package Apache::Voodoo::MP::V2;
$VERSION = "3.0200";
use strict;
use warnings;
use Apache2::Const qw(OK REDIRECT DECLINED FORBIDDEN AUTH_REQUIRED SERVER_ERROR NOT_FOUND M_GET);
use Apache2::RequestRec;
use Apache2::RequestIO;
use Apache2::SubRequest;
use Apache2::RequestUtil;
use Apache2::Response;
use Apache2::Request;
use Apache2::Upload;
use Apache2::Cookie;
use base("Apache::Voodoo::MP::Common");
sub declined { return Apache2::Const::DECLINED; }
sub forbidden { return Apache2::Const::FORBIDDEN; }
sub unauthorized { return Apache2::Const::AUTH_REQUIRED;}
sub ok { return Apache2::Const::OK; }
sub server_error { return Apache2::Const::SERVER_ERROR; }
sub not_found { return Apache2::Const::NOT_FOUND; }
sub content_type { shift()->{'r'}->content_type(@_); }
sub err_header_out { shift()->{'r'}->err_headers_out->add(@_); }
sub header_in { shift()->{'r'}->headers_in->{shift()}; }
sub header_out { shift()->{'r'}->headers_out->add(@_); }
sub redirect {
my $self = shift;
my $loc = shift;
if ($loc) {
my $r = $self->{'r'};
if ($r->method eq "POST") {
$r->method_number(Apache2::Const::M_GET);
$r->method('GET');
$r->headers_in->unset('Content-length');
$r->headers_out->add("Location" => $loc);
$r->status(Apache2::Const::REDIRECT);
$r->content_type;
}
else {
$r->headers_out->add("Location" => $loc);
}
}
return Apache2::Const::REDIRECT;
}
sub parse_params {
my $self = shift;
my $upload_max = shift;
my $apr = Apache2::Request->new($self->{r}, POST_MAX => $upload_max*5);
my %params;
foreach ($apr->param) {
my @value = $apr->param($_);
$params{$_} = @value > 1 ? [@value] : $value[0];
}
# make sure our internal special params don't show up in the parameter list.
delete $params{'__voodoo_file_upload__'};
delete $params{'__voodoo_upload_error__'};
my @uploads = $apr->upload;
if ($#uploads == 0) {
my $u = $apr->upload($uploads[0]);
if ($u->size() > $upload_max) {
$params{'__voodoo_upload_error__'} = "File size exceeds $upload_max bytes.";
}
else {
$params{'__voodoo_file_upload__'} = $u;
}
}
elsif ($#uploads > 0) {
foreach (@uploads) {
my $u = $apr->upload($_);
if ($u->size() > $upload_max) {
$params{'__voodoo_upload_error__'} = "File size exceeds $upload_max bytes.";
}
else {
push(@{$params{'__voodoo_file_upload__'}},$u);
}
}
}
return \%params;
}
sub set_cookie {
my $self = shift;
my $name = shift;
my $value = shift;
my $expires = shift;
my $c = Apache2::Cookie->new($self->{r},
-name => $name,
-value => $value,
-path => '/',
-domain => $self->{'r'}->get_server_name()
);
if ($expires) {
$c->expires($expires);
}
# I didn't use Apache2::Cookie's bake since it doesn't support setting the HttpOnly flag.
# The argument setting the flag goes something like "Not every browser supports it,
# so what's the point?" Which seems to me to be a bit like saying "What's the point
# in wearing this bullet proof vest if it doesn't stop a shell from a tank?"
$self->err_header_out('Set-Cookie' => "$c; HttpOnly");
}
sub get_cookie {
my $self = shift;
unless (defined($self->{cookiejar})) {
# cookies haven't be parsed yet.
$self->{cookiejar} = Apache2::Cookie::Jar->new($self->{r});
}
my $c = $self->{cookiejar}->cookies(shift);
if (defined($c)) {
return $c->value;
}
else {
return undef;
}
}
sub register_cleanup {
my $self = shift;
my $obj = shift;
my $sub = shift;
$self->{'r'}->pool->cleanup_register($sub,$obj);
}
1;
################################################################################
# Copyright (c) 2005-2010 Steven Edwards (maverick@smurfbane.org).
# All rights reserved.
#
# You may use and distribute Apache::Voodoo under the terms described in the
# LICENSE file include in this package. The summary is it's a legalese version
# of the Artistic License :)
#
################################################################################