<?php
// PHP CSW Proxy for CSW services.
// Responds to both HTTP GET and POST requests
//
// Author: Rob van Swol, NLR
// October 15th, 2008
//
include (dirname ( __FILE__ ) . "/../../ms_configura.php");
$logging = false;
/* Optionally write all requests in a log file */
if ($logging) {
	$fh = fopen ( "lib/proxy.log", "ab+" );
	$timestamp = strftime ( "[%Y-%m-%d %H:%M:%S]" );
}

$allowed_hosts = array ();

$doc = new DOMDocument ();
$doc->load ( './lib/xml/csw-hosts.xml' );

$hosts = $doc->getElementsByTagName ( "option" );
foreach ( $hosts as $host ) {
	// $csw_host_id = trim($host->nodeValue);
	$csw_host = trim ( $host->getAttribute ( "value" ) );
	// echo $csw_host."\n";
	array_push ( $allowed_hosts, $csw_host );
}

// Get the REST call path from the AJAX application
// Is it a POST or a GET?
//$url = ($_POST ['csw_host']) ? $_POST ['csw_host'] : $_GET ['csw_host'];
$url = "http://www.metadados.inde.gov.br/geonetwork/srv/br";
// Check if $url is a known host
/*
if (! in_array ( $url, $allowed_hosts )) {
	echo "not allowed";
	if ($logging) {
		fwrite ( $fh, $timestamp . ": refused request...\n" );
		fwrite ( $fh, $timestamp . ": HOST NOT ALLOWED> " . $url . "\n" );
	}
} else {
*/
	if ($logging) {
		fwrite ( $fh, $timestamp . ": incoming request...\n" );
		fwrite ( $fh, $timestamp . ": HOST> " . $url . "\n" );
	}

	// Open the Curl session
	$session = curl_init ( $url );

	// If it's a POST, put the POST data in the body
	if ($_POST ['csw_request']) {

		// if (substr($_POST['csw_request'],0,5) == "<?xml") {
		if (substr ( $_POST ['csw_request'], 0, 1 ) == "<") {
			// Is magic quotes on?
			if (get_magic_quotes_gpc ())
				$xmlpost = stripslashes ( $_POST ['csw_request'] );
			else
				$xmlpost = $_POST ['csw_request'];

			curl_setopt ( $session, CURLOPT_POST, true );
			curl_setopt ( $session, CURLOPT_POSTFIELDS, $xmlpost );
			if (isset ( $i3geo_proxy_server ) && $i3geo_proxy_server != "") {
				curl_setopt ( $session, CURLOPT_PROXY, $i3geo_proxy_server );
			}
			curl_setopt ( $session, CURLOPT_HTTPHEADER, Array (
					"Content-Type: application/xml"
			) );
			// curl_setopt ($session, CURLOPT_SSL_VERIFYPEER, 0);
			if ($logging)
				fwrite ( $fh, $timestamp . ": POST> " . $xmlpost . "\n" );
		} else {
			$postvars = '';
			while ( $element = current ( $_POST ) ) {
				if (key ( $_POST ) != "csw_request")
					$postvars .= key ( $_POST ) . '=' . $element . '&';
				else
					$postvars .= $element . '&';
				next ( $_POST );
			}
			curl_setopt ( $session, CURLOPT_POST, true );
			curl_setopt ( $session, CURLOPT_POSTFIELDS, $_POST ['csw_request'] );
			if (isset ( $i3geo_proxy_server ) && $i3geo_proxy_server != "") {
				curl_setopt ( $session, CURLOPT_PROXY, $i3geo_proxy_server );
			}
			curl_setopt ( $session, CURLOPT_HTTPHEADER, Array (
					"Content-Type: application/x-www-form-urlencoded"
			) );
			if ($logging)
				fwrite ( $fh, $timestamp . ": POST> " . $_POST ['csw_request'] . "\n" );
		}
	} else if ($_GET ['csw_request']) {
		curl_setopt ( $session, CURLOPT_POST, true );
		curl_setopt ( $session, CURLOPT_POSTFIELDS, $_GET ['csw_request'] );
		if (isset ( $i3geo_proxy_server ) && $i3geo_proxy_server != "") {
			curl_setopt ( $session, CURLOPT_PROXY, $i3geo_proxy_server );
		}
		curl_setopt ( $session, CURLOPT_HTTPHEADER, Array (
				"Content-Type: application/x-www-form-urlencoded"
		) );
		if ($logging)
			fwrite ( $fh, $timestamp . ": GET> " . $_GET ['csw_request'] . "\n" );
	}

	// Don't return HTTP headers. Do return the contents of the call
	curl_setopt ( $session, CURLOPT_HEADER, false );
	curl_setopt ( $session, CURLOPT_RETURNTRANSFER, true );

	// Make the call
	$xml = curl_exec ( $session );
	// The web service returns XML. Set the Content-Type appropriately
	/*
	 * if(file_exists("c:/temp/csw.xml")){
	 * $fp = fopen("c:/temp/csw.xml","r");
	 * $xml = fread($fp,filesize("c:/temp/csw.xml"));
	 * fclose($fp);
	 * }
	 * else
	 * {$xml = curl_exec($session);}
	 */
	header ( "Content-Type: text/xml" );

	if ($logging) {
		fwrite ( $fh, $timestamp . ": RESPONSE> " . $xml . "\n" );
		fclose ( $fh );
	}

	echo $xml;
	curl_close ( $session );
//}
?>