[Mapbender-commits] r10386 - in trunk/mapbender: http/classes http/php http_auth/http owsproxy/http owsproxy/http/classes
svn_mapbender at osgeo.org
svn_mapbender at osgeo.org
Thu Jan 16 07:04:01 PST 2020
Author: armin11
Date: 2020-01-16 07:04:01 -0800 (Thu, 16 Jan 2020)
New Revision: 10386
Modified:
trunk/mapbender/http/classes/class_owsPostQueryParser.php
trunk/mapbender/http/php/mod_createUser.php
trunk/mapbender/http_auth/http/index.php
trunk/mapbender/owsproxy/http/classes/class_QueryHandler.php
trunk/mapbender/owsproxy/http/index.php
Log:
Fix for allow the usage of post request for some ows operations and deactivation of creating new guis for self registered users - thanx to karlo ;-).
Modified: trunk/mapbender/http/classes/class_owsPostQueryParser.php
===================================================================
--- trunk/mapbender/http/classes/class_owsPostQueryParser.php 2020-01-14 06:34:52 UTC (rev 10385)
+++ trunk/mapbender/http/classes/class_owsPostQueryParser.php 2020-01-16 15:04:01 UTC (rev 10386)
@@ -20,7 +20,7 @@
require_once(dirname(__FILE__)."/../../core/globalSettings.php");
/**
- * An class to parse OWS Post queries to extract the relevant parameters
+ * An class to parse OWS Post queries to extract the relevant parameters, post or post_xml musst be tested!
*/
class OwsPostQueryParser {
var $serviceType; //string
@@ -28,6 +28,7 @@
var $serviceRequestType; //string
var $serviceResourceName; //string - layer name(s), featuretype name(s)
var $parsingSuccessful; //boolean
+ var $postType; //string - 'xml' or 'form'
/**
* Constructor of the OwsPostQueryHandler
*
@@ -42,13 +43,13 @@
$queryDomObject->loadXML($postData);
if ($queryDomObject === false) {
foreach(libxml_get_errors() as $error) {
- $err = new mb_exception("class_owsPostQueryHandler.php: ".$error->message);
+ $err = new mb_exception("class_owsPostQueryParser.php: ".$error->message);
}
- throw new Exception("class_owsPostQueryHandler.php: ".'Cannot parse post query with dom!');
+ throw new Exception("class_owsPostQueryParser.php: ".'Cannot parse post query with dom!');
}
}
catch (Exception $e) {
- $err = new mb_exception("class_owsPostQueryHandler.php: ".$e->getMessage());
+ $err = new mb_exception("class_owsPostQueryParser.php: ".$e->getMessage());
}
if ($queryDomObject !== false) {
$xpath = new DOMXPath($queryDomObject);
Modified: trunk/mapbender/http/php/mod_createUser.php
===================================================================
--- trunk/mapbender/http/php/mod_createUser.php 2020-01-14 06:34:52 UTC (rev 10385)
+++ trunk/mapbender/http/php/mod_createUser.php 2020-01-16 15:04:01 UTC (rev 10386)
@@ -111,7 +111,7 @@
$selected_user = $user_array['mb_user_id'];
// CB (begin)
// adding new GUIs for new user (copies of gui and gui1 with owner rights)
- $gui = new gui();
+ /*$gui = new gui();
$admin = new administration();
//create new name for gui
$gui_id1 = $admin->getGuiIdByGuiName("gui");
@@ -158,7 +158,7 @@
$sql_del_from_group = "DELETE FROM gui_mb_group WHERE fkey_gui_id = $1 OR fkey_gui_id = $2 OR fkey_gui_id = $3 OR fkey_gui_id = $4";
$v = array($new_guiId1[0],$new_guiId2[0],$new_guiId3[0],$new_guiId4[0]);
$t = array('s','s','s','s');
- $res_del_from_group = db_prep_query($sql_del_from_group,$v,$t);
+ $res_del_from_group = db_prep_query($sql_del_from_group,$v,$t);*/
//send mail with activation key to user!
$userNew = new User($selected_user);
$registrationMessage = $userNew->sendUserLoginMail();
Modified: trunk/mapbender/http_auth/http/index.php
===================================================================
--- trunk/mapbender/http_auth/http/index.php 2020-01-14 06:34:52 UTC (rev 10385)
+++ trunk/mapbender/http_auth/http/index.php 2020-01-16 15:04:01 UTC (rev 10386)
@@ -28,6 +28,9 @@
$postData = false;
//default http auth type to digest
$authType = 'digest';
+//debug!!!
+//$e = new mb_exception("http_auth/http/index.php: request params: ".json_encode($_REQUEST));
+//example {"wfs_id":"40","REQUEST":"GetFeature","typename":"ave:Flurstueck","VERSION":"1.1.0","SERVICE":"WFS","maxFeatures":"1"}
if (isset($_REQUEST["forceBasicAuth"]) && $_REQUEST["forceBasicAuth"] != "") {
$testMatch = $_REQUEST["forceBasicAuth"];
@@ -58,12 +61,19 @@
$layerId = false;
$wfsId = false;
//$typenames = false;
-
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+ $e = new mb_exception("http_auth/http/index.php: REQUEST METHOD: POST");
+} else {
+ $e = new mb_exception("http_auth/http/index.php: REQUEST METHOD: ".$_SERVER['REQUEST_METHOD']);
+}
//test for existing post data
$postData = file_get_contents("php://input");
+//debug!
+//$e = new mb_exception("http_auth/http/index.php: postdata: ".$postData);
if (isset($postData) && $postData !== '') {
-
+ $e = new mb_exception("http_auth/http/index.php: postdata: ".$postData);
} else {
+ $e = new mb_exception("http_auth/http/index.php: postdata (file content) empty!");
$postData = false;
}
@@ -95,12 +105,10 @@
}
//parse query
-$query = new QueryHandler($postData);
-
+$query = new QueryHandler($postData, $_REQUEST, $_SERVER['REQUEST_METHOD']);
// an array with keys and values toLowerCase -> caseinsensitiv
$reqParams = $query->getRequestParams();
//$e = new mb_exception($reqParams['version']);
-
if ($wfsId !== false) {
//switch for different parameter name - typename for wfs < 2.0 typenames for wfs >= 2.0
$typeNameParameter = "typename"; //lowercase
@@ -280,8 +288,8 @@
if (isset($_REQUEST["withChilds"]) && $_REQUEST["withChilds"] === "1") {
$withChilds = true;
}
+//$e = new mb_exception($postData);
/*$query = new QueryHandler($postData);
-
// an array with keys and values toLoserCase -> caseinsensitiv
$reqParams = $query->getRequestParams();*/
@@ -1090,7 +1098,7 @@
function getWfsCapabilities($request, $extraParameter, $auth = false)
{
- global $arrayOnlineresources, $postData;
+ global $arrayOnlineresources, $postData, $query;
global $sid, $serviceId, $wfsId;
global $reqParams;
$urlsToChange = array();
@@ -1162,27 +1170,42 @@
$new .= '?'.$extraParameter;
//force https if authType is basic!
$new = str_replace("http://", "https://", $new);
- }
- if ($postData == false) {
+ }
+ if ($postData == false) { //no post_xml was used
+ //check POST/GET
+ if ($query->reqMethod !== 'POST') {
if ($auth) { //new for HTTP Authentication
- $d = new connector($request, $auth);
- } else {
- $d = new connector($request);
- }
+ $d = new connector($request, $auth);
+ } else {
+ $d = new connector($request);
+ }
+ } else {
+ $d = new connector();
+ $d->set('httpType','POST');
+ //$d->set('curlSendCustomHeaders',true);
+ $d->set('httpPostData', $query->getPostQueryString());//as array
+ //$d->set('httpContentType','text/xml');
+ //TODO maybe delete some params from querystring which are already in post array
+ if ($auth) { //new for HTTP Authentication
+ $d->load($request, $auth);
+ } else {
+ $d->load($request);
+ }
+ }
$wfsCaps = $d->file;
} else {
- //$e = new mb_exception("owsproxy/index.php: postData will be send: ".$postData);
- $postInterfaceObject = new connector();
- $postInterfaceObject->set('httpType','POST');
- $postInterfaceObject->set('curlSendCustomHeaders',true);
- $postInterfaceObject->set('httpPostData', $postData);
- $postInterfaceObject->set('httpContentType','text/xml');
- if ($auth) { //new for HTTP Authentication
- $postInterfaceObject->load($request, $auth);
- } else {
- $postInterfaceObject->load($request);
- }
- $wfsCaps = $postInterfaceObject->file;
+ //$e = new mb_exception("owsproxy/index.php: postData will be send: ".$postData);
+ $postInterfaceObject = new connector();
+ $postInterfaceObject->set('httpType','POST');
+ $postInterfaceObject->set('curlSendCustomHeaders',true);
+ $postInterfaceObject->set('httpPostData', $postData);
+ $postInterfaceObject->set('httpContentType','text/xml');
+ if ($auth) { //new for HTTP Authentication
+ $postInterfaceObject->load($request, $auth);
+ } else {
+ $postInterfaceObject->load($request);
+ }
+ $wfsCaps = $postInterfaceObject->file;
}
//load xml and replace urls
@@ -1507,16 +1530,31 @@
function getDocumentContent($log_id, $url, $header = false, $auth = false)
{
- global $reqParams, $n, $postData;
+ global $reqParams, $n, $postData, $query;
//debug
$startTime = microtime();
if ($postData == false) {
- if ($auth) { //new for HTTP Authentication
- $d = new connector($url, $auth);
- } else {
- $d = new connector($url);
- }
- $content = $d->file;
+ //check POST/GET
+ if ($query->reqMethod !== 'POST') {
+ if ($auth) { //new for HTTP Authentication
+ $d = new connector($url, $auth);
+ } else {
+ $d = new connector($url);
+ }
+ } else {
+ $d = new connector();
+ $d->set('httpType','POST');
+ //$d->set('curlSendCustomHeaders',true);
+ $d->set('httpPostData', $query->getPostQueryString());//as array
+ //$d->set('httpContentType','text/xml');
+ //TODO maybe delete some params from querystring which are already in post array
+ if ($auth) { //new for HTTP Authentication
+ $d->load($url, $auth);
+ } else {
+ $d->load($url);
+ }
+ }
+ $content = $d->file;
} else {
$e = new mb_notice("owsproxy/index.php: postData will be send ");
$postInterfaceObject = new connector();
Modified: trunk/mapbender/owsproxy/http/classes/class_QueryHandler.php
===================================================================
--- trunk/mapbender/owsproxy/http/classes/class_QueryHandler.php 2020-01-14 06:34:52 UTC (rev 10385)
+++ trunk/mapbender/owsproxy/http/classes/class_QueryHandler.php 2020-01-16 15:04:01 UTC (rev 10386)
@@ -30,13 +30,17 @@
private $onlineResource;
private $hasPost = false;
private $serviceResourceName;
+ public $req;
+ public $reqMethod;
/**
* Constructor of the QueryHandler
*
*/
- function __construct($postData){
+ function __construct($postData, $request, $requestMethod){
//${$this->typeNameParameter};
- $this->setRequestParams(array_keys($_REQUEST));
+ $this->req = $request;
+ $this->reqMethod = $requestMethod;
+ $this->setRequestParams(array_keys($request));
if ($postData !== false) {
//parse post request for service / request / version parameters
//$e = new mb_exception("owsproxy/http/classes/class_QueryHandler.php: postData: ".$postData);
@@ -98,7 +102,7 @@
for($i=0; $i<count($keys); $i++){
//SZ, 30.11.2007, writing REQUEST parameter values into local variable
//as key will be modified
- $reqValue = $_REQUEST[$keys[$i]];
+ $reqValue = $this->req[$keys[$i]];
if(strpos($keys[$i], "?") === 0){
$keys[$i] = substr($keys[$i],1);
}
@@ -105,7 +109,7 @@
$this->reqParams[strtolower($keys[$i])] = $reqValue;
$this->reqParamsToLower[strtolower($keys[$i])] = $reqValue;
if($keys[$i] == $this->owsproxyServiceKey){
- $this->owsproxyServiceId = $_REQUEST[$keys[$i]];
+ $this->owsproxyServiceId = $this->req[$keys[$i]];
$notice = new mb_notice("owsId: ".$this->owsproxyServiceId);
}
}
@@ -177,6 +181,24 @@
$notice = new mb_notice("getQueryString() : " . $qstring);
return $qstring;
}
+ /**
+ * get the POST representation of the query
+ *
+ * @return string POST representation for the query
+ */
+ function getPostQueryString(){
+ $postQueryArray = array();
+ $mykeys = array_keys($this->reqParams);
+ $cnt = 0;
+ for($i=0; $i<count($mykeys);$i++){
+ if($this->isValidParam($mykeys[$i])){
+ $postQueryArray[$mykeys[$i]] = $this->reqParams[$mykeys[$i]];
+ }
+ }
+ $qstring = http_build_query($postQueryArray);
+ $notice = new mb_notice("getPostQueryString() : " . $qstring);
+ return $qstring;
+ }
/**
* gets the original request with url and query string
*
Modified: trunk/mapbender/owsproxy/http/index.php
===================================================================
--- trunk/mapbender/owsproxy/http/index.php 2020-01-14 06:34:52 UTC (rev 10385)
+++ trunk/mapbender/owsproxy/http/index.php 2020-01-16 15:04:01 UTC (rev 10386)
@@ -53,7 +53,7 @@
$postData = false;
}
-$query = new QueryHandler($postData);
+$query = new QueryHandler($postData, $_REQUEST, $_SERVER['REQUEST_METHOD']);
// an array with keys and values toLowerCase -> caseinsensitiv
$reqParams = $query->getRequestParams();
@@ -379,7 +379,7 @@
$url = $url . getConjunctionCharacter($url) . "SLD=" . $reqParams['sld'];
}
if (isset($auth)) {
- $e = new mb_exception("external url: ".$url);
+ //$e = new mb_exception("external url: ".$url);
getImage(false, $url, $auth);
} else {
getImage(false, $url);
@@ -943,7 +943,7 @@
function getWfsCapabilities($request, $auth = false)
{
- global $arrayOnlineresources, $postData;
+ global $arrayOnlineresources, $postData, $query;
global $sid, $serviceId;
$t = array(htmlentities($arrayOnlineresources["wfs_getcapabilities"]), htmlentities($arrayOnlineresources["wfs_getmap"]),
htmlentities($arrayOnlineresources["wfs_getfeatureinfo"]));
@@ -950,11 +950,26 @@
$new = OWSPROXY . "/" . $sid . "/" . $serviceId . "?";
if ($postData == false) {
- if ($auth !== false) { //new for HTTP Authentication
- $d = new connector($request, $auth);
- } else {
- $d = new connector($request);
- }
+ //check POST/GET
+ if ($query->reqMethod !== 'POST') {
+ if ($auth) { //new for HTTP Authentication
+ $d = new connector($request, $auth);
+ } else {
+ $d = new connector($request);
+ }
+ } else {
+ $d = new connector();
+ $d->set('httpType','POST');
+ //$d->set('curlSendCustomHeaders',true);
+ $d->set('httpPostData', $query->getPostQueryString());//as array
+ //$d->set('httpContentType','text/xml');
+ //TODO maybe delete some params from querystring which are already in post array
+ if ($auth) { //new for HTTP Authentication
+ $d->load($request, $auth);
+ } else {
+ $d->load($request);
+ }
+ }
$wfsCaps = $d->file;
} else {
//$e = new mb_exception("owsproxy/index.php: postData will be send: ".$postData);
@@ -1258,16 +1273,31 @@
function getDocumentContent($log_id, $url, $header = false, $auth = false)
{
- global $reqParams, $n, $postData;
+ global $reqParams, $n, $postData, $query;
//debug
$startTime = microtime();
if ($postData == false) {
- if ($auth !== false) { //new for HTTP Authentication
- $d = new connector($url, $auth);
- } else {
- $d = new connector($url);
- }
- $content = $d->file;
+ //check POST/GET
+ if ($query->reqMethod !== 'POST') {
+ if ($auth) { //new for HTTP Authentication
+ $d = new connector($url, $auth);
+ } else {
+ $d = new connector($url);
+ }
+ } else {
+ $d = new connector();
+ $d->set('httpType','POST');
+ //$d->set('curlSendCustomHeaders',true);
+ $d->set('httpPostData', $query->getPostQueryString());//as array
+ //$d->set('httpContentType','text/xml');
+ //TODO maybe delete some params from querystring which are already in post array
+ if ($auth) { //new for HTTP Authentication
+ $d->load($url, $auth);
+ } else {
+ $d->load($url);
+ }
+ }
+ $content = $d->file;
} else {
$postInterfaceObject = new connector();
$postInterfaceObject->set('httpType','POST');
More information about the Mapbender_commits
mailing list