/**
* XMLRPC server acting as proxy for requests to other servers
* (useful e.g. for ajax-originated calls that can only connect back to
- * the originating server)
+ * the originating server).
*
* @author Gaetano Giunta
- * @copyright (C) 2006-2014 G. Giunta
- * @license code licensed under the BSD License: http://phpxmlrpc.sourceforge.net/license.txt
+ * @copyright (C) 2006-2020 G. Giunta
+ * @license code licensed under the BSD License: see file license.txt
*/
- include_once(__DIR__."/../../lib/xmlrpc.inc");
- include_once(__DIR__."/../../lib/xmlrpcs.inc");
+require_once __DIR__ . "/_bootstrap.php";
- /**
- * Forward an xmlrpc request to another server, and return to client the response received.
- * @param xmlrpcmsg $m (see method docs below for a description of the expected parameters)
- * @return xmlrpcresp
- */
- function forward_request($m)
- {
- // create client
- $timeout = 0;
- $url = php_xmlrpc_decode($m->getParam(0));
- $c = new xmlrpc_client($url);
- if ($m->getNumParams() > 3)
- {
- // we have to set some options onto the client.
- // Note that if we do not untaint the received values, warnings might be generated...
- $options = php_xmlrpc_decode($m->getParam(3));
- foreach($options as $key => $val)
- {
- switch($key)
- {
- case 'Cookie':
- break;
- case 'Credentials':
- break;
- case 'RequestCompression':
- $c->setRequestCompression($val);
- break;
- case 'SSLVerifyHost':
- $c->setSSLVerifyHost($val);
- break;
- case 'SSLVerifyPeer':
- $c->setSSLVerifyPeer($val);
- break;
- case 'Timeout':
- $timeout = (integer) $val;
- break;
- } // switch
- }
- }
+/**
+ * Forward an xmlrpc request to another server, and return to client the response received.
+ *
+ * DO NOT RUN AS IS IN PRODUCTION - this is an open relay !!!
+ *
+ * @param PhpXmlRpc\Request $req (see method docs below for a description of the expected parameters)
+ *
+ * @return PhpXmlRpc\Response
+ */
+function forward_request($req)
+{
+ $encoder = new \PhpXmlRpc\Encoder();
+
+ // create client
+ $timeout = 0;
+ $url = $encoder->decode($req->getParam(0));
+ $client = new PhpXmlRpc\Client($url);
- // build call for remote server
- /// @todo find a weay to forward client info (such as IP) to server, either
- /// - as xml comments in the payload, or
- /// - using std http header conventions, such as X-forwarded-for...
- $method = php_xmlrpc_decode($m->getParam(1));
- $pars = $m->getParam(2);
- $m = new xmlrpcmsg($method);
- for ($i = 0; $i < $pars->arraySize(); $i++)
- {
- $m->addParam($pars->arraymem($i));
+ if ($req->getNumParams() > 3) {
+ // we have to set some options onto the client.
+ // Note that if we do not untaint the received values, warnings might be generated...
+ $options = $encoder->decode($req->getParam(3));
+ foreach ($options as $key => $val) {
+ switch ($key) {
+ case 'Cookie':
+ break;
+ case 'Credentials':
+ break;
+ case 'RequestCompression':
+ $client->setRequestCompression($val);
+ break;
+ case 'SSLVerifyHost':
+ $client->setSSLVerifyHost($val);
+ break;
+ case 'SSLVerifyPeer':
+ $client->setSSLVerifyPeer($val);
+ break;
+ case 'Timeout':
+ $timeout = (integer)$val;
+ break;
+ } // switch
}
+ }
- // add debug info into response we give back to caller
- xmlrpc_debugmsg("Sending to server $url the payload: ".$m->serialize());
- return $c->send($m, $timeout);
+ // build call for remote server
+ /// @todo find a way to forward client info (such as IP) to server, either
+ /// - as xml comments in the payload, or
+ /// - using std http header conventions, such as X-forwarded-for...
+ $reqMethod = $encoder->decode($req->getParam(1));
+ $pars = $req->getParam(2);
+ $req = new PhpXmlRpc\Request($reqMethod);
+ foreach ($pars as $par) {
+ $req->addParam($par);
}
- // run the server
- $server = new xmlrpc_server(
- array(
- 'xmlrpcproxy.call' => array(
- 'function' => 'forward_request',
- 'signature' => array(
- array('mixed', 'string', 'string', 'array'),
- array('mixed', 'string', 'string', 'array', 'stuct'),
- ),
- 'docstring' => 'forwards xmlrpc calls to remote servers. Returns remote method\'s response. Accepts params: remote server url (might include basic auth credentials), method name, array of params, and (optionally) a struct containing call options'
- )
- )
- );
+ // add debug info into response we give back to caller
+ PhpXmlRpc\Server::xmlrpc_debugmsg("Sending to server $url the payload: " . $req->serialize());
+
+ return $client->send($req, $timeout);
+}
+
+// run the server
+// NB: take care not to output anything else after this call, as it will mess up the responses and it will be hard to
+// debug. In case you have to do so, at least re-emit a correct Content-Length http header (requires output buffering)
+$server = new PhpXmlRpc\Server(
+ array(
+ 'xmlrpcproxy.call' => array(
+ 'function' => 'forward_request',
+ 'signature' => array(
+ array('mixed', 'string', 'string', 'array'),
+ array('mixed', 'string', 'string', 'array', 'struct'),
+ ),
+ 'docstring' => 'forwards xmlrpc calls to remote servers. Returns remote method\'s response. Accepts params: remote server url (might include basic auth credentials), method name, array of params, and (optionally) a struct containing call options',
+ ),
+ )
+);