summaryrefslogtreecommitdiffstats
path: root/plugins/webinterface/php_handler.cpp
blob: b8315baf3d2a243936de02ca3d18ef910c093995 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
  /***************************************************************************
 *   Copyright (C) 2006 by Diego R. Brogna                                 *
 *   dierbro@gmail.com                                               	   *
 *                                                                         *
 *   This program is free software; you can redistribute it and/or modify  *
 *   it under the terms of the GNU General Public License as published by  *
 *   the Free Software Foundation; either version 2 of the License, or     *
 *   (at your option) any later version.                                   *
 *                                                                         *
 *   This program is distributed in the hope that it will be useful,       *
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of        *
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the         *
 *   GNU General Public License for more details.                          *
 *                                                                         *
 *   You should have received a copy of the GNU General Public License     *
 *   along with this program; if not, write to the                         *
 *   Free Software Foundation, Inc.,                                       *
 *   51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.             *
 ***************************************************************************/
#include "php_handler.h"

#include <errno.h>
#include <stdio.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <unistd.h>
#include <util/log.h>
#include "php_interface.h"


using namespace kt;
using namespace bt;

namespace kt
{
	TQMap<TQString,TQByteArray> PhpHandler::scripts;

	PhpHandler::PhpHandler(const TQString & php_exe,PhpInterface *php) : TQProcess(php_exe),php_i(php)
	{
		connect(this,TQT_SIGNAL(readyReadStdout()),this,TQT_SLOT(onReadyReadStdout()));
		connect(this,TQT_SIGNAL(processExited()),this,TQT_SLOT(onExited()));
	}
	
	PhpHandler::~PhpHandler()
	{
	}
	
	bool PhpHandler::executeScript(const TQString & path,const TQMap<TQString,TQString> & args)
	{
		TQByteArray php_s;
		if (!scripts.contains(path))
		{
			TQFile fptr(path);
			if (!fptr.open(IO_ReadOnly))
			{
				Out(SYS_WEB|LOG_DEBUG) << "Failed to open " << path << endl;
				return false;
			}
			php_s = fptr.readAll();
			scripts.insert(path,php_s);
		}
		else
		{
			php_s = scripts[path];
		}
		
		output.resize(0);
	
		int firstphptag = TQCString(php_s).find("<?php");
		if (firstphptag == -1)
			return false;
		
		int off = firstphptag + 6;
		TQByteArray data;
		TQTextStream ts(data,IO_WriteOnly);
		ts.setEncoding( TQTextStream::UnicodeUTF8 );
		ts.writeRawBytes(php_s.data(),off); // first write the opening tag from the script
		php_i->globalInfo(ts);
		php_i->downloadStatus(ts);
		
		TQMap<TQString,TQString>::const_iterator it;
			
		for ( it = args.begin(); it != args.end(); ++it )
		{
			// Check for string delimiters, don't want PHP injection attacks
			if (!containsDelimiters(it.key()) && !containsDelimiters(it.data()))
				ts << TQString("$_REQUEST['%1']=\"%2\";\n").arg(it.key()).arg(it.data());
		}
		ts.writeRawBytes(php_s.data() + off,php_s.size() - off); // the rest of the script
		ts << flush;
		
#if 0
		TQFile dinges("output.php");
		if (dinges.open(IO_WriteOnly))
		{
			TQTextStream out(&dinges);
			out.writeRawBytes(data.data(),data.size());
			dinges.close();
		}
#endif
		return launch(data);
	}

	bool PhpHandler::containsDelimiters(const TQString & str)
	{
		return str.contains("\"") || str.contains("'");
	}
	
	void PhpHandler::onExited()
	{
		// read remaining data
		onReadyReadStdout();
		finished();
	}
	
	void PhpHandler::onReadyReadStdout()
	{
		TQTextStream out(output,IO_WriteOnly|IO_Append);
		while (canReadLineStdout())
		{
			TQByteArray d = readStdout();
			out.writeRawBytes(d.data(),d.size());
		}
	}

}

#include "php_handler.moc"