<HTML>DOCLoginBugs & FeaturesDocumentationDownloadForums

Articles · Developer Guide · Search Help

HTMLDOC 1.8.28 Software Users Manual

Contents Previous Next

Calling HTMLDOC from PHP

PHP provides a passthru() function that can be used to run HTMLDOC. This combined with the header() function can be used to provide on-the-fly reports in PDF format.

Here is a simple PHP function that can be used to convert a HTML report to PDF and send it to the HTTP client:

    function topdf($filename, $options = "") {
	# Tell HTMLDOC not to run in CGI mode...
        putenv("HTMLDOC_NOCGI=1");

	# Write the content type to the client...
	header("Content-Type: application/pdf");
	flush();

	# Run HTMLDOC to provide the PDF file to the user...
	passthru("htmldoc -t pdf --quiet --jpeg --webpage $options '$filename'");
    }

The function accepts a filename and an optional "options" string for specifying the header, footer, fonts, etc.

To prevent malicious users from passing in unauthorized characters into this function, the following function can be used to verify that the URL/filename does not contain any characters that might be interpreted by the shell:

    function bad_url($url) {
	// See if the URL starts with http: or https:...
	if (strncmp($url, "http://", 7) != 0 &&
	    strncmp($url, "https://", 8) != 0) {
            return 1;
	}

	// Check for bad characters in the URL...
	$len = strlen($url);
	for ($i = 0; $i < $len; $i ++) {
            if (!strchr("~_*()/:%?+-&@;=,$.", $url[$i]) &&
		!ctype_alnum($url[$i])) {
		return 1;
	    }
	}

	return 0;
    }

Another method is to use the escapeshellarg() function provided with PHP 4.0.3 and higher to generate a quoted shell argument for HTMLDOC.

To make a "portal" script, add the following code to complete the example:

    global $SERVER_NAME;
    global $SERVER_PORT;
    global $PATH_INFO;
    global $QUERY_STRING;

    if ($QUERY_STRING != "") {
	$url = "http://${SERVER_NAME}:${SERVER_PORT}${PATH_INFO}?${QUERY_STRING}";
    } else {
	$url = "http://${SERVER_NAME}:${SERVER_PORT}$PATH_INFO";
    }

    if (bad_url($url)) {
      print("<html><head><title>Bad URL</title></head>\n"
	   ."<body><h1>Bad URL</h1>\n"
	   ."<p>The URL <b><tt>$url</tt></b> is bad.</p>\n"
	   ."</body></html>\n");
    } else {
      topdf($url);
    }
Contents Previous Next
Copyright 2011 by Michael R Sweet. All rights reserved.