function Filter($filter, $m_data)
{
global $FILTERS, $SOCKET_FILTERS;
global $php_errormsg;
static $b_in_here = false;
//
// prevent recursive errors
//
if ($b_in_here) {
return "<DATA DISCARDED>";
}
$b_in_here = true;
//
// Any errors sent in an alert are flagged to not run through the
// filter - this also means the user's data won't be included in the
// alert.
// The reason for this is that the Filter is typically an encryption
// program. If the filter fails, then sending the user's data in
// clear text in an alert breaks the security of having encryption
// in the first place!
//
//
// find the filter
//
if (!isset($FILTERS[$filter]) || $FILTERS[$filter] == "") {
//
// check for SOCKET_FILTERS
//
if (!isset($SOCKET_FILTERS[$filter]) || $SOCKET_FILTERS[$filter] == "") {
ErrorWithIgnore("bad_filter", GetMessage(MSG_FILTER_UNK, array("FILTER" => $filter)), false, false);
exit;
}
$m_data = SocketFilter($filter, $SOCKET_FILTERS[$filter], $m_data);
} elseif ($FILTERS[$filter] == "null") {
//
// do nothing - just return the original data unchanged
//
} elseif ($FILTERS[$filter] == "csv") {
$m_data = BuiltinFilterCSV();
} else {
$cmd = $FILTERS[$filter];
//
// get the program name - assumed to be the first blank-separated word
//
$a_words = preg_split('/\\s+/', $cmd);
$prog = $a_words[0];
$s_cwd = getcwd();
//
// change to the directory that contains the filter program
//
$dirname = dirname($prog);
if ($dirname != "" && $dirname != "." && !chdir($dirname)) {
Error("chdir_filter", GetMessage(MSG_FILTER_CHDIR, array("DIR" => $dirname, "FILTER" => $filter, "ERROR" => CheckString($php_errormsg))), false, false);
exit;
}
//
// the output of the filter goes to a temporary file; this works
// OK on Windows too, even with the Unix shell syntax.
//
$temp_file = GetTempName("FMF");
$temp_error_file = GetTempName("FME");
$cmd = "{$cmd} >{$temp_file} 2>{$temp_error_file}";
//
// start the filter
//
$pipe = popen($cmd, "w");
if ($pipe === false) {
$s_sv_err = CheckString($php_errormsg);
$err = join('', file($temp_error_file));
unlink($temp_file);
unlink($temp_error_file);
Error("filter_not_found", GetMessage(MSG_FILTER_NOTFOUND, array("CMD" => $cmd, "FILTER" => $filter, "ERROR" => $s_sv_err)), false, false, $err);
exit;
}
//
// write the data to the filter
//
if (is_array($m_data)) {
fwrite($pipe, implode(BODY_LF, $m_data));
} else {
fwrite($pipe, $m_data);
}
if (($i_st = pclose($pipe)) != 0) {
$s_sv_err = CheckString($php_errormsg);
$err = join('', file($temp_error_file));
unlink($temp_file);
unlink($temp_error_file);
Error("filter_failed", GetMessage(MSG_FILTER_ERROR, array("FILTER" => $filter, "ERROR" => $s_sv_err, "STATUS" => $i_st)), false, false, $err);
exit;
}
//
// read in the filter's output and return as the data to be sent
//
$m_data = join('', file($temp_file));
unlink($temp_error_file);
unlink($temp_file);
//
// return to previous directory
//
chdir($s_cwd);
}
$b_in_here = false;
return $m_data;
}
function Filter($filter, $m_data)
{
global $FILTERS, $SOCKET_FILTERS;
//
// Any errors sent in an alert are flagged to not run through the
// filter - this also means the user's data won't be included in the
// alert.
// The reason for this is that the Filter is typically an encryption
// program. If the filter fails, then sending the user's data in
// clear text in an alert breaks the security of having encryption
// in the first place!
//
//
// find the filter
//
if (!isset($FILTERS[$filter]) || $FILTERS[$filter] == "") {
//
// check for SOCKET_FILTERS
//
if (!isset($SOCKET_FILTERS[$filter]) || $SOCKET_FILTERS[$filter] == "") {
Error("bad_filter", "The form has an internal error - unknown filter '" . $filter . "'", false);
exit;
}
$m_data = SocketFilter($filter, $SOCKET_FILTERS[$filter], $m_data);
} else {
$cmd = $FILTERS[$filter];
//
// get the program name - assumed to be the first blank-separated word
//
$a_words = preg_split('/\\s+/', $cmd);
$prog = $a_words[0];
$s_cwd = getcwd();
//
// change to the directory that contains the filter program
//
$dirname = dirname($prog);
if (!chdir($dirname)) {
Error("chdir_filter", "The form has an internal error - cannot chdir to '{$dirname}' to run filter", false);
exit;
}
//
// the output of the filter goes to a temporary file; this works
// OK on Windows too, even with the Unix shell syntax.
//
$temp_file = GetTempName("FMF");
$cmd = "{$cmd} > {$temp_file} 2>&1";
//
// start the filter
//
$pipe = popen($cmd, "w");
if (!$pipe) {
$err = join('', file($temp_file));
unlink($temp_file);
Error("filter_not_found", "The form has an internal error - cannot execute filter '" . $cmd . "'", false, true, $err);
exit;
}
//
// write the data to the filter
//
if (is_array($m_data)) {
fwrite($pipe, implode(BODY_LF, $m_data));
} else {
fwrite($pipe, $m_data);
}
if (pclose($pipe) != 0) {
$err = join('', file($temp_file));
unlink($temp_file);
Error("filter_failed", "The form has an internal error - filter failed", false, true, $err);
exit;
}
//
// read in the filter's output and return as the data to be sent
//
$m_data = join('', file($temp_file));
unlink($temp_file);
//
// return to previous directory
//
chdir($s_cwd);
}
return $m_data;
}