*some minor fixes

*moved session id into header to make processing more efficient

git-svn-id: https://silmor.de/svn/softmagic/smoke/trunk@320 6e3c4bff-ac9f-4ac1-96c5-d2ea494d3e33

diff --git a/src/msinterface.cpp b/src/msinterface.cpp
index f4a5526..318515c 100644 (file)
--- a/src/msinterface.cpp
+++ b/src/msinterface.cpp
@@ -31,3 +31,10 @@ bool MSInterface::login(QString username,QString passwd,QString hostname,QString
 
                void logout(){}
                bool relogin(){return false;}
+
+QMap<QString,QString> MSInterface::headers(QString s)const
+{
+       QMap<QString,QString> ret=WInterface::headers(s);
+       ret.insert("Wob-SessionId",m_sessid);
+       return ret;
+}

diff --git a/src/msinterface.h b/src/msinterface.h
index 6ef9060..32e723c 100644 (file)
--- a/src/msinterface.h
+++ b/src/msinterface.h
@@ -23,15 +23,24 @@ class MSInterface:public MInterface
                
                static MSInterface* instance(){return qobject_cast<MSInterface*>(MInterface::instance());}
                
-               bool login(QString username,QString passwd,QString hostname,QString hostkey);
-               void logout(){}
-               bool relogin(){return false;}
                QString currentUser()const{return "";}
                bool hasRole(QString)const{return false;}
                QString dataDir()const{return "/tmp/blah";}
                QString settingsGroup()const{return "nosuchgroup";}
+               /**returns the current session ID*/
+               QString sessionId()const{return m_sessid;}
+               
+               virtual QMap<QString,QString> headers(QString)const;
+       
+       public slots:
+               bool login(QString username,QString passwd,QString hostname,QString hostkey);
+               void logout(){}
+               bool relogin(){return false;}
+               /**sets the session id to be transmitted*/
+               void setSessionId(QString sid){m_sessid=sid;}
+       
        private:
-               QString profileid;
+               QString profileid,m_sessid;
 };
 
 

diff --git a/src/wbase/WInterface.h b/src/wbase/WInterface.h
index 94a0908..8cae7d6 100644 (file)
--- a/src/wbase/WInterface.h
+++ b/src/wbase/WInterface.h
@@ -66,9 +66,6 @@ class WInterface:public QObject
                /**returns the current log level*/
                LogLevel logLevel()const{return loglvl;}
                
-               /**returns the current session ID*/
-               QString sessionId()const{return m_sessid;}
-
        public slots:
                /**set log level*/
                void setLogLevel(WInterface::LogLevel l){loglvl=l;}
@@ -84,13 +81,10 @@ class WInterface:public QObject
                /**sets the URL of the interface*/
                void setUrl(QUrl u){m_url=u;}
                
-               /**sets the session id to be transmitted*/
-               void setSessionId(QString sid){m_sessid=sid;}
-       
        private:
                static QMap<QString,WInterface*>inst;
                QUrl m_url;
-               QString m_proxyhost,m_proxyuser,m_proxypass,m_sessid;
+               QString m_proxyhost,m_proxyuser,m_proxypass;
                unsigned short m_proxyport;
                int m_wtimeout;
                LogLevel loglvl;

diff --git a/src/wbase/WTransaction.cpp b/src/wbase/WTransaction.cpp
index 5ecc24d..40ef1f4 100644 (file)
--- a/src/wbase/WTransaction.cpp
+++ b/src/wbase/WTransaction.cpp
@@ -91,8 +91,11 @@ QByteArray WTransaction::executeQuery(QString hreq,QByteArray data)
        QString hostspec=url.host();
        if(url.port()>0)hostspec+=":"+QString::number(port);
        hrh.setValue("Host",hostspec);
+       QMap<QString,QString>hdrs=iface->headers(hreq);
+       QStringList hdrn=hdrs.keys();
+       for(int i=0;i<hdrn.size();i++)
+               hrh.setValue("X-"+hdrn[i],hdrs[hdrn[i]]);
        hrh.setValue("X-WobRequest",hreq);
-       //TODO: hrh.setValue("X-MagicSmoke-Session",sessionid);
        hrh.setContentLength(data.size());
        hrh.setContentType("application/x-webobject; charset=UTF-8");
        m_httpid=req.request(hrh,data);

diff --git a/wob/magicsmoke.wolf b/wob/magicsmoke.wolf
index b6a13e6..6fa5bd5 100644 (file)
--- a/wob/magicsmoke.wolf
+++ b/wob/magicsmoke.wolf
@@ -16,10 +16,10 @@
        <QtClientOutput sourceDir="src" subDir="wob" priInclude="wob.pri" classPrefix="M" clean="yes"/>
        <PHPServerOutput sourceDir="www" subDir="inc/wob" extension=".php" clean="yes">
                <Authenticator 
-                       isAuthenticated="$::session->isAuthenticated()"
-                       hasRole="$::session->canExecute(%)"
-                       userName="$::session->getUser()"
-                       init="new Session(%)"/>
+                       isAuthenticated="Session::instance()->isAuthenticated()"
+                       hasRole="Session::instance()->canExecute(%)"
+                       userName="Session::instance()->getUser()"
+                       init="new Session($this)"/>
        </PHPServerOutput>
        <!-- HtmlOutput sourceDir="doc" subDir="wob"/ -->
        

diff --git a/woc/phpout.cpp b/woc/phpout.cpp
index c354a5d..ec0ffbd 100644 (file)
--- a/woc/phpout.cpp
+++ b/woc/phpout.cpp
@@ -676,23 +676,16 @@ void WocPHPServerOut::newTransaction(const WocTransaction&trn)
        //request handler:
        code="public function handleRequest(){\n";
        
-       //parse low level XML
-       code+="\tglobal $HTTP_RAW_POST_DATA;\n\tif(isset($HTTP_RAW_POST_DATA))$txt=$HTTP_RAW_POST_DATA;else $txt=\"\";\n";
-       code+="\t$xml=new DOMDocument;\n\tif(!$xml->loadXML($txt))xmlParserError();\n";
-       code+="\t$root=$xml->documentElement;\n";
-       
        //security handling
        switch(trn.authMode()){
                case WocTransaction::Checked:
                        code+="\t/*security check: authenticated and authorized*/\n";
-                       code+="\t$sid=$root->getAttribute(\"sessionid\");\n";
-                       code+="\t"+QString(m_authinit).replace("%","$sid")+";\n";
+                       code+="\t"+m_authinit+";\n";
                        code+="\tif(!"+m_isauth+"||!"+QString(m_hasrole).replace("%","\""+trn.name()+"\"")+")notAuthenticated();\n";
                        break;
                case WocTransaction::Auth:
                        code+="\t/*security check: authenticated*/\n";
-                       code+="\t$sid=$root->getAttribute(\"sessionid\");\n";
-                       code+="\t"+QString(m_authinit).replace("%","$sid")+";\n";
+                       code+="\t"+m_authinit+";\n";
                        code+="\tif(!"+m_isauth+")notAuthenticated();\n";
                        break;
                default:
@@ -700,6 +693,12 @@ void WocPHPServerOut::newTransaction(const WocTransaction&trn)
                        break;//none
        }
        
+       //parse low level XML
+       code+="\t/*low level XML parsing*/\n";
+       code+="\tglobal $HTTP_RAW_POST_DATA;\n\tif(isset($HTTP_RAW_POST_DATA))$txt=$HTTP_RAW_POST_DATA;else $txt=\"\";\n";
+       code+="\t$xml=new DOMDocument;\n\tif(!$xml->loadXML($txt))xmlParserError();\n";
+       code+="\t$root=$xml->documentElement;\n";
+       
        //parse inputs
        code+=trnInput(trn);
        
@@ -891,7 +890,7 @@ QString WocPHPServerOut::trnGetSet(const WocTransaction&trn)
                                code+="\t\t$this->aoutput[\""+sl[i]+"\"][]=\"\".$vv;\n";
                                add+="\t$this->aoutput[\""+sl[i]+"\"][]=\"\".$vv;\n";
                        }
-                       code+="\t}\n};";
+                       code+="\t}\n";
                        add+="}\n";
                }else{
                        if(trn.isIntType(t)){

diff --git a/woc/qtout.cpp b/woc/qtout.cpp
index cbf1290..c7d00df 100644 (file)
--- a/woc/qtout.cpp
+++ b/woc/qtout.cpp
@@ -514,8 +514,6 @@ void WocQtClientOut::newTransaction(const WocTransaction&trn)
        scd+="\tQDomElement tmp;\n";
        scd+="\tWInterface *iface=WInterface::instance(m_iface);\n";
        scd+="\tif(iface==0){m_errtype=\"_iface\";m_errstr=\"interface not found\";m_stage=Error;return;}\n";
-       if(trn.authMode()!=trn.Open)
-               scd+="\troot.setAttribute(\"sessionid\",iface->sessionId());\n";
        //encode input
        scd+=trnInput(trn);
        scd+="\tdoc.appendChild(root);\n";

diff --git a/www/inc/machine/session.php b/www/inc/machine/session.php
index c31bb6c..1916e41 100644 (file)
--- a/www/inc/machine/session.php
+++ b/www/inc/machine/session.php
@@ -25,11 +25,12 @@ class Session
        private $rights;
        
        /**construct the session object, check validity*/
-       public function __construct($sid)
+       public function __construct($trans)
        {
                global $db,$session;
                $this->roles=array();
                $this->rights=array();
+               $sid=$trans->getHeader("Wob-SessionId");
                $res=$db->select("session","sessionid,user","sessionid=".$db->escapeString($sid));
                if(count($res)>0){
                        $this->sessid=$sid;
@@ -39,8 +40,16 @@ class Session
                $session=$this;
        }
        
+       /**return the session instance*/
+       public static function instance()
+       {
+               global $session;
+               if(!isset($session))return null;
+               return $session;
+       }
+       
        /**internal: retrieve and remember the rights of this user*/
-       public function initRights()
+       protected function initRights()
        {
                global $db;
                $res=$db->select("userrole","role","uname=".$db->escapeString($this->user));

diff --git a/www/inc/wbase/transaction.php b/www/inc/wbase/transaction.php
index f5b902c..5fc248e 100644 (file)
--- a/www/inc/wbase/transaction.php
+++ b/www/inc/wbase/transaction.php
@@ -38,6 +38,13 @@ class WobTransactionBase {
                }
                return $_SERVER["HTTP_X_WOBREQUEST"];
        }
+       /**called to determine the session id*/
+       static public function getHeader($hd)
+       {
+               $hd="HTTP_X_".strtoupper(str_replace("-","_",$hd));
+               if(isset($_SERVER[$hd]))return $_SERVER[$hd];
+               else return "";
+       }
        /**called if the transaction is not known. aborts the script.*/
        static public function noSuchTransaction()
        {