clockwerk-www – Blame information for rev 5
?pathlinks?
Rev | Author | Line No. | Line |
---|---|---|---|
5 | vero | 1 | <?php |
2 | // by Edd Dumbill (C) 1999-2002 |
||
3 | // <edd@usefulinc.com> |
||
4 | // $Id: xmlrpcs.inc,v 1.71 2008/10/29 23:41:28 ggiunta Exp $ |
||
5 | |||
6 | // Copyright (c) 1999,2000,2002 Edd Dumbill. |
||
7 | // All rights reserved. |
||
8 | // |
||
9 | // Redistribution and use in source and binary forms, with or without |
||
10 | // modification, are permitted provided that the following conditions |
||
11 | // are met: |
||
12 | // |
||
13 | // * Redistributions of source code must retain the above copyright |
||
14 | // notice, this list of conditions and the following disclaimer. |
||
15 | // |
||
16 | // * Redistributions in binary form must reproduce the above |
||
17 | // copyright notice, this list of conditions and the following |
||
18 | // disclaimer in the documentation and/or other materials provided |
||
19 | // with the distribution. |
||
20 | // |
||
21 | // * Neither the name of the "XML-RPC for PHP" nor the names of its |
||
22 | // contributors may be used to endorse or promote products derived |
||
23 | // from this software without specific prior written permission. |
||
24 | // |
||
25 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
||
26 | // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
||
27 | // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS |
||
28 | // FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE |
||
29 | // REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, |
||
30 | // INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES |
||
31 | // (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR |
||
32 | // SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
||
33 | // HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
||
34 | // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
||
35 | // ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
||
36 | // OF THE POSSIBILITY OF SUCH DAMAGE. |
||
37 | |||
38 | // XML RPC Server class |
||
39 | // requires: xmlrpc.inc |
||
40 | |||
41 | $GLOBALS['xmlrpcs_capabilities'] = array( |
||
42 | // xmlrpc spec: always supported |
||
43 | 'xmlrpc' => new xmlrpcval(array( |
||
44 | 'specUrl' => new xmlrpcval('http://www.xmlrpc.com/spec', 'string'), |
||
45 | 'specVersion' => new xmlrpcval(1, 'int') |
||
46 | ), 'struct'), |
||
47 | // if we support system.xxx functions, we always support multicall, too... |
||
48 | // Note that, as of 2006/09/17, the following URL does not respond anymore |
||
49 | 'system.multicall' => new xmlrpcval(array( |
||
50 | 'specUrl' => new xmlrpcval('http://www.xmlrpc.com/discuss/msgReader$1208', 'string'), |
||
51 | 'specVersion' => new xmlrpcval(1, 'int') |
||
52 | ), 'struct'), |
||
53 | // introspection: version 2! we support 'mixed', too |
||
54 | 'introspection' => new xmlrpcval(array( |
||
55 | 'specUrl' => new xmlrpcval('http://phpxmlrpc.sourceforge.net/doc-2/ch10.html', 'string'), |
||
56 | 'specVersion' => new xmlrpcval(2, 'int') |
||
57 | ), 'struct') |
||
58 | ); |
||
59 | |||
60 | /* Functions that implement system.XXX methods of xmlrpc servers */ |
||
61 | $_xmlrpcs_getCapabilities_sig=array(array($GLOBALS['xmlrpcStruct'])); |
||
62 | $_xmlrpcs_getCapabilities_doc='This method lists all the capabilites that the XML-RPC server has: the (more or less standard) extensions to the xmlrpc spec that it adheres to'; |
||
63 | $_xmlrpcs_getCapabilities_sdoc=array(array('list of capabilities, described as structs with a version number and url for the spec')); |
||
64 | function _xmlrpcs_getCapabilities($server, $m=null) |
||
65 | { |
||
66 | $outAr = $GLOBALS['xmlrpcs_capabilities']; |
||
67 | // NIL extension |
||
68 | if ($GLOBALS['xmlrpc_null_extension']) { |
||
69 | $outAr['nil'] = new xmlrpcval(array( |
||
70 | 'specUrl' => new xmlrpcval('http://www.ontosys.com/xml-rpc/extensions.php', 'string'), |
||
71 | 'specVersion' => new xmlrpcval(1, 'int') |
||
72 | ), 'struct'); |
||
73 | } |
||
74 | return new xmlrpcresp(new xmlrpcval($outAr, 'struct')); |
||
75 | } |
||
76 | |||
77 | // listMethods: signature was either a string, or nothing. |
||
78 | // The useless string variant has been removed |
||
79 | $_xmlrpcs_listMethods_sig=array(array($GLOBALS['xmlrpcArray'])); |
||
80 | $_xmlrpcs_listMethods_doc='This method lists all the methods that the XML-RPC server knows how to dispatch'; |
||
81 | $_xmlrpcs_listMethods_sdoc=array(array('list of method names')); |
||
82 | function _xmlrpcs_listMethods($server, $m=null) // if called in plain php values mode, second param is missing |
||
83 | { |
||
84 | |||
85 | $outAr=array(); |
||
86 | foreach($server->dmap as $key => $val) |
||
87 | { |
||
88 | $outAr[]=&new xmlrpcval($key, 'string'); |
||
89 | } |
||
90 | if($server->allow_system_funcs) |
||
91 | { |
||
92 | foreach($GLOBALS['_xmlrpcs_dmap'] as $key => $val) |
||
93 | { |
||
94 | $outAr[]=&new xmlrpcval($key, 'string'); |
||
95 | } |
||
96 | } |
||
97 | return new xmlrpcresp(new xmlrpcval($outAr, 'array')); |
||
98 | } |
||
99 | |||
100 | $_xmlrpcs_methodSignature_sig=array(array($GLOBALS['xmlrpcArray'], $GLOBALS['xmlrpcString'])); |
||
101 | $_xmlrpcs_methodSignature_doc='Returns an array of known signatures (an array of arrays) for the method name passed. If no signatures are known, returns a none-array (test for type != array to detect missing signature)'; |
||
102 | $_xmlrpcs_methodSignature_sdoc=array(array('list of known signatures, each sig being an array of xmlrpc type names', 'name of method to be described')); |
||
103 | function _xmlrpcs_methodSignature($server, $m) |
||
104 | { |
||
105 | // let accept as parameter both an xmlrpcval or string |
||
106 | if (is_object($m)) |
||
107 | { |
||
108 | $methName=$m->getParam(0); |
||
109 | $methName=$methName->scalarval(); |
||
110 | } |
||
111 | else |
||
112 | { |
||
113 | $methName=$m; |
||
114 | } |
||
115 | if(strpos($methName, "system.") === 0) |
||
116 | { |
||
117 | $dmap=$GLOBALS['_xmlrpcs_dmap']; $sysCall=1; |
||
118 | } |
||
119 | else |
||
120 | { |
||
121 | $dmap=$server->dmap; $sysCall=0; |
||
122 | } |
||
123 | if(isset($dmap[$methName])) |
||
124 | { |
||
125 | if(isset($dmap[$methName]['signature'])) |
||
126 | { |
||
127 | $sigs=array(); |
||
128 | foreach($dmap[$methName]['signature'] as $inSig) |
||
129 | { |
||
130 | $cursig=array(); |
||
131 | foreach($inSig as $sig) |
||
132 | { |
||
133 | $cursig[]=&new xmlrpcval($sig, 'string'); |
||
134 | } |
||
135 | $sigs[]=&new xmlrpcval($cursig, 'array'); |
||
136 | } |
||
137 | $r=&new xmlrpcresp(new xmlrpcval($sigs, 'array')); |
||
138 | } |
||
139 | else |
||
140 | { |
||
141 | // NB: according to the official docs, we should be returning a |
||
142 | // "none-array" here, which means not-an-array |
||
143 | $r=&new xmlrpcresp(new xmlrpcval('undef', 'string')); |
||
144 | } |
||
145 | } |
||
146 | else |
||
147 | { |
||
148 | $r=&new xmlrpcresp(0,$GLOBALS['xmlrpcerr']['introspect_unknown'], $GLOBALS['xmlrpcstr']['introspect_unknown']); |
||
149 | } |
||
150 | return $r; |
||
151 | } |
||
152 | |||
153 | $_xmlrpcs_methodHelp_sig=array(array($GLOBALS['xmlrpcString'], $GLOBALS['xmlrpcString'])); |
||
154 | $_xmlrpcs_methodHelp_doc='Returns help text if defined for the method passed, otherwise returns an empty string'; |
||
155 | $_xmlrpcs_methodHelp_sdoc=array(array('method description', 'name of the method to be described')); |
||
156 | function _xmlrpcs_methodHelp($server, $m) |
||
157 | { |
||
158 | // let accept as parameter both an xmlrpcval or string |
||
159 | if (is_object($m)) |
||
160 | { |
||
161 | $methName=$m->getParam(0); |
||
162 | $methName=$methName->scalarval(); |
||
163 | } |
||
164 | else |
||
165 | { |
||
166 | $methName=$m; |
||
167 | } |
||
168 | if(strpos($methName, "system.") === 0) |
||
169 | { |
||
170 | $dmap=$GLOBALS['_xmlrpcs_dmap']; $sysCall=1; |
||
171 | } |
||
172 | else |
||
173 | { |
||
174 | $dmap=$server->dmap; $sysCall=0; |
||
175 | } |
||
176 | if(isset($dmap[$methName])) |
||
177 | { |
||
178 | if(isset($dmap[$methName]['docstring'])) |
||
179 | { |
||
180 | $r=&new xmlrpcresp(new xmlrpcval($dmap[$methName]['docstring']), 'string'); |
||
181 | } |
||
182 | else |
||
183 | { |
||
184 | $r=&new xmlrpcresp(new xmlrpcval('', 'string')); |
||
185 | } |
||
186 | } |
||
187 | else |
||
188 | { |
||
189 | $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['introspect_unknown'], $GLOBALS['xmlrpcstr']['introspect_unknown']); |
||
190 | } |
||
191 | return $r; |
||
192 | } |
||
193 | |||
194 | $_xmlrpcs_multicall_sig = array(array($GLOBALS['xmlrpcArray'], $GLOBALS['xmlrpcArray'])); |
||
195 | $_xmlrpcs_multicall_doc = 'Boxcar multiple RPC calls in one request. See http://www.xmlrpc.com/discuss/msgReader$1208 for details'; |
||
196 | $_xmlrpcs_multicall_sdoc = array(array('list of response structs, where each struct has the usual members', 'list of calls, with each call being represented as a struct, with members "methodname" and "params"')); |
||
197 | function _xmlrpcs_multicall_error($err) |
||
198 | { |
||
199 | if(is_string($err)) |
||
200 | { |
||
201 | $str = $GLOBALS['xmlrpcstr']["multicall_${err}"]; |
||
202 | $code = $GLOBALS['xmlrpcerr']["multicall_${err}"]; |
||
203 | } |
||
204 | else |
||
205 | { |
||
206 | $code = $err->faultCode(); |
||
207 | $str = $err->faultString(); |
||
208 | } |
||
209 | $struct = array(); |
||
210 | $struct['faultCode'] =& new xmlrpcval($code, 'int'); |
||
211 | $struct['faultString'] =& new xmlrpcval($str, 'string'); |
||
212 | return new xmlrpcval($struct, 'struct'); |
||
213 | } |
||
214 | |||
215 | function _xmlrpcs_multicall_do_call($server, $call) |
||
216 | { |
||
217 | if($call->kindOf() != 'struct') |
||
218 | { |
||
219 | return _xmlrpcs_multicall_error('notstruct'); |
||
220 | } |
||
221 | $methName = @$call->structmem('methodName'); |
||
222 | if(!$methName) |
||
223 | { |
||
224 | return _xmlrpcs_multicall_error('nomethod'); |
||
225 | } |
||
226 | if($methName->kindOf() != 'scalar' || $methName->scalartyp() != 'string') |
||
227 | { |
||
228 | return _xmlrpcs_multicall_error('notstring'); |
||
229 | } |
||
230 | if($methName->scalarval() == 'system.multicall') |
||
231 | { |
||
232 | return _xmlrpcs_multicall_error('recursion'); |
||
233 | } |
||
234 | |||
235 | $params = @$call->structmem('params'); |
||
236 | if(!$params) |
||
237 | { |
||
238 | return _xmlrpcs_multicall_error('noparams'); |
||
239 | } |
||
240 | if($params->kindOf() != 'array') |
||
241 | { |
||
242 | return _xmlrpcs_multicall_error('notarray'); |
||
243 | } |
||
244 | $numParams = $params->arraysize(); |
||
245 | |||
246 | $msg =& new xmlrpcmsg($methName->scalarval()); |
||
247 | for($i = 0; $i < $numParams; $i++) |
||
248 | { |
||
249 | if(!$msg->addParam($params->arraymem($i))) |
||
250 | { |
||
251 | $i++; |
||
252 | return _xmlrpcs_multicall_error(new xmlrpcresp(0, |
||
253 | $GLOBALS['xmlrpcerr']['incorrect_params'], |
||
254 | $GLOBALS['xmlrpcstr']['incorrect_params'] . ": probable xml error in param " . $i)); |
||
255 | } |
||
256 | } |
||
257 | |||
258 | $result = $server->execute($msg); |
||
259 | |||
260 | if($result->faultCode() != 0) |
||
261 | { |
||
262 | return _xmlrpcs_multicall_error($result); // Method returned fault. |
||
263 | } |
||
264 | |||
265 | return new xmlrpcval(array($result->value()), 'array'); |
||
266 | } |
||
267 | |||
268 | function _xmlrpcs_multicall_do_call_phpvals($server, $call) |
||
269 | { |
||
270 | if(!is_array($call)) |
||
271 | { |
||
272 | return _xmlrpcs_multicall_error('notstruct'); |
||
273 | } |
||
274 | if(!array_key_exists('methodName', $call)) |
||
275 | { |
||
276 | return _xmlrpcs_multicall_error('nomethod'); |
||
277 | } |
||
278 | if (!is_string($call['methodName'])) |
||
279 | { |
||
280 | return _xmlrpcs_multicall_error('notstring'); |
||
281 | } |
||
282 | if($call['methodName'] == 'system.multicall') |
||
283 | { |
||
284 | return _xmlrpcs_multicall_error('recursion'); |
||
285 | } |
||
286 | if(!array_key_exists('params', $call)) |
||
287 | { |
||
288 | return _xmlrpcs_multicall_error('noparams'); |
||
289 | } |
||
290 | if(!is_array($call['params'])) |
||
291 | { |
||
292 | return _xmlrpcs_multicall_error('notarray'); |
||
293 | } |
||
294 | |||
295 | // this is a real dirty and simplistic hack, since we might have received a |
||
296 | // base64 or datetime values, but they will be listed as strings here... |
||
297 | $numParams = count($call['params']); |
||
298 | $pt = array(); |
||
299 | foreach($call['params'] as $val) |
||
300 | $pt[] = php_2_xmlrpc_type(gettype($val)); |
||
301 | |||
302 | $result = $server->execute($call['methodName'], $call['params'], $pt); |
||
303 | |||
304 | if($result->faultCode() != 0) |
||
305 | { |
||
306 | return _xmlrpcs_multicall_error($result); // Method returned fault. |
||
307 | } |
||
308 | |||
309 | return new xmlrpcval(array($result->value()), 'array'); |
||
310 | } |
||
311 | |||
312 | function _xmlrpcs_multicall($server, $m) |
||
313 | { |
||
314 | $result = array(); |
||
315 | // let accept a plain list of php parameters, beside a single xmlrpc msg object |
||
316 | if (is_object($m)) |
||
317 | { |
||
318 | $calls = $m->getParam(0); |
||
319 | $numCalls = $calls->arraysize(); |
||
320 | for($i = 0; $i < $numCalls; $i++) |
||
321 | { |
||
322 | $call = $calls->arraymem($i); |
||
323 | $result[$i] = _xmlrpcs_multicall_do_call($server, $call); |
||
324 | } |
||
325 | } |
||
326 | else |
||
327 | { |
||
328 | $numCalls=count($m); |
||
329 | for($i = 0; $i < $numCalls; $i++) |
||
330 | { |
||
331 | $result[$i] = _xmlrpcs_multicall_do_call_phpvals($server, $m[$i]); |
||
332 | } |
||
333 | } |
||
334 | |||
335 | return new xmlrpcresp(new xmlrpcval($result, 'array')); |
||
336 | } |
||
337 | |||
338 | $GLOBALS['_xmlrpcs_dmap']=array( |
||
339 | 'system.listMethods' => array( |
||
340 | 'function' => '_xmlrpcs_listMethods', |
||
341 | 'signature' => $_xmlrpcs_listMethods_sig, |
||
342 | 'docstring' => $_xmlrpcs_listMethods_doc, |
||
343 | 'signature_docs' => $_xmlrpcs_listMethods_sdoc), |
||
344 | 'system.methodHelp' => array( |
||
345 | 'function' => '_xmlrpcs_methodHelp', |
||
346 | 'signature' => $_xmlrpcs_methodHelp_sig, |
||
347 | 'docstring' => $_xmlrpcs_methodHelp_doc, |
||
348 | 'signature_docs' => $_xmlrpcs_methodHelp_sdoc), |
||
349 | 'system.methodSignature' => array( |
||
350 | 'function' => '_xmlrpcs_methodSignature', |
||
351 | 'signature' => $_xmlrpcs_methodSignature_sig, |
||
352 | 'docstring' => $_xmlrpcs_methodSignature_doc, |
||
353 | 'signature_docs' => $_xmlrpcs_methodSignature_sdoc), |
||
354 | 'system.multicall' => array( |
||
355 | 'function' => '_xmlrpcs_multicall', |
||
356 | 'signature' => $_xmlrpcs_multicall_sig, |
||
357 | 'docstring' => $_xmlrpcs_multicall_doc, |
||
358 | 'signature_docs' => $_xmlrpcs_multicall_sdoc), |
||
359 | 'system.getCapabilities' => array( |
||
360 | 'function' => '_xmlrpcs_getCapabilities', |
||
361 | 'signature' => $_xmlrpcs_getCapabilities_sig, |
||
362 | 'docstring' => $_xmlrpcs_getCapabilities_doc, |
||
363 | 'signature_docs' => $_xmlrpcs_getCapabilities_sdoc) |
||
364 | ); |
||
365 | |||
366 | $GLOBALS['_xmlrpcs_occurred_errors'] = ''; |
||
367 | $GLOBALS['_xmlrpcs_prev_ehandler'] = ''; |
||
368 | /** |
||
369 | * Error handler used to track errors that occur during server-side execution of PHP code. |
||
370 | * This allows to report back to the client whether an internal error has occurred or not |
||
371 | * using an xmlrpc response object, instead of letting the client deal with the html junk |
||
372 | * that a PHP execution error on the server generally entails. |
||
373 | * |
||
374 | * NB: in fact a user defined error handler can only handle WARNING, NOTICE and USER_* errors. |
||
375 | * |
||
376 | */ |
||
377 | function _xmlrpcs_errorHandler($errcode, $errstring, $filename=null, $lineno=null, $context=null) |
||
378 | { |
||
379 | // obey the @ protocol |
||
380 | if (error_reporting() == 0) |
||
381 | return; |
||
382 | |||
383 | //if($errcode != E_NOTICE && $errcode != E_WARNING && $errcode != E_USER_NOTICE && $errcode != E_USER_WARNING) |
||
384 | if($errcode != 2048) // do not use E_STRICT by name, since on PHP 4 it will not be defined |
||
385 | { |
||
386 | $GLOBALS['_xmlrpcs_occurred_errors'] = $GLOBALS['_xmlrpcs_occurred_errors'] . $errstring . "\n"; |
||
387 | } |
||
388 | // Try to avoid as much as possible disruption to the previous error handling |
||
389 | // mechanism in place |
||
390 | if($GLOBALS['_xmlrpcs_prev_ehandler'] == '') |
||
391 | { |
||
392 | // The previous error handler was the default: all we should do is log error |
||
393 | // to the default error log (if level high enough) |
||
394 | if(ini_get('log_errors') && (intval(ini_get('error_reporting')) & $errcode)) |
||
395 | { |
||
396 | error_log($errstring); |
||
397 | } |
||
398 | } |
||
399 | else |
||
400 | { |
||
401 | // Pass control on to previous error handler, trying to avoid loops... |
||
402 | if($GLOBALS['_xmlrpcs_prev_ehandler'] != '_xmlrpcs_errorHandler') |
||
403 | { |
||
404 | // NB: this code will NOT work on php < 4.0.2: only 2 params were used for error handlers |
||
405 | if(is_array($GLOBALS['_xmlrpcs_prev_ehandler'])) |
||
406 | { |
||
407 | // the following works both with static class methods and plain object methods as error handler |
||
408 | call_user_func_array($GLOBALS['_xmlrpcs_prev_ehandler'], array($errcode, $errstring, $filename, $lineno, $context)); |
||
409 | } |
||
410 | else |
||
411 | { |
||
412 | $GLOBALS['_xmlrpcs_prev_ehandler']($errcode, $errstring, $filename, $lineno, $context); |
||
413 | } |
||
414 | } |
||
415 | } |
||
416 | } |
||
417 | |||
418 | $GLOBALS['_xmlrpc_debuginfo']=''; |
||
419 | |||
420 | /** |
||
421 | * Add a string to the debug info that can be later seralized by the server |
||
422 | * as part of the response message. |
||
423 | * Note that for best compatbility, the debug string should be encoded using |
||
424 | * the $GLOBALS['xmlrpc_internalencoding'] character set. |
||
425 | * @param string $m |
||
426 | * @access public |
||
427 | */ |
||
428 | function xmlrpc_debugmsg($m) |
||
429 | { |
||
430 | $GLOBALS['_xmlrpc_debuginfo'] .= $m . "\n"; |
||
431 | } |
||
432 | |||
433 | class xmlrpc_server |
||
434 | { |
||
435 | /// array defining php functions exposed as xmlrpc methods by this server |
||
436 | var $dmap=array(); |
||
437 | /** |
||
438 | * Defines how functions in dmap will be invokde: either using an xmlrpc msg object |
||
439 | * or plain php values. |
||
440 | * valid strings are 'xmlrpcvals', 'phpvals' or 'epivals' |
||
441 | */ |
||
442 | var $functions_parameters_type='xmlrpcvals'; |
||
443 | /// controls wether the server is going to echo debugging messages back to the client as comments in response body. valid values: 0,1,2,3 |
||
444 | var $debug = 1; |
||
445 | /** |
||
446 | * When set to true, it will enable HTTP compression of the response, in case |
||
447 | * the client has declared its support for compression in the request. |
||
448 | */ |
||
449 | var $compress_response = false; |
||
450 | /** |
||
451 | * List of http compression methods accepted by the server for requests. |
||
452 | * NB: PHP supports deflate, gzip compressions out of the box if compiled w. zlib |
||
453 | */ |
||
454 | var $accepted_compression = array(); |
||
455 | /// shall we serve calls to system.* methods? |
||
456 | var $allow_system_funcs = true; |
||
457 | /// list of charset encodings natively accepted for requests |
||
458 | var $accepted_charset_encodings = array(); |
||
459 | /** |
||
460 | * charset encoding to be used for response. |
||
461 | * NB: if we can, we will convert the generated response from internal_encoding to the intended one. |
||
462 | * can be: a supported xml encoding (only UTF-8 and ISO-8859-1 at present, unless mbstring is enabled), |
||
463 | * null (leave unspecified in response, convert output stream to US_ASCII), |
||
464 | * 'default' (use xmlrpc library default as specified in xmlrpc.inc, convert output stream if needed), |
||
465 | * or 'auto' (use client-specified charset encoding or same as request if request headers do not specify it (unless request is US-ASCII: then use library default anyway). |
||
466 | * NB: pretty dangerous if you accept every charset and do not have mbstring enabled) |
||
467 | */ |
||
468 | var $response_charset_encoding = ''; |
||
469 | /// storage for internal debug info |
||
470 | var $debug_info = ''; |
||
471 | /// extra data passed at runtime to method handling functions. Used only by EPI layer |
||
472 | var $user_data = null; |
||
473 | |||
474 | /** |
||
475 | * @param array $dispmap the dispatch map withd efinition of exposed services |
||
476 | * @param boolean $servicenow set to false to prevent the server from runnung upon construction |
||
477 | */ |
||
478 | function xmlrpc_server($dispMap=null, $serviceNow=true) |
||
479 | { |
||
480 | // if ZLIB is enabled, let the server by default accept compressed requests, |
||
481 | // and compress responses sent to clients that support them |
||
482 | if(function_exists('gzinflate')) |
||
483 | { |
||
484 | $this->accepted_compression = array('gzip', 'deflate'); |
||
485 | $this->compress_response = true; |
||
486 | } |
||
487 | |||
488 | // by default the xml parser can support these 3 charset encodings |
||
489 | $this->accepted_charset_encodings = array('UTF-8', 'ISO-8859-1', 'US-ASCII'); |
||
490 | |||
491 | // dispMap is a dispatch array of methods |
||
492 | // mapped to function names and signatures |
||
493 | // if a method |
||
494 | // doesn't appear in the map then an unknown |
||
495 | // method error is generated |
||
496 | /* milosch - changed to make passing dispMap optional. |
||
497 | * instead, you can use the class add_to_map() function |
||
498 | * to add functions manually (borrowed from SOAPX4) |
||
499 | */ |
||
500 | if($dispMap) |
||
501 | { |
||
502 | $this->dmap = $dispMap; |
||
503 | if($serviceNow) |
||
504 | { |
||
505 | $this->service(); |
||
506 | } |
||
507 | } |
||
508 | } |
||
509 | |||
510 | /** |
||
511 | * Set debug level of server. |
||
512 | * @param integer $in debug lvl: determines info added to xmlrpc responses (as xml comments) |
||
513 | * 0 = no debug info, |
||
514 | * 1 = msgs set from user with debugmsg(), |
||
515 | * 2 = add complete xmlrpc request (headers and body), |
||
516 | * 3 = add also all processing warnings happened during method processing |
||
517 | * (NB: this involves setting a custom error handler, and might interfere |
||
518 | * with the standard processing of the php function exposed as method. In |
||
519 | * particular, triggering an USER_ERROR level error will not halt script |
||
520 | * execution anymore, but just end up logged in the xmlrpc response) |
||
521 | * Note that info added at elevel 2 and 3 will be base64 encoded |
||
522 | * @access public |
||
523 | */ |
||
524 | function setDebug($in) |
||
525 | { |
||
526 | $this->debug=$in; |
||
527 | } |
||
528 | |||
529 | /** |
||
530 | * Return a string with the serialized representation of all debug info |
||
531 | * @param string $charset_encoding the target charset encoding for the serialization |
||
532 | * @return string an XML comment (or two) |
||
533 | */ |
||
534 | function serializeDebug($charset_encoding='') |
||
535 | { |
||
536 | // Tough encoding problem: which internal charset should we assume for debug info? |
||
537 | // It might contain a copy of raw data received from client, ie with unknown encoding, |
||
538 | // intermixed with php generated data and user generated data... |
||
539 | // so we split it: system debug is base 64 encoded, |
||
540 | // user debug info should be encoded by the end user using the INTERNAL_ENCODING |
||
541 | $out = ''; |
||
542 | if ($this->debug_info != '') |
||
543 | { |
||
544 | $out .= "<!-- SERVER DEBUG INFO (BASE64 ENCODED):\n".base64_encode($this->debug_info)."\n-->\n"; |
||
545 | } |
||
546 | if($GLOBALS['_xmlrpc_debuginfo']!='') |
||
547 | { |
||
548 | |||
549 | $out .= "<!-- DEBUG INFO:\n" . xmlrpc_encode_entitites(str_replace('--', '_-', $GLOBALS['_xmlrpc_debuginfo']), $GLOBALS['xmlrpc_internalencoding'], $charset_encoding) . "\n-->\n"; |
||
550 | // NB: a better solution MIGHT be to use CDATA, but we need to insert it |
||
551 | // into return payload AFTER the beginning tag |
||
552 | //$out .= "<![CDATA[ DEBUG INFO:\n\n" . str_replace(']]>', ']_]_>', $GLOBALS['_xmlrpc_debuginfo']) . "\n]]>\n"; |
||
553 | } |
||
554 | return $out; |
||
555 | } |
||
556 | |||
557 | /** |
||
558 | * Execute the xmlrpc request, printing the response |
||
559 | * @param string $data the request body. If null, the http POST request will be examined |
||
560 | * @return xmlrpcresp the response object (usually not used by caller...) |
||
561 | * @access public |
||
562 | */ |
||
563 | function service($data=null, $return_payload=false) |
||
564 | { |
||
565 | if ($data === null) |
||
566 | { |
||
567 | // workaround for a known bug in php ver. 5.2.2 that broke $HTTP_RAW_POST_DATA |
||
568 | $ver = phpversion(); |
||
569 | if ($ver[0] >= 5) |
||
570 | { |
||
571 | $data = file_get_contents('php://input'); |
||
572 | } |
||
573 | else |
||
574 | { |
||
575 | $data = isset($GLOBALS['HTTP_RAW_POST_DATA']) ? $GLOBALS['HTTP_RAW_POST_DATA'] : ''; |
||
576 | } |
||
577 | } |
||
578 | $raw_data = $data; |
||
579 | |||
580 | // reset internal debug info |
||
581 | $this->debug_info = ''; |
||
582 | |||
583 | // Echo back what we received, before parsing it |
||
584 | if($this->debug > 1) |
||
585 | { |
||
586 | $this->debugmsg("+++GOT+++\n" . $data . "\n+++END+++"); |
||
587 | } |
||
588 | |||
589 | $r = $this->parseRequestHeaders($data, $req_charset, $resp_charset, $resp_encoding); |
||
590 | if (!$r) |
||
591 | { |
||
592 | $r=$this->parseRequest($data, $req_charset); |
||
593 | } |
||
594 | |||
595 | // save full body of request into response, for more debugging usages |
||
596 | $r->raw_data = $raw_data; |
||
597 | |||
598 | if($this->debug > 2 && $GLOBALS['_xmlrpcs_occurred_errors']) |
||
599 | { |
||
600 | $this->debugmsg("+++PROCESSING ERRORS AND WARNINGS+++\n" . |
||
601 | $GLOBALS['_xmlrpcs_occurred_errors'] . "+++END+++"); |
||
602 | } |
||
603 | |||
604 | $payload=$this->xml_header($resp_charset); |
||
605 | if($this->debug > 0) |
||
606 | { |
||
607 | $payload = $payload . $this->serializeDebug($resp_charset); |
||
608 | } |
||
609 | |||
610 | // G. Giunta 2006-01-27: do not create response serialization if it has |
||
611 | // already happened. Helps building json magic |
||
612 | if (empty($r->payload)) |
||
613 | { |
||
614 | $r->serialize($resp_charset); |
||
615 | } |
||
616 | $payload = $payload . $r->payload; |
||
617 | |||
618 | if ($return_payload) |
||
619 | { |
||
620 | return $payload; |
||
621 | } |
||
622 | |||
623 | // if we get a warning/error that has output some text before here, then we cannot |
||
624 | // add a new header. We cannot say we are sending xml, either... |
||
625 | if(!headers_sent()) |
||
626 | { |
||
627 | header('Content-Type: '.$r->content_type); |
||
628 | // we do not know if client actually told us an accepted charset, but if he did |
||
629 | // we have to tell him what we did |
||
630 | header("Vary: Accept-Charset"); |
||
631 | |||
632 | // http compression of output: only |
||
633 | // if we can do it, and we want to do it, and client asked us to, |
||
634 | // and php ini settings do not force it already |
||
635 | $php_no_self_compress = !ini_get('zlib.output_compression') && (ini_get('output_handler') != 'ob_gzhandler'); |
||
636 | if($this->compress_response && function_exists('gzencode') && $resp_encoding != '' |
||
637 | && $php_no_self_compress) |
||
638 | { |
||
639 | if(strpos($resp_encoding, 'gzip') !== false) |
||
640 | { |
||
641 | $payload = gzencode($payload); |
||
642 | header("Content-Encoding: gzip"); |
||
643 | header("Vary: Accept-Encoding"); |
||
644 | } |
||
645 | elseif (strpos($resp_encoding, 'deflate') !== false) |
||
646 | { |
||
647 | $payload = gzcompress($payload); |
||
648 | header("Content-Encoding: deflate"); |
||
649 | header("Vary: Accept-Encoding"); |
||
650 | } |
||
651 | } |
||
652 | |||
653 | // do not ouput content-length header if php is compressing output for us: |
||
654 | // it will mess up measurements |
||
655 | if($php_no_self_compress) |
||
656 | { |
||
657 | header('Content-Length: ' . (int)strlen($payload)); |
||
658 | } |
||
659 | } |
||
660 | else |
||
661 | { |
||
662 | error_log('XML-RPC: xmlrpc_server::service: http headers already sent before response is fully generated. Check for php warning or error messages'); |
||
663 | } |
||
664 | |||
665 | print $payload; |
||
666 | |||
667 | // return request, in case subclasses want it |
||
668 | return $r; |
||
669 | } |
||
670 | |||
671 | /** |
||
672 | * Add a method to the dispatch map |
||
673 | * @param string $methodname the name with which the method will be made available |
||
674 | * @param string $function the php function that will get invoked |
||
675 | * @param array $sig the array of valid method signatures |
||
676 | * @param string $doc method documentation |
||
677 | * @param array $sigdoc the array of valid method signatures docs (one string per param, one for return type) |
||
678 | * @access public |
||
679 | */ |
||
680 | function add_to_map($methodname,$function,$sig=null,$doc=false,$sigdoc=false) |
||
681 | { |
||
682 | $this->dmap[$methodname] = array( |
||
683 | 'function' => $function, |
||
684 | 'docstring' => $doc |
||
685 | ); |
||
686 | if ($sig) |
||
687 | { |
||
688 | $this->dmap[$methodname]['signature'] = $sig; |
||
689 | } |
||
690 | if ($sigdoc) |
||
691 | { |
||
692 | $this->dmap[$methodname]['signature_docs'] = $sigdoc; |
||
693 | } |
||
694 | } |
||
695 | |||
696 | /** |
||
697 | * Verify type and number of parameters received against a list of known signatures |
||
698 | * @param array $in array of either xmlrpcval objects or xmlrpc type definitions |
||
699 | * @param array $sig array of known signatures to match against |
||
700 | * @access private |
||
701 | */ |
||
702 | function verifySignature($in, $sig) |
||
703 | { |
||
704 | // check each possible signature in turn |
||
705 | if (is_object($in)) |
||
706 | { |
||
707 | $numParams = $in->getNumParams(); |
||
708 | } |
||
709 | else |
||
710 | { |
||
711 | $numParams = count($in); |
||
712 | } |
||
713 | foreach($sig as $cursig) |
||
714 | { |
||
715 | if(count($cursig)==$numParams+1) |
||
716 | { |
||
717 | $itsOK=1; |
||
718 | for($n=0; $n<$numParams; $n++) |
||
719 | { |
||
720 | if (is_object($in)) |
||
721 | { |
||
722 | $p=$in->getParam($n); |
||
723 | if($p->kindOf() == 'scalar') |
||
724 | { |
||
725 | $pt=$p->scalartyp(); |
||
726 | } |
||
727 | else |
||
728 | { |
||
729 | $pt=$p->kindOf(); |
||
730 | } |
||
731 | } |
||
732 | else |
||
733 | { |
||
734 | $pt= $in[$n] == 'i4' ? 'int' : $in[$n]; // dispatch maps never use i4... |
||
735 | } |
||
736 | |||
737 | // param index is $n+1, as first member of sig is return type |
||
738 | if($pt != $cursig[$n+1] && $cursig[$n+1] != $GLOBALS['xmlrpcValue']) |
||
739 | { |
||
740 | $itsOK=0; |
||
741 | $pno=$n+1; |
||
742 | $wanted=$cursig[$n+1]; |
||
743 | $got=$pt; |
||
744 | break; |
||
745 | } |
||
746 | } |
||
747 | if($itsOK) |
||
748 | { |
||
749 | return array(1,''); |
||
750 | } |
||
751 | } |
||
752 | } |
||
753 | if(isset($wanted)) |
||
754 | { |
||
755 | return array(0, "Wanted ${wanted}, got ${got} at param ${pno}"); |
||
756 | } |
||
757 | else |
||
758 | { |
||
759 | return array(0, "No method signature matches number of parameters"); |
||
760 | } |
||
761 | } |
||
762 | |||
763 | /** |
||
764 | * Parse http headers received along with xmlrpc request. If needed, inflate request |
||
765 | * @return null on success or an xmlrpcresp |
||
766 | * @access private |
||
767 | */ |
||
768 | function parseRequestHeaders(&$data, &$req_encoding, &$resp_encoding, &$resp_compression) |
||
769 | { |
||
770 | // Play nice to PHP 4.0.x: superglobals were not yet invented... |
||
771 | if(!isset($_SERVER)) |
||
772 | { |
||
773 | $_SERVER = $GLOBALS['HTTP_SERVER_VARS']; |
||
774 | } |
||
775 | |||
776 | if($this->debug > 1) |
||
777 | { |
||
778 | if(function_exists('getallheaders')) |
||
779 | { |
||
780 | $this->debugmsg(''); // empty line |
||
781 | foreach(getallheaders() as $name => $val) |
||
782 | { |
||
783 | $this->debugmsg("HEADER: $name: $val"); |
||
784 | } |
||
785 | } |
||
786 | |||
787 | } |
||
788 | |||
789 | if(isset($_SERVER['HTTP_CONTENT_ENCODING'])) |
||
790 | { |
||
791 | $content_encoding = str_replace('x-', '', $_SERVER['HTTP_CONTENT_ENCODING']); |
||
792 | } |
||
793 | else |
||
794 | { |
||
795 | $content_encoding = ''; |
||
796 | } |
||
797 | |||
798 | // check if request body has been compressed and decompress it |
||
799 | if($content_encoding != '' && strlen($data)) |
||
800 | { |
||
801 | if($content_encoding == 'deflate' || $content_encoding == 'gzip') |
||
802 | { |
||
803 | // if decoding works, use it. else assume data wasn't gzencoded |
||
804 | if(function_exists('gzinflate') && in_array($content_encoding, $this->accepted_compression)) |
||
805 | { |
||
806 | if($content_encoding == 'deflate' && $degzdata = @gzuncompress($data)) |
||
807 | { |
||
808 | $data = $degzdata; |
||
809 | if($this->debug > 1) |
||
810 | { |
||
811 | $this->debugmsg("\n+++INFLATED REQUEST+++[".strlen($data)." chars]+++\n" . $data . "\n+++END+++"); |
||
812 | } |
||
813 | } |
||
814 | elseif($content_encoding == 'gzip' && $degzdata = @gzinflate(substr($data, 10))) |
||
815 | { |
||
816 | $data = $degzdata; |
||
817 | if($this->debug > 1) |
||
818 | $this->debugmsg("+++INFLATED REQUEST+++[".strlen($data)." chars]+++\n" . $data . "\n+++END+++"); |
||
819 | } |
||
820 | else |
||
821 | { |
||
822 | $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['server_decompress_fail'], $GLOBALS['xmlrpcstr']['server_decompress_fail']); |
||
823 | return $r; |
||
824 | } |
||
825 | } |
||
826 | else |
||
827 | { |
||
828 | //error_log('The server sent deflated data. Your php install must have the Zlib extension compiled in to support this.'); |
||
829 | $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['server_cannot_decompress'], $GLOBALS['xmlrpcstr']['server_cannot_decompress']); |
||
830 | return $r; |
||
831 | } |
||
832 | } |
||
833 | } |
||
834 | |||
835 | // check if client specified accepted charsets, and if we know how to fulfill |
||
836 | // the request |
||
837 | if ($this->response_charset_encoding == 'auto') |
||
838 | { |
||
839 | $resp_encoding = ''; |
||
840 | if (isset($_SERVER['HTTP_ACCEPT_CHARSET'])) |
||
841 | { |
||
842 | // here we should check if we can match the client-requested encoding |
||
843 | // with the encodings we know we can generate. |
||
844 | /// @todo we should parse q=0.x preferences instead of getting first charset specified... |
||
845 | $client_accepted_charsets = explode(',', strtoupper($_SERVER['HTTP_ACCEPT_CHARSET'])); |
||
846 | // Give preference to internal encoding |
||
847 | $known_charsets = array($GLOBALS['xmlrpc_internalencoding'], 'UTF-8', 'ISO-8859-1', 'US-ASCII'); |
||
848 | foreach ($known_charsets as $charset) |
||
849 | { |
||
850 | foreach ($client_accepted_charsets as $accepted) |
||
851 | if (strpos($accepted, $charset) === 0) |
||
852 | { |
||
853 | $resp_encoding = $charset; |
||
854 | break; |
||
855 | } |
||
856 | if ($resp_encoding) |
||
857 | break; |
||
858 | } |
||
859 | } |
||
860 | } |
||
861 | else |
||
862 | { |
||
863 | $resp_encoding = $this->response_charset_encoding; |
||
864 | } |
||
865 | |||
866 | if (isset($_SERVER['HTTP_ACCEPT_ENCODING'])) |
||
867 | { |
||
868 | $resp_compression = $_SERVER['HTTP_ACCEPT_ENCODING']; |
||
869 | } |
||
870 | else |
||
871 | { |
||
872 | $resp_compression = ''; |
||
873 | } |
||
874 | |||
875 | // 'guestimate' request encoding |
||
876 | /// @todo check if mbstring is enabled and automagic input conversion is on: it might mingle with this check??? |
||
877 | $req_encoding = guess_encoding(isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : '', |
||
878 | $data); |
||
879 | |||
880 | return null; |
||
881 | } |
||
882 | |||
883 | /** |
||
884 | * Parse an xml chunk containing an xmlrpc request and execute the corresponding |
||
885 | * php function registered with the server |
||
886 | * @param string $data the xml request |
||
887 | * @param string $req_encoding (optional) the charset encoding of the xml request |
||
888 | * @return xmlrpcresp |
||
889 | * @access private |
||
890 | */ |
||
891 | function parseRequest($data, $req_encoding='') |
||
892 | { |
||
893 | // 2005/05/07 commented and moved into caller function code |
||
894 | //if($data=='') |
||
895 | //{ |
||
896 | // $data=$GLOBALS['HTTP_RAW_POST_DATA']; |
||
897 | //} |
||
898 | |||
899 | // G. Giunta 2005/02/13: we do NOT expect to receive html entities |
||
900 | // so we do not try to convert them into xml character entities |
||
901 | //$data = xmlrpc_html_entity_xlate($data); |
||
902 | |||
903 | $GLOBALS['_xh']=array(); |
||
904 | $GLOBALS['_xh']['ac']=''; |
||
905 | $GLOBALS['_xh']['stack']=array(); |
||
906 | $GLOBALS['_xh']['valuestack'] = array(); |
||
907 | $GLOBALS['_xh']['params']=array(); |
||
908 | $GLOBALS['_xh']['pt']=array(); |
||
909 | $GLOBALS['_xh']['isf']=0; |
||
910 | $GLOBALS['_xh']['isf_reason']=''; |
||
911 | $GLOBALS['_xh']['method']=false; // so we can check later if we got a methodname or not |
||
912 | $GLOBALS['_xh']['rt']=''; |
||
913 | |||
914 | // decompose incoming XML into request structure |
||
915 | if ($req_encoding != '') |
||
916 | { |
||
917 | if (!in_array($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) |
||
918 | // the following code might be better for mb_string enabled installs, but |
||
919 | // makes the lib about 200% slower... |
||
920 | //if (!is_valid_charset($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) |
||
921 | { |
||
922 | error_log('XML-RPC: xmlrpc_server::parseRequest: invalid charset encoding of received request: '.$req_encoding); |
||
923 | $req_encoding = $GLOBALS['xmlrpc_defencoding']; |
||
924 | } |
||
925 | /// @BUG this will fail on PHP 5 if charset is not specified in the xml prologue, |
||
926 | // the encoding is not UTF8 and there are non-ascii chars in the text... |
||
927 | /// @todo use an ampty string for php 5 ??? |
||
928 | $parser = xml_parser_create($req_encoding); |
||
929 | } |
||
930 | else |
||
931 | { |
||
932 | $parser = xml_parser_create(); |
||
933 | } |
||
934 | |||
935 | xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true); |
||
936 | // G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell |
||
937 | // the xml parser to give us back data in the expected charset |
||
938 | // What if internal encoding is not in one of the 3 allowed? |
||
939 | // we use the broadest one, ie. utf8 |
||
940 | // This allows to send data which is native in various charset, |
||
941 | // by extending xmlrpc_encode_entitites() and setting xmlrpc_internalencoding |
||
942 | if (!in_array($GLOBALS['xmlrpc_internalencoding'], array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) |
||
943 | { |
||
944 | xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, 'UTF-8'); |
||
945 | } |
||
946 | else |
||
947 | { |
||
948 | xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $GLOBALS['xmlrpc_internalencoding']); |
||
949 | } |
||
950 | |||
951 | if ($this->functions_parameters_type != 'xmlrpcvals') |
||
952 | xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee_fast'); |
||
953 | else |
||
954 | xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee'); |
||
955 | xml_set_character_data_handler($parser, 'xmlrpc_cd'); |
||
956 | xml_set_default_handler($parser, 'xmlrpc_dh'); |
||
957 | if(!xml_parse($parser, $data, 1)) |
||
958 | { |
||
959 | // return XML error as a faultCode |
||
960 | $r=&new xmlrpcresp(0, |
||
961 | $GLOBALS['xmlrpcerrxml']+xml_get_error_code($parser), |
||
962 | sprintf('XML error: %s at line %d, column %d', |
||
963 | xml_error_string(xml_get_error_code($parser)), |
||
964 | xml_get_current_line_number($parser), xml_get_current_column_number($parser))); |
||
965 | xml_parser_free($parser); |
||
966 | } |
||
967 | elseif ($GLOBALS['_xh']['isf']) |
||
968 | { |
||
969 | xml_parser_free($parser); |
||
970 | $r=&new xmlrpcresp(0, |
||
971 | $GLOBALS['xmlrpcerr']['invalid_request'], |
||
972 | $GLOBALS['xmlrpcstr']['invalid_request'] . ' ' . $GLOBALS['_xh']['isf_reason']); |
||
973 | } |
||
974 | else |
||
975 | { |
||
976 | xml_parser_free($parser); |
||
977 | if ($this->functions_parameters_type != 'xmlrpcvals') |
||
978 | { |
||
979 | if($this->debug > 1) |
||
980 | { |
||
981 | $this->debugmsg("\n+++PARSED+++\n".var_export($GLOBALS['_xh']['params'], true)."\n+++END+++"); |
||
982 | } |
||
983 | $r = $this->execute($GLOBALS['_xh']['method'], $GLOBALS['_xh']['params'], $GLOBALS['_xh']['pt']); |
||
984 | } |
||
985 | else |
||
986 | { |
||
987 | // build an xmlrpcmsg object with data parsed from xml |
||
988 | $m=&new xmlrpcmsg($GLOBALS['_xh']['method']); |
||
989 | // now add parameters in |
||
990 | for($i=0; $i<count($GLOBALS['_xh']['params']); $i++) |
||
991 | { |
||
992 | $m->addParam($GLOBALS['_xh']['params'][$i]); |
||
993 | } |
||
994 | |||
995 | if($this->debug > 1) |
||
996 | { |
||
997 | $this->debugmsg("\n+++PARSED+++\n".var_export($m, true)."\n+++END+++"); |
||
998 | } |
||
999 | $r = $this->execute($m); |
||
1000 | } |
||
1001 | } |
||
1002 | return $r; |
||
1003 | } |
||
1004 | |||
1005 | /** |
||
1006 | * Execute a method invoked by the client, checking parameters used |
||
1007 | * @param mixed $m either an xmlrpcmsg obj or a method name |
||
1008 | * @param array $params array with method parameters as php types (if m is method name only) |
||
1009 | * @param array $paramtypes array with xmlrpc types of method parameters (if m is method name only) |
||
1010 | * @return xmlrpcresp |
||
1011 | * @access private |
||
1012 | */ |
||
1013 | function execute($m, $params=null, $paramtypes=null) |
||
1014 | { |
||
1015 | if (is_object($m)) |
||
1016 | { |
||
1017 | $methName = $m->method(); |
||
1018 | } |
||
1019 | else |
||
1020 | { |
||
1021 | $methName = $m; |
||
1022 | } |
||
1023 | $sysCall = $this->allow_system_funcs && (strpos($methName, "system.") === 0); |
||
1024 | $dmap = $sysCall ? $GLOBALS['_xmlrpcs_dmap'] : $this->dmap; |
||
1025 | |||
1026 | if(!isset($dmap[$methName]['function'])) |
||
1027 | { |
||
1028 | // No such method |
||
1029 | return new xmlrpcresp(0, |
||
1030 | $GLOBALS['xmlrpcerr']['unknown_method'], |
||
1031 | $GLOBALS['xmlrpcstr']['unknown_method']); |
||
1032 | } |
||
1033 | |||
1034 | // Check signature |
||
1035 | if(isset($dmap[$methName]['signature'])) |
||
1036 | { |
||
1037 | $sig = $dmap[$methName]['signature']; |
||
1038 | if (is_object($m)) |
||
1039 | { |
||
1040 | list($ok, $errstr) = $this->verifySignature($m, $sig); |
||
1041 | } |
||
1042 | else |
||
1043 | { |
||
1044 | list($ok, $errstr) = $this->verifySignature($paramtypes, $sig); |
||
1045 | } |
||
1046 | if(!$ok) |
||
1047 | { |
||
1048 | // Didn't match. |
||
1049 | return new xmlrpcresp( |
||
1050 | 0, |
||
1051 | $GLOBALS['xmlrpcerr']['incorrect_params'], |
||
1052 | $GLOBALS['xmlrpcstr']['incorrect_params'] . ": ${errstr}" |
||
1053 | ); |
||
1054 | } |
||
1055 | } |
||
1056 | |||
1057 | $func = $dmap[$methName]['function']; |
||
1058 | // let the 'class::function' syntax be accepted in dispatch maps |
||
1059 | if(is_string($func) && strpos($func, '::')) |
||
1060 | { |
||
1061 | $func = explode('::', $func); |
||
1062 | } |
||
1063 | // verify that function to be invoked is in fact callable |
||
1064 | if(!is_callable($func)) |
||
1065 | { |
||
1066 | error_log("XML-RPC: xmlrpc_server::execute: function $func registered as method handler is not callable"); |
||
1067 | return new xmlrpcresp( |
||
1068 | 0, |
||
1069 | $GLOBALS['xmlrpcerr']['server_error'], |
||
1070 | $GLOBALS['xmlrpcstr']['server_error'] . ": no function matches method" |
||
1071 | ); |
||
1072 | } |
||
1073 | |||
1074 | // If debug level is 3, we should catch all errors generated during |
||
1075 | // processing of user function, and log them as part of response |
||
1076 | if($this->debug > 2) |
||
1077 | { |
||
1078 | $GLOBALS['_xmlrpcs_prev_ehandler'] = set_error_handler('_xmlrpcs_errorHandler'); |
||
1079 | } |
||
1080 | if (is_object($m)) |
||
1081 | { |
||
1082 | if($sysCall) |
||
1083 | { |
||
1084 | $r = call_user_func($func, $this, $m); |
||
1085 | } |
||
1086 | else |
||
1087 | { |
||
1088 | $r = call_user_func($func, $m); |
||
1089 | } |
||
1090 | if (!is_a($r, 'xmlrpcresp')) |
||
1091 | { |
||
1092 | error_log("XML-RPC: xmlrpc_server::execute: function $func registered as method handler does not return an xmlrpcresp object"); |
||
1093 | if (is_a($r, 'xmlrpcval')) |
||
1094 | { |
||
1095 | $r =& new xmlrpcresp($r); |
||
1096 | } |
||
1097 | else |
||
1098 | { |
||
1099 | $r =& new xmlrpcresp( |
||
1100 | 0, |
||
1101 | $GLOBALS['xmlrpcerr']['server_error'], |
||
1102 | $GLOBALS['xmlrpcstr']['server_error'] . ": function does not return xmlrpcresp object" |
||
1103 | ); |
||
1104 | } |
||
1105 | } |
||
1106 | } |
||
1107 | else |
||
1108 | { |
||
1109 | // call a 'plain php' function |
||
1110 | if($sysCall) |
||
1111 | { |
||
1112 | array_unshift($params, $this); |
||
1113 | $r = call_user_func_array($func, $params); |
||
1114 | } |
||
1115 | else |
||
1116 | { |
||
1117 | // 3rd API convention for method-handling functions: EPI-style |
||
1118 | if ($this->functions_parameters_type == 'epivals') |
||
1119 | { |
||
1120 | $r = call_user_func_array($func, array($methName, $params, $this->user_data)); |
||
1121 | // mimic EPI behaviour: if we get an array that looks like an error, make it |
||
1122 | // an eror response |
||
1123 | if (is_array($r) && array_key_exists('faultCode', $r) && array_key_exists('faultString', $r)) |
||
1124 | { |
||
1125 | $r =& new xmlrpcresp(0, (integer)$r['faultCode'], (string)$r['faultString']); |
||
1126 | } |
||
1127 | else |
||
1128 | { |
||
1129 | // functions using EPI api should NOT return resp objects, |
||
1130 | // so make sure we encode the return type correctly |
||
1131 | $r =& new xmlrpcresp(php_xmlrpc_encode($r, array('extension_api'))); |
||
1132 | } |
||
1133 | } |
||
1134 | else |
||
1135 | { |
||
1136 | $r = call_user_func_array($func, $params); |
||
1137 | } |
||
1138 | } |
||
1139 | // the return type can be either an xmlrpcresp object or a plain php value... |
||
1140 | if (!is_a($r, 'xmlrpcresp')) |
||
1141 | { |
||
1142 | // what should we assume here about automatic encoding of datetimes |
||
1143 | // and php classes instances??? |
||
1144 | $r =& new xmlrpcresp(php_xmlrpc_encode($r, array('auto_dates'))); |
||
1145 | } |
||
1146 | } |
||
1147 | if($this->debug > 2) |
||
1148 | { |
||
1149 | // note: restore the error handler we found before calling the |
||
1150 | // user func, even if it has been changed inside the func itself |
||
1151 | if($GLOBALS['_xmlrpcs_prev_ehandler']) |
||
1152 | { |
||
1153 | set_error_handler($GLOBALS['_xmlrpcs_prev_ehandler']); |
||
1154 | } |
||
1155 | else |
||
1156 | { |
||
1157 | restore_error_handler(); |
||
1158 | } |
||
1159 | } |
||
1160 | return $r; |
||
1161 | } |
||
1162 | |||
1163 | /** |
||
1164 | * add a string to the 'internal debug message' (separate from 'user debug message') |
||
1165 | * @param string $strings |
||
1166 | * @access private |
||
1167 | */ |
||
1168 | function debugmsg($string) |
||
1169 | { |
||
1170 | $this->debug_info .= $string."\n"; |
||
1171 | } |
||
1172 | |||
1173 | /** |
||
1174 | * @access private |
||
1175 | */ |
||
1176 | function xml_header($charset_encoding='') |
||
1177 | { |
||
1178 | if ($charset_encoding != '') |
||
1179 | { |
||
1180 | return "<?xml version=\"1.0\" encoding=\"$charset_encoding\"?" . ">\n"; |
||
1181 | } |
||
1182 | else |
||
1183 | { |
||
1184 | return "<?xml version=\"1.0\"?" . ">\n"; |
||
1185 | } |
||
1186 | } |
||
1187 | |||
1188 | /** |
||
1189 | * A debugging routine: just echoes back the input packet as a string value |
||
1190 | * DEPRECATED! |
||
1191 | */ |
||
1192 | function echoInput() |
||
1193 | { |
||
1194 | $r=&new xmlrpcresp(new xmlrpcval( "'Aha said I: '" . $GLOBALS['HTTP_RAW_POST_DATA'], 'string')); |
||
1195 | print $r->serialize(); |
||
1196 | } |
||
1197 | } |
||
1198 | ?> |