter_syntax ||
1462 l_username;
1463 ELSIF (l_parameter_list(l_record_num).parameter_name = 'TICKET') THEN
1464 l_parameter_str := l_parameter_str ||
1465 l_parameter_list(l_record_num).parameter_syntax ||
1466 fnd_document_management.get_ticket(l_username);
1467 END IF;
1468 END LOOP;
1469 END IF;
1470
1471 /*
1472 ** Create the proper html syntax for the document function
1473 */
1474 create_html_syntax (html_formatting,
1475 'get_fetch_document_url',
1476 l_node_connect_syntax,
1477 l_function_syntax,
1478 l_parameter_str,
1479 'WFDM_FETCH',
1480 l_icon_name,
1481 fetch_document_url);
1482
1483 EXCEPTION
1484 WHEN OTHERS THEN
1485 Wf_Core.Context('fnd_document_management',
1486 'get_fetch_document_url',
1487 document_identifier);
1488 RAISE;
1489
1490 END get_fetch_document_url;
1491
1492 /*===========================================================================
1493
1494 Function get_check_out_document_url
1495
1496 Purpose Lock the document in the DM system so that no other user can
1497 check in a new revision of the document while you
1498 hold the lock. This function will also allow you to create
1499 a local copy of the document on your file system.
1500
1501 ============================================================================*/
1502 PROCEDURE get_check_out_document_url
1503 (username IN Varchar2,
1504 document_identifier IN Varchar2,
1505 html_formatting IN Boolean,
1506 check_out_document_URL OUT NOCOPY Varchar2) IS
1507
1508 l_dm_node_id Number := 0;
1509 l_document_id Varchar2(30) := NULL;
1510 l_version Varchar2(10) := NULL;
1511 l_product_id Number := 0;
1512 l_product_function_id Number := 0;
1513 l_record_num Number := 0;
1514 l_node_connect_syntax Varchar2(240) := '';
1515 l_display_document_url Varchar2(2000) := '';
1516 l_function_syntax Varchar2(4000) := '';
1517 l_parameter_str Varchar2(4000) := '';
1518 l_icon_name Varchar2(40) := '';
1519 l_parameter_list fnd_document_management.fnd_dm_product_parms_tbl_type;
1520 l_username Varchar2(320):= NULL;
1521 l_dummy boolean; -- Bug5161758 HTML injection
1522
1523 BEGIN
1524 -- Bug5161758 HTML injection
1525 begin
1526 l_dummy := wf_core.CheckIllegalChars(username,true);
1527 exception
1528 when OTHERS then
1529 fnd_document_management.error;
1530 return;
1531 end;
1532 l_username := upper(username);
1533
1534 /*
1535 ** get all the components of the document attribute
1536 */
1537 fnd_document_management.ParseDocInfo(document_identifier,
1538 l_dm_node_id,
1539 l_document_id,
1540 l_version);
1541
1542 /*
1543 ** Get the URL prefix for the route to the DM host and the product id
1547 get_function_definition (l_dm_node_id,
1544 ** Also get the appropriate syntax for a check out function for the
1545 ** vendor that is servicing this particular node.
1546 */
1548 'get_check_out_document_url',
1549 l_node_connect_syntax,
1550 l_product_id,
1551 l_function_syntax,
1552 l_product_function_id,
1553 l_icon_name);
1554
1555 /*
1556 ** Go get the parameters for this function for the specific
1557 ** vendor software that is servicing this particular node
1558 */
1559 IF (l_function_syntax IS NOT NULL) THEN
1560
1561 /*
1562 ** Get the parameters for the search function
1563 */
1564 get_product_parameter_list (l_product_function_id,
1565 l_parameter_list);
1566
1567 /*
1568 ** Loop through the parameter list filling in the corresponding
1569 ** values
1570 */
1571 FOR l_record_num IN 1..l_parameter_list.count LOOP
1572
1573 /*
1574 ** Determine which argument separator to add
1575 */
1576 IF (INSTR(l_parameter_str, '?') > 0 OR
1577 INSTR(l_function_syntax, '?') > 0) THEN
1578 l_parameter_str := l_parameter_str || '&';
1579 ELSE
1580 l_parameter_str := l_parameter_str || '?';
1581 END IF;
1582
1583 IF (l_parameter_list(l_record_num).parameter_name = 'DOCUMENT_ID') THEN
1584 l_parameter_str := l_parameter_str ||
1585 l_parameter_list(l_record_num).parameter_syntax ||
1586 l_document_id;
1587 ELSIF (l_parameter_list(l_record_num).parameter_name = 'CALLBACK') THEN
1588 fnd_document_management.get_display_document_url (
1589 l_username,
1590 document_identifier,
1591 FALSE,
1592 FALSE,
1593 l_display_document_url);
1594 l_parameter_str := l_parameter_str ||
1595 l_parameter_list(l_record_num).parameter_syntax ||
1596 wfa_html.conv_special_url_chars(l_display_document_url);
1597 ELSIF (l_parameter_list(l_record_num).parameter_name = 'USERNAME') THEN
1598 l_parameter_str := l_parameter_str ||
1599 l_parameter_list(l_record_num).parameter_syntax ||
1600 l_username;
1601 ELSIF (l_parameter_list(l_record_num).parameter_name = 'TICKET') THEN
1602 l_parameter_str := l_parameter_str ||
1603 l_parameter_list(l_record_num).parameter_syntax ||
1604 fnd_document_management.get_ticket(l_username);
1605 END IF;
1606 END LOOP;
1607 END IF;
1608
1609 /*
1610 ** Create the proper html syntax for the document function
1611 */
1612 create_html_syntax (html_formatting,
1613 'get_check_out_document_url',
1614 l_node_connect_syntax,
1615 l_function_syntax,
1616 l_parameter_str,
1617 'WFDM_CHECK_OUT',
1618 l_icon_name,
1619 check_out_document_url);
1620
1621 EXCEPTION
1622 WHEN OTHERS THEN
1623 Wf_Core.Context('fnd_document_management',
1624 'get_check_out_document_url',
1625 document_identifier);
1626 RAISE;
1627
1628 END get_check_out_document_url;
1629
1630 /*===========================================================================
1631
1632 Function get_check_in_document_url
1633
1634 Purpose Copy a new version of a file from your local file system
1635 back into the document management system. UnLock the
1636 document in the DM system so that other users can work
1637 on the document.
1638
1639 ============================================================================*/
1640 PROCEDURE get_check_in_document_url
1641 (username IN Varchar2,
1642 document_identifier IN Varchar2,
1643 html_formatting IN Boolean,
1644 check_in_document_URL OUT NOCOPY Varchar2) IS
1645
1646 l_dm_node_id Number := 0;
1647 l_document_id Varchar2(30) := NULL;
1648 l_version Varchar2(10) := NULL;
1649 l_product_id Number := 0;
1650 l_product_function_id Number := 0;
1651 l_record_num Number := 0;
1652 l_node_connect_syntax Varchar2(240) := '';
1653 l_display_document_url Varchar2(2000) := '';
1654 l_function_syntax Varchar2(4000) := '';
1655 l_parameter_str Varchar2(4000) := '';
1656 l_icon_name Varchar2(40) := '';
1657 l_parameter_list fnd_document_management.fnd_dm_product_parms_tbl_type;
1658 l_username Varchar2(320) := NULL;
1659 l_dummy boolean; -- Bug5161758 HTML injection
1660
1661 BEGIN
1662 -- Bug5161758 HTML injection
1663 begin
1664 l_dummy := wf_core.CheckIllegalChars(username,true);
1665 exception
1666 when OTHERS then
1667 fnd_document_management.error;
1668 return;
1672 /*
1669 end;
1670 l_username := upper(username);
1671
1673 ** get all the components of the document attribute
1674 */
1675 fnd_document_management.ParseDocInfo(document_identifier,
1676 l_dm_node_id,
1677 l_document_id,
1678 l_version);
1679 /*
1680 ** Get the URL prefix for the route to the DM host and the product id
1681 ** Also get the appropriate syntax for a check in function for the vendor
1682 ** that is servicing this particular node.
1683 */
1684 get_function_definition (l_dm_node_id,
1685 'get_check_in_document_url',
1686 l_node_connect_syntax,
1687 l_product_id,
1688 l_function_syntax,
1689 l_product_function_id,
1690 l_icon_name);
1691
1692 /*
1693 ** Go get the parameters for this function for the specific
1694 ** vendor software that is servicing this particular node
1695 */
1696 IF (l_function_syntax IS NOT NULL) THEN
1697
1698 /*
1699 ** Get the parameters for the search function
1700 */
1701 get_product_parameter_list (l_product_function_id,
1702 l_parameter_list);
1703
1704 /*
1705 ** Loop through the parameter list filling in the corresponding
1706 ** values
1707 */
1708 FOR l_record_num IN 1..l_parameter_list.count LOOP
1709
1710 /*
1711 ** Determine which argument separator to add
1712 */
1713
1714 IF (INSTR(l_parameter_str, '?') > 0 OR
1715 INSTR(l_function_syntax, '?') > 0) THEN
1716
1717 l_parameter_str := l_parameter_str || '&';
1718
1719 ELSE
1720
1721 l_parameter_str := l_parameter_str || '?';
1722
1723 END IF;
1724
1725 IF (l_parameter_list(l_record_num).parameter_name = 'DOCUMENT_ID') THEN
1726
1727 l_parameter_str := l_parameter_str ||
1728 l_parameter_list(l_record_num).parameter_syntax ||
1729 l_document_id;
1730
1731
1732 ELSIF (l_parameter_list(l_record_num).parameter_name = 'CALLBACK') THEN
1733
1734 fnd_document_management.get_display_document_url (
1735 l_username,
1736 document_identifier,
1737 FALSE,
1738 FALSE,
1739 l_display_document_url);
1740
1741 l_parameter_str := l_parameter_str ||
1742 l_parameter_list(l_record_num).parameter_syntax ||
1743 wfa_html.conv_special_url_chars(l_display_document_url);
1744
1745 ELSIF (l_parameter_list(l_record_num).parameter_name = 'USERNAME') THEN
1746
1747 l_parameter_str := l_parameter_str ||
1748 l_parameter_list(l_record_num).parameter_syntax ||
1749 l_username;
1750
1751 ELSIF (l_parameter_list(l_record_num).parameter_name = 'TICKET') THEN
1752
1753 l_parameter_str := l_parameter_str ||
1754 l_parameter_list(l_record_num).parameter_syntax ||
1755 fnd_document_management.get_ticket(l_username);
1756
1757 END IF;
1758
1759 END LOOP;
1760
1761 END IF;
1762
1763 /*
1764 ** Create the proper html syntax for the document function
1765 */
1766 create_html_syntax (html_formatting,
1767 'get_check_in_document_url',
1768 l_node_connect_syntax,
1769 l_function_syntax,
1770 l_parameter_str,
1771 'WFDM_CHECK_IN',
1772 l_icon_name,
1773 check_in_document_url);
1774
1775 EXCEPTION
1776 WHEN OTHERS THEN
1777 Wf_Core.Context('fnd_document_management',
1778 'get_check_in_document_url',
1779 document_identifier);
1780 RAISE;
1781
1782 END get_check_in_document_url;
1783
1784
1785 /*===========================================================================
1786
1787 Function get_lock_document_url
1788
1789 Purpose Lock the document in the DM system so that no other
1790 user can check in a new revision of the document while
1791 you hold the lock.
1792
1793 ============================================================================*/
1794 PROCEDURE get_lock_document_url
1795 (username IN Varchar2,
1796 document_identifier IN Varchar2,
1797 html_formatting IN Boolean,
1798 lock_document_URL OUT NOCOPY Varchar2) IS
1799
1800 l_dm_node_id Number := 0;
1801 l_document_id Varchar2(30) := NULL;
1802 l_version Varchar2(10) := NULL;
1803 l_product_id Number := 0;
1804 l_product_function_id Number := 0;
1805 l_record_num Number := 0;
1806 l_node_connect_syntax Varchar2(240) := '';
1807 l_display_document_url Varchar2(2000) := '';
1808 l_function_syntax Varchar2(4000) := '';
1809 l_parameter_str Varchar2(4000) := '';
1813 l_dummy boolean; -- Bug5161758 HTML injection
1810 l_icon_name Varchar2(40) := '';
1811 l_parameter_list fnd_document_management.fnd_dm_product_parms_tbl_type;
1812 l_username Varchar2(320) := NULL;
1814
1815 BEGIN
1816 -- Bug5161758 HTML injection
1817 begin
1818 l_dummy := wf_core.CheckIllegalChars(username,true);
1819 exception
1820 when OTHERS then
1821 fnd_document_management.error;
1822 return;
1823 end;
1824 l_username := upper(username);
1825
1826 /*
1827 ** get all the components of the document attribute
1828 */
1829 fnd_document_management.ParseDocInfo(document_identifier,
1830 l_dm_node_id,
1831 l_document_id,
1832 l_version);
1833
1834 /*
1835 ** Get the URL prefix for the route to the DM host and the product id
1836 ** Also get the appropriate syntax for a lock function for the vendor
1837 ** that is servicing this particular node.
1838 */
1839 get_function_definition (l_dm_node_id,
1840 'get_lock_document_url',
1841 l_node_connect_syntax,
1842 l_product_id,
1843 l_function_syntax,
1844 l_product_function_id,
1845 l_icon_name);
1846
1847 /*
1848 ** Go get the parameters for this function for the specific
1849 ** vendor software that is servicing this particular node
1850 */
1851 IF (l_function_syntax IS NOT NULL) THEN
1852
1853 /*
1854 ** Get the parameters for the search function
1855 */
1856 get_product_parameter_list (l_product_function_id,
1857 l_parameter_list);
1858
1859 /*
1860 ** Loop through the parameter list filling in the corresponding
1861 ** values
1862 */
1863 FOR l_record_num IN 1..l_parameter_list.count LOOP
1864
1865 /*
1866 ** Determine which argument separator to add
1867 */
1868
1869 IF (INSTR(l_parameter_str, '?') > 0 OR
1870 INSTR(l_function_syntax, '?') > 0) THEN
1871
1872 l_parameter_str := l_parameter_str || '&';
1873
1874 ELSE
1875
1876 l_parameter_str := l_parameter_str || '?';
1877
1878 END IF;
1879
1880 IF (l_parameter_list(l_record_num).parameter_name = 'DOCUMENT_ID') THEN
1881
1882 l_parameter_str := l_parameter_str ||
1883 l_parameter_list(l_record_num).parameter_syntax ||
1884 l_document_id;
1885
1886
1887 ELSIF (l_parameter_list(l_record_num).parameter_name = 'CALLBACK') THEN
1888
1889 fnd_document_management.get_display_document_url (
1890 l_username,
1891 document_identifier,
1892 FALSE,
1893 FALSE,
1894 l_display_document_url);
1895
1896 l_parameter_str := l_parameter_str ||
1897 l_parameter_list(l_record_num).parameter_syntax ||
1898 wfa_html.conv_special_url_chars(l_display_document_url);
1899
1900 ELSIF (l_parameter_list(l_record_num).parameter_name = 'USERNAME') THEN
1901
1902 l_parameter_str := l_parameter_str ||
1903 l_parameter_list(l_record_num).parameter_syntax ||
1904 l_username;
1905
1906 ELSIF (l_parameter_list(l_record_num).parameter_name = 'TICKET') THEN
1907
1908 l_parameter_str := l_parameter_str ||
1909 l_parameter_list(l_record_num).parameter_syntax ||
1910 fnd_document_management.get_ticket(l_username);
1911
1912 END IF;
1913
1914 END LOOP;
1915
1916 END IF;
1917
1918 /*
1919 ** Create the proper html syntax for the document function
1920 */
1921 create_html_syntax (html_formatting,
1922 'get_lock_document_url',
1923 l_node_connect_syntax,
1924 l_function_syntax,
1925 l_parameter_str,
1926 'WFDM_LOCK',
1927 l_icon_name,
1928 lock_document_url);
1929
1930 EXCEPTION
1931 WHEN OTHERS THEN
1932 Wf_Core.Context('fnd_document_management',
1933 'get_lock_document_url',
1934 document_identifier);
1935 RAISE;
1936
1937 END get_lock_document_url;
1938
1939 /*===========================================================================
1940
1941 Function get_unlock_document_url
1942
1943 Purpose Unlock the document in the DM system without checking
1944 in a new version of the document so that other users
1945 can check in new revisions of the document.
1946
1947 ============================================================================*/
1948 PROCEDURE get_unlock_document_url
1949 (username IN Varchar2,
1953
1950 document_identifier IN Varchar2,
1951 html_formatting IN Boolean,
1952 unlock_document_URL OUT NOCOPY Varchar2) IS
1954 l_dm_node_id Number := 0;
1955 l_document_id Varchar2(30) := NULL;
1956 l_version Varchar2(10) := NULL;
1957 l_product_id Number := 0;
1958 l_product_function_id Number := 0;
1959 l_record_num Number := 0;
1960 l_node_connect_syntax Varchar2(240) := '';
1961 l_display_document_url Varchar2(2000) := '';
1962 l_function_syntax Varchar2(4000) := '';
1963 l_parameter_str Varchar2(4000) := '';
1964 l_icon_name Varchar2(40) := '';
1965 l_parameter_list fnd_document_management.fnd_dm_product_parms_tbl_type;
1966 l_username Varchar2(320):= NULL;
1967 l_dummy boolean; -- Bug5161758 HTML injection
1968
1969 BEGIN
1970 -- Bug5161758 HTML injection
1971 begin
1972 l_dummy := wf_core.CheckIllegalChars(username,true);
1973 exception
1974 when OTHERS then
1975 fnd_document_management.error;
1976 return;
1977 end;
1978 l_username := upper(username);
1979
1980 /*
1981 ** get all the components of the document attribute
1982 */
1983 fnd_document_management.ParseDocInfo(document_identifier,
1984 l_dm_node_id,
1985 l_document_id,
1986 l_version);
1987
1988 /*
1989 ** Get the URL prefix for the route to the DM host and the product id
1990 ** Also get the appropriate syntax for a unlock function for the vendor
1991 ** that is servicing this particular node.
1992 */
1993 get_function_definition (l_dm_node_id,
1994 'get_unlock_document_url',
1995 l_node_connect_syntax,
1996 l_product_id,
1997 l_function_syntax,
1998 l_product_function_id,
1999 l_icon_name);
2000
2001 /*
2002 ** Go get the parameters for this function for the specific
2003 ** vendor software that is servicing this particular node
2004 */
2005 IF (l_function_syntax IS NOT NULL) THEN
2006
2007 /*
2008 ** Get the parameters for the search function
2009 */
2010 get_product_parameter_list (l_product_function_id,
2011 l_parameter_list);
2012
2013 /*
2014 ** Loop through the parameter list filling in the corresponding
2015 ** values
2016 */
2017 FOR l_record_num IN 1..l_parameter_list.count LOOP
2018
2019 /*
2020 ** Determine which argument separator to add
2021 */
2022
2023 IF (INSTR(l_parameter_str, '?') > 0 OR
2024 INSTR(l_function_syntax, '?') > 0) THEN
2025
2026 l_parameter_str := l_parameter_str || '&';
2027
2028 ELSE
2029
2030 l_parameter_str := l_parameter_str || '?';
2031
2032 END IF;
2033
2034 IF (l_parameter_list(l_record_num).parameter_name = 'DOCUMENT_ID') THEN
2035
2036 l_parameter_str := l_parameter_str ||
2037 l_parameter_list(l_record_num).parameter_syntax ||
2038 l_document_id;
2039
2040
2041 ELSIF (l_parameter_list(l_record_num).parameter_name = 'CALLBACK') THEN
2042
2043 fnd_document_management.get_display_document_url (
2044 l_username,
2045 document_identifier,
2046 FALSE,
2047 FALSE,
2048 l_display_document_url);
2049
2050 l_parameter_str := l_parameter_str ||
2051 l_parameter_list(l_record_num).parameter_syntax ||
2052 wfa_html.conv_special_url_chars(l_display_document_url);
2053
2054 ELSIF (l_parameter_list(l_record_num).parameter_name = 'USERNAME') THEN
2055
2056 l_parameter_str := l_parameter_str ||
2057 l_parameter_list(l_record_num).parameter_syntax ||
2058 l_username;
2059
2060 ELSIF (l_parameter_list(l_record_num).parameter_name = 'TICKET') THEN
2061
2062 l_parameter_str := l_parameter_str ||
2063 l_parameter_list(l_record_num).parameter_syntax ||
2064 fnd_document_management.get_ticket(l_username);
2065
2066 END IF;
2067
2068 END LOOP;
2069
2070 END IF;
2071
2072 /*
2073 ** Create the proper html syntax for the document function
2074 */
2075 create_html_syntax (html_formatting,
2076 'get_unlock_document_url',
2077 l_node_connect_syntax,
2078 l_function_syntax,
2079 l_parameter_str,
2080 'WFDM_UNLOCK',
2081 l_icon_name,
2082 unlock_document_url);
2083
2084 EXCEPTION
2085 WHEN OTHERS THEN
2086 Wf_Core.Context('fnd_document_management',
2087 'get_unlock_document_url',
2088 document_identifier);
2089 RAISE;
2090
2091 END get_unlock_document_url;
2095
2092
2093 /*===========================================================================
2094 Function get_display_history_url
2096 Purpose Display the file history for the document in the Document
2097 Management System. Display the document title, type, size,
2098 whether the document is locked and if so by who, who has
2099 edited the document and when, etc.
2100
2101 ============================================================================*/
2102 PROCEDURE get_display_history_url
2103 (username IN Varchar2,
2104 document_identifier IN Varchar2,
2105 html_formatting IN Boolean,
2106 display_history_URL OUT NOCOPY Varchar2) IS
2107
2108 l_dm_node_id Number := 0;
2109 l_document_id Varchar2(30) := NULL;
2110 l_version Varchar2(10) := NULL;
2111 l_product_id Number := 0;
2112 l_product_function_id Number := 0;
2113 l_record_num Number := 0;
2114 l_node_connect_syntax Varchar2(240) := '';
2115 l_display_document_url Varchar2(2000) := '';
2116 l_function_syntax Varchar2(4000) := '';
2117 l_parameter_str Varchar2(4000) := '';
2118 l_icon_name Varchar2(40) := '';
2119 l_parameter_list fnd_document_management.fnd_dm_product_parms_tbl_type;
2120 l_username Varchar2(320):= NULL;
2121 l_dummy boolean; -- Bug5161758 HTML injection
2122
2123 BEGIN
2124 -- Bug5161758 HTML injection
2125 begin
2126 l_dummy := wf_core.CheckIllegalChars(username,true);
2127 exception
2128 when OTHERS then
2129 fnd_document_management.error;
2130 return;
2131 end;
2132 l_username := upper(username);
2133
2134 /*
2135 ** get all the components of the document attribute
2136 */
2137 fnd_document_management.ParseDocInfo(document_identifier,
2138 l_dm_node_id,
2139 l_document_id,
2140 l_version);
2141
2142 /*
2143 ** Get the URL prefix for the route to the DM host and the product id
2144 ** Also get the appropriate syntax for a display function for the vendor
2145 ** that is servicing this particular node.
2146 */
2147 get_function_definition (l_dm_node_id,
2148 'get_display_history_url',
2149 l_node_connect_syntax,
2150 l_product_id,
2151 l_function_syntax,
2152 l_product_function_id,
2153 l_icon_name);
2154
2155 /*
2156 ** Go get the parameters for this function for the specific
2157 ** vendor software that is servicing this particular node
2158 */
2159 IF (l_function_syntax IS NOT NULL) THEN
2160
2161 /*
2162 ** Get the parameters for the search function
2163 */
2164 get_product_parameter_list (l_product_function_id,
2165 l_parameter_list);
2166
2167 /*
2168 ** Loop through the parameter list filling in the corresponding
2169 ** values
2170 */
2171 FOR l_record_num IN 1..l_parameter_list.count LOOP
2172
2173 /*
2174 ** Determine which argument separator to add
2175 */
2176
2177 IF (INSTR(l_parameter_str, '?') > 0 OR
2178 INSTR(l_function_syntax, '?') > 0) THEN
2179
2180 l_parameter_str := l_parameter_str || '&';
2181
2182 ELSE
2183
2184 l_parameter_str := l_parameter_str || '?';
2185
2186 END IF;
2187
2188 IF (l_parameter_list(l_record_num).parameter_name = 'DOCUMENT_ID') THEN
2189
2190 l_parameter_str := l_parameter_str ||
2191 l_parameter_list(l_record_num).parameter_syntax ||
2192 l_document_id;
2193
2194
2195 ELSIF (l_parameter_list(l_record_num).parameter_name = 'CALLBACK') THEN
2196
2197 fnd_document_management.get_display_document_url (
2198 l_username,
2199 document_identifier,
2200 FALSE,
2201 FALSE,
2202 l_display_document_url);
2203
2204 l_parameter_str := l_parameter_str ||
2205 l_parameter_list(l_record_num).parameter_syntax ||
2206 wfa_html.conv_special_url_chars(l_display_document_url);
2207
2208 ELSIF (l_parameter_list(l_record_num).parameter_name = 'USERNAME') THEN
2209
2210 l_parameter_str := l_parameter_str ||
2211 l_parameter_list(l_record_num).parameter_syntax ||
2212 l_username;
2213
2214 ELSIF (l_parameter_list(l_record_num).parameter_name = 'TICKET') THEN
2215
2216 l_parameter_str := l_parameter_str ||
2217 l_parameter_list(l_record_num).parameter_syntax ||
2218 fnd_document_management.get_ticket(l_username);
2219
2220 END IF;
2221
2222 END LOOP;
2223
2224 END IF;
2225
2226 /*
2227 ** Create the proper html syntax for the document function
2228 */
2229 create_html_syntax (html_formatting,
2233 l_parameter_str,
2230 'get_display_history_url',
2231 l_node_connect_syntax,
2232 l_function_syntax,
2234 'WFDM_DISPLAY_HISTORY',
2235 l_icon_name,
2236 display_history_url);
2237
2238 EXCEPTION
2239 WHEN OTHERS THEN
2240 Wf_Core.Context('fnd_document_management',
2241 'get_display_history_url',
2242 document_identifier);
2243 RAISE;
2244
2245 END get_display_history_url;
2246
2247
2248 /*===========================================================================
2249
2250 Function get_open_dm_display_window
2251
2252 Purpose Get the javascript function to open a dm window based on
2253 a url and a window size. This java script function will
2254 be used by all the DM display functions to open the
2255 appropriate DM window. This function also gives the
2256 current window a name so that the dm window can call
2257 back to the javascript functions in the current window.
2258
2259 ============================================================================*/
2260 PROCEDURE get_open_dm_display_window IS
2261
2262 BEGIN
2263
2264 htp.p('<SCRIPT LANGUAGE="JavaScript"> <!-- hide the script''s contents from feeble browsers');
2265
2266 htp.p(
2267 'function fnd_open_dm_display_window(url,x,y)
2268 {
2269 var attributes=
2270 "resizable=yes,scrollbars=yes,toolbar=yes,menubar=yes,width="+x+",height="+ y;
2271 FNDDMwindow = window.open(url, "FNDDMwindow", attributes);
2272
2273 FNDDMwindow.focus();
2274
2275 FNDDMwindow.opener = self;
2276
2277 }'
2278 );
2279
2280
2281 htp.p('<!-- done hiding from old browsers --> </SCRIPT>');
2282 htp.p('<NOSCRIPT>' || WF_CORE.Translate('WFA_NOSCRIPT') || '</NOSCRIPT>');
2283
2284 EXCEPTION
2285 WHEN OTHERS THEN
2286 Wf_Core.Context('fnd_document_management',
2287 'get_open_dm_display_window');
2288 RAISE;
2289
2290 END get_open_dm_display_window;
2291
2292 /*===========================================================================
2293
2294 Function get_open_dm_attach_window
2295
2296 Purpose Get the javascript function to open a dm window based on
2297 a url and a window size. This java script function will
2298 be used by all the DM functions to open the appropriate DM
2299 window when attaching a new document to a business object.
2300 This function also gives the current window
2301 a name so that the dm window can call back to the javascript
2302 functions in the current window.
2303
2304 ============================================================================*/
2305 PROCEDURE get_open_dm_attach_window IS
2306
2307 BEGIN
2308
2309 htp.p('<SCRIPT LANGUAGE="JavaScript"> <!-- hide the script''s contents from feeble browsers');
2310
2311 htp.p(
2312 'function fnd_open_dm_attach_window(url,x,y)
2313 {
2314 var attributes=
2315 "location=no,resizable=yes,scrollbars=yes,toolbar=yes,menubar=yes,width="+x+",height="+ y;
2316 var transport_attr=
2317 "location=no,resizable=no,scrollbars=no,toolbar=no,menubar=no,width=300,height=100";
2318
2319 FNDDMwindow = window.open(url, "FNDDMwindow", attributes);
2320
2321 FNDDMCopywindow = window.open("'||
2322 wfa_html.base_url||
2323 '/fnd_document_management.show_transport_message'||
2324 '", "FNDDMCopywindow", transport_attr);
2325
2326 FNDDMwindow.focus();
2327
2328 FNDDMwindow.opener = self;
2329
2330 FNDDMCopywindow.opener = self;
2331
2332 }'
2333 );
2334
2335 htp.p('<!-- done hiding from old browsers --> </SCRIPT>');
2336 htp.p('<NOSCRIPT>' || WF_CORE.Translate('WFA_NOSCRIPT') || '</NOSCRIPT>');
2337
2338 EXCEPTION
2339 WHEN OTHERS THEN
2340 Wf_Core.Context('fnd_document_management',
2341 'get_open_dm_attach_window');
2342 RAISE;
2343
2344 END get_open_dm_attach_window;
2345
2346 /*===========================================================================
2347
2348 Function set_document_id_html
2349
2350 Purpose Get the javascript function to set the appropriate
2351 destination field on your html form from the document
2352 management select function.
2353
2354 ============================================================================*/
2355 PROCEDURE set_document_id_html
2356 (
2357 frame_name IN VARCHAR2,
2358 form_name IN VARCHAR2,
2359 document_id_field_name IN VARCHAR2,
2360 document_name_field_name IN VARCHAR2,
2361 callback_url OUT NOCOPY VARCHAR2
2362 ) IS
2363
2364 l_attributes VARCHAR2(1000) := NULL;
2365 l_callback_url VARCHAR2(5000) := NULL;
2366 l_browser varchar2(400) := owa_util.get_cgi_env('HTTP_USER_AGENT');
2367
2368 BEGIN
2369
2370 l_attributes := '"location=no,resizable=no,scrollbars=no,toolbar=no,menubar=no,'||
2374
2371 'width=300,height=100"';
2372
2373 IF (frame_name is not null) THEN
2375 l_callback_url := '"'||dm_base_url||
2376 '/fnd_document_management.set_document_form_fields'||
2377 '?document_identifier='||
2378 'DM:-NodeId-:-ObjectId-:-Version-'||
2379 '^document_name=-ObjectName-'||
2380 '^document_name_field=top.opener.parent.'||frame_name||
2381 '.document.'||
2382 form_name||'.'||document_name_field_name||'.value'||
2383 '^document_id_field=top.opener.parent.'||frame_name||
2384 '.document.'||
2385 form_name||'.'||document_id_field_name||'.value" TARGET="FNDDMCopywindow"';
2386
2387 ELSE
2388
2389 l_callback_url := '"'||dm_base_url||
2390 '/fnd_document_management.set_document_form_fields'||
2391 '?document_identifier='||
2392 'DM:-NodeId-:-ObjectId-:-Version-'||
2393 '^document_name=-ObjectName-'||
2394 '^document_name_field=top.opener.parent.document.'||
2395 form_name||'.'||document_name_field_name||'.value'||
2396 '^document_id_field=top.opener.parent.document.'||
2397 form_name||'.'||document_id_field_name||'.value" TARGET="FNDDMCopywindow"';
2398
2399
2400 END IF;
2401
2402 callback_url := wfa_html.conv_special_url_chars(l_callback_url);
2403
2404 EXCEPTION
2405 WHEN OTHERS THEN
2406 Wf_Core.Context('fnd_document_management',
2407 'set_document_id_html',
2408 form_name,
2409 document_id_field_name,
2410 document_name_field_name);
2411 RAISE;
2412
2413 END set_document_id_html;
2414
2415 --
2416 -- PackDocInfo
2417 -- Pack together the document components out of a document type
2418 -- attribute.
2419 --
2420 -- dm_node_id - Id for of the dm system where the document is
2421 -- maintained
2422 --
2423 -- document_id - Identifier for the document for the particular dm node
2424 --
2425 -- version - Version of Document that was selected
2426 --
2427 -- document_info - Concatenated string of characters that includes the
2428 -- nodeid, document id, version, and
2429 -- document name in the following format:
2430 --
2431 -- nodeid:documentid:version
2432 --
2433 --
2434 procedure PackDocInfo(dm_node_id in number,
2435 document_id in varchar2,
2436 version in varchar2,
2437 document_info out nocopy varchar2) IS
2438
2439 BEGIN
2440
2441 document_info := 'DM:'||
2442 TO_CHAR(dm_node_id) || ':' ||
2443 document_id || ':' ||
2444 version;
2445
2446 END PackDocInfo;
2447
2448 --
2449 -- ParseDocInfo
2450 -- Parse out the document components out of a document type
2451 -- attribute.
2452 --
2453 -- document_info - Concatenated string of characters that includes the
2454 -- nodeid, document id, version, and
2455 -- document name in the following format:
2456 --
2457 -- nodeid:document id:version
2458 --
2459 -- dm_node_id - Id for of the dm system where the document is
2460 -- maintained
2461 --
2462 -- document_id - Identifier for the document for the particular dm node
2463 --
2464 -- version - Version of Document that was selected
2465 --
2466 --
2467 procedure ParseDocInfo(document_info in varchar2,
2468 dm_node_id out nocopy number,
2469 document_id out nocopy varchar2,
2470 version out nocopy varchar2)
2471 is
2472
2473 colon pls_integer;
2474 doc_str varchar2(2000);
2475
2476 begin
2477
2478
2479 -- Parse DM: from document information
2480 doc_str := substrb(document_info, 4);
2481
2482 -- Parse dm_node_id from document information
2483 colon := instr(doc_str, ':');
2484
2485 if ((colon <> 0) and (colon < 80)) then
2486
2487 dm_node_id := to_number(substrb(doc_str, 1, colon-1));
2488
2489 -- get the document id and name off the rest of the string
2490 doc_str := substrb(doc_str, colon+1);
2491
2492 end if;
2493
2494 -- Parse document_id from document information
2495 colon := instr(doc_str, ':');
2496
2497 if ((colon <> 0) and (colon < 80)) then
2498
2499 document_id := substrb(doc_str, 1, colon-1);
2500
2501 -- get the document id and name off the rest of the string
2502 doc_str := substrb(doc_str, colon+1);
2503
2504 end if;
2505
2506 -- Parse document id from document information
2507 colon := instr(doc_str, ':');
2508
2509 version := substrb(doc_str, colon+1);
2510
2511 exception
2512 when others then
2513 raise;
2514
2515 end ParseDocInfo;
2516
2517 /*===========================================================================
2518
2522 documents based on the document identifier
2519 Function create_document_toolbar
2520
2521 Purpose create the toolbar for checking in/checking out etc.
2523
2524 ============================================================================*/
2525 PROCEDURE create_document_toolbar
2526 (
2527 username IN VARCHAR2,
2528 document_identifier IN VARCHAR2) IS
2529
2530 l_dm_node_id Number := 0;
2531 l_document_id Varchar2(30) := NULL;
2532 l_version Varchar2(10) := NULL;
2533 l_username Varchar2(320) := NULL;
2534 l_document_name Varchar2(240) := NULL;
2535 c_title Varchar2(240) := NULL;
2536 l_toolbar_color Varchar2(10) := '#0000cc';
2537 l_url_syntax Varchar2(2000) := NULL;
2538 l_document_attributes fnd_document_management.fnd_document_attributes;
2539 l_dummy boolean; -- Bug5161758 HTML injection
2540 BEGIN
2541 -- Bug5161758 HTML injection
2542 begin
2543 l_dummy := wf_core.CheckIllegalChars(username,true);
2544 exception
2545 when OTHERS then
2546 fnd_document_management.error;
2547 return;
2548 end;
2549 l_username := upper(username);
2550
2551 /*
2552 ** get all the components of the document attribute
2553 */
2554 fnd_document_management.ParseDocInfo(document_identifier,
2555 l_dm_node_id,
2556 l_document_id,
2557 l_version);
2558
2559 /*
2560 ** get the document name
2561 */
2562 fnd_document_management.get_document_attributes(l_username,
2563 document_identifier,
2564 l_document_attributes);
2565
2566 l_document_name := SUBSTR (l_document_attributes.document_name, 1, 25);
2567
2568 /*
2569 ** Create main table for toolbar and icon
2570 */
2571 htp.p('<table width=100% Cellpadding=0 Cellspacing=0 border=0> summary=""');
2572
2573
2574 htp.p('<tr>');
2575
2576 /*
2577 ** Put some space on the side
2578 */
2579 htp.p('<td width=10 id=""></td>');
2580
2581 htp.p('<td id="">');
2582
2583 /*
2584 ** inner table to define toolbar
2585 */
2586 htp.p('<table Cellpadding=0 Cellspacing=0 Border=0 summary="">');
2587
2588 /*
2589 ** Left rounded icon for toolbar
2590 */
2591 htp.p('<td rowspan=3 id=""><img src='||wfa_html.image_loc||'FNDGTBL.gif alt=""></td>');
2592
2593 /*
2594 ** White line on top of toolbar
2595 */
2596 htp.p('<td bgcolor=#ffffff height=1 colspan=3 id=""><img src='||wfa_html.image_loc||'FNDDBPXW.gif alt=""></td>');
2597
2598 /*
2599 ** Right rounded icon for toolbar
2600 */
2601 htp.p('<td rowspan=3 id=""><img src='||wfa_html.image_loc||'FNDGTBR.gif alt=""></td>');
2602
2603 /*
2604 ** End the table row for the icons that surround the real toolbar
2605 */
2606 htp.p('</tr>');
2607
2608 /*
2609 ** Start the table for the real controls
2610 */
2611 htp.p('<tr>');
2612
2613 -- Bug5161758 - XSS
2614 l_document_name := wf_core.substitutespecialchars(l_document_name);
2615
2616 /*
2617 ** Create the page title.
2618 */
2619 htp.p('<td bgcolor=#cccccc nowrap height=30 align=middle id="">');
2620
2621 htp.p('<B> '||l_document_name||' </B>');
2622
2623 htp.p('</td>');
2624
2625 /*
2626 ** Create the dividing line
2627 */
2628 htp.p('<td bgcolor=#cccccc nowrap height=30 align=middle id="">');
2629 htp.p('<img src='||wfa_html.image_loc||'FNDIWDVD.gif border=no align=absmiddle alt="">');
2630
2631 /*
2632 ** Create the display document icon control
2633 */
2634 fnd_document_management.get_display_document_url (
2635 l_username,
2636 document_identifier,
2637 FALSE,
2638 FALSE,
2639 l_url_syntax);
2640
2641 htp.p('<a href="'||l_url_syntax||'" TARGET="DOCUMENT" onMouseOver="window.status='||''''||
2642 wf_core.translate('WFDM_DISPLAY')||''''||';return true">'||
2643 '<img src='||wfa_html.image_loc||'afdsktop.gif height=22 border=no align=absmiddle alt="'||wf_core.translate('WFDM_DISPLAY')||'"></a>');
2644
2645 /*
2646 ** Create the display latest version document icon control
2647 */
2648 fnd_document_management.get_original_document_url (
2649 l_username,
2650 document_identifier,
2651 FALSE,
2652 FALSE,
2653 l_url_syntax);
2654
2655 htp.p('<a href="'||l_url_syntax||'" TARGET="DOCUMENT" onMouseOver="window.status='||''''||
2656 wf_core.translate('WFDM_ORIGINAL_VERSION')||''''||';return true">'||
2657 '<img src='||wfa_html.image_loc||'azprocom.gif border=no align=absmiddle alt="'||wf_core.translate('WFDM_ORIGINAL_VERSION')||'"></a>');
2658
2659 /*
2660 ** Create the fetch document icon control
2661 */
2662 fnd_document_management.get_fetch_document_url (
2663 l_username,
2664 document_identifier,
2665 FALSE,
2669 wf_core.translate('WFDM_FETCH')||''''||';return true">'||
2666 l_url_syntax);
2667
2668 htp.p('<a href="'||l_url_syntax||'" TARGET="DOCUMENT" onMouseOver="window.status='||''''||
2670 '<img src='||wfa_html.image_loc||'savecopy.gif border=no align=absmiddle alt="'||wf_core.translate('WFDM_FETCH')||'"></a>');
2671
2672 /*
2673 ** Create a dividing line
2674 */
2675 htp.p('<img src='||wfa_html.image_loc||'FNDIWDVD.gif border=no align=absmiddle alt="">');
2676
2677 /*
2678 ** Create the check out icon control
2679 */
2680 fnd_document_management.get_check_out_document_url (
2681 l_username,
2682 document_identifier,
2683 FALSE,
2684 l_url_syntax);
2685
2686 htp.p('<a href="'||l_url_syntax||'" TARGET="DOCUMENT" onMouseOver="window.status='||''''||
2687 wf_core.translate('WFDM_CHECK_OUT')||''''||';return true">'||
2688 '<img src='||wfa_html.image_loc||'checkout.gif border=no align=absmiddle alt="'||wf_core.translate('WFDM_CHECK_OUT')||'"></a>');
2689
2690 /*
2691 ** Create the check in icon control
2692 */
2693 fnd_document_management.get_check_in_document_url (
2694 l_username,
2695 document_identifier,
2696 FALSE,
2697 l_url_syntax);
2698
2699 htp.p('<a href="'||l_url_syntax||'" TARGET="DOCUMENT" onMouseOver="window.status='||''''||
2700 wf_core.translate('WFDM_CHECK_IN')||''''||';return true">'||
2701 '<img src='||wfa_html.image_loc||'checkin.gif border=no align=absmiddle alt="'||wf_core.translate('WFDM_CHECK_IN')||'"></a>');
2702
2703 /*
2704 ** Create the unlock icon control
2705 */
2706 fnd_document_management.get_unlock_document_url (
2707 l_username,
2708 document_identifier,
2709 FALSE,
2710 l_url_syntax);
2711
2712 htp.p('<a href="'||l_url_syntax||'" TARGET="DOCUMENT" onMouseOver="window.status='||''''||
2713 wf_core.translate('WFDM_UNLOCK')||''''||';return true">'||
2714 '<img src='||wfa_html.image_loc||'lock_opn.gif height=22 border=no align=absmiddle alt="'||wf_core.translate('WFDM_UNLOCK')||'"></a>');
2715 /*
2716 ** Create a dividing line
2717 */
2718 htp.p('<img src='||wfa_html.image_loc||'FNDIWDVD.gif border=no align=absmiddle alt="">');
2719
2720 /*
2721 ** Create the show history icon
2722 */
2723 fnd_document_management.get_display_history_url (
2724 l_username,
2725 document_identifier,
2726 FALSE,
2727 l_url_syntax);
2728
2729 htp.p('<a href="'||l_url_syntax||'" TARGET="DOCUMENT" onMouseOver="window.status='||''''||
2730 wf_core.translate('WFDM_DISPLAY_HISTORY')||''''||';return true">'||
2731 '<img src='||wfa_html.image_loc||'FNDIINFO.gif height=22 border=no align=absmiddle alt="'||wf_core.translate('WFDM_DISPLAY_HISTORY')||'"></a>');
2732
2733 htp.p('<img src='||wfa_html.image_loc||'FNDIWDVD.gif border=no align=absmiddle alt="">');
2734
2735 /*
2736 ** Create the help icon
2737 */
2738 htp.p('<a href="javascript:help_window()" onMouseOver="window.status='||
2739 ''''||wf_core.translate('WFMON_HELP')||''''||
2740 ';return true"><img src='||wfa_html.image_loc||'FNDIHELP.gif border=no align=absmiddle alt="'||wf_core.translate('WFMON_HELP')||'"></a></td>');
2741 htp.p('</tr>');
2742
2743 /*
2744 ** Create the black border under the toolbar and close the icon table
2745 */
2746 htp.p('<tr>');
2747 htp.p('<td bgcolor=#666666 height=1 colspan=3 id=""><img src='||wfa_html.image_loc||'FNDDBPXB.gif alt=""></td></tr></table>');
2748
2749 /*
2750 ** Close the toolbar table data
2751 */
2752 htp.p('</td>');
2753
2754 /*
2755 ** Create the logo and close the toolbar and logo table
2756 */
2757 htp.p('<td rowspan=5 width=100% align=right><img src='||wfa_html.image_loc||'WFLOGO.gif alt=""></td></tr></table>');
2758
2759
2760 exception
2761 when others then
2762 wf_core.context('fnd_document_management',
2763 'create_document_toolbar',
2764 document_identifier);
2765 raise;
2766
2767 end create_document_toolbar;
2768
2769
2770
2771 /*===========================================================================
2772
2773 Function get_launch_attach_url
2774
2775 Purpose Set up the anchor to launch a new window with a frameset
2776 with two frames. The upper frame has all the controls.
2777 The lower frame displays the document.
2778
2779 ============================================================================*/
2780 PROCEDURE get_launch_attach_url
2781 (username IN Varchar2,
2782 callback_function IN Varchar2,
2783 display_icon IN Boolean,
2784 launch_attach_URL OUT NOCOPY Varchar2) IS
2785
2786 l_product_id NUMBER;
2787 l_dm_node_id NUMBER;
2788 l_username Varchar2(320); -- Username to query
2789 l_dm_node_name Varchar2(240);
2790 l_attach_url VARCHAR2(4000);
2791 l_browser varchar2(400);
2792 l_callback_function VARCHAR2(4000);
2793 l_dummy boolean; -- Bug5161758 HTML injection
2794
2795 BEGIN
2796
2800 ** Since the forms launch process is not within a browser the
2797 /*
2798 ** The forms attachments interface calls this same function to
2799 ** get the proper url to attach a document to a business object.
2801 ** owa_util variables will not be available when this string
2802 ** gets created. We check here whether your calling this from
2803 ** a web interface (the display_icon parameter should be changed
2804 ** to html_interface) or a forms interface.
2805 */
2806 IF (display_icon = TRUE) THEN
2807
2808 l_browser := owa_util.get_cgi_env('HTTP_USER_AGENT');
2809
2810 ELSE
2811
2812 l_browser := 'NETSCAPE';
2813
2814 END IF;
2815
2816 /*
2817 ** Get the home node id for this user. If that home is an Internet
2818 ** Documents home based on
2819 ** the product id = 1 then this is an Internet Documents install
2820 ** We do not display the multiframe window in this case with the
2821 ** control bar on top. Internet documents has their own toolbar and
2822 ** has their own mechanism for controlling the DM options.
2823 */
2824 -- Bug5161758 HTML injection
2825 begin
2826 l_dummy := wf_core.CheckIllegalChars(username,true);
2827 exception
2828 when OTHERS then
2829 fnd_document_management.error;
2830 return;
2831 end;
2832 l_username := upper(username);
2833
2834 -- get the document management home node information
2835 fnd_document_management.get_dm_home (l_username, l_dm_node_id, l_dm_node_name);
2836
2837 /*
2838 ** get the product that is installed for that dm node
2839 */
2840 SELECT MAX(PRODUCT_ID)
2841 INTO l_product_id
2842 FROM fnd_dm_nodes
2843 WHERE node_id = l_dm_node_id;
2844
2845 /*
2846 ** get all the components of the document anchor
2847 */
2848 IF (display_icon = FALSE) THEN
2849
2850 /*
2851 ** If the product id = 1 then this is an Internet Documents install
2852 ** We do not display the multiframe window in this case with the
2853 ** control bar on top. Internet documents has their own toolbar and
2854 ** has their own mechanism for controlling the DM options.
2855 */
2856 IF (l_product_id = 1) THEN
2857
2858 /*
2859 ** Get the HTML text for displaying the document
2860 */
2861 fnd_document_management.get_search_document_url (
2862 username,
2863 callback_function,
2864 FALSE,
2865 l_attach_URL);
2866
2867 /*
2868 ** Replace the NodeId token with the current dm home node id for
2869 ** this user
2870 */
2871 launch_attach_URL := REPLACE(l_attach_URL, '-NodeId-',
2872 TO_CHAR(l_dm_node_id));
2873
2874
2875 ELSE
2876
2877 launch_attach_URL :=
2878 dm_base_url||
2879 '/fnd_document_management.create_attach_document_url?'||
2880 'username='||username||
2881 '&callback_function='||
2882 callback_function;
2883
2884 END IF;
2885
2886 ELSE
2887
2888 /*
2889 ** If the product id = 1 then this is an Internet Documents install
2890 ** We do not display the multiframe window in this case with the
2891 ** control bar on top. Internet documents has their own toolbar and
2892 ** has their own mechanism for controlling the DM options.
2893 */
2894 IF (l_product_id = 1) THEN
2895
2896 /*
2897 ** This is a total hack but it must be done for now for simplicity of
2898 ** the interface. The response notification frame is called bottom.
2899 ** This does not exist in the javascript object hierarchy when
2900 ** executing an onload event when creating a new document in the
2901 ** DM system using Netscape. So we must check for this very
2902 ** special case and
2903 ** remove bottom from the hierarchy. This could be an issue for
2904 ** any UI that uses our attach interface when the field is in a frame.
2905 ** This same REPLACE function is in the get_search_document_url but
2906 ** since we always start at the search screen with Inter Docs we
2907 ** need the same replacement here.
2908 */
2909 IF (instr(l_browser, 'MSIE') = 0) then
2910
2911 l_callback_function := REPLACE(callback_function,
2912 'opener.bottom.document',
2913 'opener.document');
2914
2915 ELSE
2916
2917 l_callback_function := callback_function;
2918
2919 END IF;
2920
2921 /*
2922 ** Get the HTML text for displaying the document
2923 */
2924 fnd_document_management.get_search_document_url (
2925 username,
2926 l_callback_function,
2927 FALSE,
2928 l_attach_URL);
2929
2930 /*
2931 ** Replace the NodeId token with the current dm home node id for
2932 ** this user
2933 */
2937 /*
2934 l_attach_URL := REPLACE(l_attach_URL, '-NodeId-',
2935 TO_CHAR(l_dm_node_id));
2936
2938 ** Get the HTML text for displaying the document
2939 */
2940 launch_attach_URL :=
2941 '<A HREF="javascript:fnd_open_dm_attach_window(' || '''' ||
2942 l_attach_url||
2943 '''' ||
2944 ', 700, 600)">'||
2945 '<IMG SRC="'||wfa_html.image_loc||'afattach.gif" BORDER=no alt="'
2946 || WF_CORE.Translate('WFITD_ATTACH') || '">'||
2947 '</A>';
2948 ELSE
2949
2950 /*
2951 ** We need need to fetch URL prefix from WF_WEB_AGENT in wf_resources
2952 ** since this function gets called from the forms environment
2953 ** which doesn't know anything about the cgi variables.
2954 */
2955 launch_attach_URL :=
2956 '<A HREF="javascript:fnd_open_dm_attach_window(' || '''' ||
2957 dm_base_url||
2958 '/fnd_document_management.create_attach_document_url?'||
2959 'username='||username||
2960 '&callback_function='||callback_function||
2961 '''' ||
2962 ', 700, 600)">'||
2963 '<IMG SRC="'||wfa_html.image_loc||'afattach.gif" BORDER=no alt="'
2964 || WF_CORE.Translate('WFITD_ATTACH') || '">'||
2965 ' </A>';
2966
2967 END IF;
2968
2969 END IF;
2970
2971 EXCEPTION
2972 WHEN OTHERS THEN
2973 Wf_Core.Context('fnd_document_management',
2974 'get_launch_attach_url',
2975 callback_function);
2976 RAISE;
2977
2978 END get_launch_attach_url;
2979
2980 /*===========================================================================
2981
2982 Function create_display_document_url
2983
2984 Purpose Launches the toolbar in one frame for the document
2985 operations and then creates another frame to display
2986 the document.
2987
2988 ============================================================================*/
2989 PROCEDURE create_attach_document_url
2990 (username IN Varchar2,
2991 callback_function IN Varchar2) IS
2992
2993 l_username Varchar2 (320);
2994 l_document_url Varchar2 (4000);
2995 l_dm_node_id Number; -- Document Management Home preference
2996 l_dm_node_name Varchar2(240);
2997 l_callback_function Varchar2 (2000);
2998 l_dummy boolean; -- Bug5161758 HTML injection
2999
3000 BEGIN
3001 -- Bug5161758 HTML injection / XSS
3002 begin
3003 l_dummy := wf_core.CheckIllegalChars(username,true);
3004 exception
3005 when OTHERS then
3006 fnd_document_management.error;
3007 return;
3008 end;
3009 l_username := upper(username);
3010
3011 -- get the document management home node information
3012 fnd_document_management.get_dm_home (l_username, l_dm_node_id, l_dm_node_name);
3013
3014 -- If no document nodes are available then show an error message
3015 IF (l_dm_node_id IS NULL) THEN
3016
3017 htp.htmlOpen;
3018 htp.headOpen;
3019 htp.title(wf_core.translate('WF_WORKFLOW_TITLE'));
3020 htp.headClose;
3021
3022 htp.p ('<BODY bgcolor=#cccccc>');
3023 htp.tableOpen(cattributes=>'summary=""');
3024 htp.tableRowOpen;
3025
3026 htp.tabledata('<IMG SRC="'||wfa_html.image_loc||'prohibit.gif" alt="' ||
3027 WF_CORE.Translate('WFDM_NO_NODES') || '">');
3028 htp.tabledata('<B>'||wf_core.translate('WFDM_NO_NODES')||'</B>');
3029
3030 htp.tableRowClose;
3031 htp.tableClose;
3032 htp.bodyClose;
3033 htp.htmlclose;
3034 return;
3035
3036 END IF;
3037
3038 -- Check to see if the callback function special url characters have been
3039 -- converted. If they have not then convert.
3040 -- Bug5161758 - XSS - Double encoding already taken care of,
3041 -- for Apps we need to use encode_url instead
3042 l_callback_function := wfa_html.encode_url(callback_function);
3043 l_dm_node_name := SUBSTR (l_dm_node_name , 1, 30);
3044
3045 htp.htmlOpen;
3046 htp.headOpen;
3047 htp.title(l_dm_node_name);
3048 htp.headClose;
3049
3050 /*
3051 ** Create the top header frameset and the bottom summary/detail frameset
3052 */
3053
3054 htp.p ('<FRAMESET ROWS="10%,90%" BORDER=0 LONGDESC="'||
3055 owa_util.get_owa_service_path ||
3056 'wfa_html.LongDesc?p_token=WFDM_LONGDESC">');
3057
3058 /*
3059 ** Create the header frame
3060 */
3061 htp.p ('<FRAME NAME=CONTROLS '||
3062 'SRC='||
3063 dm_base_url ||
3064 '/fnd_document_management.create_attach_toolbar?'||
3065 'username='||username||
3066 '&callback_function='||l_callback_function||
3067 ' MARGINHEIGHT=10 MARGINWIDTH=10 '||
3068 'SCROLLING="NO" NORESIZE FRAMEBORDER=YES LONGDESC="'||
3069 owa_util.get_owa_service_path ||
3070 'wfa_html.LongDesc?p_token=WFDM_LONGDESC">');
3071
3072 /*
3073 ** Replace the NodeId token with the current dm home node id for
3074 ** this user
3075 */
3079 /*
3076 l_callback_function := REPLACE(l_callback_function, '-NodeId-',
3077 TO_CHAR(l_dm_node_id));
3078
3080 ** Get the HTML text for displaying the document
3081 */
3082 fnd_document_management.get_search_document_url (
3083 username,
3084 l_callback_function,
3085 FALSE,
3086 l_document_url);
3087
3088 /*
3089 ** THis is a bit of a cludge for opentext to remove the second parent
3090 ** on the callback when you are doing a search.
3091 */
3092 htp.p ('<FRAME NAME=DOCUMENT '||
3093 'SRC='||
3094 REPLACE (l_document_url,
3095 '.opener.parent.parent.opener.',
3096 '.opener.parent.')||
3097 ' MARGINHEIGHT=10 MARGINWIDTH=10 '||
3098 'NORESIZE SCROLLING="YES" FRAMEBORDER=NO LONGDESC="'||
3099 owa_util.get_owa_service_path ||
3100 'wfa_html.LongDesc?p_token=WFDM_LONGDESC">');
3101
3102 /*
3103 ** Close the summary/details frameset
3104 */
3105 htp.p ('</FRAMESET>');
3106
3107 EXCEPTION
3108 WHEN OTHERS THEN
3109 Wf_Core.Context('fnd_document_management',
3110 'create_attach_document_url',
3111 callback_function);
3112 RAISE;
3113
3114 END create_attach_document_url;
3115
3116
3117 /*===========================================================================
3118
3119 Function create_attach_toolbar
3120
3121 Purpose create the toolbar for attaching a document to a business
3122 object
3123
3124 ============================================================================*/
3125 PROCEDURE create_attach_toolbar
3126 (
3127 username IN VARCHAR2,
3128 callback_function IN VARCHAR2) IS
3129
3130 c_title Varchar2(240) := NULL;
3131 l_toolbar_color Varchar2(10) := '#0000cc';
3132 l_username Varchar2(320); -- Username to query
3133 l_dm_node_id Number; -- Document Management Home preference
3134 l_dm_node_name Varchar2(240);
3135 l_callback_function Varchar2(2000);
3136 l_url_syntax Varchar2(4000) := NULL;
3137 l_dummy boolean; -- Bug5161758 HTML injection
3138
3139 BEGIN
3140 -- Bug5161758 HTML injection / XSS
3141 begin
3142 l_dummy := wf_core.CheckIllegalChars(username,true);
3143 exception
3144 when OTHERS then
3145 fnd_document_management.error;
3146 return;
3147 end;
3148 l_username := upper(username);
3149
3150 -- get the document management home node information
3151 fnd_document_management.get_dm_home (l_username, l_dm_node_id, l_dm_node_name);
3152
3153 l_dm_node_name := SUBSTR (l_dm_node_name , 1, 30);
3154
3155 /*
3156 ** Create main table for toolbar and icon
3157 */
3158 htp.p('<table width=100% Cellpadding=0 Cellspacing=0 border=0 summary="">');
3159
3160
3161 htp.p('<tr>');
3162
3163 /*
3164 ** Put some space on the side
3165 */
3166 htp.p('<td width=10 id=""></td>');
3167
3168 htp.p('<td id="">');
3169
3170 /*
3171 ** inner table to define toolbar
3172 */
3173 htp.p('<table Cellpadding=0 Cellspacing=0 Border=0 summary="">');
3174
3175 /*
3176 ** Left rounded icon for toolbar
3177 */
3178 htp.p('<td rowspan=3><img src='||wfa_html.image_loc||'FNDGTBL.gif alt=""></td>');
3179
3180 /*
3181 ** White line on top of toolbar
3182 */
3183 htp.p('<td bgcolor=#ffffff height=1 colspan=3 id=""><img src='||wfa_html.image_loc||'FNDDBPXW.gif alt=""></td>');
3184
3185 /*
3186 ** Right rounded icon for toolbar
3187 */
3188 htp.p('<td rowspan=3 id=""><img src='||wfa_html.image_loc||'FNDGTBR.gif alt=""></td>');
3189
3190 /*
3191 ** End the table row for the icons that surround the real toolbar
3192 */
3193 htp.p('</tr>');
3194
3195 /*
3196 ** Start the table for the real controls
3197 */
3198 htp.p('<tr>');
3199
3200 /*
3201 ** Always create the home icon
3202 */
3203 htp.p('<td bgcolor=#cccccc nowrap height=30 align=middle id="">');
3204
3205 htp.p('<a href="'||dm_base_url||
3206 '/fnd_document_management.choose_home?'||
3207 'username='||username||
3208 '&callback='||
3209 wfa_html.conv_special_url_chars(callback_function)||'"'||
3210 '" TARGET="DOCUMENT" onMouseOver="window.status='||''''||
3211 wf_core.translate('WFDM_HOME')||''''||';return true">'||
3212 '<img src='||wfa_html.image_loc||'wpreload.gif border=no align=middle alt="'||wf_core.translate('WFDM_HOME')||'"></a>');
3213
3214 htp.p('<img src='||wfa_html.image_loc||'FNDIWDVD.gif align=absmiddle alt="">');
3215
3216 htp.p('</td>');
3217
3218 /*
3219 ** Create the page title.
3220 */
3221 htp.p('<td bgcolor=#cccccc nowrap height=30 align=middle id="">');
3222
3223 htp.p('<B> '||l_dm_node_name||' </B>');
3224
3225 htp.p('</td>');
3226
3227 /*
3231 htp.p('<img src='||wfa_html.image_loc||'FNDIWDVD.gif border=no align=absmiddle alt="">');
3228 ** Create the dividing line
3229 */
3230 htp.p('<td bgcolor=#cccccc nowrap height=30 align=middle id="">');
3232
3233 /*
3234 ** Update the node id token for the search add and browse icons
3235 ** so they point at the current node. You don't want to replace it
3236 ** for the change home icon since you want to preserve the NodeId
3237 ** token syntax
3238 */
3239 l_callback_function := REPLACE(callback_function, '-NodeId-',
3240 TO_CHAR(l_dm_node_id));
3241
3242 /*
3243 ** Create the search document icon control
3244 */
3245 fnd_document_management.get_search_document_url (
3246 username,
3247 wfa_html.conv_special_url_chars(l_callback_function),
3248 FALSE,
3249 l_url_syntax);
3250
3251 htp.p('<a href="'||
3252 REPLACE (l_url_syntax,
3253 '.opener.parent.parent.opener.',
3254 '.opener.parent.')||
3255 '" TARGET="DOCUMENT" onMouseOver="window.status='||''''||
3256 wf_core.translate('WFDM_SEARCH')||''''||';return true">'||
3257 '<img src='||wfa_html.image_loc||'affind.gif border=no align=absmiddle alt="'||wf_core.translate('WFDM_SEARCH')||'"></a>');
3258
3259 /*
3260 ** Create the add document icon control
3261 */
3262 fnd_document_management.get_create_document_url (
3263 username,
3264 wfa_html.conv_special_url_chars(l_callback_function),
3265 FALSE,
3266 l_url_syntax);
3267
3268 htp.p('<a href="'||l_url_syntax||'" TARGET="DOCUMENT" onMouseOver="window.status='||''''||
3269 wf_core.translate('WFDM_CREATE')||''''||';return true">'||
3270 '<img src='||wfa_html.image_loc||'affldnew.gif border=no align=absmiddle alt="'||wf_core.translate('WFDM_CREATE')||'"></a>');
3271
3272 /*
3273 ** Create the browse icon control
3274 */
3275 fnd_document_management.get_browse_document_url (
3276 username,
3277 wfa_html.conv_special_url_chars(l_callback_function),
3278 FALSE,
3279 l_url_syntax);
3280
3281 htp.p('<a href="'||l_url_syntax||'" TARGET="DOCUMENT" onMouseOver="window.status='||''''||
3282 wf_core.translate('WFDM_BROWSE')||''''||';return true">'||
3283 '<img src='||wfa_html.image_loc||'FNDCATOF.gif border=no align=absmiddle alt="'||wf_core.translate('WFDM_BROWSE')||'"></a>');
3284
3285 htp.p('<img src='||wfa_html.image_loc||'FNDIWDVD.gif border=no align=absmiddle alt="">');
3286
3287 /*
3288 ** Create the help icon
3289 */
3290 htp.p('<a href="javascript:help_window()" onMouseOver="window.status='||
3291 ''''||wf_core.translate('WFMON_HELP_DETAILS')||''''||
3292 ';return true"><img src='||wfa_html.image_loc||'FNDIHELP.gif border=no align=absmiddle alt="'||wf_core.translate('WFMON_HELP_DETAILS')||'"></a></td>');
3293 htp.p('</tr>');
3294
3295 /*
3296 ** Create the black border under the toolbar and close the icon table
3297 */
3298 htp.p('<tr>');
3299 htp.p('<td bgcolor=#666666 height=1 colspan=3 id=""><img src='||wfa_html.image_loc||'FNDDBPXB.gif alt=""></td></tr></table>');
3300
3301 /*
3302 ** Close the toolbar table data
3303 */
3304 htp.p('</td>');
3305
3306 /*
3307 ** Create the logo and close the toolbar and logo table
3308 */
3309 htp.p('<td rowspan=5 width=100% align=right id=""><img src='||wfa_html.image_loc||'WFLOGO.gif alt=""></td></tr></table>');
3310
3311
3312 exception
3313 when others then
3314 wf_core.context('fnd_document_management',
3315 'create_attach_toolbar',
3316 callback_function);
3317 raise;
3318
3319 end create_attach_toolbar;
3320
3321 /*===========================================================================
3322
3323 Function get_dm_home
3324
3325 Purpose fetch the document management home preference for a given
3326 user. If there is no home defined for a user then go
3327 check the default. If there is no default defined then
3328 get the first dm_node in the list.
3329
3330 ============================================================================*/
3331 procedure get_dm_home (
3332 username IN VARCHAR2,
3333 dm_node_id OUT NOCOPY VARCHAR2,
3334 dm_node_name OUT NOCOPY VARCHAR2) IS
3335
3336 l_dm_node_id NUMBER := NULL;
3337 l_dummy boolean; -- Bug5161758 HTML injection
3338 BEGIN
3339 -- Bug5161758 HTML injection
3340 begin
3341 l_dummy := wf_core.CheckIllegalChars(username,true);
3342 exception
3343 when OTHERS then
3344 fnd_document_management.error;
3345 return;
3346 end;
3347
3348 /*
3349 ** Check for the user default value
3350 */
3351 l_dm_node_id := TO_NUMBER(fnd_preference.get (username, 'WF', 'DMHOME'));
3352
3353 /*
3354 ** If there was no user default then try to get the system default
3355 */
3356 IF (l_dm_node_id IS NULL) THEN
3357
3358 l_dm_node_id := TO_NUMBER(fnd_preference.get ('-WF_DEFAULT-', 'WF', 'DMHOME'));
3359
3360 END IF;
3361
3362 /*
3366
3363 ** If there was no system default then get the first node in the list
3364 */
3365 IF (l_dm_node_id IS NULL) THEN
3367 /*
3368 ** Make sure to check for no data found in case there are no
3369 ** nodes defined.
3370 */
3371 BEGIN
3372
3373 SELECT MAX(node_id)
3374 INTO l_dm_node_id
3375 FROM fnd_dm_nodes;
3376
3377 EXCEPTION
3378 /*
3379 ** If there are no rows defined then set the output variables
3380 ** to null
3381 */
3382 WHEN NO_DATA_FOUND THEN
3383 l_dm_node_id := NULL;
3384 dm_node_id := NULL;
3385 dm_node_name := NULL;
3386
3387 WHEN OTHERS THEN
3388 RAISE;
3389
3390 END;
3391
3392 END IF;
3393
3394 /*
3395 ** If you have the node id then populate the node name and node id
3396 ** output variables
3397 */
3398 IF (l_dm_node_id IS NOT NULL) THEN
3399
3400 BEGIN
3401 /*
3402 ** Make sure the node hasn't been deleted since the preference
3403 ** was created by having a no data found exception handler.
3404 */
3405 SELECT node_id, node_name
3406 INTO dm_node_id, dm_node_name
3407 FROM fnd_dm_nodes
3408 WHERE node_id = l_dm_node_id;
3409
3410 EXCEPTION
3411 /*
3412 ** If there are no rows defined then set the output variables
3413 ** to null
3414 */
3415 WHEN NO_DATA_FOUND THEN
3416 l_dm_node_id := NULL;
3417 dm_node_id := NULL;
3418 dm_node_name := NULL;
3419 WHEN OTHERS THEN
3420 RAISE;
3421
3422 END;
3423
3424 END IF;
3425
3426 exception
3427 when others then
3428 wf_core.context('fnd_document_management',
3429 'get_dm_home',
3430 username);
3431 raise;
3432
3433 end get_dm_home;
3434
3435 /*===========================================================================
3436
3437 Function set_dm_home
3438
3439 Purpose set the document management home preference for a given
3440 user.
3441
3442 ============================================================================*/
3443 procedure set_dm_home (
3444 username IN VARCHAR2,
3445 dm_node_id IN VARCHAR2) IS
3446 l_dummy boolean; -- Bug5161758 HTML injection
3447
3448 BEGIN
3449 -- Bug5161758 HTML injection
3450 begin
3451 l_dummy := wf_core.CheckIllegalChars(username,true);
3452 exception
3453 when OTHERS then
3454 fnd_document_management.error;
3455 return;
3456 end;
3457 /*
3458 ** Set the user default value
3459 */
3460 fnd_preference.put (username, 'WF', 'DMHOME', dm_node_id);
3461
3462 exception
3463 when others then
3464 wf_core.context('fnd_document_management',
3465 'set_dm_home',
3466 username,
3467 dm_node_id);
3468 raise;
3469
3470 end set_dm_home;
3471
3472 /*===========================================================================
3473
3474 Function set_dm_home_html
3475
3476 Purpose set the document management home preference for a given
3477 user throught the html interface
3478
3479 ============================================================================*/
3480 procedure set_dm_home_html (
3481 dm_node_id IN VARCHAR2,
3482 username IN VARCHAR2,
3483 callback IN VARCHAR2) IS
3484
3485 l_product_id NUMBER;
3486 l_username VARCHAR2(320);
3487 l_attach_URL VARCHAR2(4000);
3488 l_dummy boolean; -- Bug5161758 HTML injection
3489
3490 BEGIN
3491
3492 -- Bug5161758 HTML injection
3493 begin
3494 l_dummy := wf_core.CheckIllegalChars(username,true);
3495 exception
3496 when OTHERS then
3497 fnd_document_management.error;
3498 return;
3499 end;
3500 l_username := upper(username);
3501
3502 /*
3503 ** Set the user default value
3504 */
3505 fnd_document_management.set_dm_home (l_username, dm_node_id);
3506
3507 /*
3508 ** get the product that is installed for that dm node
3509 */
3510 SELECT MAX(PRODUCT_ID)
3511 INTO l_product_id
3512 FROM fnd_dm_nodes
3513 WHERE node_id = TO_NUMBER(dm_node_id);
3514
3515 IF (l_product_id = 1) THEN
3516
3517 /*
3518 ** Get the HTML text for displaying the document
3519 */
3520 fnd_document_management.get_search_document_url (
3521 username,
3522 wfa_html.conv_special_url_chars(callback),
3523 FALSE,
3524 l_attach_URL);
3525
3526 /*
3527 ** Replace the NodeId token with the current dm home node id for
3528 ** this user
3529 */
3530 l_attach_URL := REPLACE(l_attach_URL, '-NodeId-',
3531 dm_node_id);
3532
3533 -- use owa_util.redirect_url to redirect the URL to the home page
3534 owa_util.redirect_url(curl=>l_attach_URL, bclose_header=>TRUE);
3538 -- use owa_util.redirect_url to redirect the URL to the home page
3535
3536 ELSE
3537
3539 owa_util.redirect_url(curl=>dm_base_url ||
3540 '/fnd_document_management.create_attach_document_url'||
3541 '?username='||l_username||
3542 '&callback_function='||
3543 wfa_html.conv_special_url_chars(callback),
3544 bclose_header=>TRUE);
3545
3546 END IF;
3547
3548 exception
3549 when others then
3550 wf_core.context('fnd_document_management',
3551 'set_dm_home_html',
3552 dm_node_id, username, callback);
3553 raise;
3554
3555 end set_dm_home_html;
3556
3557
3558 --
3559 -- Dm_Nodes_Display
3560 -- Produce list of dm_nodes
3561 --
3562 procedure Dm_Nodes_Display
3563 is
3564 username varchar2(320); -- Username to query
3565 admin_role varchar2(320); -- Role for admin mode
3566 admin_mode varchar2(1) := 'N';
3567 realname varchar2(360); -- Display name of username
3568 s0 varchar2(2000); -- Dummy
3569 l_error_msg varchar2(240);
3570 l_url varchar2(240);
3571 l_media varchar2(240) := wfa_html.image_loc;
3572 l_icon varchar2(40);
3573 l_text varchar2(240);
3574 l_onmouseover varchar2(240);
3575
3576 cursor nodes_cursor is
3577 select dmn.node_id,
3578 dmn.node_name,
3579 dmn.node_description,
3580 dmn.connect_syntax,
3581 dmn.product_id,
3582 dmp.product_name,
3583 dmp.vendor_name,
3584 dmp.version
3585 from fnd_dm_nodes dmn, fnd_dm_products dmp
3586 where dmn.product_id = dmp.product_id;
3587
3588 rowcount number;
3589 att_tvalue varchar2(2000) default null;
3590 begin
3591
3592 -- Check current user has admin authority
3593 wfa_sec.GetSession(username);
3594 username := upper(username);
3595 wf_directory.GetRoleInfo(username, realname, s0, s0, s0, s0);
3596
3597 admin_role := wf_core.translate('WF_ADMIN_ROLE');
3598 if (admin_role = '*' or
3599 Wf_Directory.IsPerformer(username, admin_role)) then
3600 admin_mode := 'Y';
3601 else
3602
3603 l_error_msg := wf_core.translate('WFPREF_INVALID_ADMIN');
3604
3605 end if;
3606
3607 -- Set page title
3608 htp.htmlOpen;
3609 htp.headOpen;
3610 htp.p('<BASE TARGET="_top">');
3611 htp.title(wf_core.translate('WFDM_NODES_TITLE'));
3612 wfa_html.create_help_function('wf/links/dmr.htm?DMREP');
3613 htp.headClose;
3614 wfa_sec.Header(FALSE, '',wf_core.translate('WFDM_NODES_TITLE'), FALSE);
3615 htp.br;
3616
3617 IF (admin_mode = 'N') THEN
3618
3619 htp.center(htf.bold(l_error_msg));
3620 return;
3621
3622 END IF;
3623
3624 -- Column headers
3625 htp.tableOpen('border=1 cellpadding=3 bgcolor=white width="100%" summary=""');
3626 htp.tableRowOpen(cattributes=>'bgcolor=#006699');
3627
3628 htp.tableHeader(cvalue=>'<font color=#FFFFFF>'||
3629 wf_core.translate('NAME')||'</font>',
3630 calign=>'Center', cattributes=>'id="t_name"');
3631 htp.tableHeader(cvalue=>'<font color=#FFFFFF>'||
3632 wf_core.translate('DESCRIPTION')||'</font>',
3633 calign=>'Center', cattributes=>'id="t_node_description"');
3634 htp.tableHeader(cvalue=>'<font color=#FFFFFF>'
3635 || wf_core.translate('WFDM_WEB_AGENT')||'</font>',
3636 calign=>'Center', cattributes=>'id="t_connect_syntax"');
3637 htp.tableHeader(cvalue=>'<font color=#FFFFFF>'||
3638 wf_core.translate('PRODUCT')||'</font>',
3639 calign=>'Center', cattributes=>'id="t_product_name"');
3640 htp.tableHeader(cvalue=>'<font color=#FFFFFF>'||
3641 wf_core.translate('VENDOR')||'</font>',
3642 calign=>'Center', cattributes=>'id="t_vendor_name"');
3643 htp.tableHeader(cvalue=>'<font color=#FFFFFF>'||
3644 wf_core.translate('VERSION')||'</font>',
3645 calign=>'Center', cattributes=>'id="t_version"');
3646 htp.tableHeader(cvalue=>'<font color=#FFFFFF>'||
3647 wf_core.translate('WFDM_NODE_ID')||'</font>',
3648 calign=>'Center', cattributes=>'id="t_node_id"');
3649 htp.tableHeader(cvalue=>'<font color=#FFFFFF>'||
3650 wf_core.translate('DELETE')||'</font>',
3651 calign=>'Center', cattributes=>'id="t_delete"');
3652 htp.tableRowClose;
3653 htp.tableRowOpen;
3654 htp.tableRowClose;
3655
3656 -- Show all nodes
3657 for nodes in nodes_cursor loop
3658
3659 htp.tableRowOpen(null, 'TOP');
3660
3661 -- Bug5161758 - XSS
3662 htp.tableData(htf.anchor2(
3663 curl=>wfa_html.base_url||
3664 '/fnd_document_management.dm_nodes_edit?p_node_id='||
3665 to_char(nodes.node_id),
3666 ctext=>wf_core.substitutespecialchars(nodes.node_name),
3667 ctarget=>'_top'),
3668 'Left', cattributes=>'headers="t_name"');
3669 htp.tableData(wf_core.substitutespecialchars(nodes.node_description),
3670 'left',
3671 cattributes=>'headers="t_node_description"');
3672 htp.tableData(wf_core.substitutespecialchars(nodes.connect_syntax),
3673 'left',
3677 cattributes=>'headers="t_product_name"');
3674 cattributes=>'headers="t_connect_syntax"');
3675 htp.tableData(wf_core.substitutespecialchars(nodes.product_name),
3676 'left',
3678 htp.tableData(wf_core.substitutespecialchars(nodes.vendor_name),
3679 'left',
3680 cattributes=>'headers="t_vendor_name"');
3681 htp.tableData(wf_core.substitutespecialchars(nodes.version),
3682 'left',
3683 cattributes=>'headers="t_version"');
3684 htp.tableData(wf_core.substitutespecialchars(nodes.node_id), 'left',
3685 cattributes=>'headers="t_node_id"');
3686
3687 htp.tableData(htf.anchor2(curl=>wfa_html.base_url||
3688 '/fnd_document_management.dm_nodes_confirm_delete?p_node_id='||
3689 wf_core.substitutespecialchars(nodes.node_id),
3690 ctext=>'<IMG SRC="'||wfa_html.image_loc||'FNDIDELR.gif" BORDER=0 alt="' || WF_CORE.Translate('DELETE') || '">'),
3691 'center', cattributes=>'valign="MIDDLE" headers="t_delete"');
3692
3693 end loop;
3694
3695 htp.tableclose;
3696
3697 htp.br;
3698
3699 htp.tableopen(calign=>'CENTER', cattributes=>'summary=""');
3700
3701 --Add new node Button
3702 htp.tableRowOpen;
3703
3704 l_url := wfa_html.base_url||'/fnd_document_management.dm_nodes_edit';
3705 l_icon := 'FNDJLFOK.gif';
3706 l_text := wf_core.translate ('WFDM_CREATE');
3707 l_onmouseover := wf_core.translate ('WFDM_CREATE');
3708
3709 htp.p('<TD id="">');
3710
3711 wf_pref.create_reg_button (l_url, l_onmouseover, l_media, l_icon, l_text);
3712
3713 htp.p('</TD>');
3714
3715 htp.tableRowClose;
3716
3717 htp.tableclose;
3718
3719 wfa_sec.Footer;
3720 htp.htmlClose;
3721
3722 exception
3723 when others then
3724 wf_core.context('FND_DOCUMENT_MANAGEMENT', 'Dm_Nodes_Display');
3725 fnd_document_management.error;
3726 end Dm_Nodes_Display;
3727
3728
3729 procedure Dm_Nodes_Edit (
3730 p_node_id IN VARCHAR2
3731 ) IS
3732
3733 BEGIN
3734 null;
3735 exception
3736 when others then
3737 wf_core.context('FND_DOCUMENT_MANAGEMENT', 'Dm_Nodes_edit');
3738 fnd_document_management.error;
3739
3740 END Dm_Nodes_Edit;
3741
3742
3743 procedure Dm_Nodes_Update (
3744 p_node_id IN VARCHAR2 ,
3745 p_node_name IN VARCHAR2 ,
3746 p_node_description IN VARCHAR2 ,
3747 p_connect_syntax IN VARCHAR2 ,
3748 p_product_id IN VARCHAR2 ,
3749 p_product_name IN VARCHAR2
3750 ) IS
3751
3752 BEGIN
3753 null;
3754 exception
3755 when others then
3756 wf_core.context('FND_DOCUMENT_MANAGEMENT', 'Dm_Nodes_update');
3757 fnd_document_management.error;
3758
3759 END Dm_Nodes_Update;
3760
3761
3762 procedure choose_home (username IN VARCHAR2 ,
3763 callback IN VARCHAR2 )
3764
3765 IS
3766
3767 l_username varchar2(320); -- Username to query
3768 realname varchar2(360); -- Display name of username
3769 admin_role varchar2(320); -- Role for admin mode
3770 admin_mode varchar2(1); -- Does user have admin privledges
3771 s0 varchar2(2000);
3772 dm_node_id number; -- Document Management Home preference
3773 dm_node_name varchar2(240);
3774 l_checked varchar2(1);
3775 l_url varchar2(240);
3776 l_media varchar2(240) := wfa_html.image_loc;
3777 l_icon varchar2(30) := 'FNDILOV.gif';
3778 l_text varchar2(240) := '';
3779 l_onmouseover varchar2(240) := wf_core.translate ('WFPREF_LOV');
3780 l_error_msg varchar2(2000) := null;
3781 l_dummy boolean; -- Bug5161758 HTML injection
3782 l_callback varchar2(2000); -- Bug5161758 XSS
3783
3784 cursor nodes_cursor is
3785 select dmn.node_id,
3786 dmn.node_name,
3787 dmn.node_description,
3788 dmn.connect_syntax,
3789 dmn.product_id,
3790 dmp.product_name,
3791 dmp.vendor_name,
3792 dmp.version
3793 from fnd_dm_nodes dmn, fnd_dm_products dmp
3794 where dmn.product_id = dmp.product_id;
3795
3796 begin
3797
3798 -- Check session and current user
3799 -- Bug5161758 HTML injection / XSS
3800 begin
3801 l_dummy := wf_core.CheckIllegalChars(username,true);
3802 exception
3803 when OTHERS then
3804 fnd_document_management.error;
3805 return;
3806 end;
3807 l_username := upper(username);
3808 l_callback := wf_core.substitutespecialchars(
3809 wfa_html.conv_special_url_chars(callback));
3810
3811 wf_directory.GetRoleInfo(l_username, realname, s0, s0, s0, s0);
3812
3813 -- get the document management home node information
3814 fnd_document_management.get_dm_home (l_username, dm_node_id, dm_node_name);
3815
3816 -- Set page title
3817 htp.htmlOpen;
3818 htp.headOpen;
3819 htp.title(wf_core.translate('WFDM_HOME'));
3820 htp.headClose;
3821
3822 -- Page header
3823 htp.center(htf.bold(wf_core.translate('WFDM_HOME')));
3827 htp.tableOpen('border=1 cellpadding=3 bgcolor=white width="100%"');
3824 htp.p('<BR>');
3825
3826 -- Column headers
3828 htp.tableRowOpen(cattributes=>'bgcolor=#006699');
3829
3830 htp.tableHeader(cvalue=>'<font color=#FFFFFF>'||
3831 wf_core.translate('NAME')||'</font>',
3832 calign=>'Center',
3833 cattributes=>'id="t_name"');
3834 htp.tableHeader(cvalue=>'<font color=#FFFFFF>'||
3835 wf_core.translate('DESCRIPTION')||'</font>',
3836 calign=>'Center', cattributes=>'id="t_node_description"');
3837 htp.tableHeader(cvalue=>'<font color=#FFFFFF>'||
3838 wf_core.translate('PRODUCT')||'</font>',
3839 calign=>'Center', cattributes=>'id="t_product"');
3840
3841 htp.tableRowClose;
3842 htp.tableRowOpen;
3843 htp.tableRowClose;
3844
3845 -- Show all nodes
3846 for nodes in nodes_cursor loop
3847
3848 htp.tableRowOpen(null, 'TOP');
3849
3850 /*
3851 ** Always show the currently selected node in bold
3852 */
3853 IF (dm_node_id = nodes.node_id) THEN
3854 -- Bug5161758 - XSS
3855 htp.tableData(htf.anchor2(
3856 curl=>wfa_html.base_url||
3857 '/fnd_document_management.set_dm_home_html?'||
3858 'dm_node_id='||to_char(nodes.node_id)||
3859 '&username='||l_username||
3860 '&callback='|| l_callback,
3861 ctext=>'<B>'||
3862 wf_core.substitutespecialchars(nodes.node_name)||
3863 '</B>', ctarget=>'_top'),
3864 'Left', cattributes=>'headers="t_name"');
3865
3866 ELSE
3867
3868 htp.tableData(htf.anchor2(
3869 curl=>dm_base_url||
3870 '/fnd_document_management.set_dm_home_html?'||
3871 'dm_node_id='||to_char(nodes.node_id)||
3872 '&username='||l_username||
3873 '&callback='|| l_callback,
3874 ctext=>wf_core.substitutespecialchars(nodes.node_name),
3875 ctarget=>'_top'),
3876 'Left', cattributes=>'headers="t_name"');
3877
3878 END IF;
3879
3880 -- Bug5161758 - XSS
3881 IF (dm_node_id = nodes.node_id) THEN
3882 htp.tableData(htf.bold(wf_core.substitutespecialchars(nodes.node_description)), 'left',
3883 cattributes=>'headers="t_node_description"');
3884 htp.tableData(htf.bold(wf_core.substitutespecialchars(nodes.product_name)), 'left',
3885 cattributes=>'headers="t_product"');
3886 ELSE
3887 htp.tableData(wf_core.substitutespecialchars(nodes.node_description), 'left',
3888 cattributes=>'headers="t_node_description"');
3889 htp.tableData(wf_core.substitutespecialchars(nodes.product_name), 'left', 'left',
3890 cattributes=>'headers="t_product"');
3891 END IF;
3892
3893 end loop;
3894
3895 htp.tableclose;
3896
3897 htp.br;
3898
3899 wfa_sec.Footer;
3900 htp.htmlClose;
3901
3902 exception
3903 when others then
3904 rollback;
3905 wf_core.context('fnd_document_management', 'choose_home');
3906 fnd_document_management.Error;
3907 end choose_home;
3908
3909
3910 --
3911 -- Product_LOV
3912 -- Create the data for the Language List of Values
3913 --
3914 procedure Product_LOV (p_titles_only IN VARCHAR2 ,
3915 p_find_criteria IN VARCHAR2 )
3916
3917 IS
3918
3919 l_username VARCHAR2(320);
3920 l_product_id NUMBER;
3921 l_product VARCHAR2(80);
3922 l_vendor VARCHAR2(80);
3923 l_version VARCHAR2(20);
3924 l_row_count NUMBER := 0;
3925
3926 CURSOR c_product_lov (c_find_criteria IN VARCHAR2) IS
3927 SELECT
3928 PRODUCT_ID ,
3929 PRODUCT_NAME ,
3930 VENDOR_NAME ,
3931 VERSION
3932 FROM fnd_dm_products
3933 WHERE product_name like c_find_criteria
3934 ORDER BY product_name;
3935
3936 BEGIN
3937
3938 -- Authenticate user
3939 wfa_sec.GetSession(l_username);
3940
3941 IF (p_titles_only = 'N') THEN
3942
3943 SELECT COUNT(*)
3944 INTO l_row_count
3945 FROM fnd_dm_products
3946 WHERE product_name like p_find_criteria||'%';
3947
3948 END IF;
3949
3950 htp.p(wf_core.translate('PRODUCT'));
3951 htp.p('4');
3952 htp.p(TO_CHAR(l_row_count));
3953 htp.p(wf_core.translate('PRODUCT'));
3954 htp.p('50');
3955 htp.p(wf_core.translate('VENDOR'));
3956 htp.p('35');
3957 htp.p(wf_core.translate('VERSION'));
3958 htp.p('15');
3959 htp.p('PRODUCT_ID');
3960 htp.p('0');
3961
3962 IF (p_titles_only = 'N') THEN
3963
3964 OPEN c_product_lov (p_find_criteria||'%');
3965
3966 /*
3967 ** Loop through all the language rows for the given find_criteria
3968 ** and write them out to the web page
3969 */
3970 LOOP
3971
3972 FETCH c_product_lov INTO
3973 l_product_id, l_product, l_vendor, l_version;
3974
3975 EXIT WHEN c_product_lov%NOTFOUND;
3976
3977 htp.p (l_product);
3978 htp.p (l_vendor);
3982 END LOOP;
3979 htp.p (l_version);
3980 htp.p (TO_CHAR(l_product_id));
3981
3983
3984 END IF;
3985
3986 exception
3987 when others then
3988 rollback;
3989 wf_core.context('Fnd_Document_Management', 'product_lov',p_titles_only, p_find_criteria);
3990 fnd_document_management.Error;
3991 END;
3992
3993
3994
3995 /*===========================================================================
3996
3997 Function get_document_token_value
3998
3999 Purpose gets a token attribute from an attribute page based on
4000 the requested token that is passed in
4001
4002 ============================================================================*/
4003 PROCEDURE get_document_token_value (document_text IN VARCHAR2,
4004 requested_token IN VARCHAR2,
4005 token_value OUT NOCOPY VARCHAR2)
4006
4007 IS
4008
4009 l_start_location NUMBER :=0;
4010 l_end_location NUMBER :=0;
4011
4012 BEGIN
4013
4014 /*
4015 ** Look for the token
4016 */
4017 l_start_location := INSTR(UPPER(document_text), requested_token);
4018
4019 IF (l_start_location > 0) THEN
4020
4021 /*
4022 ** Now set the position of the data to the first char after the token
4023 */
4024 l_start_location := l_start_location + LENGTH(requested_token);
4025
4026 /*
4027 ** Find the end of the token value. Add an extra < to be sure you
4028 ** know the last token end
4029 */
4030 l_end_location := INSTR(SUBSTR(document_text||'<',l_start_location), '<') - 1;
4031
4032 token_value := SUBSTR(document_text, l_start_location, l_end_location);
4033
4034 END IF;
4035
4036 exception
4037 when others then
4038 raise;
4039 END get_document_token_value;
4040
4041 /*===========================================================================
4042
4043 Function get_document_attributes
4044
4045 Purpose gets the current document meta data
4046
4047 ============================================================================*/
4048 PROCEDURE get_document_attributes (
4049 username IN Varchar2,
4050 document_identifier in varchar2,
4051 document_attributes out nocopy fnd_document_management.fnd_document_attributes)
4052 IS
4053
4054 l_start_copy Boolean := FALSE;
4055 l_record_num Number := 0;
4056 l_product_id Number := 0;
4057 l_dm_node_id Number := 0;
4058 l_document_id Varchar2(30) := NULL;
4059 l_version Varchar2(10) := NULL;
4060 l_document_name Varchar2(240) := NULL;
4061 l_connect_syntax Varchar2(240) := NULL;
4062 l_product_name Varchar2(80) := NULL;
4063 l_username_password Varchar2(80) := NULL;
4064 l_attributes_url VARCHAR2(4000);
4065 l_value VARCHAR2(240);
4066 l_document_text VARCHAR2(4000);
4067 l_dummy boolean; -- Bug5161758 HTML injection
4068
4069 BEGIN
4070 -- Bug5161758 HTML injection
4071 begin
4072 l_dummy := wf_core.CheckIllegalChars(username,true);
4073 exception
4074 when OTHERS then
4075 fnd_document_management.error;
4076 return;
4077 end;
4078 /*
4079 ** Parse the document_identifier into its individual components
4080 ** and get all the components of the document identifer
4081 */
4082 fnd_document_management.ParseDocInfo(document_identifier,
4083 l_dm_node_id,
4084 l_document_id,
4085 l_version);
4086
4087 /*
4088 ** Get the vendor so you know how to construct the proper URL to
4089 ** get the attributes
4090 */
4091 SELECT dmn.connect_syntax, dmp.product_name, dmn.product_id
4092 INTO l_connect_syntax, l_product_name, l_product_id
4093 FROM fnd_dm_products dmp, fnd_dm_nodes dmn
4094 WHERE dmn.node_id = l_dm_node_id
4095 AND dmp.product_id = dmn.product_id;
4096
4097 IF (l_product_id = 10) THEN
4098
4099 /*
4100 ** DEBUG: Livelink currently uses security to get the attributes
4101 ** I've asked them to drop this for their next release
4102 ** This statement should be removed before we ship.
4103 */
4104 l_username_password := '&username=Admin&password=manager';
4105
4106 /*
4107 ** Create the url for fetching attributes
4108 */
4109 l_attributes_url := l_connect_syntax ||
4110 '/Livelink/livelink.exe?func=oracleappl.fetchattributes'||
4111 '&ObjectID=-2000_'||l_document_id||'_'||l_version||
4112 l_username_password;
4113
4114 END IF;
4115
4116 IF (l_product_id = 1) THEN
4117
4118 l_attributes_url := l_connect_syntax ||
4119 '/sdkbin/app.exe/aol?template=dm_get_docname.htm&method=al=new+AOLLogin()&method=s=al.connect()&method=obj=s.getPublicObject(Long+docId)&docId='||l_document_id;
4120
4121 END IF;
4122
4123 /*
4124 ** Launch URL to fetch attributes
4128 /*
4125 */
4126 l_document_text := utl_http.request(l_attributes_url);
4127
4129 ** Livelink uses < > for < and > respectively so replace these
4130 */
4131 IF (l_product_id = 10) THEN
4132
4133 /*
4134 ** Delete all the header stuff to make searching faster
4135 */
4136 l_document_text := SUBSTR(l_document_text, INSTR(l_document_text,'<Object ID>'));
4137
4138 l_document_text := REPLACE(l_document_text, '<', '<');
4139
4140 l_document_text := REPLACE(l_document_text, '>', '>');
4141
4142 --htp.p('l_document_text = '||l_document_text);
4143
4144 END IF;
4145
4146 document_attributes.document_identifier := document_identifier;
4147
4148 /*
4149 ** Get the Object id to make sure its the same as what was passed in
4150 */
4151 get_document_token_value(l_document_text, '<OBJECT ID>', l_value);
4152
4153 /*
4154 ** Get the document Name
4155 */
4156 get_document_token_value(l_document_text, '<DOCUMENTNAME>', l_value);
4157 document_attributes.document_name := l_value;
4158
4159 /*
4160 ** Get the document type
4161 */
4162 get_document_token_value(l_document_text, '<DOCUMENTTYPE>', l_value);
4163 document_attributes.document_type := l_value;
4164
4165 /*
4166 ** Get the filename
4167 */
4168
4169 /*
4170 ** I'm commenting out a lot of the fetches of context information
4171 ** to ensure performance
4172 */
4173 -- get_document_token_value(l_document_text, '<FILENAME>', l_value);
4174 -- document_attributes.filename := l_value;
4175
4176 /*
4177 ** Get the created by
4178 */
4179 -- get_document_token_value(l_document_text, '<CREATEDBY>', l_value);
4180 -- document_attributes.created_by := l_value;
4181
4182 /*
4183 ** Get the last updated by
4184 */
4185 -- get_document_token_value(l_document_text, '<LASTMODIFIED>', l_value);
4186 -- document_attributes.last_updated_by := l_value;
4187
4188 /*
4189 ** Get the last update date
4190 */
4191 -- get_document_token_value(l_document_text, '<LASTMODIFIEDDATE>', l_value);
4192 -- document_attributes.last_update_date := l_value;
4193
4194 /*
4195 ** Get the locked by
4196 */
4197 -- get_document_token_value(l_document_text, '<LOCKEDBY>', l_value);
4198 -- document_attributes.locked_by := l_value;
4199
4200 /*
4201 ** Get the locked by
4202 */
4203 -- get_document_token_value(l_document_text, '<LOCKEDBY>', l_value);
4204 -- document_attributes.locked_by := l_value;
4205
4206 /*
4207 ** Get the size of document
4208 */
4209 -- get_document_token_value(l_document_text, '<SIZE>', l_value);
4210 -- document_attributes.document_size := l_value;
4211
4212 /*
4213 ** Get the current document status
4214 */
4215 -- get_document_token_value(l_document_text, '<STATUS>', l_value);
4216 -- document_attributes.document_status := l_value;
4217
4218 /*
4219 ** Get the current document version
4220 */
4221 -- get_document_token_value(l_document_text, '<VERSION>', l_value);
4222 -- document_attributes.current_version := l_value;
4223
4224 /*
4225 ** Get the latest document version
4226 */
4227 -- get_document_token_value(l_document_text, '<CURRENTVERSION>', l_value);
4228 -- document_attributes.latest_version := l_value;
4229 /*
4230 htp.p('document_identifier ='||document_attributes.document_identifier);
4231 htp.p('document_name ='||document_attributes.document_name );
4232 htp.p('document_type ='||document_attributes.document_type );
4233 htp.p('filename ='||document_attributes.filename );
4234 htp.p('created_by ='||document_attributes.created_by );
4235 htp.p('last_updated_by ='||document_attributes.last_updated_by );
4236 htp.p('last_update_date ='||document_attributes.last_update_date );
4237 htp.p('locked_by ='||document_attributes.locked_by );
4238 htp.p('document_size ='||document_attributes.document_size );
4239 htp.p('document_status ='||document_attributes.document_status );
4240 htp.p('current_version ='||document_attributes.current_version );
4241 htp.p('latest_version ='||document_attributes.latest_version );
4242 */
4243 exception
4244 when others then
4245 document_attributes.document_name := wf_core.translate('WFDM_NODE_DOWN');
4246 document_attributes.document_type := null;
4247 return;
4248 END get_document_attributes;
4249
4250 /*===========================================================================
4251
4252 Function set_document_form_fields
4253
4254 Purpose Copy the document id and name to fields on a form. This
4255 function is meant to fix the browser security issue of not
4256 being able to call javascript from one window page to another
4257 when those two pages are sourced by more than one server.
4258
4259 ============================================================================*/
4260 PROCEDURE set_document_form_fields (document_identifier in varchar2) IS
4261
4265 document_name VARCHAR2(1000);
4262 start_char NUMBER := 0;
4263 end_char NUMBER := 0;
4264 document_id VARCHAR2(240);
4266 document_id_field VARCHAR2(1000);
4267 document_name_field VARCHAR2(1000);
4268
4269 BEGIN
4270 htp.headOpen;
4271 htp.title(wf_core.translate('WFDM_TRANSPORT_WINDOW'));
4272 htp.headClose;
4273
4274 htp.htmlopen;
4275
4276 /*
4277 ** Get the document id
4278 */
4279 end_char := INSTR(document_identifier, '^document_name=');
4280 document_id := SUBSTR(document_identifier, 1, end_char - 1);
4281
4282 /*
4283 ** Get the document name
4284 */
4285 start_char := INSTR(document_identifier, '^document_name=') +
4286 LENGTH('^document_name=');
4287 end_char := INSTR(document_identifier, '^document_name_field=');
4288 document_name := SUBSTR(document_identifier, start_char ,
4289 end_char - start_char);
4290
4291 /*
4292 ** Get the document name field name
4293 */
4294 start_char := INSTR(document_identifier, '^document_name_field=') +
4295 LENGTH('^document_name_field=');
4296 end_char := INSTR(document_identifier, '^document_id_field=');
4297 document_name_field := SUBSTR(document_identifier, start_char ,
4298 end_char - start_char);
4299
4300 /*
4301 ** Get the document id field name
4302 */
4303 start_char := INSTR(document_identifier, '^document_id_field=');
4304 document_id_field := SUBSTR(document_identifier, start_char +
4305 LENGTH('^document_id_field='));
4306
4307 -- Bug5161758 - XSS
4308 htp.p('<body bgcolor="#CCCCCC" onLoad="javascript:'||
4309 wf_core.substitutespecialchars(document_id_field)||'='||''''||
4310 wf_core.substitutespecialchars(document_id)||''''||';'||
4311 wf_core.substitutespecialchars(document_name_field)||'='||
4312 wf_core.substitutespecialchars(document_name)||';'||
4313 'top.opener.parent.focus();
4314
4315 if (top.opener.parent.FNDDMwindow)
4316 {
4317 top.opener.parent.FNDDMwindow.close();
4318 }
4319 else
4320 {
4321 if (top.opener.FNDDMwindow)
4322 {
4323 top.opener.FNDDMwindow.close();
4324 }
4325 else
4326 {
4327 if(top.opener.parent.parent.opener)
4328 {
4329 top.opener.parent.parent.opener.focus();
4330 top.opener.parent.parent.close();
4331 window.close();
4332 }
4333 }
4334 }
4335 window.close();
4336
4337 return true;">');
4338
4339 htp.p ('<BR>document_identifier='||wf_core.substitutespecialchars(document_identifier));
4340 htp.p ('<BR>document_id='||wf_core.substitutespecialchars(document_id));
4341 htp.p ('<BR>document_name='||wf_core.substitutespecialchars(document_name));
4342 htp.p ('<BR>document_id_field='||wf_core.substitutespecialchars(document_id_field));
4343 htp.p ('<BR>document_name_field='||wf_core.substitutespecialchars(document_name_field));
4344
4345 htp.bold('<BR><BR>'||wf_core.translate('WFDM_TRANSPORT_COMPLETED'));
4346
4347 htp.bodyClose;
4348
4349 htp.htmlClose;
4350
4351 exception
4352 when others then
4353 rollback;
4354 wf_core.context('Fnd_Document_Management', 'set_document_form_fields');
4355 fnd_document_management.Error;
4356
4357 END set_document_form_fields;
4358
4359 /*===========================================================================
4360
4361 Function show_transport_message
4362
4363 Purpose Displays a message in the transport window when a document
4364 is going to be selected
4365
4366 ============================================================================*/
4367 PROCEDURE show_transport_message IS
4368 BEGIN
4369
4370 htp.headOpen;
4371 htp.title(wf_core.translate('WFDM_TRANSPORT_WINDOW'));
4372 htp.headClose;
4373 htp.bodyOpen(cattributes=>'bgcolor="#CCCCCC"');
4374
4375 htp.tableOpen(cattributes=>'summary=""');
4376 htp.tableRowOpen;
4377
4378 htp.tabledata('<IMG SRC="'||wfa_html.image_loc||'prohibit.gif" alt="' ||
4379 WF_CORE.Translate('WFDM_TRANSPORT_MESSAGE') || '">',
4380 cattributes=>'id=""');
4381 htp.tabledata(wf_core.translate('WFDM_TRANSPORT_MESSAGE'),
4382 cattributes=>'id=""');
4383
4384 htp.tableRowClose;
4385 htp.tableClose;
4386 htp.bodyClose;
4387
4388 htp.htmlClose;
4389
4390 exception
4391 when others then
4392 rollback;
4393 wf_core.context('Fnd_Document_Management', 'show_transport_message');
4394 fnd_document_management.Error;
4395
4396 END show_transport_message;
4397
4398
4399 /*===========================================================================
4400
4401 Function Dm_Nodes_Confirm_Delete
4402
4403 Purpose Delete a currently defined document management node that
4404 has been set up by an administrator. There is no check to
4405 see if any documents are referencing the document node that
4409 ============================================================================*/
4406 is about to be deleted. Deleting a document node that has
4407 references will produce warnings when you try to view
4408 documents that use this reference.
4410 procedure Dm_Nodes_Confirm_Delete (
4411 p_node_id IN VARCHAR2
4412 ) IS
4413 BEGIN
4414 null;
4415 exception
4416 when others then
4417 rollback;
4418 wf_core.context('Fnd_Document_Management', 'Dm_Nodes_Confirm_Delete', p_node_id);
4419 fnd_document_management.Error;
4420
4421 END Dm_Nodes_Confirm_Delete;
4422
4423
4424 /*===========================================================================
4425
4426 Function Dm_Nodes_Delete
4427
4428 Purpose Does the physical delete of a document node after the
4429 delete window has been confirmed by the user
4430 ============================================================================*/
4431 procedure Dm_Nodes_Delete (
4432 p_node_id IN VARCHAR2
4433 ) IS
4434 BEGIN
4435 null;
4436 exception
4437 when others then
4438 rollback;
4439 wf_core.context('Fnd_Document_Management', 'Dm_Nodes_Delete', p_node_id);
4440 fnd_document_management.Error;
4441
4442 END Dm_Nodes_Delete;
4443
4444 /*===========================================================================
4445
4446 Function get_ticket
4447
4448 Purpose Get the current value of the ticket. If the ticket
4449 is not set then create a random number and insert it
4450
4451 ============================================================================*/
4452 FUNCTION get_ticket (username IN VARCHAR2) RETURN VARCHAR2
4453 IS
4454
4455 l_ticket VARCHAR2(240);
4456
4457 BEGIN
4458
4459 /*
4460 ** Get the current value of the ticket
4461 */
4462 begin
4463
4464 l_ticket := fnd_preference.get (username, 'WF', 'TICKET');
4465
4466 exception
4467 when others then
4468 l_ticket := NULL;
4469 end;
4470
4471 /*
4472 ** if you don't have a ticket value then go get one and insert it into
4473 ** the pref table
4474 */
4475 if (NVL(l_ticket, '-1') = '-1') then
4476
4477 l_ticket := Wf_Core.Random;
4478
4479 fnd_preference.put (username, 'WF', 'TICKET', l_ticket);
4480
4481 end if;
4482
4483 return (l_ticket);
4484
4485 exception
4486 when others then
4487 wf_core.context('fnd_document_management',
4488 'get_ticket',
4489 username);
4490 raise;
4491
4492 end get_ticket;
4493
4494
4495
4496 /*===========================================================================
4497
4498 Function validate_ticket
4499
4500 Purpose Function for the DM system to validate the current value
4501 of the ticket for single signon. The DM vendor will
4502 create a value of the ticket and pass it to us. They will
4503 keep track of the value in that ticket so when they call us
4504 to validate the ticket, they will know what it is. This version
4505 of the function is called directly though sql*net.
4506
4507 ============================================================================*/
4508 PROCEDURE validate_ticket (username IN VARCHAR2,
4509 ticket IN VARCHAR2,
4510 valid_ticket OUT NOCOPY NUMBER) IS
4511
4512 l_ticket VARCHAR2(240);
4513 l_valid_ticket NUMBER := 0;
4514
4515 BEGIN
4516
4517 /*
4518 ** Set the user default value
4519 */
4520 l_ticket := fnd_preference.get (username, 'WF', 'TICKET');
4521
4522 if (l_ticket = ticket) then
4523
4524 l_valid_ticket := 1;
4525
4526 else
4527
4528 l_valid_ticket := 0;
4529
4530 end if;
4531
4532 valid_ticket := l_valid_ticket;
4533
4534 exception
4535 when others then
4536 wf_core.context('fnd_document_management',
4537 'validate_ticket',
4538 username,
4539 ticket);
4540 raise;
4541
4542 end validate_ticket;
4543
4544
4545 /*===========================================================================
4546
4547 Function validate_ticket_http
4548
4549 Purpose Function for the DM system to validate the current value
4550 of the ticket for single signon. The DM vendor will
4551 create a value of the ticket and pass it to us. They will
4552 keep track of the value in that ticket so when they call us
4553 to validate the ticket, they will know what it is. This
4554 version of the procedure is called from a http request
4555
4556 ============================================================================*/
4557 PROCEDURE validate_ticket_HTTP (username IN VARCHAR2,
4558 ticket IN VARCHAR2) IS
4559
4560 l_ticket VARCHAR2(240);
4561
4562 BEGIN
4563
4564 /*
4565 ** Set the user default value
4566 */
4567 l_ticket := fnd_preference.get (username, 'WF', 'TICKET');
4568
4569 if (l_ticket = ticket) then
4570
4574
4571 htp.p('<VALIDTICKET>1</VALIDTICKET>');
4572
4573 else
4575 htp.p('<VALIDTICKET>0</VALIDTICKET>');
4576
4577 end if;
4578
4579 exception
4580 when others then
4581 wf_core.context('fnd_document_management',
4582 'validate_ticket_http',
4583 username,
4584 ticket);
4585 raise;
4586
4587 end validate_ticket_http;
4588
4589
4590 /*===========================================================================
4591
4592 Function modulate_ticket
4593
4594 Purpose Function for the DM system to update the current value
4595 of the ticket for single signon. The DM vendor will
4596 create a value of the ticket and pass it to us. They will
4597 keep track of the value in that ticket so when we call them
4598 with the value they will know what that value is.
4599
4600 If the ticket value is null then we will create a random
4601 number and plug it in.
4602
4603 ============================================================================*/
4604 PROCEDURE modulate_ticket (username IN VARCHAR2,
4605 ticket IN VARCHAR2)
4606 IS
4607
4608 BEGIN
4609
4610 /*
4611 ** Set the ticket for this user
4612 */
4613 fnd_preference.put (username, 'WF', 'TICKET', ticket);
4614
4615 exception
4616 when others then
4617 wf_core.context('fnd_document_management',
4618 'modulate_ticket',
4619 username,
4620 ticket);
4621 raise;
4622
4623 END modulate_ticket;
4624
4625 PROCEDURE test (stringy IN VARCHAR2) IS
4626 BEGIN
4627 -- Bug5161758 - XSS
4628 htp.p (wf_core.substitutespecialchars(stringy));
4629 end;
4630
4631
4632 PROCEDURE show_test_message (
4633 document_id IN VARCHAR2,
4634 display_type IN VARCHAR2,
4635 document IN OUT NOCOPY VARCHAR2,
4636 document_type IN OUT NOCOPY VARCHAR2) IS
4637
4638 BEGIN
4639
4640
4641 document := '<DIR>
4642 <DIR>
4643 <hr SIZE=3><b><font color="#000099"></font></b>
4644 <p><b><font color="#000099">Terminology</font></b>
4645 <p>Applications National Language Support (NLS) is the ability to
4646 run Oracle Applications in one (1) national language (either American English,
4647 or one of the available translations). In contrast Applications MLS
4648 (Multi Language Support) is the ability to run Oracle Applications in more
4649 than a single language on a single database instance.
4650 <br>
4651 <br><b><font color="#000099">Release 10.7</font></b>
4652 <br>
4653 <br>The standard Release 10.7 product provides NLS support. Supported
4654 functionality consists of installing and running Release 10.7 in exactly
4655 one (1) of 25 national languages.
4656 <br>
4657 <br>The installation process for a translation installs both the US English
4658 forms and reports and the forms and reports for the translation (or
4659 "base
4660 language"). The installation first populates the seeded reference
4661 data of the applications with English, then overlays that seed data with
4662 the translated seed data for the base language. The result is that
4663 only one language of seed data is present in the reference data tables.
4664 Patches applied to the system assume that only the base language is being
4665 maintained.
4666 <br>
4667 <br>Many architectural underpinnings of multilingual support are present
4668 in 10.7, so it is possible for Consulting to make modifications that enable
4669 some multilingual operation within carefully defined limits. We have
4670 satisfied customers today running on the Consulting multilingual solution.
4671 While Consulting and Development have worked cooperatively to ensure that
4672 the consulting solution is consistent with product direction, it should
4673 be clearly understood that maintenance of this environment requires Consulting
4674 involvement.
4675 <br>
4676 <br><b><font color="#000099">Release 11.0</font></b>
4677 <br>
4678 <br>Release 11 introduces limited multilingual support. Release 11
4679 supports installation of forms, reports, messages, help, and *some* reference
4680 data in multiple national languages in a single instance.
4681 <br>
4682 <br>There are some important limitations to understand, such as the requirement
4683 for all users to operate with a common radix character, which are documented
4684 in the Oracle Applications NLS Installation Manual.
4685 <br>
4686 <br>The languages installed must share a common database character set
4687 other than Unicode (UTF-8). For example, all Western European languages
4688 can be supported with the WE8ISO8859P1 date character set, but this character
4689 set does not support Greek or Russian. Asian character sets support
4690 ASCII as a subset, so it is possible to choose the Japanese, Chinese, or
4691 Korean standard character set and run both that language and English in
4692 a single instance. But it is not possible to run, say, both Japanese
4693 and Korean in a single character set.
4694 <br>
4695 <br>Data modeled multilingually in Release 11.0 is limited to the AOL tables.
4696 Textual items such as menus, report names, and segment value descriptions
4697 for the Accounting Flexfield can be installed and maintained in multiple
4701 in the trading partners language of choice.
4698 languages. Consulting can provide multilingual support for additional
4699 reference data elements, either to support online presentation in the language
4700 of the users choice or to support printing of certain external documents
4702 <br>
4703
4704 <br><b><font color="#000099">Release 11.5 and beyond</font></b>
4705 <br>
4706 <br>The highest multilingual priorities for Release 11.5 are:
4707 <p> - support for the Unicode (UTF-8) database character set
4708 <br> - support for the reference data elements needed to produce customer-facing
4709 external documents in the language of the customers choice
4710 <br>
4711 <br>Beyond Release 11.5 we plan to continue to add multilingual support
4712 to remaining reference data elements in the system based on customer feedback.
4713 <br>
4714 <br>Our feedback to date has been that it is not a requirement to support
4715 multilingual system administration or implementation screens (so that
4716 you could, for example, view the names of concurrent manager workshifts
4717 in multiple languages.)
4718 <br>
4719 </DIR>';
4720
4721 end;
4722
4723 END fnd_document_management;