use GisApp\Helpers;
require_once "admin/class.Helpers.php";
require_once "admin/settings.php";
$server_os = php_uname('s');
$def_lang = strtolower(filter_input(INPUT_GET, 'lang', FILTER_SANITIZE_STRING));
session_start();
if ($def_lang > '') {
$lang_fn = filter_input(INPUT_SERVER, 'DOCUMENT_ROOT', FILTER_SANITIZE_STRING) . GISAPPURL . 'admin/languages/' . $def_lang . '.js';
if (!file_exists($lang_fn)) {
$def_lang = 'en';
}
} else {
$def_lang = "en";
}
$_SESSION['lang'] = $def_lang;
if (Helpers::isValidUserProj(Helpers::getMapFromUrl())) {
//Setting some global variables
$user = "" . $_SESSION['user_name'];
$project = "" . $_SESSION['project'];
$crs = "" . $_SESSION["crs"];
$data = json_decode($_SESSION['data']);
$settings = json_decode($_SESSION['settings']);
$gis_projects = json_decode($_SESSION['gis_projects']);
if (!property_exists($settings, "search")) {
$settings->search = null;
}
if (!property_exists($settings, "layerSpecifics")) {
$settings->layerSpecifics = null;
}
if (!property_exists($settings, "geoNames")) {
$settings->geoNames = null;
//separator for key generating
switch ($query_arr["REQUEST"]) {
case "GetProjectSettings":
$cacheKey = $map . $sep . "XML" . $sep . $query_arr["REQUEST"];
$contentType = "text/xml";
break;
case "GetLegendGraphics":
$cacheKey = $map . $sep . "PNG" . $sep . $query_arr["REQUEST"] . $sep . Helpers::normalize($query_arr['LAYERS']);
$contentType = "image/png";
break;
case "GetFeatureInfo":
//only caching large responses (whole tables)
$count = $query_arr['FEATURE_COUNT'];
if (is_numeric($count)) {
if (intval($count) > 100) {
$cacheKey = $map . $sep . "XML" . $sep . $query_arr["REQUEST"] . $sep . Helpers::normalize($query_arr['FILTER']);
}
}
break;
}
if ($cacheKey != null) {
$content = $cache->get($cacheKey);
if ($content == null) {
$response = $client->send($new_request, ['query' => $query_arr]);
$contentType = $response->getHeaderLine('Content-Type');
$contentLength = $response->getHeaderLine('Content-Length');
$content = $response->getBody()->__toString();
if ($response->getStatusCode() == 200) {
$cache->set($cacheKey, $content);
} else {
throw new Exception\ClientException($content, $new_request);
/**
* @param $layername
* @param $map
* @param $query_arr
* @param $format
* @return array
* @throws Exception
*/
function prepareFile($layername, $map, $query_arr, $format)
{
$now = date("Ymd_His");
$layerAlias = Helpers::normalize($layername);
$fileName = TEMP_PATH . $layerAlias . '_' . $now;
$fileExt = "zip";
$makeZip = true;
//$fsize = -1;
// Get project
$project = Helpers::getQgsProject(PROJECT_PATH . $map . '.qgs');
if (!$project["status"]) {
throw new Exception($project["message"]);
}
// Get layer
$layer = Helpers::getLayer($layername, $project["message"]);
if (!$layer["status"]) {
throw new Exception($layer["message"]);
}
// Get layer info
$lay_info = Helpers::getLayerInfo($layer["message"]);
if (!$lay_info["status"]) {
throw new Exception($lay_info["message"]);
}
//other option to get it from layer_info
$conn = str_replace(array('\'', '"'), '', $layer["message"]->datasource);
//removing text sslmode and all after that
$conn = "PG:" . rtrim(substr($conn, 0, strpos($conn, 'sslmode')));
$table = $lay_info["message"]['table'];
$geom = $lay_info["message"]['geom_column'];
$source_srid = (string) $layer["message"]->srs->spatialrefsys->srid;
$extent = explode(",", $query_arr['map0_extent']);
$xmin = $extent[0];
$ymin = $extent[1];
$xmax = $extent[2];
$ymax = $extent[3];
$srid = substr(strrchr($query_arr['SRS'], ':'), 1);
$options = "";
switch ($format) {
case 'SHP':
$format_name = 'ESRI Shapefile';
$options = "-lco ENCODING=UTF-8";
break;
case 'DXF':
$format_name = $format;
//$options = '-select field_list=""';
break;
case 'CSV':
$format_name = $format;
$options = "-lco SEPARATOR=SEMICOLON";
$makeZip = false;
$fileExt = 'csv';
break;
default:
throw new Exception('Format not supported');
}
//putenv('CPL_LOG_ERRORS=ON');
//putenv('CPL_LOG=/var/tmp/ogr_errors.log');
//I removed _a_srs parameter, something not right in QGIS ' -a_srs EPSG:'.$srid.
$mycmd = OGR2OGR . ' -f "' . $format_name . '" "' . $fileName . '.' . strtolower($format) . '" ' . $options . ' "' . $conn . '" -sql "SELECT * FROM ' . $table . ' WHERE ' . $geom . ' && ST_Transform(ST_MakeEnvelope(' . $xmin . ', ' . $ymin . ', ' . $xmax . ', ' . $ymax . ', ' . $srid . '),' . $source_srid . ')" -progress';
//$mycmd = OGR2OGR . ' -s_srs EPSG:3857 -t_srs EPSG:2170 -f "'.$format_name.'" "'.$fileName .'.'.strtolower($format).'" ' . $options . ' "'.$conn.'" -sql "SELECT * FROM '.$table.' WHERE '.$geom.' && ST_MakeEnvelope(' .$xmin .', ' .$ymin .', ' .$xmax .', ' .$ymax .', ' .$srid .')" -progress';
$output = shell_exec($mycmd);
$fullFileNameZip = $fileName . "." . $fileExt;
if ($makeZip) {
$zip = new ZipArchive();
if ($zip->open($fullFileNameZip, ZipArchive::CREATE) !== TRUE) {
throw new Exception("Cannot write " . $fullFileNameZip);
}
//$zip->addFile("./" .$filename ,$now ."/" .$filename);
$zip->addFile($fileName . '.' . strtolower($format), basename($fileName . '.' . strtolower($format)));
if ($format == 'SHP') {
$zip->addFile($fileName . '.shx', basename($fileName . '.shx'));
$zip->addFile($fileName . '.dbf', basename($fileName . '.dbf'));
$zip->addFile($fileName . '.prj', basename($fileName . '.prj'));
$zip->addFile($fileName . '.cpg', basename($fileName . '.cpg'));
}
$zip->close();
//removing shp
if ($format == 'SHP') {
unlink($fileName . '.dbf');
unlink($fileName . '.shx');
//unlink($fileName.'.prj');
unlink($fileName . '.cpg');
}
if (file_exists($fileName . '.' . strtolower($format))) {
unlink($fileName . '.' . strtolower($format));
}
//$fsize = filesize('./' .$filename_zip);
//$fsize = filesize($fullFileNameZip);
} else {
//for formats that are not zipped (CSV...)
//$fsize = filesize($fileName . '.' . strtolower($format));
}
return base64_encode($fullFileNameZip);
}
/**
* Checks if user exits, if so: check if provided password matches the one in the database
* @return bool User login success status
*/
private function checkPasswordCorrectnessAndLogin()
{
$user = filter_input(INPUT_POST, 'user_name', FILTER_SANITIZE_STRING);
$project = filter_input(INPUT_POST, 'project', FILTER_SANITIZE_STRING);
$email = "";
$pass = false;
$gisApp = new DbLoader($user, $project, $this->db_connection);
//check if we have guest user
if (strtolower($user == 'guest')) {
//no user and password verify
$pass = true;
} else {
$sql = 'SELECT user_name, user_email, user_password_hash
FROM users
WHERE user_name = :user_name
LIMIT 1';
$query = $this->db_connection->prepare($sql);
$query->bindValue(':user_name', $user);
$query->execute();
// Btw that's the weird way to get num_rows in PDO with SQLite:
// if (count($query->fetchAll(PDO::FETCH_NUM)) == 1) {
// Holy! But that's how it is. $result->numRows() works with SQLite pure, but not with SQLite PDO.
// This is so crappy, but that's how PDO works.
// As there is no numRows() in SQLite/PDO (!!) we have to do it this way:
// If you meet the inventor of PDO, punch him. Seriously.
$result_row = $query->fetchObject();
if ($result_row) {
// using PHP 5.5's password_verify() function to check password
$pass = password_verify($_POST['user_password'], $result_row->user_password_hash);
$email = $result_row->user_email;
} else {
$this->feedback = 'TR.noUser';
return false;
}
}
if ($pass) {
//aditional check if project and user exists and user has permission to use project
$check = $gisApp->checkUserProject();
if ($check == 'OK') {
//get additional project info
$project_data = $gisApp->getProjectDataFromDB();
//get all GIS projects for user for themeswitcher
$gis_projects = $gisApp->getGisProjectsFromDB();
//get QGIS project CRS
$project_qgs = Helpers::getQgsProject(PROJECT_PATH . $project . '.qgs');
if (!$project_qgs["status"]) {
$crs = "EPSG:3857";
} else {
$crs = (string) $project_qgs["message"]->properties->SpatialRefSys->ProjectCrs;
}
//search configs
$project_settings = $gisApp->getProjectConfigs();
if ($project_settings !== false) {
// write user data into PHP SESSION
$_SESSION['user_name'] = $user;
$_SESSION['user_email'] = $email;
$_SESSION['user_is_logged_in'] = true;
$_SESSION['project'] = $project;
$_SESSION['data'] = $project_data;
$_SESSION['settings'] = $project_settings;
$_SESSION['gis_projects'] = $gis_projects;
$_SESSION['crs'] = $crs;
$this->user_is_logged_in = true;
//update lastlogin and count
$sql = "UPDATE users SET last_login=now(),count_login = count_login + 1 WHERE user_name = :user_name";
$query = $this->db_connection->prepare($sql);
$query->bindValue(':user_name', $user);
$query->execute();
return true;
} else {
return false;
}
} else {
$this->feedback = $check;
return false;
}
} else {
$this->feedback = 'TR.wrongPassword';
return false;
}
}
