diff --git a/www/robotmap.php3 b/www/robotmap.php3
index 394108c13f391dddacffa3dffe6cbaef29ab77b7..dceb5aac3beb1cad9ba5991f196770be7c24091a 100755
--- a/www/robotmap.php3
+++ b/www/robotmap.php3
@@ -22,10 +22,22 @@ $isadmin = ISADMIN($uid);
unset($prefix);
#
-# One robot map right now ...
-#
-$building = "MEB-ROBOTS";
-$floor = 4;
+# Verify page arguments. First allow user to optionally specify building/floor.
+#
+if (isset($building) && $building != "") {
+ # Sanitize for the shell.
+ if (!preg_match("/^[-\w]+$/", $building)) {
+ PAGEARGERROR("Invalid building argument.");
+ }
+ # Optional floor argument. Sanitize for the shell.
+ if (isset($floor) && !preg_match("/^[-\w]+$/", $floor)) {
+ PAGEARGERROR("Invalid floor argument.");
+ }
+}
+else {
+ $building = "MEB-ROBOTS";
+ $floor = 4;
+}
#
# Optional pid,eid. Without a building/floor, show all the nodes for the
@@ -201,10 +213,10 @@ $uniqueid = $matches[1];
$perl_args = ("-o $prefix -t -z -n " .
# From clicking on a map image.
- ((isset($formfields[show_cameras]) &&
- strcmp($formfields[show_cameras], "Yep") == 0) ? "-v " : "") .
- ((isset($formfields[show_exclusion]) &&
- strcmp($formfields[show_exclusion], "Yep") == 0) ? "-x " : "") .
+ ((isset($show_cameras) &&
+ strcmp($show_cameras, "Yep") == 0) ? "-v " : "") .
+ ((isset($show_exclusion) &&
+ strcmp($show_exclusion, "Yep") == 0) ? "-x " : "") .
(isset($map_x) ? "-c $map_x,$map_y " : "") .
(isset($floor) ? "-f $floor " : "") .
(isset($pid) ? "-e $pid,$eid " : "") .
@@ -239,7 +251,9 @@ if (isset($pid)) {
echo "<center>\n";
# Wrap the image and zoom controls together in an input form.
-echo "<form method=\"post\" action=\"robotmap.php3\">\n";
+echo "<form method=post action='robotmap.php3" .
+ ((isset($building) && isset($floor)) ?
+ "?building=${building}&floor=${floor}" : "") . "'>";
echo "Click on the image to get its X,Y coordinates<br>\n";
# The image may be clicked to get node info or set a new center-point.
@@ -344,16 +358,16 @@ if (count($locations)) {
echo "</table></td>\n";
}
-if (isset($formfields[show_cameras]) &&
- strcmp($formfields[show_cameras], "Yep") == 0) {
+if (isset($show_cameras) &&
+ strcmp($show_cameras, "Yep") == 0) {
$cam_checked = "checked";
}
else {
$cam_checked = "";
}
-if (isset($formfields[show_exclusion]) &&
- strcmp($formfields[show_exclusion], "Yep") == 0) {
+if (isset($show_exclusion) &&
+ strcmp($show_exclusion, "Yep") == 0) {
$excl_checked = "checked";
}
else {
@@ -365,7 +379,7 @@ echo "<td align=\"left\" valign=\"top\" class=\"stealth\">
<tr><th>Display Options</th></tr>
<tr>
<td><input type=checkbox
- name=\"formfields[show_cameras]\"
+ name=show_cameras
value=Yep
$cam_checked>Show <a
href=\"doc/docwrapper.php3?docname=mobilewireless.html#VISION\">Tracking
@@ -373,7 +387,7 @@ echo "<td align=\"left\" valign=\"top\" class=\"stealth\">
</tr>
<tr>
<td><input type=checkbox
- name=\"formfields[show_exclusion]\"
+ name=show_exclusion
value=Yep
$excl_checked>Show <a
href=\"doc/docwrapper.php3?docname=mobilewireless.html#VISION\">Exclusion
diff --git a/www/robotrack/robotrack.php3 b/www/robotrack/robotrack.php3
index 69704c4f2a66e1cd23a5fbb686d631e4a3f849cf..1d137a5fd163500f646467ee60a77b809dbb12ce 100644
--- a/www/robotrack/robotrack.php3
+++ b/www/robotrack/robotrack.php3
@@ -13,10 +13,22 @@ LOGGEDINORDIE($uid);
PAGEHEADER("Real Time Robot Tracking Applet");
#
-# One robot map right now ...
-#
-$building = "MEB-ROBOTS";
-$floor = 4;
+# Verify page arguments. First allow user to optionally specify building/floor.
+#
+if (isset($building) && $building != "") {
+ # Sanitize for the shell.
+ if (!preg_match("/^[-\w]+$/", $building)) {
+ PAGEARGERROR("Invalid building argument.");
+ }
+ # Optional floor argument. Sanitize for the shell.
+ if (isset($floor) && !preg_match("/^[-\w]+$/", $floor)) {
+ PAGEARGERROR("Invalid floor argument.");
+ }
+}
+else {
+ $building = "MEB-ROBOTS";
+ $floor = 4;
+}
$ppm = 1;
#
@@ -29,6 +41,9 @@ if (mysql_num_rows($query_result)) {
$row = mysql_fetch_array($query_result);
$ppm = $row["pixels_per_meter"];
}
+else {
+ USERERROR("No such building/floor $building/$floor", 1);
+}
#
# Draw the legend and some explanatory text.
@@ -98,7 +113,7 @@ if (isset($fake))
echo "<applet name='tracker' code='RoboTrack.class'
archive='tracker.jar'
- width='900' height='600'
+ width='1025' height='1150'
alt='You need java to run this applet'>
<param name='pipeurl' value='$pipeurl'>
<param name='floorurl' value='$baseurl'>