function wms_proxy($contexteId)
{
global $app;
$httprequest = new Phalcon\Http\Request();
$httprequest->setDI($app->getDI());
//Possible sanitize filters: string, email, int, float, alphanum, striptags, trim, lower, upper
$filter = new \Phalcon\Filter();
if ($httprequest->isGet() || $httprequest->isPost()) {
$datain = $httprequest->get();
$data = array();
foreach ($datain as $key => $value) {
$data[strtoupper($key)] = $value;
}
$service = $filter->sanitize($data["SERVICE"], array("string", "upper"));
$request = $filter->sanitize($data["REQUEST"], array("string", "upper"));
} else {
// TODO : Gérer l'erreur, on ne peut appeler un service wms en put ou en delete.
error_log("not a get or a post?");
return;
}
error_log("service: {$service}, request: {$request}");
if ($service === "WMS") {
$config = $app->getDI()->get("config");
$mapserver = $config['mapserver']['host'] . $config['mapserver']['mapserver_path'] . $config['mapserver']['executable'];
$contexte = IgoContexte::findFirst("id='{$contexteId}'");
$map = $config['mapserver']['mapfileCacheDir'] . $config['mapserver']['contextesCacheDir'] . $contexte->code . ".map";
$method = $httprequest->getMethod();
$data = $httprequest->get();
$data["MAP"] = $map;
$response = null;
switch ($request) {
case "GETCAPABILITIES":
$response = proxy_request($mapserver, $data, $method);
// Devrait-on enlever les couches non permises en lecture de la réponse.? C'est probablement trop complexe...
break;
case "GETMAP":
case "GETFEATUREINFO":
case "DESCRIBELAYER":
case "GETLEGENDGRAPHIC":
$authentificationModule = obtenirAuthentificationModule();
if ($authentificationModule === null) {
$response = proxy_request($mapserver, $data, $method);
} else {
if (isset($data["LAYERS"])) {
$couches = explode(",", $data["LAYERS"]);
} else {
$couches = explode(",", $data["LAYER"]);
}
foreach ($couches as $couche) {
$igoVueContexteCoucheNavigateur = IgoVueContexteCoucheNavigateur::findFirst("mf_layer_name='{$couche}'");
$coucheContexte = array($igoVueContexteCoucheNavigateur);
if ($igoVueContexteCoucheNavigateur === false) {
$coucheContexte = IgoVueContexteCoucheNavigateur::find("mf_layer_group='{$couche}' and contexte_id='{$contexteId}'");
}
if (count($coucheContexte) === 0) {
// L'utilisateur essaie d'appeler la couche root du mapfile qui consiste à toutes les couches.
// Nous interdissons ce type d'appels pour le moment.
die("Forbidden");
}
$estPermis = false;
foreach ($coucheContexte as $igoVueContexteCoucheNavigateur) {
$permission = obtenirPermission($igoVueContexteCoucheNavigateur->couche_id);
if ($permission !== null && $permission->est_lecture) {
$estPermis = true;
break;
}
}
if (!$estPermis) {
die("Forbidden");
}
}
$response = proxy_request($mapserver, $data, $method);
}
break;
default:
break;
}
$headerArray = explode("\r\n", $response["header"]);
foreach ($headerArray as $headerLine) {
header($headerLine);
}
echo $response["content"];
} else {
die("Seul les services WMS sont pris en charge par ce proxy.");
}
}
} else {
$ip = $_SERVER['REMOTE_ADDR'];
//echo "REMOTE_ADDR: ".$ip;
}
$req_parts = parse_url($_SERVER['HTTP_REFERER']);
// IF domain name matches the authorized domain, proceed with request.
if ($RequestDomain == '' || $req_parts["host"] == $RequestDomain) {
$method = $_SERVER['REQUEST_METHOD'];
if ($method == "GET") {
$data = $_GET;
} elseif ($method == "POST" && count($_POST) > 0) {
$data = $_POST;
} else {
$data = $HTTP_RAW_POST_DATA;
}
$response = proxy_request($destinationURL, $method == "GET" ? $_GET : $_POST, $method);
$headerArray = explode("\r\n", $response['header']);
$is_gzip = false;
$is_chunked = false;
foreach ($headerArray as $headerLine) {
// Toggle gzip decompression when appropriate.
if ($headerLine == "Content-Encoding: gzip") {
global $is_gzip;
$is_gzip = true;
// Toggle chunk merging when appropriate
} elseif ($headerLine == "Transfer-Encoding: chunked") {
global $is_chunked;
$is_chunked = true;
} else {
// todo: Find out why this doesn't work (removes all contents!)
// header($headerLine, FALSE);
