[mapserver-commits] r11226 - trunk/mapserver
svn at osgeo.org
svn at osgeo.org
Fri Mar 18 10:29:21 EDT 2011
Author: sdlime
Date: 2011-03-18 07:29:21 -0700 (Fri, 18 Mar 2011)
New Revision: 11226
Modified:
trunk/mapserver/HISTORY.TXT
trunk/mapserver/MIGRATION_GUIDE.TXT
trunk/mapserver/mapfile.c
trunk/mapserver/mapserv.c
trunk/mapserver/mapserver.h
Log:
Require validation pattern for all runtime substitutions.
Modified: trunk/mapserver/HISTORY.TXT
===================================================================
--- trunk/mapserver/HISTORY.TXT 2011-03-18 14:27:47 UTC (rev 11225)
+++ trunk/mapserver/HISTORY.TXT 2011-03-18 14:29:21 UTC (rev 11226)
@@ -1,3 +1,4 @@
+
MapServer Revision History
==========================
@@ -13,6 +14,9 @@
Current Version (SVN trunk):
----------------------------
+
+- CGI runtime substitution requires a validation pattern (was optional before) (#3522)
+
- add a default png8 outputformat that uses AGG/PNG with quantization
- change MS_INIT_COLOR to take alpha as a parameter
Modified: trunk/mapserver/MIGRATION_GUIDE.TXT
===================================================================
--- trunk/mapserver/MIGRATION_GUIDE.TXT 2011-03-18 14:27:47 UTC (rev 11225)
+++ trunk/mapserver/MIGRATION_GUIDE.TXT 2011-03-18 14:29:21 UTC (rev 11226)
@@ -83,6 +83,11 @@
CGI Changes
-----------
+Runtime subsitution now *requires* a validation pattern be present before the
+substitution will take place (this had been optional). This can be done via
+a layer metadata tag as before or within layer or web VALIDATION blocks. See
+ticket #3522 for more information.
+
All of the query map related modes (e.g. NQUERYMAP, ITEMQUERYMAP, etc...) have
been removed in favor of using the "qformat" parameter. That parameter takes
an output format name or mime/type as a value and uses that to process a set
Modified: trunk/mapserver/mapfile.c
===================================================================
--- trunk/mapserver/mapfile.c 2011-03-18 14:27:47 UTC (rev 11225)
+++ trunk/mapserver/mapfile.c 2011-03-18 14:29:21 UTC (rev 11226)
@@ -5823,36 +5823,51 @@
return(MS_SUCCESS);
}
-/* look in places authorized for url substitution and replace "from" by "to" */
-void msLayerSubstituteString(layerObj *layer, const char *from, const char *to) {
- int k;
- char* bindvals_key = (char*)msFirstKeyFromHashTable(&layer->bindvals);
- char* bindvals_val;
+static int layerNeedsSubstitutions(layerObj *layer, char *from) {
+ int i;
- if(layer->data && (strcasestr(layer->data, from) != NULL))
- layer->data = msCaseReplaceSubstring(layer->data, from, to);
- if(layer->tileindex && (strcasestr(layer->tileindex, from) != NULL))
- layer->tileindex = msCaseReplaceSubstring(layer->tileindex, from, to);
- if(layer->connection && (strcasestr(layer->connection, from) != NULL))
- layer->connection = msCaseReplaceSubstring(layer->connection, from, to);
- if(layer->filter.string && (strcasestr(layer->filter.string, from) != NULL))
- layer->filter.string = msCaseReplaceSubstring(layer->filter.string, from, to);
- for(k=0; k<layer->numclasses; k++) {
- if(layer->class[k]->expression.string && (strcasestr(layer->class[k]->expression.string, from) != NULL))
- layer->class[k]->expression.string = msCaseReplaceSubstring(layer->class[k]->expression.string, from, to);
+ if(layer->data && (strcasestr(layer->data, from) != NULL)) return MS_TRUE;
+ if(layer->tileindex && (strcasestr(layer->tileindex, from) != NULL)) return MS_TRUE;
+ if(layer->connection && (strcasestr(layer->connection, from) != NULL)) return MS_TRUE;
+ if(layer->filter.string && (strcasestr(layer->filter.string, from) != NULL)) return MS_TRUE;
+
+ for(i=0; i<layer->numclasses; i++) {
+ if(layer->class[i]->expression.string && (strcasestr(layer->class[i]->expression.string, from) != NULL))
+ return MS_TRUE;
}
- /* The bindvalues are most useful when able to substitute values from the URL */
+ if(!msHashIsEmpty(&layer->bindvals)) return MS_TRUE;
+
+ return MS_FALSE;
+}
+
+static void layerSubstituteString(layerObj *layer, char *from, char *to) {
+ int i;
+ char *bindvals_key, *bindvals_val;
+
+ if(layer->data) layer->data = msCaseReplaceSubstring(layer->data, from, to);
+ if(layer->tileindex) layer->tileindex = msCaseReplaceSubstring(layer->tileindex, from, to);
+ if(layer->connection) layer->connection = msCaseReplaceSubstring(layer->connection, from, to);
+ if(layer->filter.string) layer->filter.string = msCaseReplaceSubstring(layer->filter.string, from, to);
+
+ for(i=0; i<layer->numclasses; i++) {
+ if(layer->class[i]->expression.string)
+ layer->class[i]->expression.string = msCaseReplaceSubstring(layer->class[i]->expression.string, from, to);
+ }
+
+ /* The bindvalues are most useful when able to substitute values from the URL */
+ bindvals_key = (char*)msFirstKeyFromHashTable(&layer->bindvals);
while(bindvals_key != NULL) {
bindvals_val = msStrdup((char*)msLookupHashTable(&layer->bindvals, bindvals_key));
msInsertHashTable(&layer->bindvals, bindvals_key, msCaseReplaceSubstring(bindvals_val, from, to));
bindvals_key = (char*)msNextKeyFromHashTable(&layer->bindvals, bindvals_key);
}
}
-
-/* loop through layer metadata for keys that have a default_%key% pattern to replace
-* remaining %key% entries by their default value */
+/*
+** Loop through layer metadata for keys that have a default_%key% pattern to replace
+** remaining %key% entries by their default value.
+*/
void msApplyDefaultSubstitutions(mapObj *map) {
int i;
for(i=0;i<map->numlayers;i++) {
@@ -5864,7 +5879,7 @@
char *tmpstr = (char *)msSmallMalloc(buffer_size);
snprintf(tmpstr, buffer_size, "%%%s%%", &(defaultkey[8]));
- msLayerSubstituteString(layer,tmpstr,msLookupHashTable(&(layer->metadata),defaultkey));
+ layerSubstituteString(layer,tmpstr,msLookupHashTable(&(layer->metadata),defaultkey));
free(tmpstr);
}
defaultkey = msNextKeyFromHashTable(&(layer->metadata),defaultkey);
@@ -5872,6 +5887,39 @@
}
}
+void msApplySubstitutions(mapObj *map, char **names, char **values, int npairs) {
+ int i,j;
+
+ char *tag=NULL;
+ char *validation_pattern_key=NULL;
+
+ for(i=0; i<npairs; i++) {
+
+ /* runtime subtitution string */
+ tag = (char *) msSmallMalloc(sizeof(char)*strlen(names[i]) + 3);
+ sprintf(tag, "%%%s%%", names[i]);
+
+ /* validation pattern key - depricated */
+ validation_pattern_key = (char *) msSmallMalloc(sizeof(char)*strlen(names[i]) + 20);
+ sprintf(validation_pattern_key,"%s_validation_pattern", names[i]);
+
+ for(j=0; j<map->numlayers; j++) {
+ layerObj *layer = GET_LAYER(map, j);
+
+ if(!layerNeedsSubstitutions(layer, tag)) continue;
+
+ fprintf(stderr, "Layer %s, tag %s...\n", layer->name, tag);
+
+ if(msValidateParameter(values[i], msLookupHashTable(&(layer->validation), names[i]), msLookupHashTable(&(layer->metadata), validation_pattern_key), msLookupHashTable(&(map->web.validation), names[i]), NULL) == MS_SUCCESS) {
+ layerSubstituteString(layer, tag, values[i]);
+ }
+ }
+
+ msFree(tag);
+ msFree(validation_pattern_key);
+ } /* next name/value pair */
+}
+
/*
** Returns an array with one entry per mapfile token. Useful to manipulate
** mapfiles in MapScript.
Modified: trunk/mapserver/mapserv.c
===================================================================
--- trunk/mapserver/mapserv.c 2011-03-18 14:27:47 UTC (rev 11225)
+++ trunk/mapserver/mapserv.c 2011-03-18 14:29:21 UTC (rev 11226)
@@ -183,9 +183,8 @@
*/
mapObj *loadMap(void)
{
- int i,j;
+ int i;
mapObj *map = NULL;
- char *tmpstr, *key, *value=NULL;
for(i=0;i<mapserv->request->NumParams;i++) /* find the mapfile parameter first */
if(strcasecmp(mapserv->request->ParamNames[i], "map") == 0) break;
@@ -234,31 +233,9 @@
if(msUpdateMapFromURL(map, mapserv->request->ParamNames[i], mapserv->request->ParamValues[i]) != MS_SUCCESS) writeError();
continue;
}
-
- /* runtime subtitution string */
- tmpstr = (char *)msSmallMalloc(sizeof(char)*strlen(mapserv->request->ParamNames[i]) + 3);
- sprintf(tmpstr,"%%%s%%", mapserv->request->ParamNames[i]);
-
- /* validation pattern metadata key */
- key = (char *)msSmallMalloc(sizeof(char)*strlen(mapserv->request->ParamNames[i]) + 20);
- sprintf(key,"%s_validation_pattern", mapserv->request->ParamNames[i]);
-
- for(j=0; j<map->numlayers; j++) {
- layerObj *layer = GET_LAYER(map, j);
- value = msLookupHashTable(&(layer->metadata), key);
- if(value) { /* validate parameter value */
- if(msEvalRegex(value, mapserv->request->ParamValues[i]) == MS_FALSE) {
- msSetError(MS_WEBERR, "Parameter '%s' value fails to validate.", "loadMap()", mapserv->request->ParamNames[i]);
- writeError();
- }
- }
- msLayerSubstituteString(layer, tmpstr, mapserv->request->ParamValues[i]);
- }
-
- free(tmpstr);
- free(key);
}
+ msApplySubstitutions(map, mapserv->request->ParamNames, mapserv->request->ParamValues, mapserv->request->NumParams);
msApplyDefaultSubstitutions(map);
/* check to see if a ogc map context is passed as argument. if there */
Modified: trunk/mapserver/mapserver.h
===================================================================
--- trunk/mapserver/mapserver.h 2011-03-18 14:27:47 UTC (rev 11225)
+++ trunk/mapserver/mapserver.h 2011-03-18 14:29:21 UTC (rev 11226)
@@ -1702,7 +1702,7 @@
MS_DLL_EXPORT void freeExpressionTokens(expressionObj *exp);
MS_DLL_EXPORT void freeExpression(expressionObj *exp);
-MS_DLL_EXPORT void msLayerSubstituteString(layerObj *layer, const char *from, const char *to);
+MS_DLL_EXPORT void msApplySubstitutions(mapObj *map, char **names, char **values, int npairs);
MS_DLL_EXPORT void msApplyDefaultSubstitutions(mapObj *map);
MS_DLL_EXPORT int getClassIndex(layerObj *layer, char *str);
More information about the mapserver-commits
mailing list