source: trunk/contrib/php-xinha.php @ 565

Last change on this file since 565 was 565, checked in by gogo, 13 years ago

Improvements to passing configuration to (php currently) Plugin backends.

This was prompted by #844, and numerous people having trouble with configuring ImageManager?.

A file has been added contrib/php-xinha.php (perhaps should be moved somewhere better),
this file contains functions which make it much easier to trustworthily pass data to
backends from the javascript frontend.

An example is easiest, imagine the following in your xinha setup, step 3...

with (xinha_config.ImageManager?)
{

<?php

require_once('/path/to/xinha/contrib/php-xinha.php');
xinha_pass_to_php_backend
(

array
(

'images_dir' => '/home/your/directory',
'images_url' => '/directory'

)

)

?>

}

that's all you need. It will (should at least) work with non-default session names also.

File size: 4.6 KB
Line 
1<?php
2  /** Write the appropriate xinha_config directives to pass data to a PHP (Plugin) backend file.
3   *
4   *  ImageManager Example:
5   *  The following would be placed in step 3 of your configuration (see the NewbieGuide
6   *  (http://xinha.python-hosting.com/wiki/NewbieGuide)
7   *
8   * <script language="javascript">
9   *  with (xinha_config.ImageManager)
10   *  {
11   *    <?php
12   *      xinha_pass_to_php_backend
13   *      (       
14   *        array
15   *        (
16   *         'images_dir' => '/home/your/directory',
17   *         'images_url' => '/directory'
18   *        )
19   *      )
20   *    ?>
21   *  }
22   *  </script>
23   *
24   */
25     
26  function xinha_pass_to_php_backend($Data, $KeyLocation = 'Xinha:BackendKey')
27  {
28   
29    $bk = array();
30    $bk['data']       = serialize($Data);
31   
32    @session_start();
33    if(!isset($_SESSION[$KeyLocation]))
34    {
35      $_SESSION[$KeyLocation] = uniqid('Key_');
36    }
37   
38    $bk['session_name'] = session_name();     
39    $bk['key_location'] = $KeyLocation;     
40    $bk['hash']         =
41      function_exists('sha1') ?
42        sha1($_SESSION[$KeyLocation] . $bk['data'])
43      : md5($_SESSION[$KeyLocation] . $bk['data']);
44     
45     
46    // The data will be passed via a postback to the
47    // backend, we want to make sure these are going to come
48    // out from the PHP as an array like $bk above, so
49    // we need to adjust the keys.
50    $backend_data = array();
51    foreach($bk as $k => $v)
52    {
53      $backend_data["backend_data[$k]"] = $v;
54    }
55   
56    // The session_start() above may have been after data was sent, so cookies
57    // wouldn't have worked.
58    $backend_data[session_name()] = session_id();
59   
60    echo 'backend_data = ' . xinha_to_js($backend_data) . "; \n";
61   
62  } 
63   
64  /** Convert PHP data structure to Javascript */
65 
66  function xinha_to_js($var, $tabs = 0)
67  {
68    if(is_numeric($var))
69    {
70      return $var;
71    }
72 
73    if(is_string($var))
74    {
75      return "'" . xinha_js_encode($var) . "'";
76    }
77 
78    if(is_array($var))
79    {
80      $useObject = false;
81      foreach(array_keys($var) as $k) {
82          if(!is_numeric($k)) $useObject = true;
83      }
84      $js = array();
85      foreach($var as $k => $v)
86      {
87        $i = "";
88        if($useObject) {
89          if(preg_match('#^[a-zA-Z]+[a-zA-Z0-9]*$#', $k)) {
90            $i .= "$k: ";
91          } else {
92            $i .= "'$k': ";
93          }
94        }
95        $i .= xinha_to_js($v, $tabs + 1);
96        $js[] = $i;
97      }
98      if($useObject) {
99          $ret = "{\n" . xinha_tabify(implode(",\n", $js), $tabs) . "\n}";
100      } else {
101          $ret = "[\n" . xinha_tabify(implode(",\n", $js), $tabs) . "\n]";
102      }
103      return $ret;
104    }
105 
106    return 'null';
107  }
108   
109  /** Like htmlspecialchars() except for javascript strings. */
110 
111  function xinha_js_encode($string)
112  {
113    static $strings = "\\,\",',%,&,<,>,{,},@,\n,\r";
114 
115    if(!is_array($strings))
116    {
117      $tr = array();
118      foreach(explode(',', $strings) as $chr)
119      {
120        $tr[$chr] = sprintf('\x%02X', ord($chr));
121      }
122      $strings = $tr;
123    }
124 
125    return strtr($string, $strings);
126  }
127       
128   
129  /** Used by plugins to get the config passed via
130  *   xinha_pass_to_backend()
131  *  returns either the structure given, or NULL
132  *  if none was passed or a security error was encountered.
133  */
134 
135  function xinha_read_passed_data()
136  {
137   if(isset($_REQUEST['backend_data']) && is_array($_REQUEST['backend_data']))
138   {
139     $bk = $_REQUEST['backend_data'];
140     session_name($bk['session_name']);
141     @session_start();
142     if(!isset($_SESSION[$bk['key_location']])) return NULL;
143     
144     if($bk['hash']         ===
145        function_exists('sha1') ?
146          sha1($_SESSION[$bk['key_location']] . $bk['data'])
147        : md5($_SESSION[$bk['key_location']] . $bk['data']))
148     {
149       return unserialize($bk['data']);
150     }
151   }
152   
153   return NULL;
154  }
155   
156  /** Used by plugins to get a query string that can be sent to the backend
157  * (or another part of the backend) to send the same data.
158  */
159 
160  function xinha_passed_data_querystring()
161  {
162   $qs = array();
163   if(isset($_REQUEST['backend_data']) && is_array($_REQUEST['backend_data']))
164   {
165     foreach($_REQUEST['backend_data'] as $k => $v)
166     {
167       $qs[] = "backend_data[" . rawurlencode($k) . "]=" . rawurlencode($v);
168     }       
169   }
170   
171   $qs[] = session_name() . '=' . session_id();
172   return implode('&', $qs);
173  }
174   
175   
176  /** Just space-tab indent some text */
177  function xinha_tabify($text, $tabs)
178  {
179    if($text)
180    {
181      return str_repeat("  ", $tabs) . preg_replace('/\n(.)/', "\n" . str_repeat("  ", $tabs) . "\$1", $text);
182    }
183  }       
184   
185?>
Note: See TracBrowser for help on using the repository browser.