<?php
	/**************************************************************************\
	* eGroupWare xmlhttp server                                                *
	* http://www.egroupware.org                                                *
	* This file written by Lars Kneschke <lkneschke@egroupware.org>            *
	* --------------------------------------------                             *
	*  This program is free software; you can redistribute it and/or modify it *
	*  under the terms of the GNU General Public License as published by the   *
	*  Free Software Foundation; either version 2 of the License.              *
	\**************************************************************************/

	/* $Id$ */

	require_once('./phpgwapi/inc/xajax.inc.php');

	/**
	 * callback if the session-check fails, redirects via xajax to login.php
	 * 
	 * @param array &$anon_account anon account_info with keys 'login', 'passwd' and optional 'passwd_type'
	 * @return boolean/string true if we allow anon access and anon_account is set, a sessionid or false otherwise
	 */
	function xajax_redirect(&$anon_account)
	{
		// now the header is included, we can set the charset
		$GLOBALS['xajax']->setCharEncoding($GLOBALS['egw']->translation->charset());
		define('XAJAX_DEFAULT_CHAR_ENCODING',$GLOBALS['egw']->translation->charset());

		$response =& new xajaxResponse();
		$response->addScript("location.href='".$GLOBALS['egw_info']['server']['webserver_url'].'/login.php?cd=10'."';");

		header('Content-type: text/xml; charset='.$GLOBALS['egw']->translation->charset());
		echo $response->getXML();
		$GLOBALS['egw']->common->egw_exit();
	}

	function doXMLHTTP()
	{
		$numargs = func_num_args(); 
		if($numargs < 1) 
			return false;

		$argList	= func_get_args();
		$arg0		= array_shift($argList);
	
		if(get_magic_quotes_gpc()) {
			foreach($argList as $key => $value) {
				if(is_array($value)) {
					foreach($argList as $key1 => $value1) {
						$argList[$key][$key1] = stripslashes($value1);
					}
				} else {
					$argList[$key] = stripslashes($value);
				}
			}
		}
		//error_log("xajax_doXMLHTTP('$arg0',...)");

		@list($appName, $className, $functionName, $handler) = explode('.',$arg0);
		
		$GLOBALS['egw_info'] = array(
			'flags' => array(
				'currentapp'			=> $appName,
				'noheader'			=> True,
				'disable_Template_class'	=> True,
				'autocreate_session_callback' => 'xajax_redirect',
			)
		);
		include('./header.inc.php');

		// now the header is included, we can set the charset
		$GLOBALS['xajax']->setCharEncoding($GLOBALS['egw']->translation->charset());
		define('XAJAX_DEFAULT_CHAR_ENCODING',$GLOBALS['egw']->translation->charset());

		switch($handler)
		{
			case '/etemplate/process_exec':
				$_GET['menuaction'] = $appName.'.'.$className.'.'.$functionName;
				$appName = $className = 'etemplate';
				$functionName = 'process_exec';
				$arg0 = 'etemplate.etemplate.process_exec';

				$argList = array(
					$argList[0]['etemplate_exec_id'],
					$argList[0]['submit_button'],
					$argList[0],
					'xajaxResponse',
				);
				error_log("xajax_doXMLHTTP() /etemplate/process_exec handler: arg0='$arg0', menuaction='$_GET[menuaction]'");
				break;
			case 'etemplate':	// eg. ajax code in an eTemplate widget
				$arg0 = ($appName = 'etemplate').'.'.$className.'.'.$functionName;
				break;
		}
		if(substr($className,0,4) != 'ajax' && $arg0 != 'etemplate.etemplate.process_exec' && substr($functionName,0,4) != 'ajax' ||
			!preg_match('/^[A-Za-z0-9_]+\.[A-Za-z0-9_]+\.[A-Za-z0-9_]+$/',$arg0))
		{
			// stopped for security reasons
			error_log($_SERVER['PHP_SELF']. ' stopped for security reason. '.$arg0.' is not valid. class- or function-name must start with ajax!!!');
			exit;
		}
		$ajaxClass =& CreateObject($appName.'.'.$className);
		$argList = $GLOBALS['egw']->translation->convert($argList, 'utf-8');

		return call_user_func_array(array(&$ajaxClass, $functionName), $argList );
	}

	$xajax = new xajax($_SERVER['PHP_SELF']);
	$xajax->registerFunction('doXMLHTTP');	
	$xajax->processRequests();