[Mapbender-commits] r7646 - trunk/mapbender/http/classes

svn_mapbender at osgeo.org svn_mapbender at osgeo.org
Thu Feb 24 11:30:53 EST 2011 

Author: armin11
Date: 2011-02-24 08:30:53 -0800 (Thu, 24 Feb 2011)
New Revision: 7646

Modified:
   trunk/mapbender/http/classes/class_connector.php
Log:
Enhancement of curl-get connection thru class connector. The curl connections to own owsproxy urls will now be exchanged with localhost connection cause some firewalls will prohibit such requests.

Modified: trunk/mapbender/http/classes/class_connector.php
===================================================================
--- trunk/mapbender/http/classes/class_connector.php	2011-02-24 14:30:10 UTC (rev 7645)
+++ trunk/mapbender/http/classes/class_connector.php	2011-02-24 16:30:53 UTC (rev 7646)
@@ -62,18 +62,23 @@
 	 * Loads content from the given URL.
 	 */
 	public function load($url) {
-		//some firewalls have problems to allow requests from a server behind it to the same server thru an internet connection. It can be that some requests are done thru this class to the urls of HTTP_AUTH_PROXY or OWSPROXY. If some of those are part of the url they must be exchanged with localhost - which hopefully should work. TODO: check if http is ok for all 
-		
-		/*$posPROXY = strpos($url,OWSPROXY);
+		//some firewalls have problems to allow requests from a server behind it to the same server thru an internet connection. It can be that some requests are done thru this class to the urls of HTTP_AUTH_PROXY or OWSPROXY. If some of those are part of the url they must be exchanged with 127.0.0.1 - which hopefully should work. TODO: check if http is ok for all 
+		$posPROXY = strpos($url,OWSPROXY);
+		//$e = new mb_exception('class_connector: old url: '.$url);
 		if ($posPROXY !== false) {
-			$url = str_replace($_SERVER['HTTP_HOST'], "localhost", $url);
-			$url = str_replace("https", "http", $url);
+			$e = new mb_notice('class_connector: old url: '.$url);	
+			$url = str_replace($_SERVER['HTTP_HOST'], "127.0.0.1", $url);
+			$url = str_replace("https", "http", $url);//localhost no https should needed - it will be faster without
+			$e = new mb_notice('class_connector: new url: '.$url);
 		}
-		$posPROXY = strpos($url,HTTP_AUTH_PROXY);
+		/*$posPROXY = strpos($url,HTTP_AUTH_PROXY);
 		if ($posPROXY !== false) {
+			$e = new mb_exception('class_connector: old url: '.$url);
 			$url = str_replace($_SERVER['HTTP_HOST'], "localhost", $url);
 			$url = str_replace("https", "http", $url);
+			$e = new mb_exception('class_connector: new url: '.$url);
 		}*/
+		$e = new mb_notice('class_connector: load url: '.$url);
 		if (!$url) {
 			$e = new mb_exception("connector: no URL given");
 			return false;
@@ -193,12 +198,13 @@
 			$auth = func_get_arg(1);
 		} //auth should be an array of ['username', 'realm', 'password', 'auth_type'] - or false - problem would be, that these are stored without hashing them! 
 		$ch = curl_init ($url);
-//		curl_setopt($ch, CURLOPT_BINARYTRANSFER, 1);
-		curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
+		curl_setopt($ch, CURLOPT_BINARYTRANSFER, true); //for images
+		curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
+		curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
 		//allow https connections and handle certificates quite simply ;-)
 		curl_setopt($ch,CURLOPT_SSL_VERIFYHOST,0);
 		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
-		$e = new mb_notice("connector: test1:");
+		//$e = new mb_notice("connector: test1:");
 		//get hostname/ip out of url
 		//$host = parse_url($url,PHP_URL_HOST);
 		$arURL = parse_url($url);
@@ -210,19 +216,30 @@
 		$path = $arURL["path"];
 		
 		// fill array (HOSTs not for Proxy)
-		$e = new mb_notice("connector: NOT_PROXY_HOSTS:".NOT_PROXY_HOSTS);
- 	    $NOT_PROXY_HOSTS_array = explode(",", NOT_PROXY_HOSTS);
+		$e = new mb_notice("class_connector.php: NOT_PROXY_HOSTS:".NOT_PROXY_HOSTS);
+ 	    	$NOT_PROXY_HOSTS_array = explode(",", NOT_PROXY_HOSTS);
  	    
- 	    //check if http_proxy is set as env, if yes, unset it for the curl action here, it will be reset somewhere below
- 	    $tmpHttpProxy = getenv('http_proxy')?getenv('http_proxy') : "";
- 	    putenv("http_proxy");
- 	    
- 	    if(CONNECTION_PROXY != "" AND (in_array($host, $NOT_PROXY_HOSTS_array)!= true)){
+ 	    	//check if http_proxy is set as env, if yes, unset it for the curl action here, it will be reset somewhere below - normally not needed, cause it will be only available when at execution time of the script http://php.net/manual/en/function.putenv.php
+		if (getenv('http_proxy')) {
+			$e = new mb_notice("class_connector.php: current http_proxy: ".getenv('http_proxy')." will be unset by putenv('http_proxy')");
+			$tmpHttpProxy = getenv('http_proxy');
+			putenv("http_proxy"); //this should unset the variable???
+		} else {
+			$e = new mb_notice("class_connector.php: http_proxy is not set as env variable!");
+			$tmpHttpProxy = getenv('http_proxy');
+		}
+ 	    	//$tmpHttpProxy = getenv('http_proxy')?getenv('http_proxy') : "";
+ 	    	//putenv("http_proxy");
+		//check if proxy is set and server not in NOT_PROXY_HOSTS
+ 	    	if(CONNECTION_PROXY != "" AND (in_array($host, $NOT_PROXY_HOSTS_array)!= true)){
 			curl_setopt($ch, CURLOPT_PROXY,CONNECTION_PROXY.":".CONNECTION_PORT);
+			$e = new mb_exception("class_connector.php: Proxy will be used!");
+			if(CONNECTION_PASSWORD != ""){
+				curl_setopt ($ch, CURLOPT_PROXYUSERPWD, CONNECTION_USER.':'.CONNECTION_PASSWORD);	
+			}
+		} else {
+			$e = new mb_notice("class_connector.php: Proxy will not be used!");
 		}		
-		if(CONNECTION_PASSWORD != ""){
-			curl_setopt ($ch, CURLOPT_PROXYUSERPWD, CONNECTION_USER.':'.CONNECTION_PASSWORD);	
-		}
 		//TODO maybe allow basic authentication for client, but this will store the passwords in plain text
 		//TODO: store the  passwords as digest hash. Therefor we have to handle the realm which is defined in the 401 header and return it back to the scripts like mod_loadwms.php to store the digest into the database - problem: curl cannot handle digest connection without clear username and password - we have to send our own headers
 		if(isset($auth) && $auth != false) {	
@@ -234,9 +251,9 @@
 				curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
 			}
 		}
-		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
 		
 		
+		
 		//if httpType is POST, set CURLOPT_POST and CURLOPT_POSTFIELDS  
 		//and set a usefull http header
 		if(strtoupper($this->httpType) == 'POST'){
@@ -260,23 +277,57 @@
 			}
 			curl_setopt($ch, CURLOPT_POSTFIELDS, $this->httpPostData);	
 		}
-		
 		$useragent=CONNECTION_USERAGENT;
-		$e = new mb_notice("connector: CURL connect to: ".$url); 
-		curl_setopt ($ch,CURLOPT_USERAGENT,$useragent);
+		//Build own headers for GET Requests - maybe needful?
+		if(strtoupper($this->httpType) == 'GET'){
+			$headers = array(
+					"GET ".$path." HTTP/1.1",
+					"User-Agent: ".$_SERVER['HTTP_USER_AGENT'],
+           				"Host: ".$host,
+	           		 	"Accept: */*",
+					"Proxy-Connection: Keep-Alive"
+			);
+		curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
+		}
+		#curl_setopt($ch, CURLOPT_HEADER, true);
+		$e = new mb_notice("class_connector.php: CURL connect to: ".$url); 
+		//curl_setopt ($ch,CURLOPT_USERAGENT,$useragent);
+		curl_setopt($ch,CURLOPT_DNS_USE_GLOBAL_CACHE, false);
+		curl_setopt($ch,CURLINFO_HEADER_OUT, true);
+		curl_setopt($ch, CURLOPT_FORBID_REUSE, false); 
+		//curl_setopt ($ch,HTTPPROXYTUNNEL, 1);
+		//curl_setopt ($ch,CURLOPT_AUTOREFERER, 1);
+		//curl_setopt ($ch,CURLOPT_VERBOSE, true);
+		//$handle = fopen('/tmp/phpcurl_error.tmp', 'a'); //use this for debugging purposes
+		//curl_setopt ($ch,CURLOPT_STDERR, $handle);
 		$file = curl_exec ($ch);
 		//handle http authentication
 		$info = curl_getinfo($ch);
-		
+		/*$error_log = "";
+		$error_log .= "http code: ".$info['http_code']."\n";
+		$error_log .= "sent header: ".$info['request_header']."\n";
+		$error_log .= "lookup time: ".$info['namelookup_time']."\n";
+		$error_log .= "redirect_time: ".$info['redirect_time']."\n";
+		$error_log .= "redirect_count: ".$info['redirect_count']."\n";*/
 		if ($info['http_code'] == '401') {
 			curl_close ($ch);
 			return $info['http_code'];
 		}
+		if ($info['http_code'] == '502') {
+			curl_close ($ch);
+			$e = new mb_exception("class_connector.php: Problem with connectiong Gateway - maybe problem with the configuration of the security proxy (mod_proxy?).");
+			return $info['hhtp_code'];
+			/*fwrite($handle,"HEADER: \n");
+			fwrite($handle,$error_log);
+			fwrite($handle,"502: ".$file."\n");*/
+		}
 		curl_close ($ch);
-
+		//fclose($handle);
 		//reset the env variable http_proxy to the former value
-		putenv("http_proxy=$tmpHttpProxy");	
-		$e = new mb_notice("connector: CURL give back: ".$file);
+		if ($tmpHttpProxy != '') {
+			putenv("http_proxy=$tmpHttpProxy");
+		}	
+		$e = new mb_notice("class_connector.php: CURL give back: ".$file);
 		return $file;	
 	}

More information about the Mapbender_commits mailing list