-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.php
283 lines (233 loc) · 9.08 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
<?php
/************************************************************************/
/* AChecker */
/************************************************************************/
/* Copyright (c) 2008 - 2011 */
/* Inclusive Design Institute */
/* */
/* This program is free software. You can redistribute it and/or */
/* modify it under the terms of the GNU General Public License */
/* as published by the Free Software Foundation. */
/************************************************************************/
// $Id$
define('AC_INCLUDE_PATH', '../include/');
include(AC_INCLUDE_PATH.'vitals.inc.php');
include_once(AC_INCLUDE_PATH. 'classes/Utility.class.php');
include_once(AC_INCLUDE_PATH. 'classes/DAO/GuidelinesDAO.class.php');
include_once(AC_INCLUDE_PATH. 'classes/DAO/ChecksDAO.class.php');
include_once(AC_INCLUDE_PATH. 'classes/DAO/UserLinksDAO.class.php');
include_once(AC_INCLUDE_PATH. 'classes/Decision.class.php');
global $starttime;
$mtime = microtime();
$mtime = explode(" ", $mtime);
$mtime = $mtime[1] + $mtime[0];
$starttime = $mtime;
// A boolean flag that decides the whether $_POST['validate_paste'] is enabled,
// via input form dynamic validation of URL or via general HTML Paste Markup tab selection
$dynamicTestingFlag = false;
// input_form - array in session that contains latest user request (needed for file export)
unset($_SESSION['input_form']);
$guidelinesDAO = new GuidelinesDAO();
// process to make decision
if (isset($_POST['make_decision']) || isset($_POST['reverse']))
{
$decision = new Decision($_SESSION['user_id'], $_POST['uri'], $_POST['output'], $_POST['jsessionid']);
if ($decision->hasError())
{
$decision_error = $decision->getErrorRpt(); // displays in checker_input_form.tmpl.php
}
else
{
// make decsions
if (isset($_POST['make_decision'])) $decision->makeDecisions($_POST['d']);
// reverse decision
if (isset($_POST['reverse']))
{
foreach ($_POST['reverse'] as $sequenceID => $garbage)
$decision->makeDecisions(array($sequenceID=>AC_NO_DECISION));
}
}
}
// end of process to made decision
// validate referer URIs that has passed validation and received seal. The click on the seal triggers
// the if - else below.
if ($_GET['uri'] == 'referer')
{
// validate if the URI from referer matches the URI defined in user_links.user_link_id
if (isset($_GET['id']))
{
$userLinksDAO = new UserLinksDAO();
$row = $userLinksDAO->getByUserLinkID($_GET['id']);
$pos_user_link_uri = strpos($row['URI'], '?');
if ($pos_user_link_URI > 0) $user_link_uri = substr($row['URI'], 0, $pos_user_link_uri);
else $user_link_uri = $row['URI'];
$pos_referer_uri = strpos($_SERVER['HTTP_REFERER'], '?');
if ($pos_referer_uri > 0) $referer_uri = substr($_SERVER['HTTP_REFERER'], 0, $pos_referer_uri);
else $referer_uri = $_SERVER['HTTP_REFERER'];
// guideline id must be given if the request is to check referer URI
if (!isset($_GET['gid']))
$msg->addError('EMPTY_GID');
else
{
$grow = $guidelinesDAO->getGuidelineByAbbr($_GET['gid']);
if (!is_array($grow))
$msg->addError('INVALID_GID');
}
if (!stristr($referer_uri, $user_link_uri))
$msg->addError('REFERER_URI_NOT_MATCH');
if (isset($_SESSION['user_id']) && $_SESSION['user_id'] <> $row['user_id'])
$msg->addError('USER_NOT_MATCH');
}
if (!$msg->containsErrors())
{
$_POST['validate_uri'] = 1;
$_POST['uri'] = $_SERVER['HTTP_REFERER'];
$_gids = array($grow[0]['guideline_id']);
}
}
// a flag to record if there's problem validating html thru 3rd party web service
$error_happen = false;
// CSS Validation
if (isset($_POST["enable_css_validation"])) {
include(AC_INCLUDE_PATH. "classes/CSSValidator.class.php");
$_SESSION['input_form']['enable_css_validation'] = true;
}
// validate html
if (isset($_POST["enable_html_validation"])) {
include(AC_INCLUDE_PATH. "classes/HTMLValidator.class.php");
$_SESSION['input_form']['enable_html_validation'] = true;
}
if (!is_array($_gids)) { // $_gids hasn't been set at validating referer URIs
if ($_POST["rpt_format"] == REPORT_FORMAT_GUIDELINE) {
$_gids = $_POST["radio_gid"];
} else if ($_POST["rpt_format"] == REPORT_FORMAT_LINE) {
$_gids = $_POST["checkbox_gid"];
} else {
$_gids = $_POST["gid"];
}
$_SESSION['input_form']['gids'] = $_gids;
}
if ($_POST["validate_uri"])
{
$_POST['uri'] = htmlentities($_POST['uri']);
$uri = Utility::getValidURI($addslashes($_POST["uri"]));
$_SESSION['input_form']['uri'] = $uri;
// Check if the given URI is connectable
if ($uri === false)
{
$msg->addError(array('CANNOT_CONNECT', $_POST['uri']));
}
// don't accept localhost URI
if (stripos($uri, '://localhost') > 0)
{
$msg->addError('NOT_LOCALHOST');
}
if (!$msg->containsErrors())
{
// For validating dynamic content and making contents of mergedSourceContent.html visibile whenever
// "Show Source" option is enabled, set $_POST['validate_paste'] true
// Calls "execute.sh" which runs the casperJS code, merges dynamic content with source code
// and stores the final output in mergedSourceContent.html
$_POST['validate_paste'] = true;
$executeCasper = "./execute.sh ".$_POST['uri'];
exec($executeCasper, $out);
$dynamicTestingFlag = true;
$_POST['uri'] = $_REQUEST['uri'] = $uri;
$validate_content = @file_get_contents($uri);
if (isset($_POST["enable_html_validation"]))
$htmlValidator = new HTMLValidator("uri", $uri);
//CSS Validator
if (isset($_POST["enable_css_validation"]))
$cssValidator = new CSSValidator("uri", $uri);
if (isset($_POST["show_source"]))
$source_array = file($uri);
}
}
if ($_POST["validate_file"])
{
$allowed_file_extensions = ["html", "htm"];
if (!Utility::is_extension_in_list($_FILES['uploadfile']['name'], $allowed_file_extensions)) {
$msg->addError(array('ALLOWED_FILE_TYPES', implode(", ", $allowed_file_extensions)));
}
if (!$msg->containsErrors()) {
$validate_content = file_get_contents($_FILES['uploadfile']['tmp_name']);
$_SESSION['input_form']['file'] = $validate_content;
if (isset($_POST["enable_html_validation"]))
$htmlValidator = new HTMLValidator("fragment", $validate_content);
if (isset($_POST["show_source"]))
$source_array = file($_FILES['uploadfile']['tmp_name']);
}
}
if ($_POST["validate_paste"])
{
// if $_POST['validate_paste'] is set via dynamicTestingFlag or a general HTML Paste Markup tab selection
if(!$dynamicTestingFlag){
$validate_content = $_POST["pastehtml"] = $stripslashes($_POST["pastehtml"]);
$_SESSION['input_form']['paste'] = $validate_content;
}
else{
$validate_content = file_get_contents("mergedSourceContent.html");
$_POST["validate_paste"] = null;
}
if (isset($_POST["enable_html_validation"]))
$htmlValidator = new HTMLValidator("fragment", $validate_content);
if (isset($_POST["show_source"]))
$source_array = preg_split("/(?:\r\n?|\n)/", $validate_content);
}
if ($_POST["validate_content"] && $_POST["validate_content"] <> '')
{
$validate_content = $_POST["validate_content"];
if (isset($_POST["show_source"]))
$source_array = explode("\n", $_POST["validate_content"]);
}
// end of validating html
$has_enough_memory = true;
if (isset($validate_content) && !Utility::hasEnoughMemory(strlen($validate_content)))
{
$msg->addError('NO_ENOUGH_MEMORY');
$has_enough_memory = false;
}
// A boolean flag that decides the show/hide of the AChecker introduction section.
// This section is displayed when the AChecker index page is visited and no validation has been performed yet.
$show_achecker_whatis = false;
// validation and display result
if ($_POST["validate_uri"] || $_POST["validate_file"] || $_POST["validate_content"] || $_POST["validate_paste"])
{
// check accessibility
include(AC_INCLUDE_PATH. "classes/AccessibilityValidator.class.php");
if ($_POST["validate_uri"]) $check_uri = $_POST['uri'];
if (isset($validate_content) && $has_enough_memory)
{
$aValidator = new AccessibilityValidator($validate_content, $_gids, $check_uri);
$aValidator->validate();
}
// end of checking accessibility
}
else
{
$show_achecker_whatis = true;
}
$has_errors = false; // A flag detecting if there's any error occurred
if ($msg->containsErrors()) {
$has_errors = true;
}
// display initial validation form: input URI or upload a html file
include ("checker_input_form.php");
// display validation results
if (!$has_errors && (isset($aValidator) || isset($htmlValidator)))
{
include ("checker_results.php");
}
else
{
$show_achecker_whatis = true;
}
if ($show_achecker_whatis)
{
echo '<div id="output_div" class="validator-output-form">';
echo "<p>"._AC('achecker_whatis')."</p>";
echo '</div>';
}
// display footer
include(AC_INCLUDE_PATH.'footer.inc.php');
?>