diff --git a/README.md b/README.md index 27d81e38..037b73f6 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ XMLRPC for PHP ============== -A php library for building xmlrpc clients and servers. +A php library for building xml-rpc clients and servers. Installation ------------ @@ -11,7 +11,6 @@ Installation instructions are in the INSTALL file. Docs ---- The manual, in HTML and pdf versions, can be found in the doc/ directory. -Recent changes in the ChangeLog file. Use of this software is subject to the terms in doc/index.html SSL-certificate diff --git a/composer.json b/composer.json index 294d5c67..db3c1498 100644 --- a/composer.json +++ b/composer.json @@ -5,12 +5,17 @@ "homepage": "http://gggeek.github.io/phpxmlrpc/", "keywords": [ "xmlrpc", "webservices" ], "require": { - "php": ">=5.3.0" + "php": ">=5.3.0", + "ext-xml": "*" }, "require-dev": { "phpunit/phpunit": "4.3.*" }, + "suggest": { + "ext-curl": "Needed for HTTPS and HTTP 1.1 support, NTLM Auth etc...", + "ext-zlib": "Needed for sending compressed requests and receiving compressed responses, if cURL is not available" + }, "autoload": { - "classmap": [ "lib/" ] + "psr-4": {"PhpXmlRpc\\": "src/"} } } \ No newline at end of file diff --git a/demo/server/discuss.php b/demo/server/discuss.php index 078b0877..dcba75d6 100644 --- a/demo/server/discuss.php +++ b/demo/server/discuss.php @@ -68,15 +68,7 @@ function getcomments($m) global $xmlrpcerruser; $err=""; $ra=array(); - // get the first param - if(XMLRPC_EPI_ENABLED == '1') - { - $msgID=xmlrpc_decode($m->getParam(0)); - } - else - { - $msgID=php_xmlrpc_decode($m->getParam(0)); - } + $msgID=php_xmlrpc_decode($m->getParam(0)); $dbh=dba_open("/tmp/comments.db", "r", "db2"); if($dbh) { diff --git a/lib/phpxmlrpc.php b/lib/phpxmlrpc.php deleted file mode 100644 index 23dc001c..00000000 --- a/lib/phpxmlrpc.php +++ /dev/null @@ -1,196 +0,0 @@ - array('MEMBER', 'DATA', 'PARAM', 'FAULT'), - 'BOOLEAN' => array('VALUE'), - 'I4' => array('VALUE'), - 'INT' => array('VALUE'), - 'STRING' => array('VALUE'), - 'DOUBLE' => array('VALUE'), - 'DATETIME.ISO8601' => array('VALUE'), - 'BASE64' => array('VALUE'), - 'MEMBER' => array('STRUCT'), - 'NAME' => array('MEMBER'), - 'DATA' => array('ARRAY'), - 'ARRAY' => array('VALUE'), - 'STRUCT' => array('VALUE'), - 'PARAM' => array('PARAMS'), - 'METHODNAME' => array('METHODCALL'), - 'PARAMS' => array('METHODCALL', 'METHODRESPONSE'), - 'FAULT' => array('METHODRESPONSE'), - 'NIL' => array('VALUE'), // only used when extension activated - 'EX:NIL' => array('VALUE') // only used when extension activated - ); - - // tables used for transcoding different charsets into us-ascii xml - public $xml_iso88591_Entities = array("in" => array(), "out" => array()); - - /// @todo add to iso table the characters from cp_1252 range, i.e. 128 to 159? - /// These will NOT be present in true ISO-8859-1, but will save the unwary - /// windows user from sending junk (though no luck when reciving them...) - /* - public $xml_cp1252_Entities = array('in' => array(), out' => array( - '€', '?', '‚', 'ƒ', - '„', '…', '†', '‡', - 'ˆ', '‰', 'Š', '‹', - 'Œ', '?', 'Ž', '?', - '?', '‘', '’', '“', - '”', '•', '–', '—', - '˜', '™', 'š', '›', - 'œ', '?', 'ž', 'Ÿ' - )); - */ - - public $xmlrpcerr = array( - 'unknown_method'=>1, - 'invalid_return'=>2, - 'incorrect_params'=>3, - 'introspect_unknown'=>4, - 'http_error'=>5, - 'no_data'=>6, - 'no_ssl'=>7, - 'curl_fail'=>8, - 'invalid_request'=>15, - 'no_curl'=>16, - 'server_error'=>17, - 'multicall_error'=>18, - 'multicall_notstruct'=>9, - 'multicall_nomethod'=>10, - 'multicall_notstring'=>11, - 'multicall_recursion'=>12, - 'multicall_noparams'=>13, - 'multicall_notarray'=>14, - - 'cannot_decompress'=>103, - 'decompress_fail'=>104, - 'dechunk_fail'=>105, - 'server_cannot_decompress'=>106, - 'server_decompress_fail'=>107 - ); - - public $xmlrpcstr = array( - 'unknown_method'=>'Unknown method', - 'invalid_return'=>'Invalid return payload: enable debugging to examine incoming payload', - 'incorrect_params'=>'Incorrect parameters passed to method', - 'introspect_unknown'=>"Can't introspect: method unknown", - 'http_error'=>"Didn't receive 200 OK from remote server.", - 'no_data'=>'No data received from server.', - 'no_ssl'=>'No SSL support compiled in.', - 'curl_fail'=>'CURL error', - 'invalid_request'=>'Invalid request payload', - 'no_curl'=>'No CURL support compiled in.', - 'server_error'=>'Internal server error', - 'multicall_error'=>'Received from server invalid multicall response', - 'multicall_notstruct'=>'system.multicall expected struct', - 'multicall_nomethod'=>'missing methodName', - 'multicall_notstring'=>'methodName is not a string', - 'multicall_recursion'=>'recursive system.multicall forbidden', - 'multicall_noparams'=>'missing params', - 'multicall_notarray'=>'params is not an array', - - 'cannot_decompress'=>'Received from server compressed HTTP and cannot decompress', - 'decompress_fail'=>'Received from server invalid compressed HTTP', - 'dechunk_fail'=>'Received from server invalid chunked HTTP', - 'server_cannot_decompress'=>'Received from client compressed HTTP request and cannot decompress', - 'server_decompress_fail'=>'Received from client invalid compressed HTTP request' - ); - - // The charset encoding used by the server for received messages and - // by the client for received responses when received charset cannot be determined - // or is not supported - public $xmlrpc_defencoding = "UTF-8"; - - // The encoding used internally by PHP. - // String values received as xml will be converted to this, and php strings will be converted to xml - // as if having been coded with this - public $xmlrpc_internalencoding = "ISO-8859-1"; // TODO: maybe this would be better as UTF-8, or atleast configurable? - - public $xmlrpcName = "XML-RPC for PHP"; - public $xmlrpcVersion = "4.0.0.beta"; - - // let user errors start at 800 - public $xmlrpcerruser = 800; - // let XML parse errors start at 100 - public $xmlrpcerrxml = 100; - - // set to TRUE to enable correct decoding of and values - public $xmlrpc_null_extension = false; - - // set to TRUE to enable encoding of php NULL values to instead of - public $xmlrpc_null_apache_encoding = false; - - public $xmlrpc_null_apache_encoding_ns = "http://ws.apache.org/xmlrpc/namespaces/extensions"; - - // used to store state during parsing - // quick explanation of components: - // ac - used to accumulate values - // isf - used to indicate a parsing fault (2) or xmlrpcresp fault (1) - // isf_reason - used for storing xmlrpcresp fault string - // lv - used to indicate "looking for a value": implements - // the logic to allow values with no types to be strings - // params - used to store parameters in method calls - // method - used to store method name - // stack - array with genealogy of xml elements names: - // used to validate nesting of xmlrpc elements - public $_xh = null; - - protected static $instance = null; - - private function __construct() { - $this->xmlrpcTypes = array( - $this->xmlrpcI4 => 1, - $this->xmlrpcInt => 1, - $this->xmlrpcBoolean => 1, - $this->xmlrpcDouble => 1, - $this->xmlrpcString => 1, - $this->xmlrpcDateTime => 1, - $this->xmlrpcBase64 => 1, - $this->xmlrpcArray => 2, - $this->xmlrpcStruct => 3, - $this->xmlrpcNull => 1 - ); - - for($i = 0; $i < 32; $i++) { - $this->xml_iso88591_Entities["in"][] = chr($i); - $this->xml_iso88591_Entities["out"][] = "&#{$i};"; - } - - for($i = 160; $i < 256; $i++) { - $this->xml_iso88591_Entities["in"][] = chr($i); - $this->xml_iso88591_Entities["out"][] = "&#{$i};"; - } - - /*for ($i = 128; $i < 160; $i++) - { - $this->xml_cp1252_Entities['in'][] = chr($i); - }*/ - } - - /** - * This class is singleton for performance reasons: this way the ASCII array needs to be done only once. - */ - public static function instance() { - if(self::$instance === null) { - self::$instance = new self(); - } - - return self::$instance; - } -} diff --git a/lib/xmlrpc.inc b/lib/xmlrpc.inc new file mode 100644 index 00000000..c706758a --- /dev/null +++ b/lib/xmlrpc.inc @@ -0,0 +1,117 @@ + + +// Copyright (c) 1999,2000,2002 Edd Dumbill. +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions +// are met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following +// disclaimer in the documentation and/or other materials provided +// with the distribution. +// +// * Neither the name of the "XML-RPC for PHP" nor the names of its +// contributors may be used to endorse or promote products derived +// from this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +// REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +// OF THE POSSIBILITY OF SUCH DAMAGE. + +/****************************************************************************** + * + *** DEPRECATED *** + * + * This file is only used to insure backwards compatibility + * with the API of the library <= rev. 3 + *****************************************************************************/ + +include_once(__DIR__.'/../src/PhpXmlRpc.php'); +include_once(__DIR__.'/../src/Value.php'); +include_once(__DIR__.'/../src/Request.php'); +include_once(__DIR__.'/../src/Response.php'); +include_once(__DIR__.'/../src/Client.php'); +include_once(__DIR__.'/../src/Encoder.php'); + +/* Expose with the old names the classes which have been namespaced */ + +class xmlrpcval extends PhpXmlRpc\Value +{ +} + +class xmlrpcmsg extends PhpXmlRpc\Request +{ +} + +class xmlrpcresp extends PhpXmlRpc\Response +{ +} + +class xmlrpc_client extends PhpXmlRpc\Client +{ +} + +/* Expose as global functions the ones which are now class methods */ + +function xmlrpc_encode_entitites($data, $srcEncoding='', $destEncoding='') +{ + return PhpXmlRpc\Helper\Charset::instance()->encode_entitites($data, $srcEncoding, $destEncoding); +} + +function iso8601_encode($timeT, $utc=0) +{ + return PhpXmlRpc\Helper\Date::iso8601_encode($timeT, $utc); +} + +function iso8601_decode($iDate, $utc=0) +{ + return PhpXmlRpc\Helper\Date::iso8601_decode($iDate, $utc); +} + +function decode_chunked($buffer) +{ + return PhpXmlRpc\Helper\Http::decode_chunked($buffer); +} + +function php_xmlrpc_decode($xmlrpcVal, $options=array()) +{ + $encoder = new PhpXmlRpc\Encoder(); + return $encoder->decode($xmlrpcVal, $options); +} + +function php_xmlrpc_encode($phpVal, $options=array()) +{ + $encoder = new PhpXmlRpc\Encoder(); + return $encoder->encode($phpVal, $options); +} + +function php_xmlrpc_decode_xml($xmlVal, $options=array()) +{ + $encoder = new PhpXmlRpc\Encoder(); + return $encoder->decode_xml($xmlVal, $options); +} + +function guess_encoding($httpHeader='', $xmlChunk='', $encodingPrefs=null) +{ +} + +function is_valid_charset($encoding, $validList) +{ + return PhpXmlRpc\Helper\Charset::instance()->is_valid_charset($encoding, $validList); +} \ No newline at end of file diff --git a/lib/xmlrpc.php b/lib/xmlrpc.php deleted file mode 100644 index ca3cb26e..00000000 --- a/lib/xmlrpc.php +++ /dev/null @@ -1,1189 +0,0 @@ - - -// Copyright (c) 1999,2000,2002 Edd Dumbill. -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions -// are met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following -// disclaimer in the documentation and/or other materials provided -// with the distribution. -// -// * Neither the name of the "XML-RPC for PHP" nor the names of its -// contributors may be used to endorse or promote products derived -// from this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -// REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -// OF THE POSSIBILITY OF SUCH DAMAGE. - -require_once __DIR__ . "/phpxmlrpc.php"; -require_once __DIR__ . "/xmlrpc_client.php"; -require_once __DIR__ . "/xmlrpcresp.php"; -require_once __DIR__ . "/xmlrpcmsg.php"; -require_once __DIR__ . "/xmlrpcval.php"; - -/** - * Convert a string to the correct XML representation in a target charset - * To help correct communication of non-ascii chars inside strings, regardless - * of the charset used when sending requests, parsing them, sending responses - * and parsing responses, an option is to convert all non-ascii chars present in the message - * into their equivalent 'charset entity'. Charset entities enumerated this way - * are independent of the charset encoding used to transmit them, and all XML - * parsers are bound to understand them. - * Note that in the std case we are not sending a charset encoding mime type - * along with http headers, so we are bound by RFC 3023 to emit strict us-ascii. - * - * @todo do a bit of basic benchmarking (strtr vs. str_replace) - * @todo make usage of iconv() or recode_string() or mb_string() where available - */ -function xmlrpc_encode_entitites($data, $src_encoding='', $dest_encoding='') -{ - $xmlrpc = Phpxmlrpc::instance(); - if ($src_encoding == '') - { - // lame, but we know no better... - $src_encoding = $xmlrpc->xmlrpc_internalencoding; - } - - switch(strtoupper($src_encoding.'_'.$dest_encoding)) - { - case 'ISO-8859-1_': - case 'ISO-8859-1_US-ASCII': - $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); - $escaped_data = str_replace($xmlrpc->xml_iso88591_Entities['in'], $xmlrpc->xml_iso88591_Entities['out'], $escaped_data); - break; - case 'ISO-8859-1_UTF-8': - $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); - $escaped_data = utf8_encode($escaped_data); - break; - case 'ISO-8859-1_ISO-8859-1': - case 'US-ASCII_US-ASCII': - case 'US-ASCII_UTF-8': - case 'US-ASCII_': - case 'US-ASCII_ISO-8859-1': - case 'UTF-8_UTF-8': - //case 'CP1252_CP1252': - $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); - break; - case 'UTF-8_': - case 'UTF-8_US-ASCII': - case 'UTF-8_ISO-8859-1': -// NB: this will choke on invalid UTF-8, going most likely beyond EOF -$escaped_data = ''; -// be kind to users creating string xmlrpcvals out of different php types -$data = (string) $data; -$ns = strlen ($data); -for ($nn = 0; $nn < $ns; $nn++) -{ - $ch = $data[$nn]; - $ii = ord($ch); - //1 7 0bbbbbbb (127) - if ($ii < 128) - { - /// @todo shall we replace this with a (supposedly) faster str_replace? - switch($ii){ - case 34: - $escaped_data .= '"'; - break; - case 38: - $escaped_data .= '&'; - break; - case 39: - $escaped_data .= '''; - break; - case 60: - $escaped_data .= '<'; - break; - case 62: - $escaped_data .= '>'; - break; - default: - $escaped_data .= $ch; - } // switch - } - //2 11 110bbbbb 10bbbbbb (2047) - else if ($ii>>5 == 6) - { - $b1 = ($ii & 31); - $ii = ord($data[$nn+1]); - $b2 = ($ii & 63); - $ii = ($b1 * 64) + $b2; - $ent = sprintf ('&#%d;', $ii); - $escaped_data .= $ent; - $nn += 1; - } - //3 16 1110bbbb 10bbbbbb 10bbbbbb - else if ($ii>>4 == 14) - { - $b1 = ($ii & 15); - $ii = ord($data[$nn+1]); - $b2 = ($ii & 63); - $ii = ord($data[$nn+2]); - $b3 = ($ii & 63); - $ii = ((($b1 * 64) + $b2) * 64) + $b3; - $ent = sprintf ('&#%d;', $ii); - $escaped_data .= $ent; - $nn += 2; - } - //4 21 11110bbb 10bbbbbb 10bbbbbb 10bbbbbb - else if ($ii>>3 == 30) - { - $b1 = ($ii & 7); - $ii = ord($data[$nn+1]); - $b2 = ($ii & 63); - $ii = ord($data[$nn+2]); - $b3 = ($ii & 63); - $ii = ord($data[$nn+3]); - $b4 = ($ii & 63); - $ii = ((((($b1 * 64) + $b2) * 64) + $b3) * 64) + $b4; - $ent = sprintf ('&#%d;', $ii); - $escaped_data .= $ent; - $nn += 3; - } -} - break; -/* - case 'CP1252_': - case 'CP1252_US-ASCII': - $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); - $escaped_data = str_replace($GLOBALS['xml_iso88591_Entities']['in'], $GLOBALS['xml_iso88591_Entities']['out'], $escaped_data); - $escaped_data = str_replace($GLOBALS['xml_cp1252_Entities']['in'], $GLOBALS['xml_cp1252_Entities']['out'], $escaped_data); - break; - case 'CP1252_UTF-8': - $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); - /// @todo we could use real UTF8 chars here instead of xml entities... (note that utf_8 encode all allone will NOT convert them) - $escaped_data = str_replace($GLOBALS['xml_cp1252_Entities']['in'], $GLOBALS['xml_cp1252_Entities']['out'], $escaped_data); - $escaped_data = utf8_encode($escaped_data); - break; - case 'CP1252_ISO-8859-1': - $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); - // we might as well replave all funky chars with a '?' here, but we are kind and leave it to the receiving application layer to decide what to do with these weird entities... - $escaped_data = str_replace($GLOBALS['xml_cp1252_Entities']['in'], $GLOBALS['xml_cp1252_Entities']['out'], $escaped_data); - break; -*/ - default: - $escaped_data = ''; - error_log("Converting from $src_encoding to $dest_encoding: not supported..."); - } - return $escaped_data; -} - -/// xml parser handler function for opening element tags -function xmlrpc_se($parser, $name, $attrs, $accept_single_vals=false) -{ - $xmlrpc = Phpxmlrpc::instance(); - // if invalid xmlrpc already detected, skip all processing - if ($xmlrpc->_xh['isf'] < 2) - { - // check for correct element nesting - // top level element can only be of 2 types - /// @todo optimization creep: save this check into a bool variable, instead of using count() every time: - /// there is only a single top level element in xml anyway - if (count($xmlrpc->_xh['stack']) == 0) - { - if ($name != 'METHODRESPONSE' && $name != 'METHODCALL' && ( - $name != 'VALUE' && !$accept_single_vals)) - { - $xmlrpc->_xh['isf'] = 2; - $xmlrpc->_xh['isf_reason'] = 'missing top level xmlrpc element'; - return; - } - else - { - $xmlrpc->_xh['rt'] = strtolower($name); - $xmlrpc->_xh['rt'] = strtolower($name); - } - } - else - { - // not top level element: see if parent is OK - $parent = end($xmlrpc->_xh['stack']); - if (!array_key_exists($name, $xmlrpc->xmlrpc_valid_parents) || !in_array($parent, $xmlrpc->xmlrpc_valid_parents[$name])) - { - $xmlrpc->_xh['isf'] = 2; - $xmlrpc->_xh['isf_reason'] = "xmlrpc element $name cannot be child of $parent"; - return; - } - } - - switch($name) - { - // optimize for speed switch cases: most common cases first - case 'VALUE': - /// @todo we could check for 2 VALUE elements inside a MEMBER or PARAM element - $xmlrpc->_xh['vt']='value'; // indicator: no value found yet - $xmlrpc->_xh['ac']=''; - $xmlrpc->_xh['lv']=1; - $xmlrpc->_xh['php_class']=null; - break; - case 'I4': - case 'INT': - case 'STRING': - case 'BOOLEAN': - case 'DOUBLE': - case 'DATETIME.ISO8601': - case 'BASE64': - if ($xmlrpc->_xh['vt']!='value') - { - //two data elements inside a value: an error occurred! - $xmlrpc->_xh['isf'] = 2; - $xmlrpc->_xh['isf_reason'] = "$name element following a {$xmlrpc->_xh['vt']} element inside a single value"; - return; - } - $xmlrpc->_xh['ac']=''; // reset the accumulator - break; - case 'STRUCT': - case 'ARRAY': - if ($xmlrpc->_xh['vt']!='value') - { - //two data elements inside a value: an error occurred! - $xmlrpc->_xh['isf'] = 2; - $xmlrpc->_xh['isf_reason'] = "$name element following a {$xmlrpc->_xh['vt']} element inside a single value"; - return; - } - // create an empty array to hold child values, and push it onto appropriate stack - $cur_val = array(); - $cur_val['values'] = array(); - $cur_val['type'] = $name; - // check for out-of-band information to rebuild php objs - // and in case it is found, save it - if (@isset($attrs['PHP_CLASS'])) - { - $cur_val['php_class'] = $attrs['PHP_CLASS']; - } - $xmlrpc->_xh['valuestack'][] = $cur_val; - $xmlrpc->_xh['vt']='data'; // be prepared for a data element next - break; - case 'DATA': - if ($xmlrpc->_xh['vt']!='data') - { - //two data elements inside a value: an error occurred! - $xmlrpc->_xh['isf'] = 2; - $xmlrpc->_xh['isf_reason'] = "found two data elements inside an array element"; - return; - } - case 'METHODCALL': - case 'METHODRESPONSE': - case 'PARAMS': - // valid elements that add little to processing - break; - case 'METHODNAME': - case 'NAME': - /// @todo we could check for 2 NAME elements inside a MEMBER element - $xmlrpc->_xh['ac']=''; - break; - case 'FAULT': - $xmlrpc->_xh['isf']=1; - break; - case 'MEMBER': - $xmlrpc->_xh['valuestack'][count($xmlrpc->_xh['valuestack'])-1]['name']=''; // set member name to null, in case we do not find in the xml later on - //$xmlrpc->_xh['ac']=''; - // Drop trough intentionally - case 'PARAM': - // clear value type, so we can check later if no value has been passed for this param/member - $xmlrpc->_xh['vt']=null; - break; - case 'NIL': - case 'EX:NIL': - if ($xmlrpc->xmlrpc_null_extension) - { - if ($xmlrpc->_xh['vt']!='value') - { - //two data elements inside a value: an error occurred! - $xmlrpc->_xh['isf'] = 2; - $xmlrpc->_xh['isf_reason'] = "$name element following a {$xmlrpc->_xh['vt']} element inside a single value"; - return; - } - $xmlrpc->_xh['ac']=''; // reset the accumulator - break; - } - // we do not support the extension, so - // drop through intentionally - default: - /// INVALID ELEMENT: RAISE ISF so that it is later recognized!!! - $xmlrpc->_xh['isf'] = 2; - $xmlrpc->_xh['isf_reason'] = "found not-xmlrpc xml element $name"; - break; - } - - // Save current element name to stack, to validate nesting - $xmlrpc->_xh['stack'][] = $name; - - /// @todo optimization creep: move this inside the big switch() above - if($name!='VALUE') - { - $xmlrpc->_xh['lv']=0; - } - } -} - -/// Used in decoding xml chunks that might represent single xmlrpc values -function xmlrpc_se_any($parser, $name, $attrs) -{ - xmlrpc_se($parser, $name, $attrs, true); -} - -/// xml parser handler function for close element tags -function xmlrpc_ee($parser, $name, $rebuild_xmlrpcvals = true) -{ - $xmlrpc = Phpxmlrpc::instance(); - - if ($xmlrpc->_xh['isf'] < 2) - { - // push this element name from stack - // NB: if XML validates, correct opening/closing is guaranteed and - // we do not have to check for $name == $curr_elem. - // we also checked for proper nesting at start of elements... - $curr_elem = array_pop($xmlrpc->_xh['stack']); - - switch($name) - { - case 'VALUE': - // This if() detects if no scalar was inside - if ($xmlrpc->_xh['vt']=='value') - { - $xmlrpc->_xh['value']=$xmlrpc->_xh['ac']; - $xmlrpc->_xh['vt']=$xmlrpc->xmlrpcString; - } - - if ($rebuild_xmlrpcvals) - { - // build the xmlrpc val out of the data received, and substitute it - $temp = new xmlrpcval($xmlrpc->_xh['value'], $xmlrpc->_xh['vt']); - // in case we got info about underlying php class, save it - // in the object we're rebuilding - if (isset($xmlrpc->_xh['php_class'])) - $temp->_php_class = $xmlrpc->_xh['php_class']; - // check if we are inside an array or struct: - // if value just built is inside an array, let's move it into array on the stack - $vscount = count($xmlrpc->_xh['valuestack']); - if ($vscount && $xmlrpc->_xh['valuestack'][$vscount-1]['type']=='ARRAY') - { - $xmlrpc->_xh['valuestack'][$vscount-1]['values'][] = $temp; - } - else - { - $xmlrpc->_xh['value'] = $temp; - } - } - else - { - /// @todo this needs to treat correctly php-serialized objects, - /// since std deserializing is done by php_xmlrpc_decode, - /// which we will not be calling... - if (isset($xmlrpc->_xh['php_class'])) - { - } - - // check if we are inside an array or struct: - // if value just built is inside an array, let's move it into array on the stack - $vscount = count($xmlrpc->_xh['valuestack']); - if ($vscount && $xmlrpc->_xh['valuestack'][$vscount-1]['type']=='ARRAY') - { - $xmlrpc->_xh['valuestack'][$vscount-1]['values'][] = $xmlrpc->_xh['value']; - } - } - break; - case 'BOOLEAN': - case 'I4': - case 'INT': - case 'STRING': - case 'DOUBLE': - case 'DATETIME.ISO8601': - case 'BASE64': - $xmlrpc->_xh['vt']=strtolower($name); - /// @todo: optimization creep - remove the if/elseif cycle below - /// since the case() in which we are already did that - if ($name=='STRING') - { - $xmlrpc->_xh['value']=$xmlrpc->_xh['ac']; - } - elseif ($name=='DATETIME.ISO8601') - { - if (!preg_match('/^[0-9]{8}T[0-9]{2}:[0-9]{2}:[0-9]{2}$/', $xmlrpc->_xh['ac'])) - { - error_log('XML-RPC: invalid value received in DATETIME: '.$xmlrpc->_xh['ac']); - } - $xmlrpc->_xh['vt']=$xmlrpc->xmlrpcDateTime; - $xmlrpc->_xh['value']=$xmlrpc->_xh['ac']; - } - elseif ($name=='BASE64') - { - /// @todo check for failure of base64 decoding / catch warnings - $xmlrpc->_xh['value']=base64_decode($xmlrpc->_xh['ac']); - } - elseif ($name=='BOOLEAN') - { - // special case here: we translate boolean 1 or 0 into PHP - // constants true or false. - // Strings 'true' and 'false' are accepted, even though the - // spec never mentions them (see eg. Blogger api docs) - // NB: this simple checks helps a lot sanitizing input, ie no - // security problems around here - if ($xmlrpc->_xh['ac']=='1' || strcasecmp($xmlrpc->_xh['ac'], 'true') == 0) - { - $xmlrpc->_xh['value']=true; - } - else - { - // log if receiveing something strange, even though we set the value to false anyway - if ($xmlrpc->_xh['ac']!='0' && strcasecmp($xmlrpc->_xh['ac'], 'false') != 0) - error_log('XML-RPC: invalid value received in BOOLEAN: '.$xmlrpc->_xh['ac']); - $xmlrpc->_xh['value']=false; - } - } - elseif ($name=='DOUBLE') - { - // we have a DOUBLE - // we must check that only 0123456789-. are characters here - // NOTE: regexp could be much stricter than this... - if (!preg_match('/^[+-eE0123456789 \t.]+$/', $xmlrpc->_xh['ac'])) - { - /// @todo: find a better way of throwing an error than this! - error_log('XML-RPC: non numeric value received in DOUBLE: '.$xmlrpc->_xh['ac']); - $xmlrpc->_xh['value']='ERROR_NON_NUMERIC_FOUND'; - } - else - { - // it's ok, add it on - $xmlrpc->_xh['value']=(double)$xmlrpc->_xh['ac']; - } - } - else - { - // we have an I4/INT - // we must check that only 0123456789- are characters here - if (!preg_match('/^[+-]?[0123456789 \t]+$/', $xmlrpc->_xh['ac'])) - { - /// @todo find a better way of throwing an error than this! - error_log('XML-RPC: non numeric value received in INT: '.$xmlrpc->_xh['ac']); - $xmlrpc->_xh['value']='ERROR_NON_NUMERIC_FOUND'; - } - else - { - // it's ok, add it on - $xmlrpc->_xh['value']=(int)$xmlrpc->_xh['ac']; - } - } - //$xmlrpc->_xh['ac']=''; // is this necessary? - $xmlrpc->_xh['lv']=3; // indicate we've found a value - break; - case 'NAME': - $xmlrpc->_xh['valuestack'][count($xmlrpc->_xh['valuestack'])-1]['name'] = $xmlrpc->_xh['ac']; - break; - case 'MEMBER': - //$xmlrpc->_xh['ac']=''; // is this necessary? - // add to array in the stack the last element built, - // unless no VALUE was found - if ($xmlrpc->_xh['vt']) - { - $vscount = count($xmlrpc->_xh['valuestack']); - $xmlrpc->_xh['valuestack'][$vscount-1]['values'][$xmlrpc->_xh['valuestack'][$vscount-1]['name']] = $xmlrpc->_xh['value']; - } else - error_log('XML-RPC: missing VALUE inside STRUCT in received xml'); - break; - case 'DATA': - //$xmlrpc->_xh['ac']=''; // is this necessary? - $xmlrpc->_xh['vt']=null; // reset this to check for 2 data elements in a row - even if they're empty - break; - case 'STRUCT': - case 'ARRAY': - // fetch out of stack array of values, and promote it to current value - $curr_val = array_pop($xmlrpc->_xh['valuestack']); - $xmlrpc->_xh['value'] = $curr_val['values']; - $xmlrpc->_xh['vt']=strtolower($name); - if (isset($curr_val['php_class'])) - { - $xmlrpc->_xh['php_class'] = $curr_val['php_class']; - } - break; - case 'PARAM': - // add to array of params the current value, - // unless no VALUE was found - if ($xmlrpc->_xh['vt']) - { - $xmlrpc->_xh['params'][]=$xmlrpc->_xh['value']; - $xmlrpc->_xh['pt'][]=$xmlrpc->_xh['vt']; - } - else - error_log('XML-RPC: missing VALUE inside PARAM in received xml'); - break; - case 'METHODNAME': - $xmlrpc->_xh['method']=preg_replace('/^[\n\r\t ]+/', '', $xmlrpc->_xh['ac']); - break; - case 'NIL': - case 'EX:NIL': - if ($xmlrpc->xmlrpc_null_extension) - { - $xmlrpc->_xh['vt']='null'; - $xmlrpc->_xh['value']=null; - $xmlrpc->_xh['lv']=3; - break; - } - // drop through intentionally if nil extension not enabled - case 'PARAMS': - case 'FAULT': - case 'METHODCALL': - case 'METHORESPONSE': - break; - default: - // End of INVALID ELEMENT! - // shall we add an assert here for unreachable code??? - break; - } - } -} - -/// Used in decoding xmlrpc requests/responses without rebuilding xmlrpc values -function xmlrpc_ee_fast($parser, $name) -{ - xmlrpc_ee($parser, $name, false); -} - -/// xml parser handler function for character data -function xmlrpc_cd($parser, $data) -{ - $xmlrpc = Phpxmlrpc::instance(); - // skip processing if xml fault already detected - if ($xmlrpc->_xh['isf'] < 2) - { - // "lookforvalue==3" means that we've found an entire value - // and should discard any further character data - if($xmlrpc->_xh['lv']!=3) - { - // G. Giunta 2006-08-23: useless change of 'lv' from 1 to 2 - //if($xmlrpc->_xh['lv']==1) - //{ - // if we've found text and we're just in a then - // say we've found a value - //$xmlrpc->_xh['lv']=2; - //} - // we always initialize the accumulator before starting parsing, anyway... - //if(!@isset($xmlrpc->_xh['ac'])) - //{ - // $xmlrpc->_xh['ac'] = ''; - //} - $xmlrpc->_xh['ac'].=$data; - } - } -} - -/// xml parser handler function for 'other stuff', ie. not char data or -/// element start/end tag. In fact it only gets called on unknown entities... -function xmlrpc_dh($parser, $data) -{ - $xmlrpc = Phpxmlrpc::instance(); - // skip processing if xml fault already detected - if ($xmlrpc->_xh['isf'] < 2) - { - if(substr($data, 0, 1) == '&' && substr($data, -1, 1) == ';') - { - // G. Giunta 2006-08-25: useless change of 'lv' from 1 to 2 - //if($xmlrpc->_xh['lv']==1) - //{ - // $xmlrpc->_xh['lv']=2; - //} - $xmlrpc->_xh['ac'].=$data; - } - } - return true; -} - -// date helpers - -/** - * Given a timestamp, return the corresponding ISO8601 encoded string. - * - * Really, timezones ought to be supported - * but the XML-RPC spec says: - * - * "Don't assume a timezone. It should be specified by the server in its - * documentation what assumptions it makes about timezones." - * - * These routines always assume localtime unless - * $utc is set to 1, in which case UTC is assumed - * and an adjustment for locale is made when encoding - * - * @param int $timet (timestamp) - * @param int $utc (0 or 1) - * @return string - */ -function iso8601_encode($timet, $utc=0) -{ - if(!$utc) - { - $t=strftime("%Y%m%dT%H:%M:%S", $timet); - } - else - { - if(function_exists('gmstrftime')) - { - // gmstrftime doesn't exist in some versions - // of PHP - $t=gmstrftime("%Y%m%dT%H:%M:%S", $timet); - } - else - { - $t=strftime("%Y%m%dT%H:%M:%S", $timet-date('Z')); - } - } - return $t; -} - -/** - * Given an ISO8601 date string, return a timet in the localtime, or UTC - * @param string $idate - * @param int $utc either 0 or 1 - * @return int (datetime) - */ -function iso8601_decode($idate, $utc=0) -{ - $t=0; - if(preg_match('/([0-9]{4})([0-9]{2})([0-9]{2})T([0-9]{2}):([0-9]{2}):([0-9]{2})/', $idate, $regs)) - { - if($utc) - { - $t=gmmktime($regs[4], $regs[5], $regs[6], $regs[2], $regs[3], $regs[1]); - } - else - { - $t=mktime($regs[4], $regs[5], $regs[6], $regs[2], $regs[3], $regs[1]); - } - } - return $t; -} - -/** - * Takes an xmlrpc value in PHP xmlrpcval object format and translates it into native PHP types. - * - * Works with xmlrpc message objects as input, too. - * - * Given proper options parameter, can rebuild generic php object instances - * (provided those have been encoded to xmlrpc format using a corresponding - * option in php_xmlrpc_encode()) - * PLEASE NOTE that rebuilding php objects involves calling their constructor function. - * This means that the remote communication end can decide which php code will - * get executed on your server, leaving the door possibly open to 'php-injection' - * style of attacks (provided you have some classes defined on your server that - * might wreak havoc if instances are built outside an appropriate context). - * Make sure you trust the remote server/client before eanbling this! - * - * @author Dan Libby (dan@libby.com) - * - * @param xmlrpcval $xmlrpc_val - * @param array $options if 'decode_php_objs' is set in the options array, xmlrpc structs can be decoded into php objects; if 'dates_as_objects' is set xmlrpc datetimes are decoded as php DateTime objects (standard is - * @return mixed - */ -function php_xmlrpc_decode($xmlrpc_val, $options=array()) -{ - switch($xmlrpc_val->kindOf()) - { - case 'scalar': - if (in_array('extension_api', $options)) - { - reset($xmlrpc_val->me); - list($typ,$val) = each($xmlrpc_val->me); - switch ($typ) - { - case 'dateTime.iso8601': - $xmlrpc_val->scalar = $val; - $xmlrpc_val->xmlrpc_type = 'datetime'; - $xmlrpc_val->timestamp = iso8601_decode($val); - return $xmlrpc_val; - case 'base64': - $xmlrpc_val->scalar = $val; - $xmlrpc_val->type = $typ; - return $xmlrpc_val; - default: - return $xmlrpc_val->scalarval(); - } - } - if (in_array('dates_as_objects', $options) && $xmlrpc_val->scalartyp() == 'dateTime.iso8601') - { - // we return a Datetime object instead of a string - // since now the constructor of xmlrpcval accepts safely strings, ints and datetimes, - // we cater to all 3 cases here - $out = $xmlrpc_val->scalarval(); - if (is_string($out)) - { - $out = strtotime($out); - } - if (is_int($out)) - { - $result = new Datetime(); - $result->setTimestamp($out); - return $result; - } - elseif (is_a($out, 'Datetime')) - { - return $out; - } - } - return $xmlrpc_val->scalarval(); - case 'array': - $size = $xmlrpc_val->arraysize(); - $arr = array(); - for($i = 0; $i < $size; $i++) - { - $arr[] = php_xmlrpc_decode($xmlrpc_val->arraymem($i), $options); - } - return $arr; - case 'struct': - $xmlrpc_val->structreset(); - // If user said so, try to rebuild php objects for specific struct vals. - /// @todo should we raise a warning for class not found? - // shall we check for proper subclass of xmlrpcval instead of - // presence of _php_class to detect what we can do? - if (in_array('decode_php_objs', $options) && $xmlrpc_val->_php_class != '' - && class_exists($xmlrpc_val->_php_class)) - { - $obj = @new $xmlrpc_val->_php_class; - while(list($key,$value)=$xmlrpc_val->structeach()) - { - $obj->$key = php_xmlrpc_decode($value, $options); - } - return $obj; - } - else - { - $arr = array(); - while(list($key,$value)=$xmlrpc_val->structeach()) - { - $arr[$key] = php_xmlrpc_decode($value, $options); - } - return $arr; - } - case 'msg': - $paramcount = $xmlrpc_val->getNumParams(); - $arr = array(); - for($i = 0; $i < $paramcount; $i++) - { - $arr[] = php_xmlrpc_decode($xmlrpc_val->getParam($i)); - } - return $arr; - } -} - -// This constant left here only for historical reasons... -// it was used to decide if we have to define xmlrpc_encode on our own, but -// we do not do it anymore -if(function_exists('xmlrpc_decode')) -{ - define('XMLRPC_EPI_ENABLED','1'); -} -else -{ - define('XMLRPC_EPI_ENABLED','0'); -} - -/** - * Takes native php types and encodes them into xmlrpc PHP object format. - * It will not re-encode xmlrpcval objects. - * - * Feature creep -- could support more types via optional type argument - * (string => datetime support has been added, ??? => base64 not yet) - * - * If given a proper options parameter, php object instances will be encoded - * into 'special' xmlrpc values, that can later be decoded into php objects - * by calling php_xmlrpc_decode() with a corresponding option - * - * @author Dan Libby (dan@libby.com) - * - * @param mixed $php_val the value to be converted into an xmlrpcval object - * @param array $options can include 'encode_php_objs', 'auto_dates', 'null_extension' or 'extension_api' - * @return xmlrpcval - */ -function php_xmlrpc_encode($php_val, $options=array()) -{ - $xmlrpc = Phpxmlrpc::instance(); - $type = gettype($php_val); - switch($type) - { - case 'string': - if (in_array('auto_dates', $options) && preg_match('/^[0-9]{8}T[0-9]{2}:[0-9]{2}:[0-9]{2}$/', $php_val)) - $xmlrpc_val = new xmlrpcval($php_val, $xmlrpc->xmlrpcDateTime); - else - $xmlrpc_val = new xmlrpcval($php_val, $xmlrpc->xmlrpcString); - break; - case 'integer': - $xmlrpc_val = new xmlrpcval($php_val, $xmlrpc->xmlrpcInt); - break; - case 'double': - $xmlrpc_val = new xmlrpcval($php_val, $xmlrpc->xmlrpcDouble); - break; - // - // Add support for encoding/decoding of booleans, since they are supported in PHP - case 'boolean': - $xmlrpc_val = new xmlrpcval($php_val, $xmlrpc->xmlrpcBoolean); - break; - // - case 'array': - // PHP arrays can be encoded to either xmlrpc structs or arrays, - // depending on wheter they are hashes or plain 0..n integer indexed - // A shorter one-liner would be - // $tmp = array_diff(array_keys($php_val), range(0, count($php_val)-1)); - // but execution time skyrockets! - $j = 0; - $arr = array(); - $ko = false; - foreach($php_val as $key => $val) - { - $arr[$key] = php_xmlrpc_encode($val, $options); - if(!$ko && $key !== $j) - { - $ko = true; - } - $j++; - } - if($ko) - { - $xmlrpc_val = new xmlrpcval($arr, $xmlrpc->xmlrpcStruct); - } - else - { - $xmlrpc_val = new xmlrpcval($arr, $xmlrpc->xmlrpcArray); - } - break; - case 'object': - if(is_a($php_val, 'xmlrpcval')) - { - $xmlrpc_val = $php_val; - } - else if(is_a($php_val, 'DateTime')) - { - $xmlrpc_val = new xmlrpcval($php_val->format('Ymd\TH:i:s'), $xmlrpc->xmlrpcStruct); - } - else - { - $arr = array(); - reset($php_val); - while(list($k,$v) = each($php_val)) - { - $arr[$k] = php_xmlrpc_encode($v, $options); - } - $xmlrpc_val = new xmlrpcval($arr, $xmlrpc->xmlrpcStruct); - if (in_array('encode_php_objs', $options)) - { - // let's save original class name into xmlrpcval: - // might be useful later on... - $xmlrpc_val->_php_class = get_class($php_val); - } - } - break; - case 'NULL': - if (in_array('extension_api', $options)) - { - $xmlrpc_val = new xmlrpcval('', $xmlrpc->xmlrpcString); - } - else if (in_array('null_extension', $options)) - { - $xmlrpc_val = new xmlrpcval('', $xmlrpc->xmlrpcNull); - } - else - { - $xmlrpc_val = new xmlrpcval(); - } - break; - case 'resource': - if (in_array('extension_api', $options)) - { - $xmlrpc_val = new xmlrpcval((int)$php_val, $xmlrpc->xmlrpcInt); - } - else - { - $xmlrpc_val = new xmlrpcval(); - } - // catch "user function", "unknown type" - default: - // giancarlo pinerolo - // it has to return - // an empty object in case, not a boolean. - $xmlrpc_val = new xmlrpcval(); - break; - } - return $xmlrpc_val; -} - -/** - * Convert the xml representation of a method response, method request or single - * xmlrpc value into the appropriate object (a.k.a. deserialize) - * @param string $xml_val - * @param array $options - * @return mixed false on error, or an instance of either xmlrpcval, xmlrpcmsg or xmlrpcresp - */ -function php_xmlrpc_decode_xml($xml_val, $options=array()) -{ - $xmlrpc = Phpxmlrpc::instance(); - - $xmlrpc->_xh = array(); - $xmlrpc->_xh['ac'] = ''; - $xmlrpc->_xh['stack'] = array(); - $xmlrpc->_xh['valuestack'] = array(); - $xmlrpc->_xh['params'] = array(); - $xmlrpc->_xh['pt'] = array(); - $xmlrpc->_xh['isf'] = 0; - $xmlrpc->_xh['isf_reason'] = ''; - $xmlrpc->_xh['method'] = false; - $xmlrpc->_xh['rt'] = ''; - /// @todo 'guestimate' encoding - $parser = xml_parser_create(); - xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true); - // What if internal encoding is not in one of the 3 allowed? - // we use the broadest one, ie. utf8! - if (!in_array($xmlrpc->xmlrpc_internalencoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) - { - xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, 'UTF-8'); - } - else - { - xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $xmlrpc->xmlrpc_internalencoding); - } - xml_set_element_handler($parser, 'xmlrpc_se_any', 'xmlrpc_ee'); - xml_set_character_data_handler($parser, 'xmlrpc_cd'); - xml_set_default_handler($parser, 'xmlrpc_dh'); - if(!xml_parse($parser, $xml_val, 1)) - { - $errstr = sprintf('XML error: %s at line %d, column %d', - xml_error_string(xml_get_error_code($parser)), - xml_get_current_line_number($parser), xml_get_current_column_number($parser)); - error_log($errstr); - xml_parser_free($parser); - return false; - } - xml_parser_free($parser); - if ($xmlrpc->_xh['isf'] > 1) // test that $xmlrpc->_xh['value'] is an obj, too??? - { - error_log($xmlrpc->_xh['isf_reason']); - return false; - } - switch ($xmlrpc->_xh['rt']) - { - case 'methodresponse': - $v =& $xmlrpc->_xh['value']; - if ($xmlrpc->_xh['isf'] == 1) - { - $vc = $v->structmem('faultCode'); - $vs = $v->structmem('faultString'); - $r = new xmlrpcresp(0, $vc->scalarval(), $vs->scalarval()); - } - else - { - $r = new xmlrpcresp($v); - } - return $r; - case 'methodcall': - $m = new xmlrpcmsg($xmlrpc->_xh['method']); - for($i=0; $i < count($xmlrpc->_xh['params']); $i++) - { - $m->addParam($xmlrpc->_xh['params'][$i]); - } - return $m; - case 'value': - return $xmlrpc->_xh['value']; - default: - return false; - } -} - -/** - * decode a string that is encoded w/ "chunked" transfer encoding - * as defined in rfc2068 par. 19.4.6 - * code shamelessly stolen from nusoap library by Dietrich Ayala - * - * @param string $buffer the string to be decoded - * @return string - */ -function decode_chunked($buffer) -{ - // length := 0 - $length = 0; - $new = ''; - - // read chunk-size, chunk-extension (if any) and crlf - // get the position of the linebreak - $chunkend = strpos($buffer,"\r\n") + 2; - $temp = substr($buffer,0,$chunkend); - $chunk_size = hexdec( trim($temp) ); - $chunkstart = $chunkend; - while($chunk_size > 0) - { - $chunkend = strpos($buffer, "\r\n", $chunkstart + $chunk_size); - - // just in case we got a broken connection - if($chunkend == false) - { - $chunk = substr($buffer,$chunkstart); - // append chunk-data to entity-body - $new .= $chunk; - $length += strlen($chunk); - break; - } - - // read chunk-data and crlf - $chunk = substr($buffer,$chunkstart,$chunkend-$chunkstart); - // append chunk-data to entity-body - $new .= $chunk; - // length := length + chunk-size - $length += strlen($chunk); - // read chunk-size and crlf - $chunkstart = $chunkend + 2; - - $chunkend = strpos($buffer,"\r\n",$chunkstart)+2; - if($chunkend == false) - { - break; //just in case we got a broken connection - } - $temp = substr($buffer,$chunkstart,$chunkend-$chunkstart); - $chunk_size = hexdec( trim($temp) ); - $chunkstart = $chunkend; - } - return $new; -} - -/** - * xml charset encoding guessing helper function. - * Tries to determine the charset encoding of an XML chunk received over HTTP. - * NB: according to the spec (RFC 3023), if text/xml content-type is received over HTTP without a content-type, - * we SHOULD assume it is strictly US-ASCII. But we try to be more tolerant of unconforming (legacy?) clients/servers, - * which will be most probably using UTF-8 anyway... - * - * @param string $httpheader the http Content-type header - * @param string $xmlchunk xml content buffer - * @param string $encoding_prefs comma separated list of character encodings to be used as default (when mb extension is enabled) - * @return string - * - * @todo explore usage of mb_http_input(): does it detect http headers + post data? if so, use it instead of hand-detection!!! - */ -function guess_encoding($httpheader='', $xmlchunk='', $encoding_prefs=null) -{ - $xmlrpc = Phpxmlrpc::instance(); - - // discussion: see http://www.yale.edu/pclt/encoding/ - // 1 - test if encoding is specified in HTTP HEADERS - - //Details: - // LWS: (\13\10)?( |\t)+ - // token: (any char but excluded stuff)+ - // quoted string: " (any char but double quotes and cointrol chars)* " - // header: Content-type = ...; charset=value(; ...)* - // where value is of type token, no LWS allowed between 'charset' and value - // Note: we do not check for invalid chars in VALUE: - // this had better be done using pure ereg as below - // Note 2: we might be removing whitespace/tabs that ought to be left in if - // the received charset is a quoted string. But nobody uses such charset names... - - /// @todo this test will pass if ANY header has charset specification, not only Content-Type. Fix it? - $matches = array(); - if(preg_match('/;\s*charset\s*=([^;]+)/i', $httpheader, $matches)) - { - return strtoupper(trim($matches[1], " \t\"")); - } - - // 2 - scan the first bytes of the data for a UTF-16 (or other) BOM pattern - // (source: http://www.w3.org/TR/2000/REC-xml-20001006) - // NOTE: actually, according to the spec, even if we find the BOM and determine - // an encoding, we should check if there is an encoding specified - // in the xml declaration, and verify if they match. - /// @todo implement check as described above? - /// @todo implement check for first bytes of string even without a BOM? (It sure looks harder than for cases WITH a BOM) - if(preg_match('/^(\x00\x00\xFE\xFF|\xFF\xFE\x00\x00|\x00\x00\xFF\xFE|\xFE\xFF\x00\x00)/', $xmlchunk)) - { - return 'UCS-4'; - } - elseif(preg_match('/^(\xFE\xFF|\xFF\xFE)/', $xmlchunk)) - { - return 'UTF-16'; - } - elseif(preg_match('/^(\xEF\xBB\xBF)/', $xmlchunk)) - { - return 'UTF-8'; - } - - // 3 - test if encoding is specified in the xml declaration - // Details: - // SPACE: (#x20 | #x9 | #xD | #xA)+ === [ \x9\xD\xA]+ - // EQ: SPACE?=SPACE? === [ \x9\xD\xA]*=[ \x9\xD\xA]* - if (preg_match('/^<\?xml\s+version\s*=\s*'. "((?:\"[a-zA-Z0-9_.:-]+\")|(?:'[a-zA-Z0-9_.:-]+'))". - '\s+encoding\s*=\s*' . "((?:\"[A-Za-z][A-Za-z0-9._-]*\")|(?:'[A-Za-z][A-Za-z0-9._-]*'))/", - $xmlchunk, $matches)) - { - return strtoupper(substr($matches[2], 1, -1)); - } - - // 4 - if mbstring is available, let it do the guesswork - // NB: we favour finding an encoding that is compatible with what we can process - if(extension_loaded('mbstring')) - { - if($encoding_prefs) - { - $enc = mb_detect_encoding($xmlchunk, $encoding_prefs); - } - else - { - $enc = mb_detect_encoding($xmlchunk); - } - // NB: mb_detect likes to call it ascii, xml parser likes to call it US_ASCII... - // IANA also likes better US-ASCII, so go with it - if($enc == 'ASCII') - { - $enc = 'US-'.$enc; - } - return $enc; - } - else - { - // no encoding specified: as per HTTP1.1 assume it is iso-8859-1? - // Both RFC 2616 (HTTP 1.1) and 1945 (HTTP 1.0) clearly state that for text/xxx content types - // this should be the standard. And we should be getting text/xml as request and response. - // BUT we have to be backward compatible with the lib, which always used UTF-8 as default... - return $xmlrpc->xmlrpc_defencoding; - } -} - -/** - * Checks if a given charset encoding is present in a list of encodings or - * if it is a valid subset of any encoding in the list - * @param string $encoding charset to be tested - * @param mixed $validlist comma separated list of valid charsets (or array of charsets) - * @return bool - */ -function is_valid_charset($encoding, $validlist) -{ - $charset_supersets = array( - 'US-ASCII' => array ('ISO-8859-1', 'ISO-8859-2', 'ISO-8859-3', 'ISO-8859-4', - 'ISO-8859-5', 'ISO-8859-6', 'ISO-8859-7', 'ISO-8859-8', - 'ISO-8859-9', 'ISO-8859-10', 'ISO-8859-11', 'ISO-8859-12', - 'ISO-8859-13', 'ISO-8859-14', 'ISO-8859-15', 'UTF-8', - 'EUC-JP', 'EUC-', 'EUC-KR', 'EUC-CN') - ); - if (is_string($validlist)) - $validlist = explode(',', $validlist); - if (@in_array(strtoupper($encoding), $validlist)) - return true; - else - { - if (array_key_exists($encoding, $charset_supersets)) - foreach ($validlist as $allowed) - if (in_array($allowed, $charset_supersets[$encoding])) - return true; - return false; - } -} diff --git a/lib/xmlrpc_wrappers.inc b/lib/xmlrpc_wrappers.inc new file mode 100644 index 00000000..90949346 --- /dev/null +++ b/lib/xmlrpc_wrappers.inc @@ -0,0 +1,49 @@ +php_2_xmlrpc_type($phpType); +} + +function xmlrpc_2_php_type($xmlrpcType) +{ + $wrapper = new PhpXmlRpc\Wrapper(); + return $wrapper->xmlrpc_2_php_type($xmlrpcType); +} + +function wrap_php_function($funcName, $newFuncName='', $extraOptions=array()) +{ + $wrapper = new PhpXmlRpc\Wrapper(); + return $wrapper->wrap_php_function($funcName, $newFuncName, $extraOptions); +} + +function wrap_php_class($className, $extraOptions=array()) +{ + $wrapper = new PhpXmlRpc\Wrapper(); + return $wrapper->wrap_php_class($className, $extraOptions); +} + +function wrap_xmlrpc_method($client, $methodName, $extraOptions=0, $timeout=0, $protocol='', $newFuncName='') +{ + $wrapper = new PhpXmlRpc\Wrapper(); + return $wrapper->wrap_xmlrpc_method($client, $methodName, $extraOptions, $timeout, $protocol, $newFuncName); +} + +function wrap_xmlrpc_server($client, $extraOptions=array()) +{ + $wrapper = new PhpXmlRpc\Wrapper(); + return $wrapper->wrap_xmlrpc_server($client, $extraOptions); +} \ No newline at end of file diff --git a/lib/xmlrpc_wrappers.php b/lib/xmlrpc_wrappers.php deleted file mode 100644 index 52798f4c..00000000 --- a/lib/xmlrpc_wrappers.php +++ /dev/null @@ -1,933 +0,0 @@ -' . $funcname[1]; - } - $exists = method_exists($funcname[0], $funcname[1]); - } - else - { - $plainfuncname = $funcname; - $exists = function_exists($funcname); - } - - if(!$exists) - { - error_log('XML-RPC: function to be wrapped is not defined: '.$plainfuncname); - return false; - } - else - { - // determine name of new php function - if($newfuncname == '') - { - if(is_array($funcname)) - { - if(is_string($funcname[0])) - $xmlrpcfuncname = "{$prefix}_".implode('_', $funcname); - else - $xmlrpcfuncname = "{$prefix}_".get_class($funcname[0]) . '_' . $funcname[1]; - } - else - { - $xmlrpcfuncname = "{$prefix}_$funcname"; - } - } - else - { - $xmlrpcfuncname = $newfuncname; - } - while($buildit && function_exists($xmlrpcfuncname)) - { - $xmlrpcfuncname .= 'x'; - } - - // start to introspect PHP code - if(is_array($funcname)) - { - $func = new ReflectionMethod($funcname[0], $funcname[1]); - if($func->isPrivate()) - { - error_log('XML-RPC: method to be wrapped is private: '.$plainfuncname); - return false; - } - if($func->isProtected()) - { - error_log('XML-RPC: method to be wrapped is protected: '.$plainfuncname); - return false; - } - if($func->isConstructor()) - { - error_log('XML-RPC: method to be wrapped is the constructor: '.$plainfuncname); - return false; - } - if($func->isDestructor()) - { - error_log('XML-RPC: method to be wrapped is the destructor: '.$plainfuncname); - return false; - } - if($func->isAbstract()) - { - error_log('XML-RPC: method to be wrapped is abstract: '.$plainfuncname); - return false; - } - /// @todo add more checks for static vs. nonstatic? - } - else - { - $func = new ReflectionFunction($funcname); - } - if($func->isInternal()) - { - // Note: from PHP 5.1.0 onward, we will possibly be able to use invokeargs - // instead of getparameters to fully reflect internal php functions ? - error_log('XML-RPC: function to be wrapped is internal: '.$plainfuncname); - return false; - } - - // retrieve parameter names, types and description from javadoc comments - - // function description - $desc = ''; - // type of return val: by default 'any' - $returns = $GLOBALS['xmlrpcValue']; - // desc of return val - $returnsDocs = ''; - // type + name of function parameters - $paramDocs = array(); - - $docs = $func->getDocComment(); - if($docs != '') - { - $docs = explode("\n", $docs); - $i = 0; - foreach($docs as $doc) - { - $doc = trim($doc, " \r\t/*"); - if(strlen($doc) && strpos($doc, '@') !== 0 && !$i) - { - if($desc) - { - $desc .= "\n"; - } - $desc .= $doc; - } - elseif(strpos($doc, '@param') === 0) - { - // syntax: @param type [$name] desc - if(preg_match('/@param\s+(\S+)(\s+\$\S+)?\s+(.+)/', $doc, $matches)) - { - if(strpos($matches[1], '|')) - { - //$paramDocs[$i]['type'] = explode('|', $matches[1]); - $paramDocs[$i]['type'] = 'mixed'; - } - else - { - $paramDocs[$i]['type'] = $matches[1]; - } - $paramDocs[$i]['name'] = trim($matches[2]); - $paramDocs[$i]['doc'] = $matches[3]; - } - $i++; - } - elseif(strpos($doc, '@return') === 0) - { - // syntax: @return type desc - //$returns = preg_split('/\s+/', $doc); - if(preg_match('/@return\s+(\S+)\s+(.+)/', $doc, $matches)) - { - $returns = php_2_xmlrpc_type($matches[1]); - if(isset($matches[2])) - { - $returnsDocs = $matches[2]; - } - } - } - } - } - - // execute introspection of actual function prototype - $params = array(); - $i = 0; - foreach($func->getParameters() as $paramobj) - { - $params[$i] = array(); - $params[$i]['name'] = '$'.$paramobj->getName(); - $params[$i]['isoptional'] = $paramobj->isOptional(); - $i++; - } - - - // start building of PHP code to be eval'd - $innercode = ''; - $i = 0; - $parsvariations = array(); - $pars = array(); - $pnum = count($params); - foreach($params as $param) - { - if (isset($paramDocs[$i]['name']) && $paramDocs[$i]['name'] && strtolower($paramDocs[$i]['name']) != strtolower($param['name'])) - { - // param name from phpdoc info does not match param definition! - $paramDocs[$i]['type'] = 'mixed'; - } - - if($param['isoptional']) - { - // this particular parameter is optional. save as valid previous list of parameters - $innercode .= "if (\$paramcount > $i) {\n"; - $parsvariations[] = $pars; - } - $innercode .= "\$p$i = \$msg->getParam($i);\n"; - if ($decode_php_objects) - { - $innercode .= "if (\$p{$i}->kindOf() == 'scalar') \$p$i = \$p{$i}->scalarval(); else \$p$i = php_{$prefix}_decode(\$p$i, array('decode_php_objs'));\n"; - } - else - { - $innercode .= "if (\$p{$i}->kindOf() == 'scalar') \$p$i = \$p{$i}->scalarval(); else \$p$i = php_{$prefix}_decode(\$p$i);\n"; - } - - $pars[] = "\$p$i"; - $i++; - if($param['isoptional']) - { - $innercode .= "}\n"; - } - if($i == $pnum) - { - // last allowed parameters combination - $parsvariations[] = $pars; - } - } - - $sigs = array(); - $psigs = array(); - if(count($parsvariations) == 0) - { - // only known good synopsis = no parameters - $parsvariations[] = array(); - $minpars = 0; - } - else - { - $minpars = count($parsvariations[0]); - } - - if($minpars) - { - // add to code the check for min params number - // NB: this check needs to be done BEFORE decoding param values - $innercode = "\$paramcount = \$msg->getNumParams();\n" . - "if (\$paramcount < $minpars) return new {$prefix}resp(0, {$GLOBALS['xmlrpcerr']['incorrect_params']}, '{$GLOBALS['xmlrpcstr']['incorrect_params']}');\n" . $innercode; - } - else - { - $innercode = "\$paramcount = \$msg->getNumParams();\n" . $innercode; - } - - $innercode .= "\$np = false;\n"; - // since there are no closures in php, if we are given an object instance, - // we store a pointer to it in a global var... - if ( is_array($funcname) && is_object($funcname[0]) ) - { - $GLOBALS['xmlrpcWPFObjHolder'][$xmlrpcfuncname] =& $funcname[0]; - $innercode .= "\$obj =& \$GLOBALS['xmlrpcWPFObjHolder']['$xmlrpcfuncname'];\n"; - $realfuncname = '$obj->'.$funcname[1]; - } - else - { - $realfuncname = $plainfuncname; - } - foreach($parsvariations as $pars) - { - $innercode .= "if (\$paramcount == " . count($pars) . ") \$retval = {$catch_warnings}$realfuncname(" . implode(',', $pars) . "); else\n"; - // build a 'generic' signature (only use an appropriate return type) - $sig = array($returns); - $psig = array($returnsDocs); - for($i=0; $i < count($pars); $i++) - { - if (isset($paramDocs[$i]['type'])) - { - $sig[] = php_2_xmlrpc_type($paramDocs[$i]['type']); - } - else - { - $sig[] = $GLOBALS['xmlrpcValue']; - } - $psig[] = isset($paramDocs[$i]['doc']) ? $paramDocs[$i]['doc'] : ''; - } - $sigs[] = $sig; - $psigs[] = $psig; - } - $innercode .= "\$np = true;\n"; - $innercode .= "if (\$np) return new {$prefix}resp(0, {$GLOBALS['xmlrpcerr']['incorrect_params']}, '{$GLOBALS['xmlrpcstr']['incorrect_params']}'); else {\n"; - //$innercode .= "if (\$_xmlrpcs_error_occurred) return new xmlrpcresp(0, $GLOBALS['xmlrpcerr']user, \$_xmlrpcs_error_occurred); else\n"; - $innercode .= "if (is_a(\$retval, '{$prefix}resp')) return \$retval; else\n"; - if($returns == $GLOBALS['xmlrpcDateTime'] || $returns == $GLOBALS['xmlrpcBase64']) - { - $innercode .= "return new {$prefix}resp(new {$prefix}val(\$retval, '$returns'));"; - } - else - { - if ($encode_php_objects) - $innercode .= "return new {$prefix}resp(php_{$prefix}_encode(\$retval, array('encode_php_objs')));\n"; - else - $innercode .= "return new {$prefix}resp(php_{$prefix}_encode(\$retval));\n"; - } - // shall we exclude functions returning by ref? - // if($func->returnsReference()) - // return false; - $code = "function $xmlrpcfuncname(\$msg) {\n" . $innercode . "}\n}"; - //print_r($code); - if ($buildit) - { - $allOK = 0; - eval($code.'$allOK=1;'); - // alternative - //$xmlrpcfuncname = create_function('$m', $innercode); - - if(!$allOK) - { - error_log('XML-RPC: could not create function '.$xmlrpcfuncname.' to wrap php function '.$plainfuncname); - return false; - } - } - - /// @todo examine if $paramDocs matches $parsvariations and build array for - /// usage as method signature, plus put together a nice string for docs - - $ret = array('function' => $xmlrpcfuncname, 'signature' => $sigs, 'docstring' => $desc, 'signature_docs' => $psigs, 'source' => $code); - return $ret; - } -} - -/** -* Given a user-defined PHP class or php object, map its methods onto a list of -* PHP 'wrapper' functions that can be exposed as xmlrpc methods from an xmlrpc_server -* object and called from remote clients (as well as their corresponding signature info). -* -* @param mixed $classname the name of the class whose methods are to be exposed as xmlrpc methods, or an object instance of that class -* @param array $extra_options see the docs for wrap_php_method for more options -* string method_type 'static', 'nonstatic', 'all' and 'auto' (default); the latter will switch between static and non-static depending on wheter $classname is a class name or object instance -* @return array or false on failure -* -* @todo get_class_methods will return both static and non-static methods. -* we have to differentiate the action, depending on wheter we recived a class name or object -*/ -function wrap_php_class($classname, $extra_options=array()) -{ - $methodfilter = isset($extra_options['method_filter']) ? $extra_options['method_filter'] : ''; - $methodtype = isset($extra_options['method_type']) ? $extra_options['method_type'] : 'auto'; - - $result = array(); - $mlist = get_class_methods($classname); - foreach($mlist as $mname) - { - if ($methodfilter == '' || preg_match($methodfilter, $mname)) - { - // echo $mlist."\n"; - $func = new ReflectionMethod($classname, $mname); - if(!$func->isPrivate() && !$func->isProtected() && !$func->isConstructor() && !$func->isDestructor() && !$func->isAbstract()) - { - if(($func->isStatic && ($methodtype == 'all' || $methodtype == 'static' || ($methodtype == 'auto' && is_string($classname)))) || - (!$func->isStatic && ($methodtype == 'all' || $methodtype == 'nonstatic' || ($methodtype == 'auto' && is_object($classname))))) - { - $methodwrap = wrap_php_function(array($classname, $mname), '', $extra_options); - if ( $methodwrap ) - { - $result[$methodwrap['function']] = $methodwrap['function']; - } - } - } - } - } - return $result; -} - -/** -* Given an xmlrpc client and a method name, register a php wrapper function -* that will call it and return results using native php types for both -* params and results. The generated php function will return an xmlrpcresp -* object for failed xmlrpc calls -* -* Known limitations: -* - server must support system.methodsignature for the wanted xmlrpc method -* - for methods that expose many signatures, only one can be picked (we -* could in principle check if signatures differ only by number of params -* and not by type, but it would be more complication than we can spare time) -* - nested xmlrpc params: the caller of the generated php function has to -* encode on its own the params passed to the php function if these are structs -* or arrays whose (sub)members include values of type datetime or base64 -* -* Notes: the connection properties of the given client will be copied -* and reused for the connection used during the call to the generated -* php function. -* Calling the generated php function 'might' be slow: a new xmlrpc client -* is created on every invocation and an xmlrpc-connection opened+closed. -* An extra 'debug' param is appended to param list of xmlrpc method, useful -* for debugging purposes. -* -* @param xmlrpc_client $client an xmlrpc client set up correctly to communicate with target server -* @param string $methodname the xmlrpc method to be mapped to a php function -* @param array $extra_options array of options that specify conversion details. valid options include -* integer signum the index of the method signature to use in mapping (if method exposes many sigs) -* integer timeout timeout (in secs) to be used when executing function/calling remote method -* string protocol 'http' (default), 'http11' or 'https' -* string new_function_name the name of php function to create. If unspecified, lib will pick an appropriate name -* string return_source if true return php code w. function definition instead fo function name -* bool encode_php_objs let php objects be sent to server using the 'improved' xmlrpc notation, so server can deserialize them as php objects -* bool decode_php_objs --- WARNING !!! possible security hazard. only use it with trusted servers --- -* mixed return_on_fault a php value to be returned when the xmlrpc call fails/returns a fault response (by default the xmlrpcresp object is returned in this case). If a string is used, '%faultCode%' and '%faultString%' tokens will be substituted with actual error values -* bool debug set it to 1 or 2 to see debug results of querying server for method synopsis -* @return string the name of the generated php function (or false) - OR AN ARRAY... -*/ -function wrap_xmlrpc_method($client, $methodname, $extra_options=0, $timeout=0, $protocol='', $newfuncname='') -{ - // mind numbing: let caller use sane calling convention (as per javadoc, 3 params), - // OR the 2.0 calling convention (no options) - we really love backward compat, don't we? - if (!is_array($extra_options)) - { - $signum = $extra_options; - $extra_options = array(); - } - else - { - $signum = isset($extra_options['signum']) ? (int)$extra_options['signum'] : 0; - $timeout = isset($extra_options['timeout']) ? (int)$extra_options['timeout'] : 0; - $protocol = isset($extra_options['protocol']) ? $extra_options['protocol'] : ''; - $newfuncname = isset($extra_options['new_function_name']) ? $extra_options['new_function_name'] : ''; - } - //$encode_php_objects = in_array('encode_php_objects', $extra_options); - //$verbatim_client_copy = in_array('simple_client_copy', $extra_options) ? 1 : - // in_array('build_class_code', $extra_options) ? 2 : 0; - - $encode_php_objects = isset($extra_options['encode_php_objs']) ? (bool)$extra_options['encode_php_objs'] : false; - $decode_php_objects = isset($extra_options['decode_php_objs']) ? (bool)$extra_options['decode_php_objs'] : false; - // it seems like the meaning of 'simple_client_copy' here is swapped wrt client_copy_mode later on... - $simple_client_copy = isset($extra_options['simple_client_copy']) ? (int)($extra_options['simple_client_copy']) : 0; - $buildit = isset($extra_options['return_source']) ? !($extra_options['return_source']) : true; - $prefix = isset($extra_options['prefix']) ? $extra_options['prefix'] : 'xmlrpc'; - if (isset($extra_options['return_on_fault'])) - { - $decode_fault = true; - $fault_response = $extra_options['return_on_fault']; - } - else - { - $decode_fault = false; - $fault_response = ''; - } - $debug = isset($extra_options['debug']) ? ($extra_options['debug']) : 0; - - $msgclass = $prefix.'msg'; - $valclass = $prefix.'val'; - $decodefunc = 'php_'.$prefix.'_decode'; - - $msg = new $msgclass('system.methodSignature'); - $msg->addparam(new $valclass($methodname)); - $client->setDebug($debug); - $response =& $client->send($msg, $timeout, $protocol); - if($response->faultCode()) - { - error_log('XML-RPC: could not retrieve method signature from remote server for method '.$methodname); - return false; - } - else - { - $msig = $response->value(); - if ($client->return_type != 'phpvals') - { - $msig = $decodefunc($msig); - } - if(!is_array($msig) || count($msig) <= $signum) - { - error_log('XML-RPC: could not retrieve method signature nr.'.$signum.' from remote server for method '.$methodname); - return false; - } - else - { - // pick a suitable name for the new function, avoiding collisions - if($newfuncname != '') - { - $xmlrpcfuncname = $newfuncname; - } - else - { - // take care to insure that methodname is translated to valid - // php function name - $xmlrpcfuncname = $prefix.'_'.preg_replace(array('/\./', '/[^a-zA-Z0-9_\x7f-\xff]/'), - array('_', ''), $methodname); - } - while($buildit && function_exists($xmlrpcfuncname)) - { - $xmlrpcfuncname .= 'x'; - } - - $msig = $msig[$signum]; - $mdesc = ''; - // if in 'offline' mode, get method description too. - // in online mode, favour speed of operation - if(!$buildit) - { - $msg = new $msgclass('system.methodHelp'); - $msg->addparam(new $valclass($methodname)); - $response =& $client->send($msg, $timeout, $protocol); - if (!$response->faultCode()) - { - $mdesc = $response->value(); - if ($client->return_type != 'phpvals') - { - $mdesc = $mdesc->scalarval(); - } - } - } - - $results = build_remote_method_wrapper_code($client, $methodname, - $xmlrpcfuncname, $msig, $mdesc, $timeout, $protocol, $simple_client_copy, - $prefix, $decode_php_objects, $encode_php_objects, $decode_fault, - $fault_response); - - //print_r($code); - if ($buildit) - { - $allOK = 0; - eval($results['source'].'$allOK=1;'); - // alternative - //$xmlrpcfuncname = create_function('$m', $innercode); - if($allOK) - { - return $xmlrpcfuncname; - } - else - { - error_log('XML-RPC: could not create function '.$xmlrpcfuncname.' to wrap remote method '.$methodname); - return false; - } - } - else - { - $results['function'] = $xmlrpcfuncname; - return $results; - } - } - } -} - -/** -* Similar to wrap_xmlrpc_method, but will generate a php class that wraps -* all xmlrpc methods exposed by the remote server as own methods. -* For more details see wrap_xmlrpc_method. -* @param xmlrpc_client $client the client obj all set to query the desired server -* @param array $extra_options list of options for wrapped code -* @return mixed false on error, the name of the created class if all ok or an array with code, class name and comments (if the appropriatevoption is set in extra_options) -*/ -function wrap_xmlrpc_server($client, $extra_options=array()) -{ - $methodfilter = isset($extra_options['method_filter']) ? $extra_options['method_filter'] : ''; - //$signum = isset($extra_options['signum']) ? (int)$extra_options['signum'] : 0; - $timeout = isset($extra_options['timeout']) ? (int)$extra_options['timeout'] : 0; - $protocol = isset($extra_options['protocol']) ? $extra_options['protocol'] : ''; - $newclassname = isset($extra_options['new_class_name']) ? $extra_options['new_class_name'] : ''; - $encode_php_objects = isset($extra_options['encode_php_objs']) ? (bool)$extra_options['encode_php_objs'] : false; - $decode_php_objects = isset($extra_options['decode_php_objs']) ? (bool)$extra_options['decode_php_objs'] : false; - $verbatim_client_copy = isset($extra_options['simple_client_copy']) ? !($extra_options['simple_client_copy']) : true; - $buildit = isset($extra_options['return_source']) ? !($extra_options['return_source']) : true; - $prefix = isset($extra_options['prefix']) ? $extra_options['prefix'] : 'xmlrpc'; - - $msgclass = $prefix.'msg'; - //$valclass = $prefix.'val'; - $decodefunc = 'php_'.$prefix.'_decode'; - - $msg = new $msgclass('system.listMethods'); - $response =& $client->send($msg, $timeout, $protocol); - if($response->faultCode()) - { - error_log('XML-RPC: could not retrieve method list from remote server'); - return false; - } - else - { - $mlist = $response->value(); - if ($client->return_type != 'phpvals') - { - $mlist = $decodefunc($mlist); - } - if(!is_array($mlist) || !count($mlist)) - { - error_log('XML-RPC: could not retrieve meaningful method list from remote server'); - return false; - } - else - { - // pick a suitable name for the new function, avoiding collisions - if($newclassname != '') - { - $xmlrpcclassname = $newclassname; - } - else - { - $xmlrpcclassname = $prefix.'_'.preg_replace(array('/\./', '/[^a-zA-Z0-9_\x7f-\xff]/'), - array('_', ''), $client->server).'_client'; - } - while($buildit && class_exists($xmlrpcclassname)) - { - $xmlrpcclassname .= 'x'; - } - - /// @todo add function setdebug() to new class, to enable/disable debugging - $source = "class $xmlrpcclassname\n{\nvar \$client;\n\n"; - $source .= "function $xmlrpcclassname()\n{\n"; - $source .= build_client_wrapper_code($client, $verbatim_client_copy, $prefix); - $source .= "\$this->client =& \$client;\n}\n\n"; - $opts = array('simple_client_copy' => 2, 'return_source' => true, - 'timeout' => $timeout, 'protocol' => $protocol, - 'encode_php_objs' => $encode_php_objects, 'prefix' => $prefix, - 'decode_php_objs' => $decode_php_objects - ); - /// @todo build javadoc for class definition, too - foreach($mlist as $mname) - { - if ($methodfilter == '' || preg_match($methodfilter, $mname)) - { - $opts['new_function_name'] = preg_replace(array('/\./', '/[^a-zA-Z0-9_\x7f-\xff]/'), - array('_', ''), $mname); - $methodwrap = wrap_xmlrpc_method($client, $mname, $opts); - if ($methodwrap) - { - if (!$buildit) - { - $source .= $methodwrap['docstring']; - } - $source .= $methodwrap['source']."\n"; - } - else - { - error_log('XML-RPC: will not create class method to wrap remote method '.$mname); - } - } - } - $source .= "}\n"; - if ($buildit) - { - $allOK = 0; - eval($source.'$allOK=1;'); - // alternative - //$xmlrpcfuncname = create_function('$m', $innercode); - if($allOK) - { - return $xmlrpcclassname; - } - else - { - error_log('XML-RPC: could not create class '.$xmlrpcclassname.' to wrap remote server '.$client->server); - return false; - } - } - else - { - return array('class' => $xmlrpcclassname, 'code' => $source, 'docstring' => ''); - } - } - } -} - -/** -* Given the necessary info, build php code that creates a new function to -* invoke a remote xmlrpc method. -* Take care that no full checking of input parameters is done to ensure that -* valid php code is emitted. -* Note: real spaghetti code follows... -* @access private -*/ -function build_remote_method_wrapper_code($client, $methodname, $xmlrpcfuncname, - $msig, $mdesc='', $timeout=0, $protocol='', $client_copy_mode=0, $prefix='xmlrpc', - $decode_php_objects=false, $encode_php_objects=false, $decode_fault=false, - $fault_response='') -{ - $code = "function $xmlrpcfuncname ("; - if ($client_copy_mode < 2) - { - // client copy mode 0 or 1 == partial / full client copy in emitted code - $innercode = build_client_wrapper_code($client, $client_copy_mode, $prefix); - $innercode .= "\$client->setDebug(\$debug);\n"; - $this_ = ''; - } - else - { - // client copy mode 2 == no client copy in emitted code - $innercode = ''; - $this_ = 'this->'; - } - $innercode .= "\$msg = new {$prefix}msg('$methodname');\n"; - - if ($mdesc != '') - { - // take care that PHP comment is not terminated unwillingly by method description - $mdesc = "/**\n* ".str_replace('*/', '* /', $mdesc)."\n"; - } - else - { - $mdesc = "/**\nFunction $xmlrpcfuncname\n"; - } - - // param parsing - $plist = array(); - $pcount = count($msig); - for($i = 1; $i < $pcount; $i++) - { - $plist[] = "\$p$i"; - $ptype = $msig[$i]; - if($ptype == 'i4' || $ptype == 'int' || $ptype == 'boolean' || $ptype == 'double' || - $ptype == 'string' || $ptype == 'dateTime.iso8601' || $ptype == 'base64' || $ptype == 'null') - { - // only build directly xmlrpcvals when type is known and scalar - $innercode .= "\$p$i = new {$prefix}val(\$p$i, '$ptype');\n"; - } - else - { - if ($encode_php_objects) - { - $innercode .= "\$p$i =& php_{$prefix}_encode(\$p$i, array('encode_php_objs'));\n"; - } - else - { - $innercode .= "\$p$i =& php_{$prefix}_encode(\$p$i);\n"; - } - } - $innercode .= "\$msg->addparam(\$p$i);\n"; - $mdesc .= '* @param '.xmlrpc_2_php_type($ptype)." \$p$i\n"; - } - if ($client_copy_mode < 2) - { - $plist[] = '$debug=0'; - $mdesc .= "* @param int \$debug when 1 (or 2) will enable debugging of the underlying {$prefix} call (defaults to 0)\n"; - } - $plist = implode(', ', $plist); - $mdesc .= '* @return '.xmlrpc_2_php_type($msig[0])." (or an {$prefix}resp obj instance if call fails)\n*/\n"; - - $innercode .= "\$res =& \${$this_}client->send(\$msg, $timeout, '$protocol');\n"; - if ($decode_fault) - { - if (is_string($fault_response) && ((strpos($fault_response, '%faultCode%') !== false) || (strpos($fault_response, '%faultString%') !== false))) - { - $respcode = "str_replace(array('%faultCode%', '%faultString%'), array(\$res->faultCode(), \$res->faultString()), '".str_replace("'", "''", $fault_response)."')"; - } - else - { - $respcode = var_export($fault_response, true); - } - } - else - { - $respcode = '$res'; - } - if ($decode_php_objects) - { - $innercode .= "if (\$res->faultcode()) return $respcode; else return php_{$prefix}_decode(\$res->value(), array('decode_php_objs'));"; - } - else - { - $innercode .= "if (\$res->faultcode()) return $respcode; else return php_{$prefix}_decode(\$res->value());"; - } - - $code = $code . $plist. ") {\n" . $innercode . "\n}\n"; - - return array('source' => $code, 'docstring' => $mdesc); -} - -/** -* Given necessary info, generate php code that will rebuild a client object -* Take care that no full checking of input parameters is done to ensure that -* valid php code is emitted. -* @access private -*/ -function build_client_wrapper_code($client, $verbatim_client_copy, $prefix='xmlrpc') -{ - $code = "\$client = new {$prefix}_client('".str_replace("'", "\'", $client->path). - "', '" . str_replace("'", "\'", $client->server) . "', $client->port);\n"; - - // copy all client fields to the client that will be generated runtime - // (this provides for future expansion or subclassing of client obj) - if ($verbatim_client_copy) - { - foreach($client as $fld => $val) - { - if($fld != 'debug' && $fld != 'return_type') - { - $val = var_export($val, true); - $code .= "\$client->$fld = $val;\n"; - } - } - } - // only make sure that client always returns the correct data type - $code .= "\$client->return_type = '{$prefix}vals';\n"; - //$code .= "\$client->setDebug(\$debug);\n"; - return $code; -} diff --git a/lib/xmlrpcmsg.php b/lib/xmlrpcmsg.php deleted file mode 100644 index 1c26af08..00000000 --- a/lib/xmlrpcmsg.php +++ /dev/null @@ -1,613 +0,0 @@ -methodname=$meth; - if(is_array($pars) && count($pars)>0) - { - for($i=0; $iaddParam($pars[$i]); - } - } - } - - private function xml_header($charset_encoding='') - { - if ($charset_encoding != '') - { - return "\n\n"; - } - else - { - return "\n\n"; - } - } - - private function xml_footer() - { - return ''; - } - - private function kindOf() - { - return 'msg'; - } - - public function createPayload($charset_encoding='') - { - if ($charset_encoding != '') - $this->content_type = 'text/xml; charset=' . $charset_encoding; - else - $this->content_type = 'text/xml'; - $this->payload=$this->xml_header($charset_encoding); - $this->payload.='' . $this->methodname . "\n"; - $this->payload.="\n"; - for($i=0; $iparams); $i++) - { - $p=$this->params[$i]; - $this->payload.="\n" . $p->serialize($charset_encoding) . - "\n"; - } - $this->payload.="\n"; - $this->payload.=$this->xml_footer(); - } - - /** - * Gets/sets the xmlrpc method to be invoked - * @param string $meth the method to be set (leave empty not to set it) - * @return string the method that will be invoked - */ - public function method($meth='') - { - if($meth!='') - { - $this->methodname=$meth; - } - return $this->methodname; - } - - /** - * Returns xml representation of the message. XML prologue included - * @param string $charset_encoding - * @return string the xml representation of the message, xml prologue included - */ - public function serialize($charset_encoding='') - { - $this->createPayload($charset_encoding); - return $this->payload; - } - - /** - * Add a parameter to the list of parameters to be used upon method invocation - * @param xmlrpcval $par - * @return boolean false on failure - */ - public function addParam($par) - { - // add check: do not add to self params which are not xmlrpcvals - if(is_object($par) && is_a($par, 'xmlrpcval')) - { - $this->params[]=$par; - return true; - } - else - { - return false; - } - } - - /** - * Returns the nth parameter in the message. The index zero-based. - * @param integer $i the index of the parameter to fetch (zero based) - * @return xmlrpcval the i-th parameter - */ - public function getParam($i) { return $this->params[$i]; } - - /** - * Returns the number of parameters in the messge. - * @return integer the number of parameters currently set - */ - public function getNumParams() { return count($this->params); } - - /** - * Given an open file handle, read all data available and parse it as axmlrpc response. - * NB: the file handle is not closed by this function. - * NNB: might have trouble in rare cases to work on network streams, as we - * check for a read of 0 bytes instead of feof($fp). - * But since checking for feof(null) returns false, we would risk an - * infinite loop in that case, because we cannot trust the caller - * to give us a valid pointer to an open file... - * @param resource $fp stream pointer - * @return xmlrpcresp - * @todo add 2nd & 3rd param to be passed to ParseResponse() ??? - */ - public function &parseResponseFile($fp) - { - $ipd=''; - while($data=fread($fp, 32768)) - { - $ipd.=$data; - } - //fclose($fp); - $r =& $this->parseResponse($ipd); - return $r; - } - - /** - * Parses HTTP headers and separates them from data. - */ - private function &parseResponseHeaders(&$data, $headers_processed=false) - { - $xmlrpc = Phpxmlrpc::instance(); - // Support "web-proxy-tunelling" connections for https through proxies - if(preg_match('/^HTTP\/1\.[0-1] 200 Connection established/', $data)) - { - // Look for CR/LF or simple LF as line separator, - // (even though it is not valid http) - $pos = strpos($data,"\r\n\r\n"); - if($pos || is_int($pos)) - { - $bd = $pos+4; - } - else - { - $pos = strpos($data,"\n\n"); - if($pos || is_int($pos)) - { - $bd = $pos+2; - } - else - { - // No separation between response headers and body: fault? - $bd = 0; - } - } - if ($bd) - { - // this filters out all http headers from proxy. - // maybe we could take them into account, too? - $data = substr($data, $bd); - } - else - { - error_log('XML-RPC: '.__METHOD__.': HTTPS via proxy error, tunnel connection possibly failed'); - $r=new xmlrpcresp(0, $xmlrpc->xmlrpcerr['http_error'], $xmlrpc->xmlrpcstr['http_error']. ' (HTTPS via proxy error, tunnel connection possibly failed)'); - return $r; - } - } - - // Strip HTTP 1.1 100 Continue header if present - while(preg_match('/^HTTP\/1\.1 1[0-9]{2} /', $data)) - { - $pos = strpos($data, 'HTTP', 12); - // server sent a Continue header without any (valid) content following... - // give the client a chance to know it - if(!$pos && !is_int($pos)) // works fine in php 3, 4 and 5 - { - break; - } - $data = substr($data, $pos); - } - if(!preg_match('/^HTTP\/[0-9.]+ 200 /', $data)) - { - $errstr= substr($data, 0, strpos($data, "\n")-1); - error_log('XML-RPC: '.__METHOD__.': HTTP error, got response: ' .$errstr); - $r=new xmlrpcresp(0, $xmlrpc->xmlrpcerr['http_error'], $xmlrpc->xmlrpcstr['http_error']. ' (' . $errstr . ')'); - return $r; - } - - $xmlrpc->_xh['headers'] = array(); - $xmlrpc->_xh['cookies'] = array(); - - // be tolerant to usage of \n instead of \r\n to separate headers and data - // (even though it is not valid http) - $pos = strpos($data,"\r\n\r\n"); - if($pos || is_int($pos)) - { - $bd = $pos+4; - } - else - { - $pos = strpos($data,"\n\n"); - if($pos || is_int($pos)) - { - $bd = $pos+2; - } - else - { - // No separation between response headers and body: fault? - // we could take some action here instead of going on... - $bd = 0; - } - } - // be tolerant to line endings, and extra empty lines - $ar = preg_split("/\r?\n/", trim(substr($data, 0, $pos))); - while(list(,$line) = @each($ar)) - { - // take care of multi-line headers and cookies - $arr = explode(':',$line,2); - if(count($arr) > 1) - { - $header_name = strtolower(trim($arr[0])); - /// @todo some other headers (the ones that allow a CSV list of values) - /// do allow many values to be passed using multiple header lines. - /// We should add content to $xmlrpc->_xh['headers'][$header_name] - /// instead of replacing it for those... - if ($header_name == 'set-cookie' || $header_name == 'set-cookie2') - { - if ($header_name == 'set-cookie2') - { - // version 2 cookies: - // there could be many cookies on one line, comma separated - $cookies = explode(',', $arr[1]); - } - else - { - $cookies = array($arr[1]); - } - foreach ($cookies as $cookie) - { - // glue together all received cookies, using a comma to separate them - // (same as php does with getallheaders()) - if (isset($xmlrpc->_xh['headers'][$header_name])) - $xmlrpc->_xh['headers'][$header_name] .= ', ' . trim($cookie); - else - $xmlrpc->_xh['headers'][$header_name] = trim($cookie); - // parse cookie attributes, in case user wants to correctly honour them - // feature creep: only allow rfc-compliant cookie attributes? - // @todo support for server sending multiple time cookie with same name, but using different PATHs - $cookie = explode(';', $cookie); - foreach ($cookie as $pos => $val) - { - $val = explode('=', $val, 2); - $tag = trim($val[0]); - $val = trim(@$val[1]); - /// @todo with version 1 cookies, we should strip leading and trailing " chars - if ($pos == 0) - { - $cookiename = $tag; - $xmlrpc->_xh['cookies'][$tag] = array(); - $xmlrpc->_xh['cookies'][$cookiename]['value'] = urldecode($val); - } - else - { - if ($tag != 'value') - { - $xmlrpc->_xh['cookies'][$cookiename][$tag] = $val; - } - } - } - } - } - else - { - $xmlrpc->_xh['headers'][$header_name] = trim($arr[1]); - } - } - elseif(isset($header_name)) - { - /// @todo version1 cookies might span multiple lines, thus breaking the parsing above - $xmlrpc->_xh['headers'][$header_name] .= ' ' . trim($line); - } - } - - $data = substr($data, $bd); - - if($this->debug && count($xmlrpc->_xh['headers'])) - { - print '
';
-                foreach($xmlrpc->_xh['headers'] as $header => $value)
-                {
-                    print htmlentities("HEADER: $header: $value\n");
-                }
-                foreach($xmlrpc->_xh['cookies'] as $header => $value)
-                {
-                    print htmlentities("COOKIE: $header={$value['value']}\n");
-                }
-                print "
\n"; - } - - // if CURL was used for the call, http headers have been processed, - // and dechunking + reinflating have been carried out - if(!$headers_processed) - { - // Decode chunked encoding sent by http 1.1 servers - if(isset($xmlrpc->_xh['headers']['transfer-encoding']) && $xmlrpc->_xh['headers']['transfer-encoding'] == 'chunked') - { - if(!$data = decode_chunked($data)) - { - error_log('XML-RPC: '.__METHOD__.': errors occurred when trying to rebuild the chunked data received from server'); - $r = new xmlrpcresp(0, $xmlrpc->xmlrpcerr['dechunk_fail'], $xmlrpc->xmlrpcstr['dechunk_fail']); - return $r; - } - } - - // Decode gzip-compressed stuff - // code shamelessly inspired from nusoap library by Dietrich Ayala - if(isset($xmlrpc->_xh['headers']['content-encoding'])) - { - $xmlrpc->_xh['headers']['content-encoding'] = str_replace('x-', '', $xmlrpc->_xh['headers']['content-encoding']); - if($xmlrpc->_xh['headers']['content-encoding'] == 'deflate' || $xmlrpc->_xh['headers']['content-encoding'] == 'gzip') - { - // if decoding works, use it. else assume data wasn't gzencoded - if(function_exists('gzinflate')) - { - if($xmlrpc->_xh['headers']['content-encoding'] == 'deflate' && $degzdata = @gzuncompress($data)) - { - $data = $degzdata; - if($this->debug) - print "
---INFLATED RESPONSE---[".strlen($data)." chars]---\n" . htmlentities($data) . "\n---END---
"; - } - elseif($xmlrpc->_xh['headers']['content-encoding'] == 'gzip' && $degzdata = @gzinflate(substr($data, 10))) - { - $data = $degzdata; - if($this->debug) - print "
---INFLATED RESPONSE---[".strlen($data)." chars]---\n" . htmlentities($data) . "\n---END---
"; - } - else - { - error_log('XML-RPC: '.__METHOD__.': errors occurred when trying to decode the deflated data received from server'); - $r = new xmlrpcresp(0, $xmlrpc->xmlrpcerr['decompress_fail'], $xmlrpc->xmlrpcstr['decompress_fail']); - return $r; - } - } - else - { - error_log('XML-RPC: '.__METHOD__.': the server sent deflated data. Your php install must have the Zlib extension compiled in to support this.'); - $r = new xmlrpcresp(0, $xmlrpc->xmlrpcerr['cannot_decompress'], $xmlrpc->xmlrpcstr['cannot_decompress']); - return $r; - } - } - } - } // end of 'if needed, de-chunk, re-inflate response' - - // real stupid hack to avoid PHP complaining about returning NULL by ref - $r = null; - $r =& $r; - return $r; - } - - /** - * Parse the xmlrpc response contained in the string $data and return an xmlrpcresp object. - * @param string $data the xmlrpc response, eventually including http headers - * @param bool $headers_processed when true prevents parsing HTTP headers for interpretation of content-encoding and consequent decoding - * @param string $return_type decides return type, i.e. content of response->value(). Either 'xmlrpcvals', 'xml' or 'phpvals' - * @return xmlrpcresp - */ - public function &parseResponse($data='', $headers_processed=false, $return_type='xmlrpcvals') - { - $xmlrpc = Phpxmlrpc::instance(); - - if($this->debug) - { - //by maHo, replaced htmlspecialchars with htmlentities - print "
---GOT---\n" . htmlentities($data) . "\n---END---\n
"; - } - - if($data == '') - { - error_log('XML-RPC: '.__METHOD__.': no response received from server.'); - $r = new xmlrpcresp(0, $xmlrpc->xmlrpcerr['no_data'], $xmlrpc->xmlrpcstr['no_data']); - return $r; - } - - $xmlrpc->_xh=array(); - - $raw_data = $data; - // parse the HTTP headers of the response, if present, and separate them from data - if(substr($data, 0, 4) == 'HTTP') - { - $r =& $this->parseResponseHeaders($data, $headers_processed); - if ($r) - { - // failed processing of HTTP response headers - // save into response obj the full payload received, for debugging - $r->raw_data = $data; - return $r; - } - } - else - { - $xmlrpc->_xh['headers'] = array(); - $xmlrpc->_xh['cookies'] = array(); - } - - if($this->debug) - { - $start = strpos($data, '', $start); - $comments = substr($data, $start, $end-$start); - print "
---SERVER DEBUG INFO (DECODED) ---\n\t".htmlentities(str_replace("\n", "\n\t", base64_decode($comments)))."\n---END---\n
"; - } - } - - // be tolerant of extra whitespace in response body - $data = trim($data); - - /// @todo return an error msg if $data=='' ? - - // be tolerant of junk after methodResponse (e.g. javascript ads automatically inserted by free hosts) - // idea from Luca Mariano originally in PEARified version of the lib - $pos = strrpos($data, ''); - if($pos !== false) - { - $data = substr($data, 0, $pos+17); - } - - // if user wants back raw xml, give it to him - if ($return_type == 'xml') - { - $r = new xmlrpcresp($data, 0, '', 'xml'); - $r->hdrs = $xmlrpc->_xh['headers']; - $r->_cookies = $xmlrpc->_xh['cookies']; - $r->raw_data = $raw_data; - return $r; - } - - // try to 'guestimate' the character encoding of the received response - $resp_encoding = guess_encoding(@$xmlrpc->_xh['headers']['content-type'], $data); - - $xmlrpc->_xh['ac']=''; - //$xmlrpc->_xh['qt']=''; //unused... - $xmlrpc->_xh['stack'] = array(); - $xmlrpc->_xh['valuestack'] = array(); - $xmlrpc->_xh['isf']=0; // 0 = OK, 1 for xmlrpc fault responses, 2 = invalid xmlrpc - $xmlrpc->_xh['isf_reason']=''; - $xmlrpc->_xh['rt']=''; // 'methodcall or 'methodresponse' - - // if response charset encoding is not known / supported, try to use - // the default encoding and parse the xml anyway, but log a warning... - if (!in_array($resp_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) - // the following code might be better for mb_string enabled installs, but - // makes the lib about 200% slower... - //if (!is_valid_charset($resp_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) - { - error_log('XML-RPC: '.__METHOD__.': invalid charset encoding of received response: '.$resp_encoding); - $resp_encoding = $xmlrpc->xmlrpc_defencoding; - } - $parser = xml_parser_create($resp_encoding); - xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true); - // G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell - // the xml parser to give us back data in the expected charset. - // What if internal encoding is not in one of the 3 allowed? - // we use the broadest one, ie. utf8 - // This allows to send data which is native in various charset, - // by extending xmlrpc_encode_entitites() and setting xmlrpc_internalencoding - if (!in_array($xmlrpc->xmlrpc_internalencoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) - { - xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, 'UTF-8'); - } - else - { - xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $xmlrpc->xmlrpc_internalencoding); - } - - if ($return_type == 'phpvals') - { - xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee_fast'); - } - else - { - xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee'); - } - - xml_set_character_data_handler($parser, 'xmlrpc_cd'); - xml_set_default_handler($parser, 'xmlrpc_dh'); - - // first error check: xml not well formed - if(!xml_parse($parser, $data, count($data))) - { - // thanks to Peter Kocks - if((xml_get_current_line_number($parser)) == 1) - { - $errstr = 'XML error at line 1, check URL'; - } - else - { - $errstr = sprintf('XML error: %s at line %d, column %d', - xml_error_string(xml_get_error_code($parser)), - xml_get_current_line_number($parser), xml_get_current_column_number($parser)); - } - error_log($errstr); - $r=new xmlrpcresp(0, $xmlrpc->xmlrpcerr['invalid_return'], $xmlrpc->xmlrpcstr['invalid_return'].' ('.$errstr.')'); - xml_parser_free($parser); - if($this->debug) - { - print $errstr; - } - $r->hdrs = $xmlrpc->_xh['headers']; - $r->_cookies = $xmlrpc->_xh['cookies']; - $r->raw_data = $raw_data; - return $r; - } - xml_parser_free($parser); - // second error check: xml well formed but not xml-rpc compliant - if ($xmlrpc->_xh['isf'] > 1) - { - if ($this->debug) - { - /// @todo echo something for user? - } - - $r = new xmlrpcresp(0, $xmlrpc->xmlrpcerr['invalid_return'], - $xmlrpc->xmlrpcstr['invalid_return'] . ' ' . $xmlrpc->_xh['isf_reason']); - } - // third error check: parsing of the response has somehow gone boink. - // NB: shall we omit this check, since we trust the parsing code? - elseif ($return_type == 'xmlrpcvals' && !is_object($xmlrpc->_xh['value'])) - { - // something odd has happened - // and it's time to generate a client side error - // indicating something odd went on - $r=new xmlrpcresp(0, $xmlrpc->xmlrpcerr['invalid_return'], - $xmlrpc->xmlrpcstr['invalid_return']); - } - else - { - if ($this->debug) - { - print "
---PARSED---\n";
-                // somehow htmlentities chokes on var_export, and some full html string...
-                //print htmlentitites(var_export($xmlrpc->_xh['value'], true));
-                print htmlspecialchars(var_export($xmlrpc->_xh['value'], true));
-                print "\n---END---
"; - } - - // note that using =& will raise an error if $xmlrpc->_xh['st'] does not generate an object. - $v =& $xmlrpc->_xh['value']; - - if($xmlrpc->_xh['isf']) - { - /// @todo we should test here if server sent an int and a string, - /// and/or coerce them into such... - if ($return_type == 'xmlrpcvals') - { - $errno_v = $v->structmem('faultCode'); - $errstr_v = $v->structmem('faultString'); - $errno = $errno_v->scalarval(); - $errstr = $errstr_v->scalarval(); - } - else - { - $errno = $v['faultCode']; - $errstr = $v['faultString']; - } - - if($errno == 0) - { - // FAULT returned, errno needs to reflect that - $errno = -1; - } - - $r = new xmlrpcresp(0, $errno, $errstr); - } - else - { - $r=new xmlrpcresp($v, 0, '', $return_type); - } - } - - $r->hdrs = $xmlrpc->_xh['headers']; - $r->_cookies = $xmlrpc->_xh['cookies']; - $r->raw_data = $raw_data; - return $r; - } -} diff --git a/lib/xmlrpcs.inc b/lib/xmlrpcs.inc new file mode 100644 index 00000000..7daf1c44 --- /dev/null +++ b/lib/xmlrpcs.inc @@ -0,0 +1,56 @@ + + +// Copyright (c) 1999,2000,2002 Edd Dumbill. +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions +// are met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following +// disclaimer in the documentation and/or other materials provided +// with the distribution. +// +// * Neither the name of the "XML-RPC for PHP" nor the names of its +// contributors may be used to endorse or promote products derived +// from this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +// REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +// OF THE POSSIBILITY OF SUCH DAMAGE. + +/****************************************************************************** + * + *** DEPRECATED *** + * + * This file is only used to insure backwards compatibility + * with the API of the library <= rev. 3 + *****************************************************************************/ + +include_once(__DIR__.'/../src/Server.php'); + +class xmlrpc_server extends PhpXmlRpc\Server +{ +} + +/* Expose as global functions the ones which are now class methods */ + +function xmlrpc_debugmsg($m) +{ + PhpXmlRpc\Server::xmlrpc_debugmsg($m); +} \ No newline at end of file diff --git a/lib/xmlrpc_client.php b/src/Client.php similarity index 93% rename from lib/xmlrpc_client.php rename to src/Client.php index 88853883..a31c7327 100644 --- a/lib/xmlrpc_client.php +++ b/src/Client.php @@ -1,6 +1,8 @@ accepted_charset_encodings = array('UTF-8', 'ISO-8859-1', 'US-ASCII'); // initialize user_agent string - $this->user_agent = $xmlrpc->xmlrpcName . ' ' . $xmlrpc->xmlrpcVersion; + $this->user_agent = PhpXmlRpc::$xmlrpcName . ' ' . PhpXmlRpc::$xmlrpcVersion; } /** @@ -321,7 +321,7 @@ function SetUserAgent( $agentstring ) /** * Send an xmlrpc request - * @param mixed $msg The message object, or an array of messages for using multicall, or the complete xml representation of a request + * @param mixed $msg The request object, or an array of requests for using multicall, or the complete xml representation of a request * @param integer $timeout Connection timeout, in seconds, If unspecified, a platform specific timeout will apply * @param string $method if left unspecified, the http protocol chosen during creation of the object will be used * @return xmlrpcresp @@ -343,7 +343,7 @@ public function& send($msg, $timeout=0, $method='') } elseif(is_string($msg)) { - $n = new xmlrpcmsg(''); + $n = new Message(''); $n->payload = $msg; $msg = $n; } @@ -353,7 +353,7 @@ public function& send($msg, $timeout=0, $method='') if($method == 'https') { - $r =& $this->sendPayloadHTTPS( + $r = $this->sendPayloadHTTPS( $msg, $this->server, $this->port, @@ -377,7 +377,7 @@ public function& send($msg, $timeout=0, $method='') } elseif($method == 'http11') { - $r =& $this->sendPayloadCURL( + $r = $this->sendPayloadCURL( $msg, $this->server, $this->port, @@ -400,7 +400,7 @@ public function& send($msg, $timeout=0, $method='') } else { - $r =& $this->sendPayloadHTTP10( + $r = $this->sendPayloadHTTP10( $msg, $this->server, $this->port, @@ -419,12 +419,10 @@ public function& send($msg, $timeout=0, $method='') return $r; } - private function &sendPayloadHTTP10($msg, $server, $port, $timeout=0, + private function sendPayloadHTTP10($msg, $server, $port, $timeout=0, $username='', $password='', $authtype=1, $proxyhost='', $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1) { - $xmlrpc = Phpxmlrpc::instance(); - if($port==0) { $port=80; @@ -575,7 +573,7 @@ private function &sendPayloadHTTP10($msg, $server, $port, $timeout=0, else { $this->errstr='Connect error: '.$this->errstr; - $r=new xmlrpcresp(0, $xmlrpc->xmlrpcerr['http_error'], $this->errstr . ' (' . $this->errno . ')'); + $r=new Response(0, PhpXmlRpc::$xmlrpcerr['http_error'], $this->errstr . ' (' . $this->errno . ')'); return $r; } @@ -583,7 +581,7 @@ private function &sendPayloadHTTP10($msg, $server, $port, $timeout=0, { fclose($fp); $this->errstr='Write error'; - $r=new xmlrpcresp(0, $xmlrpc->xmlrpcerr['http_error'], $this->errstr); + $r=new Response(0, PhpXmlRpc::$xmlrpcerr['http_error'], $this->errstr); return $r; } else @@ -601,17 +599,17 @@ private function &sendPayloadHTTP10($msg, $server, $port, $timeout=0, $ipd.=fread($fp, 32768); } while(!feof($fp)); fclose($fp); - $r =& $msg->parseResponse($ipd, false, $this->return_type); + $r = $msg->parseResponse($ipd, false, $this->return_type); return $r; } - private function &sendPayloadHTTPS($msg, $server, $port, $timeout=0, $username='', + private function sendPayloadHTTPS($msg, $server, $port, $timeout=0, $username='', $password='', $authtype=1, $cert='',$certpass='', $cacert='', $cacertdir='', $proxyhost='', $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1, $keepalive=false, $key='', $keypass='') { - $r =& $this->sendPayloadCURL($msg, $server, $port, $timeout, $username, + $r = $this->sendPayloadCURL($msg, $server, $port, $timeout, $username, $password, $authtype, $cert, $certpass, $cacert, $cacertdir, $proxyhost, $proxyport, $proxyusername, $proxypassword, $proxyauthtype, 'https', $keepalive, $key, $keypass); return $r; @@ -622,17 +620,15 @@ private function &sendPayloadHTTPS($msg, $server, $port, $timeout=0, $username=' * Requires curl to be built into PHP * NB: CURL versions before 7.11.10 cannot use proxy to talk to https servers! */ - private function &sendPayloadCURL($msg, $server, $port, $timeout=0, $username='', + private function sendPayloadCURL($msg, $server, $port, $timeout=0, $username='', $password='', $authtype=1, $cert='', $certpass='', $cacert='', $cacertdir='', $proxyhost='', $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1, $method='https', $keepalive=false, $key='', $keypass='') { - $xmlrpc = Phpxmlrpc::instance(); - if(!function_exists('curl_init')) { $this->errstr='CURL unavailable on this install'; - $r=new xmlrpcresp(0, $xmlrpc->xmlrpcerr['no_curl'], $xmlrpc->xmlrpcstr['no_curl']); + $r=new Response(0, PhpXmlRpc::$xmlrpcerr['no_curl'], PhpXmlRpc::$xmlrpcstr['no_curl']); return $r; } if($method == 'https') @@ -641,7 +637,7 @@ private function &sendPayloadCURL($msg, $server, $port, $timeout=0, $username='' ((is_string($info) && strpos($info, 'OpenSSL') === null) || (is_array($info) && !isset($info['ssl_version'])))) { $this->errstr='SSL unavailable on this install'; - $r=new xmlrpcresp(0, $xmlrpc->xmlrpcerr['no_ssl'], $xmlrpc->xmlrpcstr['no_ssl']); + $r=new Response(0, PhpXmlRpc::$xmlrpcerr['no_ssl'], PhpXmlRpc::$xmlrpcstr['no_ssl']); return $r; } } @@ -873,7 +869,7 @@ private function &sendPayloadCURL($msg, $server, $port, $timeout=0, $username='' if(!$result) /// @todo we should use a better check here - what if we get back '' or '0'? { $this->errstr='no response'; - $resp=new xmlrpcresp(0, $xmlrpc->xmlrpcerr['curl_fail'], $xmlrpc->xmlrpcstr['curl_fail']. ': '. curl_error($curl)); + $resp=new Response(0, PhpXmlRpc::$xmlrpcerr['curl_fail'], PhpXmlRpc::$xmlrpcstr['curl_fail']. ': '. curl_error($curl)); curl_close($curl); if($keepalive) { @@ -886,9 +882,9 @@ private function &sendPayloadCURL($msg, $server, $port, $timeout=0, $username='' { curl_close($curl); } - $resp =& $msg->parseResponse($result, true, $this->return_type); + $resp = $msg->parseResponse($result, true, $this->return_type); // if we got back a 302, we can not reuse the curl handle for later calls - if($resp->faultCode() == $xmlrpc->xmlrpcerr['http_error'] && $keepalive) + if($resp->faultCode() == PhpXmlRpc::$xmlrpcerr['http_error'] && $keepalive) { curl_close($curl); $this->xmlrpc_curl_handle = null; @@ -898,7 +894,7 @@ private function &sendPayloadCURL($msg, $server, $port, $timeout=0, $username='' } /** - * Send an array of request messages and return an array of responses. + * Send an array of requests and return an array of responses. * Unless $this->no_multicall has been set to true, it will try first * to use one single xmlrpc call to server method system.multicall, and * revert to sending many successive calls in case of failure. @@ -920,8 +916,6 @@ private function &sendPayloadCURL($msg, $server, $port, $timeout=0, $username='' */ public function multicall($msgs, $timeout=0, $method='', $fallback=true) { - $xmlrpc = Phpxmlrpc::instance(); - if ($method == '') { $method = $this->method; @@ -951,7 +945,7 @@ public function multicall($msgs, $timeout=0, $method='', $fallback=true) } else { - $result = new xmlrpcresp(0, $xmlrpc->xmlrpcerr['multicall_error'], $xmlrpc->xmlrpcstr['multicall_error']); + $result = new Response(0, PhpXmlRpc::$xmlrpcerr['multicall_error'], PhpXmlRpc::$xmlrpcstr['multicall_error']); } } } @@ -970,7 +964,7 @@ public function multicall($msgs, $timeout=0, $method='', $fallback=true) // emulate multicall via multiple requests foreach($msgs as $msg) { - $results[] =& $this->send($msg, $timeout, $method); + $results[] = $this->send($msg, $timeout, $method); } } else @@ -993,25 +987,25 @@ public function multicall($msgs, $timeout=0, $method='', $fallback=true) */ private function _try_multicall($msgs, $timeout, $method) { - // Construct multicall message + // Construct multicall request $calls = array(); foreach($msgs as $msg) { - $call['methodName'] = new xmlrpcval($msg->method(),'string'); + $call['methodName'] = new Value($msg->method(),'string'); $numParams = $msg->getNumParams(); $params = array(); for($i = 0; $i < $numParams; $i++) { $params[$i] = $msg->getParam($i); } - $call['params'] = new xmlrpcval($params, 'array'); - $calls[] = new xmlrpcval($call, 'struct'); + $call['params'] = new Value($params, 'array'); + $calls[] = new Value($call, 'struct'); } - $multicall = new xmlrpcmsg('system.multicall'); - $multicall->addParam(new xmlrpcval($calls, 'array')); + $multicall = new Request('system.multicall'); + $multicall->addParam(new Value($calls, 'array')); // Attempt RPC call - $result =& $this->send($multicall, $timeout, $method); + $result = $this->send($multicall, $timeout, $method); if($result->faultCode() != 0) { @@ -1055,7 +1049,7 @@ private function _try_multicall($msgs, $timeout, $method) return false; // Bad value } // Normal return value - $response[$i] = new xmlrpcresp($val[0], 0, '', 'phpvals'); + $response[$i] = new Response($val[0], 0, '', 'phpvals'); break; case 2: /// @todo remove usage of @: it is apparently quite slow @@ -1069,7 +1063,7 @@ private function _try_multicall($msgs, $timeout, $method) { return false; } - $response[$i] = new xmlrpcresp(0, $code, $str); + $response[$i] = new Response(0, $code, $str); break; default: return false; @@ -1102,7 +1096,7 @@ private function _try_multicall($msgs, $timeout, $method) return false; // Bad value } // Normal return value - $response[$i] = new xmlrpcresp($val->arraymem(0)); + $response[$i] = new Response($val->arraymem(0)); break; case 'struct': $code = $val->structmem('faultCode'); @@ -1115,7 +1109,7 @@ private function _try_multicall($msgs, $timeout, $method) { return false; } - $response[$i] = new xmlrpcresp(0, $code->scalarval(), $str->scalarval()); + $response[$i] = new Response(0, $code->scalarval(), $str->scalarval()); break; default: return false; diff --git a/src/Encoder.php b/src/Encoder.php new file mode 100644 index 00000000..f464f822 --- /dev/null +++ b/src/Encoder.php @@ -0,0 +1,420 @@ +kindOf()) + { + case 'scalar': + if (in_array('extension_api', $options)) + { + reset($xmlrpc_val->me); + list($typ,$val) = each($xmlrpc_val->me); + switch ($typ) + { + case 'dateTime.iso8601': + $xmlrpc_val->scalar = $val; + $xmlrpc_val->type = 'datetime'; + $xmlrpc_val->timestamp = \PhpXmlRpc\Helper\Date::iso8601_decode($val); + return $xmlrpc_val; + case 'base64': + $xmlrpc_val->scalar = $val; + $xmlrpc_val->type = $typ; + return $xmlrpc_val; + default: + return $xmlrpc_val->scalarval(); + } + } + if (in_array('dates_as_objects', $options) && $xmlrpc_val->scalartyp() == 'dateTime.iso8601') + { + // we return a Datetime object instead of a string + // since now the constructor of xmlrpcval accepts safely strings, ints and datetimes, + // we cater to all 3 cases here + $out = $xmlrpc_val->scalarval(); + if (is_string($out)) + { + $out = strtotime($out); + } + if (is_int($out)) + { + $result = new \Datetime(); + $result->setTimestamp($out); + return $result; + } + elseif (is_a($out, 'Datetime')) + { + return $out; + } + } + return $xmlrpc_val->scalarval(); + case 'array': + $size = $xmlrpc_val->arraysize(); + $arr = array(); + for($i = 0; $i < $size; $i++) + { + $arr[] = $this->decode($xmlrpc_val->arraymem($i), $options); + } + return $arr; + case 'struct': + $xmlrpc_val->structreset(); + // If user said so, try to rebuild php objects for specific struct vals. + /// @todo should we raise a warning for class not found? + // shall we check for proper subclass of xmlrpcval instead of + // presence of _php_class to detect what we can do? + if (in_array('decode_php_objs', $options) && $xmlrpc_val->_php_class != '' + && class_exists($xmlrpc_val->_php_class)) + { + $obj = @new $xmlrpc_val->_php_class; + while(list($key,$value)=$xmlrpc_val->structeach()) + { + $obj->$key = $this->decode($value, $options); + } + return $obj; + } + else + { + $arr = array(); + while(list($key,$value)=$xmlrpc_val->structeach()) + { + $arr[$key] = $this->decode($value, $options); + } + return $arr; + } + case 'msg': + $paramcount = $xmlrpc_val->getNumParams(); + $arr = array(); + for($i = 0; $i < $paramcount; $i++) + { + $arr[] = $this->decode($xmlrpc_val->getParam($i)); + } + return $arr; + } + } + + /** + * Takes native php types and encodes them into xmlrpc PHP object format. + * It will not re-encode xmlrpcval objects. + * + * Feature creep -- could support more types via optional type argument + * (string => datetime support has been added, ??? => base64 not yet) + * + * If given a proper options parameter, php object instances will be encoded + * into 'special' xmlrpc values, that can later be decoded into php objects + * by calling php_xmlrpc_decode() with a corresponding option + * + * @author Dan Libby (dan@libby.com) + * + * @param mixed $php_val the value to be converted into an xmlrpcval object + * @param array $options can include 'encode_php_objs', 'auto_dates', 'null_extension' or 'extension_api' + * @return xmlrpcval + */ + function encode($php_val, $options=array()) + { + $type = gettype($php_val); + switch($type) + { + case 'string': + if (in_array('auto_dates', $options) && preg_match('/^[0-9]{8}T[0-9]{2}:[0-9]{2}:[0-9]{2}$/', $php_val)) + $xmlrpc_val = new Value($php_val, Value::$xmlrpcDateTime); + else + $xmlrpc_val = new Value($php_val, Value::$xmlrpcString); + break; + case 'integer': + $xmlrpc_val = new Value($php_val, Value::$xmlrpcInt); + break; + case 'double': + $xmlrpc_val = new Value($php_val, Value::$xmlrpcDouble); + break; + // + // Add support for encoding/decoding of booleans, since they are supported in PHP + case 'boolean': + $xmlrpc_val = new Value($php_val, Value::$xmlrpcBoolean); + break; + // + case 'array': + // PHP arrays can be encoded to either xmlrpc structs or arrays, + // depending on wheter they are hashes or plain 0..n integer indexed + // A shorter one-liner would be + // $tmp = array_diff(array_keys($php_val), range(0, count($php_val)-1)); + // but execution time skyrockets! + $j = 0; + $arr = array(); + $ko = false; + foreach($php_val as $key => $val) + { + $arr[$key] = $this->encode($val, $options); + if(!$ko && $key !== $j) + { + $ko = true; + } + $j++; + } + if($ko) + { + $xmlrpc_val = new Value($arr, Value::$xmlrpcStruct); + } + else + { + $xmlrpc_val = new Value($arr, Value::$xmlrpcArray); + } + break; + case 'object': + if(is_a($php_val, 'xmlrpcval')) + { + $xmlrpc_val = $php_val; + } + else if(is_a($php_val, 'DateTime')) + { + $xmlrpc_val = new Value($php_val->format('Ymd\TH:i:s'), Value::$xmlrpcStruct); + } + else + { + $arr = array(); + reset($php_val); + while(list($k,$v) = each($php_val)) + { + $arr[$k] = $this->encode($v, $options); + } + $xmlrpc_val = new Value($arr, Value::$xmlrpcStruct); + if (in_array('encode_php_objs', $options)) + { + // let's save original class name into xmlrpcval: + // might be useful later on... + $xmlrpc_val->_php_class = get_class($php_val); + } + } + break; + case 'NULL': + if (in_array('extension_api', $options)) + { + $xmlrpc_val = new Value('', Value::$xmlrpcString); + } + else if (in_array('null_extension', $options)) + { + $xmlrpc_val = new Value('', Value::$xmlrpcNull); + } + else + { + $xmlrpc_val = new Value(); + } + break; + case 'resource': + if (in_array('extension_api', $options)) + { + $xmlrpc_val = new Value((int)$php_val, Value::$xmlrpcInt); + } + else + { + $xmlrpc_val = new Value(); + } + // catch "user function", "unknown type" + default: + // giancarlo pinerolo + // it has to return + // an empty object in case, not a boolean. + $xmlrpc_val = new Value(); + break; + } + return $xmlrpc_val; + } + + /** + * Convert the xml representation of a method response, method request or single + * xmlrpc value into the appropriate object (a.k.a. deserialize) + * @param string $xml_val + * @param array $options + * @return mixed false on error, or an instance of either Value, Request or Response + */ + function decode_xml($xml_val, $options=array()) + { + + /// @todo 'guestimate' encoding + $parser = xml_parser_create(); + xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true); + // What if internal encoding is not in one of the 3 allowed? + // we use the broadest one, ie. utf8! + if (!in_array(PhpXmlRpc::$xmlrpc_internalencoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) + { + xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, 'UTF-8'); + } + else + { + xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, PhpXmlRpc::$xmlrpc_internalencoding); + } + + $xmlRpcParser = new XMLParser(); + xml_set_object($parser, $xmlRpcParser); + + xml_set_element_handler($parser, 'xmlrpc_se_any', 'xmlrpc_ee'); + xml_set_character_data_handler($parser, 'xmlrpc_cd'); + xml_set_default_handler($parser, 'xmlrpc_dh'); + if(!xml_parse($parser, $xml_val, 1)) + { + $errstr = sprintf('XML error: %s at line %d, column %d', + xml_error_string(xml_get_error_code($parser)), + xml_get_current_line_number($parser), xml_get_current_column_number($parser)); + error_log($errstr); + xml_parser_free($parser); + return false; + } + xml_parser_free($parser); + if ($xmlRpcParser->_xh['isf'] > 1) // test that $xmlrpc->_xh['value'] is an obj, too??? + { + error_log($xmlRpcParser->_xh['isf_reason']); + return false; + } + switch ($xmlRpcParser->_xh['rt']) + { + case 'methodresponse': + $v =& $xmlRpcParser->_xh['value']; + if ($xmlRpcParser->_xh['isf'] == 1) + { + $vc = $v->structmem('faultCode'); + $vs = $v->structmem('faultString'); + $r = new Response(0, $vc->scalarval(), $vs->scalarval()); + } + else + { + $r = new Response($v); + } + return $r; + case 'methodcall': + $m = new Request($xmlRpcParser->_xh['method']); + for($i=0; $i < count($xmlRpcParser->_xh['params']); $i++) + { + $m->addParam($xmlRpcParser->_xh['params'][$i]); + } + return $m; + case 'value': + return $xmlRpcParser->_xh['value']; + default: + return false; + } + } + + +/** + * xml charset encoding guessing helper function. + * Tries to determine the charset encoding of an XML chunk received over HTTP. + * NB: according to the spec (RFC 3023), if text/xml content-type is received over HTTP without a content-type, + * we SHOULD assume it is strictly US-ASCII. But we try to be more tolerant of unconforming (legacy?) clients/servers, + * which will be most probably using UTF-8 anyway... + * + * @param string $httpheader the http Content-type header + * @param string $xmlchunk xml content buffer + * @param string $encoding_prefs comma separated list of character encodings to be used as default (when mb extension is enabled) + * @return string + * + * @todo explore usage of mb_http_input(): does it detect http headers + post data? if so, use it instead of hand-detection!!! + */ +function guess_encoding($httpheader='', $xmlchunk='', $encoding_prefs=null) +{ + // discussion: see http://www.yale.edu/pclt/encoding/ + // 1 - test if encoding is specified in HTTP HEADERS + + //Details: + // LWS: (\13\10)?( |\t)+ + // token: (any char but excluded stuff)+ + // quoted string: " (any char but double quotes and cointrol chars)* " + // header: Content-type = ...; charset=value(; ...)* + // where value is of type token, no LWS allowed between 'charset' and value + // Note: we do not check for invalid chars in VALUE: + // this had better be done using pure ereg as below + // Note 2: we might be removing whitespace/tabs that ought to be left in if + // the received charset is a quoted string. But nobody uses such charset names... + + /// @todo this test will pass if ANY header has charset specification, not only Content-Type. Fix it? + $matches = array(); + if(preg_match('/;\s*charset\s*=([^;]+)/i', $httpheader, $matches)) + { + return strtoupper(trim($matches[1], " \t\"")); + } + + // 2 - scan the first bytes of the data for a UTF-16 (or other) BOM pattern + // (source: http://www.w3.org/TR/2000/REC-xml-20001006) + // NOTE: actually, according to the spec, even if we find the BOM and determine + // an encoding, we should check if there is an encoding specified + // in the xml declaration, and verify if they match. + /// @todo implement check as described above? + /// @todo implement check for first bytes of string even without a BOM? (It sure looks harder than for cases WITH a BOM) + if(preg_match('/^(\x00\x00\xFE\xFF|\xFF\xFE\x00\x00|\x00\x00\xFF\xFE|\xFE\xFF\x00\x00)/', $xmlchunk)) + { + return 'UCS-4'; + } + elseif(preg_match('/^(\xFE\xFF|\xFF\xFE)/', $xmlchunk)) + { + return 'UTF-16'; + } + elseif(preg_match('/^(\xEF\xBB\xBF)/', $xmlchunk)) + { + return 'UTF-8'; + } + + // 3 - test if encoding is specified in the xml declaration + // Details: + // SPACE: (#x20 | #x9 | #xD | #xA)+ === [ \x9\xD\xA]+ + // EQ: SPACE?=SPACE? === [ \x9\xD\xA]*=[ \x9\xD\xA]* + if (preg_match('/^<\?xml\s+version\s*=\s*'. "((?:\"[a-zA-Z0-9_.:-]+\")|(?:'[a-zA-Z0-9_.:-]+'))". + '\s+encoding\s*=\s*' . "((?:\"[A-Za-z][A-Za-z0-9._-]*\")|(?:'[A-Za-z][A-Za-z0-9._-]*'))/", + $xmlchunk, $matches)) + { + return strtoupper(substr($matches[2], 1, -1)); + } + + // 4 - if mbstring is available, let it do the guesswork + // NB: we favour finding an encoding that is compatible with what we can process + if(extension_loaded('mbstring')) + { + if($encoding_prefs) + { + $enc = mb_detect_encoding($xmlchunk, $encoding_prefs); + } + else + { + $enc = mb_detect_encoding($xmlchunk); + } + // NB: mb_detect likes to call it ascii, xml parser likes to call it US_ASCII... + // IANA also likes better US-ASCII, so go with it + if($enc == 'ASCII') + { + $enc = 'US-'.$enc; + } + return $enc; + } + else + { + // no encoding specified: as per HTTP1.1 assume it is iso-8859-1? + // Both RFC 2616 (HTTP 1.1) and 1945 (HTTP 1.0) clearly state that for text/xxx content types + // this should be the standard. And we should be getting text/xml as request and response. + // BUT we have to be backward compatible with the lib, which always used UTF-8 as default... + return PhpXmlRpc::$xmlrpc_defencoding; + } +} + +} \ No newline at end of file diff --git a/src/Helper/Charset.php b/src/Helper/Charset.php new file mode 100644 index 00000000..db301cc7 --- /dev/null +++ b/src/Helper/Charset.php @@ -0,0 +1,246 @@ + array(), "out" => array()); + + /// @todo add to iso table the characters from cp_1252 range, i.e. 128 to 159? + /// These will NOT be present in true ISO-8859-1, but will save the unwary + /// windows user from sending junk (though no luck when receiving them...) + /* + protected $xml_cp1252_Entities = array('in' => array(), out' => array( + '€', '?', '‚', 'ƒ', + '„', '…', '†', '‡', + 'ˆ', '‰', 'Š', '‹', + 'Œ', '?', 'Ž', '?', + '?', '‘', '’', '“', + '”', '•', '–', '—', + '˜', '™', 'š', '›', + 'œ', '?', 'ž', 'Ÿ' + )); + */ + + protected $charset_supersets = array( + 'US-ASCII' => array ('ISO-8859-1', 'ISO-8859-2', 'ISO-8859-3', 'ISO-8859-4', + 'ISO-8859-5', 'ISO-8859-6', 'ISO-8859-7', 'ISO-8859-8', + 'ISO-8859-9', 'ISO-8859-10', 'ISO-8859-11', 'ISO-8859-12', + 'ISO-8859-13', 'ISO-8859-14', 'ISO-8859-15', 'UTF-8', + 'EUC-JP', 'EUC-', 'EUC-KR', 'EUC-CN') + ); + + protected static $instance = null; + + /** + * This class is singleton for performance reasons + * @return Charset + */ + public static function instance() + { + if(self::$instance === null) + { + self::$instance = new self(); + } + + return self::$instance; + } + + private function __construct() + { + for($i = 0; $i < 32; $i++) { + $this->xml_iso88591_Entities["in"][] = chr($i); + $this->xml_iso88591_Entities["out"][] = "&#{$i};"; + } + + for($i = 160; $i < 256; $i++) { + $this->xml_iso88591_Entities["in"][] = chr($i); + $this->xml_iso88591_Entities["out"][] = "&#{$i};"; + } + + /*for ($i = 128; $i < 160; $i++) + { + $this->xml_cp1252_Entities['in'][] = chr($i); + }*/ + + } + + /** + * Convert a string to the correct XML representation in a target charset + * To help correct communication of non-ascii chars inside strings, regardless + * of the charset used when sending requests, parsing them, sending responses + * and parsing responses, an option is to convert all non-ascii chars present in the message + * into their equivalent 'charset entity'. Charset entities enumerated this way + * are independent of the charset encoding used to transmit them, and all XML + * parsers are bound to understand them. + * Note that in the std case we are not sending a charset encoding mime type + * along with http headers, so we are bound by RFC 3023 to emit strict us-ascii. + * + * @todo do a bit of basic benchmarking (strtr vs. str_replace) + * @todo make usage of iconv() or recode_string() or mb_string() where available + * + * @param string $data + * @param string $src_encoding + * @param string $dest_encoding + * @return string + */ + public function encode_entities($data, $src_encoding='', $dest_encoding='') + { + if ($src_encoding == '') + { + // lame, but we know no better... + $src_encoding = PhpXmlRpc::$xmlrpc_internalencoding; + } + + switch(strtoupper($src_encoding.'_'.$dest_encoding)) + { + case 'ISO-8859-1_': + case 'ISO-8859-1_US-ASCII': + $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); + $escaped_data = str_replace($this->xml_iso88591_Entities['in'], $this->xml_iso88591_Entities['out'], $escaped_data); + break; + case 'ISO-8859-1_UTF-8': + $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); + $escaped_data = utf8_encode($escaped_data); + break; + case 'ISO-8859-1_ISO-8859-1': + case 'US-ASCII_US-ASCII': + case 'US-ASCII_UTF-8': + case 'US-ASCII_': + case 'US-ASCII_ISO-8859-1': + case 'UTF-8_UTF-8': + //case 'CP1252_CP1252': + $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); + break; + case 'UTF-8_': + case 'UTF-8_US-ASCII': + case 'UTF-8_ISO-8859-1': + // NB: this will choke on invalid UTF-8, going most likely beyond EOF + $escaped_data = ''; + // be kind to users creating string xmlrpcvals out of different php types + $data = (string) $data; + $ns = strlen ($data); + for ($nn = 0; $nn < $ns; $nn++) + { + $ch = $data[$nn]; + $ii = ord($ch); + //1 7 0bbbbbbb (127) + if ($ii < 128) + { + /// @todo shall we replace this with a (supposedly) faster str_replace? + switch($ii){ + case 34: + $escaped_data .= '"'; + break; + case 38: + $escaped_data .= '&'; + break; + case 39: + $escaped_data .= '''; + break; + case 60: + $escaped_data .= '<'; + break; + case 62: + $escaped_data .= '>'; + break; + default: + $escaped_data .= $ch; + } // switch + } + //2 11 110bbbbb 10bbbbbb (2047) + else if ($ii>>5 == 6) + { + $b1 = ($ii & 31); + $ii = ord($data[$nn+1]); + $b2 = ($ii & 63); + $ii = ($b1 * 64) + $b2; + $ent = sprintf ('&#%d;', $ii); + $escaped_data .= $ent; + $nn += 1; + } + //3 16 1110bbbb 10bbbbbb 10bbbbbb + else if ($ii>>4 == 14) + { + $b1 = ($ii & 15); + $ii = ord($data[$nn+1]); + $b2 = ($ii & 63); + $ii = ord($data[$nn+2]); + $b3 = ($ii & 63); + $ii = ((($b1 * 64) + $b2) * 64) + $b3; + $ent = sprintf ('&#%d;', $ii); + $escaped_data .= $ent; + $nn += 2; + } + //4 21 11110bbb 10bbbbbb 10bbbbbb 10bbbbbb + else if ($ii>>3 == 30) + { + $b1 = ($ii & 7); + $ii = ord($data[$nn+1]); + $b2 = ($ii & 63); + $ii = ord($data[$nn+2]); + $b3 = ($ii & 63); + $ii = ord($data[$nn+3]); + $b4 = ($ii & 63); + $ii = ((((($b1 * 64) + $b2) * 64) + $b3) * 64) + $b4; + $ent = sprintf ('&#%d;', $ii); + $escaped_data .= $ent; + $nn += 3; + } + } + break; + /* + case 'CP1252_': + case 'CP1252_US-ASCII': + $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); + $escaped_data = str_replace($this->xml_iso88591_Entities']['in'], $this->xml_iso88591_Entities['out'], $escaped_data); + $escaped_data = str_replace($this->xml_cp1252_Entities['in'], $this->xml_cp1252_Entities['out'], $escaped_data); + break; + case 'CP1252_UTF-8': + $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); + /// @todo we could use real UTF8 chars here instead of xml entities... (note that utf_8 encode all allone will NOT convert them) + $escaped_data = str_replace($this->xml_cp1252_Entities['in'], $this->xml_cp1252_Entities['out'], $escaped_data); + $escaped_data = utf8_encode($escaped_data); + break; + case 'CP1252_ISO-8859-1': + $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); + // we might as well replace all funky chars with a '?' here, but we are kind and leave it to the receiving application layer to decide what to do with these weird entities... + $escaped_data = str_replace($this->xml_cp1252_Entities['in'], $this->xml_cp1252_Entities['out'], $escaped_data); + break; + */ + default: + $escaped_data = ''; + error_log("Converting from $src_encoding to $dest_encoding: not supported..."); + } + return $escaped_data; + } + + /** + * Checks if a given charset encoding is present in a list of encodings or + * if it is a valid subset of any encoding in the list + * @param string $encoding charset to be tested + * @param string|array $validList comma separated list of valid charsets (or array of charsets) + * @return bool + */ + public function is_valid_charset($encoding, $validList) + { + + if (is_string($validList)) + $validList = explode(',', $validList); + if (@in_array(strtoupper($encoding), $validList)) + return true; + else + { + if (array_key_exists($encoding, $this->charset_supersets)) + foreach ($validList as $allowed) + if (in_array($allowed, $this->charset_supersets[$encoding])) + return true; + return false; + } + } + +} \ No newline at end of file diff --git a/src/Helper/Date.php b/src/Helper/Date.php new file mode 100644 index 00000000..9501a9b9 --- /dev/null +++ b/src/Helper/Date.php @@ -0,0 +1,68 @@ + 0) + { + $chunkend = strpos($buffer, "\r\n", $chunkstart + $chunk_size); + + // just in case we got a broken connection + if($chunkend == false) + { + $chunk = substr($buffer,$chunkstart); + // append chunk-data to entity-body + $new .= $chunk; + $length += strlen($chunk); + break; + } + + // read chunk-data and crlf + $chunk = substr($buffer,$chunkstart,$chunkend-$chunkstart); + // append chunk-data to entity-body + $new .= $chunk; + // length := length + chunk-size + $length += strlen($chunk); + // read chunk-size and crlf + $chunkstart = $chunkend + 2; + + $chunkend = strpos($buffer,"\r\n",$chunkstart)+2; + if($chunkend == false) + { + break; //just in case we got a broken connection + } + $temp = substr($buffer,$chunkstart,$chunkend-$chunkstart); + $chunk_size = hexdec( trim($temp) ); + $chunkstart = $chunkend; + } + return $new; + } + +} \ No newline at end of file diff --git a/src/Helper/XMLParser.php b/src/Helper/XMLParser.php new file mode 100644 index 00000000..6803ebf4 --- /dev/null +++ b/src/Helper/XMLParser.php @@ -0,0 +1,488 @@ + '', + 'stack' => array(), + 'valuestack' => array(), + 'isf' => 0, + 'isf_reason' => '', + 'method' => false, // so we can check later if we got a methodname or not + 'params' => array(), + 'pt' => array(), + 'rt' => '' + ); + + public $xmlrpc_valid_parents = array( + 'VALUE' => array('MEMBER', 'DATA', 'PARAM', 'FAULT'), + 'BOOLEAN' => array('VALUE'), + 'I4' => array('VALUE'), + 'INT' => array('VALUE'), + 'STRING' => array('VALUE'), + 'DOUBLE' => array('VALUE'), + 'DATETIME.ISO8601' => array('VALUE'), + 'BASE64' => array('VALUE'), + 'MEMBER' => array('STRUCT'), + 'NAME' => array('MEMBER'), + 'DATA' => array('ARRAY'), + 'ARRAY' => array('VALUE'), + 'STRUCT' => array('VALUE'), + 'PARAM' => array('PARAMS'), + 'METHODNAME' => array('METHODCALL'), + 'PARAMS' => array('METHODCALL', 'METHODRESPONSE'), + 'FAULT' => array('METHODRESPONSE'), + 'NIL' => array('VALUE'), // only used when extension activated + 'EX:NIL' => array('VALUE') // only used when extension activated + ); + + /** + * xml parser handler function for opening element tags + */ + function xmlrpc_se($parser, $name, $attrs, $accept_single_vals=false) + { + // if invalid xmlrpc already detected, skip all processing + if ($this->_xh['isf'] < 2) + { + // check for correct element nesting + // top level element can only be of 2 types + /// @todo optimization creep: save this check into a bool variable, instead of using count() every time: + /// there is only a single top level element in xml anyway + if (count($this->_xh['stack']) == 0) + { + if ($name != 'METHODRESPONSE' && $name != 'METHODCALL' && ( + $name != 'VALUE' && !$accept_single_vals)) + { + $this->_xh['isf'] = 2; + $this->_xh['isf_reason'] = 'missing top level xmlrpc element'; + return; + } + else + { + $this->_xh['rt'] = strtolower($name); + } + } + else + { + // not top level element: see if parent is OK + $parent = end($this->_xh['stack']); + if (!array_key_exists($name, $this->xmlrpc_valid_parents) || !in_array($parent, $this->xmlrpc_valid_parents[$name])) + { + $this->_xh['isf'] = 2; + $this->_xh['isf_reason'] = "xmlrpc element $name cannot be child of $parent"; + return; + } + } + + switch($name) + { + // optimize for speed switch cases: most common cases first + case 'VALUE': + /// @todo we could check for 2 VALUE elements inside a MEMBER or PARAM element + $this->_xh['vt']='value'; // indicator: no value found yet + $this->_xh['ac']=''; + $this->_xh['lv']=1; + $this->_xh['php_class']=null; + break; + case 'I4': + case 'INT': + case 'STRING': + case 'BOOLEAN': + case 'DOUBLE': + case 'DATETIME.ISO8601': + case 'BASE64': + if ($this->_xh['vt']!='value') + { + //two data elements inside a value: an error occurred! + $this->_xh['isf'] = 2; + $this->_xh['isf_reason'] = "$name element following a {$this->_xh['vt']} element inside a single value"; + return; + } + $this->_xh['ac']=''; // reset the accumulator + break; + case 'STRUCT': + case 'ARRAY': + if ($this->_xh['vt']!='value') + { + //two data elements inside a value: an error occurred! + $this->_xh['isf'] = 2; + $this->_xh['isf_reason'] = "$name element following a {$this->_xh['vt']} element inside a single value"; + return; + } + // create an empty array to hold child values, and push it onto appropriate stack + $cur_val = array(); + $cur_val['values'] = array(); + $cur_val['type'] = $name; + // check for out-of-band information to rebuild php objs + // and in case it is found, save it + if (@isset($attrs['PHP_CLASS'])) + { + $cur_val['php_class'] = $attrs['PHP_CLASS']; + } + $this->_xh['valuestack'][] = $cur_val; + $this->_xh['vt']='data'; // be prepared for a data element next + break; + case 'DATA': + if ($this->_xh['vt']!='data') + { + //two data elements inside a value: an error occurred! + $this->_xh['isf'] = 2; + $this->_xh['isf_reason'] = "found two data elements inside an array element"; + return; + } + case 'METHODCALL': + case 'METHODRESPONSE': + case 'PARAMS': + // valid elements that add little to processing + break; + case 'METHODNAME': + case 'NAME': + /// @todo we could check for 2 NAME elements inside a MEMBER element + $this->_xh['ac']=''; + break; + case 'FAULT': + $this->_xh['isf']=1; + break; + case 'MEMBER': + $this->_xh['valuestack'][count($this->_xh['valuestack'])-1]['name']=''; // set member name to null, in case we do not find in the xml later on + //$this->_xh['ac']=''; + // Drop trough intentionally + case 'PARAM': + // clear value type, so we can check later if no value has been passed for this param/member + $this->_xh['vt']=null; + break; + case 'NIL': + case 'EX:NIL': + if (PhpXmlRpc::$xmlrpc_null_extension) + { + if ($this->_xh['vt']!='value') + { + //two data elements inside a value: an error occurred! + $this->_xh['isf'] = 2; + $this->_xh['isf_reason'] = "$name element following a {$this->_xh['vt']} element inside a single value"; + return; + } + $this->_xh['ac']=''; // reset the accumulator + break; + } + // we do not support the extension, so + // drop through intentionally + default: + /// INVALID ELEMENT: RAISE ISF so that it is later recognized!!! + $this->_xh['isf'] = 2; + $this->_xh['isf_reason'] = "found not-xmlrpc xml element $name"; + break; + } + + // Save current element name to stack, to validate nesting + $this->_xh['stack'][] = $name; + + /// @todo optimization creep: move this inside the big switch() above + if($name!='VALUE') + { + $this->_xh['lv']=0; + } + } + } + + /** + * Used in decoding xml chunks that might represent single xmlrpc values + */ + function xmlrpc_se_any($parser, $name, $attrs) + { + $this->xmlrpc_se($parser, $name, $attrs, true); + } + + /** + * xml parser handler function for close element tags + */ + function xmlrpc_ee($parser, $name, $rebuild_xmlrpcvals = true) + { + if ($this->_xh['isf'] < 2) + { + // push this element name from stack + // NB: if XML validates, correct opening/closing is guaranteed and + // we do not have to check for $name == $curr_elem. + // we also checked for proper nesting at start of elements... + $curr_elem = array_pop($this->_xh['stack']); + + switch($name) + { + case 'VALUE': + // This if() detects if no scalar was inside + if ($this->_xh['vt']=='value') + { + $this->_xh['value']=$this->_xh['ac']; + $this->_xh['vt']=Value::$xmlrpcString; + } + + if ($rebuild_xmlrpcvals) + { + // build the xmlrpc val out of the data received, and substitute it + $temp = new Value($this->_xh['value'], $this->_xh['vt']); + // in case we got info about underlying php class, save it + // in the object we're rebuilding + if (isset($this->_xh['php_class'])) + $temp->_php_class = $this->_xh['php_class']; + // check if we are inside an array or struct: + // if value just built is inside an array, let's move it into array on the stack + $vscount = count($this->_xh['valuestack']); + if ($vscount && $this->_xh['valuestack'][$vscount-1]['type']=='ARRAY') + { + $this->_xh['valuestack'][$vscount-1]['values'][] = $temp; + } + else + { + $this->_xh['value'] = $temp; + } + } + else + { + /// @todo this needs to treat correctly php-serialized objects, + /// since std deserializing is done by php_xmlrpc_decode, + /// which we will not be calling... + if (isset($this->_xh['php_class'])) + { + } + + // check if we are inside an array or struct: + // if value just built is inside an array, let's move it into array on the stack + $vscount = count($this->_xh['valuestack']); + if ($vscount && $this->_xh['valuestack'][$vscount-1]['type']=='ARRAY') + { + $this->_xh['valuestack'][$vscount-1]['values'][] = $this->_xh['value']; + } + } + break; + case 'BOOLEAN': + case 'I4': + case 'INT': + case 'STRING': + case 'DOUBLE': + case 'DATETIME.ISO8601': + case 'BASE64': + $this->_xh['vt']=strtolower($name); + /// @todo: optimization creep - remove the if/elseif cycle below + /// since the case() in which we are already did that + if ($name=='STRING') + { + $this->_xh['value']=$this->_xh['ac']; + } + elseif ($name=='DATETIME.ISO8601') + { + if (!preg_match('/^[0-9]{8}T[0-9]{2}:[0-9]{2}:[0-9]{2}$/', $this->_xh['ac'])) + { + error_log('XML-RPC: invalid value received in DATETIME: '.$this->_xh['ac']); + } + $this->_xh['vt']=Value::$xmlrpcDateTime; + $this->_xh['value']=$this->_xh['ac']; + } + elseif ($name=='BASE64') + { + /// @todo check for failure of base64 decoding / catch warnings + $this->_xh['value']=base64_decode($this->_xh['ac']); + } + elseif ($name=='BOOLEAN') + { + // special case here: we translate boolean 1 or 0 into PHP + // constants true or false. + // Strings 'true' and 'false' are accepted, even though the + // spec never mentions them (see eg. Blogger api docs) + // NB: this simple checks helps a lot sanitizing input, ie no + // security problems around here + if ($this->_xh['ac']=='1' || strcasecmp($this->_xh['ac'], 'true') == 0) + { + $this->_xh['value']=true; + } + else + { + // log if receiving something strange, even though we set the value to false anyway + if ($this->_xh['ac']!='0' && strcasecmp($this->_xh['ac'], 'false') != 0) + error_log('XML-RPC: invalid value received in BOOLEAN: '.$this->_xh['ac']); + $this->_xh['value']=false; + } + } + elseif ($name=='DOUBLE') + { + // we have a DOUBLE + // we must check that only 0123456789-. are characters here + // NOTE: regexp could be much stricter than this... + if (!preg_match('/^[+-eE0123456789 \t.]+$/', $this->_xh['ac'])) + { + /// @todo: find a better way of throwing an error than this! + error_log('XML-RPC: non numeric value received in DOUBLE: '.$this->_xh['ac']); + $this->_xh['value']='ERROR_NON_NUMERIC_FOUND'; + } + else + { + // it's ok, add it on + $this->_xh['value']=(double)$this->_xh['ac']; + } + } + else + { + // we have an I4/INT + // we must check that only 0123456789- are characters here + if (!preg_match('/^[+-]?[0123456789 \t]+$/', $this->_xh['ac'])) + { + /// @todo find a better way of throwing an error than this! + error_log('XML-RPC: non numeric value received in INT: '.$this->_xh['ac']); + $this->_xh['value']='ERROR_NON_NUMERIC_FOUND'; + } + else + { + // it's ok, add it on + $this->_xh['value']=(int)$this->_xh['ac']; + } + } + //$this->_xh['ac']=''; // is this necessary? + $this->_xh['lv']=3; // indicate we've found a value + break; + case 'NAME': + $this->_xh['valuestack'][count($this->_xh['valuestack'])-1]['name'] = $this->_xh['ac']; + break; + case 'MEMBER': + //$this->_xh['ac']=''; // is this necessary? + // add to array in the stack the last element built, + // unless no VALUE was found + if ($this->_xh['vt']) + { + $vscount = count($this->_xh['valuestack']); + $this->_xh['valuestack'][$vscount-1]['values'][$this->_xh['valuestack'][$vscount-1]['name']] = $this->_xh['value']; + } else + error_log('XML-RPC: missing VALUE inside STRUCT in received xml'); + break; + case 'DATA': + //$this->_xh['ac']=''; // is this necessary? + $this->_xh['vt']=null; // reset this to check for 2 data elements in a row - even if they're empty + break; + case 'STRUCT': + case 'ARRAY': + // fetch out of stack array of values, and promote it to current value + $curr_val = array_pop($this->_xh['valuestack']); + $this->_xh['value'] = $curr_val['values']; + $this->_xh['vt']=strtolower($name); + if (isset($curr_val['php_class'])) + { + $this->_xh['php_class'] = $curr_val['php_class']; + } + break; + case 'PARAM': + // add to array of params the current value, + // unless no VALUE was found + if ($this->_xh['vt']) + { + $this->_xh['params'][]=$this->_xh['value']; + $this->_xh['pt'][]=$this->_xh['vt']; + } + else + error_log('XML-RPC: missing VALUE inside PARAM in received xml'); + break; + case 'METHODNAME': + $this->_xh['method']=preg_replace('/^[\n\r\t ]+/', '', $this->_xh['ac']); + break; + case 'NIL': + case 'EX:NIL': + if (PhpXmlRpc::$xmlrpc_null_extension) + { + $this->_xh['vt']='null'; + $this->_xh['value']=null; + $this->_xh['lv']=3; + break; + } + // drop through intentionally if nil extension not enabled + case 'PARAMS': + case 'FAULT': + case 'METHODCALL': + case 'METHORESPONSE': + break; + default: + // End of INVALID ELEMENT! + // shall we add an assert here for unreachable code??? + break; + } + } + } + + /** + * Used in decoding xmlrpc requests/responses without rebuilding xmlrpc Values + */ + function xmlrpc_ee_fast($parser, $name) + { + $this->xmlrpc_ee($parser, $name, false); + } + + /** + * xml parser handler function for character data + */ + function xmlrpc_cd($parser, $data) + { + // skip processing if xml fault already detected + if ($this->_xh['isf'] < 2) + { + // "lookforvalue==3" means that we've found an entire value + // and should discard any further character data + if($this->_xh['lv']!=3) + { + // G. Giunta 2006-08-23: useless change of 'lv' from 1 to 2 + //if($this->_xh['lv']==1) + //{ + // if we've found text and we're just in a then + // say we've found a value + //$this->_xh['lv']=2; + //} + // we always initialize the accumulator before starting parsing, anyway... + //if(!@isset($this->_xh['ac'])) + //{ + // $this->_xh['ac'] = ''; + //} + $this->_xh['ac'].=$data; + } + } + } + + /** + * xml parser handler function for 'other stuff', ie. not char data or + * element start/end tag. In fact it only gets called on unknown entities... + */ + function xmlrpc_dh($parser, $data) + { + // skip processing if xml fault already detected + if ($this->_xh['isf'] < 2) + { + if(substr($data, 0, 1) == '&' && substr($data, -1, 1) == ';') + { + // G. Giunta 2006-08-25: useless change of 'lv' from 1 to 2 + //if($this->_xh['lv']==1) + //{ + // $this->_xh['lv']=2; + //} + $this->_xh['ac'].=$data; + } + } + return true; + } + +} \ No newline at end of file diff --git a/src/PhpXmlRpc.php b/src/PhpXmlRpc.php new file mode 100644 index 00000000..201ba635 --- /dev/null +++ b/src/PhpXmlRpc.php @@ -0,0 +1,86 @@ +1, + 'invalid_return'=>2, + 'incorrect_params'=>3, + 'introspect_unknown'=>4, + 'http_error'=>5, + 'no_data'=>6, + 'no_ssl'=>7, + 'curl_fail'=>8, + 'invalid_request'=>15, + 'no_curl'=>16, + 'server_error'=>17, + 'multicall_error'=>18, + 'multicall_notstruct'=>9, + 'multicall_nomethod'=>10, + 'multicall_notstring'=>11, + 'multicall_recursion'=>12, + 'multicall_noparams'=>13, + 'multicall_notarray'=>14, + + 'cannot_decompress'=>103, + 'decompress_fail'=>104, + 'dechunk_fail'=>105, + 'server_cannot_decompress'=>106, + 'server_decompress_fail'=>107 + ); + + static public $xmlrpcstr = array( + 'unknown_method'=>'Unknown method', + 'invalid_return'=>'Invalid return payload: enable debugging to examine incoming payload', + 'incorrect_params'=>'Incorrect parameters passed to method', + 'introspect_unknown'=>"Can't introspect: method unknown", + 'http_error'=>"Didn't receive 200 OK from remote server.", + 'no_data'=>'No data received from server.', + 'no_ssl'=>'No SSL support compiled in.', + 'curl_fail'=>'CURL error', + 'invalid_request'=>'Invalid request payload', + 'no_curl'=>'No CURL support compiled in.', + 'server_error'=>'Internal server error', + 'multicall_error'=>'Received from server invalid multicall response', + 'multicall_notstruct'=>'system.multicall expected struct', + 'multicall_nomethod'=>'missing methodName', + 'multicall_notstring'=>'methodName is not a string', + 'multicall_recursion'=>'recursive system.multicall forbidden', + 'multicall_noparams'=>'missing params', + 'multicall_notarray'=>'params is not an array', + + 'cannot_decompress'=>'Received from server compressed HTTP and cannot decompress', + 'decompress_fail'=>'Received from server invalid compressed HTTP', + 'dechunk_fail'=>'Received from server invalid chunked HTTP', + 'server_cannot_decompress'=>'Received from client compressed HTTP request and cannot decompress', + 'server_decompress_fail'=>'Received from client invalid compressed HTTP request' + ); + + // The charset encoding used by the server for received requests and + // by the client for received responses when received charset cannot be determined + // or is not supported + public static $xmlrpc_defencoding = "UTF-8"; + + // The encoding used internally by PHP. + // String values received as xml will be converted to this, and php strings will be converted to xml + // as if having been coded with this + public static $xmlrpc_internalencoding = "ISO-8859-1"; // TODO: maybe this would be better as UTF-8, or atleast configurable? + + public static $xmlrpcName = "XML-RPC for PHP"; + public static $xmlrpcVersion = "4.0.0.beta"; + + // let user errors start at 800 + public static $xmlrpcerruser = 800; + // let XML parse errors start at 100 + public static $xmlrpcerrxml = 100; + + // set to TRUE to enable correct decoding of and values + public static $xmlrpc_null_extension = false; + + // set to TRUE to enable encoding of php NULL values to instead of + public static $xmlrpc_null_apache_encoding = false; + + public static $xmlrpc_null_apache_encoding_ns = "http://ws.apache.org/xmlrpc/namespaces/extensions"; +} diff --git a/src/Request.php b/src/Request.php new file mode 100644 index 00000000..c341407f --- /dev/null +++ b/src/Request.php @@ -0,0 +1,608 @@ +methodname = $methodName; + foreach($params as $param) + { + $this->addParam($param); + } + } + + private function xml_header($charset_encoding='') + { + if ($charset_encoding != '') + { + return "\n\n"; + } + else + { + return "\n\n"; + } + } + + private function xml_footer() + { + return ''; + } + + /** + * Kept the old name even if class was renamed, for compatibility + * @return string + */ + private function kindOf() + { + return 'msg'; + } + + public function createPayload($charset_encoding='') + { + if ($charset_encoding != '') + $this->content_type = 'text/xml; charset=' . $charset_encoding; + else + $this->content_type = 'text/xml'; + $this->payload=$this->xml_header($charset_encoding); + $this->payload.='' . $this->methodname . "\n"; + $this->payload.="\n"; + foreach($this->params as $p) + { + $this->payload.="\n" . $p->serialize($charset_encoding) . + "\n"; + } + $this->payload.="\n"; + $this->payload.=$this->xml_footer(); + } + + /** + * Gets/sets the xmlrpc method to be invoked + * @param string $meth the method to be set (leave empty not to set it) + * @return string the method that will be invoked + */ + public function method($methodName='') + { + if($methodName!='') + { + $this->methodname=$methodName; + } + return $this->methodname; + } + + /** + * Returns xml representation of the message. XML prologue included + * @param string $charset_encoding + * @return string the xml representation of the message, xml prologue included + */ + public function serialize($charset_encoding='') + { + $this->createPayload($charset_encoding); + return $this->payload; + } + + /** + * Add a parameter to the list of parameters to be used upon method invocation + * @param Value $par + * @return boolean false on failure + */ + public function addParam($param) + { + // add check: do not add to self params which are not xmlrpcvals + if(is_object($param) && is_a($param, 'PhpXmlRpc\Value')) + { + $this->params[]=$param; + return true; + } + else + { + return false; + } + } + + /** + * Returns the nth parameter in the request. The index zero-based. + * @param integer $i the index of the parameter to fetch (zero based) + * @return Value the i-th parameter + */ + public function getParam($i) { return $this->params[$i]; } + + /** + * Returns the number of parameters in the messge. + * @return integer the number of parameters currently set + */ + public function getNumParams() { return count($this->params); } + + /** + * Given an open file handle, read all data available and parse it as axmlrpc response. + * NB: the file handle is not closed by this function. + * NNB: might have trouble in rare cases to work on network streams, as we + * check for a read of 0 bytes instead of feof($fp). + * But since checking for feof(null) returns false, we would risk an + * infinite loop in that case, because we cannot trust the caller + * to give us a valid pointer to an open file... + * @param resource $fp stream pointer + * @return Response + * @todo add 2nd & 3rd param to be passed to ParseResponse() ??? + */ + public function parseResponseFile($fp) + { + $ipd=''; + while($data=fread($fp, 32768)) + { + $ipd.=$data; + } + //fclose($fp); + return $this->parseResponse($ipd); + } + + /** + * Parses HTTP headers and separates them from data. + * @return null|Response null on success, or a Response on error + */ + private function parseResponseHeaders(&$data, $headers_processed=false) + { + $this->httpResponse['headers'] = array(); + $this->httpResponse['cookies'] = array(); + + // Support "web-proxy-tunelling" connections for https through proxies + if(preg_match('/^HTTP\/1\.[0-1] 200 Connection established/', $data)) + { + // Look for CR/LF or simple LF as line separator, + // (even though it is not valid http) + $pos = strpos($data,"\r\n\r\n"); + if($pos || is_int($pos)) + { + $bd = $pos+4; + } + else + { + $pos = strpos($data,"\n\n"); + if($pos || is_int($pos)) + { + $bd = $pos+2; + } + else + { + // No separation between response headers and body: fault? + $bd = 0; + } + } + if ($bd) + { + // this filters out all http headers from proxy. + // maybe we could take them into account, too? + $data = substr($data, $bd); + } + else + { + error_log('XML-RPC: '.__METHOD__.': HTTPS via proxy error, tunnel connection possibly failed'); + $r=new Response(0, PhpXmlRpc::$xmlrpcerr['http_error'], PhpXmlRpc::$xmlrpcstr['http_error']. ' (HTTPS via proxy error, tunnel connection possibly failed)'); + return $r; + } + } + + // Strip HTTP 1.1 100 Continue header if present + while(preg_match('/^HTTP\/1\.1 1[0-9]{2} /', $data)) + { + $pos = strpos($data, 'HTTP', 12); + // server sent a Continue header without any (valid) content following... + // give the client a chance to know it + if(!$pos && !is_int($pos)) // works fine in php 3, 4 and 5 + { + break; + } + $data = substr($data, $pos); + } + if(!preg_match('/^HTTP\/[0-9.]+ 200 /', $data)) + { + $errstr= substr($data, 0, strpos($data, "\n")-1); + error_log('XML-RPC: '.__METHOD__.': HTTP error, got response: ' .$errstr); + $r=new Response(0, PhpXmlRpc::$xmlrpcerr['http_error'], PhpXmlRpc::$xmlrpcstr['http_error']. ' (' . $errstr . ')'); + return $r; + } + + // be tolerant to usage of \n instead of \r\n to separate headers and data + // (even though it is not valid http) + $pos = strpos($data,"\r\n\r\n"); + if($pos || is_int($pos)) + { + $bd = $pos+4; + } + else + { + $pos = strpos($data,"\n\n"); + if($pos || is_int($pos)) + { + $bd = $pos+2; + } + else + { + // No separation between response headers and body: fault? + // we could take some action here instead of going on... + $bd = 0; + } + } + // be tolerant to line endings, and extra empty lines + $ar = preg_split("/\r?\n/", trim(substr($data, 0, $pos))); + while(list(,$line) = @each($ar)) + { + // take care of multi-line headers and cookies + $arr = explode(':',$line,2); + if(count($arr) > 1) + { + $header_name = strtolower(trim($arr[0])); + /// @todo some other headers (the ones that allow a CSV list of values) + /// do allow many values to be passed using multiple header lines. + /// We should add content to $xmlrpc->_xh['headers'][$header_name] + /// instead of replacing it for those... + if ($header_name == 'set-cookie' || $header_name == 'set-cookie2') + { + if ($header_name == 'set-cookie2') + { + // version 2 cookies: + // there could be many cookies on one line, comma separated + $cookies = explode(',', $arr[1]); + } + else + { + $cookies = array($arr[1]); + } + foreach ($cookies as $cookie) + { + // glue together all received cookies, using a comma to separate them + // (same as php does with getallheaders()) + if (isset($this->httpResponse['headers'][$header_name])) + $this->httpResponse['headers'][$header_name] .= ', ' . trim($cookie); + else + $this->httpResponse['headers'][$header_name] = trim($cookie); + // parse cookie attributes, in case user wants to correctly honour them + // feature creep: only allow rfc-compliant cookie attributes? + // @todo support for server sending multiple time cookie with same name, but using different PATHs + $cookie = explode(';', $cookie); + foreach ($cookie as $pos => $val) + { + $val = explode('=', $val, 2); + $tag = trim($val[0]); + $val = trim(@$val[1]); + /// @todo with version 1 cookies, we should strip leading and trailing " chars + if ($pos == 0) + { + $cookiename = $tag; + $this->httpResponse['cookies'][$tag] = array(); + $this->httpResponse['cookies'][$cookiename]['value'] = urldecode($val); + } + else + { + if ($tag != 'value') + { + $this->httpResponse['cookies'][$cookiename][$tag] = $val; + } + } + } + } + } + else + { + $this->httpResponse['headers'][$header_name] = trim($arr[1]); + } + } + elseif(isset($header_name)) + { + /// @todo version1 cookies might span multiple lines, thus breaking the parsing above + $this->httpResponse['headers'][$header_name] .= ' ' . trim($line); + } + } + + $data = substr($data, $bd); + + /// @todo when in CLI mode, do not html-encode the output + if($this->debug && count($this->httpResponse['headers'])) + { + print "\n"; + foreach($this->httpResponse['headers'] as $header => $value) + { + print htmlentities("HEADER: $header: $value\n"); + } + foreach($this->httpResponse['cookies'] as $header => $value) + { + print htmlentities("COOKIE: $header={$value['value']}\n"); + } + print "\n"; + } + + // if CURL was used for the call, http headers have been processed, + // and dechunking + reinflating have been carried out + if(!$headers_processed) + { + // Decode chunked encoding sent by http 1.1 servers + if(isset($this->httpResponse['headers']['transfer-encoding']) && $this->httpResponse['headers']['transfer-encoding'] == 'chunked') + { + if(!$data = Http::decode_chunked($data)) + { + error_log('XML-RPC: '.__METHOD__.': errors occurred when trying to rebuild the chunked data received from server'); + $r = new Response(0, PhpXmlRpc::$xmlrpcerr['dechunk_fail'], PhpXmlRpc::$xmlrpcstr['dechunk_fail']); + return $r; + } + } + + // Decode gzip-compressed stuff + // code shamelessly inspired from nusoap library by Dietrich Ayala + if(isset($this->httpResponse['headers']['content-encoding'])) + { + $this->httpResponse['headers']['content-encoding'] = str_replace('x-', '', $this->httpResponse['headers']['content-encoding']); + if($this->httpResponse['headers']['content-encoding'] == 'deflate' || $this->httpResponse['headers']['content-encoding'] == 'gzip') + { + // if decoding works, use it. else assume data wasn't gzencoded + if(function_exists('gzinflate')) + { + if($this->httpResponse['headers']['content-encoding'] == 'deflate' && $degzdata = @gzuncompress($data)) + { + $data = $degzdata; + if($this->debug) + print "
---INFLATED RESPONSE---[".strlen($data)." chars]---\n" . htmlentities($data) . "\n---END---
"; + } + elseif($this->httpResponse['headers']['content-encoding'] == 'gzip' && $degzdata = @gzinflate(substr($data, 10))) + { + $data = $degzdata; + if($this->debug) + print "
---INFLATED RESPONSE---[".strlen($data)." chars]---\n" . htmlentities($data) . "\n---END---
"; + } + else + { + error_log('XML-RPC: '.__METHOD__.': errors occurred when trying to decode the deflated data received from server'); + $r = new Response(0, PhpXmlRpc::$xmlrpcerr['decompress_fail'], PhpXmlRpc::$xmlrpcstr['decompress_fail']); + return $r; + } + } + else + { + error_log('XML-RPC: '.__METHOD__.': the server sent deflated data. Your php install must have the Zlib extension compiled in to support this.'); + $r = new Response(0, PhpXmlRpc::$xmlrpcerr['cannot_decompress'], PhpXmlRpc::$xmlrpcstr['cannot_decompress']); + return $r; + } + } + } + } // end of 'if needed, de-chunk, re-inflate response' + + return null; + } + + /** + * Parse the xmlrpc response contained in the string $data and return a Response object. + * @param string $data the xmlrpc response, eventually including http headers + * @param bool $headers_processed when true prevents parsing HTTP headers for interpretation of content-encoding and consequent decoding + * @param string $return_type decides return type, i.e. content of response->value(). Either 'xmlrpcvals', 'xml' or 'phpvals' + * @return Response + */ + public function parseResponse($data='', $headers_processed=false, $return_type='xmlrpcvals') + { + if($this->debug) + { + // by maHo, replaced htmlspecialchars with htmlentities + print "
---GOT---\n" . htmlentities($data) . "\n---END---\n
"; + } + + $this->httpResponse = array(); + $this->httpResponse['raw_data'] = $data; + $this->httpResponse['headers'] = array(); + $this->httpResponse['cookies'] = array(); + + if($data == '') + { + error_log('XML-RPC: '.__METHOD__.': no response received from server.'); + $r = new Response(0, PhpXmlRpc::$xmlrpcerr['no_data'], PhpXmlRpc::$xmlrpcstr['no_data']); + return $r; + } + + // parse the HTTP headers of the response, if present, and separate them from data + if(substr($data, 0, 4) == 'HTTP') + { + $r = $this->parseResponseHeaders($data, $headers_processed); + if ($r) + { + // failed processing of HTTP response headers + // save into response obj the full payload received, for debugging + $r->raw_data = $data; + return $r; + } + } + + if($this->debug) + { + $start = strpos($data, '', $start); + $comments = substr($data, $start, $end-$start); + print "
---SERVER DEBUG INFO (DECODED) ---\n\t".htmlentities(str_replace("\n", "\n\t", base64_decode($comments)))."\n---END---\n
"; + } + } + + // be tolerant of extra whitespace in response body + $data = trim($data); + + /// @todo return an error msg if $data=='' ? + + // be tolerant of junk after methodResponse (e.g. javascript ads automatically inserted by free hosts) + // idea from Luca Mariano originally in PEARified version of the lib + $pos = strrpos($data, ''); + if($pos !== false) + { + $data = substr($data, 0, $pos+17); + } + + // if user wants back raw xml, give it to him + if ($return_type == 'xml') + { + $r = new Response($data, 0, '', 'xml'); + $r->hdrs = $this->httpResponse['headers']; + $r->_cookies = $this->httpResponse['cookies']; + $r->raw_data = $this->httpResponse['raw_data']; + return $r; + } + + // try to 'guestimate' the character encoding of the received response + $resp_encoding = guess_encoding(@$this->httpResponse['headers']['content-type'], $data); + + // if response charset encoding is not known / supported, try to use + // the default encoding and parse the xml anyway, but log a warning... + if (!in_array($resp_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) + // the following code might be better for mb_string enabled installs, but + // makes the lib about 200% slower... + //if (!is_valid_charset($resp_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) + { + error_log('XML-RPC: '.__METHOD__.': invalid charset encoding of received response: '.$resp_encoding); + $resp_encoding = PhpXmlRpc::$xmlrpc_defencoding; + } + $parser = xml_parser_create($resp_encoding); + xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true); + // G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell + // the xml parser to give us back data in the expected charset. + // What if internal encoding is not in one of the 3 allowed? + // we use the broadest one, ie. utf8 + // This allows to send data which is native in various charset, + // by extending xmlrpc_encode_entitites() and setting xmlrpc_internalencoding + if (!in_array(PhpXmlRpc::$xmlrpc_internalencoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) + { + xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, 'UTF-8'); + } + else + { + xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, PhpXmlRpc::$xmlrpc_internalencoding); + } + + $xmlRpcParser = new XMLParser(); + xml_set_object($parser, $xmlRpcParser); + + if ($return_type == 'phpvals') + { + xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee_fast'); + } + else + { + xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee'); + } + + xml_set_character_data_handler($parser, 'xmlrpc_cd'); + xml_set_default_handler($parser, 'xmlrpc_dh'); + + // first error check: xml not well formed + if(!xml_parse($parser, $data, count($data))) + { + // thanks to Peter Kocks + if((xml_get_current_line_number($parser)) == 1) + { + $errstr = 'XML error at line 1, check URL'; + } + else + { + $errstr = sprintf('XML error: %s at line %d, column %d', + xml_error_string(xml_get_error_code($parser)), + xml_get_current_line_number($parser), xml_get_current_column_number($parser)); + } + error_log($errstr); + $r=new Response(0, PhpXmlRpc::$xmlrpcerr['invalid_return'], PhpXmlRpc::$xmlrpcstr['invalid_return'].' ('.$errstr.')'); + xml_parser_free($parser); + if($this->debug) + { + print $errstr; + } + $r->hdrs = $this->httpResponse['headers']; + $r->_cookies = $this->httpResponse['cookies']; + $r->raw_data = $this->httpResponse['raw_data']; + return $r; + } + xml_parser_free($parser); + // second error check: xml well formed but not xml-rpc compliant + if ($xmlRpcParser->_xh['isf'] > 1) + { + if ($this->debug) + { + /// @todo echo something for user? + } + + $r = new Response(0, PhpXmlRpc::$xmlrpcerr['invalid_return'], + PhpXmlRpc::$xmlrpcstr['invalid_return'] . ' ' . $xmlRpcParser->_xh['isf_reason']); + } + // third error check: parsing of the response has somehow gone boink. + // NB: shall we omit this check, since we trust the parsing code? + elseif ($return_type == 'xmlrpcvals' && !is_object($xmlRpcParser->_xh['value'])) + { + // something odd has happened + // and it's time to generate a client side error + // indicating something odd went on + $r=new Response(0, PhpXmlRpc::$xmlrpcerr['invalid_return'], + PhpXmlRpc::$xmlrpcstr['invalid_return']); + } + else + { + if ($this->debug) + { + print "
---PARSED---\n";
+                // somehow htmlentities chokes on var_export, and some full html string...
+                //print htmlentitites(var_export($xmlRpcParser->_xh['value'], true));
+                print htmlspecialchars(var_export($xmlRpcParser->_xh['value'], true));
+                print "\n---END---
"; + } + + // note that using =& will raise an error if $xmlRpcParser->_xh['st'] does not generate an object. + $v =& $xmlRpcParser->_xh['value']; + + if($xmlRpcParser->_xh['isf']) + { + /// @todo we should test here if server sent an int and a string, + /// and/or coerce them into such... + if ($return_type == 'xmlrpcvals') + { + $errno_v = $v->structmem('faultCode'); + $errstr_v = $v->structmem('faultString'); + $errno = $errno_v->scalarval(); + $errstr = $errstr_v->scalarval(); + } + else + { + $errno = $v['faultCode']; + $errstr = $v['faultString']; + } + + if($errno == 0) + { + // FAULT returned, errno needs to reflect that + $errno = -1; + } + + $r = new Response(0, $errno, $errstr); + } + else + { + $r=new Response($v, 0, '', $return_type); + } + } + + $r->hdrs = $this->httpResponse['headers']; + $r->_cookies = $this->httpResponse['cookies']; + $r->raw_data = $this->httpResponse['raw_data'];; + return $r; + } +} diff --git a/lib/xmlrpcresp.php b/src/Response.php similarity index 91% rename from lib/xmlrpcresp.php rename to src/Response.php index 22c99097..5f0f6ec7 100644 --- a/lib/xmlrpcresp.php +++ b/src/Response.php @@ -1,6 +1,10 @@ val) && is_a($this->val, 'xmlrpcval')) + if (is_object($this->val) && is_a($this->val, 'PhpXmlRpc\Value')) { $this->valtyp = 'xmlrpcvals'; } else if (is_string($this->val)) { $this->valtyp = 'xml'; - } else { @@ -111,28 +114,27 @@ public function cookies() */ public function serialize($charset_encoding='') { - $xmlrpc = Phpxmlrpc::instance(); - if ($charset_encoding != '') $this->content_type = 'text/xml; charset=' . $charset_encoding; else $this->content_type = 'text/xml'; - if ($xmlrpc->xmlrpc_null_apache_encoding) + if (PhpXmlRpc::$xmlrpc_null_apache_encoding) { - $result = "xmlrpc_null_apache_encoding_ns."\">\n"; + $result = "\n"; } else { - $result = "\n"; + $result = "\n"; } if($this->errno) { // G. Giunta 2005/2/13: let non-ASCII response messages be tolerated by clients // by xml-encoding non ascii chars + $charsetEncoder = $result .= "\n" . "\nfaultCode\n" . $this->errno . "\n\n\nfaultString\n" . -xmlrpc_encode_entitites($this->errstr, $xmlrpc->xmlrpc_internalencoding, $charset_encoding) . "\n\n" . +Charset::instance()->encode_entitites($this->errstr, PhpXmlRpc::$xmlrpc_internalencoding, $charset_encoding) . "\n\n" . "\n\n"; } else diff --git a/lib/xmlrpc_server.php b/src/Server.php similarity index 62% rename from lib/xmlrpc_server.php rename to src/Server.php index 3236a85c..a3cde97e 100644 --- a/lib/xmlrpc_server.php +++ b/src/Server.php @@ -1,1238 +1,1178 @@ - - -// Copyright (c) 1999,2000,2002 Edd Dumbill. -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions -// are met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following -// disclaimer in the documentation and/or other materials provided -// with the distribution. -// -// * Neither the name of the "XML-RPC for PHP" nor the names of its -// contributors may be used to endorse or promote products derived -// from this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -// REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -// OF THE POSSIBILITY OF SUCH DAMAGE. - - -// XML RPC Server class -// requires: xmlrpc.inc - -$GLOBALS['xmlrpcs_capabilities'] = array( - // xmlrpc spec: always supported - 'xmlrpc' => new xmlrpcval(array( - 'specUrl' => new xmlrpcval('http://www.xmlrpc.com/spec', 'string'), - 'specVersion' => new xmlrpcval(1, 'int') - ), 'struct'), - // if we support system.xxx functions, we always support multicall, too... - // Note that, as of 2006/09/17, the following URL does not respond anymore - 'system.multicall' => new xmlrpcval(array( - 'specUrl' => new xmlrpcval('http://www.xmlrpc.com/discuss/msgReader$1208', 'string'), - 'specVersion' => new xmlrpcval(1, 'int') - ), 'struct'), - // introspection: version 2! we support 'mixed', too - 'introspection' => new xmlrpcval(array( - 'specUrl' => new xmlrpcval('http://phpxmlrpc.sourceforge.net/doc-2/ch10.html', 'string'), - 'specVersion' => new xmlrpcval(2, 'int') - ), 'struct') -); - -/* Functions that implement system.XXX methods of xmlrpc servers */ -$_xmlrpcs_getCapabilities_sig=array(array($GLOBALS['xmlrpcStruct'])); -$_xmlrpcs_getCapabilities_doc='This method lists all the capabilites that the XML-RPC server has: the (more or less standard) extensions to the xmlrpc spec that it adheres to'; -$_xmlrpcs_getCapabilities_sdoc=array(array('list of capabilities, described as structs with a version number and url for the spec')); -function _xmlrpcs_getCapabilities($server, $m=null) -{ - $outAr = $GLOBALS['xmlrpcs_capabilities']; - // NIL extension - if ($GLOBALS['xmlrpc_null_extension']) { - $outAr['nil'] = new xmlrpcval(array( - 'specUrl' => new xmlrpcval('http://www.ontosys.com/xml-rpc/extensions.php', 'string'), - 'specVersion' => new xmlrpcval(1, 'int') - ), 'struct'); - } - return new xmlrpcresp(new xmlrpcval($outAr, 'struct')); -} - -// listMethods: signature was either a string, or nothing. -// The useless string variant has been removed -$_xmlrpcs_listMethods_sig=array(array($GLOBALS['xmlrpcArray'])); -$_xmlrpcs_listMethods_doc='This method lists all the methods that the XML-RPC server knows how to dispatch'; -$_xmlrpcs_listMethods_sdoc=array(array('list of method names')); -function _xmlrpcs_listMethods($server, $m=null) // if called in plain php values mode, second param is missing -{ - - $outAr=array(); - foreach($server->dmap as $key => $val) - { - $outAr[]=new xmlrpcval($key, 'string'); - } - if($server->allow_system_funcs) - { - foreach($GLOBALS['_xmlrpcs_dmap'] as $key => $val) - { - $outAr[]=new xmlrpcval($key, 'string'); - } - } - return new xmlrpcresp(new xmlrpcval($outAr, 'array')); -} - -$_xmlrpcs_methodSignature_sig=array(array($GLOBALS['xmlrpcArray'], $GLOBALS['xmlrpcString'])); -$_xmlrpcs_methodSignature_doc='Returns an array of known signatures (an array of arrays) for the method name passed. If no signatures are known, returns a none-array (test for type != array to detect missing signature)'; -$_xmlrpcs_methodSignature_sdoc=array(array('list of known signatures, each sig being an array of xmlrpc type names', 'name of method to be described')); -function _xmlrpcs_methodSignature($server, $m) -{ - // let accept as parameter both an xmlrpcval or string - if (is_object($m)) - { - $methName=$m->getParam(0); - $methName=$methName->scalarval(); - } - else - { - $methName=$m; - } - if(strpos($methName, "system.") === 0) - { - $dmap=$GLOBALS['_xmlrpcs_dmap']; $sysCall=1; - } - else - { - $dmap=$server->dmap; $sysCall=0; - } - if(isset($dmap[$methName])) - { - if(isset($dmap[$methName]['signature'])) - { - $sigs=array(); - foreach($dmap[$methName]['signature'] as $inSig) - { - $cursig=array(); - foreach($inSig as $sig) - { - $cursig[]=new xmlrpcval($sig, 'string'); - } - $sigs[]=new xmlrpcval($cursig, 'array'); - } - $r=new xmlrpcresp(new xmlrpcval($sigs, 'array')); - } - else - { - // NB: according to the official docs, we should be returning a - // "none-array" here, which means not-an-array - $r=new xmlrpcresp(new xmlrpcval('undef', 'string')); - } - } - else - { - $r=new xmlrpcresp(0,$GLOBALS['xmlrpcerr']['introspect_unknown'], $GLOBALS['xmlrpcstr']['introspect_unknown']); - } - return $r; -} - -$_xmlrpcs_methodHelp_sig=array(array($GLOBALS['xmlrpcString'], $GLOBALS['xmlrpcString'])); -$_xmlrpcs_methodHelp_doc='Returns help text if defined for the method passed, otherwise returns an empty string'; -$_xmlrpcs_methodHelp_sdoc=array(array('method description', 'name of the method to be described')); -function _xmlrpcs_methodHelp($server, $m) -{ - // let accept as parameter both an xmlrpcval or string - if (is_object($m)) - { - $methName=$m->getParam(0); - $methName=$methName->scalarval(); - } - else - { - $methName=$m; - } - if(strpos($methName, "system.") === 0) - { - $dmap=$GLOBALS['_xmlrpcs_dmap']; $sysCall=1; - } - else - { - $dmap=$server->dmap; $sysCall=0; - } - if(isset($dmap[$methName])) - { - if(isset($dmap[$methName]['docstring'])) - { - $r=new xmlrpcresp(new xmlrpcval($dmap[$methName]['docstring']), 'string'); - } - else - { - $r=new xmlrpcresp(new xmlrpcval('', 'string')); - } - } - else - { - $r=new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['introspect_unknown'], $GLOBALS['xmlrpcstr']['introspect_unknown']); - } - return $r; -} - -$_xmlrpcs_multicall_sig = array(array($GLOBALS['xmlrpcArray'], $GLOBALS['xmlrpcArray'])); -$_xmlrpcs_multicall_doc = 'Boxcar multiple RPC calls in one request. See http://www.xmlrpc.com/discuss/msgReader$1208 for details'; -$_xmlrpcs_multicall_sdoc = array(array('list of response structs, where each struct has the usual members', 'list of calls, with each call being represented as a struct, with members "methodname" and "params"')); -function _xmlrpcs_multicall_error($err) -{ - if(is_string($err)) - { - $str = $GLOBALS['xmlrpcstr']["multicall_${err}"]; - $code = $GLOBALS['xmlrpcerr']["multicall_${err}"]; - } - else - { - $code = $err->faultCode(); - $str = $err->faultString(); - } - $struct = array(); - $struct['faultCode'] = new xmlrpcval($code, 'int'); - $struct['faultString'] = new xmlrpcval($str, 'string'); - return new xmlrpcval($struct, 'struct'); -} - -function _xmlrpcs_multicall_do_call($server, $call) -{ - if($call->kindOf() != 'struct') - { - return _xmlrpcs_multicall_error('notstruct'); - } - $methName = @$call->structmem('methodName'); - if(!$methName) - { - return _xmlrpcs_multicall_error('nomethod'); - } - if($methName->kindOf() != 'scalar' || $methName->scalartyp() != 'string') - { - return _xmlrpcs_multicall_error('notstring'); - } - if($methName->scalarval() == 'system.multicall') - { - return _xmlrpcs_multicall_error('recursion'); - } - - $params = @$call->structmem('params'); - if(!$params) - { - return _xmlrpcs_multicall_error('noparams'); - } - if($params->kindOf() != 'array') - { - return _xmlrpcs_multicall_error('notarray'); - } - $numParams = $params->arraysize(); - - $msg = new xmlrpcmsg($methName->scalarval()); - for($i = 0; $i < $numParams; $i++) - { - if(!$msg->addParam($params->arraymem($i))) - { - $i++; - return _xmlrpcs_multicall_error(new xmlrpcresp(0, - $GLOBALS['xmlrpcerr']['incorrect_params'], - $GLOBALS['xmlrpcstr']['incorrect_params'] . ": probable xml error in param " . $i)); - } - } - - $result = $server->execute($msg); - - if($result->faultCode() != 0) - { - return _xmlrpcs_multicall_error($result); // Method returned fault. - } - - return new xmlrpcval(array($result->value()), 'array'); -} - -function _xmlrpcs_multicall_do_call_phpvals($server, $call) -{ - if(!is_array($call)) - { - return _xmlrpcs_multicall_error('notstruct'); - } - if(!array_key_exists('methodName', $call)) - { - return _xmlrpcs_multicall_error('nomethod'); - } - if (!is_string($call['methodName'])) - { - return _xmlrpcs_multicall_error('notstring'); - } - if($call['methodName'] == 'system.multicall') - { - return _xmlrpcs_multicall_error('recursion'); - } - if(!array_key_exists('params', $call)) - { - return _xmlrpcs_multicall_error('noparams'); - } - if(!is_array($call['params'])) - { - return _xmlrpcs_multicall_error('notarray'); - } - - // this is a real dirty and simplistic hack, since we might have received a - // base64 or datetime values, but they will be listed as strings here... - $numParams = count($call['params']); - $pt = array(); - foreach($call['params'] as $val) - $pt[] = php_2_xmlrpc_type(gettype($val)); - - $result = $server->execute($call['methodName'], $call['params'], $pt); - - if($result->faultCode() != 0) - { - return _xmlrpcs_multicall_error($result); // Method returned fault. - } - - return new xmlrpcval(array($result->value()), 'array'); -} - -function _xmlrpcs_multicall($server, $m) -{ - $result = array(); - // let accept a plain list of php parameters, beside a single xmlrpc msg object - if (is_object($m)) - { - $calls = $m->getParam(0); - $numCalls = $calls->arraysize(); - for($i = 0; $i < $numCalls; $i++) - { - $call = $calls->arraymem($i); - $result[$i] = _xmlrpcs_multicall_do_call($server, $call); - } - } - else - { - $numCalls=count($m); - for($i = 0; $i < $numCalls; $i++) - { - $result[$i] = _xmlrpcs_multicall_do_call_phpvals($server, $m[$i]); - } - } - - return new xmlrpcresp(new xmlrpcval($result, 'array')); -} - -$GLOBALS['_xmlrpcs_dmap']=array( - 'system.listMethods' => array( - 'function' => '_xmlrpcs_listMethods', - 'signature' => $_xmlrpcs_listMethods_sig, - 'docstring' => $_xmlrpcs_listMethods_doc, - 'signature_docs' => $_xmlrpcs_listMethods_sdoc), - 'system.methodHelp' => array( - 'function' => '_xmlrpcs_methodHelp', - 'signature' => $_xmlrpcs_methodHelp_sig, - 'docstring' => $_xmlrpcs_methodHelp_doc, - 'signature_docs' => $_xmlrpcs_methodHelp_sdoc), - 'system.methodSignature' => array( - 'function' => '_xmlrpcs_methodSignature', - 'signature' => $_xmlrpcs_methodSignature_sig, - 'docstring' => $_xmlrpcs_methodSignature_doc, - 'signature_docs' => $_xmlrpcs_methodSignature_sdoc), - 'system.multicall' => array( - 'function' => '_xmlrpcs_multicall', - 'signature' => $_xmlrpcs_multicall_sig, - 'docstring' => $_xmlrpcs_multicall_doc, - 'signature_docs' => $_xmlrpcs_multicall_sdoc), - 'system.getCapabilities' => array( - 'function' => '_xmlrpcs_getCapabilities', - 'signature' => $_xmlrpcs_getCapabilities_sig, - 'docstring' => $_xmlrpcs_getCapabilities_doc, - 'signature_docs' => $_xmlrpcs_getCapabilities_sdoc) -); - -$GLOBALS['_xmlrpcs_occurred_errors'] = ''; -$GLOBALS['_xmlrpcs_prev_ehandler'] = ''; - -/** -* Error handler used to track errors that occur during server-side execution of PHP code. -* This allows to report back to the client whether an internal error has occurred or not -* using an xmlrpc response object, instead of letting the client deal with the html junk -* that a PHP execution error on the server generally entails. -* -* NB: in fact a user defined error handler can only handle WARNING, NOTICE and USER_* errors. -* -*/ -function _xmlrpcs_errorHandler($errcode, $errstring, $filename=null, $lineno=null, $context=null) -{ - // obey the @ protocol - if (error_reporting() == 0) - return; - - //if($errcode != E_NOTICE && $errcode != E_WARNING && $errcode != E_USER_NOTICE && $errcode != E_USER_WARNING) - if($errcode != E_STRICT) - { - $GLOBALS['_xmlrpcs_occurred_errors'] = $GLOBALS['_xmlrpcs_occurred_errors'] . $errstring . "\n"; - } - // Try to avoid as much as possible disruption to the previous error handling - // mechanism in place - if($GLOBALS['_xmlrpcs_prev_ehandler'] == '') - { - // The previous error handler was the default: all we should do is log error - // to the default error log (if level high enough) - if(ini_get('log_errors') && (intval(ini_get('error_reporting')) & $errcode)) - { - error_log($errstring); - } - } - else - { - // Pass control on to previous error handler, trying to avoid loops... - if($GLOBALS['_xmlrpcs_prev_ehandler'] != '_xmlrpcs_errorHandler') - { - // NB: this code will NOT work on php < 4.0.2: only 2 params were used for error handlers - if(is_array($GLOBALS['_xmlrpcs_prev_ehandler'])) - { - // the following works both with static class methods and plain object methods as error handler - call_user_func_array($GLOBALS['_xmlrpcs_prev_ehandler'], array($errcode, $errstring, $filename, $lineno, $context)); - } - else - { - $GLOBALS['_xmlrpcs_prev_ehandler']($errcode, $errstring, $filename, $lineno, $context); - } - } - } -} - -$GLOBALS['_xmlrpc_debuginfo']=''; - -/** -* Add a string to the debug info that can be later seralized by the server -* as part of the response message. -* Note that for best compatibility, the debug string should be encoded using -* the $GLOBALS['xmlrpc_internalencoding'] character set. -* @param string $m -* @access public -*/ -function xmlrpc_debugmsg($m) -{ - $GLOBALS['_xmlrpc_debuginfo'] .= $m . "\n"; -} - -class xmlrpc_server -{ - /** - * Array defining php functions exposed as xmlrpc methods by this server - * @access private - */ - var $dmap=array(); - /** - * Defines how functions in dmap will be invoked: either using an xmlrpc msg object - * or plain php values. - * valid strings are 'xmlrpcvals', 'phpvals' or 'epivals' - */ - var $functions_parameters_type='xmlrpcvals'; - /** - * Option used for fine-tuning the encoding the php values returned from - * functions registered in the dispatch map when the functions_parameters_types - * member is set to 'phpvals' - * @see php_xmlrpc_encode for a list of values - */ - var $phpvals_encoding_options = array( 'auto_dates' ); - /// controls whether the server is going to echo debugging messages back to the client as comments in response body. valid values: 0,1,2,3 - var $debug = 1; - /** - * Controls behaviour of server when invoked user function throws an exception: - * 0 = catch it and return an 'internal error' xmlrpc response (default) - * 1 = catch it and return an xmlrpc response with the error corresponding to the exception - * 2 = allow the exception to float to the upper layers - */ - var $exception_handling = 0; - /** - * When set to true, it will enable HTTP compression of the response, in case - * the client has declared its support for compression in the request. - */ - var $compress_response = false; - /** - * List of http compression methods accepted by the server for requests. - * NB: PHP supports deflate, gzip compressions out of the box if compiled w. zlib - */ - var $accepted_compression = array(); - /// shall we serve calls to system.* methods? - var $allow_system_funcs = true; - /// list of charset encodings natively accepted for requests - var $accepted_charset_encodings = array(); - /** - * charset encoding to be used for response. - * NB: if we can, we will convert the generated response from internal_encoding to the intended one. - * can be: a supported xml encoding (only UTF-8 and ISO-8859-1 at present, unless mbstring is enabled), - * null (leave unspecified in response, convert output stream to US_ASCII), - * 'default' (use xmlrpc library default as specified in xmlrpc.inc, convert output stream if needed), - * or 'auto' (use client-specified charset encoding or same as request if request headers do not specify it (unless request is US-ASCII: then use library default anyway). - * NB: pretty dangerous if you accept every charset and do not have mbstring enabled) - */ - var $response_charset_encoding = ''; - /** - * Storage for internal debug info - * @access private - */ - var $debug_info = ''; - /** - * Extra data passed at runtime to method handling functions. Used only by EPI layer - */ - var $user_data = null; - - /** - * @param array $dispmap the dispatch map with definition of exposed services - * @param boolean $servicenow set to false to prevent the server from running upon construction - */ - function xmlrpc_server($dispMap=null, $serviceNow=true) - { - // if ZLIB is enabled, let the server by default accept compressed requests, - // and compress responses sent to clients that support them - if(function_exists('gzinflate')) - { - $this->accepted_compression = array('gzip', 'deflate'); - $this->compress_response = true; - } - - // by default the xml parser can support these 3 charset encodings - $this->accepted_charset_encodings = array('UTF-8', 'ISO-8859-1', 'US-ASCII'); - - // dispMap is a dispatch array of methods - // mapped to function names and signatures - // if a method - // doesn't appear in the map then an unknown - // method error is generated - /* milosch - changed to make passing dispMap optional. - * instead, you can use the class add_to_map() function - * to add functions manually (borrowed from SOAPX4) - */ - if($dispMap) - { - $this->dmap = $dispMap; - if($serviceNow) - { - $this->service(); - } - } - } - - /** - * Set debug level of server. - * @param integer $in debug lvl: determines info added to xmlrpc responses (as xml comments) - * 0 = no debug info, - * 1 = msgs set from user with debugmsg(), - * 2 = add complete xmlrpc request (headers and body), - * 3 = add also all processing warnings happened during method processing - * (NB: this involves setting a custom error handler, and might interfere - * with the standard processing of the php function exposed as method. In - * particular, triggering an USER_ERROR level error will not halt script - * execution anymore, but just end up logged in the xmlrpc response) - * Note that info added at level 2 and 3 will be base64 encoded - * @access public - */ - function setDebug($in) - { - $this->debug=$in; - } - - /** - * Return a string with the serialized representation of all debug info - * @param string $charset_encoding the target charset encoding for the serialization - * @return string an XML comment (or two) - */ - function serializeDebug($charset_encoding='') - { - // Tough encoding problem: which internal charset should we assume for debug info? - // It might contain a copy of raw data received from client, ie with unknown encoding, - // intermixed with php generated data and user generated data... - // so we split it: system debug is base 64 encoded, - // user debug info should be encoded by the end user using the INTERNAL_ENCODING - $out = ''; - if ($this->debug_info != '') - { - $out .= "\n"; - } - if($GLOBALS['_xmlrpc_debuginfo']!='') - { - - $out .= "\n"; - // NB: a better solution MIGHT be to use CDATA, but we need to insert it - // into return payload AFTER the beginning tag - //$out .= "', ']_]_>', $GLOBALS['_xmlrpc_debuginfo']) . "\n]]>\n"; - } - return $out; - } - - /** - * Execute the xmlrpc request, printing the response - * @param string $data the request body. If null, the http POST request will be examined - * @return xmlrpcresp the response object (usually not used by caller...) - * @access public - */ - function service($data=null, $return_payload=false) - { - if ($data === null) - { - // workaround for a known bug in php ver. 5.2.2 that broke $HTTP_RAW_POST_DATA - $data = file_get_contents('php://input'); - } - $raw_data = $data; - - // reset internal debug info - $this->debug_info = ''; - - // Echo back what we received, before parsing it - if($this->debug > 1) - { - $this->debugmsg("+++GOT+++\n" . $data . "\n+++END+++"); - } - - $r = $this->parseRequestHeaders($data, $req_charset, $resp_charset, $resp_encoding); - if (!$r) - { - $r=$this->parseRequest($data, $req_charset); - } - - // save full body of request into response, for more debugging usages - $r->raw_data = $raw_data; - - if($this->debug > 2 && $GLOBALS['_xmlrpcs_occurred_errors']) - { - $this->debugmsg("+++PROCESSING ERRORS AND WARNINGS+++\n" . - $GLOBALS['_xmlrpcs_occurred_errors'] . "+++END+++"); - } - - $payload=$this->xml_header($resp_charset); - if($this->debug > 0) - { - $payload = $payload . $this->serializeDebug($resp_charset); - } - - // G. Giunta 2006-01-27: do not create response serialization if it has - // already happened. Helps building json magic - if (empty($r->payload)) - { - $r->serialize($resp_charset); - } - $payload = $payload . $r->payload; - - if ($return_payload) - { - return $payload; - } - - // if we get a warning/error that has output some text before here, then we cannot - // add a new header. We cannot say we are sending xml, either... - if(!headers_sent()) - { - header('Content-Type: '.$r->content_type); - // we do not know if client actually told us an accepted charset, but if he did - // we have to tell him what we did - header("Vary: Accept-Charset"); - - // http compression of output: only - // if we can do it, and we want to do it, and client asked us to, - // and php ini settings do not force it already - $php_no_self_compress = !ini_get('zlib.output_compression') && (ini_get('output_handler') != 'ob_gzhandler'); - if($this->compress_response && function_exists('gzencode') && $resp_encoding != '' - && $php_no_self_compress) - { - if(strpos($resp_encoding, 'gzip') !== false) - { - $payload = gzencode($payload); - header("Content-Encoding: gzip"); - header("Vary: Accept-Encoding"); - } - elseif (strpos($resp_encoding, 'deflate') !== false) - { - $payload = gzcompress($payload); - header("Content-Encoding: deflate"); - header("Vary: Accept-Encoding"); - } - } - - // do not ouput content-length header if php is compressing output for us: - // it will mess up measurements - if($php_no_self_compress) - { - header('Content-Length: ' . (int)strlen($payload)); - } - } - else - { - error_log('XML-RPC: '.__METHOD__.': http headers already sent before response is fully generated. Check for php warning or error messages'); - } - - print $payload; - - // return request, in case subclasses want it - return $r; - } - - /** - * Add a method to the dispatch map - * @param string $methodname the name with which the method will be made available - * @param string $function the php function that will get invoked - * @param array $sig the array of valid method signatures - * @param string $doc method documentation - * @param array $sigdoc the array of valid method signatures docs (one string per param, one for return type) - * @access public - */ - function add_to_map($methodname,$function,$sig=null,$doc=false,$sigdoc=false) - { - $this->dmap[$methodname] = array( - 'function' => $function, - 'docstring' => $doc - ); - if ($sig) - { - $this->dmap[$methodname]['signature'] = $sig; - } - if ($sigdoc) - { - $this->dmap[$methodname]['signature_docs'] = $sigdoc; - } - } - - /** - * Verify type and number of parameters received against a list of known signatures - * @param array $in array of either xmlrpcval objects or xmlrpc type definitions - * @param array $sig array of known signatures to match against - * @return array - * @access private - */ - function verifySignature($in, $sig) - { - // check each possible signature in turn - if (is_object($in)) - { - $numParams = $in->getNumParams(); - } - else - { - $numParams = count($in); - } - foreach($sig as $cursig) - { - if(count($cursig)==$numParams+1) - { - $itsOK=1; - for($n=0; $n<$numParams; $n++) - { - if (is_object($in)) - { - $p=$in->getParam($n); - if($p->kindOf() == 'scalar') - { - $pt=$p->scalartyp(); - } - else - { - $pt=$p->kindOf(); - } - } - else - { - $pt= $in[$n] == 'i4' ? 'int' : strtolower($in[$n]); // dispatch maps never use i4... - } - - // param index is $n+1, as first member of sig is return type - if($pt != $cursig[$n+1] && $cursig[$n+1] != $GLOBALS['xmlrpcValue']) - { - $itsOK=0; - $pno=$n+1; - $wanted=$cursig[$n+1]; - $got=$pt; - break; - } - } - if($itsOK) - { - return array(1,''); - } - } - } - if(isset($wanted)) - { - return array(0, "Wanted ${wanted}, got ${got} at param ${pno}"); - } - else - { - return array(0, "No method signature matches number of parameters"); - } - } - - /** - * Parse http headers received along with xmlrpc request. If needed, inflate request - * @return mixed null on success or an xmlrpcresp - * @access private - */ - function parseRequestHeaders(&$data, &$req_encoding, &$resp_encoding, &$resp_compression) - { - // check if $_SERVER is populated: it might have been disabled via ini file - // (this is true even when in CLI mode) - if (count($_SERVER) == 0) - { - error_log('XML-RPC: '.__METHOD__.': cannot parse request headers as $_SERVER is not populated'); - } - - if($this->debug > 1) - { - if(function_exists('getallheaders')) - { - $this->debugmsg(''); // empty line - foreach(getallheaders() as $name => $val) - { - $this->debugmsg("HEADER: $name: $val"); - } - } - - } - - if(isset($_SERVER['HTTP_CONTENT_ENCODING'])) - { - $content_encoding = str_replace('x-', '', $_SERVER['HTTP_CONTENT_ENCODING']); - } - else - { - $content_encoding = ''; - } - - // check if request body has been compressed and decompress it - if($content_encoding != '' && strlen($data)) - { - if($content_encoding == 'deflate' || $content_encoding == 'gzip') - { - // if decoding works, use it. else assume data wasn't gzencoded - if(function_exists('gzinflate') && in_array($content_encoding, $this->accepted_compression)) - { - if($content_encoding == 'deflate' && $degzdata = @gzuncompress($data)) - { - $data = $degzdata; - if($this->debug > 1) - { - $this->debugmsg("\n+++INFLATED REQUEST+++[".strlen($data)." chars]+++\n" . $data . "\n+++END+++"); - } - } - elseif($content_encoding == 'gzip' && $degzdata = @gzinflate(substr($data, 10))) - { - $data = $degzdata; - if($this->debug > 1) - $this->debugmsg("+++INFLATED REQUEST+++[".strlen($data)." chars]+++\n" . $data . "\n+++END+++"); - } - else - { - $r = new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['server_decompress_fail'], $GLOBALS['xmlrpcstr']['server_decompress_fail']); - return $r; - } - } - else - { - //error_log('The server sent deflated data. Your php install must have the Zlib extension compiled in to support this.'); - $r = new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['server_cannot_decompress'], $GLOBALS['xmlrpcstr']['server_cannot_decompress']); - return $r; - } - } - } - - // check if client specified accepted charsets, and if we know how to fulfill - // the request - if ($this->response_charset_encoding == 'auto') - { - $resp_encoding = ''; - if (isset($_SERVER['HTTP_ACCEPT_CHARSET'])) - { - // here we should check if we can match the client-requested encoding - // with the encodings we know we can generate. - /// @todo we should parse q=0.x preferences instead of getting first charset specified... - $client_accepted_charsets = explode(',', strtoupper($_SERVER['HTTP_ACCEPT_CHARSET'])); - // Give preference to internal encoding - $known_charsets = array($GLOBALS['xmlrpc_internalencoding'], 'UTF-8', 'ISO-8859-1', 'US-ASCII'); - foreach ($known_charsets as $charset) - { - foreach ($client_accepted_charsets as $accepted) - if (strpos($accepted, $charset) === 0) - { - $resp_encoding = $charset; - break; - } - if ($resp_encoding) - break; - } - } - } - else - { - $resp_encoding = $this->response_charset_encoding; - } - - if (isset($_SERVER['HTTP_ACCEPT_ENCODING'])) - { - $resp_compression = $_SERVER['HTTP_ACCEPT_ENCODING']; - } - else - { - $resp_compression = ''; - } - - // 'guestimate' request encoding - /// @todo check if mbstring is enabled and automagic input conversion is on: it might mingle with this check??? - $req_encoding = guess_encoding(isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : '', - $data); - - return null; - } - - /** - * Parse an xml chunk containing an xmlrpc request and execute the corresponding - * php function registered with the server - * @param string $data the xml request - * @param string $req_encoding (optional) the charset encoding of the xml request - * @return xmlrpcresp - * @access private - */ - function parseRequest($data, $req_encoding='') - { - // 2005/05/07 commented and moved into caller function code - //if($data=='') - //{ - // $data=$GLOBALS['HTTP_RAW_POST_DATA']; - //} - - // G. Giunta 2005/02/13: we do NOT expect to receive html entities - // so we do not try to convert them into xml character entities - //$data = xmlrpc_html_entity_xlate($data); - - $GLOBALS['_xh']=array(); - $GLOBALS['_xh']['ac']=''; - $GLOBALS['_xh']['stack']=array(); - $GLOBALS['_xh']['valuestack'] = array(); - $GLOBALS['_xh']['params']=array(); - $GLOBALS['_xh']['pt']=array(); - $GLOBALS['_xh']['isf']=0; - $GLOBALS['_xh']['isf_reason']=''; - $GLOBALS['_xh']['method']=false; // so we can check later if we got a methodname or not - $GLOBALS['_xh']['rt']=''; - - // decompose incoming XML into request structure - if ($req_encoding != '') - { - if (!in_array($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) - // the following code might be better for mb_string enabled installs, but - // makes the lib about 200% slower... - //if (!is_valid_charset($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) - { - error_log('XML-RPC: '.__METHOD__.': invalid charset encoding of received request: '.$req_encoding); - $req_encoding = $GLOBALS['xmlrpc_defencoding']; - } - /// @BUG this will fail on PHP 5 if charset is not specified in the xml prologue, - // the encoding is not UTF8 and there are non-ascii chars in the text... - /// @todo use an empty string for php 5 ??? - $parser = xml_parser_create($req_encoding); - } - else - { - $parser = xml_parser_create(); - } - - xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true); - // G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell - // the xml parser to give us back data in the expected charset - // What if internal encoding is not in one of the 3 allowed? - // we use the broadest one, ie. utf8 - // This allows to send data which is native in various charset, - // by extending xmlrpc_encode_entitites() and setting xmlrpc_internalencoding - if (!in_array($GLOBALS['xmlrpc_internalencoding'], array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) - { - xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, 'UTF-8'); - } - else - { - xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $GLOBALS['xmlrpc_internalencoding']); - } - - if ($this->functions_parameters_type != 'xmlrpcvals') - xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee_fast'); - else - xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee'); - xml_set_character_data_handler($parser, 'xmlrpc_cd'); - xml_set_default_handler($parser, 'xmlrpc_dh'); - if(!xml_parse($parser, $data, 1)) - { - // return XML error as a faultCode - $r=new xmlrpcresp(0, - $GLOBALS['xmlrpcerrxml']+xml_get_error_code($parser), - sprintf('XML error: %s at line %d, column %d', - xml_error_string(xml_get_error_code($parser)), - xml_get_current_line_number($parser), xml_get_current_column_number($parser))); - xml_parser_free($parser); - } - elseif ($GLOBALS['_xh']['isf']) - { - xml_parser_free($parser); - $r=new xmlrpcresp(0, - $GLOBALS['xmlrpcerr']['invalid_request'], - $GLOBALS['xmlrpcstr']['invalid_request'] . ' ' . $GLOBALS['_xh']['isf_reason']); - } - else - { - xml_parser_free($parser); - // small layering violation in favor of speed and memory usage: - // we should allow the 'execute' method handle this, but in the - // most common scenario (xmlrpcvals type server with some methods - // registered as phpvals) that would mean a useless encode+decode pass - if ($this->functions_parameters_type != 'xmlrpcvals' || (isset($this->dmap[$GLOBALS['_xh']['method']]['parameters_type']) && ($this->dmap[$GLOBALS['_xh']['method']]['parameters_type'] == 'phpvals'))) - { - if($this->debug > 1) - { - $this->debugmsg("\n+++PARSED+++\n".var_export($GLOBALS['_xh']['params'], true)."\n+++END+++"); - } - $r = $this->execute($GLOBALS['_xh']['method'], $GLOBALS['_xh']['params'], $GLOBALS['_xh']['pt']); - } - else - { - // build an xmlrpcmsg object with data parsed from xml - $m=new xmlrpcmsg($GLOBALS['_xh']['method']); - // now add parameters in - for($i=0; $iaddParam($GLOBALS['_xh']['params'][$i]); - } - - if($this->debug > 1) - { - $this->debugmsg("\n+++PARSED+++\n".var_export($m, true)."\n+++END+++"); - } - $r = $this->execute($m); - } - } - return $r; - } - - /** - * Execute a method invoked by the client, checking parameters used - * @param mixed $m either an xmlrpcmsg obj or a method name - * @param array $params array with method parameters as php types (if m is method name only) - * @param array $paramtypes array with xmlrpc types of method parameters (if m is method name only) - * @return xmlrpcresp - * @access private - */ - function execute($m, $params=null, $paramtypes=null) - { - if (is_object($m)) - { - $methName = $m->method(); - } - else - { - $methName = $m; - } - $sysCall = $this->allow_system_funcs && (strpos($methName, "system.") === 0); - $dmap = $sysCall ? $GLOBALS['_xmlrpcs_dmap'] : $this->dmap; - - if(!isset($dmap[$methName]['function'])) - { - // No such method - return new xmlrpcresp(0, - $GLOBALS['xmlrpcerr']['unknown_method'], - $GLOBALS['xmlrpcstr']['unknown_method']); - } - - // Check signature - if(isset($dmap[$methName]['signature'])) - { - $sig = $dmap[$methName]['signature']; - if (is_object($m)) - { - list($ok, $errstr) = $this->verifySignature($m, $sig); - } - else - { - list($ok, $errstr) = $this->verifySignature($paramtypes, $sig); - } - if(!$ok) - { - // Didn't match. - return new xmlrpcresp( - 0, - $GLOBALS['xmlrpcerr']['incorrect_params'], - $GLOBALS['xmlrpcstr']['incorrect_params'] . ": ${errstr}" - ); - } - } - - $func = $dmap[$methName]['function']; - // let the 'class::function' syntax be accepted in dispatch maps - if(is_string($func) && strpos($func, '::')) - { - $func = explode('::', $func); - } - // verify that function to be invoked is in fact callable - if(!is_callable($func)) - { - error_log("XML-RPC: ".__METHOD__.": function $func registered as method handler is not callable"); - return new xmlrpcresp( - 0, - $GLOBALS['xmlrpcerr']['server_error'], - $GLOBALS['xmlrpcstr']['server_error'] . ": no function matches method" - ); - } - - // If debug level is 3, we should catch all errors generated during - // processing of user function, and log them as part of response - if($this->debug > 2) - { - $GLOBALS['_xmlrpcs_prev_ehandler'] = set_error_handler('_xmlrpcs_errorHandler'); - } - try - { - // Allow mixed-convention servers - if (is_object($m)) - { - if($sysCall) - { - $r = call_user_func($func, $this, $m); - } - else - { - $r = call_user_func($func, $m); - } - if (!is_a($r, 'xmlrpcresp')) - { - error_log("XML-RPC: ".__METHOD__.": function $func registered as method handler does not return an xmlrpcresp object"); - if (is_a($r, 'xmlrpcval')) - { - $r = new xmlrpcresp($r); - } - else - { - $r = new xmlrpcresp( - 0, - $GLOBALS['xmlrpcerr']['server_error'], - $GLOBALS['xmlrpcstr']['server_error'] . ": function does not return xmlrpcresp object" - ); - } - } - } - else - { - // call a 'plain php' function - if($sysCall) - { - array_unshift($params, $this); - $r = call_user_func_array($func, $params); - } - else - { - // 3rd API convention for method-handling functions: EPI-style - if ($this->functions_parameters_type == 'epivals') - { - $r = call_user_func_array($func, array($methName, $params, $this->user_data)); - // mimic EPI behaviour: if we get an array that looks like an error, make it - // an eror response - if (is_array($r) && array_key_exists('faultCode', $r) && array_key_exists('faultString', $r)) - { - $r = new xmlrpcresp(0, (integer)$r['faultCode'], (string)$r['faultString']); - } - else - { - // functions using EPI api should NOT return resp objects, - // so make sure we encode the return type correctly - $r = new xmlrpcresp(php_xmlrpc_encode($r, array('extension_api'))); - } - } - else - { - $r = call_user_func_array($func, $params); - } - } - // the return type can be either an xmlrpcresp object or a plain php value... - if (!is_a($r, 'xmlrpcresp')) - { - // what should we assume here about automatic encoding of datetimes - // and php classes instances??? - $r = new xmlrpcresp(php_xmlrpc_encode($r, $this->phpvals_encoding_options)); - } - } - } - catch(Exception $e) - { - // (barring errors in the lib) an uncatched exception happened - // in the called function, we wrap it in a proper error-response - switch($this->exception_handling) - { - case 2: - throw $e; - break; - case 1: - $r = new xmlrpcresp(0, $e->getCode(), $e->getMessage()); - break; - default: - $r = new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['server_error'], $GLOBALS['xmlrpcstr']['server_error']); - } - } - if($this->debug > 2) - { - // note: restore the error handler we found before calling the - // user func, even if it has been changed inside the func itself - if($GLOBALS['_xmlrpcs_prev_ehandler']) - { - set_error_handler($GLOBALS['_xmlrpcs_prev_ehandler']); - } - else - { - restore_error_handler(); - } - } - return $r; - } - - /** - * add a string to the 'internal debug message' (separate from 'user debug message') - * @param string $string - * @access private - */ - function debugmsg($string) - { - $this->debug_info .= $string."\n"; - } - - /** - * @access private - */ - function xml_header($charset_encoding='') - { - if ($charset_encoding != '') - { - return "\n"; - } - else - { - return "\n"; - } - } - - /** - * A debugging routine: just echoes back the input packet as a string value - * DEPRECATED! - */ - function echoInput() - { - $r=new xmlrpcresp(new xmlrpcval( "'Aha said I: '" . $GLOBALS['HTTP_RAW_POST_DATA'], 'string')); - print $r->serialize(); - } -} +accepted_compression = array('gzip', 'deflate'); + $this->compress_response = true; + } + + // by default the xml parser can support these 3 charset encodings + $this->accepted_charset_encodings = array('UTF-8', 'ISO-8859-1', 'US-ASCII'); + + // dispMap is a dispatch array of methods + // mapped to function names and signatures + // if a method + // doesn't appear in the map then an unknown + // method error is generated + /* milosch - changed to make passing dispMap optional. + * instead, you can use the class add_to_map() function + * to add functions manually (borrowed from SOAPX4) + */ + if($dispMap) + { + $this->dmap = $dispMap; + if($serviceNow) + { + $this->service(); + } + } + } + + /** + * Set debug level of server. + * @param integer $in debug lvl: determines info added to xmlrpc responses (as xml comments) + * 0 = no debug info, + * 1 = msgs set from user with debugmsg(), + * 2 = add complete xmlrpc request (headers and body), + * 3 = add also all processing warnings happened during method processing + * (NB: this involves setting a custom error handler, and might interfere + * with the standard processing of the php function exposed as method. In + * particular, triggering an USER_ERROR level error will not halt script + * execution anymore, but just end up logged in the xmlrpc response) + * Note that info added at level 2 and 3 will be base64 encoded + */ + function setDebug($in) + { + $this->debug=$in; + } + + /** + * Add a string to the debug info that can be later serialized by the server + * as part of the response message. + * Note that for best compatibility, the debug string should be encoded using + * the PhpXmlRpc::$xmlrpc_internalencoding character set. + * @param string $m + * @access public + */ + public static function xmlrpc_debugmsg($m) + { + static::$_xmlrpc_debuginfo .= $m . "\n"; + } + + /** + * Return a string with the serialized representation of all debug info + * @param string $charset_encoding the target charset encoding for the serialization + * @return string an XML comment (or two) + */ + function serializeDebug($charset_encoding='') + { + // Tough encoding problem: which internal charset should we assume for debug info? + // It might contain a copy of raw data received from client, ie with unknown encoding, + // intermixed with php generated data and user generated data... + // so we split it: system debug is base 64 encoded, + // user debug info should be encoded by the end user using the INTERNAL_ENCODING + $out = ''; + if ($this->debug_info != '') + { + $out .= "\n"; + } + if($GLOBALS['_xmlrpc_debuginfo']!='') + { + + $out .= "\n"; + // NB: a better solution MIGHT be to use CDATA, but we need to insert it + // into return payload AFTER the beginning tag + //$out .= "', ']_]_>', static::$_xmlrpc_debuginfo) . "\n]]>\n"; + } + return $out; + } + + /** + * Execute the xmlrpc request, printing the response + * @param string $data the request body. If null, the http POST request will be examined + * @param bool $return_payload When true, return the response but do not echo it or any http header + * @return xmlrpcresp the response object (usually not used by caller...) + */ + function service($data=null, $return_payload=false) + { + if ($data === null) + { + // workaround for a known bug in php ver. 5.2.2 that broke $HTTP_RAW_POST_DATA + $data = file_get_contents('php://input'); + } + $raw_data = $data; + + // reset internal debug info + $this->debug_info = ''; + + // Echo back what we received, before parsing it + if($this->debug > 1) + { + $this->debugmsg("+++GOT+++\n" . $data . "\n+++END+++"); + } + + $r = $this->parseRequestHeaders($data, $req_charset, $resp_charset, $resp_encoding); + if (!$r) + { + $r=$this->parseRequest($data, $req_charset); + } + + // save full body of request into response, for more debugging usages + $r->raw_data = $raw_data; + + if($this->debug > 2 && $GLOBALS['_xmlrpcs_occurred_errors']) + { + $this->debugmsg("+++PROCESSING ERRORS AND WARNINGS+++\n" . + $GLOBALS['_xmlrpcs_occurred_errors'] . "+++END+++"); + } + + $payload=$this->xml_header($resp_charset); + if($this->debug > 0) + { + $payload = $payload . $this->serializeDebug($resp_charset); + } + + // G. Giunta 2006-01-27: do not create response serialization if it has + // already happened. Helps building json magic + if (empty($r->payload)) + { + $r->serialize($resp_charset); + } + $payload = $payload . $r->payload; + + if ($return_payload) + { + return $payload; + } + + // if we get a warning/error that has output some text before here, then we cannot + // add a new header. We cannot say we are sending xml, either... + if(!headers_sent()) + { + header('Content-Type: '.$r->content_type); + // we do not know if client actually told us an accepted charset, but if he did + // we have to tell him what we did + header("Vary: Accept-Charset"); + + // http compression of output: only + // if we can do it, and we want to do it, and client asked us to, + // and php ini settings do not force it already + $php_no_self_compress = !ini_get('zlib.output_compression') && (ini_get('output_handler') != 'ob_gzhandler'); + if($this->compress_response && function_exists('gzencode') && $resp_encoding != '' + && $php_no_self_compress) + { + if(strpos($resp_encoding, 'gzip') !== false) + { + $payload = gzencode($payload); + header("Content-Encoding: gzip"); + header("Vary: Accept-Encoding"); + } + elseif (strpos($resp_encoding, 'deflate') !== false) + { + $payload = gzcompress($payload); + header("Content-Encoding: deflate"); + header("Vary: Accept-Encoding"); + } + } + + // do not output content-length header if php is compressing output for us: + // it will mess up measurements + if($php_no_self_compress) + { + header('Content-Length: ' . (int)strlen($payload)); + } + } + else + { + error_log('XML-RPC: '.__METHOD__.': http headers already sent before response is fully generated. Check for php warning or error messages'); + } + + print $payload; + + // return request, in case subclasses want it + return $r; + } + + /** + * Add a method to the dispatch map + * @param string $methodname the name with which the method will be made available + * @param string $function the php function that will get invoked + * @param array $sig the array of valid method signatures + * @param string $doc method documentation + * @param array $sigdoc the array of valid method signatures docs (one string per param, one for return type) + */ + function add_to_map($methodname,$function,$sig=null,$doc=false,$sigdoc=false) + { + $this->dmap[$methodname] = array( + 'function' => $function, + 'docstring' => $doc + ); + if ($sig) + { + $this->dmap[$methodname]['signature'] = $sig; + } + if ($sigdoc) + { + $this->dmap[$methodname]['signature_docs'] = $sigdoc; + } + } + + /** + * Verify type and number of parameters received against a list of known signatures + * @param array $in array of either xmlrpcval objects or xmlrpc type definitions + * @param array $sig array of known signatures to match against + * @return array + */ + protected function verifySignature($in, $sig) + { + // check each possible signature in turn + if (is_object($in)) + { + $numParams = $in->getNumParams(); + } + else + { + $numParams = count($in); + } + foreach($sig as $cursig) + { + if(count($cursig)==$numParams+1) + { + $itsOK=1; + for($n=0; $n<$numParams; $n++) + { + if (is_object($in)) + { + $p=$in->getParam($n); + if($p->kindOf() == 'scalar') + { + $pt=$p->scalartyp(); + } + else + { + $pt=$p->kindOf(); + } + } + else + { + $pt= $in[$n] == 'i4' ? 'int' : strtolower($in[$n]); // dispatch maps never use i4... + } + + // param index is $n+1, as first member of sig is return type + if($pt != $cursig[$n+1] && $cursig[$n+1] != $GLOBALS['xmlrpcValue']) + { + $itsOK=0; + $pno=$n+1; + $wanted=$cursig[$n+1]; + $got=$pt; + break; + } + } + if($itsOK) + { + return array(1,''); + } + } + } + if(isset($wanted)) + { + return array(0, "Wanted ${wanted}, got ${got} at param ${pno}"); + } + else + { + return array(0, "No method signature matches number of parameters"); + } + } + + /** + * Parse http headers received along with xmlrpc request. If needed, inflate request + * @return mixed null on success or an xmlrpcresp + */ + protected function parseRequestHeaders(&$data, &$req_encoding, &$resp_encoding, &$resp_compression) + { + // check if $_SERVER is populated: it might have been disabled via ini file + // (this is true even when in CLI mode) + if (count($_SERVER) == 0) + { + error_log('XML-RPC: '.__METHOD__.': cannot parse request headers as $_SERVER is not populated'); + } + + if($this->debug > 1) + { + if(function_exists('getallheaders')) + { + $this->debugmsg(''); // empty line + foreach(getallheaders() as $name => $val) + { + $this->debugmsg("HEADER: $name: $val"); + } + } + + } + + if(isset($_SERVER['HTTP_CONTENT_ENCODING'])) + { + $content_encoding = str_replace('x-', '', $_SERVER['HTTP_CONTENT_ENCODING']); + } + else + { + $content_encoding = ''; + } + + // check if request body has been compressed and decompress it + if($content_encoding != '' && strlen($data)) + { + if($content_encoding == 'deflate' || $content_encoding == 'gzip') + { + // if decoding works, use it. else assume data wasn't gzencoded + if(function_exists('gzinflate') && in_array($content_encoding, $this->accepted_compression)) + { + if($content_encoding == 'deflate' && $degzdata = @gzuncompress($data)) + { + $data = $degzdata; + if($this->debug > 1) + { + $this->debugmsg("\n+++INFLATED REQUEST+++[".strlen($data)." chars]+++\n" . $data . "\n+++END+++"); + } + } + elseif($content_encoding == 'gzip' && $degzdata = @gzinflate(substr($data, 10))) + { + $data = $degzdata; + if($this->debug > 1) + $this->debugmsg("+++INFLATED REQUEST+++[".strlen($data)." chars]+++\n" . $data . "\n+++END+++"); + } + else + { + $r = new Response(0, $GLOBALS['xmlrpcerr']['server_decompress_fail'], $GLOBALS['xmlrpcstr']['server_decompress_fail']); + return $r; + } + } + else + { + //error_log('The server sent deflated data. Your php install must have the Zlib extension compiled in to support this.'); + $r = new Response(0, $GLOBALS['xmlrpcerr']['server_cannot_decompress'], $GLOBALS['xmlrpcstr']['server_cannot_decompress']); + return $r; + } + } + } + + // check if client specified accepted charsets, and if we know how to fulfill + // the request + if ($this->response_charset_encoding == 'auto') + { + $resp_encoding = ''; + if (isset($_SERVER['HTTP_ACCEPT_CHARSET'])) + { + // here we should check if we can match the client-requested encoding + // with the encodings we know we can generate. + /// @todo we should parse q=0.x preferences instead of getting first charset specified... + $client_accepted_charsets = explode(',', strtoupper($_SERVER['HTTP_ACCEPT_CHARSET'])); + // Give preference to internal encoding + $known_charsets = array($GLOBALS['xmlrpc_internalencoding'], 'UTF-8', 'ISO-8859-1', 'US-ASCII'); + foreach ($known_charsets as $charset) + { + foreach ($client_accepted_charsets as $accepted) + if (strpos($accepted, $charset) === 0) + { + $resp_encoding = $charset; + break; + } + if ($resp_encoding) + break; + } + } + } + else + { + $resp_encoding = $this->response_charset_encoding; + } + + if (isset($_SERVER['HTTP_ACCEPT_ENCODING'])) + { + $resp_compression = $_SERVER['HTTP_ACCEPT_ENCODING']; + } + else + { + $resp_compression = ''; + } + + // 'guestimate' request encoding + /// @todo check if mbstring is enabled and automagic input conversion is on: it might mingle with this check??? + $req_encoding = guess_encoding(isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : '', + $data); + + return null; + } + + /** + * Parse an xml chunk containing an xmlrpc request and execute the corresponding + * php function registered with the server + * @param string $data the xml request + * @param string $req_encoding (optional) the charset encoding of the xml request + * @return xmlrpcresp + */ + public function parseRequest($data, $req_encoding='') + { + // 2005/05/07 commented and moved into caller function code + //if($data=='') + //{ + // $data=$GLOBALS['HTTP_RAW_POST_DATA']; + //} + + // G. Giunta 2005/02/13: we do NOT expect to receive html entities + // so we do not try to convert them into xml character entities + //$data = xmlrpc_html_entity_xlate($data); + + // decompose incoming XML into request structure + if ($req_encoding != '') + { + if (!in_array($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) + // the following code might be better for mb_string enabled installs, but + // makes the lib about 200% slower... + //if (!is_valid_charset($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) + { + error_log('XML-RPC: '.__METHOD__.': invalid charset encoding of received request: '.$req_encoding); + $req_encoding = $GLOBALS['xmlrpc_defencoding']; + } + /// @BUG this will fail on PHP 5 if charset is not specified in the xml prologue, + // the encoding is not UTF8 and there are non-ascii chars in the text... + /// @todo use an empty string for php 5 ??? + $parser = xml_parser_create($req_encoding); + } + else + { + $parser = xml_parser_create(); + } + + xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true); + // G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell + // the xml parser to give us back data in the expected charset + // What if internal encoding is not in one of the 3 allowed? + // we use the broadest one, ie. utf8 + // This allows to send data which is native in various charset, + // by extending xmlrpc_encode_entitites() and setting xmlrpc_internalencoding + if (!in_array($GLOBALS['xmlrpc_internalencoding'], array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) + { + xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, 'UTF-8'); + } + else + { + xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $GLOBALS['xmlrpc_internalencoding']); + } + + $xmlRpcParser = new XMLParser(); + xml_set_object($parser, $xmlRpcParser); + + if ($this->functions_parameters_type != 'xmlrpcvals') + xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee_fast'); + else + xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee'); + xml_set_character_data_handler($parser, 'xmlrpc_cd'); + xml_set_default_handler($parser, 'xmlrpc_dh'); + if(!xml_parse($parser, $data, 1)) + { + // return XML error as a faultCode + $r=new Response(0, + PhpXmlRpc::$xmlrpcerrxml+xml_get_error_code($parser), + sprintf('XML error: %s at line %d, column %d', + xml_error_string(xml_get_error_code($parser)), + xml_get_current_line_number($parser), xml_get_current_column_number($parser))); + xml_parser_free($parser); + } + elseif ($xmlRpcParser->_xh['isf']) + { + xml_parser_free($parser); + $r=new Response(0, + PhpXmlRpc::$xmlrpcerr['invalid_request'], + PhpXmlRpc::$xmlrpcstr['invalid_request'] . ' ' . $xmlRpcParser->_xh['isf_reason']); + } + else + { + xml_parser_free($parser); + // small layering violation in favor of speed and memory usage: + // we should allow the 'execute' method handle this, but in the + // most common scenario (xmlrpcvals type server with some methods + // registered as phpvals) that would mean a useless encode+decode pass + if ($this->functions_parameters_type != 'xmlrpcvals' || (isset($this->dmap[$xmlRpcParser->_xh['method']]['parameters_type']) && ($this->dmap[$xmlRpcParser->_xh['method']]['parameters_type'] == 'phpvals'))) + { + if($this->debug > 1) + { + $this->debugmsg("\n+++PARSED+++\n".var_export($xmlRpcParser->_xh['params'], true)."\n+++END+++"); + } + $r = $this->execute($xmlRpcParser->_xh['method'], $xmlRpcParser->_xh['params'], $xmlRpcParser->_xh['pt']); + } + else + { + // build a Request object with data parsed from xml + $m=new Request($xmlRpcParser->_xh['method']); + // now add parameters in + for($i=0; $i_xh['params']); $i++) + { + $m->addParam($xmlRpcParser->_xh['params'][$i]); + } + + if($this->debug > 1) + { + $this->debugmsg("\n+++PARSED+++\n".var_export($m, true)."\n+++END+++"); + } + $r = $this->execute($m); + } + } + return $r; + } + + /** + * Execute a method invoked by the client, checking parameters used + * @param mixed $m either an xmlrpcmsg obj or a method name + * @param array $params array with method parameters as php types (if m is method name only) + * @param array $paramtypes array with xmlrpc types of method parameters (if m is method name only) + * @return xmlrpcresp + */ + protected function execute($m, $params=null, $paramtypes=null) + { + if (is_object($m)) + { + $methName = $m->method(); + } + else + { + $methName = $m; + } + $sysCall = $this->allow_system_funcs && (strpos($methName, "system.") === 0); + $dmap = $sysCall ? $GLOBALS['_xmlrpcs_dmap'] : $this->dmap; + + if(!isset($dmap[$methName]['function'])) + { + // No such method + return new Response(0, + $GLOBALS['xmlrpcerr']['unknown_method'], + $GLOBALS['xmlrpcstr']['unknown_method']); + } + + // Check signature + if(isset($dmap[$methName]['signature'])) + { + $sig = $dmap[$methName]['signature']; + if (is_object($m)) + { + list($ok, $errstr) = $this->verifySignature($m, $sig); + } + else + { + list($ok, $errstr) = $this->verifySignature($paramtypes, $sig); + } + if(!$ok) + { + // Didn't match. + return new Response( + 0, + $GLOBALS['xmlrpcerr']['incorrect_params'], + $GLOBALS['xmlrpcstr']['incorrect_params'] . ": ${errstr}" + ); + } + } + + $func = $dmap[$methName]['function']; + // let the 'class::function' syntax be accepted in dispatch maps + if(is_string($func) && strpos($func, '::')) + { + $func = explode('::', $func); + } + // verify that function to be invoked is in fact callable + if(!is_callable($func)) + { + error_log("XML-RPC: ".__METHOD__.": function $func registered as method handler is not callable"); + return new Response( + 0, + $GLOBALS['xmlrpcerr']['server_error'], + $GLOBALS['xmlrpcstr']['server_error'] . ": no function matches method" + ); + } + + // If debug level is 3, we should catch all errors generated during + // processing of user function, and log them as part of response + if($this->debug > 2) + { + $GLOBALS['_xmlrpcs_prev_ehandler'] = set_error_handler('_xmlrpcs_errorHandler'); + } + try + { + // Allow mixed-convention servers + if (is_object($m)) + { + if($sysCall) + { + $r = call_user_func($func, $this, $m); + } + else + { + $r = call_user_func($func, $m); + } + if (!is_a($r, 'xmlrpcresp')) + { + error_log("XML-RPC: ".__METHOD__.": function $func registered as method handler does not return an xmlrpcresp object"); + if (is_a($r, 'xmlrpcval')) + { + $r = new Response($r); + } + else + { + $r = new Response( + 0, + $GLOBALS['xmlrpcerr']['server_error'], + $GLOBALS['xmlrpcstr']['server_error'] . ": function does not return xmlrpcresp object" + ); + } + } + } + else + { + // call a 'plain php' function + if($sysCall) + { + array_unshift($params, $this); + $r = call_user_func_array($func, $params); + } + else + { + // 3rd API convention for method-handling functions: EPI-style + if ($this->functions_parameters_type == 'epivals') + { + $r = call_user_func_array($func, array($methName, $params, $this->user_data)); + // mimic EPI behaviour: if we get an array that looks like an error, make it + // an eror response + if (is_array($r) && array_key_exists('faultCode', $r) && array_key_exists('faultString', $r)) + { + $r = new Response(0, (integer)$r['faultCode'], (string)$r['faultString']); + } + else + { + // functions using EPI api should NOT return resp objects, + // so make sure we encode the return type correctly + $r = new Response(php_xmlrpc_encode($r, array('extension_api'))); + } + } + else + { + $r = call_user_func_array($func, $params); + } + } + // the return type can be either an xmlrpcresp object or a plain php value... + if (!is_a($r, 'xmlrpcresp')) + { + // what should we assume here about automatic encoding of datetimes + // and php classes instances??? + $r = new Response(php_xmlrpc_encode($r, $this->phpvals_encoding_options)); + } + } + } + catch(Exception $e) + { + // (barring errors in the lib) an uncatched exception happened + // in the called function, we wrap it in a proper error-response + switch($this->exception_handling) + { + case 2: + throw $e; + break; + case 1: + $r = new Response(0, $e->getCode(), $e->getMessage()); + break; + default: + $r = new Response(0, $GLOBALS['xmlrpcerr']['server_error'], $GLOBALS['xmlrpcstr']['server_error']); + } + } + if($this->debug > 2) + { + // note: restore the error handler we found before calling the + // user func, even if it has been changed inside the func itself + if($GLOBALS['_xmlrpcs_prev_ehandler']) + { + set_error_handler($GLOBALS['_xmlrpcs_prev_ehandler']); + } + else + { + restore_error_handler(); + } + } + return $r; + } + + /** + * add a string to the 'internal debug message' (separate from 'user debug message') + * @param string $string + */ + protected function debugmsg($string) + { + $this->debug_info .= $string."\n"; + } + + protected function xml_header($charset_encoding='') + { + if ($charset_encoding != '') + { + return "\n"; + } + else + { + return "\n"; + } + } + + /** + * A debugging routine: just echoes back the input packet as a string value + * DEPRECATED! + */ + function echoInput() + { + $r=new Response(new Value( "'Aha said I: '" . $GLOBALS['HTTP_RAW_POST_DATA'], 'string')); + print $r->serialize(); + } + + /* Functions that implement system.XXX methods of xmlrpc servers */ + + protected function getSystemDispatchMap() + { + return array( + 'system.listMethods' => array( + 'function' => 'PhpXmlRpc\Server::_xmlrpcs_listMethods', + // listMethods: signature was either a string, or nothing. + // The useless string variant has been removed + 'signature' => array(array(Value::$xmlrpcArray)), + 'docstring' => 'This method lists all the methods that the XML-RPC server knows how to dispatch', + 'signature_docs' => array(array('list of method names')), + ), + 'system.methodHelp' => array( + 'function' => 'PhpXmlRpc\Server::_xmlrpcs_methodHelp', + 'signature' => array(array(Value::$xmlrpcString, Value::$xmlrpcString)), + 'docstring' => 'Returns help text if defined for the method passed, otherwise returns an empty string', + 'signature_docs' => array(array('method description', 'name of the method to be described')), + ), + 'system.methodSignature' => array( + 'function' => 'PhpXmlRpc\Server::_xmlrpcs_methodSignature', + 'signature' => array(array(Value::$xmlrpcArray, Value::$xmlrpcString)), + 'docstring' => 'Returns an array of known signatures (an array of arrays) for the method name passed. If no signatures are known, returns a none-array (test for type != array to detect missing signature)', + 'signature_docs' => array(array('list of known signatures, each sig being an array of xmlrpc type names', 'name of method to be described')), + ), + 'system.multicall' => array( + 'function' => 'PhpXmlRpc\Server::_xmlrpcs_multicall', + 'signature' => array(array(Value::$xmlrpcArray, Value::$xmlrpcArray)), + 'docstring' => 'Boxcar multiple RPC calls in one request. See http://www.xmlrpc.com/discuss/msgReader$1208 for details', + 'signature_docs' => array(array('list of response structs, where each struct has the usual members', 'list of calls, with each call being represented as a struct, with members "methodname" and "params"')), + ), + 'system.getCapabilities' => array( + 'function' => 'PhpXmlRpc\Server::_xmlrpcs_getCapabilities', + 'signature' => array(array($GLOBALS['xmlrpcStruct'])), + 'docstring' => 'This method lists all the capabilites that the XML-RPC server has: the (more or less standard) extensions to the xmlrpc spec that it adheres to', + 'signature_docs' => array(array('list of capabilities, described as structs with a version number and url for the spec')) + ) + ); + } + + public static function _xmlrpcs_getCapabilities($server, $m=null) + { + $outAr = array( + // xmlrpc spec: always supported + 'xmlrpc' => new Value(array( + 'specUrl' => new Value('http://www.xmlrpc.com/spec', 'string'), + 'specVersion' => new Value(1, 'int') + ), 'struct'), + // if we support system.xxx functions, we always support multicall, too... + // Note that, as of 2006/09/17, the following URL does not respond anymore + 'system.multicall' => new Value(array( + 'specUrl' => new Value('http://www.xmlrpc.com/discuss/msgReader$1208', 'string'), + 'specVersion' => new Value(1, 'int') + ), 'struct'), + // introspection: version 2! we support 'mixed', too + 'introspection' => new Value(array( + 'specUrl' => new Value('http://phpxmlrpc.sourceforge.net/doc-2/ch10.html', 'string'), + 'specVersion' => new Value(2, 'int') + ), 'struct') + ); + + // NIL extension + if ($GLOBALS['xmlrpc_null_extension']) { + $outAr['nil'] = new Value(array( + 'specUrl' => new Value('http://www.ontosys.com/xml-rpc/extensions.php', 'string'), + 'specVersion' => new Value(1, 'int') + ), 'struct'); + } + return new Response(new Value($outAr, 'struct')); + } + + public static function _xmlrpcs_listMethods($server, $m=null) // if called in plain php values mode, second param is missing + { + + $outAr=array(); + foreach($server->dmap as $key => $val) + { + $outAr[]=new Value($key, 'string'); + } + if($server->allow_system_funcs) + { + foreach($GLOBALS['_xmlrpcs_dmap'] as $key => $val) + { + $outAr[]=new Value($key, 'string'); + } + } + return new Response(new Value($outAr, 'array')); + } + + public static function _xmlrpcs_methodSignature($server, $m) + { + // let accept as parameter both an xmlrpcval or string + if (is_object($m)) + { + $methName=$m->getParam(0); + $methName=$methName->scalarval(); + } + else + { + $methName=$m; + } + if(strpos($methName, "system.") === 0) + { + $dmap=$GLOBALS['_xmlrpcs_dmap']; $sysCall=1; + } + else + { + $dmap=$server->dmap; $sysCall=0; + } + if(isset($dmap[$methName])) + { + if(isset($dmap[$methName]['signature'])) + { + $sigs=array(); + foreach($dmap[$methName]['signature'] as $inSig) + { + $cursig=array(); + foreach($inSig as $sig) + { + $cursig[]=new Value($sig, 'string'); + } + $sigs[]=new Value($cursig, 'array'); + } + $r=new Response(new Value($sigs, 'array')); + } + else + { + // NB: according to the official docs, we should be returning a + // "none-array" here, which means not-an-array + $r=new Response(new Value('undef', 'string')); + } + } + else + { + $r=new Response(0,$GLOBALS['xmlrpcerr']['introspect_unknown'], $GLOBALS['xmlrpcstr']['introspect_unknown']); + } + return $r; + } + + public static function _xmlrpcs_methodHelp($server, $m) + { + // let accept as parameter both an xmlrpcval or string + if (is_object($m)) + { + $methName=$m->getParam(0); + $methName=$methName->scalarval(); + } + else + { + $methName=$m; + } + if(strpos($methName, "system.") === 0) + { + $dmap=$GLOBALS['_xmlrpcs_dmap']; $sysCall=1; + } + else + { + $dmap=$server->dmap; $sysCall=0; + } + if(isset($dmap[$methName])) + { + if(isset($dmap[$methName]['docstring'])) + { + $r=new Response(new Value($dmap[$methName]['docstring']), 'string'); + } + else + { + $r=new Response(new Value('', 'string')); + } + } + else + { + $r=new Response(0, $GLOBALS['xmlrpcerr']['introspect_unknown'], $GLOBALS['xmlrpcstr']['introspect_unknown']); + } + return $r; + } + + public static function _xmlrpcs_multicall_error($err) + { + if(is_string($err)) + { + $str = $GLOBALS['xmlrpcstr']["multicall_${err}"]; + $code = $GLOBALS['xmlrpcerr']["multicall_${err}"]; + } + else + { + $code = $err->faultCode(); + $str = $err->faultString(); + } + $struct = array(); + $struct['faultCode'] = new Value($code, 'int'); + $struct['faultString'] = new Value($str, 'string'); + return new Value($struct, 'struct'); + } + + public static function _xmlrpcs_multicall_do_call($server, $call) + { + if($call->kindOf() != 'struct') + { + return _xmlrpcs_multicall_error('notstruct'); + } + $methName = @$call->structmem('methodName'); + if(!$methName) + { + return _xmlrpcs_multicall_error('nomethod'); + } + if($methName->kindOf() != 'scalar' || $methName->scalartyp() != 'string') + { + return _xmlrpcs_multicall_error('notstring'); + } + if($methName->scalarval() == 'system.multicall') + { + return _xmlrpcs_multicall_error('recursion'); + } + + $params = @$call->structmem('params'); + if(!$params) + { + return _xmlrpcs_multicall_error('noparams'); + } + if($params->kindOf() != 'array') + { + return _xmlrpcs_multicall_error('notarray'); + } + $numParams = $params->arraysize(); + + $msg = new Request($methName->scalarval()); + for($i = 0; $i < $numParams; $i++) + { + if(!$msg->addParam($params->arraymem($i))) + { + $i++; + return _xmlrpcs_multicall_error(new Response(0, + $GLOBALS['xmlrpcerr']['incorrect_params'], + $GLOBALS['xmlrpcstr']['incorrect_params'] . ": probable xml error in param " . $i)); + } + } + + $result = $server->execute($msg); + + if($result->faultCode() != 0) + { + return _xmlrpcs_multicall_error($result); // Method returned fault. + } + + return new Value(array($result->value()), 'array'); + } + + public static function _xmlrpcs_multicall_do_call_phpvals($server, $call) + { + if(!is_array($call)) + { + return _xmlrpcs_multicall_error('notstruct'); + } + if(!array_key_exists('methodName', $call)) + { + return _xmlrpcs_multicall_error('nomethod'); + } + if (!is_string($call['methodName'])) + { + return _xmlrpcs_multicall_error('notstring'); + } + if($call['methodName'] == 'system.multicall') + { + return _xmlrpcs_multicall_error('recursion'); + } + if(!array_key_exists('params', $call)) + { + return _xmlrpcs_multicall_error('noparams'); + } + if(!is_array($call['params'])) + { + return _xmlrpcs_multicall_error('notarray'); + } + + // this is a real dirty and simplistic hack, since we might have received a + // base64 or datetime values, but they will be listed as strings here... + $numParams = count($call['params']); + $pt = array(); + foreach($call['params'] as $val) + $pt[] = php_2_xmlrpc_type(gettype($val)); + + $result = $server->execute($call['methodName'], $call['params'], $pt); + + if($result->faultCode() != 0) + { + return _xmlrpcs_multicall_error($result); // Method returned fault. + } + + return new Value(array($result->value()), 'array'); + } + + public static function _xmlrpcs_multicall($server, $m) + { + $result = array(); + // let accept a plain list of php parameters, beside a single xmlrpc msg object + if (is_object($m)) + { + $calls = $m->getParam(0); + $numCalls = $calls->arraysize(); + for($i = 0; $i < $numCalls; $i++) + { + $call = $calls->arraymem($i); + $result[$i] = _xmlrpcs_multicall_do_call($server, $call); + } + } + else + { + $numCalls=count($m); + for($i = 0; $i < $numCalls; $i++) + { + $result[$i] = _xmlrpcs_multicall_do_call_phpvals($server, $m[$i]); + } + } + + return new Response(new Value($result, 'array')); + } +} diff --git a/lib/xmlrpcval.php b/src/Value.php similarity index 84% rename from lib/xmlrpcval.php rename to src/Value.php index 7cfca961..fd4a840c 100644 --- a/lib/xmlrpcval.php +++ b/src/Value.php @@ -1,7 +1,35 @@ 1, + "int" => 1, + "boolean" => 1, + "double" => 1, + "string" => 1, + "dateTime.iso8601" => 1, + "base64" => 1, + "array" => 2, + "struct" => 3, + "null" => 1 + ); /// @todo: does these need to be public? public $me=array(); @@ -50,15 +78,15 @@ function __construct($val=-1, $type='') { { $type='string'; } - if($GLOBALS['xmlrpcTypes'][$type]==1) + if(static::$xmlrpcTypes[$type]==1) { $this->addScalar($val,$type); } - elseif($GLOBALS['xmlrpcTypes'][$type]==2) + elseif(static::$xmlrpcTypes[$type]==2) { $this->addArray($val); } - elseif($GLOBALS['xmlrpcTypes'][$type]==3) + elseif(static::$xmlrpcTypes[$type]==3) { $this->addStruct($val); }*/ @@ -73,11 +101,9 @@ function __construct($val=-1, $type='') { */ function addScalar($val, $type='string') { - $xmlrpc = Phpxmlrpc::instance(); - $typeof = null; - if(isset($xmlrpc->xmlrpcTypes[$type])) { - $typeof = $xmlrpc->xmlrpcTypes[$type]; + if(isset(static::$xmlrpcTypes[$type])) { + $typeof = static::$xmlrpcTypes[$type]; } if($typeof!=1) @@ -89,7 +115,7 @@ function addScalar($val, $type='string') // coerce booleans into correct values // NB: we should either do it for datetimes, integers and doubles, too, // or just plain remove this check, implemented on booleans only... - if($type==$xmlrpc->xmlrpcBoolean) + if($type==static::$xmlrpcBoolean) { if(strcasecmp($val,'true')==0 || $val==1 || ($val==true && strcasecmp($val,'false'))) { @@ -112,10 +138,10 @@ function addScalar($val, $type='string') case 2: // we're adding a scalar value to an array here //$ar=$this->me['array']; - //$ar[]=new xmlrpcval($val, $type); + //$ar[]=new Value($val, $type); //$this->me['array']=$ar; // Faster (?) avoid all the costly array-copy-by-val done here... - $this->me['array'][]=new xmlrpcval($val, $type); + $this->me['array'][]=new Value($val, $type); return 1; default: // a scalar, so set the value and remember we're scalar @@ -134,10 +160,9 @@ function addScalar($val, $type='string') */ public function addArray($vals) { - $xmlrpc = Phpxmlrpc::instance(); if($this->mytype==0) { - $this->mytype=$xmlrpc->xmlrpcTypes['array']; + $this->mytype=static::$xmlrpcTypes['array']; $this->me['array']=$vals; return 1; } @@ -163,11 +188,9 @@ public function addArray($vals) */ public function addStruct($vals) { - $xmlrpc = Phpxmlrpc::instance(); - if($this->mytype==0) { - $this->mytype=$xmlrpc->xmlrpcTypes['struct']; + $this->mytype=static::$xmlrpcTypes['struct']; $this->me['struct']=$vals; return 1; } @@ -208,34 +231,33 @@ public function kindOf() private function serializedata($typ, $val, $charset_encoding='') { - $xmlrpc = Phpxmlrpc::instance(); $rs=''; - if(!isset($xmlrpc->xmlrpcTypes[$typ])) { + if(!isset(static::$xmlrpcTypes[$typ])) { return $rs; } - switch($xmlrpc->xmlrpcTypes[$typ]) + switch(static::$xmlrpcTypes[$typ]) { case 1: switch($typ) { - case $xmlrpc->xmlrpcBase64: + case static::$xmlrpcBase64: $rs.="<${typ}>" . base64_encode($val) . ""; break; - case $xmlrpc->xmlrpcBoolean: + case static::$xmlrpcBoolean: $rs.="<${typ}>" . ($val ? '1' : '0') . ""; break; - case $xmlrpc->xmlrpcString: + case static::$xmlrpcString: // G. Giunta 2005/2/13: do NOT use htmlentities, since // it will produce named html entities, which are invalid xml - $rs.="<${typ}>" . xmlrpc_encode_entitites($val, $xmlrpc->xmlrpc_internalencoding, $charset_encoding). ""; + $rs.="<${typ}>" . Charset::instance()->encode_entities($val, PhpXmlRpc::$xmlrpc_internalencoding, $charset_encoding). ""; break; - case $xmlrpc->xmlrpcInt: - case $xmlrpc->xmlrpcI4: + case static::$xmlrpcInt: + case static::$xmlrpcI4: $rs.="<${typ}>".(int)$val.""; break; - case $xmlrpc->xmlrpcDouble: + case static::$xmlrpcDouble: // avoid using standard conversion of float to string because it is locale-dependent, // and also because the xmlrpc spec forbids exponential notation. // sprintf('%F') could be most likely ok but it fails eg. on 2e-14. @@ -243,7 +265,7 @@ private function serializedata($typ, $val, $charset_encoding='') // but there is of course no limit in the number of decimal places to be used... $rs.="<${typ}>".preg_replace('/\\.?0+$/','',number_format((double)$val, 128, '.', '')).""; break; - case $xmlrpc->xmlrpcDateTime: + case static::$xmlrpcDateTime: if (is_string($val)) { $rs.="<${typ}>${val}"; @@ -262,8 +284,8 @@ private function serializedata($typ, $val, $charset_encoding='') $rs.="<${typ}>${val}"; } break; - case $xmlrpc->xmlrpcNull: - if ($xmlrpc->xmlrpc_null_apache_encoding) + case static::$xmlrpcNull: + if (PhpXmlRpc::$xmlrpc_null_apache_encoding) { $rs.=""; } @@ -288,9 +310,10 @@ private function serializedata($typ, $val, $charset_encoding='') { $rs.="\n"; } + $charsetEncoder = Charset::instance(); foreach($val as $key2 => $val2) { - $rs.=''.xmlrpc_encode_entitites($key2, $xmlrpc->xmlrpc_internalencoding, $charset_encoding)."\n"; + $rs.=''.$charsetEncoder->encode_entities($key2, PhpXmlRpc::$xmlrpc_internalencoding, $charset_encoding)."\n"; //$rs.=$this->serializeval($val2); $rs.=$val2->serialize($charset_encoding); $rs.="\n"; @@ -300,10 +323,10 @@ private function serializedata($typ, $val, $charset_encoding='') case 2: // array $rs.="\n\n"; - for($i=0; $iserializeval($val[$i]); - $rs.=$val[$i]->serialize($charset_encoding); + $rs.=$element->serialize($charset_encoding); } $rs.="\n"; break; @@ -439,13 +462,11 @@ public function scalarval() */ public function scalartyp() { - $xmlrpc = Phpxmlrpc::instance(); - reset($this->me); list($a,)=each($this->me); - if($a==$xmlrpc->xmlrpcI4) + if($a==static::xmlrpcI4) { - $a=$xmlrpc->xmlrpcInt; + $a=static::xmlrpcInt; } return $a; } diff --git a/src/Wrapper.php b/src/Wrapper.php new file mode 100644 index 00000000..138d186e --- /dev/null +++ b/src/Wrapper.php @@ -0,0 +1,937 @@ +' . $funcname[1]; + } + $exists = method_exists($funcname[0], $funcname[1]); + } + else + { + $plainfuncname = $funcname; + $exists = function_exists($funcname); + } + + if(!$exists) + { + error_log('XML-RPC: function to be wrapped is not defined: '.$plainfuncname); + return false; + } + else + { + // determine name of new php function + if($newfuncname == '') + { + if(is_array($funcname)) + { + if(is_string($funcname[0])) + $xmlrpcfuncname = "{$prefix}_".implode('_', $funcname); + else + $xmlrpcfuncname = "{$prefix}_".get_class($funcname[0]) . '_' . $funcname[1]; + } + else + { + $xmlrpcfuncname = "{$prefix}_$funcname"; + } + } + else + { + $xmlrpcfuncname = $newfuncname; + } + while($buildit && function_exists($xmlrpcfuncname)) + { + $xmlrpcfuncname .= 'x'; + } + + // start to introspect PHP code + if(is_array($funcname)) + { + $func = new ReflectionMethod($funcname[0], $funcname[1]); + if($func->isPrivate()) + { + error_log('XML-RPC: method to be wrapped is private: '.$plainfuncname); + return false; + } + if($func->isProtected()) + { + error_log('XML-RPC: method to be wrapped is protected: '.$plainfuncname); + return false; + } + if($func->isConstructor()) + { + error_log('XML-RPC: method to be wrapped is the constructor: '.$plainfuncname); + return false; + } + if($func->isDestructor()) + { + error_log('XML-RPC: method to be wrapped is the destructor: '.$plainfuncname); + return false; + } + if($func->isAbstract()) + { + error_log('XML-RPC: method to be wrapped is abstract: '.$plainfuncname); + return false; + } + /// @todo add more checks for static vs. nonstatic? + } + else + { + $func = new ReflectionFunction($funcname); + } + if($func->isInternal()) + { + // Note: from PHP 5.1.0 onward, we will possibly be able to use invokeargs + // instead of getparameters to fully reflect internal php functions ? + error_log('XML-RPC: function to be wrapped is internal: '.$plainfuncname); + return false; + } + + // retrieve parameter names, types and description from javadoc comments + + // function description + $desc = ''; + // type of return val: by default 'any' + $returns = Value::$xmlrpcValue; + // desc of return val + $returnsDocs = ''; + // type + name of function parameters + $paramDocs = array(); + + $docs = $func->getDocComment(); + if($docs != '') + { + $docs = explode("\n", $docs); + $i = 0; + foreach($docs as $doc) + { + $doc = trim($doc, " \r\t/*"); + if(strlen($doc) && strpos($doc, '@') !== 0 && !$i) + { + if($desc) + { + $desc .= "\n"; + } + $desc .= $doc; + } + elseif(strpos($doc, '@param') === 0) + { + // syntax: @param type [$name] desc + if(preg_match('/@param\s+(\S+)(\s+\$\S+)?\s+(.+)/', $doc, $matches)) + { + if(strpos($matches[1], '|')) + { + //$paramDocs[$i]['type'] = explode('|', $matches[1]); + $paramDocs[$i]['type'] = 'mixed'; + } + else + { + $paramDocs[$i]['type'] = $matches[1]; + } + $paramDocs[$i]['name'] = trim($matches[2]); + $paramDocs[$i]['doc'] = $matches[3]; + } + $i++; + } + elseif(strpos($doc, '@return') === 0) + { + // syntax: @return type desc + //$returns = preg_split('/\s+/', $doc); + if(preg_match('/@return\s+(\S+)\s+(.+)/', $doc, $matches)) + { + $returns = php_2_xmlrpc_type($matches[1]); + if(isset($matches[2])) + { + $returnsDocs = $matches[2]; + } + } + } + } + } + + // execute introspection of actual function prototype + $params = array(); + $i = 0; + foreach($func->getParameters() as $paramobj) + { + $params[$i] = array(); + $params[$i]['name'] = '$'.$paramobj->getName(); + $params[$i]['isoptional'] = $paramobj->isOptional(); + $i++; + } + + + // start building of PHP code to be eval'd + $innercode = ''; + $i = 0; + $parsvariations = array(); + $pars = array(); + $pnum = count($params); + foreach($params as $param) + { + if (isset($paramDocs[$i]['name']) && $paramDocs[$i]['name'] && strtolower($paramDocs[$i]['name']) != strtolower($param['name'])) + { + // param name from phpdoc info does not match param definition! + $paramDocs[$i]['type'] = 'mixed'; + } + + if($param['isoptional']) + { + // this particular parameter is optional. save as valid previous list of parameters + $innercode .= "if (\$paramcount > $i) {\n"; + $parsvariations[] = $pars; + } + $innercode .= "\$p$i = \$msg->getParam($i);\n"; + if ($decode_php_objects) + { + $innercode .= "if (\$p{$i}->kindOf() == 'scalar') \$p$i = \$p{$i}->scalarval(); else \$p$i = php_{$prefix}_decode(\$p$i, array('decode_php_objs'));\n"; + } + else + { + $innercode .= "if (\$p{$i}->kindOf() == 'scalar') \$p$i = \$p{$i}->scalarval(); else \$p$i = php_{$prefix}_decode(\$p$i);\n"; + } + + $pars[] = "\$p$i"; + $i++; + if($param['isoptional']) + { + $innercode .= "}\n"; + } + if($i == $pnum) + { + // last allowed parameters combination + $parsvariations[] = $pars; + } + } + + $sigs = array(); + $psigs = array(); + if(count($parsvariations) == 0) + { + // only known good synopsis = no parameters + $parsvariations[] = array(); + $minpars = 0; + } + else + { + $minpars = count($parsvariations[0]); + } + + if($minpars) + { + // add to code the check for min params number + // NB: this check needs to be done BEFORE decoding param values + $innercode = "\$paramcount = \$msg->getNumParams();\n" . + "if (\$paramcount < $minpars) return new {$prefix}resp(0, ".PhpXmlRpc::$xmlrpcerr['incorrect_params'].", '".PhpXmlRpc::$xmlrpcerr['incorrect_params']."');\n" . $innercode; + } + else + { + $innercode = "\$paramcount = \$msg->getNumParams();\n" . $innercode; + } + + $innercode .= "\$np = false;\n"; + // since there are no closures in php, if we are given an object instance, + // we store a pointer to it in a global var... + if ( is_array($funcname) && is_object($funcname[0]) ) + { + $GLOBALS['xmlrpcWPFObjHolder'][$xmlrpcfuncname] =& $funcname[0]; + $innercode .= "\$obj =& \$GLOBALS['xmlrpcWPFObjHolder']['$xmlrpcfuncname'];\n"; + $realfuncname = '$obj->'.$funcname[1]; + } + else + { + $realfuncname = $plainfuncname; + } + foreach($parsvariations as $pars) + { + $innercode .= "if (\$paramcount == " . count($pars) . ") \$retval = {$catch_warnings}$realfuncname(" . implode(',', $pars) . "); else\n"; + // build a 'generic' signature (only use an appropriate return type) + $sig = array($returns); + $psig = array($returnsDocs); + for($i=0; $i < count($pars); $i++) + { + if (isset($paramDocs[$i]['type'])) + { + $sig[] = $this->php_2_xmlrpc_type($paramDocs[$i]['type']); + } + else + { + $sig[] = Value::$xmlrpcValue; + } + $psig[] = isset($paramDocs[$i]['doc']) ? $paramDocs[$i]['doc'] : ''; + } + $sigs[] = $sig; + $psigs[] = $psig; + } + $innercode .= "\$np = true;\n"; + $innercode .= "if (\$np) return new {$prefix}resp(0, ".PhpXmlRpc::$xmlrpcerr['incorrect_params'].", '".PhpXmlRpc::$xmlrpcerr['incorrect_params']."'); else {\n"; + //$innercode .= "if (\$_xmlrpcs_error_occurred) return new Response(0, $GLOBALS['xmlrpcerr']user, \$_xmlrpcs_error_occurred); else\n"; + $innercode .= "if (is_a(\$retval, '{$prefix}resp')) return \$retval; else\n"; + if($returns == Value::$xmlrpcDateTime || $returns == Value::$xmlrpcBase64) + { + $innercode .= "return new {$prefix}resp(new {$prefix}val(\$retval, '$returns'));"; + } + else + { + if ($encode_php_objects) + $innercode .= "return new {$prefix}resp(php_{$prefix}_encode(\$retval, array('encode_php_objs')));\n"; + else + $innercode .= "return new {$prefix}resp(php_{$prefix}_encode(\$retval));\n"; + } + // shall we exclude functions returning by ref? + // if($func->returnsReference()) + // return false; + $code = "function $xmlrpcfuncname(\$msg) {\n" . $innercode . "}\n}"; + //print_r($code); + if ($buildit) + { + $allOK = 0; + eval($code.'$allOK=1;'); + // alternative + //$xmlrpcfuncname = create_function('$m', $innercode); + + if(!$allOK) + { + error_log('XML-RPC: could not create function '.$xmlrpcfuncname.' to wrap php function '.$plainfuncname); + return false; + } + } + + /// @todo examine if $paramDocs matches $parsvariations and build array for + /// usage as method signature, plus put together a nice string for docs + + $ret = array('function' => $xmlrpcfuncname, 'signature' => $sigs, 'docstring' => $desc, 'signature_docs' => $psigs, 'source' => $code); + return $ret; + } + } + + /** + * Given a user-defined PHP class or php object, map its methods onto a list of + * PHP 'wrapper' functions that can be exposed as xmlrpc methods from an xmlrpc_server + * object and called from remote clients (as well as their corresponding signature info). + * + * @param mixed $classname the name of the class whose methods are to be exposed as xmlrpc methods, or an object instance of that class + * @param array $extra_options see the docs for wrap_php_method for more options + * string method_type 'static', 'nonstatic', 'all' and 'auto' (default); the latter will switch between static and non-static depending on wheter $classname is a class name or object instance + * @return array or false on failure + * + * @todo get_class_methods will return both static and non-static methods. + * we have to differentiate the action, depending on wheter we recived a class name or object + */ + public function wrap_php_class($classname, $extra_options=array()) + { + $methodfilter = isset($extra_options['method_filter']) ? $extra_options['method_filter'] : ''; + $methodtype = isset($extra_options['method_type']) ? $extra_options['method_type'] : 'auto'; + + $result = array(); + $mlist = get_class_methods($classname); + foreach($mlist as $mname) + { + if ($methodfilter == '' || preg_match($methodfilter, $mname)) + { + // echo $mlist."\n"; + $func = new ReflectionMethod($classname, $mname); + if(!$func->isPrivate() && !$func->isProtected() && !$func->isConstructor() && !$func->isDestructor() && !$func->isAbstract()) + { + if(($func->isStatic && ($methodtype == 'all' || $methodtype == 'static' || ($methodtype == 'auto' && is_string($classname)))) || + (!$func->isStatic && ($methodtype == 'all' || $methodtype == 'nonstatic' || ($methodtype == 'auto' && is_object($classname))))) + { + $methodwrap = wrap_php_function(array($classname, $mname), '', $extra_options); + if ( $methodwrap ) + { + $result[$methodwrap['function']] = $methodwrap['function']; + } + } + } + } + } + return $result; + } + + /** + * Given an xmlrpc client and a method name, register a php wrapper function + * that will call it and return results using native php types for both + * params and results. The generated php function will return an xmlrpcresp + * object for failed xmlrpc calls + * + * Known limitations: + * - server must support system.methodsignature for the wanted xmlrpc method + * - for methods that expose many signatures, only one can be picked (we + * could in principle check if signatures differ only by number of params + * and not by type, but it would be more complication than we can spare time) + * - nested xmlrpc params: the caller of the generated php function has to + * encode on its own the params passed to the php function if these are structs + * or arrays whose (sub)members include values of type datetime or base64 + * + * Notes: the connection properties of the given client will be copied + * and reused for the connection used during the call to the generated + * php function. + * Calling the generated php function 'might' be slow: a new xmlrpc client + * is created on every invocation and an xmlrpc-connection opened+closed. + * An extra 'debug' param is appended to param list of xmlrpc method, useful + * for debugging purposes. + * + * @param xmlrpc_client $client an xmlrpc client set up correctly to communicate with target server + * @param string $methodname the xmlrpc method to be mapped to a php function + * @param array $extra_options array of options that specify conversion details. valid options include + * integer signum the index of the method signature to use in mapping (if method exposes many sigs) + * integer timeout timeout (in secs) to be used when executing function/calling remote method + * string protocol 'http' (default), 'http11' or 'https' + * string new_function_name the name of php function to create. If unspecified, lib will pick an appropriate name + * string return_source if true return php code w. function definition instead fo function name + * bool encode_php_objs let php objects be sent to server using the 'improved' xmlrpc notation, so server can deserialize them as php objects + * bool decode_php_objs --- WARNING !!! possible security hazard. only use it with trusted servers --- + * mixed return_on_fault a php value to be returned when the xmlrpc call fails/returns a fault response (by default the xmlrpcresp object is returned in this case). If a string is used, '%faultCode%' and '%faultString%' tokens will be substituted with actual error values + * bool debug set it to 1 or 2 to see debug results of querying server for method synopsis + * @return string the name of the generated php function (or false) - OR AN ARRAY... + */ + public function wrap_xmlrpc_method($client, $methodname, $extra_options=0, $timeout=0, $protocol='', $newfuncname='') + { + // mind numbing: let caller use sane calling convention (as per javadoc, 3 params), + // OR the 2.0 calling convention (no options) - we really love backward compat, don't we? + if (!is_array($extra_options)) + { + $signum = $extra_options; + $extra_options = array(); + } + else + { + $signum = isset($extra_options['signum']) ? (int)$extra_options['signum'] : 0; + $timeout = isset($extra_options['timeout']) ? (int)$extra_options['timeout'] : 0; + $protocol = isset($extra_options['protocol']) ? $extra_options['protocol'] : ''; + $newfuncname = isset($extra_options['new_function_name']) ? $extra_options['new_function_name'] : ''; + } + //$encode_php_objects = in_array('encode_php_objects', $extra_options); + //$verbatim_client_copy = in_array('simple_client_copy', $extra_options) ? 1 : + // in_array('build_class_code', $extra_options) ? 2 : 0; + + $encode_php_objects = isset($extra_options['encode_php_objs']) ? (bool)$extra_options['encode_php_objs'] : false; + $decode_php_objects = isset($extra_options['decode_php_objs']) ? (bool)$extra_options['decode_php_objs'] : false; + // it seems like the meaning of 'simple_client_copy' here is swapped wrt client_copy_mode later on... + $simple_client_copy = isset($extra_options['simple_client_copy']) ? (int)($extra_options['simple_client_copy']) : 0; + $buildit = isset($extra_options['return_source']) ? !($extra_options['return_source']) : true; + $prefix = isset($extra_options['prefix']) ? $extra_options['prefix'] : 'xmlrpc'; + if (isset($extra_options['return_on_fault'])) + { + $decode_fault = true; + $fault_response = $extra_options['return_on_fault']; + } + else + { + $decode_fault = false; + $fault_response = ''; + } + $debug = isset($extra_options['debug']) ? ($extra_options['debug']) : 0; + + $msgclass = $prefix.'msg'; + $valclass = $prefix.'val'; + $decodefunc = 'php_'.$prefix.'_decode'; + + $msg = new $msgclass('system.methodSignature'); + $msg->addparam(new $valclass($methodname)); + $client->setDebug($debug); + $response = $client->send($msg, $timeout, $protocol); + if($response->faultCode()) + { + error_log('XML-RPC: could not retrieve method signature from remote server for method '.$methodname); + return false; + } + else + { + $msig = $response->value(); + if ($client->return_type != 'phpvals') + { + $msig = $decodefunc($msig); + } + if(!is_array($msig) || count($msig) <= $signum) + { + error_log('XML-RPC: could not retrieve method signature nr.'.$signum.' from remote server for method '.$methodname); + return false; + } + else + { + // pick a suitable name for the new function, avoiding collisions + if($newfuncname != '') + { + $xmlrpcfuncname = $newfuncname; + } + else + { + // take care to insure that methodname is translated to valid + // php function name + $xmlrpcfuncname = $prefix.'_'.preg_replace(array('/\./', '/[^a-zA-Z0-9_\x7f-\xff]/'), + array('_', ''), $methodname); + } + while($buildit && function_exists($xmlrpcfuncname)) + { + $xmlrpcfuncname .= 'x'; + } + + $msig = $msig[$signum]; + $mdesc = ''; + // if in 'offline' mode, get method description too. + // in online mode, favour speed of operation + if(!$buildit) + { + $msg = new $msgclass('system.methodHelp'); + $msg->addparam(new $valclass($methodname)); + $response = $client->send($msg, $timeout, $protocol); + if (!$response->faultCode()) + { + $mdesc = $response->value(); + if ($client->return_type != 'phpvals') + { + $mdesc = $mdesc->scalarval(); + } + } + } + + $results = $this->build_remote_method_wrapper_code($client, $methodname, + $xmlrpcfuncname, $msig, $mdesc, $timeout, $protocol, $simple_client_copy, + $prefix, $decode_php_objects, $encode_php_objects, $decode_fault, + $fault_response); + + //print_r($code); + if ($buildit) + { + $allOK = 0; + eval($results['source'].'$allOK=1;'); + // alternative + //$xmlrpcfuncname = create_function('$m', $innercode); + if($allOK) + { + return $xmlrpcfuncname; + } + else + { + error_log('XML-RPC: could not create function '.$xmlrpcfuncname.' to wrap remote method '.$methodname); + return false; + } + } + else + { + $results['function'] = $xmlrpcfuncname; + return $results; + } + } + } + } + + /** + * Similar to wrap_xmlrpc_method, but will generate a php class that wraps + * all xmlrpc methods exposed by the remote server as own methods. + * For more details see wrap_xmlrpc_method. + * @param xmlrpc_client $client the client obj all set to query the desired server + * @param array $extra_options list of options for wrapped code + * @return mixed false on error, the name of the created class if all ok or an array with code, class name and comments (if the appropriatevoption is set in extra_options) + */ + public function wrap_xmlrpc_server($client, $extra_options=array()) + { + $methodfilter = isset($extra_options['method_filter']) ? $extra_options['method_filter'] : ''; + //$signum = isset($extra_options['signum']) ? (int)$extra_options['signum'] : 0; + $timeout = isset($extra_options['timeout']) ? (int)$extra_options['timeout'] : 0; + $protocol = isset($extra_options['protocol']) ? $extra_options['protocol'] : ''; + $newclassname = isset($extra_options['new_class_name']) ? $extra_options['new_class_name'] : ''; + $encode_php_objects = isset($extra_options['encode_php_objs']) ? (bool)$extra_options['encode_php_objs'] : false; + $decode_php_objects = isset($extra_options['decode_php_objs']) ? (bool)$extra_options['decode_php_objs'] : false; + $verbatim_client_copy = isset($extra_options['simple_client_copy']) ? !($extra_options['simple_client_copy']) : true; + $buildit = isset($extra_options['return_source']) ? !($extra_options['return_source']) : true; + $prefix = isset($extra_options['prefix']) ? $extra_options['prefix'] : 'xmlrpc'; + + $msgclass = $prefix.'msg'; + //$valclass = $prefix.'val'; + $decodefunc = 'php_'.$prefix.'_decode'; + + $msg = new $msgclass('system.listMethods'); + $response = $client->send($msg, $timeout, $protocol); + if($response->faultCode()) + { + error_log('XML-RPC: could not retrieve method list from remote server'); + return false; + } + else + { + $mlist = $response->value(); + if ($client->return_type != 'phpvals') + { + $mlist = $decodefunc($mlist); + } + if(!is_array($mlist) || !count($mlist)) + { + error_log('XML-RPC: could not retrieve meaningful method list from remote server'); + return false; + } + else + { + // pick a suitable name for the new function, avoiding collisions + if($newclassname != '') + { + $xmlrpcclassname = $newclassname; + } + else + { + $xmlrpcclassname = $prefix.'_'.preg_replace(array('/\./', '/[^a-zA-Z0-9_\x7f-\xff]/'), + array('_', ''), $client->server).'_client'; + } + while($buildit && class_exists($xmlrpcclassname)) + { + $xmlrpcclassname .= 'x'; + } + + /// @todo add function setdebug() to new class, to enable/disable debugging + $source = "class $xmlrpcclassname\n{\nvar \$client;\n\n"; + $source .= "function $xmlrpcclassname()\n{\n"; + $source .= $this->build_client_wrapper_code($client, $verbatim_client_copy, $prefix); + $source .= "\$this->client =& \$client;\n}\n\n"; + $opts = array('simple_client_copy' => 2, 'return_source' => true, + 'timeout' => $timeout, 'protocol' => $protocol, + 'encode_php_objs' => $encode_php_objects, 'prefix' => $prefix, + 'decode_php_objs' => $decode_php_objects + ); + /// @todo build javadoc for class definition, too + foreach($mlist as $mname) + { + if ($methodfilter == '' || preg_match($methodfilter, $mname)) + { + $opts['new_function_name'] = preg_replace(array('/\./', '/[^a-zA-Z0-9_\x7f-\xff]/'), + array('_', ''), $mname); + $methodwrap = wrap_xmlrpc_method($client, $mname, $opts); + if ($methodwrap) + { + if (!$buildit) + { + $source .= $methodwrap['docstring']; + } + $source .= $methodwrap['source']."\n"; + } + else + { + error_log('XML-RPC: will not create class method to wrap remote method '.$mname); + } + } + } + $source .= "}\n"; + if ($buildit) + { + $allOK = 0; + eval($source.'$allOK=1;'); + // alternative + //$xmlrpcfuncname = create_function('$m', $innercode); + if($allOK) + { + return $xmlrpcclassname; + } + else + { + error_log('XML-RPC: could not create class '.$xmlrpcclassname.' to wrap remote server '.$client->server); + return false; + } + } + else + { + return array('class' => $xmlrpcclassname, 'code' => $source, 'docstring' => ''); + } + } + } + } + + /** + * Given the necessary info, build php code that creates a new function to + * invoke a remote xmlrpc method. + * Take care that no full checking of input parameters is done to ensure that + * valid php code is emitted. + * Note: real spaghetti code follows... + */ + protected function build_remote_method_wrapper_code($client, $methodname, $xmlrpcfuncname, + $msig, $mdesc='', $timeout=0, $protocol='', $client_copy_mode=0, $prefix='xmlrpc', + $decode_php_objects=false, $encode_php_objects=false, $decode_fault=false, + $fault_response='') + { + $code = "function $xmlrpcfuncname ("; + if ($client_copy_mode < 2) + { + // client copy mode 0 or 1 == partial / full client copy in emitted code + $innercode = $this->build_client_wrapper_code($client, $client_copy_mode, $prefix); + $innercode .= "\$client->setDebug(\$debug);\n"; + $this_ = ''; + } + else + { + // client copy mode 2 == no client copy in emitted code + $innercode = ''; + $this_ = 'this->'; + } + $innercode .= "\$msg = new {$prefix}msg('$methodname');\n"; + + if ($mdesc != '') + { + // take care that PHP comment is not terminated unwillingly by method description + $mdesc = "/**\n* ".str_replace('*/', '* /', $mdesc)."\n"; + } + else + { + $mdesc = "/**\nFunction $xmlrpcfuncname\n"; + } + + // param parsing + $plist = array(); + $pcount = count($msig); + for($i = 1; $i < $pcount; $i++) + { + $plist[] = "\$p$i"; + $ptype = $msig[$i]; + if($ptype == 'i4' || $ptype == 'int' || $ptype == 'boolean' || $ptype == 'double' || + $ptype == 'string' || $ptype == 'dateTime.iso8601' || $ptype == 'base64' || $ptype == 'null') + { + // only build directly xmlrpcvals when type is known and scalar + $innercode .= "\$p$i = new {$prefix}val(\$p$i, '$ptype');\n"; + } + else + { + if ($encode_php_objects) + { + $innercode .= "\$p$i = php_{$prefix}_encode(\$p$i, array('encode_php_objs'));\n"; + } + else + { + $innercode .= "\$p$i = php_{$prefix}_encode(\$p$i);\n"; + } + } + $innercode .= "\$msg->addparam(\$p$i);\n"; + $mdesc .= '* @param '.$this->xmlrpc_2_php_type($ptype)." \$p$i\n"; + } + if ($client_copy_mode < 2) + { + $plist[] = '$debug=0'; + $mdesc .= "* @param int \$debug when 1 (or 2) will enable debugging of the underlying {$prefix} call (defaults to 0)\n"; + } + $plist = implode(', ', $plist); + $mdesc .= '* @return '.$this->xmlrpc_2_php_type($msig[0])." (or an {$prefix}resp obj instance if call fails)\n*/\n"; + + $innercode .= "\$res = \${$this_}client->send(\$msg, $timeout, '$protocol');\n"; + if ($decode_fault) + { + if (is_string($fault_response) && ((strpos($fault_response, '%faultCode%') !== false) || (strpos($fault_response, '%faultString%') !== false))) + { + $respcode = "str_replace(array('%faultCode%', '%faultString%'), array(\$res->faultCode(), \$res->faultString()), '".str_replace("'", "''", $fault_response)."')"; + } + else + { + $respcode = var_export($fault_response, true); + } + } + else + { + $respcode = '$res'; + } + if ($decode_php_objects) + { + $innercode .= "if (\$res->faultcode()) return $respcode; else return php_{$prefix}_decode(\$res->value(), array('decode_php_objs'));"; + } + else + { + $innercode .= "if (\$res->faultcode()) return $respcode; else return php_{$prefix}_decode(\$res->value());"; + } + + $code = $code . $plist. ") {\n" . $innercode . "\n}\n"; + + return array('source' => $code, 'docstring' => $mdesc); + } + + /** + * Given necessary info, generate php code that will rebuild a client object + * Take care that no full checking of input parameters is done to ensure that + * valid php code is emitted. + */ + protected function build_client_wrapper_code($client, $verbatim_client_copy, $prefix='xmlrpc') + { + $code = "\$client = new {$prefix}_client('".str_replace("'", "\'", $client->path). + "', '" . str_replace("'", "\'", $client->server) . "', $client->port);\n"; + + // copy all client fields to the client that will be generated runtime + // (this provides for future expansion or subclassing of client obj) + if ($verbatim_client_copy) + { + foreach($client as $fld => $val) + { + if($fld != 'debug' && $fld != 'return_type') + { + $val = var_export($val, true); + $code .= "\$client->$fld = $val;\n"; + } + } + } + // only make sure that client always returns the correct data type + $code .= "\$client->return_type = '{$prefix}vals';\n"; + //$code .= "\$client->setDebug(\$debug);\n"; + return $code; + } + +} \ No newline at end of file diff --git a/test/testsuite.php b/test/testsuite.php index c1a111b5..34069e20 100644 --- a/test/testsuite.php +++ b/test/testsuite.php @@ -2,9 +2,11 @@ include_once(__DIR__.'/../vendor/autoload.php'); -include(__DIR__.'/parse_args.php'); +include_once(__DIR__.'/../lib/xmlrpc.inc'); +include_once(__DIR__.'/../lib/xmlrpcs.inc'); +include_once(__DIR__.'/../lib/xmlrpc_wrappers.inc'); -require_once(__DIR__.'/../lib/xmlrpc_wrappers.php'); +include(__DIR__.'/parse_args.php'); //require_once 'PHPUnit/TestDecorator.php'; diff --git a/test/verify_compat.php b/test/verify_compat.php index a9862c4d..c9c4ad24 100644 --- a/test/verify_compat.php +++ b/test/verify_compat.php @@ -19,7 +19,7 @@ function phpxmlrpc_verify_compat($mode='client') $ver = phpversion(); $tests['php_version'] = array(); $tests['php_version']['description'] = 'PHP version found: '.$ver.".\n\n"; - if (version_compare($ver, '5.1.0') < 0) + if (version_compare($ver, '5.3.0') < 0) { $tests['php_version']['status'] = 0; $tests['php_version']['description'] .= 'This version of PHP is not compatible with this release of the PHP XMLRPC library. Please upgrade to php 5.1.0 or later'; @@ -66,7 +66,7 @@ function phpxmlrpc_verify_compat($mode='client') $ver = phpversion(); $tests['php_version'] = array(); $tests['php_version']['description'] = 'PHP version found: '.$ver.".\n\n"; - if (version_compare($ver, '5.1.0') < 0) + if (version_compare($ver, '5.3.0') < 0) { $tests['php_version']['status'] = 0; $tests['php_version']['description'] .= 'This version of PHP is not compatible with the PHP XMLRPC library. Please upgrade to 5.1.0 or later'; @@ -142,7 +142,7 @@ function phpxmlrpc_verify_compat($mode='client')

PHPXMLRPC compatibility assessment with the current PHP install

-

For phpxmlrpc version 3.0 or later

+

For phpxmlrpc version 4.0 or later

Server usage