X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=lib%2Fxmlrpc.inc;h=a1d0ca8025d4603d5a06230ea4ab80b8c38709bf;hb=f45909a92b268970729c121269af62d71eb7cd47;hp=4ac287a7a85348b1da421b2cb2693a9ba5831e8e;hpb=67bfb3d12c48ff14d7f0b3fdfb8512ab5ab335b5;p=plcapi.git
diff --git a/lib/xmlrpc.inc b/lib/xmlrpc.inc
index 4ac287a7..a1d0ca80 100644
--- a/lib/xmlrpc.inc
+++ b/lib/xmlrpc.inc
@@ -1,7 +1,6 @@
-// $Id: xmlrpc.inc,v 1.174 2009/03/16 19:36:38 ggiunta Exp $
// Copyright (c) 1999,2000,2002 Edd Dumbill.
// All rights reserved.
@@ -209,7 +208,7 @@
$GLOBALS['xmlrpc_internalencoding']='ISO-8859-1';
$GLOBALS['xmlrpcName']='XML-RPC for PHP';
- $GLOBALS['xmlrpcVersion']='3.0.0.beta';
+ $GLOBALS['xmlrpcVersion']='3.0.0';
// let user errors start at 800
$GLOBALS['xmlrpcerruser']=800;
@@ -226,6 +225,7 @@
// set to TRUE to enable encoding of php NULL values to instead of
$GLOBALS['xmlrpc_null_apache_encoding']=false;
+ $GLOBALS['xmlrpc_null_apache_encoding_ns']='http://ws.apache.org/xmlrpc/namespaces/extensions';
// used to store state during parsing
// quick explanation of components:
@@ -828,7 +828,7 @@
var $proxy_pass='';
var $proxy_authtype=1;
var $cookies=array();
- var $extracurlopts=array();
+ var $extracurlopts=array();
/**
* List of http compression methods accepted by the client for responses.
@@ -850,7 +850,7 @@
* http://curl.haxx.se/docs/faq.html#7.3)
*/
var $xmlrpc_curl_handle = null;
- /// Wheter to use persistent connections for http 1.1 and https
+ /// Whether to use persistent connections for http 1.1 and https
var $keepalive = false;
/// Charset encodings that can be decoded without problems by the client
var $accepted_charset_encodings = array();
@@ -861,6 +861,10 @@
* valid strings are 'xmlrpcvals', 'phpvals' or 'xml'
*/
var $return_type = 'xmlrpcvals';
+ /**
+ * Sent to servers in http headers
+ */
+ var $user_agent;
/**
* @param string $path either the complete server URL or the PATH part of the xmlrc server URL, e.g. /xmlrpc/server.php
@@ -933,11 +937,14 @@
// by default the xml parser can support these 3 charset encodings
$this->accepted_charset_encodings = array('UTF-8', 'ISO-8859-1', 'US-ASCII');
+
+ // initialize user_agent string
+ $this->user_agent = $GLOBALS['xmlrpcName'] . ' ' . $GLOBALS['xmlrpcVersion'];
}
/**
* Enables/disables the echoing to screen of the xmlrpc responses received
- * @param integer $debug values 0, 1 and 2 are supported (2 = echo sent msg too, before received response)
+ * @param integer $in values 0, 1 and 2 are supported (2 = echo sent msg too, before received response)
* @access public
*/
function setDebug($in)
@@ -973,7 +980,7 @@
/**
* Add a CA certificate to verify server with (see man page about
- * CURLOPT_CAINFO for more details
+ * CURLOPT_CAINFO for more details)
* @param string $cacert certificate file name (or dir holding certificates)
* @param bool $is_dir set to true to indicate cacert is a dir. defaults to false
* @access public
@@ -1055,7 +1062,10 @@
if ($compmethod == 'any')
$this->accepted_compression = array('gzip', 'deflate');
else
- $this->accepted_compression = array($compmethod);
+ if ($compmethod == false )
+ $this->accepted_compression = array();
+ else
+ $this->accepted_compression = array($compmethod);
}
/**
@@ -1099,15 +1109,24 @@
}
}
- /**
- * Directly set cURL options, for extra flexibility
- * It allows eg. to bind client to a specific IP interface / address
- * @param $options array
- */
- function SetCurlOptions( $options )
- {
- $this->extracurlopts = $options;
- }
+ /**
+ * Directly set cURL options, for extra flexibility
+ * It allows eg. to bind client to a specific IP interface / address
+ * @param array $options
+ */
+ function SetCurlOptions( $options )
+ {
+ $this->extracurlopts = $options;
+ }
+
+ /**
+ * Set user-agent string that will be used by this client instance
+ * in http headers sent to the server
+ */
+ function SetUserAgent( $agentstring )
+ {
+ $this->user_agent = $agentstring;
+ }
/**
* Send an xmlrpc request
@@ -1263,7 +1282,7 @@
$credentials='Authorization: Basic ' . base64_encode($username . ':' . $password) . "\r\n";
if ($authtype != 1)
{
- error_log('XML-RPC: xmlrpc_client::send: warning. Only Basic auth is supported with HTTP 1.0');
+ error_log('XML-RPC: '.__METHOD__.': warning. Only Basic auth is supported with HTTP 1.0');
}
}
@@ -1287,7 +1306,7 @@
{
if ($proxyauthtype != 1)
{
- error_log('XML-RPC: xmlrpc_client::send: warning. Only Basic auth to proxy is supported with HTTP 1.0');
+ error_log('XML-RPC: '.__METHOD__.': warning. Only Basic auth to proxy is supported with HTTP 1.0');
}
$proxy_credentials = 'Proxy-Authorization: Basic ' . base64_encode($proxyusername.':'.$proxypassword) . "\r\n";
}
@@ -1326,9 +1345,12 @@
$cookieheader = 'Cookie:' . $version . substr($cookieheader, 0, -1) . "\r\n";
}
+ // omit port if 80
+ $port = ($port == 80) ? '' : (':' . $port);
+
$op= 'POST ' . $uri. " HTTP/1.0\r\n" .
- 'User-Agent: ' . $GLOBALS['xmlrpcName'] . ' ' . $GLOBALS['xmlrpcVersion'] . "\r\n" .
- 'Host: '. $server . ':' . $port . "\r\n" .
+ 'User-Agent: ' . $this->user_agent . "\r\n" .
+ 'Host: '. $server . $port . "\r\n" .
$credentials .
$proxy_credentials .
$accepted_encoding .
@@ -1377,11 +1399,11 @@
}
else
{
- // reset errno and errstr on succesful socket connection
+ // reset errno and errstr on successful socket connection
$this->errstr = '';
}
// G. Giunta 2005/10/24: close socket before parsing.
- // should yeld slightly better execution times, and make easier recursive calls (e.g. to follow http redirects)
+ // should yield slightly better execution times, and make easier recursive calls (e.g. to follow http redirects)
$ipd='';
do
{
@@ -1510,7 +1532,7 @@
{
curl_setopt($curl, CURLOPT_VERBOSE, 1);
}
- curl_setopt($curl, CURLOPT_USERAGENT, $GLOBALS['xmlrpcName'].' '.$GLOBALS['xmlrpcVersion']);
+ curl_setopt($curl, CURLOPT_USERAGENT, $this->user_agent);
// required for XMLRPC: post the data
curl_setopt($curl, CURLOPT_POST, 1);
// the data
@@ -1519,7 +1541,6 @@
// return the header too
curl_setopt($curl, CURLOPT_HEADER, 1);
- // will only work with PHP >= 5.0
// NB: if we set an empty string, CURL will add http header indicating
// ALL methods it is supporting. This is possibly a better option than
// letting the user tell what curl can / cannot do...
@@ -1563,7 +1584,7 @@
}
else if ($authtype != 1)
{
- error_log('XML-RPC: xmlrpc_client::send: warning. Only Basic auth is supported by the current PHP/curl install');
+ error_log('XML-RPC: '.__METHOD__.': warning. Only Basic auth is supported by the current PHP/curl install');
}
}
@@ -1600,6 +1621,13 @@
{
curl_setopt($curl, CURLOPT_SSLKEYPASSWD, $keypass);
}
+
+ // Upgrade transparently to more stringent check for versions of php which do not support otherwise.
+ // Doing it in constructor would be cleaner; doing it here saves us a couple of function calls
+ if($this->verifyhost == 1 && $info = curl_version() && version_compare($info['version'], '7.28.1') >= 0)
+ {
+ $this->verifyhost = 2;
+ }
// whether to verify cert's common name (CN); 0 for no, 1 to verify that it exists, and 2 to verify that it matches the hostname used
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, $this->verifyhost);
}
@@ -1622,7 +1650,7 @@
}
else if ($proxyauthtype != 1)
{
- error_log('XML-RPC: xmlrpc_client::send: warning. Only Basic auth to proxy is supported by the current PHP/curl install');
+ error_log('XML-RPC: '.__METHOD__.': warning. Only Basic auth to proxy is supported by the current PHP/curl install');
}
}
}
@@ -1640,10 +1668,10 @@
curl_setopt($curl, CURLOPT_COOKIE, substr($cookieheader, 0, -2));
}
- foreach ($this->extracurlopts as $opt => $val)
- {
- curl_setopt($curl, $opt, $val);
- }
+ foreach ($this->extracurlopts as $opt => $val)
+ {
+ curl_setopt($curl, $opt, $val);
+ }
$result = curl_exec($curl);
@@ -1651,7 +1679,14 @@
{
print "
\n---CURL INFO---\n";
foreach(curl_getinfo($curl) as $name => $val)
- print $name . ': ' . htmlentities($val). "\n";
+ {
+ if (is_array($val))
+ {
+ $val = implode("\n", $val);
+ }
+ print $name . ': ' . htmlentities($val) . "\n";
+ }
+
print "---END---\n
";
}
@@ -1672,6 +1707,12 @@
curl_close($curl);
}
$resp =& $msg->parseResponse($result, true, $this->return_type);
+ // if we got back a 302, we can not reuse the curl handle for later calls
+ if($resp->faultCode() == $GLOBALS['xmlrpcerr']['http_error'] && $keepalive)
+ {
+ curl_close($curl);
+ $this->xmlrpc_curl_handle = null;
+ }
}
return $resp;
}
@@ -1694,7 +1735,7 @@
* @param array $msgs an array of xmlrpcmsg objects
* @param integer $timeout connection timeout (in seconds)
* @param string $method the http protocol variant to be used
- * @param boolean fallback When true, upon receiveing an error during multicall, multiple single calls will be attempted
+ * @param boolean fallback When true, upon receiving an error during multicall, multiple single calls will be attempted
* @return array
* @access public
*/
@@ -2001,7 +2042,7 @@
* with attributes being e.g. 'expires', 'path', domain'.
* NB: cookies sent as 'expired' by the server (i.e. with an expiry date in the past)
* are still present in the array. It is up to the user-defined code to decide
- * how to use the received cookies, and wheter they have to be sent back with the next
+ * how to use the received cookies, and whether they have to be sent back with the next
* request to the server (using xmlrpc_client::setCookie) or not
* @return array array of cookies received from the server
* @access public
@@ -2023,7 +2064,14 @@
$this->content_type = 'text/xml; charset=' . $charset_encoding;
else
$this->content_type = 'text/xml';
+ if ($GLOBALS['xmlrpc_null_apache_encoding'])
+ {
+ $result = "\n";
+ }
+ else
+ {
$result = "\n";
+ }
if($this->errno)
{
// G. Giunta 2005/2/13: let non-ASCII response messages be tolerated by clients
@@ -2073,7 +2121,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
/**
* @param string $meth the name of the method to invoke
- * @param array $pars array of parameters to be paased to the method (xmlrpcval objects)
+ * @param array $pars array of parameters to be passed to the method (xmlrpcval objects)
*/
function xmlrpcmsg($meth, $pars=0)
{
@@ -2128,7 +2176,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
else
$this->content_type = 'text/xml';
$this->payload=$this->xml_header($charset_encoding);
- $this->payload.='' . $this->methodname . "\n";
+ $this->payload.='' . xmlrpc_encode_entitites($this->methodname, $GLOBALS['xmlrpc_internalencoding'], $charset_encoding) . "\n";
$this->payload.="\n";
for($i=0; $iparams); $i++)
{
@@ -2157,6 +2205,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
/**
* Returns xml representation of the message. XML prologue included
+ * @param string $charset_encoding
* @return string the xml representation of the message, xml prologue included
* @access public
*/
@@ -2210,6 +2259,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
* infinite loop in that case, because we cannot trust the caller
* to give us a valid pointer to an open file...
* @access public
+ * @param resource $fp stream pointer
* @return xmlrpcresp
* @todo add 2nd & 3rd param to be passed to ParseResponse() ???
*/
@@ -2262,7 +2312,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
}
else
{
- error_log('XML-RPC: xmlrpcmsg::parseResponse: HTTPS via proxy error, tunnel connection possibly failed');
+ error_log('XML-RPC: '.__METHOD__.': HTTPS via proxy error, tunnel connection possibly failed');
$r=new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['http_error'], $GLOBALS['xmlrpcstr']['http_error']. ' (HTTPS via proxy error, tunnel connection possibly failed)');
return $r;
}
@@ -2283,7 +2333,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
if(!preg_match('/^HTTP\/[0-9.]+ 200 /', $data))
{
$errstr= substr($data, 0, strpos($data, "\n")-1);
- error_log('XML-RPC: xmlrpcmsg::parseResponse: HTTP error, got response: ' .$errstr);
+ error_log('XML-RPC: '.__METHOD__.': HTTP error, got response: ' .$errstr);
$r=new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['http_error'], $GLOBALS['xmlrpcstr']['http_error']. ' (' . $errstr . ')');
return $r;
}
@@ -2408,7 +2458,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
{
if(!$data = decode_chunked($data))
{
- error_log('XML-RPC: xmlrpcmsg::parseResponse: errors occurred when trying to rebuild the chunked data received from server');
+ error_log('XML-RPC: '.__METHOD__.': errors occurred when trying to rebuild the chunked data received from server');
$r = new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['dechunk_fail'], $GLOBALS['xmlrpcstr']['dechunk_fail']);
return $r;
}
@@ -2438,14 +2488,14 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
}
else
{
- error_log('XML-RPC: xmlrpcmsg::parseResponse: errors occurred when trying to decode the deflated data received from server');
+ error_log('XML-RPC: '.__METHOD__.': errors occurred when trying to decode the deflated data received from server');
$r = new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['decompress_fail'], $GLOBALS['xmlrpcstr']['decompress_fail']);
return $r;
}
}
else
{
- error_log('XML-RPC: xmlrpcmsg::parseResponse: the server sent deflated data. Your php install must have the Zlib extension compiled in to support this.');
+ error_log('XML-RPC: '.__METHOD__.': the server sent deflated data. Your php install must have the Zlib extension compiled in to support this.');
$r = new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['cannot_decompress'], $GLOBALS['xmlrpcstr']['cannot_decompress']);
return $r;
}
@@ -2453,7 +2503,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
}
} // end of 'if needed, de-chunk, re-inflate response'
- // real stupid hack to avoid PHP 4 complaining about returning NULL by ref
+ // real stupid hack to avoid PHP complaining about returning NULL by ref
$r = null;
$r =& $r;
return $r;
@@ -2477,7 +2527,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
if($data == '')
{
- error_log('XML-RPC: xmlrpcmsg::parseResponse: no response received from server.');
+ error_log('XML-RPC: '.__METHOD__.': no response received from server.');
$r = new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['no_data'], $GLOBALS['xmlrpcstr']['no_data']);
return $r;
}
@@ -2522,17 +2572,10 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
// be tolerant of junk after methodResponse (e.g. javascript ads automatically inserted by free hosts)
// idea from Luca Mariano originally in PEARified version of the lib
- $bd = false;
- // Poor man's version of strrpos for php 4...
- $pos = strpos($data, '');
- while($pos || is_int($pos))
- {
- $bd = $pos+17;
- $pos = strpos($data, '', $bd);
- }
- if($bd)
+ $pos = strrpos($data, '');
+ if($pos !== false)
{
- $data = substr($data, 0, $bd);
+ $data = substr($data, 0, $pos+17);
}
// if user wants back raw xml, give it to him
@@ -2556,17 +2599,24 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
$GLOBALS['_xh']['isf_reason']='';
$GLOBALS['_xh']['rt']=''; // 'methodcall or 'methodresponse'
- // if response charset encoding is not known / supported, try to use
- // the default encoding and parse the xml anyway, but log a warning...
- if (!in_array($resp_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII')))
- // the following code might be better for mb_string enabled installs, but
+ // Since parsing will fail if charset is not specified in the xml prologue,
+ // the encoding is not UTF8 and there are non-ascii chars in the text, we try to work round that...
+ // The following code might be better for mb_string enabled installs, but
// makes the lib about 200% slower...
- //if (!is_valid_charset($resp_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII')))
- {
- error_log('XML-RPC: xmlrpcmsg::parseResponse: invalid charset encoding of received response: '.$resp_encoding);
- $resp_encoding = $GLOBALS['xmlrpc_defencoding'];
+ //if (!is_valid_charset($resp_encoding, array('UTF-8')))
+ if (!in_array($resp_encoding, array('UTF-8', 'US-ASCII')) && !has_encoding($data)) {
+ if ($resp_encoding == 'ISO-8859-1') {
+ $data = utf8_encode($data);
+ } else {
+ if (extension_loaded('mbstring')) {
+ $data = mb_convert_encoding($data, 'UTF-8', $resp_encoding);
+ } else {
+ error_log('XML-RPC: ' . __METHOD__ . ': invalid charset encoding of received request: ' . $resp_encoding);
+ }
+ }
}
- $parser = xml_parser_create($resp_encoding);
+
+ $parser = xml_parser_create();
xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true);
// G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell
// the xml parser to give us back data in the expected charset.
@@ -2738,7 +2788,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
$this->me['struct']=$val;
break;
default:
- error_log("XML-RPC: xmlrpcval::xmlrpcval: not a known type ($type)");
+ error_log("XML-RPC: ".__METHOD__.": not a known type ($type)");
}
/*if($type=='')
{
@@ -2770,7 +2820,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
$typeof=@$GLOBALS['xmlrpcTypes'][$type];
if($typeof!=1)
{
- error_log("XML-RPC: xmlrpcval::addScalar: not a scalar type ($type)");
+ error_log("XML-RPC: ".__METHOD__.": not a scalar type ($type)");
return 0;
}
@@ -2792,10 +2842,10 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
switch($this->mytype)
{
case 1:
- error_log('XML-RPC: xmlrpcval::addScalar: scalar xmlrpcval can have only one value');
+ error_log('XML-RPC: '.__METHOD__.': scalar xmlrpcval can have only one value');
return 0;
case 3:
- error_log('XML-RPC: xmlrpcval::addScalar: cannot add anonymous scalar to struct xmlrpcval');
+ error_log('XML-RPC: '.__METHOD__.': cannot add anonymous scalar to struct xmlrpcval');
return 0;
case 2:
// we're adding a scalar value to an array here
@@ -2837,7 +2887,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
}
else
{
- error_log('XML-RPC: xmlrpcval::addArray: already initialized as a [' . $this->kindOf() . ']');
+ error_log('XML-RPC: '.__METHOD__.': already initialized as a [' . $this->kindOf() . ']');
return 0;
}
}
@@ -2866,7 +2916,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
}
else
{
- error_log('XML-RPC: xmlrpcval::addStruct: already initialized as a [' . $this->kindOf() . ']');
+ error_log('XML-RPC: '.__METHOD__.': already initialized as a [' . $this->kindOf() . ']');
return 0;
}
}
@@ -2939,8 +2989,8 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
break;
case $GLOBALS['xmlrpcDouble']:
// avoid using standard conversion of float to string because it is locale-dependent,
- // and also because the xmlrpc spec forbids exponential notation
- // sprintf('%F') would be most likely ok but it is only available since PHP 4.3.10 and PHP 5.0.3.
+ // and also because the xmlrpc spec forbids exponential notation.
+ // sprintf('%F') could be most likely ok but it fails eg. on 2e-14.
// The code below tries its best at keeping max precision while avoiding exp notation,
// but there is of course no limit in the number of decimal places to be used...
$rs.="<${typ}>".preg_replace('/\\.?0+$/','',number_format((double)$val, 128, '.', ''))."${typ}>";
@@ -3046,7 +3096,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
}
/**
- * Checks wheter a struct member with a given name is present.
+ * Checks whether a struct member with a given name is present.
* Works only on xmlrpcvals of type struct.
* @param string $m the name of the struct member to be looked up
* @return boolean
@@ -3307,7 +3357,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
$out = $xmlrpc_val->scalarval();
if (is_string($out))
{
- $out= strtotime($out);
+ $out = strtotime($out);
}
if (is_int($out))
{
@@ -3456,7 +3506,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
else
{
$arr = array();
- reset($php_val);
+ reset($php_val);
while(list($k,$v) = each($php_val))
{
$arr[$k] = php_xmlrpc_encode($v, $options);
@@ -3523,8 +3573,28 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
$GLOBALS['_xh']['isf_reason'] = '';
$GLOBALS['_xh']['method'] = false;
$GLOBALS['_xh']['rt'] = '';
- /// @todo 'guestimate' encoding
- $parser = xml_parser_create();
+
+ // 'guestimate' encoding
+ $val_encoding = guess_encoding('', $xml_val);
+
+ // Since parsing will fail if charset is not specified in the xml prologue,
+ // the encoding is not UTF8 and there are non-ascii chars in the text, we try to work round that...
+ // The following code might be better for mb_string enabled installs, but
+ // makes the lib about 200% slower...
+ //if (!is_valid_charset($val_encoding, array('UTF-8')))
+ if (!in_array($val_encoding, array('UTF-8', 'US-ASCII')) && !has_encoding($xml_val)) {
+ if ($val_encoding == 'ISO-8859-1') {
+ $xml_val = utf8_encode($xml_val);
+ } else {
+ if (extension_loaded('mbstring')) {
+ $xml_val = mb_convert_encoding($xml_val, 'UTF-8', $val_encoding);
+ } else {
+ error_log('XML-RPC: ' . __METHOD__ . ': invalid charset encoding of received request: ' . $val_encoding);
+ }
+ }
+ }
+
+ $parser = xml_parser_create();
xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true);
// What if internal encoding is not in one of the 3 allowed?
// we use the broadest one, ie. utf8!
@@ -3645,9 +3715,10 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
* we SHOULD assume it is strictly US-ASCII. But we try to be more tolerant of unconforming (legacy?) clients/servers,
* which will be most probably using UTF-8 anyway...
*
- * @param string $httpheaders the http Content-type header
+ * @param string $httpheader the http Content-type header
* @param string $xmlchunk xml content buffer
* @param string $encoding_prefs comma separated list of character encodings to be used as default (when mb extension is enabled)
+ * @return string
*
* @todo explore usage of mb_http_input(): does it detect http headers + post data? if so, use it instead of hand-detection!!!
*/
@@ -3735,11 +3806,49 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
}
}
+ /**
+ * Helper function: checks if an xml chunk as a charset declaration (BOM or in the xml declaration)
+ *
+ * @param string $xmlChunk
+ * @return bool
+ */
+ function has_encoding($xmlChunk)
+ {
+ // scan the first bytes of the data for a UTF-16 (or other) BOM pattern
+ // (source: http://www.w3.org/TR/2000/REC-xml-20001006)
+ if (preg_match('/^(\x00\x00\xFE\xFF|\xFF\xFE\x00\x00|\x00\x00\xFF\xFE|\xFE\xFF\x00\x00)/', $xmlChunk))
+ {
+ return true;
+ }
+ elseif (preg_match('/^(\xFE\xFF|\xFF\xFE)/', $xmlChunk))
+ {
+ return true;
+ }
+ elseif (preg_match('/^(\xEF\xBB\xBF)/', $xmlChunk))
+ {
+ return true;
+ }
+
+ // test if encoding is specified in the xml declaration
+ // Details:
+ // SPACE: (#x20 | #x9 | #xD | #xA)+ === [ \x9\xD\xA]+
+ // EQ: SPACE?=SPACE? === [ \x9\xD\xA]*=[ \x9\xD\xA]*
+ if (preg_match('/^<\?xml\s+version\s*=\s*' . "((?:\"[a-zA-Z0-9_.:-]+\")|(?:'[a-zA-Z0-9_.:-]+'))" .
+ '\s+encoding\s*=\s*' . "((?:\"[A-Za-z][A-Za-z0-9._-]*\")|(?:'[A-Za-z][A-Za-z0-9._-]*'))/",
+ $xmlChunk, $matches))
+ {
+ return true;
+ }
+
+ return false;
+ }
+
/**
* Checks if a given charset encoding is present in a list of encodings or
* if it is a valid subset of any encoding in the list
* @param string $encoding charset to be tested
* @param mixed $validlist comma separated list of valid charsets (or array of charsets)
+ * @return bool
*/
function is_valid_charset($encoding, $validlist)
{
@@ -3760,7 +3869,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
foreach ($validlist as $allowed)
if (in_array($allowed, $charset_supersets[$encoding]))
return true;
- return false;
+ return false;
}
}