//Parte per calcolare i tempi di esecuzione
$mtime = microtime();
$mtime = explode(" ", $mtime);
$mtime = $mtime[1] + $mtime[0];
$endtime = $mtime;
$totaltime = number_format($endtime - $starttime, 15);
$STAT_QUERY = "INSERT INTO STATS (REPOSITORY,DATA,EXECUTION_TIME,OPERATION) VALUES ('" . $_SERVER['REMOTE_ADDR'] . "',CURRENT_TIMESTAMP,'{$totaltime}','STOREDQUERY-B')";
$ris = query_exec2($STAT_QUERY, $connessione);
writeSQLQueryService($ris . ": " . $STAT_QUERY);
}
######################################################################
#### METTO L'ebXML SU STRINGA
$ebXML_Response_SOAPED_string = makeSoapedSuccessStoredQueryResponse($Action, $MessageID, $ebXML_Response_string);
### SCRIVO LA RISPOSTA IN UN FILE
$file_input = $idfile . "-ebxmlResponseSOAP.xml";
writeTmpQueryFiles($ebXML_Response_SOAPED_string, $file_input, true);
writeTimeFile($idfile . "--StoredQuery: Creo file ebxmlResponseSOAP");
SendResponseFile($tmpQueryService_path . $file_input);
//SendResponse($ebXML_Response_SOAPED_string,"application/soap+xml",(string)filesize($tmpQueryService_path.$idfile."-ebxmlResponseSOAP.xml"));
// Clean tmp folder
$system = PHP_OS;
$windows = substr_count(strtoupper($system), "WIN");
if ($clean_cache == "O") {
if ($windows > 0) {
exec('del tmpQueryService\\' . $idfile . "* /q");
} else {
exec('rm -Rf ' . $tmpQueryService_path . $idfile . "*");
}
}
unset($_SESSION['tmp_path']);
unset($_SESSION['idfile']);
function controllaQuery($SQLQuery)
{
$errorcode = array();
$error_message = array();
$isQueryAllowed = true;
###DEFAULT
$queryError = "";
$pos_1 = strpos(strtoupper($SQLQuery), "SELECT");
$pos_2 = strpos(strtoupper($SQLQuery), "*");
//$pos_3=strpos(strtoupper($SQLQuery),"%");
//$pos_4=strpos(strtoupper($SQLQuery),"LIKE");
## Notate l'uso di ===
### Il == non avrebbe risposto come atteso
##### ACCETTO SOLO QUERY DEL TIPO: SELECT eo.id FROM....
if (!($pos_1 === 0) || $pos_2) {
$isQueryAllowed = false;
$errorcode[] = "XDSSqlError";
$error_message[] = "[ERROR: NOT PROPER QUERY] - YOU ARE NOT ALLOWED TO PERFORM THIS KIND OF QUERY TO THIS REGISTRY[ " . avoidHtmlEntitiesInterpretation($SQLQuery) . " ]";
$query_not_allowed_response = makeSoapedFailureResponse($error_message, $errorcode);
writeTimeFile($_SESSION['idfile'] . "--StoredQuery: Query NOT allowed");
$file_input = $_SESSION['idfile'] . "-query_not_allowed.xml";
writeTmpQueryFiles($query_not_allowed_response, $file_input, true);
SendResponseFile($_SESSION['tmpQueryService_path'] . $file_input);
//SendResponse($query_not_allowed_response);
exit;
} else {
writeTimeFile($_SESSION['idfile'] . "--StoredQuery: Query allowed");
}
$ret = array($isQueryAllowed, $queryError);
return $ret;
}
//Parte per calcolare i tempi di esecuzione
$mtime = microtime();
$mtime = explode(" ", $mtime);
$mtime = $mtime[1] + $mtime[0];
$endtime = $mtime;
$totaltime = number_format($endtime - $starttime, 15);
$STAT_QUERY = "INSERT INTO STATS (REPOSITORY,DATA,EXECUTION_TIME,OPERATION) VALUES ('" . $_SERVER['REMOTE_ADDR'] . "',CURRENT_TIMESTAMP,'{$totaltime}','QUERY-A')";
$ris = query_exec2($STAT_QUERY, $connessione);
writeSQLQueryService($ris . ": " . $STAT_QUERY);
}
##### IMBUSTO PER LA SPEDIZIONE
$ebXML_Response_SOAPED_string = makeSoapedSuccessQueryResponse($ebXML_Response_string);
#####################################################################
#################### RISPONDO ALLA QUERY ############################
###### SCRIVO L'ebXML IMBUSTATO SOAP
writeTmpQueryFiles($ebXML_Response_SOAPED_string, $idfile . "-ebxmlResponseSOAP.xml");
############## PULISCO IL BUFFER DI USCITA
ob_get_clean();
### OKKIO FONDAMENTALE!!!!!
################QUI CI VA IL RESPONSE
#### HEADERS
header("HTTP/1.1 200 OK");
$path_header = "Path: {$www_REG_path}";
if ($http == "TLS") {
##### NEL CASO TLS AGGIUNGO LA DICITURA SECURE
$path_header = $path_header . "; Secure";
}
header($path_header);
header("Content-Type: text/xml;charset=UTF-8");
header("Content-Length: " . (string) filesize($tmpQueryService_path . $idfile . "-ebxmlResponseSOAP.xml"));
##### FILE BODY
function writeTmpQueryFiles($log_text, $file_name, $mandatory = false)
{
//$mandatory indica se il file deve essere salvato.
### PATH COMPLETO AL FILE
if (!isset($_SESSION['tmpQueryService_path'])) {
$pathToFile = "./tmpQueryService/" . $file_name;
} else {
$pathToFile = $_SESSION['tmpQueryService_path'] . $file_name;
}
$writef = false;
$nfile = 0;
//Se il file è obbligatorio devo accertarmi che venga salvato
if ($mandatory) {
while (!$writef && $nfile < 10) {
### APERTURA DEL FILE IN FORMA TAIL ED IN SOLA SCRITTURA
$handler_log = fopen($pathToFile, "wb+");
if ($handler_log) {
## CASO DI DATO TIPO ARRAY
if (is_array($log_text)) {
$txt = "";
### IMPOSTA L'ARRAY NELLA FORMA [etichetta] = valore
foreach ($log_text as $element => $value) {
$txt = $txt . "{$element} = {$value}\n";
}
//END OF foreach
$log_text = $txt;
}
//END OF if(is_array($log_text))
if (fwrite($handler_log, $log_text) === FALSE) {
sleep(1);
$nfile++;
} else {
// Caso OK Riesce a aprire e scrivere il file correttamente
$writef = true;
}
} else {
sleep(1);
$nfile++;
}
}
//Fine while
#### CHIUDO L'HANDLER
fclose($handler_log);
if (!$writef) {
$errorcode[] = "XDSRegistryError";
$error_message[] = "Registry can't create tmp file. ";
$tmp_response = makeSoapedFailureResponse($error_message, $errorcode);
writeTimeFile($_SESSION['idfile'] . "--Registry: Tmp File error");
$file_input = $idfile . "-tmp_failure_response-" . $idfile;
writeTmpQueryFiles($tmp_response, $file_input);
SendResponse($tmp_response);
exit;
}
} else {
$handler_log = fopen($pathToFile, "wb+");
## CASO DI DATO TIPO ARRAY
if (is_array($log_text)) {
$txt = "";
### IMPOSTA L'ARRAY NELLA FORMA [etichetta] = valore
foreach ($log_text as $element => $value) {
$txt = $txt . "{$element} = {$value}\n";
}
//END OF foreach
$log_text = $txt;
}
//END OF if(is_array($log_text))
fwrite($handler_log, $log_text);
fclose($handler_log);
}
#### RITORNO IL PATH AL FILE SCRITTO
return $pathToFile;
}
writeTimeFile($idfile . "--Repository Retrieve: Ho recuperato soapenv");
$dom = new DomDocument();
$dom->preserveWhiteSpace = FALSE;
$dom->loadXML($body);
$Action_node = $dom->getElementsByTagName('Action');
$Action = $Action_node->item(0)->nodeValue;
writeTimeFile($idfile . "--Repository Retrieve: Action: " . $Action);
$MessageID_node = $dom->getElementsByTagName('MessageID');
$MessageID = $MessageID_node->item(0)->nodeValue;
writeTimeFile($idfile . "--Repository Retrieve: MessageID: " . $MessageID);
if ($Action == "") {
$failure_response = array("You must set the Action of the Request");
$error_code = array("XDSRepositoryActionError");
$SOAPED_failure_response = makeSoapedFailureResponse($failure_response, $error_code, $Action, $MessageID);
$file_input = $idfile . "-SOAPED_Action_failure.xml";
writeTmpQueryFiles($SOAPED_failure_response, $file_input, true);
SendResponseFile($_SESSION['tmpQueryService_path'] . $file_input);
exit;
} elseif ($Action != "urn:ihe:iti:2007:RetrieveDocumentSet") {
$failure_response = array("This is a Retrieve Document Set transaction and you don't use the Action urn:ihe:iti:2007:RetrieveDocumentSet");
$error_code = array("XDSRepositoryActionError");
$SOAPED_failure_response = makeSoapedFailureResponse($failure_response, $error_code, $Action, $MessageID);
$file_input = $idfile . "-SOAPED_Action_failure.xml";
writeTmpFiles($SOAPED_failure_response, $file_input, true);
SendResponseFile($_SESSION['tmp_path'] . $file_input);
exit;
}
$DocumentRequests = $dom->getElementsByTagName('DocumentRequest');
$DocumentRequests_array = array();
$file = array();
$documento_encoded64 = array();
