Subversion Repositories fastphp

unit BrowserMain;

{$Include 'FastPHP.inc'}

interface

uses

  // TODO: "{$IFDEF USE_SHDOCVW_TLB}_TLB{$ENDIF}" does not work with Delphi 10.2

  //       so you have to change the reference SHDocVw / SHDocVw_TLB yourself

  Windows, Messages, SysUtils, Variants, Classes, Graphics,

  Controls, Forms, Dialogs, OleCtrls, SHDocVw, ExtCtrls, StrUtils,

  StdCtrls, activex, UrlMon;

type

  TForm2 = class(TForm)

    WebBrowser1: TWebBrowser;

    Timer1: TTimer;

    procedure Timer1Timer(Sender: TObject);

    procedure WebBrowser1BeforeNavigate2(ASender: TObject;

      const pDisp: IDispatch; const URL, Flags, TargetFrameName, PostData,

      Headers: OleVariant; var Cancel: WordBool);

    procedure WebBrowser1WindowClosing(ASender: TObject;

      IsChildWindow: WordBool; var Cancel: WordBool);

  strict private

    function EmbeddedWBQueryService(const rsid, iid: TGUID; out Obj{: IInterface}): HRESULT;

  end;

var

  Form2: TForm2;

implementation

{$R *.dfm}

uses

  WebBrowserUtils, FastPHPUtils, Functions, ShellAPI;

// TODO: Add a lot of nice stuff to let the PHP script communicate with this host application

//       For example, allow window resizing etc.  (See Microsoft HTA for inspiration)

// TODO: Ajax gives Access Denied error... Create own security manager?

// TODO: History doesn't work?

// (All these ToDos: Also fix in the Editor)

// TODO: kann man eventuell auch php dateien aus einer DLL rausziehen? das wäre TOLL!!!!

// TODO: headers... cookies...

// TODO: WebBrowser1BeforeNavigate2 mit einem DLL-callback, sodass entwickler ihre eigenen fastphp:// links machen können, z.B. um DLL-Funktionen aufzurufen! (auch in JavaScript ansteuerbar?)

// TODO: let the website decide if the window is maximized etc, as well as it's caption, size and icon

// TODO: Pass parameters (argv) to PHP

type

  TEmbeddedSecurityManager = class(TInterfacedObject, IInternetSecurityManager)

  public

    function GetSecuritySite(out ppSite: IInternetSecurityMgrSite): HResult; stdcall;

    function MapUrlToZone(pwszUrl: LPCWSTR; out dwZone: DWORD; dwFlags: DWORD): HResult; stdcall;

    function GetSecurityId(pwszUrl: LPCWSTR; pbSecurityId: Pointer; var cbSecurityId: DWORD; dwReserved: DWORD): HResult; stdcall;

    function ProcessUrlAction(pwszUrl: LPCWSTR; dwAction: DWORD; pPolicy: Pointer; cbPolicy: DWORD; pContext: Pointer; cbContext: DWORD; dwFlags, dwReserved: DWORD): HResult; stdcall;

    function QueryCustomPolicy(pwszUrl: LPCWSTR; const guidKey: TGUID; out pPolicy: Pointer; out cbPolicy: DWORD; pContext: Pointer; cbContext: DWORD; dwReserved: DWORD): HResult; stdcall;

    function SetZoneMapping(dwZone: DWORD; lpszPattern: PWideChar; dwFlags: DWORD): HResult; stdcall;

    function GetZoneMappings(dwZone: DWORD;out ppenumString: IEnumString; dwFlags: DWORD): HResult; stdcall;

    function SetSecuritySite(pSite: IInternetSecurityMgrSite): HResult; stdcall;

  end;

function TEmbeddedSecurityManager.SetSecuritySite(pSite: IInternetSecurityMgrSite): HResult; stdcall;

begin

  Result := INET_E_DEFAULT_ACTION;

end;

function TEmbeddedSecurityManager.GetSecuritySite(

  out ppSite: IInternetSecurityMgrSite): HResult; stdcall;

begin

  Result := INET_E_DEFAULT_ACTION;

end;

function TEmbeddedSecurityManager.GetSecurityId(pwszUrl: LPCWSTR; pbSecurityId: Pointer;

  var cbSecurityId: DWORD; dwReserved: DWORD): HResult; stdcall;

begin

  Result := INET_E_DEFAULT_ACTION;

end;

function TEmbeddedSecurityManager.ProcessUrlAction(pwszUrl: LPCWSTR; dwAction: DWORD;

  pPolicy: Pointer; cbPolicy: DWORD; pContext: Pointer; cbContext: DWORD;

  dwFlags, dwReserved: DWORD): HResult; stdcall;

begin

  // Result := INET_E_DEFAULT_ACTION;

  // TODO: Doesn't work... Cross-Domain is still not allowed.

  PDWORD(pPolicy)^ := URLPOLICY_ALLOW;

  Result := S_OK;

end;

function TEmbeddedSecurityManager.QueryCustomPolicy(pwszUrl: LPCWSTR; const guidKey: TGUID;

  out pPolicy: Pointer; out cbPolicy: DWORD; pContext: Pointer; cbContext: DWORD;

  dwReserved: DWORD): HResult; stdcall;

begin

  // Result := INET_E_DEFAULT_ACTION;

  // TODO: Doesn't work... Cross-Domain is still not allowed.

  PDWORD(pPolicy)^ := URLPOLICY_ALLOW;

  Result := S_OK;

end;

function TEmbeddedSecurityManager.SetZoneMapping(dwZone: DWORD; lpszPattern: PWideChar;

  dwFlags: DWORD): HResult; stdcall;

begin

  Result := INET_E_DEFAULT_ACTION;

end;

function TEmbeddedSecurityManager.GetZoneMappings(dwZone: DWORD;out ppenumString: IEnumString;

  dwFlags: DWORD): HResult; stdcall;

begin

  Result := INET_E_DEFAULT_ACTION;

end;

function TEmbeddedSecurityManager.MapUrlToZone(pwszUrl: LPCWSTR; out dwZone: DWORD; dwFlags: DWORD): HResult;

begin

  dwZone := URLZONE_TRUSTED;

  Result := S_OK;

end;

function TForm2.EmbeddedWBQueryService(const rsid, iid: TGUID; out Obj{: IInterface}): HRESULT;

var

    sam: IInternetSecurityManager;

begin

    Result := E_NOINTERFACE;

    //rsid ==> Service Identifier

    //iid ==> Interface identifier

    if IsEqualGUID(rsid, IInternetSecurityManager) and IsEqualGUID(iid, IInternetSecurityManager) then

    begin

        sam := TEmbeddedSecurityManager.Create;

        IInterface(Obj) := sam;

        Result := S_OK;

    end;

end;

procedure TForm2.Timer1Timer(Sender: TObject);

var

  phpScript: string;

  sl: TStringList;

begin

  Timer1.Enabled := false;

  phpScript := ParamStr(1);

  // Remove Security

  WebBrowser1.ServiceQuery := EmbeddedWBQueryService;

  WebBrowser1.LoadHTML('<h1>FastPHP</h1>Running script... please wait...');

  // TODO: nice HTML error/intro pages (as resource?)

  if phpScript = '' then

  begin

    WebBrowser1.LoadHTML('<h1>FastPHP</h1>Please enter a PHP file to execute.');

    Abort;

  end;

  if not FileExists(phpScript) then

  begin

    WebBrowser1.LoadHTML(Format('<h1>FastPHP</h1>File %s does not exist.', [phpScript]));

    Abort;

  end;

  WebBrowser1.LoadHTML(RunPHPScript(phpScript), phpScript);

  Application.ProcessMessages; // This is important, otherwise the metatags can't be read...

  sl := TStringList.Create;

  try

    WebBrowser1.ReadMetaTags(sl);

    // TODO: case insensitive

    if sl.Values['fastphp_title'] <> '' then Caption := sl.Values['fastphp_title'];

    if sl.Values['fastphp_width'] <> '' then ClientWidth := StrToInt(sl.Values['fastphp_width']);

    if sl.Values['fastphp_height'] <> '' then ClientHeight := StrToInt(sl.Values['fastphp_height']);

    // TODO: Add more attributes, like HTA applications had

    // TODO: Additionally implement "HTA:APPLICATION" element, see https://docs.microsoft.com/en-us/previous-versions//ms536495%28v%3dvs.85%29

  finally

    FreeAndNil(sl);

  end;

end;

procedure TForm2.WebBrowser1BeforeNavigate2(ASender: TObject;

  const pDisp: IDispatch; const URL, Flags, TargetFrameName, PostData,

  Headers: OleVariant; var Cancel: WordBool);

var

  myURL, myUrl2, getData: string;

  p: integer;

  background: boolean;

  ArgGet, ArgPost, ArgHeader: string;

begin

  background := Pos('background|', URL) >= 1;

  {$REGION 'Line number references (PHP errors and warnings)'}

  if Copy(URL, 1, length(FASTPHP_GOTO_URI_PREFIX)) = FASTPHP_GOTO_URI_PREFIX then

  begin

    // TODO: maybe we could even open that file in the editor!

    ShowMessage('This action only works in FastPHP editor.');

    Cancel := true;

    Exit;

  end;

  {$ENDREGION}

  {$REGION 'Intelligent browser (executes PHP scripts)'}

  if URL <> 'about:blank' then

  begin

    myUrl := URL;

    myurl := StringReplace(myurl, 'background|', '', []);

    p := Pos('?', myUrl);

    if p >= 1 then

    begin

      getData := copy(myURL, p+1, Length(myURL)-p);

      myURL := copy(myURL, 1, p-1);

    end

    else

    begin

      getData := '';

    end;

    myURL := StringReplace(myURL, 'http://wa.viathinksoft.de', '', []);

    myURL := StringReplace(myURL, 'file:///', '', []);

    myURL := StringReplace(myURL, '/', '\', [rfReplaceAll]);

    // TODO: real myURL urldecode

    myURL := StringReplace(myURL, '+', ' ', []);

    myURL := StringReplace(myURL, '%20', ' ', []);

    myURL := StringReplace(myURL, '%%', '%', []);

    ArgHeader := '';

    ArgHeader := MyVarToStr(Headers);

    ArgHeader := StringReplace(ArgHeader, #13, '|CR|', [rfReplaceAll]);

    ArgHeader := StringReplace(ArgHeader, #10, '|LF|', [rfReplaceAll]);

    // *.xphp is ViaThinkSoft's extension associated to FastPHPBrowser

    // This allows the "executable PHP scripts" to be executed via double click.--

    if FileExists(myURL) and (EndsText('.xphp', myURL) or EndsText('.php', myURL) or EndsText('.php3', myURL) or EndsText('.php4', myURL) or EndsText('.php5', myURL) or EndsText('.phps', myURL)) then

    begin

      if background then

      begin

        // TODO: how to detach the process?

        ShellExecute(0, 'open', PChar(GetPHPExe), PChar('"'+myURL+'" "'+ArgGet+'" "'+ArgPost+'" "'+ArgHeader+'"'), PChar(ExtractFileDir(Application.ExeName)), SW_HIDE);

      end

      else

      begin

        // TODO: somehow prepend fastphp_server.inc.php (populates the $_GET and $_POST arrays)

        // TODO: is there a maximal length for the command line?

        ArgGet := MyVarToStr(getData);

        ArgPost := MyVarToStr(PostData);

        myUrl2 := myUrl;

        myUrl2 := StringReplace(myUrl2, '\', '/', [rfReplaceAll]);

        // TODO: real myURL urlencode

        myUrl2 := StringReplace(myUrl2, '%', '%%', []);

        //myUrl2 := StringReplace(myUrl2, ' ', '%20', []);

        myUrl2 := StringReplace(myUrl2, ' ', '+', []);

        myUrl2 := 'http://wa.viathinksoft.de/' + myUrl2;

        // showmessage(myUrl2);

        WebBrowser1.LoadHTML(GetDosOutput('"'+GetPHPExe+'" -f "'+myURL+'" -- "'+ArgGet+'" "'+ArgPost+'" "'+ArgHeader+'"', ExtractFileDir(Application.ExeName)), myUrl2);

      end;

      Cancel := true;

    end;

  end;

  {$ENDREGION}

end;

procedure TForm2.WebBrowser1WindowClosing(ASender: TObject;

  IsChildWindow: WordBool; var Cancel: WordBool);

begin

  Close;

  Cancel := true;

end;

end.