<?php
# $Id: mod_wfs_gazetteer_server.php 1190 2007-10-18 10:38:38Z baudson $
# http://www.mapbender.org/index.php/Administration
# Copyright (C) 2002 CCGIS 
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

require_once(dirname(__FILE__)."/../php/mb_validateSession.php");
require_once(dirname(__FILE__)."/../classes/class_json.php");
require_once(dirname(__FILE__)."/../classes/class_administration.php");
require_once(dirname(__FILE__)."/../classes/class_wfs_conf.php");
require_once(dirname(__FILE__)."/../classes/class_universal_wfs_factory.php");
require_once(dirname(__FILE__)."/../classes/class_universal_gml_factory.php");
require_once(dirname(__FILE__)."/../classes/class_wfs_configuration.php");

$user = new User(Mapbender::session()->get("mb_user_id"));
$command = $_REQUEST["command"];

/**
 * checks if a variable name is valid.
 * Currently a valid name would be sth. like Mapbender::session()->get("mb_user_id")
 * TODO: this function is also in mod_wfs_result!! Maybe merge someday.
 */
function isValidVarName ($varname) {
	if (preg_match("/[\$]{1}_[a-z]+\[\"[a-z_]+\"\]/i", $varname) != 0) {
		return true;
	}
	return false;
}

/**
 * If access to the WFS conf is restricted, modify the filter.
 * TODO: this function is also in mod_wfs_result!! Maybe merge someday.
 */
 function checkAccessConstraint($filter, $wfs_conf_id) {
	/* wfs_conf_element */
	$sql = "SELECT * FROM wfs_conf_element ";
	$sql .= "JOIN wfs_element ON wfs_conf_element.f_id = wfs_element.element_id ";
	$sql .= "WHERE wfs_conf_element.fkey_wfs_conf_id = $1 ";
	$sql .= "ORDER BY wfs_conf_element.f_respos";
			
	$v = array($wfs_conf_id);
	$t = array('i');
	$res = db_prep_query($sql,$v,$t);
	while($row = db_fetch_array($res)){

		if (!empty($row["f_auth_varname"])) {
			$auth_varname = $row["f_auth_varname"];
			$element_name = $row["element_name"];
		}
	}
	if (!empty($auth_varname)) {

		if (isValidVarName($auth_varname)) {
			$user = eval("return " . $auth_varname . ";");
			if ($user) {
				$pattern = "(<ogc:Filter[^>]*>)(.*)(</ogc:Filter>)";
				$replacement = "\\1<And>\\2<ogc:PropertyIsEqualTo><ogc:PropertyName>" . $element_name . "</ogc:PropertyName><ogc:Literal>" . $user . "</ogc:Literal></ogc:PropertyIsEqualTo></And>\\3"; 
				$filter = mb_eregi_replace($pattern, $replacement, $filter);
			}
			else {
				$e = new mb_exception("mod_wfs_gazetteer_server: checkAccessConstraint: invalid value of variable containing user information!");
			}
		}
		else {
			$e = new mb_exception("mod_wfs_gazetteer_server: checkAccessConstraint: var name is not valid! (" . $auth_varname . ")");
		}
	}
	return $filter;
}


if ($command == "getWfsConf") {
	
	$wfsConfIdString = $_GET["wfsConfIdString"];
	
	if ($wfsConfIdString != "") {
		//array_keys(array_flip()) produces an array with unique entries
		$wfsConfIdArray = array_keys(array_flip(mb_split(",", $wfsConfIdString)));
		$availableWfsConfIds = $user->getWfsConfByPermission();
		
		$wfsConfIdArray = array_intersect($wfsConfIdArray, $availableWfsConfIds);
		if (count($wfsConfIdArray) === 0) {
			echo "no wfs conf available.";
			die();
		}
	}
	else {
		echo "please specify wfs conf id.";
		die();
	}
	
	$obj = new WfsConf();
	$obj->load($wfsConfIdArray);
	$json = new Mapbender_JSON();
	$output = $json->encode($obj->confArray);
	echo $output;
}
elseif ($command == "getWfsConfsForThisApplication") {
	
	// get all WFS conf IDs for this application
	$availableWfsConfIds = $user->getWfsConfByPermission(Mapbender::session()->get("mb_user_gui"));
	
	$obj = new WfsConf();
	$obj->load($availableWfsConfIds);
	$json = new Mapbender_JSON();
	$output = $json->encode($obj->confArray);
	echo $output;
}
else if ($command == "getSearchResults") {
	$wfs_conf_id = $_REQUEST["wfs_conf_id"];
	$backlink = $_REQUEST["backlink"];
	$frame = $_REQUEST["frame"];
	$filter = $_REQUEST["filter"];
	$url = $_REQUEST["url"];
	$typename = $_REQUEST["typename"];
	$destSrs = $_REQUEST["destSrs"];

	$wfsConf = WfsConfiguration::createFromDb($wfs_conf_id);
	if (is_null($wfsConf)) {
		sendErrorMessage("Invalid WFS conf: " . $wfs_conf_id);
	}
	
	// append authorisation condition to filter
	$filter = checkAccessConstraint($filter, $wfs_conf_id);
	
	$admin = new administration();
	
	$filter = administration::convertIncomingString($filter);

	$wfsId = $wfsConf->wfsId;

	$myWfsFactory = new UniversalWfsFactory();
	$myWfs = $myWfsFactory->createFromDb($wfsId);
	$data = $myWfs->getFeature($typename, $filter,$destSrs);
	if ($data === null) die('{}');
	
	if (defined("WFS_RESPONSE_SIZE_LIMIT") && WFS_RESPONSE_SIZE_LIMIT < strlen($data)) {
		die("Too many results, please restrict your search.");
	}
//	$geomColumn = WfsConf::getGeomColumnNameByConfId($wfs_conf_id);

	$gmlFactory = new UniversalGmlFactory();
	$myGml = $gmlFactory->createFromXml($data, $wfsConf);
	if (!is_null($myGml)) {
		$geoJson = $myGml->toGeoJSON();
	}
	else {
		$geoJson = "{}";
	}
	
	header("Content-type:application/x-json; charset=utf-8");
	echo $geoJson;
}
else {
	echo "please enter a valid command.";
}
?>