tonyair/silverstripe-blog
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-blog synced 2024-10-22 11:05:58 +02:00
Code Issues Projects Releases Wiki Activity

FEATURE: Preliminary MetaWeblog support

Browse Source
This commit is contained in:
Andrew O'Neil 2009-11-30 11:04:26 +00:00
parent 67b159eab8
commit 5220e06737
11 changed files with 5971 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
_config.php
View File

@ -1,3 +1,7 @@
<?php
Director::addRules(10, array(
'metaweblog' => 'MetaWeblogController'
));
?>

1
code/BlogHolder.php
View File

@ -131,6 +131,7 @@ class BlogHolder_Controller extends BlogTree_Controller {
static $allowed_actions = array(
'index',
'tag',
'metaweblog',
'postblog' => 'BLOGMANAGEMENT',
'post' => 'BLOGMANAGEMENT',
'BlogEntryForm' => 'BLOGMANAGEMENT',

106
code/MetaWeblogController.php Normal file
View File

@ -0,0 +1,106 @@
<?php
require_once(BASE_PATH . '/blog/thirdparty/xmlrpc/xmlrpc.php');
require_once(BASE_PATH . '/blog/thirdparty/xmlrpc/xmlrpcs.php');
require_once(BASE_PATH . '/blog/thirdparty/xmlrpc/xmlrpc_wrappers.php');
/**
* MetaWeblogController provides the MetaWeblog API for SilverStripe blogs.
*/
class MetaWeblogController extends Controller {
function index($request) {
Debug::log(Debug::text($request));
// Create an xmlrpc server, and set up the method calls
$service = new xmlrpc_server(array(
"blogger.getUsersBlogs" => array(
"function" => array($this, "getUsersBlogs")
),
"metaWeblog.getRecentPosts" => array(
'function' => array($this, 'getRecentPosts')
),
'metaWeblog.getCategories' => array(
'function' => array($this, 'getCategories')
)
), false);
// Use nice php functions, and call the service
$service->functions_parameters_type = 'phpvals';
$service->service();
// Tell SilverStripe not to try render a template
return false;
}
/**
* Get a list of BlogHolders the user has access to.
*/
function getUsersBlogs($appkey, $username, $password) {
$member = MemberAuthenticator::authenticate(array(
'Email' => $username,
'Password' => $password,
));
// TODO Throw approriate error.
if(!$member) die();
$blogholders = DataObject::get('BlogHolder');
$response = array();
foreach($blogholders as $bh) {
if(!$bh->canAddChildren($member)) continue;
$bgarr = array();
$bgarr['url'] = $bh->AbsoluteLink();
$bgarr['blogid'] = (int) $bh->ID;
$bgarr['blogname'] = $bh->Title;
$response[] = $bgarr;
}
return $response;
}
/**
* Get the most recent posts on a blog.
*/
function getRecentPosts($blogid, $username, $password, $numberOfPosts) {
$member = MemberAuthenticator::authenticate(array(
'Email' => $username,
'Password' => $password,
));
// TODO Throw approriate error.
if(!$member) die();
$posts = DataObject::get('BlogEntry', '"ParentID" = ' . (int) $blogid, '"Date" DESC');
$res = array();
$postsSoFar = 0;
foreach($posts as $post) {
if(!$post->canEdit($member)) continue;
$parr = array();
$parr['title'] = $post->Title;
$parr['link'] = $post->AbsoluteLink();
$parr['description'] = $post->Content;
$parr['postid'] = (int) $post->ID;
$res[] = $parr;
if(++$postsSoFar >= $numberOfPosts) break;
}
return $res;
}
function getCategories() {
//TODO dummy function
return array();
}
}
?>

0
code/ArchiveWidget.php → code/widgets/ArchiveWidget.php
View File

0
code/BlogManagementWidget.php → code/widgets/BlogManagementWidget.php
View File

0
code/RSSWidget.php → code/widgets/RSSWidget.php
View File

0
code/SubscribeRSSWidget.php → code/widgets/SubscribeRSSWidget.php
View File

0
code/TagCloudWidget.php → code/widgets/TagCloudWidget.php
View File

3718
thirdparty/xmlrpc/xmlrpc.php vendored Normal file
View File

@ -0,0 +1,3718 @@
<?php
// by Edd Dumbill (C) 1999-2002
// <edd@usefulinc.com>
// $Id: xmlrpc.inc,v 1.174 2009/03/16 19:36:38 ggiunta Exp $
// Copyright (c) 1999,2000,2002 Edd Dumbill.
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions
// are met:
//
// * Redistributions of source code must retain the above copyright
// notice, this list of conditions and the following disclaimer.
//
// * Redistributions in binary form must reproduce the above
// copyright notice, this list of conditions and the following
// disclaimer in the documentation and/or other materials provided
// with the distribution.
//
// * Neither the name of the "XML-RPC for PHP" nor the names of its
// contributors may be used to endorse or promote products derived
// from this software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
// REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
// OF THE POSSIBILITY OF SUCH DAMAGE.
if(!function_exists('xml_parser_create'))
{
// For PHP 4 onward, XML functionality is always compiled-in on windows:
// no more need to dl-open it. It might have been compiled out on *nix...
if(strtoupper(substr(PHP_OS, 0, 3) != 'WIN'))
{
dl('xml.so');
}
}
// Try to be backward compat with php < 4.2 (are we not being nice ?)
$phpversion = phpversion();
if($phpversion[0] == '4' && $phpversion[2] < 2)
{
// give an opportunity to user to specify where to include other files from
if(!defined('PHP_XMLRPC_COMPAT_DIR'))
{
define('PHP_XMLRPC_COMPAT_DIR',dirname(__FILE__).'/compat/');
}
if($phpversion[2] == '0')
{
if($phpversion[4] < 6)
{
include(PHP_XMLRPC_COMPAT_DIR.'is_callable.php');
}
include(PHP_XMLRPC_COMPAT_DIR.'is_scalar.php');
include(PHP_XMLRPC_COMPAT_DIR.'array_key_exists.php');
include(PHP_XMLRPC_COMPAT_DIR.'version_compare.php');
}
include(PHP_XMLRPC_COMPAT_DIR.'var_export.php');
include(PHP_XMLRPC_COMPAT_DIR.'is_a.php');
}
// G. Giunta 2005/01/29: declare global these variables,
// so that xmlrpc.inc will work even if included from within a function
// Milosch: 2005/08/07 - explicitly request these via $GLOBALS where used.
$GLOBALS['xmlrpcI4']='i4';
$GLOBALS['xmlrpcInt']='int';
$GLOBALS['xmlrpcBoolean']='boolean';
$GLOBALS['xmlrpcDouble']='double';
$GLOBALS['xmlrpcString']='string';
$GLOBALS['xmlrpcDateTime']='dateTime.iso8601';
$GLOBALS['xmlrpcBase64']='base64';
$GLOBALS['xmlrpcArray']='array';
$GLOBALS['xmlrpcStruct']='struct';
$GLOBALS['xmlrpcValue']='undefined';
$GLOBALS['xmlrpcTypes']=array(
$GLOBALS['xmlrpcI4'] => 1,
$GLOBALS['xmlrpcInt'] => 1,
$GLOBALS['xmlrpcBoolean'] => 1,
$GLOBALS['xmlrpcString'] => 1,
$GLOBALS['xmlrpcDouble'] => 1,
$GLOBALS['xmlrpcDateTime'] => 1,
$GLOBALS['xmlrpcBase64'] => 1,
$GLOBALS['xmlrpcArray'] => 2,
$GLOBALS['xmlrpcStruct'] => 3
);
$GLOBALS['xmlrpc_valid_parents'] = array(
'VALUE' => array('MEMBER', 'DATA', 'PARAM', 'FAULT'),
'BOOLEAN' => array('VALUE'),
'I4' => array('VALUE'),
'INT' => array('VALUE'),
'STRING' => array('VALUE'),
'DOUBLE' => array('VALUE'),
'DATETIME.ISO8601' => array('VALUE'),
'BASE64' => array('VALUE'),
'MEMBER' => array('STRUCT'),
'NAME' => array('MEMBER'),
'DATA' => array('ARRAY'),
'ARRAY' => array('VALUE'),
'STRUCT' => array('VALUE'),
'PARAM' => array('PARAMS'),
'METHODNAME' => array('METHODCALL'),
'PARAMS' => array('METHODCALL', 'METHODRESPONSE'),
'FAULT' => array('METHODRESPONSE'),
'NIL' => array('VALUE') // only used when extension activated
);
// define extra types for supporting NULL (useful for json or <NIL/>)
$GLOBALS['xmlrpcNull']='null';
$GLOBALS['xmlrpcTypes']['null']=1;
// Not in use anymore since 2.0. Shall we remove it?
/// @deprecated
$GLOBALS['xmlEntities']=array(
'amp' => '&',
'quot' => '"',
'lt' => '<',
'gt' => '>',
'apos' => "'"
);
// tables used for transcoding different charsets into us-ascii xml
$GLOBALS['xml_iso88591_Entities']=array();
$GLOBALS['xml_iso88591_Entities']['in'] = array();
$GLOBALS['xml_iso88591_Entities']['out'] = array();
for ($i = 0; $i < 32; $i++)
{
$GLOBALS['xml_iso88591_Entities']['in'][] = chr($i);
$GLOBALS['xml_iso88591_Entities']['out'][] = '&#'.$i.';';
}
for ($i = 160; $i < 256; $i++)
{
$GLOBALS['xml_iso88591_Entities']['in'][] = chr($i);
$GLOBALS['xml_iso88591_Entities']['out'][] = '&#'.$i.';';
}
/// @todo add to iso table the characters from cp_1252 range, i.e. 128 to 159?
/// These will NOT be present in true ISO-8859-1, but will save the unwary
/// windows user from sending junk (though no luck when reciving them...)
/*
$GLOBALS['xml_cp1252_Entities']=array();
for ($i = 128; $i < 160; $i++)
{
$GLOBALS['xml_cp1252_Entities']['in'][] = chr($i);
}
$GLOBALS['xml_cp1252_Entities']['out'] = array(
'&#x20AC;', '?', '&#x201A;', '&#x0192;',
'&#x201E;', '&#x2026;', '&#x2020;', '&#x2021;',
'&#x02C6;', '&#x2030;', '&#x0160;', '&#x2039;',
'&#x0152;', '?', '&#x017D;', '?',
'?', '&#x2018;', '&#x2019;', '&#x201C;',
'&#x201D;', '&#x2022;', '&#x2013;', '&#x2014;',
'&#x02DC;', '&#x2122;', '&#x0161;', '&#x203A;',
'&#x0153;', '?', '&#x017E;', '&#x0178;'
);
*/
$GLOBALS['xmlrpcerr'] = array(
'unknown_method'=>1,
'invalid_return'=>2,
'incorrect_params'=>3,
'introspect_unknown'=>4,
'http_error'=>5,
'no_data'=>6,
'no_ssl'=>7,
'curl_fail'=>8,
'invalid_request'=>15,
'no_curl'=>16,
'server_error'=>17,
'multicall_error'=>18,
'multicall_notstruct'=>9,
'multicall_nomethod'=>10,
'multicall_notstring'=>11,
'multicall_recursion'=>12,
'multicall_noparams'=>13,
'multicall_notarray'=>14,
'cannot_decompress'=>103,
'decompress_fail'=>104,
'dechunk_fail'=>105,
'server_cannot_decompress'=>106,
'server_decompress_fail'=>107
);
$GLOBALS['xmlrpcstr'] = array(
'unknown_method'=>'Unknown method',
'invalid_return'=>'Invalid return payload: enable debugging to examine incoming payload',
'incorrect_params'=>'Incorrect parameters passed to method',
'introspect_unknown'=>"Can't introspect: method unknown",
'http_error'=>"Didn't receive 200 OK from remote server.",
'no_data'=>'No data received from server.',
'no_ssl'=>'No SSL support compiled in.',
'curl_fail'=>'CURL error',
'invalid_request'=>'Invalid request payload',
'no_curl'=>'No CURL support compiled in.',
'server_error'=>'Internal server error',
'multicall_error'=>'Received from server invalid multicall response',
'multicall_notstruct'=>'system.multicall expected struct',
'multicall_nomethod'=>'missing methodName',
'multicall_notstring'=>'methodName is not a string',
'multicall_recursion'=>'recursive system.multicall forbidden',
'multicall_noparams'=>'missing params',
'multicall_notarray'=>'params is not an array',
'cannot_decompress'=>'Received from server compressed HTTP and cannot decompress',
'decompress_fail'=>'Received from server invalid compressed HTTP',
'dechunk_fail'=>'Received from server invalid chunked HTTP',
'server_cannot_decompress'=>'Received from client compressed HTTP request and cannot decompress',
'server_decompress_fail'=>'Received from client invalid compressed HTTP request'
);
// The charset encoding used by the server for received messages and
// by the client for received responses when received charset cannot be determined
// or is not supported
$GLOBALS['xmlrpc_defencoding']='UTF-8';
// The encoding used internally by PHP.
// String values received as xml will be converted to this, and php strings will be converted to xml
// as if having been coded with this
$GLOBALS['xmlrpc_internalencoding']='ISO-8859-1';
$GLOBALS['xmlrpcName']='XML-RPC for PHP';
$GLOBALS['xmlrpcVersion']='2.2.2';
// let user errors start at 800
$GLOBALS['xmlrpcerruser']=800;
// let XML parse errors start at 100
$GLOBALS['xmlrpcerrxml']=100;
// formulate backslashes for escaping regexp
// Not in use anymore since 2.0. Shall we remove it?
/// @deprecated
$GLOBALS['xmlrpc_backslash']=chr(92).chr(92);
// set to TRUE to enable correct decoding of <NIL/> values
$GLOBALS['xmlrpc_null_extension']=false;
// used to store state during parsing
// quick explanation of components:
// ac - used to accumulate values
// isf - used to indicate a parsing fault (2) or xmlrpcresp fault (1)
// isf_reason - used for storing xmlrpcresp fault string
// lv - used to indicate "looking for a value": implements
// the logic to allow values with no types to be strings
// params - used to store parameters in method calls
// method - used to store method name
// stack - array with genealogy of xml elements names:
// used to validate nesting of xmlrpc elements
$GLOBALS['_xh']=null;
/**
* Convert a string to the correct XML representation in a target charset
* To help correct communication of non-ascii chars inside strings, regardless
* of the charset used when sending requests, parsing them, sending responses
* and parsing responses, an option is to convert all non-ascii chars present in the message
* into their equivalent 'charset entity'. Charset entities enumerated this way
* are independent of the charset encoding used to transmit them, and all XML
* parsers are bound to understand them.
* Note that in the std case we are not sending a charset encoding mime type
* along with http headers, so we are bound by RFC 3023 to emit strict us-ascii.
*
* @todo do a bit of basic benchmarking (strtr vs. str_replace)
* @todo make usage of iconv() or recode_string() or mb_string() where available
*/
function xmlrpc_encode_entitites($data, $src_encoding='', $dest_encoding='')
{
if ($src_encoding == '')
{
// lame, but we know no better...
$src_encoding = $GLOBALS['xmlrpc_internalencoding'];
}
switch(strtoupper($src_encoding.'_'.$dest_encoding))
{
case 'ISO-8859-1_':
case 'ISO-8859-1_US-ASCII':
$escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&amp;', '&quot;', '&apos;', '&lt;', '&gt;'), $data);
$escaped_data = str_replace($GLOBALS['xml_iso88591_Entities']['in'], $GLOBALS['xml_iso88591_Entities']['out'], $escaped_data);
break;
case 'ISO-8859-1_UTF-8':
$escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&amp;', '&quot;', '&apos;', '&lt;', '&gt;'), $data);
$escaped_data = utf8_encode($escaped_data);
break;
case 'ISO-8859-1_ISO-8859-1':
case 'US-ASCII_US-ASCII':
case 'US-ASCII_UTF-8':
case 'US-ASCII_':
case 'US-ASCII_ISO-8859-1':
case 'UTF-8_UTF-8':
//case 'CP1252_CP1252':
$escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&amp;', '&quot;', '&apos;', '&lt;', '&gt;'), $data);
break;
case 'UTF-8_':
case 'UTF-8_US-ASCII':
case 'UTF-8_ISO-8859-1':
// NB: this will choke on invalid UTF-8, going most likely beyond EOF
$escaped_data = '';
// be kind to users creating string xmlrpcvals out of different php types
$data = (string) $data;
$ns = strlen ($data);
for ($nn = 0; $nn < $ns; $nn++)
{
$ch = $data[$nn];
$ii = ord($ch);
//1 7 0bbbbbbb (127)
if ($ii < 128)
{
/// @todo shall we replace this with a (supposedly) faster str_replace?
switch($ii){
case 34:
$escaped_data .= '&quot;';
break;
case 38:
$escaped_data .= '&amp;';
break;
case 39:
$escaped_data .= '&apos;';
break;
case 60:
$escaped_data .= '&lt;';
break;
case 62:
$escaped_data .= '&gt;';
break;
default:
$escaped_data .= $ch;
} // switch
}
//2 11 110bbbbb 10bbbbbb (2047)
else if ($ii>>5 == 6)
{
$b1 = ($ii & 31);
$ii = ord($data[$nn+1]);
$b2 = ($ii & 63);
$ii = ($b1 * 64) + $b2;
$ent = sprintf ('&#%d;', $ii);
$escaped_data .= $ent;
$nn += 1;
}
//3 16 1110bbbb 10bbbbbb 10bbbbbb
else if ($ii>>4 == 14)
{
$b1 = ($ii & 15);
$ii = ord($data[$nn+1]);
$b2 = ($ii & 63);
$ii = ord($data[$nn+2]);
$b3 = ($ii & 63);
$ii = ((($b1 * 64) + $b2) * 64) + $b3;
$ent = sprintf ('&#%d;', $ii);
$escaped_data .= $ent;
$nn += 2;
}
//4 21 11110bbb 10bbbbbb 10bbbbbb 10bbbbbb
else if ($ii>>3 == 30)
{
$b1 = ($ii & 7);
$ii = ord($data[$nn+1]);
$b2 = ($ii & 63);
$ii = ord($data[$nn+2]);
$b3 = ($ii & 63);
$ii = ord($data[$nn+3]);
$b4 = ($ii & 63);
$ii = ((((($b1 * 64) + $b2) * 64) + $b3) * 64) + $b4;
$ent = sprintf ('&#%d;', $ii);
$escaped_data .= $ent;
$nn += 3;
}
}
break;
/*
case 'CP1252_':
case 'CP1252_US-ASCII':
$escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&amp;', '&quot;', '&apos;', '&lt;', '&gt;'), $data);
$escaped_data = str_replace($GLOBALS['xml_iso88591_Entities']['in'], $GLOBALS['xml_iso88591_Entities']['out'], $escaped_data);
$escaped_data = str_replace($GLOBALS['xml_cp1252_Entities']['in'], $GLOBALS['xml_cp1252_Entities']['out'], $escaped_data);
break;
case 'CP1252_UTF-8':
$escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&amp;', '&quot;', '&apos;', '&lt;', '&gt;'), $data);
/// @todo we could use real UTF8 chars here instead of xml entities... (note that utf_8 encode all allone will NOT convert them)
$escaped_data = str_replace($GLOBALS['xml_cp1252_Entities']['in'], $GLOBALS['xml_cp1252_Entities']['out'], $escaped_data);
$escaped_data = utf8_encode($escaped_data);
break;
case 'CP1252_ISO-8859-1':
$escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&amp;', '&quot;', '&apos;', '&lt;', '&gt;'), $data);
// we might as well replave all funky chars with a '?' here, but we are kind and leave it to the receiving application layer to decide what to do with these weird entities...
$escaped_data = str_replace($GLOBALS['xml_cp1252_Entities']['in'], $GLOBALS['xml_cp1252_Entities']['out'], $escaped_data);
break;
*/
default:
$escaped_data = '';
error_log("Converting from $src_encoding to $dest_encoding: not supported...");
}
return $escaped_data;
}
/// xml parser handler function for opening element tags
function xmlrpc_se($parser, $name, $attrs, $accept_single_vals=false)
{
// if invalid xmlrpc already detected, skip all processing
if ($GLOBALS['_xh']['isf'] < 2)
{
// check for correct element nesting
// top level element can only be of 2 types
/// @todo optimization creep: save this check into a bool variable, instead of using count() every time:
/// there is only a single top level element in xml anyway
if (count($GLOBALS['_xh']['stack']) == 0)
{
if ($name != 'METHODRESPONSE' && $name != 'METHODCALL' && (
$name != 'VALUE' && !$accept_single_vals))
{
$GLOBALS['_xh']['isf'] = 2;
$GLOBALS['_xh']['isf_reason'] = 'missing top level xmlrpc element';
return;
}
else
{
$GLOBALS['_xh']['rt'] = strtolower($name);
}
}
else
{
// not top level element: see if parent is OK
$parent = end($GLOBALS['_xh']['stack']);
if (!array_key_exists($name, $GLOBALS['xmlrpc_valid_parents']) || !in_array($parent, $GLOBALS['xmlrpc_valid_parents'][$name]))
{
$GLOBALS['_xh']['isf'] = 2;
$GLOBALS['_xh']['isf_reason'] = "xmlrpc element $name cannot be child of $parent";
return;
}
}
switch($name)
{
// optimize for speed switch cases: most common cases first
case 'VALUE':
/// @todo we could check for 2 VALUE elements inside a MEMBER or PARAM element
$GLOBALS['_xh']['vt']='value'; // indicator: no value found yet
$GLOBALS['_xh']['ac']='';
$GLOBALS['_xh']['lv']=1;
$GLOBALS['_xh']['php_class']=null;
break;
case 'I4':
case 'INT':
case 'STRING':
case 'BOOLEAN':
case 'DOUBLE':
case 'DATETIME.ISO8601':
case 'BASE64':
if ($GLOBALS['_xh']['vt']!='value')
{
//two data elements inside a value: an error occurred!
$GLOBALS['_xh']['isf'] = 2;
$GLOBALS['_xh']['isf_reason'] = "$name element following a {$GLOBALS['_xh']['vt']} element inside a single value";
return;
}
$GLOBALS['_xh']['ac']=''; // reset the accumulator
break;
case 'STRUCT':
case 'ARRAY':
if ($GLOBALS['_xh']['vt']!='value')
{
//two data elements inside a value: an error occurred!
$GLOBALS['_xh']['isf'] = 2;
$GLOBALS['_xh']['isf_reason'] = "$name element following a {$GLOBALS['_xh']['vt']} element inside a single value";
return;
}
// create an empty array to hold child values, and push it onto appropriate stack
$cur_val = array();
$cur_val['values'] = array();
$cur_val['type'] = $name;
// check for out-of-band information to rebuild php objs
// and in case it is found, save it
if (@isset($attrs['PHP_CLASS']))
{
$cur_val['php_class'] = $attrs['PHP_CLASS'];
}
$GLOBALS['_xh']['valuestack'][] = $cur_val;
$GLOBALS['_xh']['vt']='data'; // be prepared for a data element next
break;
case 'DATA':
if ($GLOBALS['_xh']['vt']!='data')
{
//two data elements inside a value: an error occurred!
$GLOBALS['_xh']['isf'] = 2;
$GLOBALS['_xh']['isf_reason'] = "found two data elements inside an array element";
return;
}
case 'METHODCALL':
case 'METHODRESPONSE':
case 'PARAMS':
// valid elements that add little to processing
break;
case 'METHODNAME':
case 'NAME':
/// @todo we could check for 2 NAME elements inside a MEMBER element
$GLOBALS['_xh']['ac']='';
break;
case 'FAULT':
$GLOBALS['_xh']['isf']=1;
break;
case 'MEMBER':
$GLOBALS['_xh']['valuestack'][count($GLOBALS['_xh']['valuestack'])-1]['name']=''; // set member name to null, in case we do not find in the xml later on
//$GLOBALS['_xh']['ac']='';
// Drop trough intentionally
case 'PARAM':
// clear value type, so we can check later if no value has been passed for this param/member
$GLOBALS['_xh']['vt']=null;
break;
case 'NIL':
if ($GLOBALS['xmlrpc_null_extension'])
{
if ($GLOBALS['_xh']['vt']!='value')
{
//two data elements inside a value: an error occurred!
$GLOBALS['_xh']['isf'] = 2;
$GLOBALS['_xh']['isf_reason'] = "$name element following a {$GLOBALS['_xh']['vt']} element inside a single value";
return;
}
$GLOBALS['_xh']['ac']=''; // reset the accumulator
break;
}
// we do not support the <NIL/> extension, so
// drop through intentionally
default:
/// INVALID ELEMENT: RAISE ISF so that it is later recognized!!!
$GLOBALS['_xh']['isf'] = 2;
$GLOBALS['_xh']['isf_reason'] = "found not-xmlrpc xml element $name";
break;
}
// Save current element name to stack, to validate nesting
$GLOBALS['_xh']['stack'][] = $name;
/// @todo optimization creep: move this inside the big switch() above
if($name!='VALUE')
{
$GLOBALS['_xh']['lv']=0;
}
}
}
/// Used in decoding xml chunks that might represent single xmlrpc values
function xmlrpc_se_any($parser, $name, $attrs)
{
xmlrpc_se($parser, $name, $attrs, true);
}
/// xml parser handler function for close element tags
function xmlrpc_ee($parser, $name, $rebuild_xmlrpcvals = true)
{
if ($GLOBALS['_xh']['isf'] < 2)
{
// push this element name from stack
// NB: if XML validates, correct opening/closing is guaranteed and
// we do not have to check for $name == $curr_elem.
// we also checked for proper nesting at start of elements...
$curr_elem = array_pop($GLOBALS['_xh']['stack']);
switch($name)
{
case 'VALUE':
// This if() detects if no scalar was inside <VALUE></VALUE>
if ($GLOBALS['_xh']['vt']=='value')
{
$GLOBALS['_xh']['value']=$GLOBALS['_xh']['ac'];
$GLOBALS['_xh']['vt']=$GLOBALS['xmlrpcString'];
}
if ($rebuild_xmlrpcvals)
{
// build the xmlrpc val out of the data received, and substitute it
$temp =& new xmlrpcval($GLOBALS['_xh']['value'], $GLOBALS['_xh']['vt']);
// in case we got info about underlying php class, save it
// in the object we're rebuilding
if (isset($GLOBALS['_xh']['php_class']))
$temp->_php_class = $GLOBALS['_xh']['php_class'];
// check if we are inside an array or struct:
// if value just built is inside an array, let's move it into array on the stack
$vscount = count($GLOBALS['_xh']['valuestack']);
if ($vscount && $GLOBALS['_xh']['valuestack'][$vscount-1]['type']=='ARRAY')
{
$GLOBALS['_xh']['valuestack'][$vscount-1]['values'][] = $temp;
}
else
{
$GLOBALS['_xh']['value'] = $temp;
}
}
else
{
/// @todo this needs to treat correctly php-serialized objects,
/// since std deserializing is done by php_xmlrpc_decode,
/// which we will not be calling...
if (isset($GLOBALS['_xh']['php_class']))
{
}
// check if we are inside an array or struct:
// if value just built is inside an array, let's move it into array on the stack
$vscount = count($GLOBALS['_xh']['valuestack']);
if ($vscount && $GLOBALS['_xh']['valuestack'][$vscount-1]['type']=='ARRAY')
{
$GLOBALS['_xh']['valuestack'][$vscount-1]['values'][] = $GLOBALS['_xh']['value'];
}
}
break;
case 'BOOLEAN':
case 'I4':
case 'INT':
case 'STRING':
case 'DOUBLE':
case 'DATETIME.ISO8601':
case 'BASE64':
$GLOBALS['_xh']['vt']=strtolower($name);
/// @todo: optimization creep - remove the if/elseif cycle below
/// since the case() in which we are already did that
if ($name=='STRING')
{
$GLOBALS['_xh']['value']=$GLOBALS['_xh']['ac'];
}
elseif ($name=='DATETIME.ISO8601')
{
if (!preg_match('/^[0-9]{8}T[0-9]{2}:[0-9]{2}:[0-9]{2}$/', $GLOBALS['_xh']['ac']))
{
error_log('XML-RPC: invalid value received in DATETIME: '.$GLOBALS['_xh']['ac']);
}
$GLOBALS['_xh']['vt']=$GLOBALS['xmlrpcDateTime'];
$GLOBALS['_xh']['value']=$GLOBALS['_xh']['ac'];
}
elseif ($name=='BASE64')
{
/// @todo check for failure of base64 decoding / catch warnings
$GLOBALS['_xh']['value']=base64_decode($GLOBALS['_xh']['ac']);
}
elseif ($name=='BOOLEAN')
{
// special case here: we translate boolean 1 or 0 into PHP
// constants true or false.
// Strings 'true' and 'false' are accepted, even though the
// spec never mentions them (see eg. Blogger api docs)
// NB: this simple checks helps a lot sanitizing input, ie no
// security problems around here
if ($GLOBALS['_xh']['ac']=='1' || strcasecmp($GLOBALS['_xh']['ac'], 'true') == 0)
{
$GLOBALS['_xh']['value']=true;
}
else
{
// log if receiveing something strange, even though we set the value to false anyway
if ($GLOBALS['_xh']['ac']!='0' && strcasecmp($GLOBALS['_xh']['ac'], 'false') != 0)
error_log('XML-RPC: invalid value received in BOOLEAN: '.$GLOBALS['_xh']['ac']);
$GLOBALS['_xh']['value']=false;
}
}
elseif ($name=='DOUBLE')
{
// we have a DOUBLE
// we must check that only 0123456789-.<space> are characters here
// NOTE: regexp could be much stricter than this...
if (!preg_match('/^[+-eE0123456789 \t.]+$/', $GLOBALS['_xh']['ac']))
{
/// @todo: find a better way of throwing an error than this!
error_log('XML-RPC: non numeric value received in DOUBLE: '.$GLOBALS['_xh']['ac']);
$GLOBALS['_xh']['value']='ERROR_NON_NUMERIC_FOUND';
}
else
{
// it's ok, add it on
$GLOBALS['_xh']['value']=(double)$GLOBALS['_xh']['ac'];
}
}
else
{
// we have an I4/INT
// we must check that only 0123456789-<space> are characters here
if (!preg_match('/^[+-]?[0123456789 \t]+$/', $GLOBALS['_xh']['ac']))
{
/// @todo find a better way of throwing an error than this!
error_log('XML-RPC: non numeric value received in INT: '.$GLOBALS['_xh']['ac']);
$GLOBALS['_xh']['value']='ERROR_NON_NUMERIC_FOUND';
}
else
{
// it's ok, add it on
$GLOBALS['_xh']['value']=(int)$GLOBALS['_xh']['ac'];
}
}
//$GLOBALS['_xh']['ac']=''; // is this necessary?
$GLOBALS['_xh']['lv']=3; // indicate we've found a value
break;
case 'NAME':
$GLOBALS['_xh']['valuestack'][count($GLOBALS['_xh']['valuestack'])-1]['name'] = $GLOBALS['_xh']['ac'];
break;
case 'MEMBER':
//$GLOBALS['_xh']['ac']=''; // is this necessary?
// add to array in the stack the last element built,
// unless no VALUE was found
if ($GLOBALS['_xh']['vt'])
{
$vscount = count($GLOBALS['_xh']['valuestack']);
$GLOBALS['_xh']['valuestack'][$vscount-1]['values'][$GLOBALS['_xh']['valuestack'][$vscount-1]['name']] = $GLOBALS['_xh']['value'];
} else
error_log('XML-RPC: missing VALUE inside STRUCT in received xml');
break;
case 'DATA':
//$GLOBALS['_xh']['ac']=''; // is this necessary?
$GLOBALS['_xh']['vt']=null; // reset this to check for 2 data elements in a row - even if they're empty
break;
case 'STRUCT':
case 'ARRAY':
// fetch out of stack array of values, and promote it to current value
$curr_val = array_pop($GLOBALS['_xh']['valuestack']);
$GLOBALS['_xh']['value'] = $curr_val['values'];
$GLOBALS['_xh']['vt']=strtolower($name);
if (isset($curr_val['php_class']))
{
$GLOBALS['_xh']['php_class'] = $curr_val['php_class'];
}
break;
case 'PARAM':
// add to array of params the current value,
// unless no VALUE was found
if ($GLOBALS['_xh']['vt'])
{
$GLOBALS['_xh']['params'][]=$GLOBALS['_xh']['value'];
$GLOBALS['_xh']['pt'][]=$GLOBALS['_xh']['vt'];
}
else
error_log('XML-RPC: missing VALUE inside PARAM in received xml');
break;
case 'METHODNAME':
$GLOBALS['_xh']['method']=preg_replace('/^[\n\r\t ]+/', '', $GLOBALS['_xh']['ac']);
break;
case 'NIL':
if ($GLOBALS['xmlrpc_null_extension'])
{
$GLOBALS['_xh']['vt']='null';
$GLOBALS['_xh']['value']=null;
$GLOBALS['_xh']['lv']=3;
break;
}
// drop through intentionally if nil extension not enabled
case 'PARAMS':
case 'FAULT':
case 'METHODCALL':
case 'METHORESPONSE':
break;
default:
// End of INVALID ELEMENT!
// shall we add an assert here for unreachable code???
break;
}
}
}
/// Used in decoding xmlrpc requests/responses without rebuilding xmlrpc values
function xmlrpc_ee_fast($parser, $name)
{
xmlrpc_ee($parser, $name, false);
}
/// xml parser handler function for character data
function xmlrpc_cd($parser, $data)
{
// skip processing if xml fault already detected
if ($GLOBALS['_xh']['isf'] < 2)
{
// "lookforvalue==3" means that we've found an entire value
// and should discard any further character data
if($GLOBALS['_xh']['lv']!=3)
{
// G. Giunta 2006-08-23: useless change of 'lv' from 1 to 2
//if($GLOBALS['_xh']['lv']==1)
//{
// if we've found text and we're just in a <value> then
// say we've found a value
//$GLOBALS['_xh']['lv']=2;
//}
// we always initialize the accumulator before starting parsing, anyway...
//if(!@isset($GLOBALS['_xh']['ac']))
//{
// $GLOBALS['_xh']['ac'] = '';
//}
$GLOBALS['_xh']['ac'].=$data;
}
}
}
/// xml parser handler function for 'other stuff', ie. not char data or
/// element start/end tag. In fact it only gets called on unknown entities...
function xmlrpc_dh($parser, $data)
{
// skip processing if xml fault already detected
if ($GLOBALS['_xh']['isf'] < 2)
{
if(substr($data, 0, 1) == '&' && substr($data, -1, 1) == ';')
{
// G. Giunta 2006-08-25: useless change of 'lv' from 1 to 2
//if($GLOBALS['_xh']['lv']==1)
//{
// $GLOBALS['_xh']['lv']=2;
//}
$GLOBALS['_xh']['ac'].=$data;
}
}
return true;
}
class xmlrpc_client
{
var $path;
var $server;
var $port=0;
var $method='http';
var $errno;
var $errstr;
var $debug=0;
var $username='';
var $password='';
var $authtype=1;
var $cert='';
var $certpass='';
var $cacert='';
var $cacertdir='';
var $key='';
var $keypass='';
var $verifypeer=true;
var $verifyhost=1;
var $no_multicall=false;
var $proxy='';
var $proxyport=0;
var $proxy_user='';
var $proxy_pass='';
var $proxy_authtype=1;
var $cookies=array();
/**
* List of http compression methods accepted by the client for responses.
* NB: PHP supports deflate, gzip compressions out of the box if compiled w. zlib
*
* NNB: you can set it to any non-empty array for HTTP11 and HTTPS, since
* in those cases it will be up to CURL to decide the compression methods
* it supports. You might check for the presence of 'zlib' in the output of
* curl_version() to determine wheter compression is supported or not
*/
var $accepted_compression = array();
/**
* Name of compression scheme to be used for sending requests.
* Either null, gzip or deflate
*/
var $request_compression = '';
/**
* CURL handle: used for keep-alive connections (PHP 4.3.8 up, see:
* http://curl.haxx.se/docs/faq.html#7.3)
*/
var $xmlrpc_curl_handle = null;
/// Wheter to use persistent connections for http 1.1 and https
var $keepalive = false;
/// Charset encodings that can be decoded without problems by the client
var $accepted_charset_encodings = array();
/// Charset encoding to be used in serializing request. NULL = use ASCII
var $request_charset_encoding = '';
/**
* Decides the content of xmlrpcresp objects returned by calls to send()
* valid strings are 'xmlrpcvals', 'phpvals' or 'xml'
*/
var $return_type = 'xmlrpcvals';
/**
* @param string $path either the complete server URL or the PATH part of the xmlrc server URL, e.g. /xmlrpc/server.php
* @param string $server the server name / ip address
* @param integer $port the port the server is listening on, defaults to 80 or 443 depending on protocol used
* @param string $method the http protocol variant: defaults to 'http', 'https' and 'http11' can be used if CURL is installed
*/
function xmlrpc_client($path, $server='', $port='', $method='')
{
// allow user to specify all params in $path
if($server == '' and $port == '' and $method == '')
{
$parts = parse_url($path);
$server = $parts['host'];
$path = isset($parts['path']) ? $parts['path'] : '';
if(isset($parts['query']))
{
$path .= '?'.$parts['query'];
}
if(isset($parts['fragment']))
{
$path .= '#'.$parts['fragment'];
}
if(isset($parts['port']))
{
$port = $parts['port'];
}
if(isset($parts['scheme']))
{
$method = $parts['scheme'];
}
if(isset($parts['user']))
{
$this->username = $parts['user'];
}
if(isset($parts['pass']))
{
$this->password = $parts['pass'];
}
}
if($path == '' || $path[0] != '/')
{
$this->path='/'.$path;
}
else
{
$this->path=$path;
}
$this->server=$server;
if($port != '')
{
$this->port=$port;
}
if($method != '')
{
$this->method=$method;
}
// if ZLIB is enabled, let the client by default accept compressed responses
if(function_exists('gzinflate') || (
function_exists('curl_init') && (($info = curl_version()) &&
((is_string($info) && strpos($info, 'zlib') !== null) || isset($info['libz_version'])))
))
{
$this->accepted_compression = array('gzip', 'deflate');
}
// keepalives: enabled by default ONLY for PHP >= 4.3.8
// (see http://curl.haxx.se/docs/faq.html#7.3)
if(version_compare(phpversion(), '4.3.8') >= 0)
{
$this->keepalive = true;
}
// by default the xml parser can support these 3 charset encodings
$this->accepted_charset_encodings = array('UTF-8', 'ISO-8859-1', 'US-ASCII');
}
/**
* Enables/disables the echoing to screen of the xmlrpc responses received
* @param integer $debug values 0, 1 and 2 are supported (2 = echo sent msg too, before received response)
* @access public
*/
function setDebug($in)
{
$this->debug=$in;
}
/**
* Add some http BASIC AUTH credentials, used by the client to authenticate
* @param string $u username
* @param string $p password
* @param integer $t auth type. See curl_setopt man page for supported auth types. Defaults to CURLAUTH_BASIC (basic auth)
* @access public
*/
function setCredentials($u, $p, $t=1)
{
$this->username=$u;
$this->password=$p;
$this->authtype=$t;
}
/**
* Add a client-side https certificate
* @param string $cert
* @param string $certpass
* @access public
*/
function setCertificate($cert, $certpass)
{
$this->cert = $cert;
$this->certpass = $certpass;
}
/**
* Add a CA certificate to verify server with (see man page about
* CURLOPT_CAINFO for more details
* @param string $cacert certificate file name (or dir holding certificates)
* @param bool $is_dir set to true to indicate cacert is a dir. defaults to false
* @access public
*/
function setCaCertificate($cacert, $is_dir=false)
{
if ($is_dir)
{
$this->cacertdir = $cacert;
}
else
{
$this->cacert = $cacert;
}
}
/**
* Set attributes for SSL communication: private SSL key
* NB: does not work in older php/curl installs
* Thanks to Daniel Convissor
* @param string $key The name of a file containing a private SSL key
* @param string $keypass The secret password needed to use the private SSL key
* @access public
*/
function setKey($key, $keypass)
{
$this->key = $key;
$this->keypass = $keypass;
}
/**
* Set attributes for SSL communication: verify server certificate
* @param bool $i enable/disable verification of peer certificate
* @access public
*/
function setSSLVerifyPeer($i)
{
$this->verifypeer = $i;
}
/**
* Set attributes for SSL communication: verify match of server cert w. hostname
* @param int $i
* @access public
*/
function setSSLVerifyHost($i)
{
$this->verifyhost = $i;
}
/**
* Set proxy info
* @param string $proxyhost
* @param string $proxyport Defaults to 8080 for HTTP and 443 for HTTPS
* @param string $proxyusername Leave blank if proxy has public access
* @param string $proxypassword Leave blank if proxy has public access
* @param int $proxyauthtype set to constant CURLAUTH_NTLM to use NTLM auth with proxy
* @access public
*/
function setProxy($proxyhost, $proxyport, $proxyusername = '', $proxypassword = '', $proxyauthtype = 1)
{
$this->proxy = $proxyhost;
$this->proxyport = $proxyport;
$this->proxy_user = $proxyusername;
$this->proxy_pass = $proxypassword;
$this->proxy_authtype = $proxyauthtype;
}
/**
* Enables/disables reception of compressed xmlrpc responses.
* Note that enabling reception of compressed responses merely adds some standard
* http headers to xmlrpc requests. It is up to the xmlrpc server to return
* compressed responses when receiving such requests.
* @param string $compmethod either 'gzip', 'deflate', 'any' or ''
* @access public
*/
function setAcceptedCompression($compmethod)
{
if ($compmethod == 'any')
$this->accepted_compression = array('gzip', 'deflate');
else
$this->accepted_compression = array($compmethod);
}
/**
* Enables/disables http compression of xmlrpc request.
* Take care when sending compressed requests: servers might not support them
* (and automatic fallback to uncompressed requests is not yet implemented)
* @param string $compmethod either 'gzip', 'deflate' or ''
* @access public
*/
function setRequestCompression($compmethod)
{
$this->request_compression = $compmethod;
}
/**
* Adds a cookie to list of cookies that will be sent to server.
* NB: setting any param but name and value will turn the cookie into a 'version 1' cookie:
* do not do it unless you know what you are doing
* @param string $name
* @param string $value
* @param string $path
* @param string $domain
* @param int $port
* @access public
*
* @todo check correctness of urlencoding cookie value (copied from php way of doing it...)
*/
function setCookie($name, $value='', $path='', $domain='', $port=null)
{
$this->cookies[$name]['value'] = urlencode($value);
if ($path || $domain || $port)
{
$this->cookies[$name]['path'] = $path;
$this->cookies[$name]['domain'] = $domain;
$this->cookies[$name]['port'] = $port;
$this->cookies[$name]['version'] = 1;
}
else
{
$this->cookies[$name]['version'] = 0;
}
}
/**
* Send an xmlrpc request
* @param mixed $msg The message object, or an array of messages for using multicall, or the complete xml representation of a request
* @param integer $timeout Connection timeout, in seconds, If unspecified, a platform specific timeout will apply
* @param string $method if left unspecified, the http protocol chosen during creation of the object will be used
* @return xmlrpcresp
* @access public
*/
function& send($msg, $timeout=0, $method='')
{
// if user deos not specify http protocol, use native method of this client
// (i.e. method set during call to constructor)
if($method == '')
{
$method = $this->method;
}
if(is_array($msg))
{
// $msg is an array of xmlrpcmsg's
$r = $this->multicall($msg, $timeout, $method);
return $r;
}
elseif(is_string($msg))
{
$n =& new xmlrpcmsg('');
$n->payload = $msg;
$msg = $n;
}
// where msg is an xmlrpcmsg
$msg->debug=$this->debug;
if($method == 'https')
{
$r =& $this->sendPayloadHTTPS(
$msg,
$this->server,
$this->port,
$timeout,
$this->username,
$this->password,
$this->authtype,
$this->cert,
$this->certpass,
$this->cacert,
$this->cacertdir,
$this->proxy,
$this->proxyport,
$this->proxy_user,
$this->proxy_pass,
$this->proxy_authtype,
$this->keepalive,
$this->key,
$this->keypass
);
}
elseif($method == 'http11')
{
$r =& $this->sendPayloadCURL(
$msg,
$this->server,
$this->port,
$timeout,
$this->username,
$this->password,
$this->authtype,
null,
null,
null,
null,
$this->proxy,
$this->proxyport,
$this->proxy_user,
$this->proxy_pass,
$this->proxy_authtype,
'http',
$this->keepalive
);
}
else
{
$r =& $this->sendPayloadHTTP10(
$msg,
$this->server,
$this->port,
$timeout,
$this->username,
$this->password,
$this->authtype,
$this->proxy,
$this->proxyport,
$this->proxy_user,
$this->proxy_pass,
$this->proxy_authtype
);
}
return $r;
}
/**
* @access private
*/
function &sendPayloadHTTP10($msg, $server, $port, $timeout=0,
$username='', $password='', $authtype=1, $proxyhost='',
$proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1)
{
if($port==0)
{
$port=80;
}
// Only create the payload if it was not created previously
if(empty($msg->payload))
{
$msg->createPayload($this->request_charset_encoding);
}
$payload = $msg->payload;
// Deflate request body and set appropriate request headers
if(function_exists('gzdeflate') && ($this->request_compression == 'gzip' || $this->request_compression == 'deflate'))
{
if($this->request_compression == 'gzip')
{
$a = @gzencode($payload);
if($a)
{
$payload = $a;
$encoding_hdr = "Content-Encoding: gzip\r\n";
}
}
else
{
$a = @gzcompress($payload);
if($a)
{
$payload = $a;
$encoding_hdr = "Content-Encoding: deflate\r\n";
}
}
}
else
{
$encoding_hdr = '';
}
// thanks to Grant Rauscher <grant7@firstworld.net> for this
$credentials='';
if($username!='')
{
$credentials='Authorization: Basic ' . base64_encode($username . ':' . $password) . "\r\n";
if ($authtype != 1)
{
error_log('XML-RPC: xmlrpc_client::send: warning. Only Basic auth is supported with HTTP 1.0');
}
}
$accepted_encoding = '';
if(is_array($this->accepted_compression) && count($this->accepted_compression))
{
$accepted_encoding = 'Accept-Encoding: ' . implode(', ', $this->accepted_compression) . "\r\n";
}
$proxy_credentials = '';
if($proxyhost)
{
if($proxyport == 0)
{
$proxyport = 8080;
}
$connectserver = $proxyhost;
$connectport = $proxyport;
$uri = 'http://'.$server.':'.$port.$this->path;
if($proxyusername != '')
{
if ($proxyauthtype != 1)
{
error_log('XML-RPC: xmlrpc_client::send: warning. Only Basic auth to proxy is supported with HTTP 1.0');
}
$proxy_credentials = 'Proxy-Authorization: Basic ' . base64_encode($proxyusername.':'.$proxypassword) . "\r\n";
}
}
else
{
$connectserver = $server;
$connectport = $port;
$uri = $this->path;
}
// Cookie generation, as per rfc2965 (version 1 cookies) or
// netscape's rules (version 0 cookies)
$cookieheader='';
if (count($this->cookies))
{
$version = '';
foreach ($this->cookies as $name => $cookie)
{
if ($cookie['version'])
{
$version = ' $Version="' . $cookie['version'] . '";';
$cookieheader .= ' ' . $name . '="' . $cookie['value'] . '";';
if ($cookie['path'])
$cookieheader .= ' $Path="' . $cookie['path'] . '";';
if ($cookie['domain'])
$cookieheader .= ' $Domain="' . $cookie['domain'] . '";';
if ($cookie['port'])
$cookieheader .= ' $Port="' . $cookie['port'] . '";';
}
else
{
$cookieheader .= ' ' . $name . '=' . $cookie['value'] . ";";
}
}
$cookieheader = 'Cookie:' . $version . substr($cookieheader, 0, -1) . "\r\n";
}
$op= 'POST ' . $uri. " HTTP/1.0\r\n" .
'User-Agent: ' . $GLOBALS['xmlrpcName'] . ' ' . $GLOBALS['xmlrpcVersion'] . "\r\n" .
'Host: '. $server . ':' . $port . "\r\n" .
$credentials .
$proxy_credentials .
$accepted_encoding .
$encoding_hdr .
'Accept-Charset: ' . implode(',', $this->accepted_charset_encodings) . "\r\n" .
$cookieheader .
'Content-Type: ' . $msg->content_type . "\r\nContent-Length: " .
strlen($payload) . "\r\n\r\n" .
$payload;
if($this->debug > 1)
{
print "<PRE>\n---SENDING---\n" . htmlentities($op) . "\n---END---\n</PRE>";
// let the client see this now in case http times out...
flush();
}
if($timeout>0)
{
$fp=@fsockopen($connectserver, $connectport, $this->errno, $this->errstr, $timeout);
}
else
{
$fp=@fsockopen($connectserver, $connectport, $this->errno, $this->errstr);
}
if($fp)
{
if($timeout>0 && function_exists('stream_set_timeout'))
{
stream_set_timeout($fp, $timeout);
}
}
else
{
$this->errstr='Connect error: '.$this->errstr;
$r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['http_error'], $this->errstr . ' (' . $this->errno . ')');
return $r;
}
if(!fputs($fp, $op, strlen($op)))
{
fclose($fp);
$this->errstr='Write error';
$r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['http_error'], $this->errstr);
return $r;
}
else
{
// reset errno and errstr on succesful socket connection
$this->errstr = '';
}
// G. Giunta 2005/10/24: close socket before parsing.
// should yeld slightly better execution times, and make easier recursive calls (e.g. to follow http redirects)
$ipd='';
do
{
// shall we check for $data === FALSE?
// as per the manual, it signals an error
$ipd.=fread($fp, 32768);
} while(!feof($fp));
fclose($fp);
$r =& $msg->parseResponse($ipd, false, $this->return_type);
return $r;
}
/**
* @access private
*/
function &sendPayloadHTTPS($msg, $server, $port, $timeout=0, $username='',
$password='', $authtype=1, $cert='',$certpass='', $cacert='', $cacertdir='',
$proxyhost='', $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1,
$keepalive=false, $key='', $keypass='')
{
$r =& $this->sendPayloadCURL($msg, $server, $port, $timeout, $username,
$password, $authtype, $cert, $certpass, $cacert, $cacertdir, $proxyhost, $proxyport,
$proxyusername, $proxypassword, $proxyauthtype, 'https', $keepalive, $key, $keypass);
return $r;
}
/**
* Contributed by Justin Miller <justin@voxel.net>
* Requires curl to be built into PHP
* NB: CURL versions before 7.11.10 cannot use proxy to talk to https servers!
* @access private
*/
function &sendPayloadCURL($msg, $server, $port, $timeout=0, $username='',
$password='', $authtype=1, $cert='', $certpass='', $cacert='', $cacertdir='',
$proxyhost='', $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1, $method='https',
$keepalive=false, $key='', $keypass='')
{
if(!function_exists('curl_init'))
{
$this->errstr='CURL unavailable on this install';
$r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['no_curl'], $GLOBALS['xmlrpcstr']['no_curl']);
return $r;
}
if($method == 'https')
{
if(($info = curl_version()) &&
((is_string($info) && strpos($info, 'OpenSSL') === null) || (is_array($info) && !isset($info['ssl_version']))))
{
$this->errstr='SSL unavailable on this install';
$r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['no_ssl'], $GLOBALS['xmlrpcstr']['no_ssl']);
return $r;
}
}
if($port == 0)
{
if($method == 'http')
{
$port = 80;
}
else
{
$port = 443;
}
}
// Only create the payload if it was not created previously
if(empty($msg->payload))
{
$msg->createPayload($this->request_charset_encoding);
}
// Deflate request body and set appropriate request headers
$payload = $msg->payload;
if(function_exists('gzdeflate') && ($this->request_compression == 'gzip' || $this->request_compression == 'deflate'))
{
if($this->request_compression == 'gzip')
{
$a = @gzencode($payload);
if($a)
{
$payload = $a;
$encoding_hdr = 'Content-Encoding: gzip';
}
}
else
{
$a = @gzcompress($payload);
if($a)
{
$payload = $a;
$encoding_hdr = 'Content-Encoding: deflate';
}
}
}
else
{
$encoding_hdr = '';
}
if($this->debug > 1)
{
print "<PRE>\n---SENDING---\n" . htmlentities($payload) . "\n---END---\n</PRE>";
// let the client see this now in case http times out...
flush();
}
if(!$keepalive || !$this->xmlrpc_curl_handle)
{
$curl = curl_init($method . '://' . $server . ':' . $port . $this->path);
if($keepalive)
{
$this->xmlrpc_curl_handle = $curl;
}
}
else
{
$curl = $this->xmlrpc_curl_handle;
}
// results into variable
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
if($this->debug)
{
curl_setopt($curl, CURLOPT_VERBOSE, 1);
}
curl_setopt($curl, CURLOPT_USERAGENT, $GLOBALS['xmlrpcName'].' '.$GLOBALS['xmlrpcVersion']);
// required for XMLRPC: post the data
curl_setopt($curl, CURLOPT_POST, 1);
// the data
curl_setopt($curl, CURLOPT_POSTFIELDS, $payload);
// return the header too
curl_setopt($curl, CURLOPT_HEADER, 1);
// will only work with PHP >= 5.0
// NB: if we set an empty string, CURL will add http header indicating
// ALL methods it is supporting. This is possibly a better option than
// letting the user tell what curl can / cannot do...
if(is_array($this->accepted_compression) && count($this->accepted_compression))
{
//curl_setopt($curl, CURLOPT_ENCODING, implode(',', $this->accepted_compression));
// empty string means 'any supported by CURL' (shall we catch errors in case CURLOPT_SSLKEY undefined ?)
if (count($this->accepted_compression) == 1)
{
curl_setopt($curl, CURLOPT_ENCODING, $this->accepted_compression[0]);
}
else
curl_setopt($curl, CURLOPT_ENCODING, '');
}
// extra headers
$headers = array('Content-Type: ' . $msg->content_type , 'Accept-Charset: ' . implode(',', $this->accepted_charset_encodings));
// if no keepalive is wanted, let the server know it in advance
if(!$keepalive)
{
$headers[] = 'Connection: close';
}
// request compression header
if($encoding_hdr)
{
$headers[] = $encoding_hdr;
}
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
// timeout is borked
if($timeout)
{
curl_setopt($curl, CURLOPT_TIMEOUT, $timeout == 1 ? 1 : $timeout - 1);
}
if($username && $password)
{
curl_setopt($curl, CURLOPT_USERPWD, $username.':'.$password);
if (defined('CURLOPT_HTTPAUTH'))
{
curl_setopt($curl, CURLOPT_HTTPAUTH, $authtype);
}
else if ($authtype != 1)
{
error_log('XML-RPC: xmlrpc_client::send: warning. Only Basic auth is supported by the current PHP/curl install');
}
}
if($method == 'https')
{
// set cert file
if($cert)
{
curl_setopt($curl, CURLOPT_SSLCERT, $cert);
}
// set cert password
if($certpass)
{
curl_setopt($curl, CURLOPT_SSLCERTPASSWD, $certpass);
}
// whether to verify remote host's cert
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, $this->verifypeer);
// set ca certificates file/dir
if($cacert)
{
curl_setopt($curl, CURLOPT_CAINFO, $cacert);
}
if($cacertdir)
{
curl_setopt($curl, CURLOPT_CAPATH, $cacertdir);
}
// set key file (shall we catch errors in case CURLOPT_SSLKEY undefined ?)
if($key)
{
curl_setopt($curl, CURLOPT_SSLKEY, $key);
}
// set key password (shall we catch errors in case CURLOPT_SSLKEY undefined ?)
if($keypass)
{
curl_setopt($curl, CURLOPT_SSLKEYPASSWD, $keypass);
}
// whether to verify cert's common name (CN); 0 for no, 1 to verify that it exists, and 2 to verify that it matches the hostname used
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, $this->verifyhost);
}
// proxy info
if($proxyhost)
{
if($proxyport == 0)
{
$proxyport = 8080; // NB: even for HTTPS, local connection is on port 8080
}
curl_setopt($curl, CURLOPT_PROXY, $proxyhost.':'.$proxyport);
//curl_setopt($curl, CURLOPT_PROXYPORT,$proxyport);
if($proxyusername)
{
curl_setopt($curl, CURLOPT_PROXYUSERPWD, $proxyusername.':'.$proxypassword);
if (defined('CURLOPT_PROXYAUTH'))
{
curl_setopt($curl, CURLOPT_PROXYAUTH, $proxyauthtype);
}
else if ($proxyauthtype != 1)
{
error_log('XML-RPC: xmlrpc_client::send: warning. Only Basic auth to proxy is supported by the current PHP/curl install');
}
}
}
// NB: should we build cookie http headers by hand rather than let CURL do it?
// the following code does not honour 'expires', 'path' and 'domain' cookie attributes
// set to client obj the the user...
if (count($this->cookies))
{
$cookieheader = '';
foreach ($this->cookies as $name => $cookie)
{
$cookieheader .= $name . '=' . $cookie['value'] . '; ';
}
curl_setopt($curl, CURLOPT_COOKIE, substr($cookieheader, 0, -2));
}
$result = curl_exec($curl);
if ($this->debug > 1)
{
print "<PRE>\n---CURL INFO---\n";
foreach(curl_getinfo($curl) as $name => $val)
print $name . ': ' . htmlentities($val). "\n";
print "---END---\n</PRE>";
}
if(!$result) /// @todo we should use a better check here - what if we get back '' or '0'?
{
$this->errstr='no response';
$resp=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['curl_fail'], $GLOBALS['xmlrpcstr']['curl_fail']. ': '. curl_error($curl));
curl_close($curl);
if($keepalive)
{
$this->xmlrpc_curl_handle = null;
}
}
else
{
if(!$keepalive)
{
curl_close($curl);
}
$resp =& $msg->parseResponse($result, true, $this->return_type);
}
return $resp;
}
/**
* Send an array of request messages and return an array of responses.
* Unless $this->no_multicall has been set to true, it will try first
* to use one single xmlrpc call to server method system.multicall, and
* revert to sending many successive calls in case of failure.
* This failure is also stored in $this->no_multicall for subsequent calls.
* Unfortunately, there is no server error code universally used to denote
* the fact that multicall is unsupported, so there is no way to reliably
* distinguish between that and a temporary failure.
* If you are sure that server supports multicall and do not want to
* fallback to using many single calls, set the fourth parameter to FALSE.
*
* NB: trying to shoehorn extra functionality into existing syntax has resulted
* in pretty much convoluted code...
*
* @param array $msgs an array of xmlrpcmsg objects
* @param integer $timeout connection timeout (in seconds)
* @param string $method the http protocol variant to be used
* @param boolean fallback When true, upon receiveing an error during multicall, multiple single calls will be attempted
* @return array
* @access public
*/
function multicall($msgs, $timeout=0, $method='', $fallback=true)
{
if ($method == '')
{
$method = $this->method;
}
if(!$this->no_multicall)
{
$results = $this->_try_multicall($msgs, $timeout, $method);
if(is_array($results))
{
// System.multicall succeeded
return $results;
}
else
{
// either system.multicall is unsupported by server,
// or call failed for some other reason.
if ($fallback)
{
// Don't try it next time...
$this->no_multicall = true;
}
else
{
if (is_a($results, 'xmlrpcresp'))
{
$result = $results;
}
else
{
$result =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['multicall_error'], $GLOBALS['xmlrpcstr']['multicall_error']);
}
}
}
}
else
{
// override fallback, in case careless user tries to do two
// opposite things at the same time
$fallback = true;
}
$results = array();
if ($fallback)
{
// system.multicall is (probably) unsupported by server:
// emulate multicall via multiple requests
foreach($msgs as $msg)
{
$results[] =& $this->send($msg, $timeout, $method);
}
}
else
{
// user does NOT want to fallback on many single calls:
// since we should always return an array of responses,
// return an array with the same error repeated n times
foreach($msgs as $msg)
{
$results[] = $result;
}
}
return $results;
}
/**
* Attempt to boxcar $msgs via system.multicall.
* Returns either an array of xmlrpcreponses, an xmlrpc error response
* or false (when received response does not respect valid multicall syntax)
* @access private
*/
function _try_multicall($msgs, $timeout, $method)
{
// Construct multicall message
$calls = array();
foreach($msgs as $msg)
{
$call['methodName'] =& new xmlrpcval($msg->method(),'string');
$numParams = $msg->getNumParams();
$params = array();
for($i = 0; $i < $numParams; $i++)
{
$params[$i] = $msg->getParam($i);
}
$call['params'] =& new xmlrpcval($params, 'array');
$calls[] =& new xmlrpcval($call, 'struct');
}
$multicall =& new xmlrpcmsg('system.multicall');
$multicall->addParam(new xmlrpcval($calls, 'array'));
// Attempt RPC call
$result =& $this->send($multicall, $timeout, $method);
if($result->faultCode() != 0)
{
// call to system.multicall failed
return $result;
}
// Unpack responses.
$rets = $result->value();
if ($this->return_type == 'xml')
{
return $rets;
}
else if ($this->return_type == 'phpvals')
{
///@todo test this code branch...
$rets = $result->value();
if(!is_array($rets))
{
return false; // bad return type from system.multicall
}
$numRets = count($rets);
if($numRets != count($msgs))
{
return false; // wrong number of return values.
}
$response = array();
for($i = 0; $i < $numRets; $i++)
{
$val = $rets[$i];
if (!is_array($val)) {
return false;
}
switch(count($val))
{
case 1:
if(!isset($val[0]))
{
return false; // Bad value
}
// Normal return value
$response[$i] =& new xmlrpcresp($val[0], 0, '', 'phpvals');
break;
case 2:
/// @todo remove usage of @: it is apparently quite slow
$code = @$val['faultCode'];
if(!is_int($code))
{
return false;
}
$str = @$val['faultString'];
if(!is_string($str))
{
return false;
}
$response[$i] =& new xmlrpcresp(0, $code, $str);
break;
default:
return false;
}
}
return $response;
}
else // return type == 'xmlrpcvals'
{
$rets = $result->value();
if($rets->kindOf() != 'array')
{
return false; // bad return type from system.multicall
}
$numRets = $rets->arraysize();
if($numRets != count($msgs))
{
return false; // wrong number of return values.
}
$response = array();
for($i = 0; $i < $numRets; $i++)
{
$val = $rets->arraymem($i);
switch($val->kindOf())
{
case 'array':
if($val->arraysize() != 1)
{
return false; // Bad value
}
// Normal return value
$response[$i] =& new xmlrpcresp($val->arraymem(0));
break;
case 'struct':
$code = $val->structmem('faultCode');
if($code->kindOf() != 'scalar' || $code->scalartyp() != 'int')
{
return false;
}
$str = $val->structmem('faultString');
if($str->kindOf() != 'scalar' || $str->scalartyp() != 'string')
{
return false;
}
$response[$i] =& new xmlrpcresp(0, $code->scalarval(), $str->scalarval());
break;
default:
return false;
}
}
return $response;
}
}
} // end class xmlrpc_client
class xmlrpcresp
{
var $val = 0;
var $valtyp;
var $errno = 0;
var $errstr = '';
var $payload;
var $hdrs = array();
var $_cookies = array();
var $content_type = 'text/xml';
var $raw_data = '';
/**
* @param mixed $val either an xmlrpcval obj, a php value or the xml serialization of an xmlrpcval (a string)
* @param integer $fcode set it to anything but 0 to create an error response
* @param string $fstr the error string, in case of an error response
* @param string $valtyp either 'xmlrpcvals', 'phpvals' or 'xml'
*
* @todo add check that $val / $fcode / $fstr is of correct type???
* NB: as of now we do not do it, since it might be either an xmlrpcval or a plain
* php val, or a complete xml chunk, depending on usage of xmlrpc_client::send() inside which creator is called...
*/
function xmlrpcresp($val, $fcode = 0, $fstr = '', $valtyp='')
{
if($fcode != 0)
{
// error response
$this->errno = $fcode;
$this->errstr = $fstr;
//$this->errstr = htmlspecialchars($fstr); // XXX: encoding probably shouldn't be done here; fix later.
}
else
{
// successful response
$this->val = $val;
if ($valtyp == '')
{
// user did not declare type of response value: try to guess it
if (is_object($this->val) && is_a($this->val, 'xmlrpcval'))
{
$this->valtyp = 'xmlrpcvals';
}
else if (is_string($this->val))
{
$this->valtyp = 'xml';
}
else
{
$this->valtyp = 'phpvals';
}
}
else
{
// user declares type of resp value: believe him
$this->valtyp = $valtyp;
}
}
}
/**
* Returns the error code of the response.
* @return integer the error code of this response (0 for not-error responses)
* @access public
*/
function faultCode()
{
return $this->errno;
}
/**
* Returns the error code of the response.
* @return string the error string of this response ('' for not-error responses)
* @access public
*/
function faultString()
{
return $this->errstr;
}
/**
* Returns the value received by the server.
* @return mixed the xmlrpcval object returned by the server. Might be an xml string or php value if the response has been created by specially configured xmlrpc_client objects
* @access public
*/
function value()
{
return $this->val;
}
/**
* Returns an array with the cookies received from the server.
* Array has the form: $cookiename => array ('value' => $val, $attr1 => $val1, $attr2 = $val2, ...)
* with attributes being e.g. 'expires', 'path', domain'.
* NB: cookies sent as 'expired' by the server (i.e. with an expiry date in the past)
* are still present in the array. It is up to the user-defined code to decide
* how to use the received cookies, and wheter they have to be sent back with the next
* request to the server (using xmlrpc_client::setCookie) or not
* @return array array of cookies received from the server
* @access public
*/
function cookies()
{
return $this->_cookies;
}
/**
* Returns xml representation of the response. XML prologue not included
* @param string $charset_encoding the charset to be used for serialization. if null, US-ASCII is assumed
* @return string the xml representation of the response
* @access public
*/
function serialize($charset_encoding='')
{
if ($charset_encoding != '')
$this->content_type = 'text/xml; charset=' . $charset_encoding;
else
$this->content_type = 'text/xml';
$result = "<methodResponse>\n";
if($this->errno)
{
// G. Giunta 2005/2/13: let non-ASCII response messages be tolerated by clients
// by xml-encoding non ascii chars
$result .= "<fault>\n" .
"<value>\n<struct><member><name>faultCode</name>\n<value><int>" . $this->errno .
"</int></value>\n</member>\n<member>\n<name>faultString</name>\n<value><string>" .
xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $charset_encoding) . "</string></value>\n</member>\n" .
"</struct>\n</value>\n</fault>";
}
else
{
if(!is_object($this->val) || !is_a($this->val, 'xmlrpcval'))
{
if (is_string($this->val) && $this->valtyp == 'xml')
{
$result .= "<params>\n<param>\n" .
$this->val .
"</param>\n</params>";
}
else
{
/// @todo try to build something serializable?
die('cannot serialize xmlrpcresp objects whose content is native php values');
}
}
else
{
$result .= "<params>\n<param>\n" .
$this->val->serialize($charset_encoding) .
"</param>\n</params>";
}
}
$result .= "\n</methodResponse>";
$this->payload = $result;
return $result;
}
}
class xmlrpcmsg
{
var $payload;
var $methodname;
var $params=array();
var $debug=0;
var $content_type = 'text/xml';
/**
* @param string $meth the name of the method to invoke
* @param array $pars array of parameters to be paased to the method (xmlrpcval objects)
*/
function xmlrpcmsg($meth, $pars=0)
{
$this->methodname=$meth;
if(is_array($pars) && count($pars)>0)
{
for($i=0; $i<count($pars); $i++)
{
$this->addParam($pars[$i]);
}
}
}
/**
* @access private
*/
function xml_header($charset_encoding='')
{
if ($charset_encoding != '')
{
return "<?xml version=\"1.0\" encoding=\"$charset_encoding\" ?" . ">\n<methodCall>\n";
}
else
{
return "<?xml version=\"1.0\"?" . ">\n<methodCall>\n";
}
}
/**
* @access private
*/
function xml_footer()
{
return '</methodCall>';
}
/**
* @access private
*/
function kindOf()
{
return 'msg';
}
/**
* @access private
*/
function createPayload($charset_encoding='')
{
if ($charset_encoding != '')
$this->content_type = 'text/xml; charset=' . $charset_encoding;
else
$this->content_type = 'text/xml';
$this->payload=$this->xml_header($charset_encoding);
$this->payload.='<methodName>' . $this->methodname . "</methodName>\n";
$this->payload.="<params>\n";
for($i=0; $i<count($this->params); $i++)
{
$p=$this->params[$i];
$this->payload.="<param>\n" . $p->serialize($charset_encoding) .
"</param>\n";
}
$this->payload.="</params>\n";
$this->payload.=$this->xml_footer();
}
/**
* Gets/sets the xmlrpc method to be invoked
* @param string $meth the method to be set (leave empty not to set it)
* @return string the method that will be invoked
* @access public
*/
function method($meth='')
{
if($meth!='')
{
$this->methodname=$meth;
}
return $this->methodname;
}
/**
* Returns xml representation of the message. XML prologue included
* @return string the xml representation of the message, xml prologue included
* @access public
*/
function serialize($charset_encoding='')
{
$this->createPayload($charset_encoding);
return $this->payload;
}
/**
* Add a parameter to the list of parameters to be used upon method invocation
* @param xmlrpcval $par
* @return boolean false on failure
* @access public
*/
function addParam($par)
{
// add check: do not add to self params which are not xmlrpcvals
if(is_object($par) && is_a($par, 'xmlrpcval'))
{
$this->params[]=$par;
return true;
}
else
{
return false;
}
}
/**
* Returns the nth parameter in the message. The index zero-based.
* @param integer $i the index of the parameter to fetch (zero based)
* @return xmlrpcval the i-th parameter
* @access public
*/
function getParam($i) { return $this->params[$i]; }
/**
* Returns the number of parameters in the messge.
* @return integer the number of parameters currently set
* @access public
*/
function getNumParams() { return count($this->params); }
/**
* Given an open file handle, read all data available and parse it as axmlrpc response.
* NB: the file handle is not closed by this function.
* NNB: might have trouble in rare cases to work on network streams, as we
* check for a read of 0 bytes instead of feof($fp).
* But since checking for feof(null) returns false, we would risk an
* infinite loop in that case, because we cannot trust the caller
* to give us a valid pointer to an open file...
* @access public
* @return xmlrpcresp
* @todo add 2nd & 3rd param to be passed to ParseResponse() ???
*/
function &parseResponseFile($fp)
{
$ipd='';
while($data=fread($fp, 32768))
{
$ipd.=$data;
}
//fclose($fp);
$r =& $this->parseResponse($ipd);
return $r;
}
/**
* Parses HTTP headers and separates them from data.
* @access private
*/
function &parseResponseHeaders(&$data, $headers_processed=false)
{
// Support "web-proxy-tunelling" connections for https through proxies
if(preg_match('/^HTTP\/1\.[0-1] 200 Connection established/', $data))
{
// Look for CR/LF or simple LF as line separator,
// (even though it is not valid http)
$pos = strpos($data,"\r\n\r\n");
if($pos || is_int($pos))
{
$bd = $pos+4;
}
else
{
$pos = strpos($data,"\n\n");
if($pos || is_int($pos))
{
$bd = $pos+2;
}
else
{
// No separation between response headers and body: fault?
$bd = 0;
}
}
if ($bd)
{
// this filters out all http headers from proxy.
// maybe we could take them into account, too?
$data = substr($data, $bd);
}
else
{
error_log('XML-RPC: xmlrpcmsg::parseResponse: HTTPS via proxy error, tunnel connection possibly failed');
$r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['http_error'], $GLOBALS['xmlrpcstr']['http_error']. ' (HTTPS via proxy error, tunnel connection possibly failed)');
return $r;
}
}
// Strip HTTP 1.1 100 Continue header if present
while(preg_match('/^HTTP\/1\.1 1[0-9]{2} /', $data))
{
$pos = strpos($data, 'HTTP', 12);
// server sent a Continue header without any (valid) content following...
// give the client a chance to know it
if(!$pos && !is_int($pos)) // works fine in php 3, 4 and 5
{
break;
}
$data = substr($data, $pos);
}
if(!preg_match('/^HTTP\/[0-9.]+ 200 /', $data))
{
$errstr= substr($data, 0, strpos($data, "\n")-1);
error_log('XML-RPC: xmlrpcmsg::parseResponse: HTTP error, got response: ' .$errstr);
$r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['http_error'], $GLOBALS['xmlrpcstr']['http_error']. ' (' . $errstr . ')');
return $r;
}
$GLOBALS['_xh']['headers'] = array();
$GLOBALS['_xh']['cookies'] = array();
// be tolerant to usage of \n instead of \r\n to separate headers and data
// (even though it is not valid http)
$pos = strpos($data,"\r\n\r\n");
if($pos || is_int($pos))
{
$bd = $pos+4;
}
else
{
$pos = strpos($data,"\n\n");
if($pos || is_int($pos))
{
$bd = $pos+2;
}
else
{
// No separation between response headers and body: fault?
// we could take some action here instead of going on...
$bd = 0;
}
}
// be tolerant to line endings, and extra empty lines
$ar = split("\r?\n", trim(substr($data, 0, $pos)));
while(list(,$line) = @each($ar))
{
// take care of multi-line headers and cookies
$arr = explode(':',$line,2);
if(count($arr) > 1)
{
$header_name = strtolower(trim($arr[0]));
/// @todo some other headers (the ones that allow a CSV list of values)
/// do allow many values to be passed using multiple header lines.
/// We should add content to $GLOBALS['_xh']['headers'][$header_name]
/// instead of replacing it for those...
if ($header_name == 'set-cookie' || $header_name == 'set-cookie2')
{
if ($header_name == 'set-cookie2')
{
// version 2 cookies:
// there could be many cookies on one line, comma separated
$cookies = explode(',', $arr[1]);
}
else
{
$cookies = array($arr[1]);
}
foreach ($cookies as $cookie)
{
// glue together all received cookies, using a comma to separate them
// (same as php does with getallheaders())
if (isset($GLOBALS['_xh']['headers'][$header_name]))
$GLOBALS['_xh']['headers'][$header_name] .= ', ' . trim($cookie);
else
$GLOBALS['_xh']['headers'][$header_name] = trim($cookie);
// parse cookie attributes, in case user wants to correctly honour them
// feature creep: only allow rfc-compliant cookie attributes?
// @todo support for server sending multiple time cookie with same name, but using different PATHs
$cookie = explode(';', $cookie);
foreach ($cookie as $pos => $val)
{
$val = explode('=', $val, 2);
$tag = trim($val[0]);
$val = trim(@$val[1]);
/// @todo with version 1 cookies, we should strip leading and trailing " chars
if ($pos == 0)
{
$cookiename = $tag;
$GLOBALS['_xh']['cookies'][$tag] = array();
$GLOBALS['_xh']['cookies'][$cookiename]['value'] = urldecode($val);
}
else
{
if ($tag != 'value')
{
$GLOBALS['_xh']['cookies'][$cookiename][$tag] = $val;
}
}
}
}
}
else
{
$GLOBALS['_xh']['headers'][$header_name] = trim($arr[1]);
}
}
elseif(isset($header_name))
{
/// @todo version1 cookies might span multiple lines, thus breaking the parsing above
$GLOBALS['_xh']['headers'][$header_name] .= ' ' . trim($line);
}
}
$data = substr($data, $bd);
if($this->debug && count($GLOBALS['_xh']['headers']))
{
print '<PRE>';
foreach($GLOBALS['_xh']['headers'] as $header => $value)
{
print htmlentities("HEADER: $header: $value\n");
}
foreach($GLOBALS['_xh']['cookies'] as $header => $value)
{
print htmlentities("COOKIE: $header={$value['value']}\n");
}
print "</PRE>\n";
}
// if CURL was used for the call, http headers have been processed,
// and dechunking + reinflating have been carried out
if(!$headers_processed)
{
// Decode chunked encoding sent by http 1.1 servers
if(isset($GLOBALS['_xh']['headers']['transfer-encoding']) && $GLOBALS['_xh']['headers']['transfer-encoding'] == 'chunked')
{
if(!$data = decode_chunked($data))
{
error_log('XML-RPC: xmlrpcmsg::parseResponse: errors occurred when trying to rebuild the chunked data received from server');
$r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['dechunk_fail'], $GLOBALS['xmlrpcstr']['dechunk_fail']);
return $r;
}
}
// Decode gzip-compressed stuff
// code shamelessly inspired from nusoap library by Dietrich Ayala
if(isset($GLOBALS['_xh']['headers']['content-encoding']))
{
$GLOBALS['_xh']['headers']['content-encoding'] = str_replace('x-', '', $GLOBALS['_xh']['headers']['content-encoding']);
if($GLOBALS['_xh']['headers']['content-encoding'] == 'deflate' || $GLOBALS['_xh']['headers']['content-encoding'] == 'gzip')
{
// if decoding works, use it. else assume data wasn't gzencoded
if(function_exists('gzinflate'))
{
if($GLOBALS['_xh']['headers']['content-encoding'] == 'deflate' && $degzdata = @gzuncompress($data))
{
$data = $degzdata;
if($this->debug)
print "<PRE>---INFLATED RESPONSE---[".strlen($data)." chars]---\n" . htmlentities($data) . "\n---END---</PRE>";
}
elseif($GLOBALS['_xh']['headers']['content-encoding'] == 'gzip' && $degzdata = @gzinflate(substr($data, 10)))
{
$data = $degzdata;
if($this->debug)
print "<PRE>---INFLATED RESPONSE---[".strlen($data)." chars]---\n" . htmlentities($data) . "\n---END---</PRE>";
}
else
{
error_log('XML-RPC: xmlrpcmsg::parseResponse: errors occurred when trying to decode the deflated data received from server');
$r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['decompress_fail'], $GLOBALS['xmlrpcstr']['decompress_fail']);
return $r;
}
}
else
{
error_log('XML-RPC: xmlrpcmsg::parseResponse: the server sent deflated data. Your php install must have the Zlib extension compiled in to support this.');
$r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['cannot_decompress'], $GLOBALS['xmlrpcstr']['cannot_decompress']);
return $r;
}
}
}
} // end of 'if needed, de-chunk, re-inflate response'
// real stupid hack to avoid PHP 4 complaining about returning NULL by ref
$r = null;
$r =& $r;
return $r;
}
/**
* Parse the xmlrpc response contained in the string $data and return an xmlrpcresp object.
* @param string $data the xmlrpc response, eventually including http headers
* @param bool $headers_processed when true prevents parsing HTTP headers for interpretation of content-encoding and consequent decoding
* @param string $return_type decides return type, i.e. content of response->value(). Either 'xmlrpcvals', 'xml' or 'phpvals'
* @return xmlrpcresp
* @access public
*/
function &parseResponse($data='', $headers_processed=false, $return_type='xmlrpcvals')
{
if($this->debug)
{
//by maHo, replaced htmlspecialchars with htmlentities
print "<PRE>---GOT---\n" . htmlentities($data) . "\n---END---\n</PRE>";
}
if($data == '')
{
error_log('XML-RPC: xmlrpcmsg::parseResponse: no response received from server.');
$r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['no_data'], $GLOBALS['xmlrpcstr']['no_data']);
return $r;
}
$GLOBALS['_xh']=array();
$raw_data = $data;
// parse the HTTP headers of the response, if present, and separate them from data
if(substr($data, 0, 4) == 'HTTP')
{
$r =& $this->parseResponseHeaders($data, $headers_processed);
if ($r)
{
// failed processing of HTTP response headers
// save into response obj the full payload received, for debugging
$r->raw_data = $data;
return $r;
}
}
else
{
$GLOBALS['_xh']['headers'] = array();
$GLOBALS['_xh']['cookies'] = array();
}
if($this->debug)
{
$start = strpos($data, '<!-- SERVER DEBUG INFO (BASE64 ENCODED):');
if ($start)
{
$start += strlen('<!-- SERVER DEBUG INFO (BASE64 ENCODED):');
$end = strpos($data, '-->', $start);
$comments = substr($data, $start, $end-$start);
print "<PRE>---SERVER DEBUG INFO (DECODED) ---\n\t".htmlentities(str_replace("\n", "\n\t", base64_decode($comments)))."\n---END---\n</PRE>";
}
}
// be tolerant of extra whitespace in response body
$data = trim($data);
/// @todo return an error msg if $data=='' ?
// be tolerant of junk after methodResponse (e.g. javascript ads automatically inserted by free hosts)
// idea from Luca Mariano <luca.mariano@email.it> originally in PEARified version of the lib
$bd = false;
// Poor man's version of strrpos for php 4...
$pos = strpos($data, '</methodResponse>');
while($pos || is_int($pos))
{
$bd = $pos+17;
$pos = strpos($data, '</methodResponse>', $bd);
}
if($bd)
{
$data = substr($data, 0, $bd);
}
// if user wants back raw xml, give it to him
if ($return_type == 'xml')
{
$r =& new xmlrpcresp($data, 0, '', 'xml');
$r->hdrs = $GLOBALS['_xh']['headers'];
$r->_cookies = $GLOBALS['_xh']['cookies'];
$r->raw_data = $raw_data;
return $r;
}
// try to 'guestimate' the character encoding of the received response
$resp_encoding = guess_encoding(@$GLOBALS['_xh']['headers']['content-type'], $data);
$GLOBALS['_xh']['ac']='';
//$GLOBALS['_xh']['qt']=''; //unused...
$GLOBALS['_xh']['stack'] = array();
$GLOBALS['_xh']['valuestack'] = array();
$GLOBALS['_xh']['isf']=0; // 0 = OK, 1 for xmlrpc fault responses, 2 = invalid xmlrpc
$GLOBALS['_xh']['isf_reason']='';
$GLOBALS['_xh']['rt']=''; // 'methodcall or 'methodresponse'
// if response charset encoding is not known / supported, try to use
// the default encoding and parse the xml anyway, but log a warning...
if (!in_array($resp_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII')))
// the following code might be better for mb_string enabled installs, but
// makes the lib about 200% slower...
//if (!is_valid_charset($resp_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII')))
{
error_log('XML-RPC: xmlrpcmsg::parseResponse: invalid charset encoding of received response: '.$resp_encoding);
$resp_encoding = $GLOBALS['xmlrpc_defencoding'];
}
$parser = xml_parser_create($resp_encoding);
xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true);
// G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell
// the xml parser to give us back data in the expected charset.
// What if internal encoding is not in one of the 3 allowed?
// we use the broadest one, ie. utf8
// This allows to send data which is native in various charset,
// by extending xmlrpc_encode_entitites() and setting xmlrpc_internalencoding
if (!in_array($GLOBALS['xmlrpc_internalencoding'], array('UTF-8', 'ISO-8859-1', 'US-ASCII')))
{
xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, 'UTF-8');
}
else
{
xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $GLOBALS['xmlrpc_internalencoding']);
}
if ($return_type == 'phpvals')
{
xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee_fast');
}
else
{
xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee');
}
xml_set_character_data_handler($parser, 'xmlrpc_cd');
xml_set_default_handler($parser, 'xmlrpc_dh');
// first error check: xml not well formed
if(!xml_parse($parser, $data, count($data)))
{
// thanks to Peter Kocks <peter.kocks@baygate.com>
if((xml_get_current_line_number($parser)) == 1)
{
$errstr = 'XML error at line 1, check URL';
}
else
{
$errstr = sprintf('XML error: %s at line %d, column %d',
xml_error_string(xml_get_error_code($parser)),
xml_get_current_line_number($parser), xml_get_current_column_number($parser));
}
error_log($errstr);
$r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['invalid_return'], $GLOBALS['xmlrpcstr']['invalid_return'].' ('.$errstr.')');
xml_parser_free($parser);
if($this->debug)
{
print $errstr;
}
$r->hdrs = $GLOBALS['_xh']['headers'];
$r->_cookies = $GLOBALS['_xh']['cookies'];
$r->raw_data = $raw_data;
return $r;
}
xml_parser_free($parser);
// second error check: xml well formed but not xml-rpc compliant
if ($GLOBALS['_xh']['isf'] > 1)
{
if ($this->debug)
{
/// @todo echo something for user?
}
$r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['invalid_return'],
$GLOBALS['xmlrpcstr']['invalid_return'] . ' ' . $GLOBALS['_xh']['isf_reason']);
}
// third error check: parsing of the response has somehow gone boink.
// NB: shall we omit this check, since we trust the parsing code?
elseif ($return_type == 'xmlrpcvals' && !is_object($GLOBALS['_xh']['value']))
{
// something odd has happened
// and it's time to generate a client side error
// indicating something odd went on
$r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['invalid_return'],
$GLOBALS['xmlrpcstr']['invalid_return']);
}
else
{
if ($this->debug)
{
print "<PRE>---PARSED---\n";
// somehow htmlentities chokes on var_export, and some full html string...
//print htmlentitites(var_export($GLOBALS['_xh']['value'], true));
print htmlspecialchars(var_export($GLOBALS['_xh']['value'], true));
print "\n---END---</PRE>";
}
// note that using =& will raise an error if $GLOBALS['_xh']['st'] does not generate an object.
$v =& $GLOBALS['_xh']['value'];
if($GLOBALS['_xh']['isf'])
{
/// @todo we should test here if server sent an int and a string,
/// and/or coerce them into such...
if ($return_type == 'xmlrpcvals')
{
$errno_v = $v->structmem('faultCode');
$errstr_v = $v->structmem('faultString');
$errno = $errno_v->scalarval();
$errstr = $errstr_v->scalarval();
}
else
{
$errno = $v['faultCode'];
$errstr = $v['faultString'];
}
if($errno == 0)
{
// FAULT returned, errno needs to reflect that
$errno = -1;
}
$r =& new xmlrpcresp(0, $errno, $errstr);
}
else
{
$r=&new xmlrpcresp($v, 0, '', $return_type);
}
}
$r->hdrs = $GLOBALS['_xh']['headers'];
$r->_cookies = $GLOBALS['_xh']['cookies'];
$r->raw_data = $raw_data;
return $r;
}
}
class xmlrpcval
{
var $me=array();
var $mytype=0;
var $_php_class=null;
/**
* @param mixed $val
* @param string $type any valid xmlrpc type name (lowercase). If null, 'string' is assumed
*/
function xmlrpcval($val=-1, $type='')
{
/// @todo: optimization creep - do not call addXX, do it all inline.
/// downside: booleans will not be coerced anymore
if($val!==-1 || $type!='')
{
// optimization creep: inlined all work done by constructor
switch($type)
{
case '':
$this->mytype=1;
$this->me['string']=$val;
break;
case 'i4':
case 'int':
case 'double':
case 'string':
case 'boolean':
case 'dateTime.iso8601':
case 'base64':
case 'null':
$this->mytype=1;
$this->me[$type]=$val;
break;
case 'array':
$this->mytype=2;
$this->me['array']=$val;
break;
case 'struct':
$this->mytype=3;
$this->me['struct']=$val;
break;
default:
error_log("XML-RPC: xmlrpcval::xmlrpcval: not a known type ($type)");
}
/*if($type=='')
{
$type='string';
}
if($GLOBALS['xmlrpcTypes'][$type]==1)
{
$this->addScalar($val,$type);
}
elseif($GLOBALS['xmlrpcTypes'][$type]==2)
{
$this->addArray($val);
}
elseif($GLOBALS['xmlrpcTypes'][$type]==3)
{
$this->addStruct($val);
}*/
}
}
/**
* Add a single php value to an (unitialized) xmlrpcval
* @param mixed $val
* @param string $type
* @return int 1 or 0 on failure
*/
function addScalar($val, $type='string')
{
$typeof=@$GLOBALS['xmlrpcTypes'][$type];
if($typeof!=1)
{
error_log("XML-RPC: xmlrpcval::addScalar: not a scalar type ($type)");
return 0;
}
// coerce booleans into correct values
// NB: we should iether do it for datetimes, integers and doubles, too,
// or just plain remove this check, implemnted on booleans only...
if($type==$GLOBALS['xmlrpcBoolean'])
{
if(strcasecmp($val,'true')==0 || $val==1 || ($val==true && strcasecmp($val,'false')))
{
$val=true;
}
else
{
$val=false;
}
}
switch($this->mytype)
{
case 1:
error_log('XML-RPC: xmlrpcval::addScalar: scalar xmlrpcval can have only one value');
return 0;
case 3:
error_log('XML-RPC: xmlrpcval::addScalar: cannot add anonymous scalar to struct xmlrpcval');
return 0;
case 2:
// we're adding a scalar value to an array here
//$ar=$this->me['array'];
//$ar[]=&new xmlrpcval($val, $type);
//$this->me['array']=$ar;
// Faster (?) avoid all the costly array-copy-by-val done here...
$this->me['array'][]=&new xmlrpcval($val, $type);
return 1;
default:
// a scalar, so set the value and remember we're scalar
$this->me[$type]=$val;
$this->mytype=$typeof;
return 1;
}
}
/**
* Add an array of xmlrpcval objects to an xmlrpcval
* @param array $vals
* @return int 1 or 0 on failure
* @access public
*
* @todo add some checking for $vals to be an array of xmlrpcvals?
*/
function addArray($vals)
{
if($this->mytype==0)
{
$this->mytype=$GLOBALS['xmlrpcTypes']['array'];
$this->me['array']=$vals;
return 1;
}
elseif($this->mytype==2)
{
// we're adding to an array here
$this->me['array'] = array_merge($this->me['array'], $vals);
return 1;
}
else
{
error_log('XML-RPC: xmlrpcval::addArray: already initialized as a [' . $this->kindOf() . ']');
return 0;
}
}
/**
* Add an array of named xmlrpcval objects to an xmlrpcval
* @param array $vals
* @return int 1 or 0 on failure
* @access public
*
* @todo add some checking for $vals to be an array?
*/
function addStruct($vals)
{
if($this->mytype==0)
{
$this->mytype=$GLOBALS['xmlrpcTypes']['struct'];
$this->me['struct']=$vals;
return 1;
}
elseif($this->mytype==3)
{
// we're adding to a struct here
$this->me['struct'] = array_merge($this->me['struct'], $vals);
return 1;
}
else
{
error_log('XML-RPC: xmlrpcval::addStruct: already initialized as a [' . $this->kindOf() . ']');
return 0;
}
}
// poor man's version of print_r ???
// DEPRECATED!
function dump($ar)
{
foreach($ar as $key => $val)
{
echo "$key => $val<br />";
if($key == 'array')
{
while(list($key2, $val2) = each($val))
{
echo "-- $key2 => $val2<br />";
}
}
}
}
/**
* Returns a string containing "struct", "array" or "scalar" describing the base type of the value
* @return string
* @access public
*/
function kindOf()
{
switch($this->mytype)
{
case 3:
return 'struct';
break;
case 2:
return 'array';
break;
case 1:
return 'scalar';
break;
default:
return 'undef';
}
}
/**
* @access private
*/
function serializedata($typ, $val, $charset_encoding='')
{
$rs='';
switch(@$GLOBALS['xmlrpcTypes'][$typ])
{
case 1:
switch($typ)
{
case $GLOBALS['xmlrpcBase64']:
$rs.="<${typ}>" . base64_encode($val) . "</${typ}>";
break;
case $GLOBALS['xmlrpcBoolean']:
$rs.="<${typ}>" . ($val ? '1' : '0') . "</${typ}>";
break;
case $GLOBALS['xmlrpcString']:
// G. Giunta 2005/2/13: do NOT use htmlentities, since
// it will produce named html entities, which are invalid xml
$rs.="<${typ}>" . xmlrpc_encode_entitites($val, $GLOBALS['xmlrpc_internalencoding'], $charset_encoding). "</${typ}>";
break;
case $GLOBALS['xmlrpcInt']:
case $GLOBALS['xmlrpcI4']:
$rs.="<${typ}>".(int)$val."</${typ}>";
break;
case $GLOBALS['xmlrpcDouble']:
// avoid using standard conversion of float to string because it is locale-dependent,
// and also because the xmlrpc spec forbids exponential notation
// sprintf('%F') would be most likely ok but it is only available since PHP 4.3.10 and PHP 5.0.3.
// The code below tries its best at keeping max precision while avoiding exp notation,
// but there is of course no limit in the number of decimal places to be used...
$rs.="<${typ}>".preg_replace('/\\.?0+$/','',number_format((double)$val, 128, '.', ''))."</${typ}>";
break;
case $GLOBALS['xmlrpcNull']:
$rs.="<nil/>";
break;
default:
// no standard type value should arrive here, but provide a possibility
// for xmlrpcvals of unknown type...
$rs.="<${typ}>${val}</${typ}>";
}
break;
case 3:
// struct
if ($this->_php_class)
{
$rs.='<struct php_class="' . $this->_php_class . "\">\n";
}
else
{
$rs.="<struct>\n";
}
foreach($val as $key2 => $val2)
{
$rs.='<member><name>'.xmlrpc_encode_entitites($key2, $GLOBALS['xmlrpc_internalencoding'], $charset_encoding)."</name>\n";
//$rs.=$this->serializeval($val2);
$rs.=$val2->serialize($charset_encoding);
$rs.="</member>\n";
}
$rs.='</struct>';
break;
case 2:
// array
$rs.="<array>\n<data>\n";
for($i=0; $i<count($val); $i++)
{
//$rs.=$this->serializeval($val[$i]);
$rs.=$val[$i]->serialize($charset_encoding);
}
$rs.="</data>\n</array>";
break;
default:
break;
}
return $rs;
}
/**
* Returns xml representation of the value. XML prologue not included
* @param string $charset_encoding the charset to be used for serialization. if null, US-ASCII is assumed
* @return string
* @access public
*/
function serialize($charset_encoding='')
{
// add check? slower, but helps to avoid recursion in serializing broken xmlrpcvals...
//if (is_object($o) && (get_class($o) == 'xmlrpcval' || is_subclass_of($o, 'xmlrpcval')))
//{
reset($this->me);
list($typ, $val) = each($this->me);
return '<value>' . $this->serializedata($typ, $val, $charset_encoding) . "</value>\n";
//}
}
// DEPRECATED
function serializeval($o)
{
// add check? slower, but helps to avoid recursion in serializing broken xmlrpcvals...
//if (is_object($o) && (get_class($o) == 'xmlrpcval' || is_subclass_of($o, 'xmlrpcval')))
//{
$ar=$o->me;
reset($ar);
list($typ, $val) = each($ar);
return '<value>' . $this->serializedata($typ, $val) . "</value>\n";
//}
}
/**
* Checks wheter a struct member with a given name is present.
* Works only on xmlrpcvals of type struct.
* @param string $m the name of the struct member to be looked up
* @return boolean
* @access public
*/
function structmemexists($m)
{
return array_key_exists($m, $this->me['struct']);
}
/**
* Returns the value of a given struct member (an xmlrpcval object in itself).
* Will raise a php warning if struct member of given name does not exist
* @param string $m the name of the struct member to be looked up
* @return xmlrpcval
* @access public
*/
function structmem($m)
{
return $this->me['struct'][$m];
}
/**
* Reset internal pointer for xmlrpcvals of type struct.
* @access public
*/
function structreset()
{
reset($this->me['struct']);
}
/**
* Return next member element for xmlrpcvals of type struct.
* @return xmlrpcval
* @access public
*/
function structeach()
{
return each($this->me['struct']);
}
// DEPRECATED! this code looks like it is very fragile and has not been fixed
// for a long long time. Shall we remove it for 2.0?
function getval()
{
// UNSTABLE
reset($this->me);
list($a,$b)=each($this->me);
// contributed by I Sofer, 2001-03-24
// add support for nested arrays to scalarval
// i've created a new method here, so as to
// preserve back compatibility
if(is_array($b))
{
@reset($b);
while(list($id,$cont) = @each($b))
{
$b[$id] = $cont->scalarval();
}
}
// add support for structures directly encoding php objects
if(is_object($b))
{
$t = get_object_vars($b);
@reset($t);
while(list($id,$cont) = @each($t))
{
$t[$id] = $cont->scalarval();
}
@reset($t);
while(list($id,$cont) = @each($t))
{
@$b->$id = $cont;
}
}
// end contrib
return $b;
}
/**
* Returns the value of a scalar xmlrpcval
* @return mixed
* @access public
*/
function scalarval()
{
reset($this->me);
list(,$b)=each($this->me);
return $b;
}
/**
* Returns the type of the xmlrpcval.
* For integers, 'int' is always returned in place of 'i4'
* @return string
* @access public
*/
function scalartyp()
{
reset($this->me);
list($a,)=each($this->me);
if($a==$GLOBALS['xmlrpcI4'])
{
$a=$GLOBALS['xmlrpcInt'];
}
return $a;
}
/**
* Returns the m-th member of an xmlrpcval of struct type
* @param integer $m the index of the value to be retrieved (zero based)
* @return xmlrpcval
* @access public
*/
function arraymem($m)
{
return $this->me['array'][$m];
}
/**
* Returns the number of members in an xmlrpcval of array type
* @return integer
* @access public
*/
function arraysize()
{
return count($this->me['array']);
}
/**
* Returns the number of members in an xmlrpcval of struct type
* @return integer
* @access public
*/
function structsize()
{
return count($this->me['struct']);
}
}
// date helpers
/**
* Given a timestamp, return the corresponding ISO8601 encoded string.
*
* Really, timezones ought to be supported
* but the XML-RPC spec says:
*
* "Don't assume a timezone. It should be specified by the server in its
* documentation what assumptions it makes about timezones."
*
* These routines always assume localtime unless
* $utc is set to 1, in which case UTC is assumed
* and an adjustment for locale is made when encoding
*
* @param int $timet (timestamp)
* @param int $utc (0 or 1)
* @return string
*/
function iso8601_encode($timet, $utc=0)
{
if(!$utc)
{
$t=strftime("%Y%m%dT%H:%M:%S", $timet);
}
else
{
if(function_exists('gmstrftime'))
{
// gmstrftime doesn't exist in some versions
// of PHP
$t=gmstrftime("%Y%m%dT%H:%M:%S", $timet);
}
else
{
$t=strftime("%Y%m%dT%H:%M:%S", $timet-date('Z'));
}
}
return $t;
}
/**
* Given an ISO8601 date string, return a timet in the localtime, or UTC
* @param string $idate
* @param int $utc either 0 or 1
* @return int (datetime)
*/
function iso8601_decode($idate, $utc=0)
{
$t=0;
if(preg_match('/([0-9]{4})([0-9]{2})([0-9]{2})T([0-9]{2}):([0-9]{2}):([0-9]{2})/', $idate, $regs))
{
if($utc)
{
$t=gmmktime($regs[4], $regs[5], $regs[6], $regs[2], $regs[3], $regs[1]);
}
else
{
$t=mktime($regs[4], $regs[5], $regs[6], $regs[2], $regs[3], $regs[1]);
}
}
return $t;
}
/**
* Takes an xmlrpc value in PHP xmlrpcval object format and translates it into native PHP types.
*
* Works with xmlrpc message objects as input, too.
*
* Given proper options parameter, can rebuild generic php object instances
* (provided those have been encoded to xmlrpc format using a corresponding
* option in php_xmlrpc_encode())
* PLEASE NOTE that rebuilding php objects involves calling their constructor function.
* This means that the remote communication end can decide which php code will
* get executed on your server, leaving the door possibly open to 'php-injection'
* style of attacks (provided you have some classes defined on your server that
* might wreak havoc if instances are built outside an appropriate context).
* Make sure you trust the remote server/client before eanbling this!
*
* @author Dan Libby (dan@libby.com)
*
* @param xmlrpcval $xmlrpc_val
* @param array $options if 'decode_php_objs' is set in the options array, xmlrpc structs can be decoded into php objects
* @return mixed
*/
function php_xmlrpc_decode($xmlrpc_val, $options=array())
{
switch($xmlrpc_val->kindOf())
{
case 'scalar':
if (in_array('extension_api', $options))
{
reset($xmlrpc_val->me);
list($typ,$val) = each($xmlrpc_val->me);
switch ($typ)
{
case 'dateTime.iso8601':
$xmlrpc_val->scalar = $val;
$xmlrpc_val->xmlrpc_type = 'datetime';
$xmlrpc_val->timestamp = iso8601_decode($val);
return $xmlrpc_val;
case 'base64':
$xmlrpc_val->scalar = $val;
$xmlrpc_val->type = $typ;
return $xmlrpc_val;
default:
return $xmlrpc_val->scalarval();
}
}
return $xmlrpc_val->scalarval();
case 'array':
$size = $xmlrpc_val->arraysize();
$arr = array();
for($i = 0; $i < $size; $i++)
{
$arr[] = php_xmlrpc_decode($xmlrpc_val->arraymem($i), $options);
}
return $arr;
case 'struct':
$xmlrpc_val->structreset();
// If user said so, try to rebuild php objects for specific struct vals.
/// @todo should we raise a warning for class not found?
// shall we check for proper subclass of xmlrpcval instead of
// presence of _php_class to detect what we can do?
if (in_array('decode_php_objs', $options) && $xmlrpc_val->_php_class != ''
&& class_exists($xmlrpc_val->_php_class))
{
$obj = @new $xmlrpc_val->_php_class;
while(list($key,$value)=$xmlrpc_val->structeach())
{
$obj->$key = php_xmlrpc_decode($value, $options);
}
return $obj;
}
else
{
$arr = array();
while(list($key,$value)=$xmlrpc_val->structeach())
{
$arr[$key] = php_xmlrpc_decode($value, $options);
}
return $arr;
}
case 'msg':
$paramcount = $xmlrpc_val->getNumParams();
$arr = array();
for($i = 0; $i < $paramcount; $i++)
{
$arr[] = php_xmlrpc_decode($xmlrpc_val->getParam($i));
}
return $arr;
}
}
// This constant left here only for historical reasons...
// it was used to decide if we have to define xmlrpc_encode on our own, but
// we do not do it anymore
if(function_exists('xmlrpc_decode'))
{
define('XMLRPC_EPI_ENABLED','1');
}
else
{
define('XMLRPC_EPI_ENABLED','0');
}
/**
* Takes native php types and encodes them into xmlrpc PHP object format.
* It will not re-encode xmlrpcval objects.
*
* Feature creep -- could support more types via optional type argument
* (string => datetime support has been added, ??? => base64 not yet)
*
* If given a proper options parameter, php object instances will be encoded
* into 'special' xmlrpc values, that can later be decoded into php objects
* by calling php_xmlrpc_decode() with a corresponding option
*
* @author Dan Libby (dan@libby.com)
*
* @param mixed $php_val the value to be converted into an xmlrpcval object
* @param array $options can include 'encode_php_objs', 'auto_dates', 'null_extension' or 'extension_api'
* @return xmlrpcval
*/
function &php_xmlrpc_encode($php_val, $options=array())
{
$type = gettype($php_val);
switch($type)
{
case 'string':
if (in_array('auto_dates', $options) && preg_match('/^[0-9]{8}T[0-9]{2}:[0-9]{2}:[0-9]{2}$/', $php_val))
$xmlrpc_val =& new xmlrpcval($php_val, $GLOBALS['xmlrpcDateTime']);
else
$xmlrpc_val =& new xmlrpcval($php_val, $GLOBALS['xmlrpcString']);
break;
case 'integer':
$xmlrpc_val =& new xmlrpcval($php_val, $GLOBALS['xmlrpcInt']);
break;
case 'double':
$xmlrpc_val =& new xmlrpcval($php_val, $GLOBALS['xmlrpcDouble']);
break;
// <G_Giunta_2001-02-29>
// Add support for encoding/decoding of booleans, since they are supported in PHP
case 'boolean':
$xmlrpc_val =& new xmlrpcval($php_val, $GLOBALS['xmlrpcBoolean']);
break;
// </G_Giunta_2001-02-29>
case 'array':
// PHP arrays can be encoded to either xmlrpc structs or arrays,
// depending on wheter they are hashes or plain 0..n integer indexed
// A shorter one-liner would be
// $tmp = array_diff(array_keys($php_val), range(0, count($php_val)-1));
// but execution time skyrockets!
$j = 0;
$arr = array();
$ko = false;
foreach($php_val as $key => $val)
{
$arr[$key] =& php_xmlrpc_encode($val, $options);
if(!$ko && $key !== $j)
{
$ko = true;
}
$j++;
}
if($ko)
{
$xmlrpc_val =& new xmlrpcval($arr, $GLOBALS['xmlrpcStruct']);
}
else
{
$xmlrpc_val =& new xmlrpcval($arr, $GLOBALS['xmlrpcArray']);
}
break;
case 'object':
if(is_a($php_val, 'xmlrpcval'))
{
$xmlrpc_val = $php_val;
}
else
{
$arr = array();
while(list($k,$v) = each($php_val))
{
$arr[$k] = php_xmlrpc_encode($v, $options);
}
$xmlrpc_val =& new xmlrpcval($arr, $GLOBALS['xmlrpcStruct']);
if (in_array('encode_php_objs', $options))
{
// let's save original class name into xmlrpcval:
// might be useful later on...
$xmlrpc_val->_php_class = get_class($php_val);
}
}
break;
case 'NULL':
if (in_array('extension_api', $options))
{
$xmlrpc_val =& new xmlrpcval('', $GLOBALS['xmlrpcString']);
}
if (in_array('null_extension', $options))
{
$xmlrpc_val =& new xmlrpcval('', $GLOBALS['xmlrpcNull']);
}
else
{
$xmlrpc_val =& new xmlrpcval();
}
break;
case 'resource':
if (in_array('extension_api', $options))
{
$xmlrpc_val =& new xmlrpcval((int)$php_val, $GLOBALS['xmlrpcInt']);
}
else
{
$xmlrpc_val =& new xmlrpcval();
}
// catch "user function", "unknown type"
default:
// giancarlo pinerolo <ping@alt.it>
// it has to return
// an empty object in case, not a boolean.
$xmlrpc_val =& new xmlrpcval();
break;
}
return $xmlrpc_val;
}
/**
* Convert the xml representation of a method response, method request or single
* xmlrpc value into the appropriate object (a.k.a. deserialize)
* @param string $xml_val
* @param array $options
* @return mixed false on error, or an instance of either xmlrpcval, xmlrpcmsg or xmlrpcresp
*/
function php_xmlrpc_decode_xml($xml_val, $options=array())
{
$GLOBALS['_xh'] = array();
$GLOBALS['_xh']['ac'] = '';
$GLOBALS['_xh']['stack'] = array();
$GLOBALS['_xh']['valuestack'] = array();
$GLOBALS['_xh']['params'] = array();
$GLOBALS['_xh']['pt'] = array();
$GLOBALS['_xh']['isf'] = 0;
$GLOBALS['_xh']['isf_reason'] = '';
$GLOBALS['_xh']['method'] = false;
$GLOBALS['_xh']['rt'] = '';
/// @todo 'guestimate' encoding
$parser = xml_parser_create();
xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true);
// What if internal encoding is not in one of the 3 allowed?
// we use the broadest one, ie. utf8!
if (!in_array($GLOBALS['xmlrpc_internalencoding'], array('UTF-8', 'ISO-8859-1', 'US-ASCII')))
{
xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, 'UTF-8');
}
else
{
xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $GLOBALS['xmlrpc_internalencoding']);
}
xml_set_element_handler($parser, 'xmlrpc_se_any', 'xmlrpc_ee');
xml_set_character_data_handler($parser, 'xmlrpc_cd');
xml_set_default_handler($parser, 'xmlrpc_dh');
if(!xml_parse($parser, $xml_val, 1))
{
$errstr = sprintf('XML error: %s at line %d, column %d',
xml_error_string(xml_get_error_code($parser)),
xml_get_current_line_number($parser), xml_get_current_column_number($parser));
error_log($errstr);
xml_parser_free($parser);
return false;
}
xml_parser_free($parser);
if ($GLOBALS['_xh']['isf'] > 1) // test that $GLOBALS['_xh']['value'] is an obj, too???
{
error_log($GLOBALS['_xh']['isf_reason']);
return false;
}
switch ($GLOBALS['_xh']['rt'])
{
case 'methodresponse':
$v =& $GLOBALS['_xh']['value'];
if ($GLOBALS['_xh']['isf'] == 1)
{
$vc = $v->structmem('faultCode');
$vs = $v->structmem('faultString');
$r =& new xmlrpcresp(0, $vc->scalarval(), $vs->scalarval());
}
else
{
$r =& new xmlrpcresp($v);
}
return $r;
case 'methodcall':
$m =& new xmlrpcmsg($GLOBALS['_xh']['method']);
for($i=0; $i < count($GLOBALS['_xh']['params']); $i++)
{
$m->addParam($GLOBALS['_xh']['params'][$i]);
}
return $m;
case 'value':
return $GLOBALS['_xh']['value'];
default:
return false;
}
}
/**
* decode a string that is encoded w/ "chunked" transfer encoding
* as defined in rfc2068 par. 19.4.6
* code shamelessly stolen from nusoap library by Dietrich Ayala
*
* @param string $buffer the string to be decoded
* @return string
*/
function decode_chunked($buffer)
{
// length := 0
$length = 0;
$new = '';
// read chunk-size, chunk-extension (if any) and crlf
// get the position of the linebreak
$chunkend = strpos($buffer,"\r\n") + 2;
$temp = substr($buffer,0,$chunkend);
$chunk_size = hexdec( trim($temp) );
$chunkstart = $chunkend;
while($chunk_size > 0)
{
$chunkend = strpos($buffer, "\r\n", $chunkstart + $chunk_size);
// just in case we got a broken connection
if($chunkend == false)
{
$chunk = substr($buffer,$chunkstart);
// append chunk-data to entity-body
$new .= $chunk;
$length += strlen($chunk);
break;
}
// read chunk-data and crlf
$chunk = substr($buffer,$chunkstart,$chunkend-$chunkstart);
// append chunk-data to entity-body
$new .= $chunk;
// length := length + chunk-size
$length += strlen($chunk);
// read chunk-size and crlf
$chunkstart = $chunkend + 2;
$chunkend = strpos($buffer,"\r\n",$chunkstart)+2;
if($chunkend == false)
{
break; //just in case we got a broken connection
}
$temp = substr($buffer,$chunkstart,$chunkend-$chunkstart);
$chunk_size = hexdec( trim($temp) );
$chunkstart = $chunkend;
}
return $new;
}
/**
* xml charset encoding guessing helper function.
* Tries to determine the charset encoding of an XML chunk received over HTTP.
* NB: according to the spec (RFC 3023), if text/xml content-type is received over HTTP without a content-type,
* we SHOULD assume it is strictly US-ASCII. But we try to be more tolerant of unconforming (legacy?) clients/servers,
* which will be most probably using UTF-8 anyway...
*
* @param string $httpheaders the http Content-type header
* @param string $xmlchunk xml content buffer
* @param string $encoding_prefs comma separated list of character encodings to be used as default (when mb extension is enabled)
*
* @todo explore usage of mb_http_input(): does it detect http headers + post data? if so, use it instead of hand-detection!!!
*/
function guess_encoding($httpheader='', $xmlchunk='', $encoding_prefs=null)
{
// discussion: see http://www.yale.edu/pclt/encoding/
// 1 - test if encoding is specified in HTTP HEADERS
//Details:
// LWS: (\13\10)?( |\t)+
// token: (any char but excluded stuff)+
// quoted string: " (any char but double quotes and cointrol chars)* "
// header: Content-type = ...; charset=value(; ...)*
// where value is of type token, no LWS allowed between 'charset' and value
// Note: we do not check for invalid chars in VALUE:
// this had better be done using pure ereg as below
// Note 2: we might be removing whitespace/tabs that ought to be left in if
// the received charset is a quoted string. But nobody uses such charset names...
/// @todo this test will pass if ANY header has charset specification, not only Content-Type. Fix it?
$matches = array();
if(preg_match('/;\s*charset\s*=([^;]+)/i', $httpheader, $matches))
{
return strtoupper(trim($matches[1], " \t\""));
}
// 2 - scan the first bytes of the data for a UTF-16 (or other) BOM pattern
// (source: http://www.w3.org/TR/2000/REC-xml-20001006)
// NOTE: actually, according to the spec, even if we find the BOM and determine
// an encoding, we should check if there is an encoding specified
// in the xml declaration, and verify if they match.
/// @todo implement check as described above?
/// @todo implement check for first bytes of string even without a BOM? (It sure looks harder than for cases WITH a BOM)
if(preg_match('/^(\x00\x00\xFE\xFF|\xFF\xFE\x00\x00|\x00\x00\xFF\xFE|\xFE\xFF\x00\x00)/', $xmlchunk))
{
return 'UCS-4';
}
elseif(preg_match('/^(\xFE\xFF|\xFF\xFE)/', $xmlchunk))
{
return 'UTF-16';
}
elseif(preg_match('/^(\xEF\xBB\xBF)/', $xmlchunk))
{
return 'UTF-8';
}
// 3 - test if encoding is specified in the xml declaration
// Details:
// SPACE: (#x20 | #x9 | #xD | #xA)+ === [ \x9\xD\xA]+
// EQ: SPACE?=SPACE? === [ \x9\xD\xA]*=[ \x9\xD\xA]*
if (preg_match('/^<\?xml\s+version\s*=\s*'. "((?:\"[a-zA-Z0-9_.:-]+\")|(?:'[a-zA-Z0-9_.:-]+'))".
'\s+encoding\s*=\s*' . "((?:\"[A-Za-z][A-Za-z0-9._-]*\")|(?:'[A-Za-z][A-Za-z0-9._-]*'))/",
$xmlchunk, $matches))
{
return strtoupper(substr($matches[2], 1, -1));
}
// 4 - if mbstring is available, let it do the guesswork
// NB: we favour finding an encoding that is compatible with what we can process
if(extension_loaded('mbstring'))
{
if($encoding_prefs)
{
$enc = mb_detect_encoding($xmlchunk, $encoding_prefs);
}
else
{
$enc = mb_detect_encoding($xmlchunk);
}
// NB: mb_detect likes to call it ascii, xml parser likes to call it US_ASCII...
// IANA also likes better US-ASCII, so go with it
if($enc == 'ASCII')
{
$enc = 'US-'.$enc;
}
return $enc;
}
else
{
// no encoding specified: as per HTTP1.1 assume it is iso-8859-1?
// Both RFC 2616 (HTTP 1.1) and 1945 (HTTP 1.0) clearly state that for text/xxx content types
// this should be the standard. And we should be getting text/xml as request and response.
// BUT we have to be backward compatible with the lib, which always used UTF-8 as default...
return $GLOBALS['xmlrpc_defencoding'];
}
}
/**
* Checks if a given charset encoding is present in a list of encodings or
* if it is a valid subset of any encoding in the list
* @param string $encoding charset to be tested
* @param mixed $validlist comma separated list of valid charsets (or array of charsets)
*/
function is_valid_charset($encoding, $validlist)
{
$charset_supersets = array(
'US-ASCII' => array ('ISO-8859-1', 'ISO-8859-2', 'ISO-8859-3', 'ISO-8859-4',
'ISO-8859-5', 'ISO-8859-6', 'ISO-8859-7', 'ISO-8859-8',
'ISO-8859-9', 'ISO-8859-10', 'ISO-8859-11', 'ISO-8859-12',
'ISO-8859-13', 'ISO-8859-14', 'ISO-8859-15', 'UTF-8',
'EUC-JP', 'EUC-', 'EUC-KR', 'EUC-CN')
);
if (is_string($validlist))
$validlist = explode(',', $validlist);
if (@in_array(strtoupper($encoding), $validlist))
return true;
else
{
if (array_key_exists($encoding, $charset_supersets))
foreach ($validlist as $allowed)
if (in_array($allowed, $charset_supersets[$encoding]))
return true;
return false;
}
}
?>

944
thirdparty/xmlrpc/xmlrpc_wrappers.php vendored Normal file
View File

@ -0,0 +1,944 @@
<?php
/**
* PHP-XMLRPC "wrapper" functions
* Generate stubs to transparently access xmlrpc methods as php functions and viceversa
*
* @version $Id: xmlrpc_wrappers.inc,v 1.13 2008/09/20 01:23:47 ggiunta Exp $
* @author Gaetano Giunta
* @copyright (C) 2006-2008 G. Giunta
* @license code licensed under the BSD License: http://phpxmlrpc.sourceforge.net/license.txt
*
* @todo separate introspection from code generation for func-2-method wrapping
* @todo use some better templating system for code generation?
* @todo implement method wrapping with preservation of php objs in calls
* @todo when wrapping methods without obj rebuilding, use return_type = 'phpvals' (faster)
* @todo implement self-parsing of php code for PHP <= 4
*/
// requires: xmlrpc.inc
/**
* Given a string defining a php type or phpxmlrpc type (loosely defined: strings
* accepted come from javadoc blocks), return corresponding phpxmlrpc type.
* NB: for php 'resource' types returns empty string, since resources cannot be serialized;
* for php class names returns 'struct', since php objects can be serialized as xmlrpc structs
* @param string $phptype
* @return string
*/
function php_2_xmlrpc_type($phptype)
{
switch(strtolower($phptype))
{
case 'string':
return $GLOBALS['xmlrpcString'];
case 'integer':
case $GLOBALS['xmlrpcInt']: // 'int'
case $GLOBALS['xmlrpcI4']:
return $GLOBALS['xmlrpcInt'];
case 'double':
return $GLOBALS['xmlrpcDouble'];
case 'boolean':
return $GLOBALS['xmlrpcBoolean'];
case 'array':
return $GLOBALS['xmlrpcArray'];
case 'object':
return $GLOBALS['xmlrpcStruct'];
case $GLOBALS['xmlrpcBase64']:
case $GLOBALS['xmlrpcStruct']:
return strtolower($phptype);
case 'resource':
return '';
default:
if(class_exists($phptype))
{
return $GLOBALS['xmlrpcStruct'];
}
else
{
// unknown: might be any 'extended' xmlrpc type
return $GLOBALS['xmlrpcValue'];
}
}
}
/**
* Given a string defining a phpxmlrpc type return corresponding php type.
* @param string $xmlrpctype
* @return string
*/
function xmlrpc_2_php_type($xmlrpctype)
{
switch(strtolower($xmlrpctype))
{
case 'base64':
case 'datetime.iso8601':
case 'string':
return $GLOBALS['xmlrpcString'];
case 'int':
case 'i4':
return 'integer';
case 'struct':
case 'array':
return 'array';
case 'double':
return 'float';
case 'undefined':
return 'mixed';
case 'boolean':
case 'null':
default:
// unknown: might be any xmlrpc type
return strtolower($xmlrpctype);
}
}
/**
* Given a user-defined PHP function, create a PHP 'wrapper' function that can
* be exposed as xmlrpc method from an xmlrpc_server object and called from remote
* clients (as well as its corresponding signature info).
*
* Since php is a typeless language, to infer types of input and output parameters,
* it relies on parsing the javadoc-style comment block associated with the given
* function. Usage of xmlrpc native types (such as datetime.dateTime.iso8601 and base64)
* in the @param tag is also allowed, if you need the php function to receive/send
* data in that particular format (note that base64 encoding/decoding is transparently
* carried out by the lib, while datetime vals are passed around as strings)
*
* Known limitations:
* - requires PHP 5.0.3 +
* - only works for user-defined functions, not for PHP internal functions
* (reflection does not support retrieving number/type of params for those)
* - functions returning php objects will generate special xmlrpc responses:
* when the xmlrpc decoding of those responses is carried out by this same lib, using
* the appropriate param in php_xmlrpc_decode, the php objects will be rebuilt.
* In short: php objects can be serialized, too (except for their resource members),
* using this function.
* Other libs might choke on the very same xml that will be generated in this case
* (i.e. it has a nonstandard attribute on struct element tags)
* - usage of javadoc @param tags using param names in a different order from the
* function prototype is not considered valid (to be fixed?)
*
* Note that since rel. 2.0RC3 the preferred method to have the server call 'standard'
* php functions (ie. functions not expecting a single xmlrpcmsg obj as parameter)
* is by making use of the functions_parameters_type class member.
*
* @param string $funcname the name of the PHP user function to be exposed as xmlrpc method; array($obj, 'methodname') and array('class', 'methodname') are ok too
* @param string $newfuncname (optional) name for function to be created
* @param array $extra_options (optional) array of options for conversion. valid values include:
* bool return_source when true, php code w. function definition will be returned, not evaluated
* bool encode_php_objs let php objects be sent to server using the 'improved' xmlrpc notation, so server can deserialize them as php objects
* bool decode_php_objs --- WARNING !!! possible security hazard. only use it with trusted servers ---
* bool suppress_warnings remove from produced xml any runtime warnings due to the php function being invoked
* @return false on error, or an array containing the name of the new php function,
* its signature and docs, to be used in the server dispatch map
*
* @todo decide how to deal with params passed by ref: bomb out or allow?
* @todo finish using javadoc info to build method sig if all params are named but out of order
* @todo add a check for params of 'resource' type
* @todo add some trigger_errors / error_log when returning false?
* @todo what to do when the PHP function returns NULL? we are currently returning an empty string value...
* @todo add an option to suppress php warnings in invocation of user function, similar to server debug level 3?
* @todo if $newfuncname is empty, we could use create_user_func instead of eval, as it is possibly faster
* @todo add a verbatim_object_copy parameter to allow avoiding the same obj instance?
*/
function wrap_php_function($funcname, $newfuncname='', $extra_options=array())
{
$buildit = isset($extra_options['return_source']) ? !($extra_options['return_source']) : true;
$prefix = isset($extra_options['prefix']) ? $extra_options['prefix'] : 'xmlrpc';
$encode_php_objects = isset($extra_options['encode_php_objs']) ? (bool)$extra_options['encode_php_objs'] : false;
$decode_php_objects = isset($extra_options['decode_php_objs']) ? (bool)$extra_options['decode_php_objs'] : false;
$catch_warnings = isset($extra_options['suppress_warnings']) && $extra_options['suppress_warnings'] ? '@' : '';
if(version_compare(phpversion(), '5.0.3') == -1)
{
// up to php 5.0.3 some useful reflection methods were missing
error_log('XML-RPC: cannot not wrap php functions unless running php version bigger than 5.0.3');
return false;
}
$exists = false;
if(is_array($funcname))
{
if(count($funcname) < 2 || (!is_string($funcname[0]) && !is_object($funcname[0])))
{
error_log('XML-RPC: syntax for function to be wrapped is wrong');
return false;
}
if(is_string($funcname[0]))
{
$plainfuncname = implode('::', $funcname);
}
elseif(is_object($funcname[0]))
{
$plainfuncname = get_class($funcname[0]) . '->' . $funcname[1];
}
$exists = method_exists($funcname[0], $funcname[1]);
}
else
{
$plainfuncname = $funcname;
$exists = function_exists($funcname);
}
if(!$exists)
{
error_log('XML-RPC: function to be wrapped is not defined: '.$plainfuncname);
return false;
}
else
{
// determine name of new php function
if($newfuncname == '')
{
if(is_array($funcname))
{
if(is_string($funcname[0]))
$xmlrpcfuncname = "{$prefix}_".implode('_', $funcname);
else
$xmlrpcfuncname = "{$prefix}_".get_class($funcname[0]) . '_' . $funcname[1];
}
else
{
$xmlrpcfuncname = "{$prefix}_$funcname";
}
}
else
{
$xmlrpcfuncname = $newfuncname;
}
while($buildit && function_exists($xmlrpcfuncname))
{
$xmlrpcfuncname .= 'x';
}
// start to introspect PHP code
if(is_array($funcname))
{
$func =& new ReflectionMethod($funcname[0], $funcname[1]);
if($func->isPrivate())
{
error_log('XML-RPC: method to be wrapped is private: '.$plainfuncname);
return false;
}
if($func->isProtected())
{
error_log('XML-RPC: method to be wrapped is protected: '.$plainfuncname);
return false;
}
if($func->isConstructor())
{
error_log('XML-RPC: method to be wrapped is the constructor: '.$plainfuncname);
return false;
}
if($func->isDestructor())
{
error_log('XML-RPC: method to be wrapped is the destructor: '.$plainfuncname);
return false;
}
if($func->isAbstract())
{
error_log('XML-RPC: method to be wrapped is abstract: '.$plainfuncname);
return false;
}
/// @todo add more checks for static vs. nonstatic?
}
else
{
$func =& new ReflectionFunction($funcname);
}
if($func->isInternal())
{
// Note: from PHP 5.1.0 onward, we will possibly be able to use invokeargs
// instead of getparameters to fully reflect internal php functions ?
error_log('XML-RPC: function to be wrapped is internal: '.$plainfuncname);
return false;
}
// retrieve parameter names, types and description from javadoc comments
// function description
$desc = '';
// type of return val: by default 'any'
$returns = $GLOBALS['xmlrpcValue'];
// desc of return val
$returnsDocs = '';
// type + name of function parameters
$paramDocs = array();
$docs = $func->getDocComment();
if($docs != '')
{
$docs = explode("\n", $docs);
$i = 0;
foreach($docs as $doc)
{
$doc = trim($doc, " \r\t/*");
if(strlen($doc) && strpos($doc, '@') !== 0 && !$i)
{
if($desc)
{
$desc .= "\n";
}
$desc .= $doc;
}
elseif(strpos($doc, '@param') === 0)
{
// syntax: @param type [$name] desc
if(preg_match('/@param\s+(\S+)(\s+\$\S+)?\s+(.+)/', $doc, $matches))
{
if(strpos($matches[1], '|'))
{
//$paramDocs[$i]['type'] = explode('|', $matches[1]);
$paramDocs[$i]['type'] = 'mixed';
}
else
{
$paramDocs[$i]['type'] = $matches[1];
}
$paramDocs[$i]['name'] = trim($matches[2]);
$paramDocs[$i]['doc'] = $matches[3];
}
$i++;
}
elseif(strpos($doc, '@return') === 0)
{
// syntax: @return type desc
//$returns = preg_split('/\s+/', $doc);
if(preg_match('/@return\s+(\S+)\s+(.+)/', $doc, $matches))
{
$returns = php_2_xmlrpc_type($matches[1]);
if(isset($matches[2]))
{
$returnsDocs = $matches[2];
}
}
}
}
}
// execute introspection of actual function prototype
$params = array();
$i = 0;
foreach($func->getParameters() as $paramobj)
{
$params[$i] = array();
$params[$i]['name'] = '$'.$paramobj->getName();
$params[$i]['isoptional'] = $paramobj->isOptional();
$i++;
}
// start building of PHP code to be eval'd
$innercode = '';
$i = 0;
$parsvariations = array();
$pars = array();
$pnum = count($params);
foreach($params as $param)
{
if (isset($paramDocs[$i]['name']) && $paramDocs[$i]['name'] && strtolower($paramDocs[$i]['name']) != strtolower($param['name']))
{
// param name from phpdoc info does not match param definition!
$paramDocs[$i]['type'] = 'mixed';
}
if($param['isoptional'])
{
// this particular parameter is optional. save as valid previous list of parameters
$innercode .= "if (\$paramcount > $i) {\n";
$parsvariations[] = $pars;
}
$innercode .= "\$p$i = \$msg->getParam($i);\n";
if ($decode_php_objects)
{
$innercode .= "if (\$p{$i}->kindOf() == 'scalar') \$p$i = \$p{$i}->scalarval(); else \$p$i = php_{$prefix}_decode(\$p$i, array('decode_php_objs'));\n";
}
else
{
$innercode .= "if (\$p{$i}->kindOf() == 'scalar') \$p$i = \$p{$i}->scalarval(); else \$p$i = php_{$prefix}_decode(\$p$i);\n";
}
$pars[] = "\$p$i";
$i++;
if($param['isoptional'])
{
$innercode .= "}\n";
}
if($i == $pnum)
{
// last allowed parameters combination
$parsvariations[] = $pars;
}
}
$sigs = array();
$psigs = array();
if(count($parsvariations) == 0)
{
// only known good synopsis = no parameters
$parsvariations[] = array();
$minpars = 0;
}
else
{
$minpars = count($parsvariations[0]);
}
if($minpars)
{
// add to code the check for min params number
// NB: this check needs to be done BEFORE decoding param values
$innercode = "\$paramcount = \$msg->getNumParams();\n" .
"if (\$paramcount < $minpars) return new {$prefix}resp(0, {$GLOBALS['xmlrpcerr']['incorrect_params']}, '{$GLOBALS['xmlrpcstr']['incorrect_params']}');\n" . $innercode;
}
else
{
$innercode = "\$paramcount = \$msg->getNumParams();\n" . $innercode;
}
$innercode .= "\$np = false;\n";
// since there are no closures in php, if we are given an object instance,
// we store a pointer to it in a global var...
if ( is_array($funcname) && is_object($funcname[0]) )
{
$GLOBALS['xmlrpcWPFObjHolder'][$xmlrpcfuncname] =& $funcname[0];
$innercode .= "\$obj =& \$GLOBALS['xmlrpcWPFObjHolder']['$xmlrpcfuncname'];\n";
$realfuncname = '$obj->'.$funcname[1];
}
else
{
$realfuncname = $plainfuncname;
}
foreach($parsvariations as $pars)
{
$innercode .= "if (\$paramcount == " . count($pars) . ") \$retval = {$catch_warnings}$realfuncname(" . implode(',', $pars) . "); else\n";
// build a 'generic' signature (only use an appropriate return type)
$sig = array($returns);
$psig = array($returnsDocs);
for($i=0; $i < count($pars); $i++)
{
if (isset($paramDocs[$i]['type']))
{
$sig[] = php_2_xmlrpc_type($paramDocs[$i]['type']);
}
else
{
$sig[] = $GLOBALS['xmlrpcValue'];
}
$psig[] = isset($paramDocs[$i]['doc']) ? $paramDocs[$i]['doc'] : '';
}
$sigs[] = $sig;
$psigs[] = $psig;
}
$innercode .= "\$np = true;\n";
$innercode .= "if (\$np) return new {$prefix}resp(0, {$GLOBALS['xmlrpcerr']['incorrect_params']}, '{$GLOBALS['xmlrpcstr']['incorrect_params']}'); else {\n";
//$innercode .= "if (\$_xmlrpcs_error_occurred) return new xmlrpcresp(0, $GLOBALS['xmlrpcerr']user, \$_xmlrpcs_error_occurred); else\n";
$innercode .= "if (is_a(\$retval, '{$prefix}resp')) return \$retval; else\n";
if($returns == $GLOBALS['xmlrpcDateTime'] || $returns == $GLOBALS['xmlrpcBase64'])
{
$innercode .= "return new {$prefix}resp(new {$prefix}val(\$retval, '$returns'));";
}
else
{
if ($encode_php_objects)
$innercode .= "return new {$prefix}resp(php_{$prefix}_encode(\$retval, array('encode_php_objs')));\n";
else
$innercode .= "return new {$prefix}resp(php_{$prefix}_encode(\$retval));\n";
}
// shall we exclude functions returning by ref?
// if($func->returnsReference())
// return false;
$code = "function $xmlrpcfuncname(\$msg) {\n" . $innercode . "}\n}";
//print_r($code);
if ($buildit)
{
$allOK = 0;
eval($code.'$allOK=1;');
// alternative
//$xmlrpcfuncname = create_function('$m', $innercode);
if(!$allOK)
{
error_log('XML-RPC: could not create function '.$xmlrpcfuncname.' to wrap php function '.$plainfuncname);
return false;
}
}
/// @todo examine if $paramDocs matches $parsvariations and build array for
/// usage as method signature, plus put together a nice string for docs
$ret = array('function' => $xmlrpcfuncname, 'signature' => $sigs, 'docstring' => $desc, 'signature_docs' => $psigs, 'source' => $code);
return $ret;
}
}
/**
* Given a user-defined PHP class or php object, map its methods onto a list of
* PHP 'wrapper' functions that can be exposed as xmlrpc methods from an xmlrpc_server
* object and called from remote clients (as well as their corresponding signature info).
*
* @param mixed $classname the name of the class whose methods are to be exposed as xmlrpc methods, or an object instance of that class
* @param array $extra_options see the docs for wrap_php_method for more options
* string method_type 'static', 'nonstatic', 'all' and 'auto' (default); the latter will switch between static and non-static depending on wheter $classname is a class name or object instance
* @return array or false on failure
*
* @todo get_class_methods will return both static and non-static methods.
* we have to differentiate the action, depending on wheter we recived a class name or object
*/
function wrap_php_class($classname, $extra_options=array())
{
$methodfilter = isset($extra_options['method_filter']) ? $extra_options['method_filter'] : '';
$methodtype = isset($extra_options['method_type']) ? $extra_options['method_type'] : 'auto';
if(version_compare(phpversion(), '5.0.3') == -1)
{
// up to php 5.0.3 some useful reflection methods were missing
error_log('XML-RPC: cannot not wrap php functions unless running php version bigger than 5.0.3');
return false;
}
$result = array();
$mlist = get_class_methods($classname);
foreach($mlist as $mname)
{
if ($methodfilter == '' || preg_match($methodfilter, $mname))
{
// echo $mlist."\n";
$func =& new ReflectionMethod($classname, $mname);
if(!$func->isPrivate() && !$func->isProtected() && !$func->isConstructor() && !$func->isDestructor() && !$func->isAbstract())
{
if(($func->isStatic && ($methodtype == 'all' || $methodtype == 'static' || ($methodtype == 'auto' && is_string($classname)))) ||
(!$func->isStatic && ($methodtype == 'all' || $methodtype == 'nonstatic' || ($methodtype == 'auto' && is_object($classname)))))
{
$methodwrap = wrap_php_function(array($classname, $mname), '', $extra_options);
if ( $methodwrap )
{
$result[$methodwrap['function']] = $methodwrap['function'];
}
}
}
}
}
return $result;
}
/**
* Given an xmlrpc client and a method name, register a php wrapper function
* that will call it and return results using native php types for both
* params and results. The generated php function will return an xmlrpcresp
* oject for failed xmlrpc calls
*
* Known limitations:
* - server must support system.methodsignature for the wanted xmlrpc method
* - for methods that expose many signatures, only one can be picked (we
* could in priciple check if signatures differ only by number of params
* and not by type, but it would be more complication than we can spare time)
* - nested xmlrpc params: the caller of the generated php function has to
* encode on its own the params passed to the php function if these are structs
* or arrays whose (sub)members include values of type datetime or base64
*
* Notes: the connection properties of the given client will be copied
* and reused for the connection used during the call to the generated
* php function.
* Calling the generated php function 'might' be slow: a new xmlrpc client
* is created on every invocation and an xmlrpc-connection opened+closed.
* An extra 'debug' param is appended to param list of xmlrpc method, useful
* for debugging purposes.
*
* @param xmlrpc_client $client an xmlrpc client set up correctly to communicate with target server
* @param string $methodname the xmlrpc method to be mapped to a php function
* @param array $extra_options array of options that specify conversion details. valid ptions include
* integer signum the index of the method signature to use in mapping (if method exposes many sigs)
* integer timeout timeout (in secs) to be used when executing function/calling remote method
* string protocol 'http' (default), 'http11' or 'https'
* string new_function_name the name of php function to create. If unsepcified, lib will pick an appropriate name
* string return_source if true return php code w. function definition instead fo function name
* bool encode_php_objs let php objects be sent to server using the 'improved' xmlrpc notation, so server can deserialize them as php objects
* bool decode_php_objs --- WARNING !!! possible security hazard. only use it with trusted servers ---
* mixed return_on_fault a php value to be returned when the xmlrpc call fails/returns a fault response (by default the xmlrpcresp object is returned in this case). If a string is used, '%faultCode%' and '%faultString%' tokens will be substituted with actual error values
* bool debug set it to 1 or 2 to see debug results of querying server for method synopsis
* @return string the name of the generated php function (or false) - OR AN ARRAY...
*/
function wrap_xmlrpc_method($client, $methodname, $extra_options=0, $timeout=0, $protocol='', $newfuncname='')
{
// mind numbing: let caller use sane calling convention (as per javadoc, 3 params),
// OR the 2.0 calling convention (no options) - we really love backward compat, don't we?
if (!is_array($extra_options))
{
$signum = $extra_options;
$extra_options = array();
}
else
{
$signum = isset($extra_options['signum']) ? (int)$extra_options['signum'] : 0;
$timeout = isset($extra_options['timeout']) ? (int)$extra_options['timeout'] : 0;
$protocol = isset($extra_options['protocol']) ? $extra_options['protocol'] : '';
$newfuncname = isset($extra_options['new_function_name']) ? $extra_options['new_function_name'] : '';
}
//$encode_php_objects = in_array('encode_php_objects', $extra_options);
//$verbatim_client_copy = in_array('simple_client_copy', $extra_options) ? 1 :
// in_array('build_class_code', $extra_options) ? 2 : 0;
$encode_php_objects = isset($extra_options['encode_php_objs']) ? (bool)$extra_options['encode_php_objs'] : false;
$decode_php_objects = isset($extra_options['decode_php_objs']) ? (bool)$extra_options['decode_php_objs'] : false;
$simple_client_copy = isset($extra_options['simple_client_copy']) ? (int)($extra_options['simple_client_copy']) : 0;
$buildit = isset($extra_options['return_source']) ? !($extra_options['return_source']) : true;
$prefix = isset($extra_options['prefix']) ? $extra_options['prefix'] : 'xmlrpc';
if (isset($extra_options['return_on_fault']))
{
$decode_fault = true;
$fault_response = $extra_options['return_on_fault'];
}
else
{
$decode_fault = false;
$fault_response = '';
}
$debug = isset($extra_options['debug']) ? ($extra_options['debug']) : 0;
$msgclass = $prefix.'msg';
$valclass = $prefix.'val';
$decodefunc = 'php_'.$prefix.'_decode';
$msg =& new $msgclass('system.methodSignature');
$msg->addparam(new $valclass($methodname));
$client->setDebug($debug);
$response =& $client->send($msg, $timeout, $protocol);
if($response->faultCode())
{
error_log('XML-RPC: could not retrieve method signature from remote server for method '.$methodname);
return false;
}
else
{
$msig = $response->value();
if ($client->return_type != 'phpvals')
{
$msig = $decodefunc($msig);
}
if(!is_array($msig) || count($msig) <= $signum)
{
error_log('XML-RPC: could not retrieve method signature nr.'.$signum.' from remote server for method '.$methodname);
return false;
}
else
{
// pick a suitable name for the new function, avoiding collisions
if($newfuncname != '')
{
$xmlrpcfuncname = $newfuncname;
}
else
{
// take care to insure that methodname is translated to valid
// php function name
$xmlrpcfuncname = $prefix.'_'.preg_replace(array('/\./', '/[^a-zA-Z0-9_\x7f-\xff]/'),
array('_', ''), $methodname);
}
while($buildit && function_exists($xmlrpcfuncname))
{
$xmlrpcfuncname .= 'x';
}
$msig = $msig[$signum];
$mdesc = '';
// if in 'offline' mode, get method description too.
// in online mode, favour speed of operation
if(!$buildit)
{
$msg =& new $msgclass('system.methodHelp');
$msg->addparam(new $valclass($methodname));
$response =& $client->send($msg, $timeout, $protocol);
if (!$response->faultCode())
{
$mdesc = $response->value();
if ($client->return_type != 'phpvals')
{
$mdesc = $mdesc->scalarval();
}
}
}
$results = build_remote_method_wrapper_code($client, $methodname,
$xmlrpcfuncname, $msig, $mdesc, $timeout, $protocol, $simple_client_copy,
$prefix, $decode_php_objects, $encode_php_objects, $decode_fault,
$fault_response);
//print_r($code);
if ($buildit)
{
$allOK = 0;
eval($results['source'].'$allOK=1;');
// alternative
//$xmlrpcfuncname = create_function('$m', $innercode);
if($allOK)
{
return $xmlrpcfuncname;
}
else
{
error_log('XML-RPC: could not create function '.$xmlrpcfuncname.' to wrap remote method '.$methodname);
return false;
}
}
else
{
$results['function'] = $xmlrpcfuncname;
return $results;
}
}
}
}
/**
* Similar to wrap_xmlrpc_method, but will generate a php class that wraps
* all xmlrpc methods exposed by the remote server as own methods.
* For more details see wrap_xmlrpc_method.
* @param xmlrpc_client $client the client obj all set to query the desired server
* @param array $extra_options list of options for wrapped code
* @return mixed false on error, the name of the created class if all ok or an array with code, class name and comments (if the appropriatevoption is set in extra_options)
*/
function wrap_xmlrpc_server($client, $extra_options=array())
{
$methodfilter = isset($extra_options['method_filter']) ? $extra_options['method_filter'] : '';
//$signum = isset($extra_options['signum']) ? (int)$extra_options['signum'] : 0;
$timeout = isset($extra_options['timeout']) ? (int)$extra_options['timeout'] : 0;
$protocol = isset($extra_options['protocol']) ? $extra_options['protocol'] : '';
$newclassname = isset($extra_options['new_class_name']) ? $extra_options['new_class_name'] : '';
$encode_php_objects = isset($extra_options['encode_php_objs']) ? (bool)$extra_options['encode_php_objs'] : false;
$decode_php_objects = isset($extra_options['decode_php_objs']) ? (bool)$extra_options['decode_php_objs'] : false;
$verbatim_client_copy = isset($extra_options['simple_client_copy']) ? !($extra_options['simple_client_copy']) : true;
$buildit = isset($extra_options['return_source']) ? !($extra_options['return_source']) : true;
$prefix = isset($extra_options['prefix']) ? $extra_options['prefix'] : 'xmlrpc';
$msgclass = $prefix.'msg';
//$valclass = $prefix.'val';
$decodefunc = 'php_'.$prefix.'_decode';
$msg =& new $msgclass('system.listMethods');
$response =& $client->send($msg, $timeout, $protocol);
if($response->faultCode())
{
error_log('XML-RPC: could not retrieve method list from remote server');
return false;
}
else
{
$mlist = $response->value();
if ($client->return_type != 'phpvals')
{
$mlist = $decodefunc($mlist);
}
if(!is_array($mlist) || !count($mlist))
{
error_log('XML-RPC: could not retrieve meaningful method list from remote server');
return false;
}
else
{
// pick a suitable name for the new function, avoiding collisions
if($newclassname != '')
{
$xmlrpcclassname = $newclassname;
}
else
{
$xmlrpcclassname = $prefix.'_'.preg_replace(array('/\./', '/[^a-zA-Z0-9_\x7f-\xff]/'),
array('_', ''), $client->server).'_client';
}
while($buildit && class_exists($xmlrpcclassname))
{
$xmlrpcclassname .= 'x';
}
/// @todo add function setdebug() to new class, to enable/disable debugging
$source = "class $xmlrpcclassname\n{\nvar \$client;\n\n";
$source .= "function $xmlrpcclassname()\n{\n";
$source .= build_client_wrapper_code($client, $verbatim_client_copy, $prefix);
$source .= "\$this->client =& \$client;\n}\n\n";
$opts = array('simple_client_copy' => 2, 'return_source' => true,
'timeout' => $timeout, 'protocol' => $protocol,
'encode_php_objs' => $encode_php_objects, 'prefix' => $prefix,
'decode_php_objs' => $decode_php_objects
);
/// @todo build javadoc for class definition, too
foreach($mlist as $mname)
{
if ($methodfilter == '' || preg_match($methodfilter, $mname))
{
$opts['new_function_name'] = preg_replace(array('/\./', '/[^a-zA-Z0-9_\x7f-\xff]/'),
array('_', ''), $mname);
$methodwrap = wrap_xmlrpc_method($client, $mname, $opts);
if ($methodwrap)
{
if (!$buildit)
{
$source .= $methodwrap['docstring'];
}
$source .= $methodwrap['source']."\n";
}
else
{
error_log('XML-RPC: will not create class method to wrap remote method '.$mname);
}
}
}
$source .= "}\n";
if ($buildit)
{
$allOK = 0;
eval($source.'$allOK=1;');
// alternative
//$xmlrpcfuncname = create_function('$m', $innercode);
if($allOK)
{
return $xmlrpcclassname;
}
else
{
error_log('XML-RPC: could not create class '.$xmlrpcclassname.' to wrap remote server '.$client->server);
return false;
}
}
else
{
return array('class' => $xmlrpcclassname, 'code' => $source, 'docstring' => '');
}
}
}
}
/**
* Given the necessary info, build php code that creates a new function to
* invoke a remote xmlrpc method.
* Take care that no full checking of input parameters is done to ensure that
* valid php code is emitted.
* Note: real spaghetti code follows...
* @access private
*/
function build_remote_method_wrapper_code($client, $methodname, $xmlrpcfuncname,
$msig, $mdesc='', $timeout=0, $protocol='', $client_copy_mode=0, $prefix='xmlrpc',
$decode_php_objects=false, $encode_php_objects=false, $decode_fault=false,
$fault_response='')
{
$code = "function $xmlrpcfuncname (";
if ($client_copy_mode < 2)
{
// client copy mode 0 or 1 == partial / full client copy in emitted code
$innercode = build_client_wrapper_code($client, $client_copy_mode, $prefix);
$innercode .= "\$client->setDebug(\$debug);\n";
$this_ = '';
}
else
{
// client copy mode 2 == no client copy in emitted code
$innercode = '';
$this_ = 'this->';
}
$innercode .= "\$msg =& new {$prefix}msg('$methodname');\n";
if ($mdesc != '')
{
// take care that PHP comment is not terminated unwillingly by method description
$mdesc = "/**\n* ".str_replace('*/', '* /', $mdesc)."\n";
}
else
{
$mdesc = "/**\nFunction $xmlrpcfuncname\n";
}
// param parsing
$plist = array();
$pcount = count($msig);
for($i = 1; $i < $pcount; $i++)
{
$plist[] = "\$p$i";
$ptype = $msig[$i];
if($ptype == 'i4' || $ptype == 'int' || $ptype == 'boolean' || $ptype == 'double' ||
$ptype == 'string' || $ptype == 'dateTime.iso8601' || $ptype == 'base64' || $ptype == 'null')
{
// only build directly xmlrpcvals when type is known and scalar
$innercode .= "\$p$i =& new {$prefix}val(\$p$i, '$ptype');\n";
}
else
{
if ($encode_php_objects)
{
$innercode .= "\$p$i =& php_{$prefix}_encode(\$p$i, array('encode_php_objs'));\n";
}
else
{
$innercode .= "\$p$i =& php_{$prefix}_encode(\$p$i);\n";
}
}
$innercode .= "\$msg->addparam(\$p$i);\n";
$mdesc .= '* @param '.xmlrpc_2_php_type($ptype)." \$p$i\n";
}
if ($client_copy_mode < 2)
{
$plist[] = '$debug=0';
$mdesc .= "* @param int \$debug when 1 (or 2) will enable debugging of the underlying {$prefix} call (defaults to 0)\n";
}
$plist = implode(', ', $plist);
$mdesc .= '* @return '.xmlrpc_2_php_type($msig[0])." (or an {$prefix}resp obj instance if call fails)\n*/\n";
$innercode .= "\$res =& \${$this_}client->send(\$msg, $timeout, '$protocol');\n";
if ($decode_fault)
{
if (is_string($fault_response) && ((strpos($fault_response, '%faultCode%') !== false) || (strpos($fault_response, '%faultString%') !== false)))
{
$respcode = "str_replace(array('%faultCode%', '%faultString%'), array(\$res->faultCode(), \$res->faultString()), '".str_replace("'", "''", $fault_response)."')";
}
else
{
$respcode = var_export($fault_response, true);
}
}
else
{
$respcode = '$res';
}
if ($decode_php_objects)
{
$innercode .= "if (\$res->faultcode()) return $respcode; else return php_{$prefix}_decode(\$res->value(), array('decode_php_objs'));";
}
else
{
$innercode .= "if (\$res->faultcode()) return $respcode; else return php_{$prefix}_decode(\$res->value());";
}
$code = $code . $plist. ") {\n" . $innercode . "\n}\n";
return array('source' => $code, 'docstring' => $mdesc);
}
/**
* Given necessary info, generate php code that will rebuild a client object
* Take care that no full checking of input parameters is done to ensure that
* valid php code is emitted.
* @access private
*/
function build_client_wrapper_code($client, $verbatim_client_copy, $prefix='xmlrpc')
{
$code = "\$client =& new {$prefix}_client('".str_replace("'", "\'", $client->path).
"', '" . str_replace("'", "\'", $client->server) . "', $client->port);\n";
// copy all client fields to the client that will be generated runtime
// (this provides for future expansion or subclassing of client obj)
if ($verbatim_client_copy)
{
foreach($client as $fld => $val)
{
if($fld != 'debug' && $fld != 'return_type')
{
$val = var_export($val, true);
$code .= "\$client->$fld = $val;\n";
}
}
}
// only make sure that client always returns the correct data type
$code .= "\$client->return_type = '{$prefix}vals';\n";
//$code .= "\$client->setDebug(\$debug);\n";
return $code;
}
?>

1198
thirdparty/xmlrpc/xmlrpcs.php vendored Normal file
View File

@ -0,0 +1,1198 @@
<?php
// by Edd Dumbill (C) 1999-2002
// <edd@usefulinc.com>
// $Id: xmlrpcs.inc,v 1.71 2008/10/29 23:41:28 ggiunta Exp $
// Copyright (c) 1999,2000,2002 Edd Dumbill.
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions
// are met:
//
// * Redistributions of source code must retain the above copyright
// notice, this list of conditions and the following disclaimer.
//
// * Redistributions in binary form must reproduce the above
// copyright notice, this list of conditions and the following
// disclaimer in the documentation and/or other materials provided
// with the distribution.
//
// * Neither the name of the "XML-RPC for PHP" nor the names of its
// contributors may be used to endorse or promote products derived
// from this software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
// REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
// OF THE POSSIBILITY OF SUCH DAMAGE.
// XML RPC Server class
// requires: xmlrpc.inc
$GLOBALS['xmlrpcs_capabilities'] = array(
// xmlrpc spec: always supported
'xmlrpc' => new xmlrpcval(array(
'specUrl' => new xmlrpcval('http://www.xmlrpc.com/spec', 'string'),
'specVersion' => new xmlrpcval(1, 'int')
), 'struct'),
// if we support system.xxx functions, we always support multicall, too...
// Note that, as of 2006/09/17, the following URL does not respond anymore
'system.multicall' => new xmlrpcval(array(
'specUrl' => new xmlrpcval('http://www.xmlrpc.com/discuss/msgReader$1208', 'string'),
'specVersion' => new xmlrpcval(1, 'int')
), 'struct'),
// introspection: version 2! we support 'mixed', too
'introspection' => new xmlrpcval(array(
'specUrl' => new xmlrpcval('http://phpxmlrpc.sourceforge.net/doc-2/ch10.html', 'string'),
'specVersion' => new xmlrpcval(2, 'int')
), 'struct')
);
/* Functions that implement system.XXX methods of xmlrpc servers */
$_xmlrpcs_getCapabilities_sig=array(array($GLOBALS['xmlrpcStruct']));
$_xmlrpcs_getCapabilities_doc='This method lists all the capabilites that the XML-RPC server has: the (more or less standard) extensions to the xmlrpc spec that it adheres to';
$_xmlrpcs_getCapabilities_sdoc=array(array('list of capabilities, described as structs with a version number and url for the spec'));
function _xmlrpcs_getCapabilities($server, $m=null)
{
$outAr = $GLOBALS['xmlrpcs_capabilities'];
// NIL extension
if ($GLOBALS['xmlrpc_null_extension']) {
$outAr['nil'] = new xmlrpcval(array(
'specUrl' => new xmlrpcval('http://www.ontosys.com/xml-rpc/extensions.php', 'string'),
'specVersion' => new xmlrpcval(1, 'int')
), 'struct');
}
return new xmlrpcresp(new xmlrpcval($outAr, 'struct'));
}
// listMethods: signature was either a string, or nothing.
// The useless string variant has been removed
$_xmlrpcs_listMethods_sig=array(array($GLOBALS['xmlrpcArray']));
$_xmlrpcs_listMethods_doc='This method lists all the methods that the XML-RPC server knows how to dispatch';
$_xmlrpcs_listMethods_sdoc=array(array('list of method names'));
function _xmlrpcs_listMethods($server, $m=null) // if called in plain php values mode, second param is missing
{
$outAr=array();
foreach($server->dmap as $key => $val)
{
$outAr[]=&new xmlrpcval($key, 'string');
}
if($server->allow_system_funcs)
{
foreach($GLOBALS['_xmlrpcs_dmap'] as $key => $val)
{
$outAr[]=&new xmlrpcval($key, 'string');
}
}
return new xmlrpcresp(new xmlrpcval($outAr, 'array'));
}
$_xmlrpcs_methodSignature_sig=array(array($GLOBALS['xmlrpcArray'], $GLOBALS['xmlrpcString']));
$_xmlrpcs_methodSignature_doc='Returns an array of known signatures (an array of arrays) for the method name passed. If no signatures are known, returns a none-array (test for type != array to detect missing signature)';
$_xmlrpcs_methodSignature_sdoc=array(array('list of known signatures, each sig being an array of xmlrpc type names', 'name of method to be described'));
function _xmlrpcs_methodSignature($server, $m)
{
// let accept as parameter both an xmlrpcval or string
if (is_object($m))
{
$methName=$m->getParam(0);
$methName=$methName->scalarval();
}
else
{
$methName=$m;
}
if(strpos($methName, "system.") === 0)
{
$dmap=$GLOBALS['_xmlrpcs_dmap']; $sysCall=1;
}
else
{
$dmap=$server->dmap; $sysCall=0;
}
if(isset($dmap[$methName]))
{
if(isset($dmap[$methName]['signature']))
{
$sigs=array();
foreach($dmap[$methName]['signature'] as $inSig)
{
$cursig=array();
foreach($inSig as $sig)
{
$cursig[]=&new xmlrpcval($sig, 'string');
}
$sigs[]=&new xmlrpcval($cursig, 'array');
}
$r=&new xmlrpcresp(new xmlrpcval($sigs, 'array'));
}
else
{
// NB: according to the official docs, we should be returning a
// "none-array" here, which means not-an-array
$r=&new xmlrpcresp(new xmlrpcval('undef', 'string'));
}
}
else
{
$r=&new xmlrpcresp(0,$GLOBALS['xmlrpcerr']['introspect_unknown'], $GLOBALS['xmlrpcstr']['introspect_unknown']);
}
return $r;
}
$_xmlrpcs_methodHelp_sig=array(array($GLOBALS['xmlrpcString'], $GLOBALS['xmlrpcString']));
$_xmlrpcs_methodHelp_doc='Returns help text if defined for the method passed, otherwise returns an empty string';
$_xmlrpcs_methodHelp_sdoc=array(array('method description', 'name of the method to be described'));
function _xmlrpcs_methodHelp($server, $m)
{
// let accept as parameter both an xmlrpcval or string
if (is_object($m))
{
$methName=$m->getParam(0);
$methName=$methName->scalarval();
}
else
{
$methName=$m;
}
if(strpos($methName, "system.") === 0)
{
$dmap=$GLOBALS['_xmlrpcs_dmap']; $sysCall=1;
}
else
{
$dmap=$server->dmap; $sysCall=0;
}
if(isset($dmap[$methName]))
{
if(isset($dmap[$methName]['docstring']))
{
$r=&new xmlrpcresp(new xmlrpcval($dmap[$methName]['docstring']), 'string');
}
else
{
$r=&new xmlrpcresp(new xmlrpcval('', 'string'));
}
}
else
{
$r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['introspect_unknown'], $GLOBALS['xmlrpcstr']['introspect_unknown']);
}
return $r;
}
$_xmlrpcs_multicall_sig = array(array($GLOBALS['xmlrpcArray'], $GLOBALS['xmlrpcArray']));
$_xmlrpcs_multicall_doc = 'Boxcar multiple RPC calls in one request. See http://www.xmlrpc.com/discuss/msgReader$1208 for details';
$_xmlrpcs_multicall_sdoc = array(array('list of response structs, where each struct has the usual members', 'list of calls, with each call being represented as a struct, with members "methodname" and "params"'));
function _xmlrpcs_multicall_error($err)
{
if(is_string($err))
{
$str = $GLOBALS['xmlrpcstr']["multicall_${err}"];
$code = $GLOBALS['xmlrpcerr']["multicall_${err}"];
}
else
{
$code = $err->faultCode();
$str = $err->faultString();
}
$struct = array();
$struct['faultCode'] =& new xmlrpcval($code, 'int');
$struct['faultString'] =& new xmlrpcval($str, 'string');
return new xmlrpcval($struct, 'struct');
}
function _xmlrpcs_multicall_do_call($server, $call)
{
if($call->kindOf() != 'struct')
{
return _xmlrpcs_multicall_error('notstruct');
}
$methName = @$call->structmem('methodName');
if(!$methName)
{
return _xmlrpcs_multicall_error('nomethod');
}
if($methName->kindOf() != 'scalar' || $methName->scalartyp() != 'string')
{
return _xmlrpcs_multicall_error('notstring');
}
if($methName->scalarval() == 'system.multicall')
{
return _xmlrpcs_multicall_error('recursion');
}
$params = @$call->structmem('params');
if(!$params)
{
return _xmlrpcs_multicall_error('noparams');
}
if($params->kindOf() != 'array')
{
return _xmlrpcs_multicall_error('notarray');
}
$numParams = $params->arraysize();
$msg =& new xmlrpcmsg($methName->scalarval());
for($i = 0; $i < $numParams; $i++)
{
if(!$msg->addParam($params->arraymem($i)))
{
$i++;
return _xmlrpcs_multicall_error(new xmlrpcresp(0,
$GLOBALS['xmlrpcerr']['incorrect_params'],
$GLOBALS['xmlrpcstr']['incorrect_params'] . ": probable xml error in param " . $i));
}
}
$result = $server->execute($msg);
if($result->faultCode() != 0)
{
return _xmlrpcs_multicall_error($result); // Method returned fault.
}
return new xmlrpcval(array($result->value()), 'array');
}
function _xmlrpcs_multicall_do_call_phpvals($server, $call)
{
if(!is_array($call))
{
return _xmlrpcs_multicall_error('notstruct');
}
if(!array_key_exists('methodName', $call))
{
return _xmlrpcs_multicall_error('nomethod');
}
if (!is_string($call['methodName']))
{
return _xmlrpcs_multicall_error('notstring');
}
if($call['methodName'] == 'system.multicall')
{
return _xmlrpcs_multicall_error('recursion');
}
if(!array_key_exists('params', $call))
{
return _xmlrpcs_multicall_error('noparams');
}
if(!is_array($call['params']))
{
return _xmlrpcs_multicall_error('notarray');
}
// this is a real dirty and simplistic hack, since we might have received a
// base64 or datetime values, but they will be listed as strings here...
$numParams = count($call['params']);
$pt = array();
foreach($call['params'] as $val)
$pt[] = php_2_xmlrpc_type(gettype($val));
$result = $server->execute($call['methodName'], $call['params'], $pt);
if($result->faultCode() != 0)
{
return _xmlrpcs_multicall_error($result); // Method returned fault.
}
return new xmlrpcval(array($result->value()), 'array');
}
function _xmlrpcs_multicall($server, $m)
{
$result = array();
// let accept a plain list of php parameters, beside a single xmlrpc msg object
if (is_object($m))
{
$calls = $m->getParam(0);
$numCalls = $calls->arraysize();
for($i = 0; $i < $numCalls; $i++)
{
$call = $calls->arraymem($i);
$result[$i] = _xmlrpcs_multicall_do_call($server, $call);
}
}
else
{
$numCalls=count($m);
for($i = 0; $i < $numCalls; $i++)
{
$result[$i] = _xmlrpcs_multicall_do_call_phpvals($server, $m[$i]);
}
}
return new xmlrpcresp(new xmlrpcval($result, 'array'));
}
$GLOBALS['_xmlrpcs_dmap']=array(
'system.listMethods' => array(
'function' => '_xmlrpcs_listMethods',
'signature' => $_xmlrpcs_listMethods_sig,
'docstring' => $_xmlrpcs_listMethods_doc,
'signature_docs' => $_xmlrpcs_listMethods_sdoc),
'system.methodHelp' => array(
'function' => '_xmlrpcs_methodHelp',
'signature' => $_xmlrpcs_methodHelp_sig,
'docstring' => $_xmlrpcs_methodHelp_doc,
'signature_docs' => $_xmlrpcs_methodHelp_sdoc),
'system.methodSignature' => array(
'function' => '_xmlrpcs_methodSignature',
'signature' => $_xmlrpcs_methodSignature_sig,
'docstring' => $_xmlrpcs_methodSignature_doc,
'signature_docs' => $_xmlrpcs_methodSignature_sdoc),
'system.multicall' => array(
'function' => '_xmlrpcs_multicall',
'signature' => $_xmlrpcs_multicall_sig,
'docstring' => $_xmlrpcs_multicall_doc,
'signature_docs' => $_xmlrpcs_multicall_sdoc),
'system.getCapabilities' => array(
'function' => '_xmlrpcs_getCapabilities',
'signature' => $_xmlrpcs_getCapabilities_sig,
'docstring' => $_xmlrpcs_getCapabilities_doc,
'signature_docs' => $_xmlrpcs_getCapabilities_sdoc)
);
$GLOBALS['_xmlrpcs_occurred_errors'] = '';
$GLOBALS['_xmlrpcs_prev_ehandler'] = '';
/**
* Error handler used to track errors that occur during server-side execution of PHP code.
* This allows to report back to the client whether an internal error has occurred or not
* using an xmlrpc response object, instead of letting the client deal with the html junk
* that a PHP execution error on the server generally entails.
*
* NB: in fact a user defined error handler can only handle WARNING, NOTICE and USER_* errors.
*
*/
function _xmlrpcs_errorHandler($errcode, $errstring, $filename=null, $lineno=null, $context=null)
{
// obey the @ protocol
if (error_reporting() == 0)
return;
//if($errcode != E_NOTICE && $errcode != E_WARNING && $errcode != E_USER_NOTICE && $errcode != E_USER_WARNING)
if($errcode != 2048) // do not use E_STRICT by name, since on PHP 4 it will not be defined
{
$GLOBALS['_xmlrpcs_occurred_errors'] = $GLOBALS['_xmlrpcs_occurred_errors'] . $errstring . "\n";
}
// Try to avoid as much as possible disruption to the previous error handling
// mechanism in place
if($GLOBALS['_xmlrpcs_prev_ehandler'] == '')
{
// The previous error handler was the default: all we should do is log error
// to the default error log (if level high enough)
if(ini_get('log_errors') && (intval(ini_get('error_reporting')) & $errcode))
{
error_log($errstring);
}
}
else
{
// Pass control on to previous error handler, trying to avoid loops...
if($GLOBALS['_xmlrpcs_prev_ehandler'] != '_xmlrpcs_errorHandler')
{
// NB: this code will NOT work on php < 4.0.2: only 2 params were used for error handlers
if(is_array($GLOBALS['_xmlrpcs_prev_ehandler']))
{
// the following works both with static class methods and plain object methods as error handler
call_user_func_array($GLOBALS['_xmlrpcs_prev_ehandler'], array($errcode, $errstring, $filename, $lineno, $context));
}
else
{
$GLOBALS['_xmlrpcs_prev_ehandler']($errcode, $errstring, $filename, $lineno, $context);
}
}
}
}
$GLOBALS['_xmlrpc_debuginfo']='';
/**
* Add a string to the debug info that can be later seralized by the server
* as part of the response message.
* Note that for best compatbility, the debug string should be encoded using
* the $GLOBALS['xmlrpc_internalencoding'] character set.
* @param string $m
* @access public
*/
function xmlrpc_debugmsg($m)
{
$GLOBALS['_xmlrpc_debuginfo'] .= $m . "\n";
}
class xmlrpc_server
{
/// array defining php functions exposed as xmlrpc methods by this server
var $dmap=array();
/**
* Defines how functions in dmap will be invokde: either using an xmlrpc msg object
* or plain php values.
* valid strings are 'xmlrpcvals', 'phpvals' or 'epivals'
*/
var $functions_parameters_type='xmlrpcvals';
/// controls wether the server is going to echo debugging messages back to the client as comments in response body. valid values: 0,1,2,3
var $debug = 1;
/**
* When set to true, it will enable HTTP compression of the response, in case
* the client has declared its support for compression in the request.
*/
var $compress_response = false;
/**
* List of http compression methods accepted by the server for requests.
* NB: PHP supports deflate, gzip compressions out of the box if compiled w. zlib
*/
var $accepted_compression = array();
/// shall we serve calls to system.* methods?
var $allow_system_funcs = true;
/// list of charset encodings natively accepted for requests
var $accepted_charset_encodings = array();
/**
* charset encoding to be used for response.
* NB: if we can, we will convert the generated response from internal_encoding to the intended one.
* can be: a supported xml encoding (only UTF-8 and ISO-8859-1 at present, unless mbstring is enabled),
* null (leave unspecified in response, convert output stream to US_ASCII),
* 'default' (use xmlrpc library default as specified in xmlrpc.inc, convert output stream if needed),
* or 'auto' (use client-specified charset encoding or same as request if request headers do not specify it (unless request is US-ASCII: then use library default anyway).
* NB: pretty dangerous if you accept every charset and do not have mbstring enabled)
*/
var $response_charset_encoding = '';
/// storage for internal debug info
var $debug_info = '';
/// extra data passed at runtime to method handling functions. Used only by EPI layer
var $user_data = null;
/**
* @param array $dispmap the dispatch map withd efinition of exposed services
* @param boolean $servicenow set to false to prevent the server from runnung upon construction
*/
function xmlrpc_server($dispMap=null, $serviceNow=true)
{
// if ZLIB is enabled, let the server by default accept compressed requests,
// and compress responses sent to clients that support them
if(function_exists('gzinflate'))
{
$this->accepted_compression = array('gzip', 'deflate');
$this->compress_response = true;
}
// by default the xml parser can support these 3 charset encodings
$this->accepted_charset_encodings = array('UTF-8', 'ISO-8859-1', 'US-ASCII');
// dispMap is a dispatch array of methods
// mapped to function names and signatures
// if a method
// doesn't appear in the map then an unknown
// method error is generated
/* milosch - changed to make passing dispMap optional.
* instead, you can use the class add_to_map() function
* to add functions manually (borrowed from SOAPX4)
*/
if($dispMap)
{
$this->dmap = $dispMap;
if($serviceNow)
{
$this->service();
}
}
}
/**
* Set debug level of server.
* @param integer $in debug lvl: determines info added to xmlrpc responses (as xml comments)
* 0 = no debug info,
* 1 = msgs set from user with debugmsg(),
* 2 = add complete xmlrpc request (headers and body),
* 3 = add also all processing warnings happened during method processing
* (NB: this involves setting a custom error handler, and might interfere
* with the standard processing of the php function exposed as method. In
* particular, triggering an USER_ERROR level error will not halt script
* execution anymore, but just end up logged in the xmlrpc response)
* Note that info added at elevel 2 and 3 will be base64 encoded
* @access public
*/
function setDebug($in)
{
$this->debug=$in;
}
/**
* Return a string with the serialized representation of all debug info
* @param string $charset_encoding the target charset encoding for the serialization
* @return string an XML comment (or two)
*/
function serializeDebug($charset_encoding='')
{
// Tough encoding problem: which internal charset should we assume for debug info?
// It might contain a copy of raw data received from client, ie with unknown encoding,
// intermixed with php generated data and user generated data...
// so we split it: system debug is base 64 encoded,
// user debug info should be encoded by the end user using the INTERNAL_ENCODING
$out = '';
if ($this->debug_info != '')
{
$out .= "<!-- SERVER DEBUG INFO (BASE64 ENCODED):\n".base64_encode($this->debug_info)."\n-->\n";
}
if($GLOBALS['_xmlrpc_debuginfo']!='')
{
$out .= "<!-- DEBUG INFO:\n" . xmlrpc_encode_entitites(str_replace('--', '_-', $GLOBALS['_xmlrpc_debuginfo']), $GLOBALS['xmlrpc_internalencoding'], $charset_encoding) . "\n-->\n";
// NB: a better solution MIGHT be to use CDATA, but we need to insert it
// into return payload AFTER the beginning tag
//$out .= "<![CDATA[ DEBUG INFO:\n\n" . str_replace(']]>', ']_]_>', $GLOBALS['_xmlrpc_debuginfo']) . "\n]]>\n";
}
return $out;
}
/**
* Execute the xmlrpc request, printing the response
* @param string $data the request body. If null, the http POST request will be examined
* @return xmlrpcresp the response object (usually not used by caller...)
* @access public
*/
function service($data=null, $return_payload=false)
{
if ($data === null)
{
// workaround for a known bug in php ver. 5.2.2 that broke $HTTP_RAW_POST_DATA
$ver = phpversion();
if ($ver[0] >= 5)
{
$data = file_get_contents('php://input');
}
else
{
$data = isset($GLOBALS['HTTP_RAW_POST_DATA']) ? $GLOBALS['HTTP_RAW_POST_DATA'] : '';
}
}
$raw_data = $data;
// reset internal debug info
$this->debug_info = '';
// Echo back what we received, before parsing it
if($this->debug > 1)
{
$this->debugmsg("+++GOT+++\n" . $data . "\n+++END+++");
}
$r = $this->parseRequestHeaders($data, $req_charset, $resp_charset, $resp_encoding);
if (!$r)
{
$r=$this->parseRequest($data, $req_charset);
}
// save full body of request into response, for more debugging usages
$r->raw_data = $raw_data;
if($this->debug > 2 && $GLOBALS['_xmlrpcs_occurred_errors'])
{
$this->debugmsg("+++PROCESSING ERRORS AND WARNINGS+++\n" .
$GLOBALS['_xmlrpcs_occurred_errors'] . "+++END+++");
}
$payload=$this->xml_header($resp_charset);
if($this->debug > 0)
{
$payload = $payload . $this->serializeDebug($resp_charset);
}
// G. Giunta 2006-01-27: do not create response serialization if it has
// already happened. Helps building json magic
if (empty($r->payload))
{
$r->serialize($resp_charset);
}
$payload = $payload . $r->payload;
if ($return_payload)
{
return $payload;
}
// if we get a warning/error that has output some text before here, then we cannot
// add a new header. We cannot say we are sending xml, either...
if(!headers_sent())
{
header('Content-Type: '.$r->content_type);
// we do not know if client actually told us an accepted charset, but if he did
// we have to tell him what we did
header("Vary: Accept-Charset");
// http compression of output: only
// if we can do it, and we want to do it, and client asked us to,
// and php ini settings do not force it already
$php_no_self_compress = !ini_get('zlib.output_compression') && (ini_get('output_handler') != 'ob_gzhandler');
if($this->compress_response && function_exists('gzencode') && $resp_encoding != ''
&& $php_no_self_compress)
{
if(strpos($resp_encoding, 'gzip') !== false)
{
$payload = gzencode($payload);
header("Content-Encoding: gzip");
header("Vary: Accept-Encoding");
}
elseif (strpos($resp_encoding, 'deflate') !== false)
{
$payload = gzcompress($payload);
header("Content-Encoding: deflate");
header("Vary: Accept-Encoding");
}
}
// do not ouput content-length header if php is compressing output for us:
// it will mess up measurements
if($php_no_self_compress)
{
header('Content-Length: ' . (int)strlen($payload));
}
}
else
{
error_log('XML-RPC: xmlrpc_server::service: http headers already sent before response is fully generated. Check for php warning or error messages');
}
print $payload;
// return request, in case subclasses want it
return $r;
}
/**
* Add a method to the dispatch map
* @param string $methodname the name with which the method will be made available
* @param string $function the php function that will get invoked
* @param array $sig the array of valid method signatures
* @param string $doc method documentation
* @param array $sigdoc the array of valid method signatures docs (one string per param, one for return type)
* @access public
*/
function add_to_map($methodname,$function,$sig=null,$doc=false,$sigdoc=false)
{
$this->dmap[$methodname] = array(
'function' => $function,
'docstring' => $doc
);
if ($sig)
{
$this->dmap[$methodname]['signature'] = $sig;
}
if ($sigdoc)
{
$this->dmap[$methodname]['signature_docs'] = $sigdoc;
}
}
/**
* Verify type and number of parameters received against a list of known signatures
* @param array $in array of either xmlrpcval objects or xmlrpc type definitions
* @param array $sig array of known signatures to match against
* @access private
*/
function verifySignature($in, $sig)
{
// check each possible signature in turn
if (is_object($in))
{
$numParams = $in->getNumParams();
}
else
{
$numParams = count($in);
}
foreach($sig as $cursig)
{
if(count($cursig)==$numParams+1)
{
$itsOK=1;
for($n=0; $n<$numParams; $n++)
{
if (is_object($in))
{
$p=$in->getParam($n);
if($p->kindOf() == 'scalar')
{
$pt=$p->scalartyp();
}
else
{
$pt=$p->kindOf();
}
}
else
{
$pt= $in[$n] == 'i4' ? 'int' : $in[$n]; // dispatch maps never use i4...
}
// param index is $n+1, as first member of sig is return type
if($pt != $cursig[$n+1] && $cursig[$n+1] != $GLOBALS['xmlrpcValue'])
{
$itsOK=0;
$pno=$n+1;
$wanted=$cursig[$n+1];
$got=$pt;
break;
}
}
if($itsOK)
{
return array(1,'');
}
}
}
if(isset($wanted))
{
return array(0, "Wanted ${wanted}, got ${got} at param ${pno}");
}
else
{
return array(0, "No method signature matches number of parameters");
}
}
/**
* Parse http headers received along with xmlrpc request. If needed, inflate request
* @return null on success or an xmlrpcresp
* @access private
*/
function parseRequestHeaders(&$data, &$req_encoding, &$resp_encoding, &$resp_compression)
{
// Play nice to PHP 4.0.x: superglobals were not yet invented...
if(!isset($_SERVER))
{
$_SERVER = $GLOBALS['HTTP_SERVER_VARS'];
}
if($this->debug > 1)
{
if(function_exists('getallheaders'))
{
$this->debugmsg(''); // empty line
foreach(getallheaders() as $name => $val)
{
$this->debugmsg("HEADER: $name: $val");
}
}
}
if(isset($_SERVER['HTTP_CONTENT_ENCODING']))
{
$content_encoding = str_replace('x-', '', $_SERVER['HTTP_CONTENT_ENCODING']);
}
else
{
$content_encoding = '';
}
// check if request body has been compressed and decompress it
if($content_encoding != '' && strlen($data))
{
if($content_encoding == 'deflate' || $content_encoding == 'gzip')
{
// if decoding works, use it. else assume data wasn't gzencoded
if(function_exists('gzinflate') && in_array($content_encoding, $this->accepted_compression))
{
if($content_encoding == 'deflate' && $degzdata = @gzuncompress($data))
{
$data = $degzdata;
if($this->debug > 1)
{
$this->debugmsg("\n+++INFLATED REQUEST+++[".strlen($data)." chars]+++\n" . $data . "\n+++END+++");
}
}
elseif($content_encoding == 'gzip' && $degzdata = @gzinflate(substr($data, 10)))
{
$data = $degzdata;
if($this->debug > 1)
$this->debugmsg("+++INFLATED REQUEST+++[".strlen($data)." chars]+++\n" . $data . "\n+++END+++");
}
else
{
$r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['server_decompress_fail'], $GLOBALS['xmlrpcstr']['server_decompress_fail']);
return $r;
}
}
else
{
//error_log('The server sent deflated data. Your php install must have the Zlib extension compiled in to support this.');
$r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['server_cannot_decompress'], $GLOBALS['xmlrpcstr']['server_cannot_decompress']);
return $r;
}
}
}
// check if client specified accepted charsets, and if we know how to fulfill
// the request
if ($this->response_charset_encoding == 'auto')
{
$resp_encoding = '';
if (isset($_SERVER['HTTP_ACCEPT_CHARSET']))
{
// here we should check if we can match the client-requested encoding
// with the encodings we know we can generate.
/// @todo we should parse q=0.x preferences instead of getting first charset specified...
$client_accepted_charsets = explode(',', strtoupper($_SERVER['HTTP_ACCEPT_CHARSET']));
// Give preference to internal encoding
$known_charsets = array($GLOBALS['xmlrpc_internalencoding'], 'UTF-8', 'ISO-8859-1', 'US-ASCII');
foreach ($known_charsets as $charset)
{
foreach ($client_accepted_charsets as $accepted)
if (strpos($accepted, $charset) === 0)
{
$resp_encoding = $charset;
break;
}
if ($resp_encoding)
break;
}
}
}
else
{
$resp_encoding = $this->response_charset_encoding;
}
if (isset($_SERVER['HTTP_ACCEPT_ENCODING']))
{
$resp_compression = $_SERVER['HTTP_ACCEPT_ENCODING'];
}
else
{
$resp_compression = '';
}
// 'guestimate' request encoding
/// @todo check if mbstring is enabled and automagic input conversion is on: it might mingle with this check???
$req_encoding = guess_encoding(isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : '',
$data);
return null;
}
/**
* Parse an xml chunk containing an xmlrpc request and execute the corresponding
* php function registered with the server
* @param string $data the xml request
* @param string $req_encoding (optional) the charset encoding of the xml request
* @return xmlrpcresp
* @access private
*/
function parseRequest($data, $req_encoding='')
{
// 2005/05/07 commented and moved into caller function code
//if($data=='')
//{
// $data=$GLOBALS['HTTP_RAW_POST_DATA'];
//}
// G. Giunta 2005/02/13: we do NOT expect to receive html entities
// so we do not try to convert them into xml character entities
//$data = xmlrpc_html_entity_xlate($data);
$GLOBALS['_xh']=array();
$GLOBALS['_xh']['ac']='';
$GLOBALS['_xh']['stack']=array();
$GLOBALS['_xh']['valuestack'] = array();
$GLOBALS['_xh']['params']=array();
$GLOBALS['_xh']['pt']=array();
$GLOBALS['_xh']['isf']=0;
$GLOBALS['_xh']['isf_reason']='';
$GLOBALS['_xh']['method']=false; // so we can check later if we got a methodname or not
$GLOBALS['_xh']['rt']='';
// decompose incoming XML into request structure
if ($req_encoding != '')
{
if (!in_array($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII')))
// the following code might be better for mb_string enabled installs, but
// makes the lib about 200% slower...
//if (!is_valid_charset($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII')))
{
error_log('XML-RPC: xmlrpc_server::parseRequest: invalid charset encoding of received request: '.$req_encoding);
$req_encoding = $GLOBALS['xmlrpc_defencoding'];
}
/// @BUG this will fail on PHP 5 if charset is not specified in the xml prologue,
// the encoding is not UTF8 and there are non-ascii chars in the text...
/// @todo use an ampty string for php 5 ???
$parser = xml_parser_create($req_encoding);
}
else
{
$parser = xml_parser_create();
}
xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true);
// G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell
// the xml parser to give us back data in the expected charset
// What if internal encoding is not in one of the 3 allowed?
// we use the broadest one, ie. utf8
// This allows to send data which is native in various charset,
// by extending xmlrpc_encode_entitites() and setting xmlrpc_internalencoding
if (!in_array($GLOBALS['xmlrpc_internalencoding'], array('UTF-8', 'ISO-8859-1', 'US-ASCII')))
{
xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, 'UTF-8');
}
else
{
xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $GLOBALS['xmlrpc_internalencoding']);
}
if ($this->functions_parameters_type != 'xmlrpcvals')
xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee_fast');
else
xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee');
xml_set_character_data_handler($parser, 'xmlrpc_cd');
xml_set_default_handler($parser, 'xmlrpc_dh');
if(!xml_parse($parser, $data, 1))
{
// return XML error as a faultCode
$r=&new xmlrpcresp(0,
$GLOBALS['xmlrpcerrxml']+xml_get_error_code($parser),
sprintf('XML error: %s at line %d, column %d',
xml_error_string(xml_get_error_code($parser)),
xml_get_current_line_number($parser), xml_get_current_column_number($parser)));
xml_parser_free($parser);
}
elseif ($GLOBALS['_xh']['isf'])
{
xml_parser_free($parser);
$r=&new xmlrpcresp(0,
$GLOBALS['xmlrpcerr']['invalid_request'],
$GLOBALS['xmlrpcstr']['invalid_request'] . ' ' . $GLOBALS['_xh']['isf_reason']);
}
else
{
xml_parser_free($parser);
if ($this->functions_parameters_type != 'xmlrpcvals')
{
if($this->debug > 1)
{
$this->debugmsg("\n+++PARSED+++\n".var_export($GLOBALS['_xh']['params'], true)."\n+++END+++");
}
$r = $this->execute($GLOBALS['_xh']['method'], $GLOBALS['_xh']['params'], $GLOBALS['_xh']['pt']);
}
else
{
// build an xmlrpcmsg object with data parsed from xml
$m=&new xmlrpcmsg($GLOBALS['_xh']['method']);
// now add parameters in
for($i=0; $i<count($GLOBALS['_xh']['params']); $i++)
{
$m->addParam($GLOBALS['_xh']['params'][$i]);
}
if($this->debug > 1)
{
$this->debugmsg("\n+++PARSED+++\n".var_export($m, true)."\n+++END+++");
}
$r = $this->execute($m);
}
}
return $r;
}
/**
* Execute a method invoked by the client, checking parameters used
* @param mixed $m either an xmlrpcmsg obj or a method name
* @param array $params array with method parameters as php types (if m is method name only)
* @param array $paramtypes array with xmlrpc types of method parameters (if m is method name only)
* @return xmlrpcresp
* @access private
*/
function execute($m, $params=null, $paramtypes=null)
{
if (is_object($m))
{
$methName = $m->method();
}
else
{
$methName = $m;
}
$sysCall = $this->allow_system_funcs && (strpos($methName, "system.") === 0);
$dmap = $sysCall ? $GLOBALS['_xmlrpcs_dmap'] : $this->dmap;
if(!isset($dmap[$methName]['function']))
{
// No such method
return new xmlrpcresp(0,
$GLOBALS['xmlrpcerr']['unknown_method'],
$GLOBALS['xmlrpcstr']['unknown_method']);
}
// Check signature
if(isset($dmap[$methName]['signature']))
{
$sig = $dmap[$methName]['signature'];
if (is_object($m))
{
list($ok, $errstr) = $this->verifySignature($m, $sig);
}
else
{
list($ok, $errstr) = $this->verifySignature($paramtypes, $sig);
}
if(!$ok)
{
// Didn't match.
return new xmlrpcresp(
0,
$GLOBALS['xmlrpcerr']['incorrect_params'],
$GLOBALS['xmlrpcstr']['incorrect_params'] . ": ${errstr}"
);
}
}
$func = $dmap[$methName]['function'];
// let the 'class::function' syntax be accepted in dispatch maps
if(is_string($func) && strpos($func, '::'))
{
$func = explode('::', $func);
}
// verify that function to be invoked is in fact callable
if(!is_callable($func))
{
error_log("XML-RPC: xmlrpc_server::execute: function $func registered as method handler is not callable");
return new xmlrpcresp(
0,
$GLOBALS['xmlrpcerr']['server_error'],
$GLOBALS['xmlrpcstr']['server_error'] . ": no function matches method"
);
}
// If debug level is 3, we should catch all errors generated during
// processing of user function, and log them as part of response
if($this->debug > 2)
{
$GLOBALS['_xmlrpcs_prev_ehandler'] = set_error_handler('_xmlrpcs_errorHandler');
}
if (is_object($m))
{
if($sysCall)
{
$r = call_user_func($func, $this, $m);
}
else
{
$r = call_user_func($func, $m);
}
if (!is_a($r, 'xmlrpcresp'))
{
error_log("XML-RPC: xmlrpc_server::execute: function $func registered as method handler does not return an xmlrpcresp object");
if (is_a($r, 'xmlrpcval'))
{
$r =& new xmlrpcresp($r);
}
else
{
$r =& new xmlrpcresp(
0,
$GLOBALS['xmlrpcerr']['server_error'],
$GLOBALS['xmlrpcstr']['server_error'] . ": function does not return xmlrpcresp object"
);
}
}
}
else
{
// call a 'plain php' function
if($sysCall)
{
array_unshift($params, $this);
$r = call_user_func_array($func, $params);
}
else
{
// 3rd API convention for method-handling functions: EPI-style
if ($this->functions_parameters_type == 'epivals')
{
$r = call_user_func_array($func, array($methName, $params, $this->user_data));
// mimic EPI behaviour: if we get an array that looks like an error, make it
// an eror response
if (is_array($r) && array_key_exists('faultCode', $r) && array_key_exists('faultString', $r))
{
$r =& new xmlrpcresp(0, (integer)$r['faultCode'], (string)$r['faultString']);
}
else
{
// functions using EPI api should NOT return resp objects,
// so make sure we encode the return type correctly
$r =& new xmlrpcresp(php_xmlrpc_encode($r, array('extension_api')));
}
}
else
{
$r = call_user_func_array($func, $params);
}
}
// the return type can be either an xmlrpcresp object or a plain php value...
if (!is_a($r, 'xmlrpcresp'))
{
// what should we assume here about automatic encoding of datetimes
// and php classes instances???
$r =& new xmlrpcresp(php_xmlrpc_encode($r, array('auto_dates')));
}
}
if($this->debug > 2)
{
// note: restore the error handler we found before calling the
// user func, even if it has been changed inside the func itself
if($GLOBALS['_xmlrpcs_prev_ehandler'])
{
set_error_handler($GLOBALS['_xmlrpcs_prev_ehandler']);
}
else
{
restore_error_handler();
}
}
return $r;
}
/**
* add a string to the 'internal debug message' (separate from 'user debug message')
* @param string $strings
* @access private
*/
function debugmsg($string)
{
$this->debug_info .= $string."\n";
}
/**
* @access private
*/
function xml_header($charset_encoding='')
{
if ($charset_encoding != '')
{
return "<?xml version=\"1.0\" encoding=\"$charset_encoding\"?" . ">\n";
}
else
{
return "<?xml version=\"1.0\"?" . ">\n";
}
}
/**
* A debugging routine: just echoes back the input packet as a string value
* DEPRECATED!
*/
function echoInput()
{
$r=&new xmlrpcresp(new xmlrpcval( "'Aha said I: '" . $GLOBALS['HTTP_RAW_POST_DATA'], 'string'));
print $r->serialize();
}
}
?>