/**
* If access to the WFS conf is restricted, modify the filter.
* TODO: this function is also in mod_wfs_result!! Maybe merge someday.
*/
function checkAccessConstraint($filter, $wfs_conf_id)
{
/* wfs_conf_element */
$sql = "SELECT * FROM wfs_conf_element ";
$sql .= "JOIN wfs_element ON wfs_conf_element.f_id = wfs_element.element_id ";
$sql .= "WHERE wfs_conf_element.fkey_wfs_conf_id = \$1 ";
$sql .= "ORDER BY wfs_conf_element.f_respos";
$v = array($wfs_conf_id);
$t = array('i');
$res = db_prep_query($sql, $v, $t);
while ($row = db_fetch_array($res)) {
if (!empty($row["f_auth_varname"])) {
$auth_varname = $row["f_auth_varname"];
$element_name = $row["element_name"];
}
}
if (!empty($auth_varname)) {
if (isValidVarName($auth_varname)) {
$user = eval("return " . $auth_varname . ";");
if ($user) {
$pattern = "(<ogc:Filter[^>]*>)(.*)(</ogc:Filter>)";
$replacement = "\\1<And>\\2<ogc:PropertyIsEqualTo><ogc:PropertyName>" . $element_name . "</ogc:PropertyName><ogc:Literal>" . $user . "</ogc:Literal></ogc:PropertyIsEqualTo></And>\\3";
$filter = mb_eregi_replace($pattern, $replacement, $filter);
} else {
$e = new mb_exception("mod_wfsGazetteerEditor_server: checkAccessConstraint: invalid value of variable containing user information!");
}
} else {
$e = new mb_exception("mod_wfsGazetteerEditor_server: checkAccessConstraint: var name is not valid! (" . $auth_varname . ")");
}
}
return $filter;
}
/**
* If access to the WFS conf is restricted, modify the filter.
* TODO: this function is also in mod_wfs_result!! Maybe merge someday.
*/
function checkAccessConstraint($filter, $wfs_conf_id)
{
/* wfs_conf_element */
$sql = "SELECT f.featuretype_name AS name FROM " . "wfs_featuretype AS f, wfs_conf AS c " . "WHERE c.wfs_conf_id = \$1 AND " . "c.fkey_featuretype_id = f.featuretype_id";
$v = array($wfs_conf_id);
$t = array('i');
$res = db_prep_query($sql, $v, $t);
$row = db_fetch_array($res);
if ($row) {
$ns = substr($row["name"], 0, strpos($row["name"], ":")) . ":";
} else {
$ns = "";
}
unset($sql);
unset($v);
unset($t);
unset($res);
$sql = "SELECT * FROM wfs_conf_element ";
$sql .= "JOIN wfs_element ON wfs_conf_element.f_id = wfs_element.element_id ";
$sql .= "WHERE wfs_conf_element.fkey_wfs_conf_id = \$1 ";
$sql .= "ORDER BY wfs_conf_element.f_respos";
$v = array($wfs_conf_id);
$t = array('i');
$res = db_prep_query($sql, $v, $t);
while ($row = db_fetch_array($res)) {
if (!empty($row["f_auth_varname"])) {
$auth_varname = $row["f_auth_varname"];
$element_name = $row["element_name"];
}
}
$e = new mb_exception($auth_varname . " " . $element_name);
if (!empty($auth_varname)) {
if (isValidVarName($auth_varname)) {
$user = eval("return " . $auth_varname . ";");
$pattern = "(<ogc:Filter[^>]*>)(.*)(</ogc:Filter>)";
$replacement = "\\1<And>\\2<ogc:PropertyIsEqualTo><ogc:PropertyName>" . $ns . $element_name . "</ogc:PropertyName><ogc:Literal>" . $user . "</ogc:Literal></ogc:PropertyIsEqualTo></And>\\3";
$filter = eregi_replace($pattern, $replacement, $filter);
}
}
return $filter;
}
