/**
* @param $datasource
* @param $options
* @param $dbspec
* @param $debug
* @param null $target
* @return bool
*/
function initialize($datasource, $options, $dbspec, $debug, $target = null)
{
$this->setUpSharedObjects();
$currentDir = dirname(__FILE__) . DIRECTORY_SEPARATOR;
$currentDirParam = $currentDir . 'params.php';
$parentDirParam = dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'params.php';
if (file_exists($parentDirParam)) {
include $parentDirParam;
} else {
if (file_exists($currentDirParam)) {
include $currentDirParam;
}
}
$this->clientPusherAvailable = isset($_POST["pusher"]) && $_POST["pusher"] == "yes";
$this->dbSettings->setDataSource($datasource);
$this->dbSettings->setOptions($options);
$this->dbSettings->setDbSpec($dbspec);
$this->dbSettings->setSeparator(isset($options['separator']) ? $options['separator'] : '@');
$this->formatter->setFormatter(isset($options['formatter']) ? $options['formatter'] : null);
$this->dbSettings->setDataSourceName(!is_null($target) ? $target : (isset($_POST['name']) ? $_POST['name'] : "_im_auth"));
$context = $this->dbSettings->getDataSourceTargetArray();
$dbClassName = 'DB_' . (isset($context['db-class']) ? $context['db-class'] : (isset($dbspec['db-class']) ? $dbspec['db-class'] : (isset($dbClass) ? $dbClass : '')));
$this->dbSettings->setDbSpecServer(isset($context['server']) ? $context['server'] : (isset($dbspec['server']) ? $dbspec['server'] : (isset($dbServer) ? $dbServer : '')));
$this->dbSettings->setDbSpecPort(isset($context['port']) ? $context['port'] : (isset($dbspec['port']) ? $dbspec['port'] : (isset($dbPort) ? $dbPort : '')));
$this->dbSettings->setDbSpecUser(isset($context['user']) ? $context['user'] : (isset($dbspec['user']) ? $dbspec['user'] : (isset($dbUser) ? $dbUser : '')));
$this->dbSettings->setDbSpecPassword(isset($context['password']) ? $context['password'] : (isset($dbspec['password']) ? $dbspec['password'] : (isset($dbPassword) ? $dbPassword : '')));
$this->dbSettings->setDbSpecDataType(isset($context['datatype']) ? $context['datatype'] : (isset($dbspec['datatype']) ? $dbspec['datatype'] : (isset($dbDataType) ? $dbDataType : '')));
$this->dbSettings->setDbSpecDatabase(isset($context['database']) ? $context['database'] : (isset($dbspec['database']) ? $dbspec['database'] : (isset($dbDatabase) ? $dbDatabase : '')));
$this->dbSettings->setDbSpecProtocol(isset($context['protocol']) ? $context['protocol'] : (isset($dbspec['protocol']) ? $dbspec['protocol'] : (isset($dbProtocol) ? $dbProtocol : '')));
$this->dbSettings->setDbSpecOption(isset($context['option']) ? $context['option'] : (isset($dbspec['option']) ? $dbspec['option'] : (isset($dbOption) ? $dbOption : '')));
if (isset($options['authentication']) && isset($options['authentication']['issuedhash-dsn'])) {
$this->dbSettings->setDbSpecDSN($options['authentication']['issuedhash-dsn']);
} else {
$this->dbSettings->setDbSpecDSN(isset($context['dsn']) ? $context['dsn'] : (isset($dbspec['dsn']) ? $dbspec['dsn'] : (isset($dbDSN) ? $dbDSN : '')));
}
$pusherParams = null;
if (isset($pusherParameters)) {
$pusherParams = $pusherParameters;
} else {
if (isset($options['pusher'])) {
$pusherParams = $options['pusher'];
}
}
if (!is_null($pusherParams)) {
$this->dbSettings->pusherAppId = $pusherParams['app_id'];
$this->dbSettings->pusherKey = $pusherParams['key'];
$this->dbSettings->pusherSecret = $pusherParams['secret'];
if (isset($pusherParams['channel'])) {
$this->dbSettings->pusherChannel = $pusherParams['channel'];
}
}
/* Setup Database Class's Object */
require_once "{$dbClassName}.php";
$this->dbClass = new $dbClassName();
if ($this->dbClass == null) {
$this->logger->setErrorMessage("The database class [{$dbClassName}] that you specify is not valid.");
echo implode('', $this->logger->getMessagesForJS());
return false;
}
$this->dbClass->setUpSharedObjects($this);
$this->dbClass->setupConnection();
if ((!isset($prohibitDebugMode) || !$prohibitDebugMode) && $debug) {
$this->logger->setDebugMode($debug);
}
$this->logger->setDebugMessage("The class '{$dbClassName}' was instanciated.", 2);
$this->dbSettings->setAggregationSelect(isset($context['aggregation-select']) ? $context['aggregation-select'] : null);
$this->dbSettings->setAggregationFrom(isset($context['aggregation-from']) ? $context['aggregation-from'] : null);
$this->dbSettings->setAggregationGroupBy(isset($context['aggregation-group-by']) ? $context['aggregation-group-by'] : null);
/* Authentication and Authorization Judgement */
$challengeDSN = null;
if (isset($options['authentication']) && isset($options['authentication']['issuedhash-dsn'])) {
$challengeDSN = $options['authentication']['issuedhash-dsn'];
} else {
if (isset($issuedHashDSN)) {
$challengeDSN = $issuedHashDSN;
}
}
if (!is_null($challengeDSN)) {
require_once "DB_PDO.php";
$this->authDbClass = new DB_PDO();
$this->authDbClass->setUpSharedObjects($this);
$this->authDbClass->setupWithDSN($challengeDSN);
$this->logger->setDebugMessage("The class 'DB_PDO' was instanciated for issuedhash with {$challengeDSN}.", 2);
} else {
$this->authDbClass = $this->dbClass;
}
$this->dbSettings->notifyServer = null;
if ($this->clientPusherAvailable) {
require_once "NotifyServer.php";
$this->dbSettings->notifyServer = new NotifyServer();
if (isset($_POST['notifyid']) && $this->dbSettings->notifyServer->initialize($this->authDbClass, $this->dbSettings, $_POST['notifyid'])) {
$this->logger->setDebugMessage("The NotifyServer was instanciated.", 2);
}
}
$this->dbSettings->setCurrentDataAccess($this->dbClass);
if (isset($context['extending-class'])) {
$className = $context['extending-class'];
$this->userExpanded = new $className();
if ($this->userExpanded === null) {
$this->logger->setErrorMessage("The class '{$className}' wasn't instanciated.");
} else {
$this->logger->setDebugMessage("The class '{$className}' was instanciated.", 2);
}
if (is_subclass_of($this->userExpanded, 'DB_UseSharedObjects')) {
$this->userExpanded->setUpSharedObjects($this);
}
}
$this->dbSettings->setPrimaryKeyOnly(isset($_POST['pkeyonly']));
$this->dbSettings->setCurrentUser(isset($_POST['authuser']) ? $_POST['authuser'] : null);
$this->dbSettings->setAuthentication(isset($options['authentication']) ? $options['authentication'] : null);
$this->dbSettings->setStart(isset($_POST['start']) ? $_POST['start'] : 0);
$this->dbSettings->setRecordCount(isset($_POST['records']) ? $_POST['records'] : 10000000);
for ($count = 0; $count < 10000; $count++) {
if (isset($_POST["condition{$count}field"])) {
$this->dbSettings->addExtraCriteria($_POST["condition{$count}field"], isset($_POST["condition{$count}operator"]) ? $_POST["condition{$count}operator"] : '=', isset($_POST["condition{$count}value"]) ? $_POST["condition{$count}value"] : null);
} else {
break;
}
}
for ($count = 0; $count < 10000; $count++) {
if (isset($_POST["sortkey{$count}field"])) {
$this->dbSettings->addExtraSortKey($_POST["sortkey{$count}field"], $_POST["sortkey{$count}direction"]);
} else {
break;
}
}
for ($count = 0; $count < 10000; $count++) {
if (!isset($_POST["foreign{$count}field"])) {
break;
}
$this->dbSettings->addForeignValue($_POST["foreign{$count}field"], $_POST["foreign{$count}value"]);
}
for ($i = 0; $i < 1000; $i++) {
if (!isset($_POST["field_{$i}"])) {
break;
}
$this->dbSettings->addTargetField($_POST["field_{$i}"]);
}
for ($i = 0; $i < 1000; $i++) {
if (!isset($_POST["value_{$i}"])) {
break;
}
$value = IMUtil::removeNull(filter_var($_POST["value_{$i}"]));
$this->dbSettings->addValue(get_magic_quotes_gpc() ? stripslashes($value) : $value);
}
if (isset($options['authentication']) && isset($options['authentication']['email-as-username'])) {
$this->dbSettings->setEmailAsAccount($options['authentication']['email-as-username']);
} else {
if (isset($emailAsAliasOfUserName) && $emailAsAliasOfUserName) {
$this->dbSettings->setEmailAsAccount($emailAsAliasOfUserName);
}
}
for ($i = 0; $i < 1000; $i++) {
if (!isset($_POST["assoc{$i}"])) {
break;
}
$this->dbSettings->addAssociated($_POST["assoc{$i}"], $_POST["asfield{$i}"], $_POST["asvalue{$i}"]);
}
if (isset($options['smtp'])) {
$this->dbSettings->setSmtpConfiguration($options['smtp']);
}
$this->paramAuthUser = isset($_POST['authuser']) ? $_POST['authuser'] : "";
$this->paramResponse = isset($_POST['response']) ? $_POST['response'] : "";
$this->paramCryptResponse = isset($_POST['cresponse']) ? $_POST['cresponse'] : "";
$this->clientId = isset($_POST['clientid']) ? $_POST['clientid'] : (isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : "Non-browser-client");
}
public function test_removeNull()
{
$str = IMUtil::removeNull("INTER-Mediator");
$this->assertEquals($str, "INTER-Mediator");
}
function processing($dbProxyInstance, $options, $file)
{
try {
// It the $file ('media'parameter) isn't specified, it doesn't respond an error.
if (strlen($file) === 0) {
$this->exitAsError(204);
}
// If the media parameter is an URL, the variable isURL will be set to true.
$schema = array("https:", "http:", "class:");
$isURL = false;
foreach ($schema as $scheme) {
if (strpos($file, $scheme) === 0) {
$isURL = true;
break;
}
}
list($file, $isURL) = $this->checkForFileMakerMedia($dbProxyInstance, $options, $file, $isURL);
/*
* If the FileMaker's object field is storing a PDF, the $file could be "http://server:16000/...
* style URL. In case of an image, $file is just the path info as like above.
*/
$util = new IMUtil();
$file = $util->removeNull($file);
if (strpos($file, '../') !== false) {
return;
}
$target = $isURL ? $file : "{$options['media-root-dir']}/{$file}";
if (isset($options['media-context'])) {
$this->checkAuthentication($dbProxyInstance, $options, $target);
}
$content = false;
$dq = '"';
if (!$isURL) {
// File path.
if (!empty($file) && !file_exists($target)) {
$this->exitAsError(500);
}
$content = file_get_contents($target);
$fileName = basename($file);
$qPos = strpos($fileName, "?");
if ($qPos !== false) {
$fileName = substr($fileName, 0, $qPos);
}
header("Content-Type: " . $this->getMimeType($fileName));
header("Content-Length: " . strlen($content));
header("Content-Disposition: {$this->disposition}; filename={$dq}" . urlencode($fileName) . $dq);
header('X-XSS-Protection: 1; mode=block');
header('X-Frame-Options: SAMEORIGIN');
$this->outputImage($content);
} else {
if (stripos($target, 'http://') === 0 || stripos($target, 'https://') === 0) {
// http or https
if (intval(get_cfg_var('allow_url_fopen')) === 1) {
$content = file_get_contents($target);
} else {
if (function_exists('curl_init')) {
$session = curl_init($target);
curl_setopt($session, CURLOPT_HEADER, false);
curl_setopt($session, CURLOPT_RETURNTRANSFER, true);
$content = curl_exec($session);
curl_close($session);
} else {
$this->exitAsError(500);
}
}
$fileName = basename($file);
$qPos = strpos($fileName, "?");
if ($qPos !== false) {
$fileName = str_replace("%20", " ", substr($fileName, 0, $qPos));
}
header("Content-Type: " . $this->getMimeType($fileName));
header("Content-Length: " . strlen($content));
header("Content-Disposition: {$this->disposition}; filename={$dq}" . str_replace("+", "%20", urlencode($fileName)) . $dq);
header('X-XSS-Protection: 1; mode=block');
header('X-Frame-Options: SAMEORIGIN');
$this->outputImage($content);
} else {
if (stripos($target, 'class://') === 0) {
// class
$noscheme = substr($target, 8);
$className = substr($noscheme, 0, strpos($noscheme, "/"));
$processingObject = new $className();
$processingObject->processing($this->contextRecord, $options);
}
}
}
} catch (Exception $ex) {
// do nothing
}
}
public function processing($datasource, $options, $dbspec, $debug)
{
$dbProxyInstance = new DB_Proxy();
$this->db = $dbProxyInstance;
$dbProxyInstance->initialize($datasource, $options, $dbspec, $debug, $_POST["_im_contextname"]);
$useContainer = FALSE;
$dbProxyContext = $dbProxyInstance->dbSettings->getDataSourceTargetArray();
if ($dbspec['db-class'] === 'FileMaker_FX' && isset($dbProxyContext['file-upload'])) {
foreach ($dbProxyContext['file-upload'] as $item) {
if (isset($item['container']) && (bool) $item['container'] === TRUE) {
$useContainer = TRUE;
}
}
}
$url = NULL;
if (isset($_POST['_im_redirect'])) {
$url = $this->getRedirectUrl($_POST['_im_redirect']);
if (is_null($url)) {
header("HTTP/1.1 500 Internal Server Error");
$dbProxyInstance->logger->setErrorMessage('Header may not contain more than a single header, new line detected.');
$dbProxyInstance->processingRequest($options, 'noop');
$dbProxyInstance->finishCommunication();
$dbProxyInstance->exportOutputDataAsJSON();
return;
}
}
if (!isset($options['media-root-dir']) && $useContainer === FALSE) {
if (!is_null($url)) {
header('Location: ' . $url);
} else {
$dbProxyInstance->logger->setErrorMessage("'media-root-dir' isn't specified");
$dbProxyInstance->processingRequest($options, "noop");
$dbProxyInstance->finishCommunication();
$dbProxyInstance->exportOutputDataAsJSON();
}
return;
}
if ($useContainer === FALSE) {
// requires media-root-dir specification.
$fileRoot = $options['media-root-dir'];
if (substr($fileRoot, strlen($fileRoot) - 1, 1) !== '/') {
$fileRoot .= '/';
}
}
if (count($_FILES) < 1) {
if (!is_null($url)) {
header('Location: ' . $url);
} else {
$dbProxyInstance->logger->setErrorMessage("No file wasn't uploaded.");
$dbProxyInstance->processingRequest($options, "noop");
$dbProxyInstance->finishCommunication();
$dbProxyInstance->exportOutputDataAsJSON();
}
return;
}
foreach ($_FILES as $fn => $fileInfo) {
}
$util = new IMUtil();
$filePathInfo = pathinfo($util->removeNull(basename($fileInfo['name'])));
if ($useContainer === FALSE) {
$fileRoot = $options['media-root-dir'];
if (substr($fileRoot, strlen($fileRoot) - 1, 1) != '/') {
$fileRoot .= '/';
}
$dirPath = str_replace('.', '_', urlencode($_POST["_im_contextname"])) . '/' . str_replace('.', '_', urlencode($_POST["_im_keyfield"])) . "=" . str_replace('.', '_', urlencode($_POST["_im_keyvalue"])) . '/' . str_replace('.', '_', urlencode($_POST["_im_field"]));
$rand4Digits = rand(1000, 9999);
$filePartialPath = $dirPath . '/' . $filePathInfo['filename'] . '_' . $rand4Digits . '.' . $filePathInfo['extension'];
$filePath = $fileRoot . $filePartialPath;
if (strpos($filePath, $fileRoot) !== 0) {
$dbProxyInstance->logger->setErrorMessage("Invalid Path Error.");
$dbProxyInstance->processingRequest($options, "noop");
$dbProxyInstance->finishCommunication();
$dbProxyInstance->exportOutputDataAsJSON();
return;
}
if (!file_exists($fileRoot . $dirPath)) {
$result = mkdir($fileRoot . $dirPath, 0744, true);
if (!$result) {
$dbProxyInstance->logger->setErrorMessage("Can't make directory. [{$dirPath}]");
$dbProxyInstance->processingRequest($options, "noop");
$dbProxyInstance->finishCommunication();
$dbProxyInstance->exportOutputDataAsJSON();
return;
}
}
}
if ($useContainer === TRUE) {
// for uploading to FileMaker's container field
$fileName = $filePathInfo['filename'] . '.' . $filePathInfo['extension'];
$tmpDir = ini_get('upload_tmp_dir');
if ($tmpDir === '') {
$tmpDir = sys_get_temp_dir();
}
if (mb_substr($tmpDir, 1) === DIRECTORY_SEPARATOR) {
$filePath = $tmpDir . $fileName;
} else {
$filePath = $tmpDir . DIRECTORY_SEPARATOR . $fileName;
}
}
$result = move_uploaded_file($util->removeNull($fileInfo['tmp_name']), $filePath);
if (!$result) {
if (!is_null($url)) {
header('Location: ' . $url);
} else {
$dbProxyInstance->logger->setErrorMessage("Fail to move the uploaded file in the media folder.");
$dbProxyInstance->processingRequest($options, "noop");
$dbProxyInstance->finishCommunication();
$dbProxyInstance->exportOutputDataAsJSON();
}
return;
}
$targetFieldName = $_POST["_im_field"];
if ($useContainer === FALSE) {
$dbProxyContext = $dbProxyInstance->dbSettings->getDataSourceTargetArray();
if (isset($dbProxyContext['file-upload'])) {
foreach ($dbProxyContext['file-upload'] as $item) {
if (isset($item['field']) && !isset($item['context'])) {
$targetFieldName = $item['field'];
}
}
}
}
$dbKeyValue = $_POST["_im_keyvalue"];
$dbProxyInstance = new DB_Proxy();
$dbProxyInstance->initialize($datasource, $options, $dbspec, $debug, $_POST["_im_contextname"]);
$dbProxyInstance->dbSettings->addExtraCriteria($_POST["_im_keyfield"], "=", $dbKeyValue);
$dbProxyInstance->dbSettings->setTargetFields(array($targetFieldName));
$fileContent = file_get_contents($filePath, false, null, 0, 30);
$headerTop = strpos($fileContent, "data:");
$endOfHeader = strpos($fileContent, ",");
if ($headerTop === 0 && $endOfHeader > 0) {
$tempFilePath = $filePath . ".temp";
rename($filePath, $tempFilePath);
$step = 1024;
if (strpos($fileContent, ";base64") !== false) {
$fw = fopen($filePath, "w");
$fp = fopen($tempFilePath, "r");
fread($fp, $endOfHeader + 1);
while ($str = fread($fp, $step)) {
fwrite($fw, base64_decode($str));
}
fclose($fp);
fclose($fw);
unlink($tempFilePath);
}
}
if ($useContainer === FALSE) {
$dbProxyInstance->dbSettings->setValue(array($filePath));
} else {
$dbProxyInstance->dbSettings->setValue(array($fileName . "\n" . base64_encode(file_get_contents($filePath))));
}
$dbProxyInstance->processingRequest($options, "update");
$relatedContext = null;
if ($useContainer === FALSE) {
if (isset($dbProxyContext['file-upload'])) {
foreach ($dbProxyContext['file-upload'] as $item) {
if ($item['field'] == $_POST["_im_field"]) {
$relatedContext = new DB_Proxy();
$relatedContext->initialize($datasource, $options, $dbspec, $debug, isset($item['context']) ? $item['context'] : null);
$relatedContextInfo = $relatedContext->dbSettings->getDataSourceTargetArray();
$fields = array();
$values = array();
if (isset($relatedContextInfo["query"])) {
foreach ($relatedContextInfo["query"] as $cItem) {
if ($cItem['operator'] == "=" || $cItem['operator'] == "eq") {
$fields[] = $cItem['field'];
$values[] = $cItem['value'];
}
}
}
if (isset($relatedContextInfo["relation"])) {
foreach ($relatedContextInfo["relation"] as $cItem) {
if ($cItem['operator'] == "=" || $cItem['operator'] == "eq") {
$fields[] = $cItem['foreign-key'];
$values[] = $dbKeyValue;
}
}
}
$fields[] = "path";
$values[] = $filePartialPath;
$relatedContext->dbSettings->setTargetFields($fields);
$relatedContext->dbSettings->setValue($values);
$relatedContext->processingRequest($options, "create", true);
// $relatedContext->finishCommunication(true);
// $relatedContext->exportOutputDataAsJSON();
}
}
}
}
if ($useContainer === FALSE) {
$dbProxyInstance->addOutputData('dbresult', $filePath);
} else {
$dbProxyInstance->addOutputData('dbresult', '/fmi/xml/cnt/' . $fileName . '?-db=' . urlencode($dbProxyInstance->dbSettings->getDbSpecDatabase()) . '&-lay=' . urlencode($datasource[0]['name']) . '&-recid=' . intval($_POST['_im_keyvalue']) . '&-field=' . urlencode($targetFieldName));
}
$dbProxyInstance->finishCommunication();
$dbProxyInstance->exportOutputDataAsJSON();
if (!is_null($url)) {
header('Location: ' . $url);
}
}
