function VerifyPageArguments($argspec, $required)
{
global $drewheader;
if ($drewheader) {
trigger_error("PAGEHEADER called before VerifyPageArguments " . "(called by RequiredPageArguments or OptionalPageArguments). " . "Won't be able to return proper HTTP status code on Error " . "in " . $_SERVER['SCRIPT_FILENAME'] . ",", E_USER_WARNING);
}
$result = array();
while ($argspec and count($argspec) > 1) {
$name = array_shift($argspec);
$type = array_shift($argspec);
$yep = 0;
unset($object);
switch ($type) {
case PAGEARG_EXPERIMENT:
if (isset($_REQUEST[URL_EXPERIMENT])) {
$idx = $_REQUEST[URL_EXPERIMENT];
$yep = 1;
if (ValidateArgument(PAGEARG_EXPERIMENT, $idx)) {
$object = Experiment::Lookup($idx);
}
} elseif (isset($_REQUEST[URL_EXPTIDX])) {
$idx = $_REQUEST[URL_EXPTIDX];
$yep = 1;
if (ValidateArgument(PAGEARG_EXPERIMENT, $idx)) {
$object = Experiment::Lookup($idx);
}
} elseif (isset($_REQUEST[URL_PID]) && isset($_REQUEST[URL_EID])) {
$pid = $_REQUEST[URL_PID];
$eid = $_REQUEST[URL_EID];
$yep = 1;
if (ValidateArgument(PAGEARG_PID, $pid) && ValidateArgument(PAGEARG_EID, $eid)) {
$object = Experiment::LookupByPidEid($pid, $eid);
}
}
break;
case PAGEARG_TEMPLATE:
if (isset($_REQUEST[URL_GUID]) && isset($_REQUEST[URL_VERS])) {
$guid = $_REQUEST[URL_GUID];
$vers = $_REQUEST[URL_VERS];
$yep = 1;
if (ValidateArgument(PAGEARG_GUID, $guid) && ValidateArgument(PAGEARG_VERS, $vers)) {
$object = Template::Lookup($guid, $vers);
}
} elseif (isset($_REQUEST[URL_TEMPLATE])) {
$guidvers = $_REQUEST[URL_TEMPLATE];
$yep = 1;
if (preg_match("/^([\\d]+)\\/([\\d]+)\$/", $guidvers, $matches)) {
$guid = $matches[1];
$vers = $matches[2];
$object = Template::Lookup($guid, $vers);
} else {
PAGEARGERROR("Invalid argument for '{$type}': {$guidvers}");
}
}
break;
case PAGEARG_INSTANCE:
if (isset($_REQUEST[URL_INSTANCE])) {
$idx = $_REQUEST[URL_INSTANCE];
$yep = 1;
if (ValidateArgument(PAGEARG_INSTANCE, $idx)) {
$object = TemplateInstance::LookupByExptidx($idx);
}
}
break;
case PAGEARG_METADATA:
if (isset($_REQUEST[URL_METADATA])) {
$guidvers = $_REQUEST[URL_METADATA];
$yep = 1;
if (preg_match("/^([\\d]+)\\/([\\d]+)\$/", $guidvers, $matches)) {
$guid = $matches[1];
$vers = $matches[2];
$object = TemplateMetadata::Lookup($guid, $vers);
} else {
PAGEARGERROR("Invalid argument for '{$type}': {$guidvers}");
}
}
break;
case PAGEARG_PROJECT:
if (isset($_REQUEST[URL_PROJECT])) {
$idx = $_REQUEST[URL_PROJECT];
$yep = 1;
if (ValidateArgument(PAGEARG_PROJECT, $idx)) {
$object = Project::Lookup($idx);
}
} elseif (isset($_REQUEST[URL_PID])) {
$pid = $_REQUEST[URL_PID];
$yep = 1;
if (ValidateArgument(PAGEARG_PID, $pid)) {
$object = Project::Lookup($pid);
}
}
break;
case PAGEARG_GROUP:
if (isset($_REQUEST[URL_GROUP])) {
$idx = $_REQUEST[URL_GROUP];
$yep = 1;
if (ValidateArgument(PAGEARG_GROUP, $idx)) {
$object = Group::Lookup($idx);
}
} elseif (isset($_REQUEST[URL_PID]) && isset($_REQUEST[URL_GID])) {
$pid = $_REQUEST[URL_PID];
$gid = $_REQUEST[URL_GID];
$yep = 1;
if (ValidateArgument(PAGEARG_PID, $pid) && ValidateArgument(PAGEARG_GID, $gid)) {
$object = Group::LookupByPidGid($pid, $gid);
}
}
break;
case PAGEARG_NODE:
if (isset($_REQUEST[URL_NODE])) {
$idx = $_REQUEST[URL_NODE];
$yep = 1;
if (ValidateArgument(PAGEARG_NODE, $idx)) {
$object = Node::Lookup($idx);
}
} elseif (isset($_REQUEST[URL_NODEID])) {
$nodeid = $_REQUEST[URL_NODEID];
$yep = 1;
if (ValidateArgument(PAGEARG_NODEID, $nodeid)) {
$object = Node::Lookup($nodeid);
}
} elseif (isset($_REQUEST[URL_NODEID_ALT])) {
$nodeid = $_REQUEST[URL_NODEID_ALT];
$yep = 1;
if (ValidateArgument(PAGEARG_NODEID, $nodeid)) {
$object = Node::Lookup($nodeid);
}
}
break;
case PAGEARG_USER:
if (isset($_REQUEST[URL_USER])) {
$idx = $_REQUEST[URL_USER];
$yep = 1;
if (ValidateArgument(PAGEARG_USER, $idx)) {
$object = User::Lookup($idx);
}
} elseif (isset($_REQUEST[URL_UID])) {
$uid = $_REQUEST[URL_UID];
$yep = 1;
if (ValidateArgument(PAGEARG_UID, $uid)) {
$object = User::Lookup($uid);
}
}
break;
case PAGEARG_IMAGE:
if (isset($_REQUEST[URL_IMAGEID])) {
$imageid = $_REQUEST[URL_IMAGEID];
$yep = 1;
if (ValidateArgument(PAGEARG_IMAGE, $imageid)) {
$object = Image::Lookup($imageid);
}
} elseif (isset($_REQUEST[$name]) && $_REQUEST[$name] != "") {
$imageid = $_REQUEST[$name];
$yep = 1;
if (ValidateArgument(PAGEARG_IMAGE, $imageid)) {
$object = Image::Lookup($imageid);
}
}
break;
case PAGEARG_OSINFO:
if (isset($_REQUEST[URL_OSID])) {
$osid = $_REQUEST[URL_OSID];
$yep = 1;
if (ValidateArgument(PAGEARG_OSINFO, $osid)) {
$object = OSinfo::Lookup($osid);
}
}
break;
case PAGEARG_BOOLEAN:
if (isset($_REQUEST[$name]) && $_REQUEST[$name] != "") {
$object = $_REQUEST[$name];
$yep = 1;
if (strcasecmp("{$object}", "yes") == 0 || strcasecmp("{$object}", "1") == 0 || strcasecmp("{$object}", "true") == 0 || strcasecmp("{$object}", "on") == 0) {
$object = True;
} elseif (strcasecmp("{$object}", "no") == 0 || strcasecmp("{$object}", "0") == 0 || strcasecmp("{$object}", "false") == 0 || strcasecmp("{$object}", "off") == 0) {
$object = False;
}
}
break;
case PAGEARG_INTEGER:
case PAGEARG_NUMERIC:
case PAGEARG_ARRAY:
if (isset($_REQUEST[$name]) && $_REQUEST[$name] != "") {
$object = $_REQUEST[$name];
$yep = 1;
if (!ValidateArgument($type, $object)) {
unset($object);
}
}
break;
case PAGEARG_ANYTHING:
if (isset($_REQUEST[$name])) {
$object = $_REQUEST[$name];
$yep = 1;
# Anything allowed, caller BETTER check it.
}
break;
case PAGEARG_ALPHALIST:
if (isset($_REQUEST[$name])) {
$object = $_REQUEST[$name];
if (!preg_match("/^[\\d\\w\\-\\ \\,]+\$/", $object)) {
unset($object);
} else {
$object = preg_split("/[\\,\\;]+\\s*/", $_REQUEST[$name]);
}
}
break;
case PAGEARG_STRING:
default:
if (isset($_REQUEST[$name])) {
$object = $_REQUEST[$name];
$yep = 1;
# Pages never get arguments with special chars. Check.
if (preg_match("/[\\'\"]/", $object)) {
$object = htmlspecialchars($object);
PAGEARGERROR("Invalid characters in '{$name}': {$object}");
}
}
break;
case PAGEARG_PASSWORD:
default:
if (isset($_REQUEST[$name])) {
$object = $_REQUEST[$name];
$yep = 1;
# Only printable chars.
if (!preg_match("/^[ -~]+\$/", $object)) {
PAGEARGERROR("Invalid characters in '{$name}'");
}
}
break;
case PAGEARG_LOGFILE:
if (isset($_REQUEST[URL_LOGFILE])) {
$logid = $_REQUEST[URL_LOGFILE];
$yep = 1;
if (ValidateArgument(PAGEARG_LOGFILE, $logid)) {
$object = Logfile::Lookup($logid);
}
}
break;
}
if (isset($object)) {
$result[$name] = $object;
$GLOBALS[$name] = $object;
} elseif ($yep) {
#
# Value supplied but could not be mapped to object.
# Lets make that clear in the error message.
#
USERERROR("Could not map page arguments to '{$name}'", 1);
} elseif ($required) {
PAGEARGERROR("Must provide '{$name}' page argument");
} else {
unset($GLOBALS[$name]);
}
}
return $result;
}
function TemplateLookupByName($template, $name)
{
$metadata_name = addslashes($name);
$template_guid = $template->guid();
$template_vers = $template->vers();
$query_result = DBQueryFatal("select i.guid,i.vers " . " from experiment_template_metadata as m " . "left join experiment_template_metadata_items as i on " . " i.guid=m.metadata_guid and i.vers=m.metadata_vers " . "where m.parent_guid='{$template_guid}' and " . " m.parent_vers='{$template_vers}' and " . " i.name='{$metadata_name}'");
if (!mysql_num_rows($query_result)) {
return null;
}
$row = mysql_fetch_array($query_result);
$metadata_guid = $row['guid'];
$metadata_vers = $row['vers'];
$foo = new TemplateMetadata($metadata_guid, $metadata_vers);
if (!$foo->IsValid()) {
return null;
}
$foo->template = $template;
return $foo;
}
