--- parser3/src/classes/op.C	2009/07/14 11:14:34	1.194
+++ parser3/src/classes/op.C	2013/10/04 21:21:54	1.217
@@ -1,12 +1,10 @@
 /** @file
 	Parser: parser @b operators.
 
-	Copyright (c) 2001-2009 ArtLebedev Group (http://www.artlebedev.com)
+	Copyright (c) 2001-2012 Art. Lebedev Studio (http://www.artlebedev.com)
 	Author: Alexandr Petrosian <paf@design.ru> (http://paf.design.ru)
 */
 
-static const char * const IDENT_OP_C="$Date: 2009/07/14 11:14:34 $";
-
 #include "classes.h"
 #include "pa_vmethod_frame.h"
 
@@ -20,6 +18,8 @@ static const char * const IDENT_OP_C="$D
 #include "pa_vclass.h"
 #include "pa_charset.h"
 
+volatile const char * IDENT_OP_C="$Id: op.C,v 1.217 2013/10/04 21:21:54 moko Exp $";
+
 // limits
 
 #define MAX_LOOPS 20000
@@ -27,9 +27,6 @@ static const char * const IDENT_OP_C="$D
 // defines
 
 #define CASE_DEFAULT_VALUE "DEFAULT"
-#define PROCESS_MAIN_OPTION_NAME "main"
-#define PROCESS_FILE_OPTION_NAME "file"
-#define PROCESS_LINENO_OPTION_NAME "lineno"
 
 // class
 
@@ -38,15 +35,6 @@ public:
 	VClassMAIN();
 };
 
-// defines for globals
-
-#define CYCLE_DATA_NAME "CYCLE-DATA"
-
-// globals
-
-//^for & co
-String cycle_data_name(CYCLE_DATA_NAME);
-
 // defines for statics
 
 #define SWITCH_DATA_NAME "SWITCH-DATA"
@@ -75,6 +63,7 @@ public:
 	Untaint_lang_name2enum() {
 		#define ULN(name, LANG) \
 			put(String::Body(name), (value_type)(String::L_##LANG));
+		ULN("clean", CLEAN);
 		ULN("as-is", AS_IS);
 		ULN("optimized-as-is", AS_IS|String::L_OPTIMIZE_BIT);
 		ULN("file-spec", FILE_SPEC);
@@ -89,6 +78,7 @@ public:
 		ULN("optimized-html", HTML|String::L_OPTIMIZE_BIT);
 		ULN("regex", REGEX);
 		ULN("parser-code", PARSER_CODE);
+		ULN("json", JSON);
 		#undef ULN
 	}
 } untaint_lang_name2enum;
@@ -96,20 +86,25 @@ public:
 // methods
 
 static void _if(Request& r, MethodParams& params) {
-	bool condition=params.as_bool(0, "condition must be expression", r);
-	if(condition)
-		r.process_write(*params.get(1));
-	else if(params.count()>2)
-		r.process_write(*params.get(2));
+	size_t max_param=params.count()-1;
+	size_t i=0;
+	do {
+		bool condition=params.as_bool(i, "condition must be expression", r);
+		if(condition) {
+			r.process_write(*params.get(i+1));
+			return;
+		}
+		i+=2;
+	} while (i < max_param);
+
+	if(i == max_param)
+		r.process_write(*params.get(i));
 }
 
-static String::Language get_untaint_lang(MethodParams& params, int index){
-	const String& lang_name=params.as_string(index, "lang must be string");
+String::Language get_untaint_lang(const String& lang_name){
 	String::Language lang=untaint_lang_name2enum.get(lang_name);
 	if(!lang)
-		throw Exception(PARSER_RUNTIME,
-			&lang_name,
-			"invalid taint language");
+		throw Exception(PARSER_RUNTIME,	&lang_name, "invalid taint language");
 	return lang;
 }
 
@@ -118,7 +113,7 @@ static void _untaint(Request& r, MethodP
 	if(params.count()==1)
 		lang=String::L_AS_IS; // mark as simply 'as-is'. useful in html from sql 
 	else
-		lang=get_untaint_lang(params, 0);
+		lang=get_untaint_lang(params.as_string(0, "lang must be string"));
 
 	{
 		Value& vbody=params.as_junction(params.count()-1, "body must be code");
@@ -134,7 +129,7 @@ static void _taint(Request& r, MethodPar
 	if(params.count()==1)
 		lang=String::L_TAINTED; // mark as simply 'tainted'. useful in table:create
 	else
-		lang=get_untaint_lang(params, 0);
+		lang=get_untaint_lang(params.as_string(0, "lang must be string"));
 
 	{
 		Value& vbody=params.as_no_junction(params.count()-1, "body must not be code");
@@ -144,6 +139,13 @@ static void _taint(Request& r, MethodPar
 	}
 }
 
+static void _apply_taint(Request& r, MethodParams& params) {
+	String::Language lang=params.count()==1 ? String::L_AS_IS : get_untaint_lang(params.as_string(0, "lang must be string"));
+	const String &sbody=params.as_string(params.count()-1, "body must be string");
+	String::Body result_body=sbody.cstr_to_string_body_untaint(lang, r.connection(false), &r.charsets);
+	r.write_pass_lang(*new String(result_body, String::L_AS_IS));
+}
+
 static void _process(Request& r, MethodParams& params) {
 	Method* main_method;
 
@@ -157,7 +159,7 @@ static void _process(Request& r, MethodP
 	}
 
 	{
-		VStateless_class *target_class=target_self->get_last_derived_class();
+		VStateless_class *target_class=target_self->get_class();
 		if(!target_class)
 			throw Exception(PARSER_RUNTIME,
 				0,
@@ -170,40 +172,39 @@ static void _process(Request& r, MethodP
 		// temporary zero @auto so it wouldn't be auto-called in Request::use_buf
 		Temp_method temp_method_auto(*target_class, auto_method_name, 0);
 
-		size_t options_index=index+1;
-		HashStringValue* options=0;
-		if(options_index<params.count()) {
-			Value& voptions=params.as_no_junction(options_index, "options must not be code");
-			options=voptions.get_hash();
-			if(!options)
-				throw Exception(PARSER_RUNTIME,
-					0,
-					"options must be hash");
-		}
-
 		const String* main_alias=0;
 		const String* file_alias=0;
 		int line_no_alias_offset=0;
-		if(options) {
-			int valid_options=0;
-			if(Value* vmain_alias=options->get(PROCESS_MAIN_OPTION_NAME)) {
-				valid_options++;
-				main_alias=&vmain_alias->as_string();
-			}
-			if(Value* vfile_alias=options->get(PROCESS_FILE_OPTION_NAME)) {
-				valid_options++;
-				file_alias=&vfile_alias->as_string();
-			}
-			if(Value* vline_no_alias_offset=options->get(PROCESS_LINENO_OPTION_NAME)) {
-				valid_options++;
-				line_no_alias_offset=vline_no_alias_offset->as_int();
+		bool allow_class_replace=false;
+
+		size_t options_index=index+1;
+		if(options_index<params.count())
+			if(HashStringValue* options=params.as_hash(options_index)) {
+
+				int valid_options=0;
+				for(HashStringValue::Iterator i(*options); i; i.next() ){
+
+					String::Body key=i.key();
+					Value* value=i.value();
+
+					if(key == "main") {
+						valid_options++;
+						main_alias=&value->as_string();
+					} else if(key == "file") {
+						valid_options++;
+						file_alias=&value->as_string();
+					} else if(key == "lineno") {
+						valid_options++;
+						line_no_alias_offset=value->as_int();
+					} else if(key == "replace") {
+						valid_options++;
+						allow_class_replace=r.process_to_value(*value).as_bool();
+					}
+				}
+
+				if(valid_options!=options->count())
+					throw Exception(PARSER_RUNTIME, 0, CALLED_WITH_INVALID_OPTION);
 			}
-	
-			if(valid_options!=options->count())
-				throw Exception(PARSER_RUNTIME,
-					0,
-					"called with invalid option");
-		}
 
 		uint processe_file_no=file_alias?
 			r.register_file(r.absolute(*file_alias))
@@ -212,6 +213,9 @@ static void _process(Request& r, MethodP
 		Value& vjunction=params.as_junction(index, "body must be code");
 		// evaluate source to process
 		const String& source=r.process_to_string(vjunction);
+
+		Temp_class_replace class_replace(r, allow_class_replace);
+
 		r.use_buf(*target_class,
 			source.untaint_cstr(String::L_AS_IS, r.connection(false)),
 			main_alias,
@@ -224,10 +228,10 @@ static void _process(Request& r, MethodP
 	// after restoring current-request-lang
 	// maybe-execute @main[]
 	if(main_method) {
-		// temporarily set method_frame's self to target_self
-		Temp_method_frame_self tmfs(*r.get_method_frame(), *target_self);
-		// execute!	
-		r.execute(*main_method->parser_code);
+		VMethodFrame frame(*main_method, r.get_method_frame()->caller(), *target_self);
+		frame.empty_params();
+		r.op_call(frame);
+		r.write_pass_lang(frame.result());
 	}
 }
 	
@@ -236,8 +240,7 @@ static void _rem(Request&, MethodParams&
 }
 
 static void _while(Request& r, MethodParams& params) {
-	Temp_hash_value<const String::Body, void*> 
-		cycle_data_setter(r.classes_conf, cycle_data_name, /*any not null flag*/&r);
+	InCycle temp(r);
 
 	Value& vcondition=params.as_expression(0, "condition must be number, bool or expression");
 
@@ -293,13 +296,36 @@ static void _while(Request& r, MethodPar
 
 static void _use(Request& r, MethodParams& params) {
 	Value& vfile=params.as_no_junction(0, FILE_NAME_MUST_NOT_BE_CODE);
-	r.use_file(r.main_class, vfile.as_string());
+
+	bool allow_class_replace=false;
+
+	if(params.count()==2)
+		if(HashStringValue* options=params.as_hash(1)) {
+			int valid_options=0;
+			for(HashStringValue::Iterator i(*options); i; i.next() ){
+
+				String::Body key=i.key();
+				Value* value=i.value();
+
+				if(key == "replace") {
+					valid_options++;
+					allow_class_replace=r.process_to_value(*value).as_bool();
+				}
+
+			if(valid_options!=options->count())
+				throw Exception(PARSER_RUNTIME, 0, CALLED_WITH_INVALID_OPTION);
+			}
+		}
+
+	Temp_class_replace class_replace(r, allow_class_replace);
+
+	// _use could be called from the parser3 method only, so caller is always defined
+	r.use_file(r.main_class, vfile.as_string(), r.get_method_filename(&r.get_method_frame()->caller()->method));
 }
 
 static void set_skip(Request& r, Request::Skip askip) {
-	void* data=r.classes_conf.get(cycle_data_name);
-	if(!data)
-		throw Exception(PARSER_RUNTIME,
+	if(!r.get_in_cycle())
+		throw Exception(askip==Request::SKIP_BREAK?"parser.break":"parser.continue",
 			0,
 			"without cycle");
 
@@ -315,8 +341,7 @@ static void _continue(Request& r, Method
 }
 
 static void _for(Request& r, MethodParams& params) {
-	Temp_hash_value<const String::Body, void*> 
-		cycle_data_setter(r.classes_conf, cycle_data_name, /*any not null flag*/&r);
+	InCycle temp(r);
 
 	const String& var_name=params.as_string(0, "var name must be string");
 	int from=params.as_int(1, "from must be int", r);
@@ -332,7 +357,7 @@ static void _for(Request& r, MethodParam
 	VInt* vint=new VInt(0);
 
 	VMethodFrame& caller=*r.get_method_frame()->caller();
-	caller.put_element(caller, var_name, vint, false);
+	caller.put_element(var_name, vint);
 	if(delim_maybe_code){ // delimiter set 
 		bool need_delim=false;
 
@@ -384,40 +409,24 @@ static void _eval(Request& r, MethodPara
 }
 
 static void _connect(Request& r, MethodParams& params) {
-#ifdef RESOURCES_DEBUG
-struct timeval mt[2];
-#endif
 	Value& url=params.as_no_junction(0, "url must not be code");
 	Value& body_code=params.as_junction(1, "body must be code");
 
 	Table* protocol2driver_and_client=0;
-	if(Value* sql=r.main_class.get_element(String(MAIN_SQL_NAME), r.main_class, false)) {
-		if(Value* element=sql->get_element(String(MAIN_SQL_DRIVERS_NAME), *sql, false)) {
+	if(Value* sql=r.main_class.get_element(String(MAIN_SQL_NAME))) {
+		if(Value* element=sql->get_element(String(MAIN_SQL_DRIVERS_NAME))) {
 			protocol2driver_and_client=element->get_table();
 		}
 	}
 
-#ifdef RESOURCES_DEBUG
-//measure:before
-gettimeofday(&mt[0],NULL);
-#endif
 	// connect
 	SQL_Connection* connection=SQL_driver_manager->get_connection(url.as_string(), 
 		protocol2driver_and_client,
 		r.charsets.source().NAME().cstr(),
 		r.request_info.document_root);
 
-#ifdef RESOURCES_DEBUG
-//measure:after connect
-gettimeofday(&mt[1],NULL);
-
-double t[2];
-for(int i=0;i<2;i++)
-    t[i]=mt[i].tv_sec+mt[i].tv_usec/1000000.0;
-
-r.sql_connect_time+=t[1]-t[0];
-#endif
 	Temp_connection temp_connection(r, connection);
+
 	// execute body
 	try {
 		r.process_write(body_code);
@@ -436,6 +445,7 @@ public:
 	Request& r;
 	const String* searching_string;
 	double searching_double;
+	bool searching_bool;
 	Value* found;
 	Value* _default;
 public:
@@ -445,17 +455,18 @@ public:
 		if(asearching.is_string() || asearching.is_void()){
 			searching_string=&asearching.as_string();
 			searching_double=0;
+			searching_bool=false;
 		} else {
 			searching_string=0;
 			searching_double=asearching.as_double();
+			searching_bool=asearching.is_bool();
 		}
 	}
 };
 #endif
 static void _switch(Request& r, MethodParams& params) {
 	Switch_data* data=new Switch_data(r, r.process_to_value(params[0]));
-	Temp_hash_value<const String::Body, void*> 
-		switch_data_setter(r.classes_conf, switch_data_name, data);
+	Temp_hash_value<HashString<void*>, void*> switch_data_setter(&r.classes_conf, switch_data_name, data);
 
 	Value& cases_code=params.as_junction(1, "switch cases must be code");
 	// execution of found ^case[...]{code} must be in context of ^switch[...]{code}
@@ -497,6 +508,8 @@ static void _case(Request& r, MethodPara
 		bool matches;
 		if(data->searching_string)
 			matches=(*data->searching_string) == value.as_string();
+		else if(data->searching_bool || value.is_bool())
+			matches=(data->searching_double != 0) == value.as_bool();
 		else
 			matches=data->searching_double == value.as_double();
 
@@ -540,15 +553,15 @@ static Try_catch_result try_catch(Reques
 
 		Junction* junction=catch_code->get_junction();
 		Value* method_frame=junction->method_frame;
-		Value* saved_exception_var_value=method_frame->get_element(exception_var_name, *method_frame, false);
+		Value* saved_exception_var_value=method_frame->get_element(exception_var_name);
 		VMethodFrame& frame=*junction->method_frame;
-		frame.put_element(frame, exception_var_name, &details.vhash, false);
+		frame.put_element(exception_var_name, &details.vhash);
 
 		result.processed_code=r.process(*catch_code);
 		
 		// retriving $exception.handled, restoring $exception var
 		Value* vhandled=details.vhash.hash().get(exception_handled_part_name);
-		frame.put_element(frame, exception_var_name, saved_exception_var_value, false);
+		frame.put_element(exception_var_name, saved_exception_var_value);
 
 		bool bhandled=false;
 		if(vhandled) {
@@ -711,7 +724,7 @@ static Cache_get_result cache_get(Reques
 static time_t as_expires(Request& r, MethodParams& params, 
 						int index, time_t now) {
 	time_t result;
-	if(Value* vdate=params[index].as(VDATE_TYPE, false))
+	if(Value* vdate=params[index].as(VDATE_TYPE))
 		result=static_cast<VDate*>(vdate)->get_time();
 	else
 		result=now+(time_t)params.as_double(index, "lifespan must be date or number", r);
@@ -764,8 +777,7 @@ static void _cache(Request& r, MethodPar
 
 	Cache_scope scope={as_expires(r, params, 1, now), 0};
 
-	Temp_hash_value<const String::Body, void*> 
-		cache_scope_setter(r.classes_conf, cache_data_name, &scope);
+	Temp_hash_value<HashString<void*>, void*> cache_scope_setter(&r.classes_conf, cache_data_name, &scope);
 	Value& body_code=params.as_junction(2, "body_code must be code");
 	Value* catch_code=0;
 	if(params.count()>3)
@@ -873,7 +885,8 @@ static void _throw_operator(Request&, Me
 
 static void _sleep_operator(Request& r, MethodParams& params) {
 	double seconds=params.as_double(0, "seconds must be double", r);
-	pa_sleep((int)trunc(seconds), (int)trunc(seconds*1000));
+	if(seconds>0)
+		pa_sleep((int)trunc(seconds), (int)trunc((seconds-trunc(seconds))*1000000));
  }
 
 #if defined(WIN32) && defined(_DEBUG)
@@ -895,7 +908,8 @@ VClassMAIN::VClassMAIN(): VClass() {
 
 	// ^if(condition){code-when-true}
 	// ^if(condition){code-when-true}{code-when-false}
-	add_native_method("if", Method::CT_ANY, _if, 2, 3, Method::CO_WITHOUT_FRAME);
+	// ^if(condition){code-when-true} (another condition){code-when-true} ... {code-when-false}
+	add_native_method("if", Method::CT_ANY, _if, 2, 10000, Method::CO_WITHOUT_FRAME);
 
 	// ^untaint[as-is|uri|sql|js|html|html-typo|regex|parser-code]{code}
 	add_native_method("untaint", Method::CT_ANY, _untaint, 1, 2, Method::CO_WITHOUT_FRAME);
@@ -903,7 +917,11 @@ VClassMAIN::VClassMAIN(): VClass() {
 	// ^taint[as-is|uri|sql|js|html|html-typo|regex|parser-code]{code}
 	add_native_method("taint", Method::CT_ANY, _taint, 1, 2, Method::CO_WITHOUT_FRAME);
 
-	// ^process[code]
+	// ^apply-taint[untaint lang][string]
+	add_native_method("apply-taint", Method::CT_ANY, _apply_taint, 1, 2, Method::CO_WITHOUT_FRAME);
+
+	// ^process{code}
+	// ^process[context]{code}[options hash]
 	add_native_method("process", Method::CT_ANY, _process, 1, 3);
 
 	// ^rem{code}
@@ -912,8 +930,8 @@ VClassMAIN::VClassMAIN(): VClass() {
 	// ^while(condition){code}
 	add_native_method("while", Method::CT_ANY, _while, 2, 3, Method::CO_WITHOUT_FRAME);
 
-	// ^use[file]
-	add_native_method("use", Method::CT_ANY, _use, 1, 1);
+	// ^use[file[;options hash]]
+	add_native_method("use", Method::CT_ANY, _use, 1, 2);
 
 	// ^break[]
 	add_native_method("break", Method::CT_ANY, _break, 0, 0, Method::CO_WITHOUT_FRAME);