-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathAjax.php
174 lines (141 loc) · 4.09 KB
/
Ajax.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
<?php
class Ajax
{
var $option = null;
var $func = null;
var $args = null;
function nl2brStrict($text) {
return preg_replace("/\r\n|\n|\r/", " <br />", $text);
}
function br2nl($text){
$text = str_replace(' <br />', "\n", $text);
return $this->_fixQuote($text);
}
function _fixQuote($text){
return str_replace('"', '"', $text);
}
function singleLineIt($text){
return preg_replace("((\r\n)+)", '', $text);
}
/**
*
*/
function route()
{
if(!defined('SERVICES_JSON_SLICE'))
{
include_once('Json.php');
}
$json = new Services_JSON();
if(@isset($_REQUEST['task']) && ($_REQUEST['task'] == 'azrul_ajax'))
{
$func = @$_REQUEST['func'];
$option = @$_REQUEST['option'];
// Security fix.
// 1. check if user are trying to run an eval
# build an array of args
$args = array();
$argCount = 0;
# All POST data that are meant to be send to the function will
# be appended by 'arg' keyword. Only pass this vars to the function
foreach($_REQUEST as $key => $postData)
{
if(substr($key, 0, 3) == 'arg' )
{
//if ( get_magic_quotes_gpc() ) {
$postData = stripslashes($postData);
//}
$postData = ($this->nl2brStrict($postData));
//var_dump($postData);
$decoded = $json->decode($postData);
$key = "";
$val = "";
// print_r($decoded);
// exit;
# if the args is an array, we need to pass it as an array
# todo@ we need to expand this array further. We now assume,
# if an array is passed, it comes in a pair of (key/value)
if(is_array($decoded))
{
foreach($decoded as $index => $value)
{
$tempArray = array();
if( is_array($value) )
{
foreach($value as $val)
{
// The value is an array so we need to chuck them in
// a multidimensional array instead
if( is_array($val) )
{
// Since the values here are array, we will
// always assume that the index 0 is always the key
$key = $val[0];
$data = $this->br2nl( rawurldecode($val[1]) );
// We will also always assume that the index 1 will be the value
$decoded[$key][] = $data;
}
else
{
// We always assume that the index 0 is the key of the array.
$key = $value[0];
// We always assume that the index 1 is the data of the array.
$data = $this->br2nl(rawurldecode($value[1]));
if( substr($value[0], 0, 6) == '_d_' )
{
$decoded = array($val);
}
else
{
$newArray = array( $key => $data );
$decoded = array_merge( $decoded, $newArray );
//$newA = array($key => $val);
//$decoded = array_merge($decoded, $newA);
}
}
}
} else{
// If data passed is not array we treat
if($value != '_d_' ){
$decoded = $this->br2nl(rawurldecode($value));
}
}
}
$args[] = $decoded;
} else {
$args[] = $this->br2nl(rawurldecode($decoded));
}
$argCount++;
}
}
$this->func = $func ;
$this->args = $args ;
$this->option = $option ;
}
}
function run()
{
// Built-in ajax calls go here
$func = $this->func; //$_REQUEST['func'];
$args = $this->args;
$option = $this->option;
$callArray = explode(',', $func);
$viewController = strtolower($callArray[0]);
$viewControllerFile = 'Response'.'/'.$option.'/'.$viewController . '.php';
if(file_exists( $viewControllerFile ) )
{
require_once('Response'.'/'.$option.'/'.$viewController . '.php' );
$viewController = ucfirst($viewController);
$viewController = 'ajax'.$viewController;
$controller = new $viewController();
// Perform the Request task
$output = call_user_func_array(array(&$controller, $callArray[1]), $args);
}
else
{
echo sprintf( 'File %1$s not found!' ,$viewControllerFile );
exit;
}
}
}
?>