<?php
/**
- * @version $Id$
* @author Gaetano Giunta
- * @copyright (C) 2005-2008 G. Giunta
+ * @copyright (C) 2005-2014 G. Giunta
* @license code licensed under the BSD License: http://phpxmlrpc.sourceforge.net/license.txt
*
* @todo switch params for http compression from 0,1,2 to values to be used directly
<body>
<?php
- include(getcwd().'/common.php');
+ include(dirname(__FILE__).'/common.php');
if ($action)
{
if ($port != "")
{
- $client =& new $clientclass($path, $host, $port);
+ $client = new $clientclass($path, $host, $port);
$server = "$host:$port$path";
} else {
- $client =& new $clientclass($path, $host);
+ $client = new $clientclass($path, $host);
$server = "$host$path";
}
if ($protocol == 2)
$server = 'http://'.$server;
}
if ($proxy != '') {
- $pproxy = split(':', $proxy);
+ $pproxy = explode(':', $proxy);
if (count($pproxy) > 1)
$pport = $pproxy[1];
else
// fall thru intentionally
case 'describe':
case 'wrap':
- $msg[0] =& new $msgclass('system.methodHelp', null, $id);
+ $msg[0] = new $msgclass('system.methodHelp', null, $id);
$msg[0]->addparam(new xmlrpcval($method));
- $msg[1] =& new $msgclass('system.methodSignature', null, $id+1);
+ $msg[1] = new $msgclass('system.methodSignature', null, $id+1);
$msg[1]->addparam(new xmlrpcval($method));
$actionname = 'Description of method "'.$method.'"';
break;
case 'list':
- $msg[0] =& new $msgclass('system.listMethods', null, $id);
+ $msg[0] = new $msgclass('system.listMethods', null, $id);
$actionname = 'List of available methods';
break;
case 'execute':
if (!payload_is_safe($payload))
die("Tsk tsk tsk, please stop it or I will have to call in the cops!");
- $msg[0] =& new $msgclass($method, null, $id);
+ $msg[0] = new $msgclass($method, null, $id);
// hack! build xml payload by hand
if ($wstype == 1)
{
}
}
else
- $msg[0]->payload = $msg[0]->xml_header() .
+ $msg[0]->payload = $msg[0]->xml_header($inputcharset) .
'<methodName>' . $method . "</methodName>\n<params>" .
$payload .
"</params>\n" . $msg[0]->xml_footer();
// Before calling execute, echo out brief description of action taken + date and time ???
// this gives good user feedback for long-running methods...
- echo '<h2>'.htmlspecialchars($actionname).' on server '.htmlspecialchars($server)." ...</h2>\n";
+ echo '<h2>'.htmlspecialchars($actionname, ENT_COMPAT, $inputcharset).' on server '.htmlspecialchars($server, ENT_COMPAT, $inputcharset)." ...</h2>\n";
flush();
$response = null;
if ($response->faultCode())
{
// call failed! echo out error msg!
- //echo '<h2>'.htmlspecialchars($actionname).' on server '.htmlspecialchars($server).'</h2>';
+ //echo '<h2>'.htmlspecialchars($actionname, ENT_COMPAT, $inputcharset).' on server '.htmlspecialchars($server, ENT_COMPAT, $inputcharset).'</h2>';
echo "<h3>$protoname call FAILED!</h3>\n";
- echo "<p>Fault code: [" . htmlspecialchars($response->faultCode()) .
- "] Reason: '" . htmlspecialchars($response->faultString()) . "'</p>\n";
+ echo "<p>Fault code: [" . htmlspecialchars($response->faultCode(), ENT_COMPAT, $GLOBALS['xmlrpc_internalencoding']) .
+ "] Reason: '" . htmlspecialchars($response->faultString(), ENT_COMPAT, $GLOBALS['xmlrpc_internalencoding']) . "'</p>\n";
echo (strftime("%d/%b/%Y:%H:%M:%S\n"));
}
else
{
// call succeeded: parse results
- //echo '<h2>'.htmlspecialchars($actionname).' on server '.htmlspecialchars($server).'</h2>';
+ //echo '<h2>'.htmlspecialchars($actionname, ENT_COMPAT, $inputcharset).' on server '.htmlspecialchars($server, ENT_COMPAT, $inputcharset).'</h2>';
printf ("<h3>%s call(s) OK (%.2f secs.)</h3>\n", $protoname, $time);
echo (strftime("%d/%b/%Y:%H:%M:%S\n"));
{
$rec = $v->arraymem($i);
if ($i%2) $class=' class="oddrow"'; else $class = ' class="evenrow"';
- echo ("<tr><td$class>".htmlspecialchars($rec->scalarval())."</td><td$class><form action=\"controller.php\" method=\"get\" target=\"frmcontroller\">".
- "<input type=\"hidden\" name=\"host\" value=\"".htmlspecialchars($host)."\" />".
- "<input type=\"hidden\" name=\"port\" value=\"".htmlspecialchars($port)."\" />".
- "<input type=\"hidden\" name=\"path\" value=\"".htmlspecialchars($path)."\" />".
- "<input type=\"hidden\" name=\"id\" value=\"".htmlspecialchars($id)."\" />".
+ echo ("<tr><td$class>".htmlspecialchars($rec->scalarval(), ENT_COMPAT, $GLOBALS['xmlrpc_internalencoding'])."</td><td$class><form action=\"controller.php\" method=\"get\" target=\"frmcontroller\">".
+ "<input type=\"hidden\" name=\"host\" value=\"".htmlspecialchars($host, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"port\" value=\"".htmlspecialchars($port, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"path\" value=\"".htmlspecialchars($path, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"id\" value=\"".htmlspecialchars($id, ENT_COMPAT, $inputcharset)."\" />".
"<input type=\"hidden\" name=\"debug\" value=\"$debug\" />".
- "<input type=\"hidden\" name=\"username\" value=\"".htmlspecialchars($username)."\" />".
- "<input type=\"hidden\" name=\"password\" value=\"".htmlspecialchars($password)."\" />".
+ "<input type=\"hidden\" name=\"username\" value=\"".htmlspecialchars($username, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"password\" value=\"".htmlspecialchars($password, ENT_COMPAT, $inputcharset)."\" />".
"<input type=\"hidden\" name=\"authtype\" value=\"$authtype\" />".
"<input type=\"hidden\" name=\"verifyhost\" value=\"$verifyhost\" />".
"<input type=\"hidden\" name=\"verifypeer\" value=\"$verifypeer\" />".
- "<input type=\"hidden\" name=\"cainfo\" value=\"".htmlspecialchars($cainfo)."\" />".
- "<input type=\"hidden\" name=\"proxy\" value=\"".htmlspecialchars($proxy)."\" />".
- "<input type=\"hidden\" name=\"proxyuser\" value=\"".htmlspecialchars($proxyuser)."\" />".
- "<input type=\"hidden\" name=\"proxypwd\" value=\"".htmlspecialchars($proxypwd)."\" />".
+ "<input type=\"hidden\" name=\"cainfo\" value=\"".htmlspecialchars($cainfo, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"proxy\" value=\"".htmlspecialchars($proxy, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"proxyuser\" value=\"".htmlspecialchars($proxyuser, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"proxypwd\" value=\"".htmlspecialchars($proxypwd, ENT_COMPAT, $inputcharset)."\" />".
"<input type=\"hidden\" name=\"responsecompression\" value=\"$responsecompression\" />".
"<input type=\"hidden\" name=\"requestcompression\" value=\"$requestcompression\" />".
- "<input type=\"hidden\" name=\"clientcookies\" value=\"".htmlspecialchars($clientcookies)."\" />".
+ "<input type=\"hidden\" name=\"clientcookies\" value=\"".htmlspecialchars($clientcookies, ENT_COMPAT, $inputcharset)."\" />".
"<input type=\"hidden\" name=\"protocol\" value=\"$protocol\" />".
- "<input type=\"hidden\" name=\"timeout\" value=\"".htmlspecialchars($timeout)."\" />".
+ "<input type=\"hidden\" name=\"timeout\" value=\"".htmlspecialchars($timeout, ENT_COMPAT, $inputcharset)."\" />".
"<input type=\"hidden\" name=\"method\" value=\"".$rec->scalarval()."\" />".
"<input type=\"hidden\" name=\"wstype\" value=\"$wstype\" />".
"<input type=\"hidden\" name=\"action\" value=\"describe\" />".
$r2 = $resp[1]->value();
echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n";
- echo "<thead>\n<tr><th>Method</th><th>".htmlspecialchars($method)."</th><th> </th><th> </th></tr>\n</thead>\n<tbody>\n";
- $desc = htmlspecialchars($r1->scalarval());
+ echo "<thead>\n<tr><th>Method</th><th>".htmlspecialchars($method, ENT_COMPAT, $inputcharset)."</th><th> </th><th> </th></tr>\n</thead>\n<tbody>\n";
+ $desc = htmlspecialchars($r1->scalarval(), ENT_COMPAT, $GLOBALS['xmlrpc_internalencoding']);
if ($desc == "")
$desc = "-";
echo "<tr><td class=\"evenrow\">Description</td><td colspan=\"3\" class=\"evenrow\">$desc</td></tr>\n";
if ($x->kindOf()=="array")
{
$ret = $x->arraymem(0);
- echo "<code>OUT: " . htmlspecialchars($ret->scalarval()) . "<br />IN: (";
+ echo "<code>OUT: " . htmlspecialchars($ret->scalarval(), ENT_COMPAT, $GLOBALS['xmlrpc_internalencoding']) . "<br />IN: (";
if ($x->arraysize() > 1)
{
for($k = 1; $k < $x->arraysize(); $k++)
echo $y->scalarval();
if ($wstype != 1)
{
- $payload = $payload . '<param><value><'.htmlspecialchars($y->scalarval()).'></'.htmlspecialchars($y->scalarval())."></value></param>\n";
+ $payload = $payload . '<param><value><'.htmlspecialchars($y->scalarval(), ENT_COMPAT, $GLOBALS['xmlrpc_internalencoding']).'></'.htmlspecialchars($y->scalarval(), ENT_COMPAT, $GLOBALS['xmlrpc_internalencoding'])."></value></param>\n";
}
$alt_payload .= $y->scalarval();
if ($k < $x->arraysize()-1)
//bottone per testare questo metodo
//$payload="<methodCall>\n<methodName>$method</methodName>\n<params>\n$payload</params>\n</methodCall>";
echo "<td$class><form action=\"controller.php\" target=\"frmcontroller\" method=\"get\">".
- "<input type=\"hidden\" name=\"host\" value=\"".htmlspecialchars($host)."\" />".
- "<input type=\"hidden\" name=\"port\" value=\"".htmlspecialchars($port)."\" />".
- "<input type=\"hidden\" name=\"path\" value=\"".htmlspecialchars($path)."\" />".
- "<input type=\"hidden\" name=\"id\" value=\"".htmlspecialchars($id)."\" />".
+ "<input type=\"hidden\" name=\"host\" value=\"".htmlspecialchars($host, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"port\" value=\"".htmlspecialchars($port, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"path\" value=\"".htmlspecialchars($path, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"id\" value=\"".htmlspecialchars($id, ENT_COMPAT, $inputcharset)."\" />".
"<input type=\"hidden\" name=\"debug\" value=\"$debug\" />".
- "<input type=\"hidden\" name=\"username\" value=\"".htmlspecialchars($username)."\" />".
- "<input type=\"hidden\" name=\"password\" value=\"".htmlspecialchars($password)."\" />".
+ "<input type=\"hidden\" name=\"username\" value=\"".htmlspecialchars($username, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"password\" value=\"".htmlspecialchars($password, ENT_COMPAT, $inputcharset)."\" />".
"<input type=\"hidden\" name=\"authtype\" value=\"$authtype\" />".
"<input type=\"hidden\" name=\"verifyhost\" value=\"$verifyhost\" />".
"<input type=\"hidden\" name=\"verifypeer\" value=\"$verifypeer\" />".
- "<input type=\"hidden\" name=\"cainfo\" value=\"".htmlspecialchars($cainfo)."\" />".
- "<input type=\"hidden\" name=\"proxy\" value=\"".htmlspecialchars($proxy)."\" />".
- "<input type=\"hidden\" name=\"proxyuser\" value=\"".htmlspecialchars($proxyuser)."\" />".
- "<input type=\"hidden\" name=\"proxypwd\" value=\"".htmlspecialchars($proxypwd)."\" />".
+ "<input type=\"hidden\" name=\"cainfo\" value=\"".htmlspecialchars($cainfo, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"proxy\" value=\"".htmlspecialchars($proxy, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"proxyuser\" value=\"".htmlspecialchars($proxyuser, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"proxypwd\" value=\"".htmlspecialchars($proxypwd, ENT_COMPAT, $inputcharset)."\" />".
"<input type=\"hidden\" name=\"responsecompression\" value=\"$responsecompression\" />".
"<input type=\"hidden\" name=\"requestcompression\" value=\"$requestcompression\" />".
- "<input type=\"hidden\" name=\"clientcookies\" value=\"".htmlspecialchars($clientcookies)."\" />".
+ "<input type=\"hidden\" name=\"clientcookies\" value=\"".htmlspecialchars($clientcookies, ENT_COMPAT, $inputcharset)."\" />".
"<input type=\"hidden\" name=\"protocol\" value=\"$protocol\" />".
- "<input type=\"hidden\" name=\"timeout\" value=\"".htmlspecialchars($timeout)."\" />".
- "<input type=\"hidden\" name=\"method\" value=\"".htmlspecialchars($method)."\" />".
- "<input type=\"hidden\" name=\"methodpayload\" value=\"".htmlspecialchars($payload)."\" />".
- "<input type=\"hidden\" name=\"altmethodpayload\" value=\"".htmlspecialchars($alt_payload)."\" />".
+ "<input type=\"hidden\" name=\"timeout\" value=\"".htmlspecialchars($timeout, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"method\" value=\"".htmlspecialchars($method, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"methodpayload\" value=\"".htmlspecialchars($payload, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"altmethodpayload\" value=\"".htmlspecialchars($alt_payload, ENT_COMPAT, $inputcharset)."\" />".
"<input type=\"hidden\" name=\"wstype\" value=\"$wstype\" />".
"<input type=\"hidden\" name=\"action\" value=\"execute\" />";
if ($wstype != 1)
echo "</form></td>\n";
echo "<td$class><form action=\"controller.php\" target=\"frmcontroller\" method=\"get\">".
- "<input type=\"hidden\" name=\"host\" value=\"".htmlspecialchars($host)."\" />".
- "<input type=\"hidden\" name=\"port\" value=\"".htmlspecialchars($port)."\" />".
- "<input type=\"hidden\" name=\"path\" value=\"".htmlspecialchars($path)."\" />".
- "<input type=\"hidden\" name=\"id\" value=\"".htmlspecialchars($id)."\" />".
+ "<input type=\"hidden\" name=\"host\" value=\"".htmlspecialchars($host, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"port\" value=\"".htmlspecialchars($port, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"path\" value=\"".htmlspecialchars($path, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"id\" value=\"".htmlspecialchars($id, ENT_COMPAT, $inputcharset)."\" />".
"<input type=\"hidden\" name=\"debug\" value=\"$debug\" />".
- "<input type=\"hidden\" name=\"username\" value=\"".htmlspecialchars($username)."\" />".
- "<input type=\"hidden\" name=\"password\" value=\"".htmlspecialchars($password)."\" />".
+ "<input type=\"hidden\" name=\"username\" value=\"".htmlspecialchars($username, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"password\" value=\"".htmlspecialchars($password, ENT_COMPAT, $inputcharset)."\" />".
"<input type=\"hidden\" name=\"authtype\" value=\"$authtype\" />".
"<input type=\"hidden\" name=\"verifyhost\" value=\"$verifyhost\" />".
"<input type=\"hidden\" name=\"verifypeer\" value=\"$verifypeer\" />".
- "<input type=\"hidden\" name=\"cainfo\" value=\"".htmlspecialchars($cainfo)."\" />".
- "<input type=\"hidden\" name=\"proxy\" value=\"".htmlspecialchars($proxy)."\" />".
- "<input type=\"hidden\" name=\"proxyuser\" value=\"".htmlspecialchars($proxyuser)."\" />".
- "<input type=\"hidden\" name=\"proxypwd\" value=\"".htmlspecialchars($proxypwd)."\" />".
+ "<input type=\"hidden\" name=\"cainfo\" value=\"".htmlspecialchars($cainfo, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"proxy\" value=\"".htmlspecialchars($proxy, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"proxyuser\" value=\"".htmlspecialchars($proxyuser, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"proxypwd\" value=\"".htmlspecialchars($proxypwd, ENT_COMPAT, $inputcharset)."\" />".
"<input type=\"hidden\" name=\"responsecompression\" value=\"$responsecompression\" />".
"<input type=\"hidden\" name=\"requestcompression\" value=\"$requestcompression\" />".
- "<input type=\"hidden\" name=\"clientcookies\" value=\"".htmlspecialchars($clientcookies)."\" />".
+ "<input type=\"hidden\" name=\"clientcookies\" value=\"".htmlspecialchars($clientcookies, ENT_COMPAT, $inputcharset)."\" />".
"<input type=\"hidden\" name=\"protocol\" value=\"$protocol\" />".
- "<input type=\"hidden\" name=\"timeout\" value=\"".htmlspecialchars($timeout)."\" />".
- "<input type=\"hidden\" name=\"method\" value=\"".htmlspecialchars($method)."\" />".
+ "<input type=\"hidden\" name=\"timeout\" value=\"".htmlspecialchars($timeout, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"method\" value=\"".htmlspecialchars($method, ENT_COMPAT, $inputcharset)."\" />".
"<input type=\"hidden\" name=\"methodsig\" value=\"".$i."\" />".
- "<input type=\"hidden\" name=\"methodpayload\" value=\"".htmlspecialchars($payload)."\" />".
- "<input type=\"hidden\" name=\"altmethodpayload\" value=\"".htmlspecialchars($alt_payload)."\" />".
+ "<input type=\"hidden\" name=\"methodpayload\" value=\"".htmlspecialchars($payload, ENT_COMPAT, $inputcharset)."\" />".
+ "<input type=\"hidden\" name=\"altmethodpayload\" value=\"".htmlspecialchars($alt_payload, ENT_COMPAT, $inputcharset)."\" />".
"<input type=\"hidden\" name=\"wstype\" value=\"$wstype\" />".
"<input type=\"hidden\" name=\"run\" value=\"now\" />".
"<input type=\"hidden\" name=\"action\" value=\"wrap\" />".
break;
case 'execute':
- echo '<div id="response"><h2>Response:</h2>'.htmlspecialchars($response->serialize()).'</div>';
+ echo '<div id="response"><h2>Response:</h2>'.htmlspecialchars($response->serialize(), ENT_COMPAT, $GLOBALS['xmlrpc_internalencoding']).'</div>';
break;
default: // give a warning
<h3>Changelog</h3>
<ul>
+<li>2015-04-19: fixed errors with LATIN-1 payloads and method names</li>
<li>2007-02-20: add visual editor for method payload; allow strings, bools as jsonrpc msg id</li>
<li>2006-06-26: support building php code stub for calling remote methods</li>
<li>2006-05-25: better support for long running queries; check for no-curl installs</li>