| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403 | /* * Copyright (C)2005-2017 Haxe Foundation * * Permission is hereby granted, free of charge, to any person obtaining a * copy of this software and associated documentation files (the "Software"), * to deal in the Software without restriction, including without limitation * the rights to use, copy, modify, merge, publish, distribute, sublicense, * and/or sell copies of the Software, and to permit persons to whom the * Software is furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */package php;import haxe.io.Bytes;/**	This class is used for accessing the local Web server and the current	client request and information.**/class Web {	/**		Returns the GET and POST parameters.	**/	public static function getParams() : Map<String,String> {		#if force_std_separator		var a : NativeArray = untyped __php__("$_POST");		if(untyped __call__("get_magic_quotes_gpc"))			untyped __php__("reset($a); while(list($k, $v) = each($a)) $a[$k] = stripslashes((string)$v)");		var h = Lib.hashOfAssociativeArray(a);		var params = getParamsString();		if( params == "" )			return h;		for( p in ~/[;&]/g.split(params) ) {			var a = p.split("=");			var n = a.shift();			h.set(StringTools.urlDecode(n),StringTools.urlDecode(a.join("=")));		}		return h;		#else		var a : NativeArray = untyped __php__("array_merge($_GET, $_POST)");		if(untyped __call__("get_magic_quotes_gpc"))			untyped __php__("reset($a); while(list($k, $v) = each($a)) $a[$k] = stripslashes((string)$v)");		return Lib.hashOfAssociativeArray(a);		#end	}	/**		Returns an Array of Strings built using GET / POST values.		If you have in your URL the parameters `a[]=foo;a[]=hello;a[5]=bar;a[3]=baz` then		`php.Web.getParamValues("a")` will return `["foo","hello",null,"baz",null,"bar"]`.	**/	public static function getParamValues( param : String ) : Array<String> {		var reg = new EReg("^"+param+"(\\[|%5B)([0-9]*?)(\\]|%5D)=(.*?)$", "");		var res = new Array<String>();		var explore = function(data:String){			if (data == null || data.length == 0)				return;			for (part in data.split("&")){				if (reg.match(part)){					var idx = reg.matched(2);					var val = StringTools.urlDecode(reg.matched(4));					if (idx == "")						res.push(val);					else						res[Std.parseInt(idx)] = val;				}			}		}		explore(StringTools.replace(getParamsString(), ";", "&"));		explore(getPostData());        if (res.length == 0) {            var post:haxe.ds.StringMap<Dynamic> = Lib.hashOfAssociativeArray(untyped __php__("$_POST"));            var data = post.get(param);            var k = 0, v = "";            if (untyped __call__("is_array", data)) {                untyped __php__(" reset($data); while(list($k, $v) = each($data)) { ");                res[k] = v;                untyped __php__(" } ");            }        }		if (res.length == 0)			return null;		return res;	}	/**		Returns the local server host name.	**/	public static inline function getHostName() : String {		return untyped __php__("$_SERVER['SERVER_NAME']");	}	/**		Surprisingly returns the client IP address.	**/	public static inline function getClientIP() : String {		return untyped __php__("$_SERVER['REMOTE_ADDR']");	}	/**		Returns the original request URL (before any server internal redirections).	**/	public static function getURI() : String {		var s : String = untyped __php__("$_SERVER['REQUEST_URI']");		return s.split("?")[0];	}	/**		Tell the client to redirect to the given url ("Location" header).	**/	public static function redirect( url : String ) {		untyped __call__('header', "Location: " + url);	}	/**		Set an output header value. If some data have been printed, the headers have		already been sent so this will raise an exception.	**/	public static inline function setHeader( h : String, v : String ) {		untyped __call__('header', h+": "+v);	}	/**		Set the HTTP return code. Same remark as `php.Web.setHeader()`.		See status code explanation here: http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html	**/	public static function setReturnCode( r : Int ) {		var code : String;		switch(r) {			case 100: code = "100 Continue";			case 101: code = "101 Switching Protocols";			case 200: code = "200 OK";			case 201: code = "201 Created";			case 202: code = "202 Accepted";			case 203: code = "203 Non-Authoritative Information";			case 204: code = "204 No Content";			case 205: code = "205 Reset Content";			case 206: code = "206 Partial Content";			case 300: code = "300 Multiple Choices";			case 301: code = "301 Moved Permanently";			case 302: code = "302 Found";			case 303: code = "303 See Other";			case 304: code = "304 Not Modified";			case 305: code = "305 Use Proxy";			case 307: code = "307 Temporary Redirect";			case 400: code = "400 Bad Request";			case 401: code = "401 Unauthorized";			case 402: code = "402 Payment Required";			case 403: code = "403 Forbidden";			case 404: code = "404 Not Found";			case 405: code = "405 Method Not Allowed";			case 406: code = "406 Not Acceptable";			case 407: code = "407 Proxy Authentication Required";			case 408: code = "408 Request Timeout";			case 409: code = "409 Conflict";			case 410: code = "410 Gone";			case 411: code = "411 Length Required";			case 412: code = "412 Precondition Failed";			case 413: code = "413 Request Entity Too Large";			case 414: code = "414 Request-URI Too Long";			case 415: code = "415 Unsupported Media Type";			case 416: code = "416 Requested Range Not Satisfiable";			case 417: code = "417 Expectation Failed";			case 500: code = "500 Internal Server Error";			case 501: code = "501 Not Implemented";			case 502: code = "502 Bad Gateway";			case 503: code = "503 Service Unavailable";			case 504: code = "504 Gateway Timeout";			case 505: code = "505 HTTP Version Not Supported";			default: code = Std.string(r);		}		untyped __call__('header', "HTTP/1.1 " + code, true, r);	}	/**		Retrieve a client header value sent with the request.	**/	public static function getClientHeader( k : String ) : String {		var k = StringTools.replace(k.toUpperCase(),"-","_");		for(i in getClientHeaders()) {			if(i.header == k)				return i.value;		}		return null;	}	private static var _client_headers : List<{header : String, value : String}>;	/**		Retrieve all the client headers.	**/	public static function getClientHeaders() {		if(_client_headers == null) {			_client_headers = new List();			var h = Lib.hashOfAssociativeArray(untyped __php__("$_SERVER"));			for(k in h.keys()) {				if(k.substr(0,5) == "HTTP_") {					_client_headers.add({ header : k.substr(5), value : h.get(k)});				// this is also a valid prefix (issue #1883)				} else if(k.substr(0,8) == "CONTENT_") {					_client_headers.add({ header : k, value : h.get(k)});				}			}			// and these(issue #5270)			if(untyped __php__("isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])")) {				_client_headers.add({header: 'AUTHORIZATION', value: untyped __php__("(string)$_SERVER['REDIRECT_HTTP_AUTHORIZATION']")});			} else if(untyped __php__("isset($_SERVER['PHP_AUTH_USER'])")) {				var basic_pass = untyped __php__("isset($_SERVER['PHP_AUTH_PW']) ? (string)$_SERVER['PHP_AUTH_PW'] : ''");				_client_headers.add({header: 'AUTHORIZATION', value: 'Basic ' + untyped __php__("base64_encode($_SERVER['PHP_AUTH_USER'] + ':' + $basic_pass)")});			} else if(untyped __php__("isset($_SERVER['PHP_AUTH_DIGEST'])")) {				_client_headers.add({header: 'AUTHORIZATION', value: untyped __php__("(string)$_SERVER['PHP_AUTH_DIGEST']")});			}		}		return _client_headers;	}	/**		Returns all the GET parameters `String`	**/	public static function getParamsString() : String {		if(untyped __call__("isset", __var__("_SERVER", "QUERY_STRING")))			return untyped __var__("_SERVER", "QUERY_STRING");		else			return "";	}	/**		Returns all the POST data. POST Data is always parsed as		being application/x-www-form-urlencoded and is stored into		the getParams hashtable. POST Data is maximimized to 256K		unless the content type is multipart/form-data. In that		case, you will have to use `php.Web.getMultipart()` or		`php.Web.parseMultipart()` methods.	**/	public static function getPostData() : Null<String> {		var h = untyped __call__("fopen", "php://input", "r");		var bsize = 8192;		var max = 32;		var data : String = null;		var counter = 0;		while (!untyped __call__("feof", h) && counter < max) {			data = untyped __php__('{0} . fread({1}, {2})', data, h, bsize);			counter++;		}		untyped __call__("fclose", h);		return data;	}	/**		Returns an hashtable of all Cookies sent by the client.		Modifying the hashtable will not modify the cookie, use `php.Web.setCookie()`		instead.	**/	public static function getCookies():Map<String,String> {		return Lib.hashOfAssociativeArray(untyped __php__("$_COOKIE"));	}	/**		Set a Cookie value in the HTTP headers. Same remark as `php.Web.setHeader()`.	**/	public static function setCookie( key : String, value : String, ?expire: Date, ?domain: String, ?path: String, ?secure: Bool, ?httpOnly: Bool ) {		var t = expire == null ? 0 : Std.int(expire.getTime()/1000.0);		if(path == null) path = '/';		if(domain == null) domain = '';		if(secure == null) secure = false;		if(httpOnly == null) httpOnly = false;		untyped __call__("setcookie", key, value, t, path, domain, secure, httpOnly);	}	/**		Returns an object with the authorization sent by the client (Basic scheme only).	**/	public static function getAuthorization() : { user : String, pass : String } {		if(!untyped __php__("isset($_SERVER['PHP_AUTH_USER'])"))			return null;		return untyped {user: __php__("$_SERVER['PHP_AUTH_USER']"), pass: __php__("$_SERVER['PHP_AUTH_PW']")};	}	/**		Get the current script directory in the local filesystem.	**/	public static inline function getCwd() : String {		return untyped __php__("dirname($_SERVER[\"SCRIPT_FILENAME\"])") + "/";	}	/**		Get the multipart parameters as an hashtable. The data		cannot exceed the maximum size specified.	**/	public static function getMultipart( maxSize : Int ) : Map<String,String> {		var h = new haxe.ds.StringMap();		var buf : StringBuf = null;		var curname = null;		parseMultipart(function(p,_) {			if( curname != null )				h.set(curname,buf.toString());			curname = p;			buf = new StringBuf();			maxSize -= p.length;			if( maxSize < 0 )				throw "Maximum size reached";		}, function(str,pos,len) {			maxSize -= len;			if( maxSize < 0 )				throw "Maximum size reached";			buf.addSub(str.toString(),pos,len);		});		if( curname != null )			h.set(curname,buf.toString());		return h;	}	/**		Parse the multipart data. Call `onPart` when a new part is found		with the part name and the filename if present		and `onData` when some part data is read. You can this way		directly save the data on hard drive in the case of a file upload.	**/	public static function parseMultipart( onPart : String -> String -> Void, onData : Bytes -> Int -> Int -> Void ) : Void {		var a : NativeArray = untyped __var__("_POST");		if(untyped __call__("get_magic_quotes_gpc"))			untyped __php__("reset($a); while(list($k, $v) = each($a)) $a[$k] = stripslashes((string)$v)");		var post = Lib.hashOfAssociativeArray(a);		for (key in post.keys())		{			onPart(key, "");			var v = post.get(key);			onData(Bytes.ofString(v), 0, untyped __call__("strlen", v));		}		if(!untyped __call__("isset", __php__("$_FILES"))) return;		var parts : Array<String> = untyped __call__("new _hx_array",__call__("array_keys", __php__("$_FILES")));		for(part in parts) {			var info : Dynamic = untyped __php__("$_FILES[$part]");			var tmp : String = untyped info['tmp_name'];			var file : String = untyped info['name'];			var err : Int = untyped info['error'];			if(err > 0) {				switch(err) {					case 1: throw "The uploaded file exceeds the max size of " + untyped __call__('ini_get', 'upload_max_filesize');					case 2: throw "The uploaded file exceeds the max file size directive specified in the HTML form (max is" + untyped __call__('ini_get', 'post_max_size') + ")";					case 3: throw "The uploaded file was only partially uploaded";					case 4: continue; // No file was uploaded					case 6: throw "Missing a temporary folder";					case 7: throw "Failed to write file to disk";					case 8: throw "File upload stopped by extension";				}			}			onPart(part, file);			if ("" != file)			{				var h = untyped __call__("fopen", tmp, "r");				var bsize = 8192;				while (!untyped __call__("feof", h)) {					var buf : String = untyped __call__("fread", h, bsize);					var size : Int = untyped __call__("strlen", buf);					onData(Bytes.ofString(buf), 0, size);				}				untyped __call__("fclose", h);			}		}	}	/**		Flush the data sent to the client. By default on Apache, outgoing data is buffered so		this can be useful for displaying some long operation progress.	**/	public static inline function flush() : Void {		untyped __call__("flush");	}	/**		Get the HTTP method used by the client.	**/	public static function getMethod() : String {		if(untyped __php__("isset($_SERVER['REQUEST_METHOD'])"))			return untyped __php__("$_SERVER['REQUEST_METHOD']");		else			return null;	}	public static var isModNeko(default,null) : Bool;	static function __init__() {		isModNeko = !php.Lib.isCli();	}}
 |