<?php\r
// by Edd Dumbill (C) 1999-2002\r
// <edd@usefulinc.com>\r
-// $Id: xmlrpcs.inc,v 1.71 2008/10/29 23:41:28 ggiunta Exp $\r
\r
// Copyright (c) 1999,2000,2002 Edd Dumbill.\r
// All rights reserved.\r
\r
$GLOBALS['_xmlrpcs_occurred_errors'] = '';\r
$GLOBALS['_xmlrpcs_prev_ehandler'] = '';\r
+\r
/**\r
* Error handler used to track errors that occur during server-side execution of PHP code.\r
* This allows to report back to the client whether an internal error has occurred or not\r
return;\r
\r
//if($errcode != E_NOTICE && $errcode != E_WARNING && $errcode != E_USER_NOTICE && $errcode != E_USER_WARNING)\r
- if($errcode != 2048) // do not use E_STRICT by name, since on PHP 4 it will not be defined\r
+ if($errcode != E_STRICT)\r
{\r
$GLOBALS['_xmlrpcs_occurred_errors'] = $GLOBALS['_xmlrpcs_occurred_errors'] . $errstring . "\n";\r
}\r
/**\r
* Add a string to the debug info that can be later seralized by the server\r
* as part of the response message.\r
- * Note that for best compatbility, the debug string should be encoded using\r
+ * Note that for best compatibility, the debug string should be encoded using\r
* the $GLOBALS['xmlrpc_internalencoding'] character set.\r
* @param string $m\r
* @access public\r
* valid strings are 'xmlrpcvals', 'phpvals' or 'epivals'\r
*/\r
var $functions_parameters_type='xmlrpcvals';\r
- /**\r
- * Option used for fine-tuning the encoding the php values returned from\r
- * functions registered in the dispatch map when the functions_parameters_types\r
- * member is set to 'phpvals'\r
- * @see php_xmlrpc_encode for a list of values\r
- */\r
- var $phpvals_encoding_options = array( 'auto_dates' );\r
- /// controls wether the server is going to echo debugging messages back to the client as comments in response body. valid values: 0,1,2,3\r
+ /**\r
+ * Option used for fine-tuning the encoding the php values returned from\r
+ * functions registered in the dispatch map when the functions_parameters_types\r
+ * member is set to 'phpvals'\r
+ * @see php_xmlrpc_encode for a list of values\r
+ */\r
+ var $phpvals_encoding_options = array( 'auto_dates' );\r
+ /// controls whether the server is going to echo debugging messages back to the client as comments in response body. valid values: 0,1,2,3\r
var $debug = 1;\r
/**\r
+ * Controls behaviour of server when invoked user function throws an exception:\r
+ * 0 = catch it and return an 'internal error' xmlrpc response (default)\r
+ * 1 = catch it and return an xmlrpc response with the error corresponding to the exception\r
+ * 2 = allow the exception to float to the upper layers\r
+ */\r
+ var $exception_handling = 0;\r
+ /**\r
* When set to true, it will enable HTTP compression of the response, in case\r
* the client has declared its support for compression in the request.\r
*/\r
var $user_data = null;\r
\r
/**\r
- * @param array $dispmap the dispatch map withd efinition of exposed services\r
- * @param boolean $servicenow set to false to prevent the server from runnung upon construction\r
+ * @param array $dispmap the dispatch map with definition of exposed services\r
+ * @param boolean $servicenow set to false to prevent the server from running upon construction\r
*/\r
- function xmlrpc_server($dispMap=null, $serviceNow=true)\r
+ function __construct($dispMap=null, $serviceNow=true)\r
{\r
// if ZLIB is enabled, let the server by default accept compressed requests,\r
// and compress responses sent to clients that support them\r
}\r
}\r
\r
+ /**\r
+ * @deprecated\r
+ */\r
+ function xmlrpc_client($dispMap=null, $serviceNow=true)\r
+ {\r
+ self::__construct($dispMap, $serviceNow);\r
+ }\r
+\r
/**\r
* Set debug level of server.\r
* @param integer $in debug lvl: determines info added to xmlrpc responses (as xml comments)\r
* with the standard processing of the php function exposed as method. In\r
* particular, triggering an USER_ERROR level error will not halt script\r
* execution anymore, but just end up logged in the xmlrpc response)\r
- * Note that info added at elevel 2 and 3 will be base64 encoded\r
+ * Note that info added at level 2 and 3 will be base64 encoded\r
* @access public\r
*/\r
function setDebug($in)\r
if ($data === null)\r
{\r
// workaround for a known bug in php ver. 5.2.2 that broke $HTTP_RAW_POST_DATA\r
- $ver = phpversion();\r
- if ($ver[0] >= 5)\r
- {\r
- $data = file_get_contents('php://input');\r
- }\r
- else\r
- {\r
- $data = isset($GLOBALS['HTTP_RAW_POST_DATA']) ? $GLOBALS['HTTP_RAW_POST_DATA'] : '';\r
- }\r
+ $data = file_get_contents('php://input');\r
}\r
$raw_data = $data;\r
\r
}\r
else\r
{\r
- error_log('XML-RPC: xmlrpc_server::service: http headers already sent before response is fully generated. Check for php warning or error messages');\r
+ error_log('XML-RPC: '.__METHOD__.': http headers already sent before response is fully generated. Check for php warning or error messages');\r
}\r
\r
print $payload;\r
}\r
if ($sigdoc)\r
{\r
- $this->dmap[$methodname]['signature_docs'] = $sigdoc;\r
+ $this->dmap[$methodname]['signature_docs'] = $sigdoc;\r
}\r
}\r
\r
* Verify type and number of parameters received against a list of known signatures\r
* @param array $in array of either xmlrpcval objects or xmlrpc type definitions\r
* @param array $sig array of known signatures to match against\r
+ * @return array\r
* @access private\r
*/\r
function verifySignature($in, $sig)\r
\r
/**\r
* Parse http headers received along with xmlrpc request. If needed, inflate request\r
- * @return null on success or an xmlrpcresp\r
+ * @return mixed null on success or an xmlrpcresp\r
* @access private\r
*/\r
function parseRequestHeaders(&$data, &$req_encoding, &$resp_encoding, &$resp_compression)\r
{\r
- // Play nice to PHP 4.0.x: superglobals were not yet invented...\r
- if(!isset($_SERVER))\r
+ // check if $_SERVER is populated: it might have been disabled via ini file\r
+ // (this is true even when in CLI mode)\r
+ if (count($_SERVER) == 0)\r
{\r
- $_SERVER = $GLOBALS['HTTP_SERVER_VARS'];\r
+ error_log('XML-RPC: '.__METHOD__.': cannot parse request headers as $_SERVER is not populated');\r
}\r
\r
if($this->debug > 1)\r
$GLOBALS['_xh']['rt']='';\r
\r
// decompose incoming XML into request structure\r
+\r
if ($req_encoding != '')\r
{\r
- if (!in_array($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII')))\r
- // the following code might be better for mb_string enabled installs, but\r
+ // Since parsing will fail if charset is not specified in the xml prologue,\r
+ // the encoding is not UTF8 and there are non-ascii chars in the text, we try to work round that...\r
+ // The following code might be better for mb_string enabled installs, but\r
// makes the lib about 200% slower...\r
- //if (!is_valid_charset($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII')))\r
- {\r
- error_log('XML-RPC: xmlrpc_server::parseRequest: invalid charset encoding of received request: '.$req_encoding);\r
- $req_encoding = $GLOBALS['xmlrpc_defencoding'];\r
+ //if (!is_valid_charset($req_encoding, array('UTF-8')))\r
+ if (!in_array($req_encoding, array('UTF-8', 'US-ASCII')) && !has_encoding($data)) {\r
+ if ($req_encoding == 'ISO-8859-1') {\r
+ $data = utf8_encode($data);\r
+ } else {\r
+ if (extension_loaded('mbstring')) {\r
+ $data = mb_convert_encoding($data, 'UTF-8', $req_encoding);\r
+ } else {\r
+ error_log('XML-RPC: ' . __METHOD__ . ': invalid charset encoding of received request: ' . $req_encoding);\r
+ }\r
+ }\r
}\r
- /// @BUG this will fail on PHP 5 if charset is not specified in the xml prologue,\r
- // the encoding is not UTF8 and there are non-ascii chars in the text...\r
- /// @todo use an ampty string for php 5 ???\r
- $parser = xml_parser_create($req_encoding);\r
- }\r
- else\r
- {\r
- $parser = xml_parser_create();\r
}\r
\r
+ $parser = xml_parser_create();\r
xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true);\r
// G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell\r
// the xml parser to give us back data in the expected charset\r
else\r
{\r
xml_parser_free($parser);\r
- // small layering violation in favor of speed and memory usage:\r
- // we should allow the 'execute' method handle this, but in the\r
- // most common scenario (xmlrpcvals type server with some methods\r
- // registered as phpvals) that would mean a useless encode+decode pass\r
+ // small layering violation in favor of speed and memory usage:\r
+ // we should allow the 'execute' method handle this, but in the\r
+ // most common scenario (xmlrpcvals type server with some methods\r
+ // registered as phpvals) that would mean a useless encode+decode pass\r
if ($this->functions_parameters_type != 'xmlrpcvals' || (isset($this->dmap[$GLOBALS['_xh']['method']]['parameters_type']) && ($this->dmap[$GLOBALS['_xh']['method']]['parameters_type'] == 'phpvals')))\r
{\r
if($this->debug > 1)\r
// verify that function to be invoked is in fact callable\r
if(!is_callable($func))\r
{\r
- error_log("XML-RPC: xmlrpc_server::execute: function $func registered as method handler is not callable");\r
+ error_log("XML-RPC: ".__METHOD__.": function $func registered as method handler is not callable");\r
return new xmlrpcresp(\r
0,\r
$GLOBALS['xmlrpcerr']['server_error'],\r
{\r
$GLOBALS['_xmlrpcs_prev_ehandler'] = set_error_handler('_xmlrpcs_errorHandler');\r
}\r
- // Allow mixed-convention servers\r
- if (is_object($m))\r
+ try\r
{\r
- if($sysCall)\r
- {\r
- $r = call_user_func($func, $this, $m);\r
- }\r
- else\r
- {\r
- $r = call_user_func($func, $m);\r
- }\r
- if (!is_a($r, 'xmlrpcresp'))\r
+ // Allow mixed-convention servers\r
+ if (is_object($m))\r
{\r
- error_log("XML-RPC: xmlrpc_server::execute: function $func registered as method handler does not return an xmlrpcresp object");\r
- if (is_a($r, 'xmlrpcval'))\r
+ if($sysCall)\r
{\r
- $r = new xmlrpcresp($r);\r
+ $r = call_user_func($func, $this, $m);\r
}\r
else\r
{\r
- $r = new xmlrpcresp(\r
- 0,\r
- $GLOBALS['xmlrpcerr']['server_error'],\r
- $GLOBALS['xmlrpcstr']['server_error'] . ": function does not return xmlrpcresp object"\r
- );\r
+ $r = call_user_func($func, $m);\r
+ }\r
+ if (!is_a($r, 'xmlrpcresp'))\r
+ {\r
+ error_log("XML-RPC: ".__METHOD__.": function $func registered as method handler does not return an xmlrpcresp object");\r
+ if (is_a($r, 'xmlrpcval'))\r
+ {\r
+ $r = new xmlrpcresp($r);\r
+ }\r
+ else\r
+ {\r
+ $r = new xmlrpcresp(\r
+ 0,\r
+ $GLOBALS['xmlrpcerr']['server_error'],\r
+ $GLOBALS['xmlrpcstr']['server_error'] . ": function does not return xmlrpcresp object"\r
+ );\r
+ }\r
}\r
- }\r
- }\r
- else\r
- {\r
- // call a 'plain php' function\r
- if($sysCall)\r
- {\r
- array_unshift($params, $this);\r
- $r = call_user_func_array($func, $params);\r
}\r
else\r
{\r
- // 3rd API convention for method-handling functions: EPI-style\r
- if ($this->functions_parameters_type == 'epivals')\r
+ // call a 'plain php' function\r
+ if($sysCall)\r
{\r
- $r = call_user_func_array($func, array($methName, $params, $this->user_data));\r
- // mimic EPI behaviour: if we get an array that looks like an error, make it\r
- // an eror response\r
- if (is_array($r) && array_key_exists('faultCode', $r) && array_key_exists('faultString', $r))\r
+ array_unshift($params, $this);\r
+ $r = call_user_func_array($func, $params);\r
+ }\r
+ else\r
+ {\r
+ // 3rd API convention for method-handling functions: EPI-style\r
+ if ($this->functions_parameters_type == 'epivals')\r
{\r
- $r = new xmlrpcresp(0, (integer)$r['faultCode'], (string)$r['faultString']);\r
+ $r = call_user_func_array($func, array($methName, $params, $this->user_data));\r
+ // mimic EPI behaviour: if we get an array that looks like an error, make it\r
+ // an eror response\r
+ if (is_array($r) && array_key_exists('faultCode', $r) && array_key_exists('faultString', $r))\r
+ {\r
+ $r = new xmlrpcresp(0, (integer)$r['faultCode'], (string)$r['faultString']);\r
+ }\r
+ else\r
+ {\r
+ // functions using EPI api should NOT return resp objects,\r
+ // so make sure we encode the return type correctly\r
+ $r = new xmlrpcresp(php_xmlrpc_encode($r, array('extension_api')));\r
+ }\r
}\r
else\r
{\r
- // functions using EPI api should NOT return resp objects,\r
- // so make sure we encode the return type correctly\r
- $r = new xmlrpcresp(php_xmlrpc_encode($r, array('extension_api')));\r
+ $r = call_user_func_array($func, $params);\r
}\r
}\r
- else\r
+ // the return type can be either an xmlrpcresp object or a plain php value...\r
+ if (!is_a($r, 'xmlrpcresp'))\r
{\r
- $r = call_user_func_array($func, $params);\r
+ // what should we assume here about automatic encoding of datetimes\r
+ // and php classes instances???\r
+ $r = new xmlrpcresp(php_xmlrpc_encode($r, $this->phpvals_encoding_options));\r
}\r
}\r
- // the return type can be either an xmlrpcresp object or a plain php value...\r
- if (!is_a($r, 'xmlrpcresp'))\r
+ }\r
+ catch(Exception $e)\r
+ {\r
+ // (barring errors in the lib) an uncatched exception happened\r
+ // in the called function, we wrap it in a proper error-response\r
+ switch($this->exception_handling)\r
{\r
- // what should we assume here about automatic encoding of datetimes\r
- // and php classes instances???\r
- $r = new xmlrpcresp(php_xmlrpc_encode($r, $this->phpvals_encoding_options));\r
+ case 2:\r
+ throw $e;\r
+ break;\r
+ case 1:\r
+ $r = new xmlrpcresp(0, $e->getCode(), $e->getMessage());\r
+ break;\r
+ default:\r
+ $r = new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['server_error'], $GLOBALS['xmlrpcstr']['server_error']);\r
}\r
}\r
if($this->debug > 2)\r
\r
/**\r
* add a string to the 'internal debug message' (separate from 'user debug message')\r
- * @param string $strings\r
+ * @param string $string\r
* @access private\r
*/\r
function debugmsg($string)\r