aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/web/phpxmlrpclib/xmlrpcs.inc
diff options
context:
space:
mode:
Diffstat (limited to 'web/phpxmlrpclib/xmlrpcs.inc')
-rw-r--r--web/phpxmlrpclib/xmlrpcs.inc1198
1 files changed, 0 insertions, 1198 deletions
diff --git a/web/phpxmlrpclib/xmlrpcs.inc b/web/phpxmlrpclib/xmlrpcs.inc
deleted file mode 100644
index 7b47ca0..0000000
--- a/web/phpxmlrpclib/xmlrpcs.inc
+++ /dev/null
@@ -1,1198 +0,0 @@
1<?php
2// by Edd Dumbill (C) 1999-2002
3// <edd@usefulinc.com>
4// $Id: xmlrpcs.inc,v 1.71 2008/10/29 23:41:28 ggiunta Exp $
5
6// Copyright (c) 1999,2000,2002 Edd Dumbill.
7// All rights reserved.
8//
9// Redistribution and use in source and binary forms, with or without
10// modification, are permitted provided that the following conditions
11// are met:
12//
13// * Redistributions of source code must retain the above copyright
14// notice, this list of conditions and the following disclaimer.
15//
16// * Redistributions in binary form must reproduce the above
17// copyright notice, this list of conditions and the following
18// disclaimer in the documentation and/or other materials provided
19// with the distribution.
20//
21// * Neither the name of the "XML-RPC for PHP" nor the names of its
22// contributors may be used to endorse or promote products derived
23// from this software without specific prior written permission.
24//
25// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
26// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
27// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
28// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
29// REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
30// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
31// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
32// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
34// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
35// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
36// OF THE POSSIBILITY OF SUCH DAMAGE.
37
38 // XML RPC Server class
39 // requires: xmlrpc.inc
40
41 $GLOBALS['xmlrpcs_capabilities'] = array(
42 // xmlrpc spec: always supported
43 'xmlrpc' => new xmlrpcval(array(
44 'specUrl' => new xmlrpcval('http://www.xmlrpc.com/spec', 'string'),
45 'specVersion' => new xmlrpcval(1, 'int')
46 ), 'struct'),
47 // if we support system.xxx functions, we always support multicall, too...
48 // Note that, as of 2006/09/17, the following URL does not respond anymore
49 'system.multicall' => new xmlrpcval(array(
50 'specUrl' => new xmlrpcval('http://www.xmlrpc.com/discuss/msgReader$1208', 'string'),
51 'specVersion' => new xmlrpcval(1, 'int')
52 ), 'struct'),
53 // introspection: version 2! we support 'mixed', too
54 'introspection' => new xmlrpcval(array(
55 'specUrl' => new xmlrpcval('http://phpxmlrpc.sourceforge.net/doc-2/ch10.html', 'string'),
56 'specVersion' => new xmlrpcval(2, 'int')
57 ), 'struct')
58 );
59
60 /* Functions that implement system.XXX methods of xmlrpc servers */
61 $_xmlrpcs_getCapabilities_sig=array(array($GLOBALS['xmlrpcStruct']));
62 $_xmlrpcs_getCapabilities_doc='This method lists all the capabilites that the XML-RPC server has: the (more or less standard) extensions to the xmlrpc spec that it adheres to';
63 $_xmlrpcs_getCapabilities_sdoc=array(array('list of capabilities, described as structs with a version number and url for the spec'));
64 function _xmlrpcs_getCapabilities($server, $m=null)
65 {
66 $outAr = $GLOBALS['xmlrpcs_capabilities'];
67 // NIL extension
68 if ($GLOBALS['xmlrpc_null_extension']) {
69 $outAr['nil'] = new xmlrpcval(array(
70 'specUrl' => new xmlrpcval('http://www.ontosys.com/xml-rpc/extensions.php', 'string'),
71 'specVersion' => new xmlrpcval(1, 'int')
72 ), 'struct');
73 }
74 return new xmlrpcresp(new xmlrpcval($outAr, 'struct'));
75 }
76
77 // listMethods: signature was either a string, or nothing.
78 // The useless string variant has been removed
79 $_xmlrpcs_listMethods_sig=array(array($GLOBALS['xmlrpcArray']));
80 $_xmlrpcs_listMethods_doc='This method lists all the methods that the XML-RPC server knows how to dispatch';
81 $_xmlrpcs_listMethods_sdoc=array(array('list of method names'));
82 function _xmlrpcs_listMethods($server, $m=null) // if called in plain php values mode, second param is missing
83 {
84
85 $outAr=array();
86 foreach($server->dmap as $key => $val)
87 {
88 $outAr[]= new xmlrpcval($key, 'string');
89 }
90 if($server->allow_system_funcs)
91 {
92 foreach($GLOBALS['_xmlrpcs_dmap'] as $key => $val)
93 {
94 $outAr[]= new xmlrpcval($key, 'string');
95 }
96 }
97 return new xmlrpcresp(new xmlrpcval($outAr, 'array'));
98 }
99
100 $_xmlrpcs_methodSignature_sig=array(array($GLOBALS['xmlrpcArray'], $GLOBALS['xmlrpcString']));
101 $_xmlrpcs_methodSignature_doc='Returns an array of known signatures (an array of arrays) for the method name passed. If no signatures are known, returns a none-array (test for type != array to detect missing signature)';
102 $_xmlrpcs_methodSignature_sdoc=array(array('list of known signatures, each sig being an array of xmlrpc type names', 'name of method to be described'));
103 function _xmlrpcs_methodSignature($server, $m)
104 {
105 // let accept as parameter both an xmlrpcval or string
106 if (is_object($m))
107 {
108 $methName=$m->getParam(0);
109 $methName=$methName->scalarval();
110 }
111 else
112 {
113 $methName=$m;
114 }
115 if(strpos($methName, "system.") === 0)
116 {
117 $dmap=$GLOBALS['_xmlrpcs_dmap']; $sysCall=1;
118 }
119 else
120 {
121 $dmap=$server->dmap; $sysCall=0;
122 }
123 if(isset($dmap[$methName]))
124 {
125 if(isset($dmap[$methName]['signature']))
126 {
127 $sigs=array();
128 foreach($dmap[$methName]['signature'] as $inSig)
129 {
130 $cursig=array();
131 foreach($inSig as $sig)
132 {
133 $cursig[]= new xmlrpcval($sig, 'string');
134 }
135 $sigs[]= new xmlrpcval($cursig, 'array');
136 }
137 $r= new xmlrpcresp(new xmlrpcval($sigs, 'array'));
138 }
139 else
140 {
141 // NB: according to the official docs, we should be returning a
142 // "none-array" here, which means not-an-array
143 $r= new xmlrpcresp(new xmlrpcval('undef', 'string'));
144 }
145 }
146 else
147 {
148 $r= new xmlrpcresp(0,$GLOBALS['xmlrpcerr']['introspect_unknown'], $GLOBALS['xmlrpcstr']['introspect_unknown']);
149 }
150 return $r;
151 }
152
153 $_xmlrpcs_methodHelp_sig=array(array($GLOBALS['xmlrpcString'], $GLOBALS['xmlrpcString']));
154 $_xmlrpcs_methodHelp_doc='Returns help text if defined for the method passed, otherwise returns an empty string';
155 $_xmlrpcs_methodHelp_sdoc=array(array('method description', 'name of the method to be described'));
156 function _xmlrpcs_methodHelp($server, $m)
157 {
158 // let accept as parameter both an xmlrpcval or string
159 if (is_object($m))
160 {
161 $methName=$m->getParam(0);
162 $methName=$methName->scalarval();
163 }
164 else
165 {
166 $methName=$m;
167 }
168 if(strpos($methName, "system.") === 0)
169 {
170 $dmap=$GLOBALS['_xmlrpcs_dmap']; $sysCall=1;
171 }
172 else
173 {
174 $dmap=$server->dmap; $sysCall=0;
175 }
176 if(isset($dmap[$methName]))
177 {
178 if(isset($dmap[$methName]['docstring']))
179 {
180 $r= new xmlrpcresp(new xmlrpcval($dmap[$methName]['docstring']), 'string');
181 }
182 else
183 {
184 $r= new xmlrpcresp(new xmlrpcval('', 'string'));
185 }
186 }
187 else
188 {
189 $r=new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['introspect_unknown'], $GLOBALS['xmlrpcstr']['introspect_unknown']);
190 }
191 return $r;
192 }
193
194 $_xmlrpcs_multicall_sig = array(array($GLOBALS['xmlrpcArray'], $GLOBALS['xmlrpcArray']));
195 $_xmlrpcs_multicall_doc = 'Boxcar multiple RPC calls in one request. See http://www.xmlrpc.com/discuss/msgReader$1208 for details';
196 $_xmlrpcs_multicall_sdoc = array(array('list of response structs, where each struct has the usual members', 'list of calls, with each call being represented as a struct, with members "methodname" and "params"'));
197 function _xmlrpcs_multicall_error($err)
198 {
199 if(is_string($err))
200 {
201 $str = $GLOBALS['xmlrpcstr']["multicall_${err}"];
202 $code = $GLOBALS['xmlrpcerr']["multicall_${err}"];
203 }
204 else
205 {
206 $code = $err->faultCode();
207 $str = $err->faultString();
208 }
209 $struct = array();
210 $struct['faultCode'] = new xmlrpcval($code, 'int');
211 $struct['faultString'] = new xmlrpcval($str, 'string');
212 return new xmlrpcval($struct, 'struct');
213 }
214
215 function _xmlrpcs_multicall_do_call($server, $call)
216 {
217 if($call->kindOf() != 'struct')
218 {
219 return _xmlrpcs_multicall_error('notstruct');
220 }
221 $methName = @$call->structmem('methodName');
222 if(!$methName)
223 {
224 return _xmlrpcs_multicall_error('nomethod');
225 }
226 if($methName->kindOf() != 'scalar' || $methName->scalartyp() != 'string')
227 {
228 return _xmlrpcs_multicall_error('notstring');
229 }
230 if($methName->scalarval() == 'system.multicall')
231 {
232 return _xmlrpcs_multicall_error('recursion');
233 }
234
235 $params = @$call->structmem('params');
236 if(!$params)
237 {
238 return _xmlrpcs_multicall_error('noparams');
239 }
240 if($params->kindOf() != 'array')
241 {
242 return _xmlrpcs_multicall_error('notarray');
243 }
244 $numParams = $params->arraysize();
245
246 $msg = new xmlrpcmsg($methName->scalarval());
247 for($i = 0; $i < $numParams; $i++)
248 {
249 if(!$msg->addParam($params->arraymem($i)))
250 {
251 $i++;
252 return _xmlrpcs_multicall_error(new xmlrpcresp(0,
253 $GLOBALS['xmlrpcerr']['incorrect_params'],
254 $GLOBALS['xmlrpcstr']['incorrect_params'] . ": probable xml error in param " . $i));
255 }
256 }
257
258 $result = $server->execute($msg);
259
260 if($result->faultCode() != 0)
261 {
262 return _xmlrpcs_multicall_error($result); // Method returned fault.
263 }
264
265 return new xmlrpcval(array($result->value()), 'array');
266 }
267
268 function _xmlrpcs_multicall_do_call_phpvals($server, $call)
269 {
270 if(!is_array($call))
271 {
272 return _xmlrpcs_multicall_error('notstruct');
273 }
274 if(!array_key_exists('methodName', $call))
275 {
276 return _xmlrpcs_multicall_error('nomethod');
277 }
278 if (!is_string($call['methodName']))
279 {
280 return _xmlrpcs_multicall_error('notstring');
281 }
282 if($call['methodName'] == 'system.multicall')
283 {
284 return _xmlrpcs_multicall_error('recursion');
285 }
286 if(!array_key_exists('params', $call))
287 {
288 return _xmlrpcs_multicall_error('noparams');
289 }
290 if(!is_array($call['params']))
291 {
292 return _xmlrpcs_multicall_error('notarray');
293 }
294
295 // this is a real dirty and simplistic hack, since we might have received a
296 // base64 or datetime values, but they will be listed as strings here...
297 $numParams = count($call['params']);
298 $pt = array();
299 foreach($call['params'] as $val)
300 $pt[] = php_2_xmlrpc_type(gettype($val));
301
302 $result = $server->execute($call['methodName'], $call['params'], $pt);
303
304 if($result->faultCode() != 0)
305 {
306 return _xmlrpcs_multicall_error($result); // Method returned fault.
307 }
308
309 return new xmlrpcval(array($result->value()), 'array');
310 }
311
312 function _xmlrpcs_multicall($server, $m)
313 {
314 $result = array();
315 // let accept a plain list of php parameters, beside a single xmlrpc msg object
316 if (is_object($m))
317 {
318 $calls = $m->getParam(0);
319 $numCalls = $calls->arraysize();
320 for($i = 0; $i < $numCalls; $i++)
321 {
322 $call = $calls->arraymem($i);
323 $result[$i] = _xmlrpcs_multicall_do_call($server, $call);
324 }
325 }
326 else
327 {
328 $numCalls=count($m);
329 for($i = 0; $i < $numCalls; $i++)
330 {
331 $result[$i] = _xmlrpcs_multicall_do_call_phpvals($server, $m[$i]);
332 }
333 }
334
335 return new xmlrpcresp(new xmlrpcval($result, 'array'));
336 }
337
338 $GLOBALS['_xmlrpcs_dmap']=array(
339 'system.listMethods' => array(
340 'function' => '_xmlrpcs_listMethods',
341 'signature' => $_xmlrpcs_listMethods_sig,
342 'docstring' => $_xmlrpcs_listMethods_doc,
343 'signature_docs' => $_xmlrpcs_listMethods_sdoc),
344 'system.methodHelp' => array(
345 'function' => '_xmlrpcs_methodHelp',
346 'signature' => $_xmlrpcs_methodHelp_sig,
347 'docstring' => $_xmlrpcs_methodHelp_doc,
348 'signature_docs' => $_xmlrpcs_methodHelp_sdoc),
349 'system.methodSignature' => array(
350 'function' => '_xmlrpcs_methodSignature',
351 'signature' => $_xmlrpcs_methodSignature_sig,
352 'docstring' => $_xmlrpcs_methodSignature_doc,
353 'signature_docs' => $_xmlrpcs_methodSignature_sdoc),
354 'system.multicall' => array(
355 'function' => '_xmlrpcs_multicall',
356 'signature' => $_xmlrpcs_multicall_sig,
357 'docstring' => $_xmlrpcs_multicall_doc,
358 'signature_docs' => $_xmlrpcs_multicall_sdoc),
359 'system.getCapabilities' => array(
360 'function' => '_xmlrpcs_getCapabilities',
361 'signature' => $_xmlrpcs_getCapabilities_sig,
362 'docstring' => $_xmlrpcs_getCapabilities_doc,
363 'signature_docs' => $_xmlrpcs_getCapabilities_sdoc)
364 );
365
366 $GLOBALS['_xmlrpcs_occurred_errors'] = '';
367 $GLOBALS['_xmlrpcs_prev_ehandler'] = '';
368 /**
369 * Error handler used to track errors that occur during server-side execution of PHP code.
370 * This allows to report back to the client whether an internal error has occurred or not
371 * using an xmlrpc response object, instead of letting the client deal with the html junk
372 * that a PHP execution error on the server generally entails.
373 *
374 * NB: in fact a user defined error handler can only handle WARNING, NOTICE and USER_* errors.
375 *
376 */
377 function _xmlrpcs_errorHandler($errcode, $errstring, $filename=null, $lineno=null, $context=null)
378 {
379 // obey the @ protocol
380 if (error_reporting() == 0)
381 return;
382
383 //if($errcode != E_NOTICE && $errcode != E_WARNING && $errcode != E_USER_NOTICE && $errcode != E_USER_WARNING)
384 if($errcode != 2048) // do not use E_STRICT by name, since on PHP 4 it will not be defined
385 {
386 $GLOBALS['_xmlrpcs_occurred_errors'] = $GLOBALS['_xmlrpcs_occurred_errors'] . $errstring . "\n";
387 }
388 // Try to avoid as much as possible disruption to the previous error handling
389 // mechanism in place
390 if($GLOBALS['_xmlrpcs_prev_ehandler'] == '')
391 {
392 // The previous error handler was the default: all we should do is log error
393 // to the default error log (if level high enough)
394 if(ini_get('log_errors') && (intval(ini_get('error_reporting')) & $errcode))
395 {
396 error_log($errstring);
397 }
398 }
399 else
400 {
401 // Pass control on to previous error handler, trying to avoid loops...
402 if($GLOBALS['_xmlrpcs_prev_ehandler'] != '_xmlrpcs_errorHandler')
403 {
404 // NB: this code will NOT work on php < 4.0.2: only 2 params were used for error handlers
405 if(is_array($GLOBALS['_xmlrpcs_prev_ehandler']))
406 {
407 // the following works both with static class methods and plain object methods as error handler
408 call_user_func_array($GLOBALS['_xmlrpcs_prev_ehandler'], array($errcode, $errstring, $filename, $lineno, $context));
409 }
410 else
411 {
412 $GLOBALS['_xmlrpcs_prev_ehandler']($errcode, $errstring, $filename, $lineno, $context);
413 }
414 }
415 }
416 }
417
418 $GLOBALS['_xmlrpc_debuginfo']='';
419
420 /**
421 * Add a string to the debug info that can be later seralized by the server
422 * as part of the response message.
423 * Note that for best compatbility, the debug string should be encoded using
424 * the $GLOBALS['xmlrpc_internalencoding'] character set.
425 * @param string $m
426 * @access public
427 */
428 function xmlrpc_debugmsg($m)
429 {
430 $GLOBALS['_xmlrpc_debuginfo'] .= $m . "\n";
431 }
432
433 class xmlrpc_server
434 {
435 /// array defining php functions exposed as xmlrpc methods by this server
436 var $dmap=array();
437 /**
438 * Defines how functions in dmap will be invokde: either using an xmlrpc msg object
439 * or plain php values.
440 * valid strings are 'xmlrpcvals', 'phpvals' or 'epivals'
441 */
442 var $functions_parameters_type='xmlrpcvals';
443 /// controls wether the server is going to echo debugging messages back to the client as comments in response body. valid values: 0,1,2,3
444 var $debug = 1;
445 /**
446 * When set to true, it will enable HTTP compression of the response, in case
447 * the client has declared its support for compression in the request.
448 */
449 var $compress_response = false;
450 /**
451 * List of http compression methods accepted by the server for requests.
452 * NB: PHP supports deflate, gzip compressions out of the box if compiled w. zlib
453 */
454 var $accepted_compression = array();
455 /// shall we serve calls to system.* methods?
456 var $allow_system_funcs = true;
457 /// list of charset encodings natively accepted for requests
458 var $accepted_charset_encodings = array();
459 /**
460 * charset encoding to be used for response.
461 * NB: if we can, we will convert the generated response from internal_encoding to the intended one.
462 * can be: a supported xml encoding (only UTF-8 and ISO-8859-1 at present, unless mbstring is enabled),
463 * null (leave unspecified in response, convert output stream to US_ASCII),
464 * 'default' (use xmlrpc library default as specified in xmlrpc.inc, convert output stream if needed),
465 * or 'auto' (use client-specified charset encoding or same as request if request headers do not specify it (unless request is US-ASCII: then use library default anyway).
466 * NB: pretty dangerous if you accept every charset and do not have mbstring enabled)
467 */
468 var $response_charset_encoding = '';
469 /// storage for internal debug info
470 var $debug_info = '';
471 /// extra data passed at runtime to method handling functions. Used only by EPI layer
472 var $user_data = null;
473
474 /**
475 * @param array $dispmap the dispatch map withd efinition of exposed services
476 * @param boolean $servicenow set to false to prevent the server from runnung upon construction
477 */
478 function xmlrpc_server($dispMap=null, $serviceNow=true)
479 {
480 // if ZLIB is enabled, let the server by default accept compressed requests,
481 // and compress responses sent to clients that support them
482 if(function_exists('gzinflate'))
483 {
484 $this->accepted_compression = array('gzip', 'deflate');
485 $this->compress_response = true;
486 }
487
488 // by default the xml parser can support these 3 charset encodings
489 $this->accepted_charset_encodings = array('UTF-8', 'ISO-8859-1', 'US-ASCII');
490
491 // dispMap is a dispatch array of methods
492 // mapped to function names and signatures
493 // if a method
494 // doesn't appear in the map then an unknown
495 // method error is generated
496 /* milosch - changed to make passing dispMap optional.
497 * instead, you can use the class add_to_map() function
498 * to add functions manually (borrowed from SOAPX4)
499 */
500 if($dispMap)
501 {
502 $this->dmap = $dispMap;
503 if($serviceNow)
504 {
505 $this->service();
506 }
507 }
508 }
509
510 /**
511 * Set debug level of server.
512 * @param integer $in debug lvl: determines info added to xmlrpc responses (as xml comments)
513 * 0 = no debug info,
514 * 1 = msgs set from user with debugmsg(),
515 * 2 = add complete xmlrpc request (headers and body),
516 * 3 = add also all processing warnings happened during method processing
517 * (NB: this involves setting a custom error handler, and might interfere
518 * with the standard processing of the php function exposed as method. In
519 * particular, triggering an USER_ERROR level error will not halt script
520 * execution anymore, but just end up logged in the xmlrpc response)
521 * Note that info added at elevel 2 and 3 will be base64 encoded
522 * @access public
523 */
524 function setDebug($in)
525 {
526 $this->debug=$in;
527 }
528
529 /**
530 * Return a string with the serialized representation of all debug info
531 * @param string $charset_encoding the target charset encoding for the serialization
532 * @return string an XML comment (or two)
533 */
534 function serializeDebug($charset_encoding='')
535 {
536 // Tough encoding problem: which internal charset should we assume for debug info?
537 // It might contain a copy of raw data received from client, ie with unknown encoding,
538 // intermixed with php generated data and user generated data...
539 // so we split it: system debug is base 64 encoded,
540 // user debug info should be encoded by the end user using the INTERNAL_ENCODING
541 $out = '';
542 if ($this->debug_info != '')
543 {
544 $out .= "<!-- SERVER DEBUG INFO (BASE64 ENCODED):\n".base64_encode($this->debug_info)."\n-->\n";
545 }
546 if($GLOBALS['_xmlrpc_debuginfo']!='')
547 {
548
549 $out .= "<!-- DEBUG INFO:\n" . xmlrpc_encode_entitites(str_replace('--', '_-', $GLOBALS['_xmlrpc_debuginfo']), $GLOBALS['xmlrpc_internalencoding'], $charset_encoding) . "\n-->\n";
550 // NB: a better solution MIGHT be to use CDATA, but we need to insert it
551 // into return payload AFTER the beginning tag
552 //$out .= "<![CDATA[ DEBUG INFO:\n\n" . str_replace(']]>', ']_]_>', $GLOBALS['_xmlrpc_debuginfo']) . "\n]]>\n";
553 }
554 return $out;
555 }
556
557 /**
558 * Execute the xmlrpc request, printing the response
559 * @param string $data the request body. If null, the http POST request will be examined
560 * @return xmlrpcresp the response object (usually not used by caller...)
561 * @access public
562 */
563 function service($data=null, $return_payload=false)
564 {
565 if ($data === null)
566 {
567 // workaround for a known bug in php ver. 5.2.2 that broke $HTTP_RAW_POST_DATA
568 $ver = phpversion();
569 if ($ver[0] >= 5)
570 {
571 $data = file_get_contents('php://input');
572 }
573 else
574 {
575 $data = isset($GLOBALS['HTTP_RAW_POST_DATA']) ? $GLOBALS['HTTP_RAW_POST_DATA'] : '';
576 }
577 }
578 $raw_data = $data;
579
580 // reset internal debug info
581 $this->debug_info = '';
582
583 // Echo back what we received, before parsing it
584 if($this->debug > 1)
585 {
586 $this->debugmsg("+++GOT+++\n" . $data . "\n+++END+++");
587 }
588
589 $r = $this->parseRequestHeaders($data, $req_charset, $resp_charset, $resp_encoding);
590 if (!$r)
591 {
592 $r=$this->parseRequest($data, $req_charset);
593 }
594
595 // save full body of request into response, for more debugging usages
596 $r->raw_data = $raw_data;
597
598 if($this->debug > 2 && $GLOBALS['_xmlrpcs_occurred_errors'])
599 {
600 $this->debugmsg("+++PROCESSING ERRORS AND WARNINGS+++\n" .
601 $GLOBALS['_xmlrpcs_occurred_errors'] . "+++END+++");
602 }
603
604 $payload=$this->xml_header($resp_charset);
605 if($this->debug > 0)
606 {
607 $payload = $payload . $this->serializeDebug($resp_charset);
608 }
609
610 // G. Giunta 2006-01-27: do not create response serialization if it has
611 // already happened. Helps building json magic
612 if (empty($r->payload))
613 {
614 $r->serialize($resp_charset);
615 }
616 $payload = $payload . $r->payload;
617
618 if ($return_payload)
619 {
620 return $payload;
621 }
622
623 // if we get a warning/error that has output some text before here, then we cannot
624 // add a new header. We cannot say we are sending xml, either...
625 if(!headers_sent())
626 {
627 header('Content-Type: '.$r->content_type);
628 // we do not know if client actually told us an accepted charset, but if he did
629 // we have to tell him what we did
630 header("Vary: Accept-Charset");
631
632 // http compression of output: only
633 // if we can do it, and we want to do it, and client asked us to,
634 // and php ini settings do not force it already
635 $php_no_self_compress = !ini_get('zlib.output_compression') && (ini_get('output_handler') != 'ob_gzhandler');
636 if($this->compress_response && function_exists('gzencode') && $resp_encoding != ''
637 && $php_no_self_compress)
638 {
639 if(strpos($resp_encoding, 'gzip') !== false)
640 {
641 $payload = gzencode($payload);
642 header("Content-Encoding: gzip");
643 header("Vary: Accept-Encoding");
644 }
645 elseif (strpos($resp_encoding, 'deflate') !== false)
646 {
647 $payload = gzcompress($payload);
648 header("Content-Encoding: deflate");
649 header("Vary: Accept-Encoding");
650 }
651 }
652
653 // do not ouput content-length header if php is compressing output for us:
654 // it will mess up measurements
655 if($php_no_self_compress)
656 {
657 header('Content-Length: ' . (int)strlen($payload));
658 }
659 }
660 else
661 {
662 error_log('XML-RPC: xmlrpc_server::service: http headers already sent before response is fully generated. Check for php warning or error messages');
663 }
664
665 print $payload;
666
667 // return request, in case subclasses want it
668 return $r;
669 }
670
671 /**
672 * Add a method to the dispatch map
673 * @param string $methodname the name with which the method will be made available
674 * @param string $function the php function that will get invoked
675 * @param array $sig the array of valid method signatures
676 * @param string $doc method documentation
677 * @param array $sigdoc the array of valid method signatures docs (one string per param, one for return type)
678 * @access public
679 */
680 function add_to_map($methodname,$function,$sig=null,$doc=false,$sigdoc=false)
681 {
682 $this->dmap[$methodname] = array(
683 'function' => $function,
684 'docstring' => $doc
685 );
686 if ($sig)
687 {
688 $this->dmap[$methodname]['signature'] = $sig;
689 }
690 if ($sigdoc)
691 {
692 $this->dmap[$methodname]['signature_docs'] = $sigdoc;
693 }
694 }
695
696 /**
697 * Verify type and number of parameters received against a list of known signatures
698 * @param array $in array of either xmlrpcval objects or xmlrpc type definitions
699 * @param array $sig array of known signatures to match against
700 * @access private
701 */
702 function verifySignature($in, $sig)
703 {
704 // check each possible signature in turn
705 if (is_object($in))
706 {
707 $numParams = $in->getNumParams();
708 }
709 else
710 {
711 $numParams = count($in);
712 }
713 foreach($sig as $cursig)
714 {
715 if(count($cursig)==$numParams+1)
716 {
717 $itsOK=1;
718 for($n=0; $n<$numParams; $n++)
719 {
720 if (is_object($in))
721 {
722 $p=$in->getParam($n);
723 if($p->kindOf() == 'scalar')
724 {
725 $pt=$p->scalartyp();
726 }
727 else
728 {
729 $pt=$p->kindOf();
730 }
731 }
732 else
733 {
734 $pt= $in[$n] == 'i4' ? 'int' : $in[$n]; // dispatch maps never use i4...
735 }
736
737 // param index is $n+1, as first member of sig is return type
738 if($pt != $cursig[$n+1] && $cursig[$n+1] != $GLOBALS['xmlrpcValue'])
739 {
740 $itsOK=0;
741 $pno=$n+1;
742 $wanted=$cursig[$n+1];
743 $got=$pt;
744 break;
745 }
746 }
747 if($itsOK)
748 {
749 return array(1,'');
750 }
751 }
752 }
753 if(isset($wanted))
754 {
755 return array(0, "Wanted ${wanted}, got ${got} at param ${pno}");
756 }
757 else
758 {
759 return array(0, "No method signature matches number of parameters");
760 }
761 }
762
763 /**
764 * Parse http headers received along with xmlrpc request. If needed, inflate request
765 * @return null on success or an xmlrpcresp
766 * @access private
767 */
768 function parseRequestHeaders(&$data, &$req_encoding, &$resp_encoding, &$resp_compression)
769 {
770 // Play nice to PHP 4.0.x: superglobals were not yet invented...
771 if(!isset($_SERVER))
772 {
773 $_SERVER = $GLOBALS['HTTP_SERVER_VARS'];
774 }
775
776 if($this->debug > 1)
777 {
778 if(function_exists('getallheaders'))
779 {
780 $this->debugmsg(''); // empty line
781 foreach(getallheaders() as $name => $val)
782 {
783 $this->debugmsg("HEADER: $name: $val");
784 }
785 }
786
787 }
788
789 if(isset($_SERVER['HTTP_CONTENT_ENCODING']))
790 {
791 $content_encoding = str_replace('x-', '', $_SERVER['HTTP_CONTENT_ENCODING']);
792 }
793 else
794 {
795 $content_encoding = '';
796 }
797
798 // check if request body has been compressed and decompress it
799 if($content_encoding != '' && strlen($data))
800 {
801 if($content_encoding == 'deflate' || $content_encoding == 'gzip')
802 {
803 // if decoding works, use it. else assume data wasn't gzencoded
804 if(function_exists('gzinflate') && in_array($content_encoding, $this->accepted_compression))
805 {
806 if($content_encoding == 'deflate' && $degzdata = @gzuncompress($data))
807 {
808 $data = $degzdata;
809 if($this->debug > 1)
810 {
811 $this->debugmsg("\n+++INFLATED REQUEST+++[".strlen($data)." chars]+++\n" . $data . "\n+++END+++");
812 }
813 }
814 elseif($content_encoding == 'gzip' && $degzdata = @gzinflate(substr($data, 10)))
815 {
816 $data = $degzdata;
817 if($this->debug > 1)
818 $this->debugmsg("+++INFLATED REQUEST+++[".strlen($data)." chars]+++\n" . $data . "\n+++END+++");
819 }
820 else
821 {
822 $r = new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['server_decompress_fail'], $GLOBALS['xmlrpcstr']['server_decompress_fail']);
823 return $r;
824 }
825 }
826 else
827 {
828 //error_log('The server sent deflated data. Your php install must have the Zlib extension compiled in to support this.');
829 $r = new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['server_cannot_decompress'], $GLOBALS['xmlrpcstr']['server_cannot_decompress']);
830 return $r;
831 }
832 }
833 }
834
835 // check if client specified accepted charsets, and if we know how to fulfill
836 // the request
837 if ($this->response_charset_encoding == 'auto')
838 {
839 $resp_encoding = '';
840 if (isset($_SERVER['HTTP_ACCEPT_CHARSET']))
841 {
842 // here we should check if we can match the client-requested encoding
843 // with the encodings we know we can generate.
844 /// @todo we should parse q=0.x preferences instead of getting first charset specified...
845 $client_accepted_charsets = explode(',', strtoupper($_SERVER['HTTP_ACCEPT_CHARSET']));
846 // Give preference to internal encoding
847 $known_charsets = array($GLOBALS['xmlrpc_internalencoding'], 'UTF-8', 'ISO-8859-1', 'US-ASCII');
848 foreach ($known_charsets as $charset)
849 {
850 foreach ($client_accepted_charsets as $accepted)
851 if (strpos($accepted, $charset) === 0)
852 {
853 $resp_encoding = $charset;
854 break;
855 }
856 if ($resp_encoding)
857 break;
858 }
859 }
860 }
861 else
862 {
863 $resp_encoding = $this->response_charset_encoding;
864 }
865
866 if (isset($_SERVER['HTTP_ACCEPT_ENCODING']))
867 {
868 $resp_compression = $_SERVER['HTTP_ACCEPT_ENCODING'];
869 }
870 else
871 {
872 $resp_compression = '';
873 }
874
875 // 'guestimate' request encoding
876 /// @todo check if mbstring is enabled and automagic input conversion is on: it might mingle with this check???
877 $req_encoding = guess_encoding(isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : '',
878 $data);
879
880 return null;
881 }
882
883 /**
884 * Parse an xml chunk containing an xmlrpc request and execute the corresponding
885 * php function registered with the server
886 * @param string $data the xml request
887 * @param string $req_encoding (optional) the charset encoding of the xml request
888 * @return xmlrpcresp
889 * @access private
890 */
891 function parseRequest($data, $req_encoding='')
892 {
893 // 2005/05/07 commented and moved into caller function code
894 //if($data=='')
895 //{
896 // $data=$GLOBALS['HTTP_RAW_POST_DATA'];
897 //}
898
899 // G. Giunta 2005/02/13: we do NOT expect to receive html entities
900 // so we do not try to convert them into xml character entities
901 //$data = xmlrpc_html_entity_xlate($data);
902
903 $GLOBALS['_xh']=array();
904 $GLOBALS['_xh']['ac']='';
905 $GLOBALS['_xh']['stack']=array();
906 $GLOBALS['_xh']['valuestack'] = array();
907 $GLOBALS['_xh']['params']=array();
908 $GLOBALS['_xh']['pt']=array();
909 $GLOBALS['_xh']['isf']=0;
910 $GLOBALS['_xh']['isf_reason']='';
911 $GLOBALS['_xh']['method']=false; // so we can check later if we got a methodname or not
912 $GLOBALS['_xh']['rt']='';
913
914 // decompose incoming XML into request structure
915 if ($req_encoding != '')
916 {
917 if (!in_array($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII')))
918 // the following code might be better for mb_string enabled installs, but
919 // makes the lib about 200% slower...
920 //if (!is_valid_charset($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII')))
921 {
922 error_log('XML-RPC: xmlrpc_server::parseRequest: invalid charset encoding of received request: '.$req_encoding);
923 $req_encoding = $GLOBALS['xmlrpc_defencoding'];
924 }
925 /// @BUG this will fail on PHP 5 if charset is not specified in the xml prologue,
926 // the encoding is not UTF8 and there are non-ascii chars in the text...
927 /// @todo use an ampty string for php 5 ???
928 $parser = xml_parser_create($req_encoding);
929 }
930 else
931 {
932 $parser = xml_parser_create();
933 }
934
935 xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true);
936 // G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell
937 // the xml parser to give us back data in the expected charset
938 // What if internal encoding is not in one of the 3 allowed?
939 // we use the broadest one, ie. utf8
940 // This allows to send data which is native in various charset,
941 // by extending xmlrpc_encode_entitites() and setting xmlrpc_internalencoding
942 if (!in_array($GLOBALS['xmlrpc_internalencoding'], array('UTF-8', 'ISO-8859-1', 'US-ASCII')))
943 {
944 xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, 'UTF-8');
945 }
946 else
947 {
948 xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $GLOBALS['xmlrpc_internalencoding']);
949 }
950
951 if ($this->functions_parameters_type != 'xmlrpcvals')
952 xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee_fast');
953 else
954 xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee');
955 xml_set_character_data_handler($parser, 'xmlrpc_cd');
956 xml_set_default_handler($parser, 'xmlrpc_dh');
957 if(!xml_parse($parser, $data, 1))
958 {
959 // return XML error as a faultCode
960 $r= new xmlrpcresp(0,
961 $GLOBALS['xmlrpcerrxml']+xml_get_error_code($parser),
962 sprintf('XML error: %s at line %d, column %d',
963 xml_error_string(xml_get_error_code($parser)),
964 xml_get_current_line_number($parser), xml_get_current_column_number($parser)));
965 xml_parser_free($parser);
966 }
967 elseif ($GLOBALS['_xh']['isf'])
968 {
969 xml_parser_free($parser);
970 $r= new xmlrpcresp(0,
971 $GLOBALS['xmlrpcerr']['invalid_request'],
972 $GLOBALS['xmlrpcstr']['invalid_request'] . ' ' . $GLOBALS['_xh']['isf_reason']);
973 }
974 else
975 {
976 xml_parser_free($parser);
977 if ($this->functions_parameters_type != 'xmlrpcvals')
978 {
979 if($this->debug > 1)
980 {
981 $this->debugmsg("\n+++PARSED+++\n".var_export($GLOBALS['_xh']['params'], true)."\n+++END+++");
982 }
983 $r = $this->execute($GLOBALS['_xh']['method'], $GLOBALS['_xh']['params'], $GLOBALS['_xh']['pt']);
984 }
985 else
986 {
987 // build an xmlrpcmsg object with data parsed from xml
988 $m= new xmlrpcmsg($GLOBALS['_xh']['method']);
989 // now add parameters in
990 for($i=0; $i<count($GLOBALS['_xh']['params']); $i++)
991 {
992 $m->addParam($GLOBALS['_xh']['params'][$i]);
993 }
994
995 if($this->debug > 1)
996 {
997 $this->debugmsg("\n+++PARSED+++\n".var_export($m, true)."\n+++END+++");
998 }
999 $r = $this->execute($m);
1000 }
1001 }
1002 return $r;
1003 }
1004
1005 /**
1006 * Execute a method invoked by the client, checking parameters used
1007 * @param mixed $m either an xmlrpcmsg obj or a method name
1008 * @param array $params array with method parameters as php types (if m is method name only)
1009 * @param array $paramtypes array with xmlrpc types of method parameters (if m is method name only)
1010 * @return xmlrpcresp
1011 * @access private
1012 */
1013 function execute($m, $params=null, $paramtypes=null)
1014 {
1015 if (is_object($m))
1016 {
1017 $methName = $m->method();
1018 }
1019 else
1020 {
1021 $methName = $m;
1022 }
1023 $sysCall = $this->allow_system_funcs && (strpos($methName, "system.") === 0);
1024 $dmap = $sysCall ? $GLOBALS['_xmlrpcs_dmap'] : $this->dmap;
1025
1026 if(!isset($dmap[$methName]['function']))
1027 {
1028 // No such method
1029 return new xmlrpcresp(0,
1030 $GLOBALS['xmlrpcerr']['unknown_method'],
1031 $GLOBALS['xmlrpcstr']['unknown_method']);
1032 }
1033
1034 // Check signature
1035 if(isset($dmap[$methName]['signature']))
1036 {
1037 $sig = $dmap[$methName]['signature'];
1038 if (is_object($m))
1039 {
1040 list($ok, $errstr) = $this->verifySignature($m, $sig);
1041 }
1042 else
1043 {
1044 list($ok, $errstr) = $this->verifySignature($paramtypes, $sig);
1045 }
1046 if(!$ok)
1047 {
1048 // Didn't match.
1049 return new xmlrpcresp(
1050 0,
1051 $GLOBALS['xmlrpcerr']['incorrect_params'],
1052 $GLOBALS['xmlrpcstr']['incorrect_params'] . ": ${errstr}"
1053 );
1054 }
1055 }
1056
1057 $func = $dmap[$methName]['function'];
1058 // let the 'class::function' syntax be accepted in dispatch maps
1059 if(is_string($func) && strpos($func, '::'))
1060 {
1061 $func = explode('::', $func);
1062 }
1063 // verify that function to be invoked is in fact callable
1064 if(!is_callable($func))
1065 {
1066 error_log("XML-RPC: xmlrpc_server::execute: function $func registered as method handler is not callable");
1067 return new xmlrpcresp(
1068 0,
1069 $GLOBALS['xmlrpcerr']['server_error'],
1070 $GLOBALS['xmlrpcstr']['server_error'] . ": no function matches method"
1071 );
1072 }
1073
1074 // If debug level is 3, we should catch all errors generated during
1075 // processing of user function, and log them as part of response
1076 if($this->debug > 2)
1077 {
1078 $GLOBALS['_xmlrpcs_prev_ehandler'] = set_error_handler('_xmlrpcs_errorHandler');
1079 }
1080 if (is_object($m))
1081 {
1082 if($sysCall)
1083 {
1084 $r = call_user_func($func, $this, $m);
1085 }
1086 else
1087 {
1088 $r = call_user_func($func, $m);
1089 }
1090 if (!is_a($r, 'xmlrpcresp'))
1091 {
1092 error_log("XML-RPC: xmlrpc_server::execute: function $func registered as method handler does not return an xmlrpcresp object");
1093 if (is_a($r, 'xmlrpcval'))
1094 {
1095 $r = new xmlrpcresp($r);
1096 }
1097 else
1098 {
1099 $r = new xmlrpcresp(
1100 0,
1101 $GLOBALS['xmlrpcerr']['server_error'],
1102 $GLOBALS['xmlrpcstr']['server_error'] . ": function does not return xmlrpcresp object"
1103 );
1104 }
1105 }
1106 }
1107 else
1108 {
1109 // call a 'plain php' function
1110 if($sysCall)
1111 {
1112 array_unshift($params, $this);
1113 $r = call_user_func_array($func, $params);
1114 }
1115 else
1116 {
1117 // 3rd API convention for method-handling functions: EPI-style
1118 if ($this->functions_parameters_type == 'epivals')
1119 {
1120 $r = call_user_func_array($func, array($methName, $params, $this->user_data));
1121 // mimic EPI behaviour: if we get an array that looks like an error, make it
1122 // an eror response
1123 if (is_array($r) && array_key_exists('faultCode', $r) && array_key_exists('faultString', $r))
1124 {
1125 $r = new xmlrpcresp(0, (integer)$r['faultCode'], (string)$r['faultString']);
1126 }
1127 else
1128 {
1129 // functions using EPI api should NOT return resp objects,
1130 // so make sure we encode the return type correctly
1131 $r = new xmlrpcresp(php_xmlrpc_encode($r, array('extension_api')));
1132 }
1133 }
1134 else
1135 {
1136 $r = call_user_func_array($func, $params);
1137 }
1138 }
1139 // the return type can be either an xmlrpcresp object or a plain php value...
1140 if (!is_a($r, 'xmlrpcresp'))
1141 {
1142 // what should we assume here about automatic encoding of datetimes
1143 // and php classes instances???
1144 $r = new xmlrpcresp(php_xmlrpc_encode($r, array('auto_dates')));
1145 }
1146 }
1147 if($this->debug > 2)
1148 {
1149 // note: restore the error handler we found before calling the
1150 // user func, even if it has been changed inside the func itself
1151 if($GLOBALS['_xmlrpcs_prev_ehandler'])
1152 {
1153 set_error_handler($GLOBALS['_xmlrpcs_prev_ehandler']);
1154 }
1155 else
1156 {
1157 restore_error_handler();
1158 }
1159 }
1160 return $r;
1161 }
1162
1163 /**
1164 * add a string to the 'internal debug message' (separate from 'user debug message')
1165 * @param string $strings
1166 * @access private
1167 */
1168 function debugmsg($string)
1169 {
1170 $this->debug_info .= $string."\n";
1171 }
1172
1173 /**
1174 * @access private
1175 */
1176 function xml_header($charset_encoding='')
1177 {
1178 if ($charset_encoding != '')
1179 {
1180 return "<?xml version=\"1.0\" encoding=\"$charset_encoding\"?" . ">\n";
1181 }
1182 else
1183 {
1184 return "<?xml version=\"1.0\"?" . ">\n";
1185 }
1186 }
1187
1188 /**
1189 * A debugging routine: just echoes back the input packet as a string value
1190 * DEPRECATED!
1191 */
1192 function echoInput()
1193 {
1194 $r= new xmlrpcresp(new xmlrpcval( "'Aha said I: '" . $GLOBALS['HTTP_RAW_POST_DATA'], 'string'));
1195 print $r->serialize();
1196 }
1197 }
1198?> \ No newline at end of file