00001 <?php
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028 $form6='#form6'; # form for file upload - needed for server
00029
00030 session_start();
00031
00032 # initalize path to CM (either already defined in CM_ROOT or expected to share the same directory)
00033 $cm_root=getenv("CM_ROOT"); if ($cm_root=="") $cm_root=getcwd();
00034
00035 # initalize path to CM TMP
00036 $cm_tmp=getenv("CM_TMP"); if ($cm_tmp=="") $cm_tmp=$cm_root."/tmp";
00037
00038 # read config (to check auth, etc)
00039 $cm_default_cfg=getenv("CM_DEFAULT_CFG");
00040 if ($cm_default_cfg=="") $cm_default_cfg=$cm_root."/.cmr/kernel/default/.cm/data.json";
00041 $f=file_get_contents($cm_default_cfg);
00042 $cfg=json_decode($f,true);
00043
00044 require_once 'cm.php';
00045
00046 # get web environment variables
00047 $get=cm_web_to_array($_GET, "");
00048 $post=cm_web_to_array($_POST, "");
00049 $session=$_SESSION;
00050 $cookie=$_COOKIE;
00051
00052 # Process cm_json
00053 if (array_key_exists("cm_json", $post))
00054 {
00055 $jd=check_cm_json($post["cm_json"]);
00056 unset($post["cm_json"]);
00057 $post=array_merge($post, $jd);
00058 }
00059
00060 if (array_key_exists("cm_json", $get))
00061 {
00062 $jd=check_cm_json($get["cm_json"]);
00063 unset($get["cm_json"]);
00064 $get=array_merge($get, $jd);
00065 }
00066
00067 # Process file upload
00068 if ( (array_key_exists('cm_file_upload',$post) && strlen($post['cm_file_upload'])>0) ||
00069 (array_key_exists('cm_file_upload_base64',$post) && strlen($post['cm_file_upload_base64'])>0) ||
00070 array_key_exists($form6.'##cm_file_upload',$_FILES))
00071 {
00072 # Generate tmp file
00073 $ii=array();
00074 $ii['cm_run_module_uoa']='core';
00075 $ii['cm_action']='gen_cm_tmp_file';
00076 $ii['cm_console']='json';
00077 $rr=trim(cm_access($ii, false));
00078 $r=json_decode($rr,true);
00079 if ($r==NULL)
00080 {
00081 echo '<br><b>cM front-end error:</B> can\'t parse json output during preprocessing!</b><br><br>';
00082 echo '<pre><b>Module output:</b><br><br>';
00083 echo $rr;
00084 echo '</pre><br>';
00085 return 1;
00086 }
00087 else if ($r['cm_return']>0)
00088 {
00089 echo '<BR><B>cM error:</B> '.$r['cm_error'].'!<BR>';
00090 return 1;
00091 }
00092
00093 $tf=$r['cm_path'];
00094 $uid=$r['cm_uid'];
00095
00096 $y='';
00097 if (array_key_exists($form6.'##cm_file_upload_name',$get)) $y=$get[$form6.'##cm_file_upload_name'];
00098 if (array_key_exists($form6.'##cm_file_upload_name',$post)) $y=$post[$form6.'##cm_file_upload_name'];
00099
00100 if (array_key_exists($form6.'##cm_file_upload',$_FILES))
00101 {
00102 $xn=$_FILES[$form6.'##cm_file_upload'];
00103 $yn=$form6.'##cm_file_upload_tmp_uid';
00104 if ($y=='') $post[$form6.'##cm_file_upload_name']=$xn['name'];
00105 if (!move_uploaded_file($xn['tmp_name'], $tf))
00106 echo "Internal problem moving tmp file ... Please, try again or report problem to developers!";
00107 }
00108 else
00109 {
00110 if (array_key_exists('cm_file_upload',$post) && strlen($post['cm_file_upload'])>0)
00111 {
00112 $xn=$post['cm_file_upload'];
00113 unset($post['cm_file_upload']);
00114 $yn='cm_file_upload_tmp_uid';
00115 }
00116 else
00117 {
00118 $xn=urlsafe_b64decode($post['cm_file_upload_base64']);
00119 unset($post['cm_file_upload_base64']);
00120 $yn='cm_file_upload_tmp_uid';
00121 }
00122
00123 $handle = fopen($tf, "wb");
00124 if ($handle!=NULL)
00125 fwrite($handle, $xn);
00126 fclose($handle);
00127 }
00128
00129 $post[$yn]=$uid;
00130 }
00131
00132 # Force delete of cm_user_password2 which is used only in session or cookies
00133 if (array_key_exists("cm_user_password2", $post)) unset($post["cm_user_password2"]);
00134 if (array_key_exists("cm_user_password2", $get)) unset($get["cm_user_password2"]);
00135
00136 # Force delete of cm_admin - it can be only done internally
00137 if (array_key_exists("cm_admin", $post)) unset($post["cm_admin"]);
00138 if (array_key_exists("cm_admin", $get)) unset($get["cm_admin"]);
00139
00140 # Preprocessing web request (we move most of the logic from php to cM python modules).
00141 # Later, it will be easier to use this functionality in cM standalone python web server.
00142 $i=array();
00143 $i['cm_run_module_uoa']='web';
00144 $i['cm_action']='preprocess';
00145 $i['cm_console']='json';
00146 $i['cm_web_session']=$session;
00147 $i['cm_web_cookies']=$cookie;
00148 $i['cm_web_get']=$get;
00149 $i['cm_web_post']=$post;
00150 $i['cm_web']='yes'; # web environment - may be used to force authentication!
00151
00152 # Pack username & password if in COOKIE OR SESSION OR POST
00153 if (array_key_exists("cm_user_uoa", $cookie)) $i['cm_user_uoa']=$cookie['cm_user_uoa'];
00154 if (array_key_exists("cm_user_uoa", $session)) $i['cm_user_uoa']=$session['cm_user_uoa'];
00155 if (array_key_exists("cm_user_uoa", $post)) $i['cm_user_uoa']=$post['cm_user_uoa'];
00156 if (array_key_exists("cm_user_password", $post)) $i['cm_user_password']=$post['cm_user_password'];
00157 if (array_key_exists("cm_user_password1", $post)) $i['cm_user_password1']=$post['cm_user_password1'];
00158 if (array_key_exists("cm_user_password1", $get)) $i['cm_user_password1']=$get['cm_user_password1'];
00159 if (array_key_exists("cm_user_password2", $cookie)) $i['cm_user_password2']=$cookie['cm_user_password2'];
00160 if (array_key_exists("cm_user_password2", $session)) $i['cm_user_password2']=$session['cm_user_password2'];
00161
00162 # Check if detach console (only in the postprocessing)
00163 $cdc='';
00164 if (array_key_exists("cm_detach_console", $post)) {$cdc=$post["cm_detach_console"]; unset($post["cm_detach_console"]);}
00165 if (array_key_exists("cm_detach_console", $get)) {$cdc=$get["cm_detach_console"]; unset($get["cm_detach_console"]);}
00166
00167 $rr=trim(cm_access($i, false));
00168 $r=json_decode($rr,true);
00169
00170 if ($r==NULL)
00171 {
00172 echo '<br><b>cM front-end error:</B> can\'t parse json output during preprocessing!</b><br><br>';
00173 echo '<pre><b>Module output:</b><br><br>';
00174 echo $rr;
00175 echo '</pre><br>';
00176 return 1;
00177 }
00178 else
00179 {
00180 #Check console for output if errors!
00181 $cm_console='web';
00182 if (array_key_exists('cm_console', $get)) $cm_console=$get['cm_console'];
00183 else if (array_key_exists('cm_console', $post)) $cm_console=$post['cm_console'];
00184
00185 if (array_key_exists('cm_return', $r) && $r['cm_return']>0)
00186 {
00187 header("Content-type: text/html");
00188 if ($cm_console=='json')
00189 {
00190 echo json_encode($r);
00191 }
00192 else
00193 {
00194 echo '<html><body><BR><B>cM error:</B> '.$r['cm_error'].'!<BR></body></html>';
00195 }
00196 return 1;
00197 }
00198
00199 if (array_key_exists('cm_stderr', $r) && $r['cm_stderr']!='')
00200 {
00201 header("Content-type: text/html");
00202 if ($cm_console=='json')
00203 {
00204 $et='cM failure - please report to developers';
00205 if (array_key_exists('report_to_developers',$cfg)) $et=$et.' '.(string)$cfg['report_to_developers'];
00206 $et=$et.':\n\n';
00207 if (array_key_exists('cm_stdout', $r) && $r['cm_stdout']!='') $et=$et.'STDOUT:\n'.$r['cm_stdout'].'\n\n';
00208 $et=$et.'STDERR:\n'.$r['cm_stderr'];
00209 $rx=array();
00210 $rx['cm_return']=33;
00211 $rx['cm_error']=$et;
00212 echo json_encode($rx);
00213 }
00214 else
00215 {
00216 $et='<html><body><BR><B>cM failure - please report to developers';
00217 if (array_key_exists('report_to_developers',$cfg)) $et=$et.' '.(string)$cfg['report_to_developers'];
00218 $et=$et.':\n\n';
00219 if (array_key_exists('cm_stdout', $r) && $r['cm_stdout']!='') $et=$et.'<B>STDOUT:</B><BR><pre>'.$r['cm_stdout'].'</pre><BR><BR>';
00220 $et=$et.'<B>STDERR:</B><BR><pre>'.$r['cm_stderr'].'</pre></body></html>';
00221 echo $et;
00222 }
00223 return 1;
00224 }
00225 }
00226
00227 # Check if need to destroy cookies
00228 if (get_var($r, 'cm_web_destroy_cookies')=='yes')
00229 {
00230 $vars=get_var($r, 'cm_web_cookies');
00231 if ($vars!=NULL)
00232 foreach ($vars as $value)
00233 setcookie($value, '', time()-3600);
00234 }
00235
00236 # Check if need to destroy session
00237 if (get_var($r, 'cm_web_destroy_session')=='yes')
00238 {
00239 $_SESSION = array();
00240 session_destroy();
00241 }
00242
00243 # Check if set cookies
00244 if (get_var($r, 'cm_web_set_cookies')=='yes')
00245 {
00246 $vars=get_var($r, 'cm_web_cookies');
00247 $time=get_var($r, 'cm_web_cookies_expire_time');
00248 if ($time==NULL) $time=604800; # 1 week by default
00249
00250 if ($vars!=NULL)
00251 foreach ($vars as $value)
00252 setcookie($value[0], $value[1], time()+intval($time));
00253 }
00254
00255 # Check if set session
00256 if (get_var($r, 'cm_web_set_session')=='yes')
00257 {
00258 $vars=get_var($r, 'cm_web_vars');
00259
00260 if ($vars!=NULL)
00261 foreach ($vars as $value)
00262 $_SESSION[$value[0]]=$value[1];
00263 }
00264
00265 # Check if set header
00266 if (get_var($r, 'cm_web_set_headers')=='yes')
00267 {
00268 $vars=get_var($r, 'cm_web_headers');
00269 if ($vars!=NULL)
00270 foreach ($vars as $value)
00271 header($value);
00272 }
00273
00274 # Check if download
00275 if (get_var($r, 'cm_web_download')=='yes')
00276 {
00277 #read raw file
00278 if (array_key_exists('cm_full_filename', $r)==true)
00279 {
00280 if (file_exists($r['cm_full_filename'])==true)
00281 {
00282 $handle = fopen($r['cm_full_filename'], "rb");
00283 if ($handle!=NULL)
00284 {
00285 while (!feof($handle))
00286 {
00287 $s=fread($handle, 8192);
00288 print $s;
00289 }
00290 fclose($handle);
00291 }
00292 }
00293 }
00294 }
00295
00296 # Check if need to delete file
00297 if (get_var($r, 'cm_delete_file_after_view')=='yes')
00298 if (get_var($r, 'cm_full_filename')!='')
00299 unlink(get_var($r, 'cm_full_filename'));
00300
00301 # Check if postprocess
00302 if (get_var($r, 'cm_web_postprocess')=='yes')
00303 {
00304 # Postprocessing web request (we move most of the logic from php to cM python modules).
00305 # Later, it will be easier to use this functionality in cM standalone python web server.
00306 $i1=array();
00307 $i1['cm_run_module_uoa']='web';
00308 $i1['cm_action']='postprocess';
00309 $i1['cm_web_preprocess_return']=$r;
00310 $i1['cm_web_session']=$_SESSION;
00311 $i1['cm_web_get']=$get;
00312 $i1['cm_web_post']=$post;
00313 $i1['cm_web']='yes'; # web environment - may be used to force authentication!
00314
00315 # Pack username & password if in COOKIE OR SESSION OR POST
00316 if (array_key_exists("cm_user_uoa", $cookie)) $i1['cm_user_uoa']=$cookie['cm_user_uoa'];
00317 if (array_key_exists("cm_user_uoa", $session)) $i1['cm_user_uoa']=$session['cm_user_uoa'];
00318 if (array_key_exists("cm_user_uoa", $post)) $i1['cm_user_uoa']=$post['cm_user_uoa'];
00319 if (array_key_exists("cm_user_password", $post)) $i1['cm_user_password']=$post['cm_user_password'];
00320 if (array_key_exists("cm_user_password1", $post)) $i1['cm_user_password1']=$post['cm_user_password1'];
00321 if (array_key_exists("cm_user_password1", $get)) $i1['cm_user_password1']=$get['cm_user_password1'];
00322 if (array_key_exists("cm_user_password2", $cookie)) $i1['cm_user_password2']=$cookie['cm_user_password2'];
00323 if (array_key_exists("cm_user_password2", $session)) $i1['cm_user_password2']=$session['cm_user_password2'];
00324
00325 #Set console here!
00326 if (array_key_exists('cm_console', $get)==true) $i1['cm_console']=$get['cm_console'];
00327 else if (array_key_exists('cm_console', $post)==true) $i1['cm_console']=$post['cm_console'];
00328 else $i1['cm_console']='web';
00329
00330 # Check console detaching
00331 if ($cdc!='') $i1['cm_detach_console']=$cdc;
00332
00333 cm_access($i1, true);
00334 }
00335
00336 ?>