Select Git revision
-
Conrad Zelck authored
Signed-off-by:Conrad Zelck <git@simpel.cc>
Conrad Zelck authoredSigned-off-by:
pandoc.php 4.59 KiB
<?php
if ('post' === strtolower($_SERVER['REQUEST_METHOD'])) {
include 'localConfig.php';
// prepare for debug
$debug = false;
if (file_exists('DEBUG')) {
$debug = true;
}
// DEBUG: output all set variables from $_POST and $_FILES
if ($debug) {
var_dump($_POST);
var_dump($_FILES);
echo '==================================================
';
}
// give input file a name that shouldn't collide with other users
$timestamp = microtime(true);
if ($_POST['useInputFile'] == "true") {
$inputFile = 'input/input' . $timestamp . '.' . $_POST['inputFileExtension'];
move_uploaded_file($_FILES['inputFile']['tmp_name'], $inputFile);
} else {
$inputFile = 'input/input' . $timestamp . '.txt';
// always use a file instead a string from stdin (because of security and special characters like ')
file_put_contents($inputFile, $_POST['input']);
}
// run pandoc in a sandbox, limiting IO operations in readers and writers to reading the files specified on the command line.
$command = 'pandoc --sandbox';
// avoid DOS attacks - see https://pandoc.org/chunkedhtml-demo/19-a-note-on-security.html #5
$command .= ' +RTS -M512M -RTS';
// return no styling as this styling is effecting my preview too
$command .= ' --css nostyle.css';
// Checkboxes
// produce a standalone HTML file with no external dependencies. This option works only with HTML output formats.
if ($_POST['standalone'] == "true") {$command .= ' --standalone';}
if ($_POST['tableOfContents'] == "true") {$command .= ' --table-of-contents=true';}
if ($_POST['numberSections'] == "true") {$command .= ' --number-sections';}
if ($_POST['citeproc'] == "true") {$command .= ' --citeproc';}
// Selects
// text wrapping
$command .= ' --wrap=' . $_POST['wrap'];
// highlight styling
if ($_POST['highlightStyle'] == "none") {
$command .= ' --no-highlight';
} else {
$command .= ' --highlight-style=' . $_POST['highlightStyle'];
// to see the highlighting in preview mode standalone is needed
if ($_POST['to'] == "preview" && $_POST['standalone'] == "false") {$command .= ' --standalone';}
}
// html math rendering
switch ($_POST['htmlMathMethod']) {
case 'plain':
break;
case 'gladtex':
$command .= ' --gladtex';
break;
case 'katex':
$command .= ' --katex';
break;
case 'mathjax':
$command .= ' --mathjax';
break;
case 'mathml':
$command .= ' --mathml';
break; case 'webtex':
$command .= ' --webtex';
break;
}
$command .= ' --embed-resources=true';
// Input format
$command .= ' --from=' . $_POST['from'];
// Output format
// option 'preview' should be rendered in the gui so use HTML
if ($_POST['to'] == "preview") {
$command .= ' --to=html5';
// pdf - see https://pandoc.org/MANUAL#context
// you need to have context installed - see https://wiki.contextgarden.net/Installation
} elseif ($_POST['to'] == "pdf") {
$command .= ' --to=context+tagging -V pdfa=3a';
// pdf is only working in standalone mode
if ($_POST['standalone'] == "false") {$command .= ' --standalone';}
} else {
$command .= ' --to=' . $_POST['to'];
}
// set output file if asked for
if ($_POST['useOutputFile'] == "true") {
$command .= ' -o output/output' . $timestamp . '.' . $_POST['outputFileExtension'];
}
// always use a file instead a string from stdin (because of security and special characters like ')
$command .= ' ' . $inputFile;
// DEBUG: output error messages from cmd line
if ($debug) {
$command .= ' 2>&1';
}
// DEBUG: output the whole command line
if ($debug) {
echo $command;
echo '
';
echo '==================================================
';
}
// put the path to pandoc temporarily to the servers path
// configure the path in localConfig.php
putenv("PATH=" . PATH);
// execute pandoc
$return = shell_exec($command);
// delete input file as it is not needed anymore
if (file_exists($inputFile)) {
unlink($inputFile);
}
// return result
if ($_POST['useOutputFile'] == "false") {
// put the output string back to the client
echo "$return";
} else {
// return the file binary
readfile('output/output' . $timestamp . '.' . $_POST['outputFileExtension']);
unlink('output/output' . $timestamp . '.' . $_POST['outputFileExtension']);
}
}
?>