Give the API error handler a generic rescue that returns 500 with

[rails.git] / app / controllers / amf_controller.rb
diff --git a/app/controllers/amf_controller.rb b/app/controllers/amf_controller.rb

index a864d3dcf2a6d7a6a9a0e1d06ae2d05c63edbb86..18ecb13231f8b36a561bc3c872aefaa7b36e050d 100644 (file)
--- a/app/controllers/amf_controller.rb
+++ b/app/controllers/amf_controller.rb
@@ -1,614 +1,958 @@
+# amf_controller is a semi-standalone API for Flash clients, particularly 
+# Potlatch. All interaction between Potlatch (as a .SWF application) and the 
+# OSM database takes place using this controller. Messages are 
+# encoded in the Actionscript Message Format (AMF).
+#
+# Helper functions are in /lib/potlatch.rb
+#
+# Author::     editions Systeme D / Richard Fairhurst 2004-2008
+# Licence::    public domain.
+#
+# == General structure
+#
+# Apart from the amf_read and amf_write methods (which distribute the requests
+# from the AMF message), each method generally takes arguments in the order 
+# they were sent by the Potlatch SWF. Do not assume typing has been preserved. 
+# Methods all return an array to the SWF.
+#
+# == API 0.6
+#
+# Note that this requires a patched version of composite_primary_keys 1.1.0
+# (see http://groups.google.com/group/compositekeys/t/a00e7562b677e193) 
+# if you are to run with POTLATCH_USE_SQL=false .
+# 
+# == Debugging
+# 
+# Any method that returns a status code (0 for ok) can also send:
+#      return(-1,"message")            <-- just puts up a dialogue
+#      return(-2,"message")            <-- also asks the user to e-mail me
+# return(-3,["type",v],id)    <-- version conflict
+# return(-4,"type",id)        <-- object not found
+# -5 indicates the method wasn't called (due to a previous error)
+# 
+# To write to the Rails log, use logger.info("message").
+
+# Remaining issues:
+# * version conflict when POIs and ways are reverted
+
  class AmfController < ApplicationController
    require 'stringio'
  
  class AmfController < ApplicationController
    require 'stringio'
  
-# to log:
-# RAILS_DEFAULT_LOGGER.error("Args: #{args[0]}, #{args[1]}, #{args[2]}, #{args[3]}")
+  include Potlatch
  
  
-  # ====================================================================
-  # Main AMF handler
+  # Help methods for checking boundary sanity and area size
+  include MapBoundary
+
+  session :off
+  before_filter :check_api_writable
+  around_filter :api_call_timeout, :only => [:amf_read]
+
+  # Main AMF handlers: process the raw AMF string (using AMF library) and
+  # calls each action (private method) accordingly.
+  # ** FIXME: refactor to reduce duplication of code across read/write
    
    
-  # ---- talk  process AMF request
-
-  def talk
-       req=StringIO.new(request.raw_post)      # Get POST data as request
-       req.read(2)                                                     # Skip version indicator and client ID
-       results={}                                                      # Results of each body
-
-       # -------------
-       # Parse request
-
-       headers=getint(req)                                     # Read number of headers
-       for i in (1..headers)                           # Read each header
-               name=getstring(req)                             #  |
-               req.getc                                                #  | skip boolean
-               value=getvalue(req)                             #  |
-               header["name"]=value                    #  |
-       end
+  def amf_read
+    if request.post?
+      req=StringIO.new(request.raw_post+0.chr)# Get POST data as request
+                                # (cf http://www.ruby-forum.com/topic/122163)
+      req.read(2)                                                              # Skip version indicator and client ID
+      results={}                                                               # Results of each body
+
+      # Parse request
+
+      headers=AMF.getint(req)                          # Read number of headers
+
+      headers.times do                                 # Read each header
+        name=AMF.getstring(req)                                #  |
+        req.getc                                       #  | skip boolean
+        value=AMF.getvalue(req)                                #  |
+        header["name"]=value                           #  |
+      end
+
+      bodies=AMF.getint(req)                           # Read number of bodies
+      bodies.times do                                  # Read each body
+        message=AMF.getstring(req)                     #  | get message name
+        index=AMF.getstring(req)                       #  | get index in response sequence
+        bytes=AMF.getlong(req)                         #  | get total size in bytes
+        args=AMF.getvalue(req)                         #  | get response (probably an array)
+        logger.info("Executing AMF #{message}(#{args.join(',')}):#{index}")
+
+        case message
+          when 'getpresets';             results[index]=AMF.putdata(index,getpresets(args[0]))
+          when 'whichways';                results[index]=AMF.putdata(index,whichways(*args))
+          when 'whichways_deleted';    results[index]=AMF.putdata(index,whichways_deleted(*args))
+          when 'getway';                 results[index]=AMF.putdata(index,getway(args[0].to_i))
+          when 'getrelation';            results[index]=AMF.putdata(index,getrelation(args[0].to_i))
+          when 'getway_old';             results[index]=AMF.putdata(index,getway_old(args[0].to_i,args[1]))
+          when 'getway_history';       results[index]=AMF.putdata(index,getway_history(args[0].to_i))
+          when 'getnode_history';      results[index]=AMF.putdata(index,getnode_history(args[0].to_i))
+          when 'findgpx';                    results[index]=AMF.putdata(index,findgpx(*args))
+          when 'findrelations';                results[index]=AMF.putdata(index,findrelations(*args))
+          when 'getpoi';                     results[index]=AMF.putdata(index,getpoi(*args))
+        end
+      end
+      logger.info("Encoding AMF results")
+      sendresponse(results)
+    else
+      render :nothing => true, :status => :method_not_allowed
+    end
+  end
  
  
-       bodies=getint(req)                                      # Read number of bodies
-       for i in (1..bodies)                            # Read each body
-               message=getstring(req)                  #  | get message name
-               index=getstring(req)                    #  | get index in response sequence
-               bytes=getlong(req)                              #  | get total size in bytes
-               args=getvalue(req)                              #  | get response (probably an array)
-       
-               case message
-                       when 'getpresets';      results[index]=putdata(index,getpresets)
-                       when 'whichways';       results[index]=putdata(index,whichways(args))
-                       when 'getway';          results[index]=putdata(index,getway(args))
-                       when 'putway';          results[index]=putdata(index,putway(args))
-                       when 'deleteway';       results[index]=putdata(index,deleteway(args))
-               end
-       end
+  def amf_write
+    if request.post?
+      req=StringIO.new(request.raw_post+0.chr)
+      req.read(2)
+      results={}
+      renumberednodes={}                               # Shared across repeated putways
+      renumberedways={}                                        # Shared across repeated putways
+
+      headers=AMF.getint(req)          # Read number of headers
+      headers.times do                                 # Read each header
+        name=AMF.getstring(req)            #  |
+        req.getc                                             #  | skip boolean
+        value=AMF.getvalue(req)        #  |
+        header["name"]=value           #  |
+      end
+
+      bodies=AMF.getint(req)           # Read number of bodies
+      bodies.times do                                        # Read each body
+        message=AMF.getstring(req)     #  | get message name
+        index=AMF.getstring(req)               #  | get index in response sequence
+        bytes=AMF.getlong(req)                 #  | get total size in bytes
+        args=AMF.getvalue(req)                 #  | get response (probably an array)
+        err=false                   # Abort batch on error
+
+        logger.info("Executing AMF #{message}:#{index}")
+        if err
+          results[index]=[-5,nil]
+        else
+          case message
+            when 'putway';                       r=putway(renumberednodes,*args)
+                                                               renumberednodes=r[4]
+                                                               if r[2] != r[3] then renumberedways[r[2]] = r[3] end
+                                                               results[index]=AMF.putdata(index,r)
+            when 'putrelation';                results[index]=AMF.putdata(index,putrelation(renumberednodes, renumberedways, *args))
+            when 'deleteway';                  results[index]=AMF.putdata(index,deleteway(*args))
+            when 'putpoi';                       r=putpoi(*args)
+                                                               if r[2] != r[3] then renumberednodes[r[2]] = r[3] end
+                                                       results[index]=AMF.putdata(index,r)
+            when 'startchangeset';results[index]=AMF.putdata(index,startchangeset(*args))
+          end
+          if results[index][0]==-3 then err=true end  # If a conflict is detected, don't execute any more writes
+        end
+      end
+      logger.info("Encoding AMF results")
+      sendresponse(results)
+    else
+      render :nothing => true, :status => :method_not_allowed
+    end
+  end
  
  
-       # ------------------
-       # Write out response
+  private
  
  
-       response.headers["Content-Type"]="application/x-amf"
-       a,b=results.length.divmod(256)
-       ans=0.chr+0.chr+0.chr+0.chr+a.chr+b.chr
-       results.each do |k,v|
-               ans+=v
+  # Start new changeset
+  # Returns success_code,success_message,changeset id
+  
+  def startchangeset(usertoken, cstags, closeid, closecomment, opennew)
+    user = getuser(usertoken)
+    if !user then return -1,"You are not logged in, so Potlatch can't write any changes to the database." end
+
+    # close previous changeset and add comment
+    if closeid
+      cs = Changeset.find(closeid)
+      cs.set_closed_time_now
+      if cs.user_id!=user.id
+        return -2,"You cannot close that changeset because you're not the person who opened it.",nil
+      elsif closecomment.empty?
+        cs.save!
+      else
+        cs.tags['comment']=closecomment
+        cs.save_with_tags!
+      end
+    end
+       
+    # open a new changeset
+    if opennew!=0
+      cs = Changeset.new
+      cs.tags = cstags
+      cs.user_id = user.id
+      # smsm1 doesn't like the next two lines and thinks they need to be abstracted to the model more/better
+      cs.created_at = Time.now.getutc
+      cs.closed_at = cs.created_at + Changeset::IDLE_TIMEOUT
+      cs.save_with_tags!
+      return [0,'',cs.id]
+    else
+      return [0,'',nil]
+    end
+  end
+
+  # Return presets (default tags, localisation etc.):
+  # uses POTLATCH_PRESETS global, set up in OSM::Potlatch.
+
+  def getpresets(lang) #:doc:
+       lang.gsub!(/[^\w\-]/,'')
+
+    begin
+      localised = YAML::load(File.open("#{RAILS_ROOT}/config/potlatch/localised/#{lang}/localised.yaml"))
+    rescue
+      localised = "" # guess we'll just have to use the hardcoded English text instead
         end
         end
-       render :text=>ans
  
  
+    begin
+      help = File.read("#{RAILS_ROOT}/config/potlatch/localised/#{lang}/help.html")
+    rescue
+      help = File.read("#{RAILS_ROOT}/config/potlatch/localised/en/help.html")
+    end
+    return POTLATCH_PRESETS+[localised,help]
    end
  
    end
  
+  ##
+  # Find all the ways, POI nodes (i.e. not part of ways), and relations
+  # in a given bounding box. Nodes are returned in full; ways and relations 
+  # are IDs only. 
+  #
+  # return is of the form: 
+  # [success_code, success_message,
+  #  [[way_id, way_version], ...],
+  #  [[node_id, lat, lon, [tags, ...], node_version], ...],
+  #  [[rel_id, rel_version], ...]]
+  # where the ways are any visible ways which refer to any visible
+  # nodes in the bbox, nodes are any visible nodes in the bbox but not
+  # used in any way, rel is any relation which refers to either a way
+  # or node that we're returning.
+  def whichways(xmin, ymin, xmax, ymax) #:doc:
+    enlarge = [(xmax-xmin)/8,0.01].min
+    xmin -= enlarge; ymin -= enlarge
+    xmax += enlarge; ymax += enlarge
+
+    # check boundary is sane and area within defined
+    # see /config/application.yml
+    check_boundaries(xmin, ymin, xmax, ymax)
+
+    if POTLATCH_USE_SQL then
+      ways = sql_find_ways_in_area(xmin, ymin, xmax, ymax)
+      points = sql_find_pois_in_area(xmin, ymin, xmax, ymax)
+      relations = sql_find_relations_in_area_and_ways(xmin, ymin, xmax, ymax, ways.collect {|x| x[0]})
+    else
+      # find the way ids in an area
+      nodes_in_area = Node.find_by_area(ymin, xmin, ymax, xmax, :conditions => ["current_nodes.visible = ?", true], :include => :ways)
+      ways = nodes_in_area.inject([]) { |sum, node| 
+        visible_ways = node.ways.select { |w| w.visible? }
+        sum + visible_ways.collect { |w| [w.id,w.version] }
+      }.uniq
+      ways.delete([])
+
+      # find the node ids in an area that aren't part of ways
+      nodes_not_used_in_area = nodes_in_area.select { |node| node.ways.empty? }
+      points = nodes_not_used_in_area.collect { |n| [n.id, n.lon, n.lat, n.tags, n.version] }.uniq
+
+      # find the relations used by those nodes and ways
+      relations = Relation.find_for_nodes(nodes_in_area.collect { |n| n.id }, :conditions => {:visible => true}) +
+                  Relation.find_for_ways(ways.collect { |w| w[0] }, :conditions => {:visible => true})
+      relations = relations.collect { |relation| [relation.id,relation.version] }.uniq
+    end
+
+    [0, '', ways, points, relations]
+
+  rescue OSM::APITimeoutError => err
+    [-1,"Sorry, I can't get the map for that area - try zooming in further. The server said: #{err}"]
+  rescue Exception => err
+    [-2,"Sorry - I can't get the map for that area. The server said: #{err}",[],[],[] ]
+  end
  
  
-       # ====================================================================
-       # Remote calls
-
-       # ----- getpresets
-       #               return presets,presetmenus and presetnames arrays
-
-       def getpresets
-               presets={}
-               presetmenus={}; presetmenus['point']=[]; presetmenus['way']=[]
-               presetnames={}; presetnames['point']={}; presetnames['way']={}
-               presettype=''
-               presetcategory=''
-               
-               File.open("config/potlatch/presets.txt") do |file|
-                       file.each_line {|line|
-                               t=line.chomp
-                               if (t=~/(\w+)\/(\w+)/) then
-                                       presettype=$1
-                                       presetcategory=$2
-                                       presetmenus[presettype].push(presetcategory)
-                                       presetnames[presettype][presetcategory]=["(no preset)"]
-                               elsif (t=~/^(.+):\s?(.+)$/) then
-                                       pre=$1; kv=$2
-                                       presetnames[presettype][presetcategory].push(pre)
-                                       presets[pre]={}
-                                       kv.split(',').each {|a|
-                                               if (a=~/^(.+)=(.*)$/) then presets[pre][$1]=$2 end
-                                       }
-                               end
-                       }
-               end
-               [presets,presetmenus,presetnames]
-       end
+  # Find deleted ways in current bounding box (similar to whichways, but ways
+  # with a deleted node only - not POIs or relations).
  
  
-       # ----- whichways(left,bottom,right,top)
-       #               return array of ways in current bounding box
-       #               at present, instead of using correct (=more complex) SQL to find
-       #               corner-crossing ways, it simply enlarges the bounding box by +/- 0.01
-       
-       def whichways(args)
-               waylist=WaySegment.find_by_sql("SELECT DISTINCT current_way_segments.id AS wayid"+
-                        "  FROM current_way_segments,current_segments,current_nodes "+
-                        " WHERE segment_id=current_segments.id "+
-                        "   AND current_segments.visible=1 "+
-                        "   AND node_a=current_nodes.id "+
-                        "   AND (latitude  BETWEEN "+(args[1].to_f-0.01).to_s+" AND "+(args[3].to_f+0.01).to_s+") "+
-                        "   AND (longitude BETWEEN "+(args[0].to_f-0.01).to_s+" AND "+(args[2].to_f+0.01).to_s+")")
-               ways=[]
-               waylist.each {|a|
-                       ways<<a.wayid.to_i
-               }
-               ways
-       end
+  def whichways_deleted(xmin, ymin, xmax, ymax) #:doc:
+    enlarge = [(xmax-xmin)/8,0.01].min
+    xmin -= enlarge; ymin -= enlarge
+    xmax += enlarge; ymax += enlarge
  
  
-       # ----- getway (objectname, way, baselong, basey, masterscale)
-       #               returns objectname, array of co-ordinates, attributes,
-       #                               xmin,xmax,ymin,ymax
-       
-       def getway(args)
-               objname,wayid,baselong,basey,masterscale=args
-               wayid=wayid.to_i
-               points=[]
-               lastid=-1
-               xmin=999999; xmax=-999999
-               ymin=999999; ymax=-999999
-
-               readwayquery(wayid).each {|row|
-                       xs1=long2coord(row['long1'].to_f,baselong,masterscale); ys1=lat2coord(row['lat1'].to_f,basey,masterscale)
-                       xs2=long2coord(row['long2'].to_f,baselong,masterscale); ys2=lat2coord(row['lat2'].to_f,basey,masterscale)
-                       if (row['id1'].to_i!=lastid)
-                               points<<[xs1,ys1,row['id1'].to_i,0,tag2array(row['tags1']),0]
-                       end
-                       lastid=row['id2'].to_i
-                       points<<[xs2,ys2,row['id2'].to_i,1,tag2array(row['tags2']),row['segment_id'].to_i]
-                       xmin=[xmin,row['long1'].to_f,row['long2'].to_f].min
-                       xmax=[xmax,row['long1'].to_f,row['long2'].to_f].max
-                       ymin=[ymin,row['lat1'].to_f,row['lat2'].to_f].min
-                       ymax=[ymax,row['lat1'].to_f,row['lat2'].to_f].max
-               }
-
-               attributes={}
-               attrlist=ActiveRecord::Base.connection.select_all "SELECT k,v FROM current_way_tags WHERE id=#{wayid}"
-               attrlist.each {|a| attributes[a['k']]=a['v'] }
-
-               [objname,points,attributes,xmin,xmax,ymin,ymax]
-       end
-       
-       # ----- putway (user token, way, array of co-ordinates, array of attributes,
-       #                               baselong, basey, masterscale)
-       #               returns current way ID, new way ID, hash of renumbered nodes,
-       #                               xmin,xmax,ymin,ymax
-
-       def putway(args)
-               usertoken,originalway,points,attributes,baselong,basey,masterscale=args
-               uid=getuserid(usertoken); if !uid then return end
-               db_uqs='uniq'+uid.to_s+originalway.to_i.abs.to_s+Time.new.to_i.to_s     # temp uniquesegments table name, typically 51 chars
-               db_now='@now'+uid.to_s+originalway.to_i.abs.to_s+Time.new.to_i.to_s     # 'now' variable name, typically 51 chars
-               ActiveRecord::Base.connection.execute("SET #{db_now}=NOW()")
-               originalway=originalway.to_i
-               
-               # -- 3. read original way into memory
-       
-               xc={}; yc={}; tagc={}; seg={}
-               if (originalway>0)
-                       way=originalway
-                       readwayquery(way).each { |row|
-                               id1=row['id1'].to_i; xc[id1]=row['long1'].to_f; yc[id1]=row['lat1'].to_f; tagc[id1]=row['tags1']
-                               id2=row['id2'].to_i; xc[id2]=row['long2'].to_f; yc[id2]=row['lat2'].to_f; tagc[id2]=row['tags2']
-                               seg[row['segment_id'].to_i]=id1.to_s+'-'+id2.to_s
-                       }
-               else
-                       way=ActiveRecord::Base.connection.insert("INSERT INTO current_ways (user_id,timestamp,visible) VALUES (#{uid},#{db_now},1)")
-               end
-
-               # -- 4. get version by inserting new row into ways
-
-               version=ActiveRecord::Base.connection.insert("INSERT INTO ways (id,user_id,timestamp,visible) VALUES (#{way},#{uid},#{db_now},1)")
-
-               # -- 5. compare nodes and update xmin,xmax,ymin,ymax
-
-               xmin=999999; xmax=-999999
-               ymin=999999; ymax=-999999
-               insertsql=''
-               nodelist=''
-               renumberednodes={}
-       
-               points.each_index do |i|
-                       xs=coord2long(points[i][0],masterscale,baselong)
-                       ys=coord2lat(points[i][1],masterscale,basey)
-                       xmin=[xs,xmin].min; xmax=[xs,xmax].max
-                       ymin=[ys,ymin].min; ymax=[ys,ymax].max
-                       node=points[i][2].to_i
-                       tagstr=array2tag(points[i][4])
-                       tagsql="'"+sqlescape(tagstr)+"'"
-       
-                       # compare node
-                       if node<0
-                               # new node - create
-                               newnode=ActiveRecord::Base.connection.insert("INSERT INTO current_nodes (   latitude,longitude,timestamp,user_id,visible,tags) VALUES (           #{ys},#{xs},#{db_now},#{uid},1,#{tagsql})")
-                                               ActiveRecord::Base.connection.insert("INSERT INTO nodes         (id,latitude,longitude,timestamp,user_id,visible,tags) VALUES (#{newnode},#{ys},#{xs},#{db_now},#{uid},1,#{tagsql})")
-                               points[i][2]=newnode
-                               renumberednodes[node.to_s]=newnode.to_s
-                               
-                       elsif xc.has_key?(node)
-                               # old node from original way - update
-                               if (xs!=xc[node] or (ys/0.0000001).round!=(yc[node]/0.0000001).round or tagstr!=tagc[node])
-                                       ActiveRecord::Base.connection.insert("INSERT INTO nodes (id,latitude,longitude,timestamp,user_id,visible,tags) VALUES (#{node},#{ys},#{xs},#{db_now},#{uid},1,#{tagsql})")
-                                       ActiveRecord::Base.connection.update("UPDATE current_nodes SET latitude=#{ys},longitude=#{xs},timestamp=#{db_now},user_id=#{uid},tags=#{tagsql},visible=1 WHERE id=#{node}")
-                               else
-                                       if (nodelist!='') then nodelist+=',' end; nodelist+=node.to_s
-                               end
-                       else
-                               # old node, created in another way and now added to this way
-                               if (nodelist!='') then nodelist+=',' end; nodelist+=node.to_s
-                       end
-       
-               end
+    # check boundary is sane and area within defined
+    # see /config/application.yml
+    begin
+      check_boundaries(xmin, ymin, xmax, ymax)
+    rescue Exception => err
+      return [-2,"Sorry - I can't get the map for that area. The server said: #{err}",[]]
+    end
  
  
-               if nodelist!='' then
-                       ActiveRecord::Base.connection.update("UPDATE current_nodes SET timestamp=#{db_now},user_id=#{uid},visible=1 WHERE id IN (#{nodelist})")
-               end
+    nodes_in_area = Node.find_by_area(ymin, xmin, ymax, xmax, :conditions => ["current_ways.visible = ?", false], :include => :ways_via_history)
+    way_ids = nodes_in_area.collect { |node| node.ways_via_history_ids }.flatten.uniq
  
  
-               # -- 6.i compare segments
-       
-               numberedsegments={}
-               seglist=''
-               for i in (0..(points.length-2))
-                       if (points[i+1][3].to_i==0) then next end
-                       segid=points[i+1][5].to_i
-                       from =points[i  ][2].to_i
-                       to   =points[i+1][2].to_i
-                       if seg.has_key?(segid)
-                               if seg[segid]=="#{from}-#{to}" then 
-                                       if (seglist!='') then seglist+=',' end; seglist+=segid.to_s
-                                       next
-                               end
-                       end
-                       segid=ActiveRecord::Base.connection.insert("INSERT INTO current_segments (   node_a,node_b,timestamp,user_id,visible,tags) VALUES (         #{from},#{to},#{db_now},#{uid},1,'')")
-                                 ActiveRecord::Base.connection.insert("INSERT INTO segments         (id,node_a,node_b,timestamp,user_id,visible,tags) VALUES (#{segid},#{from},#{to},#{db_now},#{uid},1,'')")
-                       points[i+1][5]=segid
-                       numberedsegments[(i+1).to_s]=segid.to_s
-               end
-               # numberedsegments.each{|a,b| RAILS_DEFAULT_LOGGER.error("Sending back: seg no. #{a} -> id #{b}") }
-
-               if seglist!='' then
-                       ActiveRecord::Base.connection.update("UPDATE current_segments SET timestamp=#{db_now},user_id=#{uid},visible=1 WHERE id IN (#{seglist})")
-               end
-
-
-               # -- 6.ii insert new way segments
-
-               createuniquesegments(way,db_uqs)
-
-               # a=''
-               # ActiveRecord::Base.connection.select_values("SELECT segment_id FROM #{db_uqs}").each {|b| a+=b+',' }
-               # RAILS_DEFAULT_LOGGER.error("Unique segments are #{a}")
-               # a=ActiveRecord::Base.connection.select_value("SELECT #{db_now}")
-               # RAILS_DEFAULT_LOGGER.error("Timestamp of this edit is #{a}")
-               # RAILS_DEFAULT_LOGGER.error("Userid of this edit is #{uid}")
-
-               #               delete nodes from uniquesegments (and not in modified way)
-       
-               sql=<<-EOF
-                       INSERT INTO nodes (id,latitude,longitude,timestamp,user_id,visible)  
-                       SELECT DISTINCT cn.id,cn.latitude,cn.longitude,#{db_now},#{uid},0 
-                         FROM current_nodes AS cn, 
-                                  current_segments AS cs,
-                                  #{db_uqs} AS us 
-                        WHERE(cn.id=cs.node_a OR cn.id=cs.node_b) 
-                          AND cs.id=us.segment_id AND cs.visible=1 
-                          AND (cn.timestamp!=#{db_now} OR cn.user_id!=#{uid})
-               EOF
-               ActiveRecord::Base.connection.insert(sql)
-
-               sql=<<-EOF
-                       UPDATE current_nodes AS cn, 
-                                  current_segments AS cs, 
-                                  #{db_uqs} AS us 
-                          SET cn.timestamp=#{db_now},cn.visible=0,cn.user_id=#{uid} 
-                        WHERE (cn.id=cs.node_a OR cn.id=cs.node_b) 
-                          AND cs.id=us.segment_id AND cs.visible=1 
-                          AND (cn.timestamp!=#{db_now} OR cn.user_id!=#{uid})
-               EOF
-               ActiveRecord::Base.connection.update(sql)
-       
-               #               delete segments from uniquesegments (and not in modified way)
-       
-               sql=<<-EOF
-                       INSERT INTO segments (id,node_a,node_b,timestamp,user_id,visible) 
-                       SELECT DISTINCT segment_id,node_a,node_b,#{db_now},#{uid},0
-                         FROM current_segments AS cs, #{db_uqs} AS us
-                        WHERE cs.id=us.segment_id AND cs.visible=1 
-                          AND (cs.timestamp!=#{db_now} OR cs.user_id!=#{uid})
-               EOF
-               ActiveRecord::Base.connection.insert(sql)
-               
-               sql=<<-EOF
-                          UPDATE current_segments AS cs, #{db_uqs} AS us
-                                 SET cs.timestamp=#{db_now},cs.visible=0,cs.user_id=#{uid} 
-                               WHERE cs.id=us.segment_id AND cs.visible=1 
-                                 AND (cs.timestamp!=#{db_now} OR cs.user_id!=#{uid})
-               EOF
-               ActiveRecord::Base.connection.update(sql)
-               ActiveRecord::Base.connection.execute("DROP TABLE #{db_uqs}")
-
-               #               insert new version of route into way_segments
-       
-               insertsql =''
-               currentsql=''
-               sequence  =1
-               for i in (0..(points.length-2))
-                       if (points[i+1][3].to_i==0) then next end
-                       if insertsql !='' then insertsql +=',' end
-                       if currentsql!='' then currentsql+=',' end
-                       insertsql +="(#{way},#{points[i+1][5]},#{version})"
-                       currentsql+="(#{way},#{points[i+1][5]},#{sequence})"
-                       sequence  +=1
-               end
-               
-               ActiveRecord::Base.connection.execute("DELETE FROM current_way_segments WHERE id=#{way}");
-               ActiveRecord::Base.connection.insert("INSERT INTO         way_segments (id,segment_id,version    ) VALUES #{insertsql}");
-               ActiveRecord::Base.connection.insert("INSERT INTO current_way_segments (id,segment_id,sequence_id) VALUES #{currentsql}");
-       
-               # -- 7. insert new way tags
-       
-               insertsql =''
-               currentsql=''
-               attributes.each do |k,v|
-                       if v=='' then next end
-                       if v[0,6]=='(type ' then next end
-                       if insertsql !='' then insertsql +=',' end
-                       if currentsql!='' then currentsql+=',' end
-                       insertsql +="(#{way},'"+sqlescape(k)+"','"+sqlescape(v)+"',version)"
-                       currentsql+="(#{way},'"+sqlescape(k)+"','"+sqlescape(v)+"')"
-               end
-               
-               ActiveRecord::Base.connection.execute("DELETE FROM current_way_tags WHERE id=#{way}")
-               if (insertsql !='') then ActiveRecord::Base.connection.insert("INSERT INTO way_tags (id,k,v,version) VALUES #{insertsql}" ) end
-               if (currentsql!='') then ActiveRecord::Base.connection.insert("INSERT INTO current_way_tags (id,k,v) VALUES #{currentsql}") end
-       
-               [originalway,way,renumberednodes,numberedsegments,xmin,xmax,ymin,ymax]
-       end
-       
-       # ----- deleteway (user token, way)
-       #               returns way ID only
-       
-       def deleteway(args)
-               usertoken,way=args
-               uid=getuserid(usertoken); if !uid then return end
-               way=way.to_i
-
-               db_uqs='uniq'+uid.to_s+way.to_i.abs.to_s+Time.new.to_i.to_s     # temp uniquesegments table name, typically 51 chars
-               db_now='@now'+uid.to_s+way.to_i.abs.to_s+Time.new.to_i.to_s     # 'now' variable name, typically 51 chars
-               ActiveRecord::Base.connection.execute("SET #{db_now}=NOW()")
-               createuniquesegments(way,db_uqs)
-       
-               sql=<<-EOF
-                       INSERT INTO nodes (id,latitude,longitude,timestamp,user_id,visible) 
-                       SELECT DISTINCT cn.id,cn.latitude,cn.longitude,#{db_now},#{uid},0 
-                         FROM current_nodes AS cn, 
-                                  current_segments AS cs, 
-                                  #{db_uqs} AS us
-                        WHERE (cn.id=cs.node_a OR cn.id=cs.node_b) 
-                          AND cs.id=us.segment_id
-               EOF
-               ActiveRecord::Base.connection.insert(sql)
-       
-               sql=<<-EOF
-                       UPDATE current_nodes AS cn, 
-                                  current_segments AS cs, 
-                                  #{db_uqs} AS us
-                          SET cn.timestamp=#{db_now},cn.visible=0,cn.user_id=#{uid} 
-                        WHERE (cn.id=cs.node_a OR cn.id=cs.node_b) 
-                          AND cs.id=us.segment_id
-               EOF
-               ActiveRecord::Base.connection.update(sql)
-       
-               # -     delete any otherwise unused segments
-                               
-               sql=<<-EOF
-                       INSERT INTO segments (id,node_a,node_b,timestamp,user_id,visible) 
-                       SELECT DISTINCT segment_id,node_a,node_b,#{db_now},#{uid},0 
-                         FROM current_segments AS cs, #{db_uqs} AS us
-                        WHERE cs.id=us.segment_id
-               EOF
-               ActiveRecord::Base.connection.insert(sql)
-                               
-               sql=<<-EOF
-                       UPDATE current_segments AS cs, #{db_uqs} AS us
-                          SET cs.timestamp=#{db_now},cs.visible=0,cs.user_id=#{uid} 
-                        WHERE cs.id=us.segment_id
-               EOF
-               ActiveRecord::Base.connection.update(sql)
-               ActiveRecord::Base.connection.execute("DROP TABLE #{db_uqs}")
-       
-               # - delete way
-               
-               ActiveRecord::Base.connection.insert("INSERT INTO ways (id,user_id,timestamp,visible) VALUES (#{way},#{uid},#{db_now},0)")
-               ActiveRecord::Base.connection.update("UPDATE current_ways SET user_id=#{uid},timestamp=#{db_now},visible=0 WHERE id=#{way}")
-               ActiveRecord::Base.connection.execute("DELETE FROM current_way_segments WHERE id=#{way}")
-               ActiveRecord::Base.connection.execute("DELETE FROM current_way_tags WHERE id=#{way}")
-       
-               way
-       end
-       
-       # ====================================================================
-       # Support functions for remote calls
-
-       def readwayquery(id)
-               ActiveRecord::Base.connection.select_all "SELECT n1.latitude AS lat1,n1.longitude AS long1,n1.id AS id1,n1.tags as tags1, "+
-                       "                 n2.latitude AS lat2,n2.longitude AS long2,n2.id AS id2,n2.tags as tags2,segment_id "+
-                       "    FROM current_way_segments,current_segments,current_nodes AS n1,current_nodes AS n2 "+
-                       "   WHERE current_way_segments.id=#{id} "+
-                       "     AND segment_id=current_segments.id "+
-                       "     AND n1.id=node_a and n2.id=node_b "+
-                       "   ORDER BY sequence_id"
-       end
+    [0,'',way_ids]
+  end
  
  
-       def createuniquesegments(way,uqs_name)
-               sql=<<-EOF
-                       CREATE TEMPORARY TABLE #{uqs_name}
-                                                       SELECT a.segment_id,COUNT(a.segment_id) AS ct
-                                                         FROM current_way_segments AS a, current_way_segments AS b
-                                                        WHERE a.segment_id=b.segment_id 
-                                                          AND a.id=#{way} 
-                                                 GROUP BY a.segment_id
-                                                       HAVING ct=1
-               EOF
-               ActiveRecord::Base.connection.execute(sql)
-       end
-       
+  # Get a way including nodes and tags.
+  # Returns the way id, a Potlatch-style array of points, a hash of tags, and the version number.
+
+  def getway(wayid) #:doc:
+    if POTLATCH_USE_SQL then
+        points = sql_get_nodes_in_way(wayid)
+        tags = sql_get_tags_in_way(wayid)
+        version = sql_get_way_version(wayid)
+      else
+        # Ideally we would do ":include => :nodes" here but if we do that
+        # then rails only seems to return the first copy of a node when a
+        # way includes a node more than once
+        begin
+          way = Way.find(wayid, :include => { :nodes => :node_tags })
+        rescue ActiveRecord::RecordNotFound
+          return [-4, 'way', wayid, [], {}, nil]
+        end
+
+        # check case where way has been deleted or doesn't exist
+        return [-4, 'way', wayid, [], {}, nil] if way.nil? or !way.visible
+
+        points = way.nodes.collect do |node|
+        nodetags=node.tags
+        nodetags.delete('created_by')
+        [node.lon, node.lat, node.id, nodetags, node.version]
+      end
+      tags = way.tags
+      version = way.version
+    end
+
+    [0, '', wayid, points, tags, version]
+  end
+  
+  # Get an old version of a way, and all constituent nodes.
+  #
+  # For undelete (version<0), always uses the most recent version of each node, 
+  # even if it's moved.  For revert (version >= 0), uses the node in existence 
+  # at the time, generating a new id if it's still visible and has been moved/
+  # retagged.
+  #
+  # Returns:
+  # 0. success code, 
+  # 1. id, 
+  # 2. array of points, 
+  # 3. hash of tags, 
+  # 4. version, 
+  # 5. is this the current, visible version? (boolean)
+  
+  def getway_old(id, timestamp) #:doc:
+    if timestamp == ''
+      # undelete
+      old_way = OldWay.find(:first, :conditions => ['visible = ? AND id = ?', true, id], :order => 'version DESC')
+      points = old_way.get_nodes_undelete unless old_way.nil?
+    else
+      begin
+        # revert
+        timestamp = DateTime.strptime(timestamp.to_s, "%d %b %Y, %H:%M:%S")
+        old_way = OldWay.find(:first, :conditions => ['id = ? AND timestamp <= ?', id, timestamp], :order => 'timestamp DESC')
+        unless old_way.nil?
+          points = old_way.get_nodes_revert(timestamp)
+          if !old_way.visible
+            return [-1, "Sorry, the way was deleted at that time - please revert to a previous version.", id, [], {}, nil, false]
+          end
+        end
+      rescue ArgumentError
+        # thrown by date parsing method. leave old_way as nil for
+        # the error handler below.
+      end
+    end
+
+    if old_way.nil?
+      return [-1, "Sorry, the server could not find a way at that time.", id, [], {}, nil, false]
+    else
+      curway=Way.find(id)
+      old_way.tags['history'] = "Retrieved from v#{old_way.version}"
+      return [0, '', id, points, old_way.tags, curway.version, (curway.version==old_way.version and curway.visible)]
+    end
+  end
+  
+  # Find history of a way.
+  # Returns 'way', id, and an array of previous versions:
+  # - formerly [old_way.version, old_way.timestamp.strftime("%d %b %Y, %H:%M"), old_way.visible ? 1 : 0, user, uid]
+  # - now [timestamp,user,uid]
+  #
+  # Heuristic: Find all nodes that have ever been part of the way; 
+  # get a list of their revision dates; add revision dates of the way;
+  # sort and collapse list (to within 2 seconds); trim all dates before the 
+  # start date of the way.
+
+  def getway_history(wayid) #:doc:
+
+    begin
+      # Find list of revision dates for way and all constituent nodes
+      revdates=[]
+      revusers={}
+      Way.find(wayid).old_ways.collect do |a|
+        revdates.push(a.timestamp)
+        unless revusers.has_key?(a.timestamp.to_i) then revusers[a.timestamp.to_i]=change_user(a) end
+        a.nds.each do |n|
+          Node.find(n).old_nodes.collect do |o|
+            revdates.push(o.timestamp)
+            unless revusers.has_key?(o.timestamp.to_i) then revusers[o.timestamp.to_i]=change_user(o) end
+          end
+        end
+      end
+      waycreated=revdates[0]
+      revdates.uniq!
+      revdates.sort!
+      revdates.reverse!
+
+      # Remove any dates (from nodes) before first revision date of way
+      revdates.delete_if { |d| d<waycreated }
+      # Remove any elements where 2 seconds doesn't elapse before next one
+      revdates.delete_if { |d| revdates.include?(d+1) or revdates.include?(d+2) }
+      # Collect all in one nested array
+      revdates.collect! {|d| [d.strftime("%d %b %Y, %H:%M:%S")] + revusers[d.to_i] }
+
+      return ['way', wayid, revdates]
+    rescue ActiveRecord::RecordNotFound
+      return ['way', wayid, []]
+    end
+  end
+  
+  # Find history of a node. Returns 'node', id, and an array of previous versions as above.
+
+  def getnode_history(nodeid) #:doc:
+    begin 
+      history = Node.find(nodeid).old_nodes.reverse.collect do |old_node|
+        [old_node.timestamp.strftime("%d %b %Y, %H:%M:%S")] + change_user(old_node)
+      end
+      return ['node', nodeid, history]
+    rescue ActiveRecord::RecordNotFound
+      return ['node', nodeid, []]
+    end
+  end
  
  
-       def sqlescape(a)
-               a.gsub("'","''").gsub(92.chr,92.chr+92.chr)
-       end
+  def change_user(obj)
+    user_object = obj.changeset.user
+    user = user_object.data_public? ? user_object.display_name : 'anonymous'
+    uid  = user_object.data_public? ? user_object.id : 0
+    [user,uid]
+  end
  
  
-       def tag2array(a)
-               tags={}
-               a.gsub(';;;','#%').split(';').each do |b|
-                       b.gsub!('#%',';;;')
-                       b.gsub!('===','#%')
-                       k,v=b.split('=')
-                       tags[k.gsub('#%','=')]=v.gsub('#%','=')
-               end
-               tags
-       end
+  # Find GPS traces with specified name/id.
+  # Returns array listing GPXs, each one comprising id, name and description.
+  
+  def findgpx(searchterm, usertoken)
+    user = getuser(usertoken)
+    if !uid then return -1,"You must be logged in to search for GPX traces.",[] end
+
+    gpxs = []
+    if searchterm.to_i>0 then
+      gpx = Trace.find(searchterm.to_i, :conditions => ["visible=? AND (public=? OR user_id=?)",true,true,user.id] )
+      if gpx then
+        gpxs.push([gpx.id, gpx.name, gpx.description])
+      end
+    else
+      Trace.find(:all, :limit => 21, :conditions => ["visible=? AND (public=? OR user_id=?) AND MATCH(name) AGAINST (?)",true,true,user.id,searchterm] ).each do |gpx|
+      gpxs.push([gpx.id, gpx.name, gpx.description])
+         end
+       end
+    [0,'',gpxs]
+  end
  
  
-       def array2tag(a)
-               str=''
-               a.each do |k,v|
-                       if v=='' then next end
-                       if v[0,6]=='(type ' then next end
-                       if str!='' then str+=';' end
-                       str+=k.gsub(';',';;;').gsub('=','===')+'='+v.gsub(';',';;;').gsub('=','===')
-               end
-               str
-       end
-       
-       def getuserid(token)
-               token=sqlescape(token)
-               if (token=~/^(.+)\+(.+)$/) then
-                       return ActiveRecord::Base.connection.select_value("SELECT id FROM users WHERE active=1 AND timeout>NOW() AND email='#{$1}' AND pass_crypt=MD5('#{$2}')")
-               else
-                       return ActiveRecord::Base.connection.select_value("SELECT id FROM users WHERE active=1 AND timeout>NOW() AND token='#{token}'")
-               end
-       end
-       
+  # Get a relation with all tags and members.
+  # Returns:
+  # 0. relation id,
+  # 1. hash of tags,
+  # 2. list of members,
+  # 3. version.
+  
+  def getrelation(relid) #:doc:
+    begin
+      rel = Relation.find(relid)
+    rescue ActiveRecord::RecordNotFound
+      return [-4, 'relation', relid, {}, [], nil]
+    end
+
+    return [-4, 'relation', relid, {}, [], nil] if rel.nil? or !rel.visible
+    [0, '', relid, rel.tags, rel.members, rel.version]
+  end
  
  
+  # Find relations with specified name/id.
+  # Returns array of relations, each in same form as getrelation.
+  
+  def findrelations(searchterm)
+    rels = []
+    if searchterm.to_i>0 then
+      rel = Relation.find(searchterm.to_i)
+      if rel and rel.visible then
+        rels.push([rel.id, rel.tags, rel.members, rel.version])
+      end
+    else
+      RelationTag.find(:all, :limit => 11, :conditions => ["match(v) against (?)", searchterm] ).each do |t|
+      if t.relation.visible then
+             rels.push([t.relation.id, t.relation.tags, t.relation.members, t.relation.version])
+           end
+         end
+       end
+    rels
+  end
  
  
-       # ====================================================================
-       # AMF read subroutines
-       
-       # ----- getint          return two-byte integer
-       # ----- getlong         return four-byte long
-       # ----- getstring       return string with two-byte length
-       # ----- getdouble       return eight-byte double-precision float
-       # ----- getobject       return object/hash
-       # ----- getarray        return numeric array
-       
-       def getint(s)
-               s.getc*256+s.getc
-       end
-       
-       def getlong(s)
-               ((s.getc*256+s.getc)*256+s.getc)*256+s.getc
-       end
-       
-       def getstring(s)
-               len=s.getc*256+s.getc
-               s.read(len)
-       end
-       
-       def getdouble(s)
-               a=s.read(8).unpack('G')                 # G big-endian, E little-endian
-               a[0]
-       end
-       
-       def getarray(s)
-               len=getlong(s)
-               arr=[]
-               for i in (0..len-1)
-                       arr[i]=getvalue(s)
-               end
-               arr
-       end
-       
-       def getobject(s)
-               arr={}
-               while (key=getstring(s))
-                       if (key=='') then break end
-                       arr[key]=getvalue(s)
-               end
-               s.getc          # skip the 9 'end of object' value
-               arr
-       end
-       
-       # ----- getvalue        parse and get value
-       
-       def getvalue(s)
-               case s.getc
-                       when 0; return getdouble(s)                     # number
-                       when 1; return s.getc                           # boolean
-                       when 2; return getstring(s)                     # string
-                       when 3; return getobject(s)                     # object/hash
-                       when 5; return nil                                      # null
-                       when 6; return nil                                      # undefined
-                       when 8; s.read(4)                                       # mixedArray
-                                       return getobject(s)                     #  |
-                       when 10;return getarray(s)                      # array
-                       else;   return nil                                      # error
-               end
-       end
+  # Save a relation.
+  # Returns
+  # 0. 0 (success),
+  # 1. original relation id (unchanged),
+  # 2. new relation id,
+  # 3. version.
+
+  def putrelation(renumberednodes, renumberedways, usertoken, changeset_id, version, relid, tags, members, visible) #:doc:
+    user = getuser(usertoken)
+    if !user then return -1,"You are not logged in, so the relation could not be saved." end
+
+    relid = relid.to_i
+    visible = (visible.to_i != 0)
+
+    new_relation = nil
+    relation = nil
+    Relation.transaction do
+      # create a new relation, or find the existing one
+      if relid > 0
+        relation = Relation.find(relid)
+      end
+      # We always need a new node, based on the data that has been sent to us
+      new_relation = Relation.new
+
+      # check the members are all positive, and correctly type
+      typedmembers = []
+      members.each do |m|
+        mid = m[1].to_i
+        if mid < 0
+          mid = renumberednodes[mid] if m[0] == 'Node'
+          mid = renumberedways[mid] if m[0] == 'Way'
+        end
+        if mid
+          typedmembers << [m[0], mid, m[2]]
+        end
+      end
+
+      # assign new contents
+      new_relation.members = typedmembers
+      new_relation.tags = tags
+      new_relation.visible = visible
+      new_relation.changeset_id = changeset_id
+      new_relation.version = version
+
+      if relid <= 0
+        # We're creating the relation
+        new_relation.create_with_history(user)
+      elsif visible
+        # We're updating the relation
+        new_relation.id = relid
+        relation.update_from(new_relation, user)
+      else
+        # We're deleting the relation
+        new_relation.id = relid
+        relation.delete_with_history!(new_relation, user)
+      end
+    end # transaction
+      
+    if relid <= 0
+      return [0, '', relid, new_relation.id, new_relation.version]
+    else
+      return [0, '', relid, relid, relation.version]
+    end
+  rescue OSM::APIChangesetAlreadyClosedError => ex
+    return [-1, "The changeset #{ex.changeset.id} was closed at #{ex.changeset.closed_at}.", relid, relid, nil]
+  rescue OSM::APIVersionMismatchError => ex
+    a=ex.to_s.match(/(\d+) of (\w+) (\d+)$/)
+    return [-3, ['relation', a[1]], relid, relid, nil]
+  rescue OSM::APIAlreadyDeletedError => ex
+    return [-1, "The relation has already been deleted.", relid, relid, nil]
+  rescue OSM::APIError => ex
+    # Some error that we don't specifically catch
+    return [-2, "An unusual error happened (in 'putrelation' #{relid}). The server said: #{ex}", relid, relid, nil]
+  end
  
  
-       # ====================================================================
-       # AMF write subroutines
-       
-       # ----- putdata         envelope data into AMF writeable form
-       # ----- encodevalue     pack variables as AMF
-       
-       def putdata(index,n)
-               d =encodestring(index+"/onResult")
-               d+=encodestring("null")
-               d+=[-1].pack("N")
-               d+=encodevalue(n)
-       end
-       
-       def encodevalue(n)
-               case n.class.to_s
-                       when 'Array'
-                               a=10.chr+encodelong(n.length)
-                               n.each do |b|
-                                       a+=encodevalue(b)
-                               end
-                               a
-                       when 'Hash'
-                               a=3.chr
-                               n.each do |k,v|
-                                       a+=encodestring(k)+encodevalue(v)
-                               end
-                               a+0.chr+0.chr+9.chr
-                       when 'String'
-                               2.chr+encodestring(n)
-                       when 'Bignum','Fixnum','Float'
-                               0.chr+encodedouble(n)
-                       when 'NilClass'
-                               5.chr
-                       else
-                               RAILS_DEFAULT_LOGGER.error("Unexpected Ruby type for AMF conversion: "+n.class.to_s)
-               end
-       end
-       
-       # ----- encodestring    encode string with two-byte length
-       # ----- encodedouble    encode number as eight-byte double precision float
-       # ----- encodelong              encode number as four-byte long
-       
-       def encodestring(n)
-               a,b=n.size.divmod(256)
-               a.chr+b.chr+n
-       end
-       
-       def encodedouble(n)
-               [n].pack('G')
-       end
-       
-       def encodelong(n)
-               [n].pack('N')
-       end
-       
-       # ====================================================================
-       # Co-ordinate conversion
-       
-       def lat2coord(a,basey,masterscale)
-               -(lat2y(a)-basey)*masterscale+250
-       end
-       
-       def long2coord(a,baselong,masterscale)
-               (a-baselong)*masterscale+350
-       end
+  # Save a way to the database, including all nodes. Any nodes in the previous
+  # version and no longer used are deleted.
+  # 
+  # Parameters:
+  # 0. hash of renumbered nodes (added by amf_controller)
+  # 1. current user token (for authentication)
+  # 2. current changeset
+  # 3. new way version
+  # 4. way ID
+  # 5. list of nodes in way
+  # 6. hash of way tags
+  # 7. array of nodes to change (each one is [lon,lat,id,version,tags]),
+  # 8. hash of nodes to delete (id->version).
+  # 
+  # Returns:
+  # 0. '0' (code for success),
+  # 1. original way id (unchanged),
+  # 2. new way id,
+  # 3. hash of renumbered nodes (old id=>new id),
+  # 4. way version,
+  # 5. hash of node versions (node=>version)
+
+  def putway(renumberednodes, usertoken, changeset_id, wayversion, originalway, pointlist, attributes, nodes, deletednodes) #:doc:
+
+    # -- Initialise
+       
+    user = getuser(usertoken)
+    if !user then return -1,"You are not logged in, so the way could not be saved." end
+    if pointlist.length < 2 then return -2,"Server error - way is only #{points.length} points long." end
+
+    originalway = originalway.to_i
+logger.info("received #{pointlist} for #{originalway}")
+       pointlist.collect! {|a| a.to_i }
+logger.info("converted to #{pointlist}")
+
+    way=nil    # this is returned, so scope it outside the transaction
+    nodeversions = {}
+    Way.transaction do
+
+      # -- Update each changed node
+
+      nodes.each do |a|
+        lon = a[0].to_f
+        lat = a[1].to_f
+        id = a[2].to_i
+        version = a[3].to_i
+        if id == 0  then return -2,"Server error - node with id 0 found in way #{originalway}." end
+        if lat== 90 then return -2,"Server error - node with latitude -90 found in way #{originalway}." end
+        if renumberednodes[id] then id = renumberednodes[id] end
+
+        node = Node.new
+        node.changeset_id = changeset_id
+        node.lat = lat
+        node.lon = lon
+        node.tags = a[4]
+        node.tags.delete('created_by')
+        node.version = version
+        if id <= 0
+          # We're creating the node
+          node.create_with_history(user)
+          renumberednodes[id] = node.id
+          nodeversions[node.id] = node.version
+        else
+          # We're updating an existing node
+          previous=Node.find(id)
+          node.id=id
+          previous.update_from(node, user)
+          nodeversions[previous.id] = previous.version
+        end
+      end
+
+      # -- Save revised way
+
+logger.info("renumberednodes is #{renumberednodes.inspect}")
+         pointlist.collect! {|a|
+             renumberednodes[a] ? renumberednodes[a]:a
+         } # renumber nodes
+logger.info("saving with #{pointlist}")
+      new_way = Way.new
+      new_way.tags = attributes
+      new_way.nds = pointlist
+      new_way.changeset_id = changeset_id
+      new_way.version = wayversion
+      if originalway <= 0
+        new_way.create_with_history(user)
+        way=new_way    # so we can get way.id and way.version
+      else
+             way = Way.find(originalway)
+                 if way.tags!=attributes or way.nds!=pointlist or !way.visible?
+                   new_way.id=originalway
+          way.update_from(new_way, user)
+        end
+      end
+
+      # -- Delete unwanted nodes
+
+      deletednodes.each do |id,v|
+        node = Node.find(id.to_i)
+        new_node = Node.new
+        new_node.changeset_id = changeset_id
+        new_node.version = v.to_i
+        new_node.id = id.to_i
+        begin
+          node.delete_with_history!(new_node, user)
+        rescue OSM::APIPreconditionFailedError => ex
+          # We don't do anything here as the node is being used elsewhere
+          # and we don't want to delete it
+        end
+      end
+
+    end # transaction
+
+    [0, '', originalway, way.id, renumberednodes, way.version, nodeversions, deletednodes]
+  rescue OSM::APIChangesetAlreadyClosedError => ex
+    return [-1, "Sorry, your changeset #{ex.changeset.id} was closed (at #{ex.changeset.closed_at}).", originalway, originalway, renumberednodes, wayversion, nodeversions, deletednodes]
+  rescue OSM::APIVersionMismatchError => ex
+    a=ex.to_s.match(/(\d+) of (\w+) (\d+)$/)
+    return [-3, ['way', a[1], a[2].downcase, a[3]], originalway, originalway, renumberednodes, wayversion, nodeversions, deletednodes]
+  rescue OSM::APITooManyWayNodesError => ex
+    return [-1, "You have tried to upload a really long way with #{ex.provided} points: only #{ex.max} are allowed.", originalway, originalway, renumberednodes, wayversion, nodeversions, deletednodes]
+  rescue OSM::APIAlreadyDeletedError => ex
+    return [-1, "The point has already been deleted.", originalway, originalway, renumberednodes, wayversion, nodeversions, deletednodes]
+  rescue OSM::APIError => ex
+    # Some error that we don't specifically catch
+    return [-2, "An unusual error happened (in 'putway' #{originalway}). The server said: #{ex}", originalway, originalway, renumberednodes, wayversion, nodeversions, deletednodes]
+  end
+
+  # Save POI to the database.
+  # Refuses save if the node has since become part of a way.
+  # Returns array with:
+  # 0. 0 (success),
+  # 1. original node id (unchanged),
+  # 2. new node id,
+  # 3. version.
+
+  def putpoi(usertoken, changeset_id, version, id, lon, lat, tags, visible) #:doc:
+    user = getuser(usertoken)
+    if !user then return -1,"You are not logged in, so the point could not be saved." end
+
+    id = id.to_i
+    visible = (visible.to_i == 1)
+    node = nil
+    new_node = nil
+    Node.transaction do
+      if id > 0 then
+        node = Node.find(id)
+
+        if !visible then
+          unless node.ways.empty? then return -1,"The point has since become part of a way, so you cannot save it as a POI.",id,id,version end
+        end
+      end
+      # We always need a new node, based on the data that has been sent to us
+      new_node = Node.new
+
+      new_node.changeset_id = changeset_id
+      new_node.version = version
+      new_node.lat = lat
+      new_node.lon = lon
+      new_node.tags = tags
+      if id <= 0 
+        # We're creating the node
+        new_node.create_with_history(user)
+      elsif visible
+        # We're updating the node
+        new_node.id=id
+        node.update_from(new_node, user)
+      else
+        # We're deleting the node
+        new_node.id=id
+        node.delete_with_history!(new_node, user)
+      end
+
+    end # transaction
+
+    if id <= 0
+      return [0, '', id, new_node.id, new_node.version]
+    else
+      return [0, '', id, node.id, node.version]
+    end 
+  rescue OSM::APIChangesetAlreadyClosedError => ex
+    return [-1, "The changeset #{ex.changeset.id} was closed at #{ex.changeset.closed_at}",id,id,version]
+  rescue OSM::APIVersionMismatchError => ex
+    a=ex.to_s.match(/(\d+) of (\w+) (\d+)$/)
+    return [-3, ['node', a[1]], id,id,version]
+  rescue OSM::APIAlreadyDeletedError => ex
+    return [-1, "The point has already been deleted",id,id,version]
+  rescue OSM::APIError => ex
+    # Some error that we don't specifically catch
+    return [-2, "An unusual error happened (in 'putpoi' #{id}). The server said: #{ex}",id,id,version]
+  end
+
+  # Read POI from database
+  # (only called on revert: POIs are usually read by whichways).
+  #
+  # Returns array of id, long, lat, hash of tags, (current) version.
+
+  def getpoi(id,timestamp) #:doc:
+    n = Node.find(id)
+    v = n.version
+    unless timestamp == ''
+      n = OldNode.find(id, :conditions=>['timestamp=?',DateTime.strptime(timestamp, "%d %b %Y, %H:%M:%S")])
+    end
+
+    if n
+      return [0, '', n.id, n.lon, n.lat, n.tags, v]
+    else
+      return [-4, 'node', id, nil, nil, {}, nil]
+    end
+  end
+
+  # Delete way and all constituent nodes.
+  # Params:
+  # * The user token
+  # * the changeset id
+  # * the id of the way to change
+  # * the version of the way that was downloaded
+  # * a hash of the id and versions of all the nodes that are in the way, if any 
+  # of the nodes have been changed by someone else then, there is a problem!
+  # Returns 0 (success), unchanged way id, new way version, new node versions.
+
+  def deleteway(usertoken, changeset_id, way_id, way_version, deletednodes) #:doc:
+    user = getuser(usertoken)
+    unless user then return -1,"You are not logged in, so the way could not be deleted." end
+      
+    way_id = way_id.to_i
+    nodeversions = {}
+    old_way=nil # returned, so scope it outside the transaction
+    # Need a transaction so that if one item fails to delete, the whole delete fails.
+    Way.transaction do
+
+      # -- Delete the way
+
+      old_way = Way.find(way_id)
+      delete_way = Way.new
+      delete_way.version = way_version
+      delete_way.changeset_id = changeset_id
+      delete_way.id = way_id
+      old_way.delete_with_history!(delete_way, user)
+
+      # -- Delete unwanted nodes
+
+      deletednodes.each do |id,v|
+        node = Node.find(id.to_i)
+        new_node = Node.new
+        new_node.changeset_id = changeset_id
+        new_node.version = v.to_i
+        new_node.id = id.to_i
+        begin
+          node.delete_with_history!(new_node, user)
+          nodeversions[node.id]=node.version
+        rescue OSM::APIPreconditionFailedError => ex
+          # We don't do anything with the exception as the node is in use
+          # elsewhere and we don't want to delete it
+        end
+      end
+
+    end # transaction
+    [0, '', way_id, old_way.version, nodeversions]
+  rescue OSM::APIChangesetAlreadyClosedError => ex
+    return [-1, "The changeset #{ex.changeset.id} was closed at #{ex.changeset.closed_at}",way_id,way_version,nodeversions]
+  rescue OSM::APIVersionMismatchError => ex
+    a=ex.to_s.match(/(\d+) of (\w+) (\d+)$/)
+    return [-3, ['way', a[1]],way_id,way_version,nodeversions]
+  rescue OSM::APIAlreadyDeletedError => ex
+    return [-1, "The way has already been deleted.",way_id,way_version,nodeversions]
+  rescue OSM::APIError => ex
+    # Some error that we don't specifically catch
+    return [-2, "An unusual error happened (in 'deleteway' #{way_id}). The server said: #{ex}",way_id,way_version,nodeversions]
+  end
+
+
+  # ====================================================================
+  # Support functions
+
+  # Authenticate token
+  # (can also be of form user:pass)
+  # When we are writing to the api, we need the actual user model, 
+  # not just the id, hence this abstraction
+
+  def getuser(token) #:doc:
+    if (token =~ /^(.+)\:(.+)$/) then
+      user = User.authenticate(:username => $1, :password => $2)
+    else
+      user = User.authenticate(:token => token)
+    end
+    return user
+  end
+
+  # Send AMF response
+  
+  def sendresponse(results)
+    a,b=results.length.divmod(256)
+    render :content_type => "application/x-amf", :text => proc { |response, output| 
+      # ** move amf writing loop into here - 
+      # basically we read the messages in first (into an array of some sort),
+      # then iterate through that array within here, and do all the AMF writing
+      output.write 0.chr+0.chr+0.chr+0.chr+a.chr+b.chr
+      results.each do |k,v|
+        output.write(v)
+      end
+    }
+  end
+
+
+  # ====================================================================
+  # Alternative SQL queries for getway/whichways
+
+  def sql_find_ways_in_area(xmin,ymin,xmax,ymax)
+    sql=<<-EOF
+    SELECT DISTINCT current_ways.id AS wayid,current_ways.version AS version
+      FROM current_way_nodes
+    INNER JOIN current_nodes ON current_nodes.id=current_way_nodes.node_id
+    INNER JOIN current_ways  ON current_ways.id =current_way_nodes.id
+       WHERE current_nodes.visible=TRUE 
+       AND current_ways.visible=TRUE 
+       AND #{OSM.sql_for_area(ymin, xmin, ymax, xmax, "current_nodes.")}
+    EOF
+    return ActiveRecord::Base.connection.select_all(sql).collect { |a| [a['wayid'].to_i,a['version'].to_i] }
+  end
         
         
-       def lat2y(a)
-               180/Math::PI * Math.log(Math.tan(Math::PI/4+a*(Math::PI/180)/2))
-       end
+  def sql_find_pois_in_area(xmin,ymin,xmax,ymax)
+    pois=[]
+    sql=<<-EOF
+                 SELECT current_nodes.id,current_nodes.latitude*0.0000001 AS lat,current_nodes.longitude*0.0000001 AS lon,current_nodes.version 
+                       FROM current_nodes 
+       LEFT OUTER JOIN current_way_nodes cwn ON cwn.node_id=current_nodes.id 
+                  WHERE current_nodes.visible=TRUE
+                        AND cwn.id IS NULL
+                        AND #{OSM.sql_for_area(ymin, xmin, ymax, xmax, "current_nodes.")}
+    EOF
+    ActiveRecord::Base.connection.select_all(sql).each do |row|
+      poitags={}
+      ActiveRecord::Base.connection.select_all("SELECT k,v FROM current_node_tags WHERE id=#{row['id']}").each do |n|
+        poitags[n['k']]=n['v']
+      end
+      pois << [row['id'].to_i, row['lon'].to_f, row['lat'].to_f, poitags, row['version'].to_i]
+    end
+    pois
+  end
         
         
-       def coord2lat(a,masterscale,basey)
-               y2lat((a-250)/-masterscale+basey)
-       end
+  def sql_find_relations_in_area_and_ways(xmin,ymin,xmax,ymax,way_ids)
+    # ** It would be more Potlatchy to get relations for nodes within ways
+    #    during 'getway', not here
+    sql=<<-EOF
+      SELECT DISTINCT cr.id AS relid,cr.version AS version 
+      FROM current_relations cr
+      INNER JOIN current_relation_members crm ON crm.id=cr.id 
+      INNER JOIN current_nodes cn ON crm.member_id=cn.id AND crm.member_type='Node' 
+       WHERE #{OSM.sql_for_area(ymin, xmin, ymax, xmax, "cn.")}
+      EOF
+    unless way_ids.empty?
+      sql+=<<-EOF
+       UNION
+        SELECT DISTINCT cr.id AS relid,cr.version AS version
+        FROM current_relations cr
+        INNER JOIN current_relation_members crm ON crm.id=cr.id
+         WHERE crm.member_type='Way' 
+         AND crm.member_id IN (#{way_ids.join(',')})
+        EOF
+    end
+    ActiveRecord::Base.connection.select_all(sql).collect { |a| [a['relid'].to_i,a['version'].to_i] }
+  end
         
         
-       def coord2long(a,masterscale,baselong)
-               (a-350)/masterscale+baselong
-       end
+  def sql_get_nodes_in_way(wayid)
+    points=[]
+    sql=<<-EOF
+      SELECT latitude*0.0000001 AS lat,longitude*0.0000001 AS lon,current_nodes.id,current_nodes.version 
+      FROM current_way_nodes,current_nodes 
+       WHERE current_way_nodes.id=#{wayid.to_i} 
+                  AND current_way_nodes.node_id=current_nodes.id 
+                  AND current_nodes.visible=TRUE
+      ORDER BY sequence_id
+         EOF
+    ActiveRecord::Base.connection.select_all(sql).each do |row|
+      nodetags={}
+      ActiveRecord::Base.connection.select_all("SELECT k,v FROM current_node_tags WHERE id=#{row['id']}").each do |n|
+        nodetags[n['k']]=n['v']
+      end
+      nodetags.delete('created_by')
+      points << [row['lon'].to_f,row['lat'].to_f,row['id'].to_i,nodetags,row['version'].to_i]
+    end
+    points
+  end
         
         
-       def y2lat(a)
-               180/Math::PI * (2*Math.atan(Math.exp(a*Math::PI/180))-Math::PI/2)
-       end
-
+  def sql_get_tags_in_way(wayid)
+    tags={}
+    ActiveRecord::Base.connection.select_all("SELECT k,v FROM current_way_tags WHERE id=#{wayid.to_i}").each do |row|
+      tags[row['k']]=row['v']
+    end
+    tags
+  end
  
  
+  def sql_get_way_version(wayid)
+    ActiveRecord::Base.connection.select_one("SELECT version FROM current_ways WHERE id=#{wayid.to_i}")
+  end
  end
  end
+