1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
/***************************************************************************
* Copyright (C) 2006 by Diego R. Brogna *
* [email protected] *
* *
* This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
* the Free Software Foundation; either version 2 of the License, or *
* (at your option) any later version. *
* *
* This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
* GNU General Public License for more details. *
* *
* You should have received a copy of the GNU General Public License *
* along with this program; if not, write to the *
* Free Software Foundation, Inc., *
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. *
***************************************************************************/
#include "php_handler.h"
#include <errno.h>
#include <stdio.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <unistd.h>
#include <util/log.h>
#include "php_interface.h"
using namespace kt;
using namespace bt;
namespace kt
{
TQMap<TQString,TQByteArray> PhpHandler::scripts;
PhpHandler::PhpHandler(const TQString & php_exe,PhpInterface *php) : TQProcess(php_exe),php_i(php)
{
connect(this,TQT_SIGNAL(readyReadStdout()),this,TQT_SLOT(onReadyReadStdout()));
connect(this,TQT_SIGNAL(processExited()),this,TQT_SLOT(onExited()));
}
PhpHandler::~PhpHandler()
{
}
bool PhpHandler::executeScript(const TQString & path,const TQMap<TQString,TQString> & args)
{
TQByteArray php_s;
if (!scripts.contains(path))
{
TQFile fptr(path);
if (!fptr.open(IO_ReadOnly))
{
Out(SYS_WEB|LOG_DEBUG) << "Failed to open " << path << endl;
return false;
}
php_s = fptr.readAll();
scripts.insert(path,php_s);
}
else
{
php_s = scripts[path];
}
output.resize(0);
int firstphptag = TQCString(php_s).find("<?php");
if (firstphptag == -1)
return false;
int off = firstphptag + 6;
TQByteArray data;
TQTextStream ts(data,IO_WriteOnly);
ts.setEncoding( TQTextStream::UnicodeUTF8 );
ts.writeRawBytes(php_s.data(),off); // first write the opening tag from the script
php_i->globalInfo(ts);
php_i->downloadStatus(ts);
TQMap<TQString,TQString>::const_iterator it;
for ( it = args.begin(); it != args.end(); ++it )
{
// Check for string delimiters, don't want PHP injection attacks
if (!containsDelimiters(it.key()) && !containsDelimiters(it.data()))
ts << TQString("$_REQUEST['%1']=\"%2\";\n").arg(it.key()).arg(it.data());
}
ts.writeRawBytes(php_s.data() + off,php_s.size() - off); // the rest of the script
ts << flush;
#if 0
TQFile dinges("output.php");
if (dinges.open(IO_WriteOnly))
{
TQTextStream out(&dinges);
out.writeRawBytes(data.data(),data.size());
dinges.close();
}
#endif
return launch(data);
}
bool PhpHandler::containsDelimiters(const QString & str)
{
return str.contains("\"") || str.contains("'");
}
void PhpHandler::onExited()
{
// read remaining data
onReadyReadStdout();
finished();
}
void PhpHandler::onReadyReadStdout()
{
TQTextStream out(output,IO_WriteOnly|IO_Append);
while (canReadLineStdout())
{
TQByteArray d = readStdout();
out.writeRawBytes(d.data(),d.size());
}
}
}
#include "php_handler.moc"
|