get("mb_user_id"));
$command = $_REQUEST["command"];
/**
* checks if a variable name is valid.
* Currently a valid name would be sth. like Mapbender::session()->get("mb_user_id")
* TODO: this function is also in mod_wfs_result!! Maybe merge someday.
*/
function isValidVarName ($varname) {
if (preg_match("/[\$]{1}_[a-z]+\[\"[a-z_]+\"\]/i", $varname) != 0) {
return true;
}
return false;
}
/**
* If access to the WFS conf is restricted, modify the filter.
* TODO: this function is also in mod_wfs_result!! Maybe merge someday.
*/
function checkAccessConstraint($filter, $wfs_conf_id) {
/* wfs_conf_element */
$sql = "SELECT * FROM wfs_conf_element ";
$sql .= "JOIN wfs_element ON wfs_conf_element.f_id = wfs_element.element_id ";
$sql .= "WHERE wfs_conf_element.fkey_wfs_conf_id = $1 ";
$sql .= "ORDER BY wfs_conf_element.f_respos";
$v = array($wfs_conf_id);
$t = array('i');
$res = db_prep_query($sql,$v,$t);
while($row = db_fetch_array($res)){
if (!empty($row["f_auth_varname"])) {
$auth_varname = $row["f_auth_varname"];
$element_name = $row["element_name"];
}
}
if (!empty($auth_varname)) {
if (isValidVarName($auth_varname)) {
$user = eval("return " . $auth_varname . ";");
if ($user) {
$pattern = "(]*>)(.*)()";
$replacement = "\\1\\2" . $element_name . "" . $user . "\\3";
$filter = mb_eregi_replace($pattern, $replacement, $filter);
}
else {
$e = new mb_exception("mod_wfs_gazetteer_server: checkAccessConstraint: invalid value of variable containing user information!");
}
}
else {
$e = new mb_exception("mod_wfs_gazetteer_server: checkAccessConstraint: var name is not valid! (" . $auth_varname . ")");
}
}
return $filter;
}
if ($command == "getWfsConf") {
$wfsConfIdString = $_GET["wfsConfIdString"];
if ($wfsConfIdString != "") {
//array_keys(array_flip()) produces an array with unique entries
$wfsConfIdArray = array_keys(array_flip(mb_split(",", $wfsConfIdString)));
$availableWfsConfIds = $user->getWfsConfByPermission();
$wfsConfIdArray = array_intersect($wfsConfIdArray, $availableWfsConfIds);
if (count($wfsConfIdArray) === 0) {
echo "no wfs conf available.";
die();
}
}
else {
echo "please specify wfs conf id.";
die();
}
$obj = new WfsConf();
$obj->load($wfsConfIdArray);
$json = new Mapbender_JSON();
$output = $json->encode($obj->confArray);
echo $output;
}
elseif ($command == "getWfsConfsForThisApplication") {
// get all WFS conf IDs for this application
$availableWfsConfIds = $user->getWfsConfByPermission(Mapbender::session()->get("mb_user_gui"));
$obj = new WfsConf();
$obj->load($availableWfsConfIds);
$json = new Mapbender_JSON();
$output = $json->encode($obj->confArray);
echo $output;
}
else if ($command == "getSearchResults") {
$wfs_conf_id = $_REQUEST["wfs_conf_id"];
$backlink = $_REQUEST["backlink"];
$frame = $_REQUEST["frame"];
$filter = $_REQUEST["filter"];
$url = $_REQUEST["url"];
$typename = $_REQUEST["typename"];
$destSrs = $_REQUEST["destSrs"];
$wfsConf = WfsConfiguration::createFromDb($wfs_conf_id);
if (is_null($wfsConf)) {
sendErrorMessage("Invalid WFS conf: " . $wfs_conf_id);
}
// append authorisation condition to filter
$filter = checkAccessConstraint($filter, $wfs_conf_id);
$admin = new administration();
$filter = administration::convertIncomingString($filter);
$wfsId = $wfsConf->wfsId;
$myWfsFactory = new UniversalWfsFactory();
$myWfs = $myWfsFactory->createFromDb($wfsId);
$data = $myWfs->getFeature($typename, $filter,$destSrs);
if ($data === null) die('{}');
if (defined("WFS_RESPONSE_SIZE_LIMIT") && WFS_RESPONSE_SIZE_LIMIT < strlen($data)) {
die("Too many results, please restrict your search.");
}
// $geomColumn = WfsConf::getGeomColumnNameByConfId($wfs_conf_id);
$gmlFactory = new UniversalGmlFactory();
$myGml = $gmlFactory->createFromXml($data, $wfsConf);
if (!is_null($myGml)) {
$geoJson = $myGml->toGeoJSON();
}
else {
$geoJson = "{}";
}
header("Content-type:application/x-json; charset=utf-8");
echo $geoJson;
}
else {
echo "please enter a valid command.";
}
?>