use GisApp\Helpers; require_once "admin/class.Helpers.php"; require_once "admin/settings.php"; $server_os = php_uname('s'); $def_lang = strtolower(filter_input(INPUT_GET, 'lang', FILTER_SANITIZE_STRING)); session_start(); if ($def_lang > '') { $lang_fn = filter_input(INPUT_SERVER, 'DOCUMENT_ROOT', FILTER_SANITIZE_STRING) . GISAPPURL . 'admin/languages/' . $def_lang . '.js'; if (!file_exists($lang_fn)) { $def_lang = 'en'; } } else { $def_lang = "en"; } $_SESSION['lang'] = $def_lang; if (Helpers::isValidUserProj(Helpers::getMapFromUrl())) { //Setting some global variables $user = "" . $_SESSION['user_name']; $project = "" . $_SESSION['project']; $crs = "" . $_SESSION["crs"]; $data = json_decode($_SESSION['data']); $settings = json_decode($_SESSION['settings']); $gis_projects = json_decode($_SESSION['gis_projects']); if (!property_exists($settings, "search")) { $settings->search = null; } if (!property_exists($settings, "layerSpecifics")) { $settings->layerSpecifics = null; } if (!property_exists($settings, "geoNames")) { $settings->geoNames = null;
//separator for key generating switch ($query_arr["REQUEST"]) { case "GetProjectSettings": $cacheKey = $map . $sep . "XML" . $sep . $query_arr["REQUEST"]; $contentType = "text/xml"; break; case "GetLegendGraphics": $cacheKey = $map . $sep . "PNG" . $sep . $query_arr["REQUEST"] . $sep . Helpers::normalize($query_arr['LAYERS']); $contentType = "image/png"; break; case "GetFeatureInfo": //only caching large responses (whole tables) $count = $query_arr['FEATURE_COUNT']; if (is_numeric($count)) { if (intval($count) > 100) { $cacheKey = $map . $sep . "XML" . $sep . $query_arr["REQUEST"] . $sep . Helpers::normalize($query_arr['FILTER']); } } break; } if ($cacheKey != null) { $content = $cache->get($cacheKey); if ($content == null) { $response = $client->send($new_request, ['query' => $query_arr]); $contentType = $response->getHeaderLine('Content-Type'); $contentLength = $response->getHeaderLine('Content-Length'); $content = $response->getBody()->__toString(); if ($response->getStatusCode() == 200) { $cache->set($cacheKey, $content); } else { throw new Exception\ClientException($content, $new_request);
/** * @param $layername * @param $map * @param $query_arr * @param $format * @return array * @throws Exception */ function prepareFile($layername, $map, $query_arr, $format) { $now = date("Ymd_His"); $layerAlias = Helpers::normalize($layername); $fileName = TEMP_PATH . $layerAlias . '_' . $now; $fileExt = "zip"; $makeZip = true; //$fsize = -1; // Get project $project = Helpers::getQgsProject(PROJECT_PATH . $map . '.qgs'); if (!$project["status"]) { throw new Exception($project["message"]); } // Get layer $layer = Helpers::getLayer($layername, $project["message"]); if (!$layer["status"]) { throw new Exception($layer["message"]); } // Get layer info $lay_info = Helpers::getLayerInfo($layer["message"]); if (!$lay_info["status"]) { throw new Exception($lay_info["message"]); } //other option to get it from layer_info $conn = str_replace(array('\'', '"'), '', $layer["message"]->datasource); //removing text sslmode and all after that $conn = "PG:" . rtrim(substr($conn, 0, strpos($conn, 'sslmode'))); $table = $lay_info["message"]['table']; $geom = $lay_info["message"]['geom_column']; $source_srid = (string) $layer["message"]->srs->spatialrefsys->srid; $extent = explode(",", $query_arr['map0_extent']); $xmin = $extent[0]; $ymin = $extent[1]; $xmax = $extent[2]; $ymax = $extent[3]; $srid = substr(strrchr($query_arr['SRS'], ':'), 1); $options = ""; switch ($format) { case 'SHP': $format_name = 'ESRI Shapefile'; $options = "-lco ENCODING=UTF-8"; break; case 'DXF': $format_name = $format; //$options = '-select field_list=""'; break; case 'CSV': $format_name = $format; $options = "-lco SEPARATOR=SEMICOLON"; $makeZip = false; $fileExt = 'csv'; break; default: throw new Exception('Format not supported'); } //putenv('CPL_LOG_ERRORS=ON'); //putenv('CPL_LOG=/var/tmp/ogr_errors.log'); //I removed _a_srs parameter, something not right in QGIS ' -a_srs EPSG:'.$srid. $mycmd = OGR2OGR . ' -f "' . $format_name . '" "' . $fileName . '.' . strtolower($format) . '" ' . $options . ' "' . $conn . '" -sql "SELECT * FROM ' . $table . ' WHERE ' . $geom . ' && ST_Transform(ST_MakeEnvelope(' . $xmin . ', ' . $ymin . ', ' . $xmax . ', ' . $ymax . ', ' . $srid . '),' . $source_srid . ')" -progress'; //$mycmd = OGR2OGR . ' -s_srs EPSG:3857 -t_srs EPSG:2170 -f "'.$format_name.'" "'.$fileName .'.'.strtolower($format).'" ' . $options . ' "'.$conn.'" -sql "SELECT * FROM '.$table.' WHERE '.$geom.' && ST_MakeEnvelope(' .$xmin .', ' .$ymin .', ' .$xmax .', ' .$ymax .', ' .$srid .')" -progress'; $output = shell_exec($mycmd); $fullFileNameZip = $fileName . "." . $fileExt; if ($makeZip) { $zip = new ZipArchive(); if ($zip->open($fullFileNameZip, ZipArchive::CREATE) !== TRUE) { throw new Exception("Cannot write " . $fullFileNameZip); } //$zip->addFile("./" .$filename ,$now ."/" .$filename); $zip->addFile($fileName . '.' . strtolower($format), basename($fileName . '.' . strtolower($format))); if ($format == 'SHP') { $zip->addFile($fileName . '.shx', basename($fileName . '.shx')); $zip->addFile($fileName . '.dbf', basename($fileName . '.dbf')); $zip->addFile($fileName . '.prj', basename($fileName . '.prj')); $zip->addFile($fileName . '.cpg', basename($fileName . '.cpg')); } $zip->close(); //removing shp if ($format == 'SHP') { unlink($fileName . '.dbf'); unlink($fileName . '.shx'); //unlink($fileName.'.prj'); unlink($fileName . '.cpg'); } if (file_exists($fileName . '.' . strtolower($format))) { unlink($fileName . '.' . strtolower($format)); } //$fsize = filesize('./' .$filename_zip); //$fsize = filesize($fullFileNameZip); } else { //for formats that are not zipped (CSV...) //$fsize = filesize($fileName . '.' . strtolower($format)); } return base64_encode($fullFileNameZip); }
/** * Checks if user exits, if so: check if provided password matches the one in the database * @return bool User login success status */ private function checkPasswordCorrectnessAndLogin() { $user = filter_input(INPUT_POST, 'user_name', FILTER_SANITIZE_STRING); $project = filter_input(INPUT_POST, 'project', FILTER_SANITIZE_STRING); $email = ""; $pass = false; $gisApp = new DbLoader($user, $project, $this->db_connection); //check if we have guest user if (strtolower($user == 'guest')) { //no user and password verify $pass = true; } else { $sql = 'SELECT user_name, user_email, user_password_hash FROM users WHERE user_name = :user_name LIMIT 1'; $query = $this->db_connection->prepare($sql); $query->bindValue(':user_name', $user); $query->execute(); // Btw that's the weird way to get num_rows in PDO with SQLite: // if (count($query->fetchAll(PDO::FETCH_NUM)) == 1) { // Holy! But that's how it is. $result->numRows() works with SQLite pure, but not with SQLite PDO. // This is so crappy, but that's how PDO works. // As there is no numRows() in SQLite/PDO (!!) we have to do it this way: // If you meet the inventor of PDO, punch him. Seriously. $result_row = $query->fetchObject(); if ($result_row) { // using PHP 5.5's password_verify() function to check password $pass = password_verify($_POST['user_password'], $result_row->user_password_hash); $email = $result_row->user_email; } else { $this->feedback = 'TR.noUser'; return false; } } if ($pass) { //aditional check if project and user exists and user has permission to use project $check = $gisApp->checkUserProject(); if ($check == 'OK') { //get additional project info $project_data = $gisApp->getProjectDataFromDB(); //get all GIS projects for user for themeswitcher $gis_projects = $gisApp->getGisProjectsFromDB(); //get QGIS project CRS $project_qgs = Helpers::getQgsProject(PROJECT_PATH . $project . '.qgs'); if (!$project_qgs["status"]) { $crs = "EPSG:3857"; } else { $crs = (string) $project_qgs["message"]->properties->SpatialRefSys->ProjectCrs; } //search configs $project_settings = $gisApp->getProjectConfigs(); if ($project_settings !== false) { // write user data into PHP SESSION $_SESSION['user_name'] = $user; $_SESSION['user_email'] = $email; $_SESSION['user_is_logged_in'] = true; $_SESSION['project'] = $project; $_SESSION['data'] = $project_data; $_SESSION['settings'] = $project_settings; $_SESSION['gis_projects'] = $gis_projects; $_SESSION['crs'] = $crs; $this->user_is_logged_in = true; //update lastlogin and count $sql = "UPDATE users SET last_login=now(),count_login = count_login + 1 WHERE user_name = :user_name"; $query = $this->db_connection->prepare($sql); $query->bindValue(':user_name', $user); $query->execute(); return true; } else { return false; } } else { $this->feedback = $check; return false; } } else { $this->feedback = 'TR.wrongPassword'; return false; } }