Commit | Line | Data |
---|---|---|
b325120a | 1 | <?php |
90a3d6d8 DY |
2 | ob_start(); |
3 | try { | |
87c744a9 DO |
4 | // Code block below is a module request dispatcher. Turning it into a |
5 | // function will break things because of the way require() works. | |
c5dfde62 | 6 | switch (TRUE) |
36ef72d9 | 7 | { |
c5dfde62 DO |
8 | case ! array_key_exists ('module', $_REQUEST): |
9 | case 'interface' == $_REQUEST['module']: | |
10 | require_once 'inc/interface.php'; | |
11 | // init.php has to be included after interface.php, otherwise the bits | |
12 | // set by local.php get lost | |
13 | require_once 'inc/init.php'; | |
14 | prepareNavigation(); | |
15 | // Security context is built on the requested page/tab/bypass data, | |
16 | // do not override. | |
17 | fixContext(); | |
18 | redirectIfNecessary(); | |
19 | if (! permitted()) | |
20 | { | |
21 | renderAccessDenied (FALSE); | |
22 | break; | |
23 | } | |
24 | header ('Content-Type: text/html; charset=UTF-8'); | |
25 | // Only store the tab name after clearance is got. Any failure is unhandleable. | |
26 | if (isset ($_REQUEST['tab']) and ! isset ($_SESSION['RTLT'][$pageno]['dont_remember'])) | |
27 | $_SESSION['RTLT'][$pageno] = array ('tabname' => $tabno, 'time' => time()); | |
28 | // call the main handler - page or tab handler. | |
29 | if (isset ($tabhandler[$pageno][$tabno])) | |
30 | call_user_func ($tabhandler[$pageno][$tabno], getBypassValue()); | |
31 | elseif (isset ($page[$pageno]['handler'])) | |
32 | $page[$pageno]['handler'] ($tabno); | |
33 | else | |
34 | throw new RackTablesError ("Failed to find handler for page '${pageno}', tab '${tabno}'", RackTablesError::INTERNAL); | |
35 | // Embed the current text in OB into interface layout (the latter also | |
36 | // empties color message buffer). | |
37 | $contents = ob_get_contents(); | |
38 | ob_clean(); | |
39 | renderInterfaceHTML ($pageno, $tabno, $contents); | |
40 | break; | |
41 | case 'tsuri' == $_REQUEST['module']: | |
4afb4c10 | 42 | require_once 'inc/init.php'; |
36ef72d9 DO |
43 | genericAssertion ('uri', 'string'); |
44 | proxyStaticURI ($_REQUEST['uri']); | |
45 | break; | |
c5dfde62 | 46 | case 'download' == $_REQUEST['module']: |
4afb4c10 | 47 | require_once 'inc/init.php'; |
0415b520 DO |
48 | $pageno = 'file'; |
49 | $tabno = 'download'; | |
50 | fixContext(); | |
51 | if (!permitted()) | |
52 | { | |
53 | require_once 'inc/interface.php'; | |
87c744a9 DO |
54 | renderAccessDenied (FALSE); |
55 | break; | |
0415b520 DO |
56 | } |
57 | ||
58 | $asattach = (isset ($_REQUEST['asattach']) and $_REQUEST['asattach'] == 'no') ? FALSE : TRUE; | |
59 | $file = getFile (getBypassValue()); | |
60 | header("Content-Type: {$file['type']}"); | |
61 | header("Content-Length: {$file['size']}"); | |
62 | if ($asattach) | |
63 | header("Content-Disposition: attachment; filename={$file['name']}"); | |
64 | echo $file['contents']; | |
65 | break; | |
c5dfde62 | 66 | case 'image' == $_REQUEST['module']: |
4afb4c10 DO |
67 | require_once 'inc/render_image.php'; |
68 | // 'progressbar's never change, attempt an IMS chortcut before loading init.php | |
69 | checkIMSCondition(); | |
70 | require_once 'inc/init.php'; | |
71 | try | |
72 | { | |
73 | dispatchImageRequest(); | |
74 | } | |
75 | catch (Exception $e) | |
76 | { | |
87c744a9 | 77 | ob_clean(); |
4afb4c10 DO |
78 | renderError(); |
79 | } | |
80 | break; | |
c5dfde62 | 81 | case 'ajax' == $_REQUEST['module']: |
9f4f431c DO |
82 | require_once 'inc/ajax-interface.php'; |
83 | require_once 'inc/init.php'; | |
84 | try | |
85 | { | |
86 | dispatchAJAXRequest(); | |
87 | } | |
88 | catch (InvalidRequestArgException $e) | |
89 | { | |
90 | ob_clean(); | |
91 | echo "NAK\nMalformed request"; | |
92 | } | |
93 | catch (Exception $e) | |
94 | { | |
95 | ob_clean(); | |
96 | echo "NAK\nRuntime exception: ". $e->getMessage(); | |
97 | } | |
98 | break; | |
c5dfde62 | 99 | case 'redirect' == $_REQUEST['module']: |
87c744a9 DO |
100 | // Include init after ophandlers/snmp, not before, so local.php can redefine things. |
101 | require_once 'inc/ophandlers.php'; | |
102 | // snmp.php is an exception, it is treated by a special hack | |
103 | if (isset ($_REQUEST['op']) and $_REQUEST['op'] == 'querySNMPData') | |
104 | require_once 'inc/snmp.php'; | |
105 | require_once 'inc/init.php'; | |
106 | try | |
107 | { | |
108 | genericAssertion ('op', 'string'); | |
109 | $op = $_REQUEST['op']; | |
110 | prepareNavigation(); | |
111 | $location = buildWideRedirectURL(); | |
112 | // FIXME: find a better way to handle this error | |
113 | if ($op == 'addFile' && !isset($_FILES['file']['error'])) | |
114 | throw new RackTablesError ('File upload error, check upload_max_filesize in php.ini', RackTablesError::MISCONFIGURED); | |
115 | fixContext(); | |
116 | if | |
117 | ( | |
118 | !isset ($ophandler[$pageno][$tabno][$op]) or | |
119 | !function_exists ($ophandler[$pageno][$tabno][$op]) | |
120 | ) | |
121 | throw new RackTablesError ("Invalid navigation data for '${pageno}-${tabno}-${op}'", RackTablesError::INTERNAL); | |
122 | // We have a chance to handle an error before starting HTTP header. | |
123 | if (!isset ($delayauth[$pageno][$tabno][$op]) and !permitted()) | |
124 | showError ('Operation not permitted'); | |
125 | else | |
126 | { | |
127 | // Call below does the job of bypass argument assertion, if such is required, | |
128 | // so the ophandler function doesn't have to re-assert this portion of its | |
129 | // arguments. And it would be even better to pass returned value to ophandler, | |
130 | // so it is not necessary to remember the name of bypass in it. | |
131 | getBypassValue(); | |
132 | if (strlen ($redirect_to = call_user_func ($ophandler[$pageno][$tabno][$op]))) | |
133 | $location = $redirect_to; | |
134 | } | |
135 | header ("Location: " . $location); | |
136 | } | |
137 | // known "soft" failures require a short error message | |
138 | catch (InvalidRequestArgException2 $e) | |
139 | { | |
140 | ob_clean(); | |
141 | showError ($e->getMessage()); | |
142 | header ('Location: ' . $location); | |
143 | } | |
144 | catch (RTDatabaseError $e) | |
145 | { | |
146 | ob_clean(); | |
147 | showError ('Database error: ' . $e->getMessage()); | |
148 | header ('Location: ' . $location); | |
149 | } | |
150 | // any other error requires no special handling and will be caught outside | |
151 | break; | |
e0ce8064 DO |
152 | case 'popup' == $_REQUEST['module']: |
153 | require_once 'inc/popup.php'; | |
154 | require_once 'inc/interface.php'; | |
155 | require_once 'inc/init.php'; | |
156 | renderPopupHTML(); | |
157 | break; | |
36ef72d9 DO |
158 | default: |
159 | throw new InvalidRequestArgException ('module', $_REQUEST['module']); | |
160 | } | |
0415b520 | 161 | ob_end_flush(); |
36ef72d9 DO |
162 | exit; |
163 | } | |
c5dfde62 DO |
164 | catch (Exception $e) |
165 | { | |
90a3d6d8 | 166 | ob_end_clean(); |
c5dfde62 | 167 | printException ($e); |
90a3d6d8 | 168 | } |
1d4d254b | 169 | clearMessages(); // prevent message appearing in foreign tab |
e410ebfc | 170 | ?> |