because that would be interpreted and // altered by browers html parser $res .= "<heading>" . htmlspecialchars ($feature->title) . "</heading>"; $res .= "<lon>" . $feature->lon . "</lon>"; $res .= "<lat>" . $feature->lat . "</lat>"; $res .= "</feature></success>"; exit_document ($res); } function success_delete_feature ($feature) { $res = "<success request=\"del\"><feature>"; $res .= "<id>" . $feature->id . "</id>"; $res .= "</feature></success>"; exit_document ($res); } function success ($reason) { exit_document ("<success request=\"$reason\"></success>"); } function error ($reason) { exit_document ("<error reason=\"$reason\"></error>"); } function error_feature ($id, $reason) { $res = "<error reason=\"$reason\"><feature>"; $res .= "<id>" . $id . "</id>"; $res .= "</feature></error>"; exit_document ($res); } function nochange_error ($id) { error_feature ($id, "nochange"); } function unreferenced_error ($id) { error_feature ($id, "unreferenced"); } function server_error () { error ("server"); } function unauthorized_error () { error ("unauthorized"); } function request_error () { error ("request"); } function file_too_big_error () { error ("toobig"); } function notanimage_error () { error ("notimage"); } function save_uploaded_file ($file, $con) { $dest = ""; if (isset ($file) && ($file ["error"] != UPLOAD_ERR_NO_FILE)) { img_check_upload ($file); $dest = unique_file (UPLOADDIR, $file ["name"], $con); if (!isset ($dest) || (!move_uploaded_file ($file ["tmp_name"], $dest))) { server_error (); } $mini_dest = getthumbsdir () . "/mini_" . basename_safe ($dest); if (!create_thumbnail_or_copy ($dest, $mini_dest)) { server_error (); } } return basename_safe ($dest); } function img_check_upload ($file) { if (!is_uploaded_file ($file ["tmp_name"])) { if ($file ["error"] == UPLOAD_ERR_INI_SIZE) { file_too_big_error (); } else { server_error (); } } if (!getimagesize ($file ["tmp_name"])) { notanimage_error (); } } function delete_image_if_unused ($imgpath, $con) { if (!isset ($imgpath) || (strlen ($imgpath) == 0)) { return; } if ($con->imgpath_exists ($imgpath)) { return; } $path = UPLOADDIR . "/" . $imgpath; if (file_exists ($path)) { unlink ($path); } $thumb_path = getthumbsdir () . "/mini_" . $imgpath; if (file_exists ($thumb_path)) { unlink ($thumb_path); } } function unique_file ($dirname, $relpath, $con) { $relpath = str_replace ('/', '', $relpath); // strip slashes from path $relpath = str_replace ('\\', '', $relpath); // strip antislashes from path $filename = $dirname . '/' . $relpath; $counter = 1; $dotpos = strrpos ($relpath, '.'); if ($dotpos) { $base = substr ($relpath, 0, $dotpos); $ext = substr ($relpath, $dotpos + 1); } else { $base = $relpath; $ext = ""; } while ($counter < 1000) { if (!file_exists ($filename) && !($con->imgpath_exists (basename_safe ($filename)))) { return $filename; } else { $counter++; $filename = $dirname . '/' . $base . '_' . $counter . '.' . $ext; } } // we tried to find an unused filename 1000 times. Give up now. return null; } function check_auth ($con, $pwd, $cookie_name, $auth_only) { $authentificated = false; $user = "admin"; if ($pwd) { if ($con->checkpwdmd5 ($user, md5 ($pwd))) { // cookie will be valid for 2 weeks. I've chosen that value // arbitrarily, and it may change in the future. $time = time () + 14 * 60 * 24 * 60; setcookie ($cookie_name, md5 ($pwd), $time, "" , "", false, true); $authentificated = true; if ($auth_only) { success_auth (); } } else { unauthorized_error (); } } if (!$authentificated && !($con->checkpwdmd5 ($user, $_COOKIE [$cookie_name]))) { unauthorized_error (); } } function main ($con) { if (!isset ($_POST ["request"])) { request_error (); } $pwd = unquote ($_POST["password"]); $cookie_name = sprintf ("%sauth", DBPREFIX); // does user only want authentication or does he want to do other things $auth_only = ($_POST ["request"] == "auth"); check_auth ($con, $pwd, $cookie_name, $auth_only); switch ($_POST ["request"]) { case "update": $id = $_POST ["fid"]; $feature = $con->getfeature ($id); if (!isset ($feature)) { unreferenced_error ($id); } // no file uploaded, but editor currently has an image: it means // image was not changed if ($_POST ["keep_img"] == "yes") { $imgpath = $feature->imgpath; } else { $imgpath = save_uploaded_file ($_FILES ["image_file"], $con); } $lon = $_POST ["lon"]; $lat = $_POST ["lat"]; $title = unquote ($_POST ["title"]); $description = unquote ($_POST ["description"]); try { $new_feature = new feature ($id, $lon, $lat, $imgpath, $title, $description, 0); } catch (Exception $e) { request_error (); } if (($new_feature->lon == $feature->lon) && ($new_feature->lat == $feature->lat) && ($new_feature->title == $feature->title) && ($new_feature->imgpath == $feature->imgpath) && ($new_feature->description == $feature->description)) { nochange_error ($feature->id); } $old_imgpath = ""; if ($feature->imgpath && ($feature->imgpath != $new_feature->imgpath)) { $old_imgpath = $feature->imgpath; } try { $con->save_feature ($new_feature); } catch (Exception $e) { server_error (); } if ($old_imgpath) { try { delete_image_if_unused ($old_imgpath, $con); } catch (Exception $e) {} } success_feature ($new_feature, "update"); break; case "add": $imgpath = save_uploaded_file ($_FILES ["image_file"], $con); $lon = $_POST ["lon"]; $lat = $_POST ["lat"]; $title = unquote ($_POST ["title"]); $description = unquote ($_POST ["description"]); try { $feature = new feature (null, $lon, $lat, $imgpath, $title, $description, 0); } catch (Exception $e) { request_error (); } try { $feature = $con->save_feature ($feature); } catch (Exception $e) { server_error (); } success_feature ($feature, "add"); break; case "del": $id = $_POST ["fid"]; $feature = $con->getfeature ($id); if (!isset ($feature)) { unreferenced_error ($id); } $imgpath = $feature->imgpath; try { $con->delete_feature ($feature); } catch (Exception $e) { server_error (); } try { delete_image_if_unused ($imgpath, $con); } catch (Exception $e) {} success_delete_feature ($feature); default: request_error(); break; } server_error (); } try { $connection->connect (DBHOST, DBUSER, DBPWD, DBNAME, DBPREFIX); } catch (Exception $e) { server

$body"); } function success_auth () { success ("auth"); } function success_feature ($feature, $request) { $res = ""; $res .= "" . $feature->id . ""; $res .= "" . ($feature->imgpath ? image_url_from_imgpath ($feature->imgpath) : "") . ""; $res .= "" . htmlspecialchars ($feature->description) . ""; // XXX: we do not use because that would be interpreted and // altered by browers html parser $res .= "<heading>" . htmlspecialchars ($feature->title) . "</heading>"; $res .= "<lon>" . $feature->lon . "</lon>"; $res .= "<lat>" . $feature->lat . "</lat>"; $res .= "</feature></success>"; exit_document ($res); } function success_delete_feature ($feature) { $res = "<success request=\"del\"><feature>"; $res .= "<id>" . $feature->id . "</id>"; $res .= "</feature></success>"; exit_document ($res); } function success ($reason) { exit_document ("<success request=\"$reason\"></success>"); } function error ($reason) { exit_document ("<error reason=\"$reason\"></error>"); } function error_feature ($id, $reason) { $res = "<error reason=\"$reason\"><feature>"; $res .= "<id>" . $id . "</id>"; $res .= "</feature></error>"; exit_document ($res); } function nochange_error ($id) { error_feature ($id, "nochange"); } function unreferenced_error ($id) { error_feature ($id, "unreferenced"); } function server_error () { error ("server"); } function unauthorized_error () { error ("unauthorized"); } function request_error () { error ("request"); } function file_too_big_error () { error ("toobig"); } function notanimage_error () { error ("notimage"); } function save_uploaded_file ($file, $con) { $dest = ""; if (isset ($file) && ($file ["error"] != UPLOAD_ERR_NO_FILE)) { img_check_upload ($file); $dest = unique_file (UPLOADDIR, $file ["name"], $con); if (!isset ($dest) || (!move_uploaded_file ($file ["tmp_name"], $dest))) { server_error (); } $mini_dest = getthumbsdir () . "/mini_" . basename_safe ($dest); if (!create_thumbnail_or_copy ($dest, $mini_dest)) { server_error (); } } return basename_safe ($dest); } function img_check_upload ($file) { if (!is_uploaded_file ($file ["tmp_name"])) { if ($file ["error"] == UPLOAD_ERR_INI_SIZE) { file_too_big_error (); } else { server_error (); } } if (!getimagesize ($file ["tmp_name"])) { notanimage_error (); } } function delete_image_if_unused ($imgpath, $con) { if (!isset ($imgpath) || (strlen ($imgpath) == 0)) { return; } if ($con->imgpath_exists ($imgpath)) { return; } $path = UPLOADDIR . "/" . $imgpath; if (file_exists ($path)) { unlink ($path); } $thumb_path = getthumbsdir () . "/mini_" . $imgpath; if (file_exists ($thumb_path)) { unlink ($thumb_path); } } function unique_file ($dirname, $relpath, $con) { $relpath = str_replace ('/', '', $relpath); // strip slashes from path $relpath = str_replace ('\\', '', $relpath); // strip antislashes from path $filename = $dirname . '/' . $relpath; $counter = 1; $dotpos = strrpos ($relpath, '.'); if ($dotpos) { $base = substr ($relpath, 0, $dotpos); $ext = substr ($relpath, $dotpos + 1); } else { $base = $relpath; $ext = ""; } while ($counter < 1000) { if (!file_exists ($filename) && !($con->imgpath_exists (basename_safe ($filename)))) { return $filename; } else { $counter++; $filename = $dirname . '/' . $base . '_' . $counter . '.' . $ext; } } // we tried to find an unused filename 1000 times. Give up now. return null; } function check_auth ($con, $pwd, $cookie_name, $auth_only) { $authentificated = false; $user = "admin"; if ($pwd) { if ($con->checkpwdmd5 ($user, md5 ($pwd))) { // cookie will be valid for 2 weeks. I've chosen that value // arbitrarily, and it may change in the future. $time = time () + 14 * 60 * 24 * 60; setcookie ($cookie_name, md5 ($pwd), $time, "" , "", false, true); $authentificated = true; if ($auth_only) { success_auth (); } } else { unauthorized_error (); } } if (!$authentificated && !($con->checkpwdmd5 ($user, $_COOKIE [$cookie_name]))) { unauthorized_error (); } } function main ($con) { if (!isset ($_POST ["request"])) { request_error (); } $pwd = unquote ($_POST["password"]); $cookie_name = sprintf ("%sauth", DBPREFIX); // does user only want authentication or does he want to do other things $auth_only = ($_POST ["request"] == "auth"); check_auth ($con, $pwd, $cookie_name, $auth_only); switch ($_POST ["request"]) { case "update": $id = $_POST ["fid"]; $feature = $con->getfeature ($id); if (!isset ($feature)) { unreferenced_error ($id); } // no file uploaded, but editor currently has an image: it means // image was not changed if ($_POST ["keep_img"] == "yes") { $imgpath = $feature->imgpath; } else { $imgpath = save_uploaded_file ($_FILES ["image_file"], $con); } $lon = $_POST ["lon"]; $lat = $_POST ["lat"]; $title = unquote ($_POST ["title"]); $description = unquote ($_POST ["description"]); try { $new_feature = new feature ($id, $lon, $lat, $imgpath, $title, $description, 0); } catch (Exception $e) { request_error (); } if (($new_feature->lon == $feature->lon) && ($new_feature->lat == $feature->lat) && ($new_feature->title == $feature->title) && ($new_feature->imgpath == $feature->imgpath) && ($new_feature->description == $feature->description)) { nochange_error ($feature->id); } $old_imgpath = ""; if ($feature->imgpath && ($feature->imgpath != $new_feature->imgpath)) { $old_imgpath = $feature->imgpath; } try { $con->save_feature ($new_feature); } catch (Exception $e) { server_error (); } if ($old_imgpath) { try { delete_image_if_unused ($old_imgpath, $con); } catch (Exception $e) {} } success_feature ($new_feature, "update"); break; case "add": $imgpath = save_uploaded_file ($_FILES ["image_file"], $con); $lon = $_POST ["lon"]; $lat = $_POST ["lat"]; $title = unquote ($_POST ["title"]); $description = unquote ($_POST ["description"]); try { $feature = new feature (null, $lon, $lat, $imgpath, $title, $description, 0); } catch (Exception $e) { request_error (); } try { $feature = $con->save_feature ($feature); } catch (Exception $e) { server_error (); } success_feature ($feature, "add"); break; case "del": $id = $_POST ["fid"]; $feature = $con->getfeature ($id); if (!isset ($feature)) { unreferenced_error ($id); } $imgpath = $feature->imgpath; try { $con->delete_feature ($feature); } catch (Exception $e) { server_error (); } try { delete_image_if_unused ($imgpath, $con); } catch (Exception $e) {} success_delete_feature ($feature); default: request_error(); break; } server_error (); } try { $connection->connect (DBHOST, DBUSER, DBPWD, DBNAME, DBPREFIX); } catch (Exception $e) { server_error (); } main ($connection); ?>