X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=src%2FServer.php;h=d5134baa4e4667cfd00899fca1dda1f82f75632f;hb=f9a321ddc732d3f41184d2e968fd9d221ab3b6d5;hp=e1035d3d1f5029cb7fac231a35bd862016577b54;hpb=2aa7311f9f86db1115264936be4587fd6c86a813;p=plcapi.git diff --git a/src/Server.php b/src/Server.php index e1035d3..d5134ba 100644 --- a/src/Server.php +++ b/src/Server.php @@ -2,79 +2,111 @@ namespace PhpXmlRpc; -use PhpXmlRpc\Helper\XMLParser; use PhpXmlRpc\Helper\Charset; +use PhpXmlRpc\Helper\Logger; +use PhpXmlRpc\Helper\XMLParser; +/** + * Allows effortless implementation of XML-RPC servers + */ class Server { /** - * Array defining php functions exposed as xmlrpc methods by this server. + * Defines how functions in dmap will be invoked: either using an xmlrpc request object + * or plain php values. + * Valid strings are 'xmlrpcvals', 'phpvals' or 'epivals' + * @todo create class constants for these */ - protected $dmap = array(); - /* - * Defines how functions in dmap will be invoked: either using an xmlrpc msg object - * or plain php values. - * valid strings are 'xmlrpcvals', 'phpvals' or 'epivals' - */ public $functions_parameters_type = 'xmlrpcvals'; - /* - * Option used for fine-tuning the encoding the php values returned from - * functions registered in the dispatch map when the functions_parameters_types - * member is set to 'phpvals' - * @see php_xmlrpc_encode for a list of values - */ + + /** + * Option used for fine-tuning the encoding the php values returned from + * functions registered in the dispatch map when the functions_parameters_types + * member is set to 'phpvals' + * @see Encoder::encode for a list of values + */ public $phpvals_encoding_options = array('auto_dates'); - /// controls whether the server is going to echo debugging messages back to the client as comments in response body. valid values: 0,1,2,3 + + /** + * Controls whether the server is going to echo debugging messages back to the client as comments in response body. + * Valid values: 0,1,2,3 + */ public $debug = 1; - /* - * Controls behaviour of server when invoked user function throws an exception: - * 0 = catch it and return an 'internal error' xmlrpc response (default) - * 1 = catch it and return an xmlrpc response with the error corresponding to the exception - * 2 = allow the exception to float to the upper layers - */ + + /** + * Controls behaviour of server when the invoked user function throws an exception: + * 0 = catch it and return an 'internal error' xmlrpc response (default) + * 1 = catch it and return an xmlrpc response with the error corresponding to the exception + * 2 = allow the exception to float to the upper layers + */ public $exception_handling = 0; - /* - * When set to true, it will enable HTTP compression of the response, in case - * the client has declared its support for compression in the request. - */ + + /** + * When set to true, it will enable HTTP compression of the response, in case + * the client has declared its support for compression in the request. + * Set at constructor time. + */ public $compress_response = false; - /* - * List of http compression methods accepted by the server for requests. - * NB: PHP supports deflate, gzip compressions out of the box if compiled w. zlib - */ + + /** + * List of http compression methods accepted by the server for requests. Set at constructor time. + * NB: PHP supports deflate, gzip compressions out of the box if compiled w. zlib + */ public $accepted_compression = array(); - /// shall we serve calls to system.* methods? + + /// Shall we serve calls to system.* methods? public $allow_system_funcs = true; - /// list of charset encodings natively accepted for requests + + /** + * List of charset encodings natively accepted for requests. + * Set at constructor time. + * UNUSED so far... + */ public $accepted_charset_encodings = array(); - /* - * charset encoding to be used for response. - * NB: if we can, we will convert the generated response from internal_encoding to the intended one. - * can be: a supported xml encoding (only UTF-8 and ISO-8859-1 at present, unless mbstring is enabled), - * null (leave unspecified in response, convert output stream to US_ASCII), - * 'default' (use xmlrpc library default as specified in xmlrpc.inc, convert output stream if needed), - * or 'auto' (use client-specified charset encoding or same as request if request headers do not specify it (unless request is US-ASCII: then use library default anyway). - * NB: pretty dangerous if you accept every charset and do not have mbstring enabled) - */ + + /** + * Charset encoding to be used for response. + * NB: if we can, we will convert the generated response from internal_encoding to the intended one. + * Can be: a supported xml encoding (only UTF-8 and ISO-8859-1 at present, unless mbstring is enabled), + * null (leave unspecified in response, convert output stream to US_ASCII), + * 'default' (use xmlrpc library default as specified in xmlrpc.inc, convert output stream if needed), + * or 'auto' (use client-specified charset encoding or same as request if request headers do not specify it (unless request is US-ASCII: then use library default anyway). + * NB: pretty dangerous if you accept every charset and do not have mbstring enabled) + */ public $response_charset_encoding = ''; + + /** + * Extra data passed at runtime to method handling functions. Used only by EPI layer + */ + public $user_data = null; + + /** + * Array defining php functions exposed as xmlrpc methods by this server. + * @var array[] $dmap + */ + protected $dmap = array(); + /** * Storage for internal debug info. */ protected $debug_info = ''; - /* - * Extra data passed at runtime to method handling functions. Used only by EPI layer - */ - public $user_data = null; protected static $_xmlrpc_debuginfo = ''; protected static $_xmlrpcs_occurred_errors = ''; - public static $_xmlrpcs_prev_ehandler = ''; + protected static $_xmlrpcs_prev_ehandler = ''; /** - * @param array $dispmap the dispatch map with definition of exposed services - * @param boolean $servicenow set to false to prevent the server from running upon construction + * @param array[] $dispatchMap the dispatch map with definition of exposed services + * Array keys are the names of the method names. + * Each array value is an array with the following members: + * - function (callable) + * - docstring (optional) + * - signature (array, optional) + * - signature_docs (array, optional) + * - parameters_type (string, optional) + * @param boolean $serviceNow set to false to prevent the server from running upon construction */ - public function __construct($dispMap = null, $serviceNow = true) + public function __construct($dispatchMap = null, $serviceNow = true) { // if ZLIB is enabled, let the server by default accept compressed requests, // and compress responses sent to clients that support them @@ -86,17 +118,14 @@ class Server // by default the xml parser can support these 3 charset encodings $this->accepted_charset_encodings = array('UTF-8', 'ISO-8859-1', 'US-ASCII'); - // dispMap is a dispatch array of methods - // mapped to function names and signatures - // if a method - // doesn't appear in the map then an unknown - // method error is generated + // dispMap is a dispatch array of methods mapped to function names and signatures. + // If a method doesn't appear in the map then an unknown method error is generated /* milosch - changed to make passing dispMap optional. - * instead, you can use the class add_to_map() function - * to add functions manually (borrowed from SOAPX4) - */ - if ($dispMap) { - $this->dmap = $dispMap; + * instead, you can use the class add_to_map() function + * to add functions manually (borrowed from SOAPX4) + */ + if ($dispatchMap) { + $this->dmap = $dispatchMap; if ($serviceNow) { $this->service(); } @@ -106,7 +135,7 @@ class Server /** * Set debug level of server. * - * @param integer $in debug lvl: determines info added to xmlrpc responses (as xml comments) + * @param integer $level debug lvl: determines info added to xmlrpc responses (as xml comments) * 0 = no debug info, * 1 = msgs set from user with debugmsg(), * 2 = add complete xmlrpc request (headers and body), @@ -117,38 +146,43 @@ class Server * execution anymore, but just end up logged in the xmlrpc response) * Note that info added at level 2 and 3 will be base64 encoded */ - public function setDebug($in) + public function setDebug($level) { - $this->debug = $in; + $this->debug = $level; } /** - * Add a string to the debug info that can be later serialized by the server - * as part of the response message. - * Note that for best compatibility, the debug string should be encoded using - * the PhpXmlRpc::$xmlrpc_internalencoding character set. + * Add a string to the debug info that can be later serialized by the server as part of the response message. + * Note that for best compatibility, the debug string should be encoded using the PhpXmlRpc::$xmlrpc_internalencoding + * character set. * - * @param string $m - * @access public + * @param string $msg */ - public static function xmlrpc_debugmsg($m) + public static function xmlrpc_debugmsg($msg) { - static::$_xmlrpc_debuginfo .= $m . "\n"; + static::$_xmlrpc_debuginfo .= $msg . "\n"; } - public static function error_occurred($m) + /** + * Add a string to the debug info that will be later serialized by the server as part of the response message + * (base64 encoded, only when debug level >= 2) + * + * character set. + * @param string $msg + */ + public static function error_occurred($msg) { - static::$_xmlrpcs_occurred_errors .= $m . "\n"; + static::$_xmlrpcs_occurred_errors .= $msg . "\n"; } /** * Return a string with the serialized representation of all debug info. * - * @param string $charset_encoding the target charset encoding for the serialization + * @param string $charsetEncoding the target charset encoding for the serialization * * @return string an XML comment (or two) */ - public function serializeDebug($charset_encoding = '') + public function serializeDebug($charsetEncoding = '') { // Tough encoding problem: which internal charset should we assume for debug info? // It might contain a copy of raw data received from client, ie with unknown encoding, @@ -160,7 +194,7 @@ class Server $out .= "\n"; } if (static::$_xmlrpc_debuginfo != '') { - $out .= "\n"; + $out .= "\n"; // NB: a better solution MIGHT be to use CDATA, but we need to insert it // into return payload AFTER the beginning tag //$out .= "', ']_]_>', static::$_xmlrpc_debuginfo) . "\n]]>\n"; @@ -173,51 +207,53 @@ class Server * Execute the xmlrpc request, printing the response. * * @param string $data the request body. If null, the http POST request will be examined - * @param bool $return_payload When true, return the response but do not echo it or any http header + * @param bool $returnPayload When true, return the response but do not echo it or any http header + * + * @return Response|string the response object (usually not used by caller...) or its xml serialization * - * @return Response the response object (usually not used by caller...) + * @throws \Exception in case the executed method does throw an exception (and depending on server configuration) */ - public function service($data = null, $return_payload = false) + public function service($data = null, $returnPayload = false) { if ($data === null) { $data = file_get_contents('php://input'); } - $raw_data = $data; + $rawData = $data; // reset internal debug info $this->debug_info = ''; - // Echo back what we received, before parsing it + // Save what we received, before parsing it if ($this->debug > 1) { $this->debugmsg("+++GOT+++\n" . $data . "\n+++END+++"); } - $r = $this->parseRequestHeaders($data, $req_charset, $resp_charset, $resp_encoding); + $r = $this->parseRequestHeaders($data, $reqCharset, $respCharset, $respEncoding); if (!$r) { - $r = $this->parseRequest($data, $req_charset); + // this actually executes the request + $r = $this->parseRequest($data, $reqCharset); } // save full body of request into response, for more debugging usages - $r->raw_data = $raw_data; + $r->raw_data = $rawData; if ($this->debug > 2 && static::$_xmlrpcs_occurred_errors) { $this->debugmsg("+++PROCESSING ERRORS AND WARNINGS+++\n" . static::$_xmlrpcs_occurred_errors . "+++END+++"); } - $payload = $this->xml_header($resp_charset); + $payload = $this->xml_header($respCharset); if ($this->debug > 0) { - $payload = $payload . $this->serializeDebug($resp_charset); + $payload = $payload . $this->serializeDebug($respCharset); } - // G. Giunta 2006-01-27: do not create response serialization if it has - // already happened. Helps building json magic + // Do not create response serialization if it has already happened. Helps building json magic if (empty($r->payload)) { - $r->serialize($resp_charset); + $r->serialize($respCharset); } $payload = $payload . $r->payload; - if ($return_payload) { + if ($returnPayload) { return $payload; } @@ -232,28 +268,31 @@ class Server // http compression of output: only // if we can do it, and we want to do it, and client asked us to, // and php ini settings do not force it already - $php_no_self_compress = !ini_get('zlib.output_compression') && (ini_get('output_handler') != 'ob_gzhandler'); - if ($this->compress_response && function_exists('gzencode') && $resp_encoding != '' - && $php_no_self_compress + /// @todo check separately for gzencode and gzcompress functions, in case of polyfills + $phpNoSelfCompress = !ini_get('zlib.output_compression') && (ini_get('output_handler') != 'ob_gzhandler'); + if ($this->compress_response && function_exists('gzencode') && $respEncoding != '' + && $phpNoSelfCompress ) { - if (strpos($resp_encoding, 'gzip') !== false) { + if (strpos($respEncoding, 'gzip') !== false) { $payload = gzencode($payload); header("Content-Encoding: gzip"); header("Vary: Accept-Encoding"); - } elseif (strpos($resp_encoding, 'deflate') !== false) { + } elseif (strpos($respEncoding, 'deflate') !== false) { $payload = gzcompress($payload); header("Content-Encoding: deflate"); header("Vary: Accept-Encoding"); } } - // do not output content-length header if php is compressing output for us: - // it will mess up measurements - if ($php_no_self_compress) { + // Do not output content-length header if php is compressing output for us: + // it will mess up measurements. + // Note that Apache/mod_php will add (and even alter!) the Content-Length header on its own, but only for + // responses up to 8000 bytes + if ($phpNoSelfCompress) { header('Content-Length: ' . (int)strlen($payload)); } } else { - error_log('XML-RPC: ' . __METHOD__ . ': http headers already sent before response is fully generated. Check for php warning or error messages'); + Logger::instance()->errorLog('XML-RPC: ' . __METHOD__ . ': http headers already sent before response is fully generated. Check for php warning or error messages'); } print $payload; @@ -265,35 +304,41 @@ class Server /** * Add a method to the dispatch map. * - * @param string $methodname the name with which the method will be made available - * @param string $function the php function that will get invoked - * @param array $sig the array of valid method signatures + * @param string $methodName the name with which the method will be made available + * @param callable $function the php function that will get invoked + * @param array[] $sig the array of valid method signatures. + * Each element is one signature: an array of strings with at least one element + * First element = type of returned value. Elements 2..N = types of parameters 1..N * @param string $doc method documentation - * @param array $sigdoc the array of valid method signatures docs (one string per param, one for return type) + * @param array[] $sigDoc the array of valid method signatures docs, following the format of $sig but with + * descriptions instead of types (one string for return type, one per param) + * + * @todo raise a warning if the user tries to register a 'system.' method + * @todo allow setting parameters_type */ - public function add_to_map($methodname, $function, $sig = null, $doc = false, $sigdoc = false) + public function add_to_map($methodName, $function, $sig = null, $doc = false, $sigDoc = false) { - $this->dmap[$methodname] = array( + $this->dmap[$methodName] = array( 'function' => $function, 'docstring' => $doc, ); if ($sig) { - $this->dmap[$methodname]['signature'] = $sig; + $this->dmap[$methodName]['signature'] = $sig; } - if ($sigdoc) { - $this->dmap[$methodname]['signature_docs'] = $sigdoc; + if ($sigDoc) { + $this->dmap[$methodName]['signature_docs'] = $sigDoc; } } /** * Verify type and number of parameters received against a list of known signatures. * - * @param array $in array of either xmlrpcval objects or xmlrpc type definitions - * @param array $sig array of known signatures to match against + * @param array|Request $in array of either xmlrpc value objects or xmlrpc type definitions + * @param array $sigs array of known signatures to match against * - * @return array + * @return array int, string */ - protected function verifySignature($in, $sig) + protected function verifySignature($in, $sigs) { // check each possible signature in turn if (is_object($in)) { @@ -301,8 +346,8 @@ class Server } else { $numParams = count($in); } - foreach ($sig as $cursig) { - if (count($cursig) == $numParams + 1) { + foreach ($sigs as $curSig) { + if (count($curSig) == $numParams + 1) { $itsOK = 1; for ($n = 0; $n < $numParams; $n++) { if (is_object($in)) { @@ -313,14 +358,14 @@ class Server $pt = $p->kindOf(); } } else { - $pt = $in[$n] == 'i4' ? 'int' : strtolower($in[$n]); // dispatch maps never use i4... + $pt = ($in[$n] == 'i4') ? 'int' : strtolower($in[$n]); // dispatch maps never use i4... } // param index is $n+1, as first member of sig is return type - if ($pt != $cursig[$n + 1] && $cursig[$n + 1] != Value::$xmlrpcValue) { + if ($pt != $curSig[$n + 1] && $curSig[$n + 1] != Value::$xmlrpcValue) { $itsOK = 0; $pno = $n + 1; - $wanted = $cursig[$n + 1]; + $wanted = $curSig[$n + 1]; $got = $pt; break; } @@ -340,14 +385,14 @@ class Server /** * Parse http headers received along with xmlrpc request. If needed, inflate request. * - * @return mixed null on success or a Response + * @return mixed Response|null on success or an error Response */ - protected function parseRequestHeaders(&$data, &$req_encoding, &$resp_encoding, &$resp_compression) + protected function parseRequestHeaders(&$data, &$reqEncoding, &$respEncoding, &$respCompression) { // check if $_SERVER is populated: it might have been disabled via ini file // (this is true even when in CLI mode) if (count($_SERVER) == 0) { - error_log('XML-RPC: ' . __METHOD__ . ': cannot parse request headers as $_SERVER is not populated'); + Logger::instance()->errorLog('XML-RPC: ' . __METHOD__ . ': cannot parse request headers as $_SERVER is not populated'); } if ($this->debug > 1) { @@ -360,22 +405,22 @@ class Server } if (isset($_SERVER['HTTP_CONTENT_ENCODING'])) { - $content_encoding = str_replace('x-', '', $_SERVER['HTTP_CONTENT_ENCODING']); + $contentEncoding = str_replace('x-', '', $_SERVER['HTTP_CONTENT_ENCODING']); } else { - $content_encoding = ''; + $contentEncoding = ''; } // check if request body has been compressed and decompress it - if ($content_encoding != '' && strlen($data)) { - if ($content_encoding == 'deflate' || $content_encoding == 'gzip') { + if ($contentEncoding != '' && strlen($data)) { + if ($contentEncoding == 'deflate' || $contentEncoding == 'gzip') { // if decoding works, use it. else assume data wasn't gzencoded - if (function_exists('gzinflate') && in_array($content_encoding, $this->accepted_compression)) { - if ($content_encoding == 'deflate' && $degzdata = @gzuncompress($data)) { + if (function_exists('gzinflate') && in_array($contentEncoding, $this->accepted_compression)) { + if ($contentEncoding == 'deflate' && $degzdata = @gzuncompress($data)) { $data = $degzdata; if ($this->debug > 1) { $this->debugmsg("\n+++INFLATED REQUEST+++[" . strlen($data) . " chars]+++\n" . $data . "\n+++END+++"); } - } elseif ($content_encoding == 'gzip' && $degzdata = @gzinflate(substr($data, 10))) { + } elseif ($contentEncoding == 'gzip' && $degzdata = @gzinflate(substr($data, 10))) { $data = $degzdata; if ($this->debug > 1) { $this->debugmsg("+++INFLATED REQUEST+++[" . strlen($data) . " chars]+++\n" . $data . "\n+++END+++"); @@ -386,7 +431,6 @@ class Server return $r; } } else { - //error_log('The server sent deflated data. Your php install must have the Zlib extension compiled in to support this.'); $r = new Response(0, PhpXmlRpc::$xmlrpcerr['server_cannot_decompress'], PhpXmlRpc::$xmlrpcstr['server_cannot_decompress']); return $r; @@ -397,42 +441,42 @@ class Server // check if client specified accepted charsets, and if we know how to fulfill // the request if ($this->response_charset_encoding == 'auto') { - $resp_encoding = ''; + $respEncoding = ''; if (isset($_SERVER['HTTP_ACCEPT_CHARSET'])) { // here we should check if we can match the client-requested encoding // with the encodings we know we can generate. /// @todo we should parse q=0.x preferences instead of getting first charset specified... - $client_accepted_charsets = explode(',', strtoupper($_SERVER['HTTP_ACCEPT_CHARSET'])); + $clientAcceptedCharsets = explode(',', strtoupper($_SERVER['HTTP_ACCEPT_CHARSET'])); // Give preference to internal encoding - $known_charsets = array(PhpXmlRpc::$xmlrpc_internalencoding, 'UTF-8', 'ISO-8859-1', 'US-ASCII'); - foreach ($known_charsets as $charset) { - foreach ($client_accepted_charsets as $accepted) { + $knownCharsets = array(PhpXmlRpc::$xmlrpc_internalencoding, 'UTF-8', 'ISO-8859-1', 'US-ASCII'); + foreach ($knownCharsets as $charset) { + foreach ($clientAcceptedCharsets as $accepted) { if (strpos($accepted, $charset) === 0) { - $resp_encoding = $charset; + $respEncoding = $charset; break; } } - if ($resp_encoding) { + if ($respEncoding) { break; } } } } else { - $resp_encoding = $this->response_charset_encoding; + $respEncoding = $this->response_charset_encoding; } if (isset($_SERVER['HTTP_ACCEPT_ENCODING'])) { - $resp_compression = $_SERVER['HTTP_ACCEPT_ENCODING']; + $respCompression = $_SERVER['HTTP_ACCEPT_ENCODING']; } else { - $resp_compression = ''; + $respCompression = ''; } // 'guestimate' request encoding /// @todo check if mbstring is enabled and automagic input conversion is on: it might mingle with this check??? - $req_encoding = Encoder::guess_encoding(isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : '', + $reqEncoding = XMLParser::guessEncoding(isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : '', $data); - return; + return null; } /** @@ -440,99 +484,89 @@ class Server * php function registered with the server. * * @param string $data the xml request - * @param string $req_encoding (optional) the charset encoding of the xml request + * @param string $reqEncoding (optional) the charset encoding of the xml request * * @return Response + * + * @throws \Exception in case the executed method does throw an exception (and depending on server configuration) + * + * @internal this function will become protected in the future + * @todo either rename this function or move the 'execute' part out of it... */ - public function parseRequest($data, $req_encoding = '') + public function parseRequest($data, $reqEncoding = '') { - // 2005/05/07 commented and moved into caller function code - //if($data=='') - //{ - // $data=$GLOBALS['HTTP_RAW_POST_DATA']; - //} - - // G. Giunta 2005/02/13: we do NOT expect to receive html entities - // so we do not try to convert them into xml character entities - //$data = xmlrpc_html_entity_xlate($data); - // decompose incoming XML into request structure - if ($req_encoding != '') { - if (!in_array($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) { - // the following code might be better for mb_string enabled installs, but - // makes the lib about 200% slower... - //if (!is_valid_charset($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) - - error_log('XML-RPC: ' . __METHOD__ . ': invalid charset encoding of received request: ' . $req_encoding); - $req_encoding = PhpXmlRpc::$xmlrpc_defencoding; + + if ($reqEncoding != '') { + // Since parsing will fail if + // - charset is not specified in the xml prologue, + // - the encoding is not UTF8 and + // - there are non-ascii chars in the text, + // we try to work round that... + // The following code might be better for mb_string enabled installs, but + // makes the lib about 200% slower... + //if (!is_valid_charset($reqEncoding, array('UTF-8'))) + if (!in_array($reqEncoding, array('UTF-8', 'US-ASCII')) && !XMLParser::hasEncoding($data)) { + if ($reqEncoding == 'ISO-8859-1') { + $data = utf8_encode($data); + } else { + if (extension_loaded('mbstring')) { + $data = mb_convert_encoding($data, 'UTF-8', $reqEncoding); + } else { + Logger::instance()->errorLog('XML-RPC: ' . __METHOD__ . ': invalid charset encoding of received request: ' . $reqEncoding); + } + } } - /// @BUG this will fail on PHP 5 if charset is not specified in the xml prologue, - // the encoding is not UTF8 and there are non-ascii chars in the text... - /// @todo use an empty string for php 5 ??? - $parser = xml_parser_create($req_encoding); - } else { - $parser = xml_parser_create(); } - xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true); - // G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell - // the xml parser to give us back data in the expected charset - // What if internal encoding is not in one of the 3 allowed? - // we use the broadest one, ie. utf8 + // PHP internally might use ISO-8859-1, so we have to tell the xml parser to give us back data in the expected charset. + // What if internal encoding is not in one of the 3 allowed? We use the broadest one, ie. utf8 // This allows to send data which is native in various charset, // by extending xmlrpc_encode_entities() and setting xmlrpc_internalencoding if (!in_array(PhpXmlRpc::$xmlrpc_internalencoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) { - xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, 'UTF-8'); + $options = array(XML_OPTION_TARGET_ENCODING => 'UTF-8'); } else { - xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, PhpXmlRpc::$xmlrpc_internalencoding); + $options = array(XML_OPTION_TARGET_ENCODING => PhpXmlRpc::$xmlrpc_internalencoding); } - $xmlRpcParser = new XMLParser(); - xml_set_object($parser, $xmlRpcParser); - - if ($this->functions_parameters_type != 'xmlrpcvals') { - xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee_fast'); - } else { - xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee'); - } - xml_set_character_data_handler($parser, 'xmlrpc_cd'); - xml_set_default_handler($parser, 'xmlrpc_dh'); - if (!xml_parse($parser, $data, 1)) { - // return XML error as a faultCode + $xmlRpcParser = new XMLParser($options); + $xmlRpcParser->parse($data, $this->functions_parameters_type, XMLParser::ACCEPT_REQUEST); + if ($xmlRpcParser->_xh['isf'] > 2) { + // (BC) we return XML error as a faultCode + preg_match('/^XML error ([0-9]+)/', $xmlRpcParser->_xh['isf_reason'], $matches); $r = new Response(0, - PhpXmlRpc::$xmlrpcerrxml + xml_get_error_code($parser), - sprintf('XML error: %s at line %d, column %d', - xml_error_string(xml_get_error_code($parser)), - xml_get_current_line_number($parser), xml_get_current_column_number($parser))); - xml_parser_free($parser); + PhpXmlRpc::$xmlrpcerrxml + $matches[1], + $xmlRpcParser->_xh['isf_reason']); } elseif ($xmlRpcParser->_xh['isf']) { - xml_parser_free($parser); $r = new Response(0, PhpXmlRpc::$xmlrpcerr['invalid_request'], PhpXmlRpc::$xmlrpcstr['invalid_request'] . ' ' . $xmlRpcParser->_xh['isf_reason']); } else { - xml_parser_free($parser); // small layering violation in favor of speed and memory usage: // we should allow the 'execute' method handle this, but in the - // most common scenario (xmlrpcvals type server with some methods + // most common scenario (xmlrpc values type server with some methods // registered as phpvals) that would mean a useless encode+decode pass - if ($this->functions_parameters_type != 'xmlrpcvals' || (isset($this->dmap[$xmlRpcParser->_xh['method']]['parameters_type']) && ($this->dmap[$xmlRpcParser->_xh['method']]['parameters_type'] == 'phpvals'))) { + if ($this->functions_parameters_type != 'xmlrpcvals' || + (isset($this->dmap[$xmlRpcParser->_xh['method']]['parameters_type']) && + ($this->dmap[$xmlRpcParser->_xh['method']]['parameters_type'] != 'xmlrpcvals') + ) + ) { if ($this->debug > 1) { $this->debugmsg("\n+++PARSED+++\n" . var_export($xmlRpcParser->_xh['params'], true) . "\n+++END+++"); } $r = $this->execute($xmlRpcParser->_xh['method'], $xmlRpcParser->_xh['params'], $xmlRpcParser->_xh['pt']); } else { // build a Request object with data parsed from xml - $m = new Request($xmlRpcParser->_xh['method']); + $req = new Request($xmlRpcParser->_xh['method']); // now add parameters in for ($i = 0; $i < count($xmlRpcParser->_xh['params']); $i++) { - $m->addParam($xmlRpcParser->_xh['params'][$i]); + $req->addParam($xmlRpcParser->_xh['params'][$i]); } if ($this->debug > 1) { - $this->debugmsg("\n+++PARSED+++\n" . var_export($m, true) . "\n+++END+++"); + $this->debugmsg("\n+++PARSED+++\n" . var_export($req, true) . "\n+++END+++"); } - $r = $this->execute($m); + $r = $this->execute($req); } } @@ -542,20 +576,25 @@ class Server /** * Execute a method invoked by the client, checking parameters used. * - * @param mixed $m either a Request obj or a method name - * @param array $params array with method parameters as php types (if m is method name only) - * @param array $paramtypes array with xmlrpc types of method parameters (if m is method name only) + * @param Request|string $req either a Request obj or a method name + * @param mixed[] $params array with method parameters as php types (only if m is method name) + * @param string[] $paramTypes array with xmlrpc types of method parameters (only if m is method name) * * @return Response + * + * @throws \Exception in case the executed method does throw an exception (and depending on server configuration) */ - protected function execute($m, $params = null, $paramtypes = null) + protected function execute($req, $params = null, $paramTypes = null) { - if (is_object($m)) { - $methName = $m->method(); + static::$_xmlrpcs_occurred_errors = ''; + static::$_xmlrpc_debuginfo = ''; + + if (is_object($req)) { + $methName = $req->method(); } else { - $methName = $m; + $methName = $req; } - $sysCall = $this->allow_system_funcs && (strpos($methName, "system.") === 0); + $sysCall = $this->isSyscall($methName); $dmap = $sysCall ? $this->getSystemDispatchMap() : $this->dmap; if (!isset($dmap[$methName]['function'])) { @@ -568,17 +607,17 @@ class Server // Check signature if (isset($dmap[$methName]['signature'])) { $sig = $dmap[$methName]['signature']; - if (is_object($m)) { - list($ok, $errstr) = $this->verifySignature($m, $sig); + if (is_object($req)) { + list($ok, $errStr) = $this->verifySignature($req, $sig); } else { - list($ok, $errstr) = $this->verifySignature($paramtypes, $sig); + list($ok, $errStr) = $this->verifySignature($paramTypes, $sig); } if (!$ok) { // Didn't match. return new Response( 0, PhpXmlRpc::$xmlrpcerr['incorrect_params'], - PhpXmlRpc::$xmlrpcstr['incorrect_params'] . ": ${errstr}" + PhpXmlRpc::$xmlrpcstr['incorrect_params'] . ": ${errStr}" ); } } @@ -588,10 +627,22 @@ class Server if (is_string($func) && strpos($func, '::')) { $func = explode('::', $func); } + + if (is_array($func)) { + if (is_object($func[0])) { + $funcName = get_class($func[0]) . '->' . $func[1]; + } else { + $funcName = implode('::', $func); + } + } else if ($func instanceof \Closure) { + $funcName = 'Closure'; + } else { + $funcName = $func; + } + // verify that function to be invoked is in fact callable if (!is_callable($func)) { - error_log("XML-RPC: " . __METHOD__ . ": function $func registered as method handler is not callable"); - + Logger::instance()->errorLog("XML-RPC: " . __METHOD__ . ": function '$funcName' registered as method handler is not callable"); return new Response( 0, PhpXmlRpc::$xmlrpcerr['server_error'], @@ -602,18 +653,19 @@ class Server // If debug level is 3, we should catch all errors generated during // processing of user function, and log them as part of response if ($this->debug > 2) { - $GLOBALS['_xmlrpcs_prev_ehandler'] = set_error_handler(array('\PhpXmlRpc\Server', '_xmlrpcs_errorHandler')); + self::$_xmlrpcs_prev_ehandler = set_error_handler(array('\PhpXmlRpc\Server', '_xmlrpcs_errorHandler')); } + try { // Allow mixed-convention servers - if (is_object($m)) { + if (is_object($req)) { if ($sysCall) { - $r = call_user_func($func, $this, $m); + $r = call_user_func($func, $this, $req); } else { - $r = call_user_func($func, $m); + $r = call_user_func($func, $req); } if (!is_a($r, 'PhpXmlRpc\Response')) { - error_log("XML-RPC: " . __METHOD__ . ": function $func registered as method handler does not return an xmlrpc response object"); + Logger::instance()->errorLog("XML-RPC: " . __METHOD__ . ": function '$funcName' registered as method handler does not return an xmlrpc response object but a " . gettype($r)); if (is_a($r, 'PhpXmlRpc\Value')) { $r = new Response($r); } else { @@ -634,13 +686,14 @@ class Server if ($this->functions_parameters_type == 'epivals') { $r = call_user_func_array($func, array($methName, $params, $this->user_data)); // mimic EPI behaviour: if we get an array that looks like an error, make it - // an eror response + // an error response if (is_array($r) && array_key_exists('faultCode', $r) && array_key_exists('faultString', $r)) { $r = new Response(0, (integer)$r['faultCode'], (string)$r['faultString']); } else { // functions using EPI api should NOT return resp objects, // so make sure we encode the return type correctly - $r = new Response(php_xmlrpc_encode($r, array('extension_api'))); + $encoder = new Encoder(); + $r = new Response($encoder->encode($r, array('extension_api'))); } } else { $r = call_user_func_array($func, $params); @@ -650,7 +703,8 @@ class Server if (!is_a($r, '\PhpXmlRpc\Response')) { // what should we assume here about automatic encoding of datetimes // and php classes instances??? - $r = new Response(php_xmlrpc_encode($r, $this->phpvals_encoding_options)); + $encoder = new Encoder(); + $r = new Response($encoder->encode($r, $this->phpvals_encoding_options)); } } } catch (\Exception $e) { @@ -658,8 +712,14 @@ class Server // in the called function, we wrap it in a proper error-response switch ($this->exception_handling) { case 2: + if ($this->debug > 2) { + if (self::$_xmlrpcs_prev_ehandler) { + set_error_handler(self::$_xmlrpcs_prev_ehandler); + } else { + restore_error_handler(); + } + } throw $e; - break; case 1: $r = new Response(0, $e->getCode(), $e->getMessage()); break; @@ -670,8 +730,8 @@ class Server if ($this->debug > 2) { // note: restore the error handler we found before calling the // user func, even if it has been changed inside the func itself - if ($GLOBALS['_xmlrpcs_prev_ehandler']) { - set_error_handler($GLOBALS['_xmlrpcs_prev_ehandler']); + if (self::$_xmlrpcs_prev_ehandler) { + set_error_handler(self::$_xmlrpcs_prev_ehandler); } else { restore_error_handler(); } @@ -681,7 +741,7 @@ class Server } /** - * add a string to the 'internal debug message' (separate from 'user debug message'). + * Add a string to the 'internal debug message' (separate from 'user debug message'). * * @param string $string */ @@ -690,29 +750,39 @@ class Server $this->debug_info .= $string . "\n"; } - protected function xml_header($charset_encoding = '') + /** + * @param string $charsetEncoding + * @return string + */ + protected function xml_header($charsetEncoding = '') { - if ($charset_encoding != '') { - return "\n"; + if ($charsetEncoding != '') { + return "\n"; } else { return "\n"; } } /** - * A debugging routine: just echoes back the input packet as a string value - * DEPRECATED! + * @param string $methName + * @return bool */ - public function echoInput() + protected function isSyscall($methName) { - $r = new Response(new Value("'Aha said I: '" . file_get_contents('php://input'), 'string')); - print $r->serialize(); + return (strpos($methName, "system.") === 0); } /* Functions that implement system.XXX methods of xmlrpc servers */ + /** + * @return array[] + */ public function getSystemDispatchMap() { + if (!$this->allow_system_funcs) { + return array(); + } + return array( 'system.listMethods' => array( 'function' => 'PhpXmlRpc\Server::_xmlrpcs_listMethods', @@ -743,69 +813,91 @@ class Server 'system.getCapabilities' => array( 'function' => 'PhpXmlRpc\Server::_xmlrpcs_getCapabilities', 'signature' => array(array(Value::$xmlrpcStruct)), - 'docstring' => 'This method lists all the capabilites that the XML-RPC server has: the (more or less standard) extensions to the xmlrpc spec that it adheres to', + 'docstring' => 'This method lists all the capabilities that the XML-RPC server has: the (more or less standard) extensions to the xmlrpc spec that it adheres to', 'signature_docs' => array(array('list of capabilities, described as structs with a version number and url for the spec')), ), ); } - public static function _xmlrpcs_getCapabilities($server, $m = null) + /** + * @return array[] + */ + public function getCapabilities() { $outAr = array( // xmlrpc spec: always supported - 'xmlrpc' => new Value(array( - 'specUrl' => new Value('http://www.xmlrpc.com/spec', 'string'), - 'specVersion' => new Value(1, 'int'), - ), 'struct'), + 'xmlrpc' => array( + 'specUrl' => 'http://www.xmlrpc.com/spec', + 'specVersion' => 1 + ), // if we support system.xxx functions, we always support multicall, too... // Note that, as of 2006/09/17, the following URL does not respond anymore - 'system.multicall' => new Value(array( - 'specUrl' => new Value('http://www.xmlrpc.com/discuss/msgReader$1208', 'string'), - 'specVersion' => new Value(1, 'int'), - ), 'struct'), + 'system.multicall' => array( + 'specUrl' => 'http://www.xmlrpc.com/discuss/msgReader$1208', + 'specVersion' => 1 + ), // introspection: version 2! we support 'mixed', too - 'introspection' => new Value(array( - 'specUrl' => new Value('http://phpxmlrpc.sourceforge.net/doc-2/ch10.html', 'string'), - 'specVersion' => new Value(2, 'int'), - ), 'struct'), + 'introspection' => array( + 'specUrl' => 'http://phpxmlrpc.sourceforge.net/doc-2/ch10.html', + 'specVersion' => 2, + ), ); // NIL extension if (PhpXmlRpc::$xmlrpc_null_extension) { - $outAr['nil'] = new Value(array( - 'specUrl' => new Value('http://www.ontosys.com/xml-rpc/extensions.php', 'string'), - 'specVersion' => new Value(1, 'int'), - ), 'struct'); + $outAr['nil'] = array( + 'specUrl' => 'http://www.ontosys.com/xml-rpc/extensions.php', + 'specVersion' => 1 + ); } - return new Response(new Value($outAr, 'struct')); + return $outAr; } - public static function _xmlrpcs_listMethods($server, $m = null) // if called in plain php values mode, second param is missing + /** + * @param Server $server + * @param Request $req + * @return Response + */ + public static function _xmlrpcs_getCapabilities($server, $req = null) + { + $encoder = new Encoder(); + return new Response($encoder->encode($server->getCapabilities())); + } + + /** + * @param Server $server + * @param Request $req if called in plain php values mode, second param is missing + * @return Response + */ + public static function _xmlrpcs_listMethods($server, $req = null) { $outAr = array(); foreach ($server->dmap as $key => $val) { $outAr[] = new Value($key, 'string'); } - if ($server->allow_system_funcs) { - foreach ($server->getSystemDispatchMap() as $key => $val) { - $outAr[] = new Value($key, 'string'); - } + foreach ($server->getSystemDispatchMap() as $key => $val) { + $outAr[] = new Value($key, 'string'); } return new Response(new Value($outAr, 'array')); } - public static function _xmlrpcs_methodSignature($server, $m) + /** + * @param Server $server + * @param Request $req + * @return Response + */ + public static function _xmlrpcs_methodSignature($server, $req) { - // let accept as parameter both an xmlrpcval or string - if (is_object($m)) { - $methName = $m->getParam(0); + // let accept as parameter both an xmlrpc value or string + if (is_object($req)) { + $methName = $req->getParam(0); $methName = $methName->scalarval(); } else { - $methName = $m; + $methName = $req; } - if (strpos($methName, "system.") === 0) { + if ($server->isSyscall($methName)) { $dmap = $server->getSystemDispatchMap(); } else { $dmap = $server->dmap; @@ -814,11 +906,11 @@ class Server if (isset($dmap[$methName]['signature'])) { $sigs = array(); foreach ($dmap[$methName]['signature'] as $inSig) { - $cursig = array(); + $curSig = array(); foreach ($inSig as $sig) { - $cursig[] = new Value($sig, 'string'); + $curSig[] = new Value($sig, 'string'); } - $sigs[] = new Value($cursig, 'array'); + $sigs[] = new Value($curSig, 'array'); } $r = new Response(new Value($sigs, 'array')); } else { @@ -833,23 +925,28 @@ class Server return $r; } - public static function _xmlrpcs_methodHelp($server, $m) + /** + * @param Server $server + * @param Request $req + * @return Response + */ + public static function _xmlrpcs_methodHelp($server, $req) { - // let accept as parameter both an xmlrpcval or string - if (is_object($m)) { - $methName = $m->getParam(0); + // let accept as parameter both an xmlrpc value or string + if (is_object($req)) { + $methName = $req->getParam(0); $methName = $methName->scalarval(); } else { - $methName = $m; + $methName = $req; } - if (strpos($methName, "system.") === 0) { + if ($server->isSyscall($methName)) { $dmap = $server->getSystemDispatchMap(); } else { $dmap = $server->dmap; } if (isset($dmap[$methName])) { if (isset($dmap[$methName]['docstring'])) { - $r = new Response(new Value($dmap[$methName]['docstring']), 'string'); + $r = new Response(new Value($dmap[$methName]['docstring'], 'string')); } else { $r = new Response(new Value('', 'string')); } @@ -876,12 +973,17 @@ class Server return new Value($struct, 'struct'); } + /** + * @param Server $server + * @param Value $call + * @return Value + */ public static function _xmlrpcs_multicall_do_call($server, $call) { if ($call->kindOf() != 'struct') { return static::_xmlrpcs_multicall_error('notstruct'); } - $methName = @$call->structmem('methodName'); + $methName = @$call['methodName']; if (!$methName) { return static::_xmlrpcs_multicall_error('nomethod'); } @@ -892,27 +994,25 @@ class Server return static::_xmlrpcs_multicall_error('recursion'); } - $params = @$call->structmem('params'); + $params = @$call['params']; if (!$params) { return static::_xmlrpcs_multicall_error('noparams'); } if ($params->kindOf() != 'array') { return static::_xmlrpcs_multicall_error('notarray'); } - $numParams = $params->arraysize(); - - $msg = new Request($methName->scalarval()); - for ($i = 0; $i < $numParams; $i++) { - if (!$msg->addParam($params->arraymem($i))) { - $i++; + $req = new Request($methName->scalarval()); + foreach($params as $i => $param) { + if (!$req->addParam($param)) { + $i++; // for error message, we count params from 1 return static::_xmlrpcs_multicall_error(new Response(0, PhpXmlRpc::$xmlrpcerr['incorrect_params'], PhpXmlRpc::$xmlrpcstr['incorrect_params'] . ": probable xml error in param " . $i)); } } - $result = $server->execute($msg); + $result = $server->execute($req); if ($result->faultCode() != 0) { return static::_xmlrpcs_multicall_error($result); // Method returned fault. @@ -921,6 +1021,11 @@ class Server return new Value(array($result->value()), 'array'); } + /** + * @param Server $server + * @param Value $call + * @return Value + */ public static function _xmlrpcs_multicall_do_call_phpvals($server, $call) { if (!is_array($call)) { @@ -942,12 +1047,17 @@ class Server return static::_xmlrpcs_multicall_error('notarray'); } - // this is a real dirty and simplistic hack, since we might have received a + // this is a simplistic hack, since we might have received // base64 or datetime values, but they will be listed as strings here... - $numParams = count($call['params']); $pt = array(); + $wrapper = new Wrapper(); foreach ($call['params'] as $val) { - $pt[] = php_2_xmlrpc_type(gettype($val)); + // support EPI-encoded base64 and datetime values + if ($val instanceof \stdClass && isset($val->xmlrpc_type)) { + $pt[] = $val->xmlrpc_type == 'datetime' ? Value::$xmlrpcDateTime : $val->xmlrpc_type; + } else { + $pt[] = $wrapper->php2XmlrpcType(gettype($val)); + } } $result = $server->execute($call['methodName'], $call['params'], $pt); @@ -959,21 +1069,24 @@ class Server return new Value(array($result->value()), 'array'); } - public static function _xmlrpcs_multicall($server, $m) + /** + * @param Server $server + * @param Request|array $req + * @return Response + */ + public static function _xmlrpcs_multicall($server, $req) { $result = array(); // let accept a plain list of php parameters, beside a single xmlrpc msg object - if (is_object($m)) { - $calls = $m->getParam(0); - $numCalls = $calls->arraysize(); - for ($i = 0; $i < $numCalls; $i++) { - $call = $calls->arraymem($i); - $result[$i] = static::_xmlrpcs_multicall_do_call($server, $call); + if (is_object($req)) { + $calls = $req->getParam(0); + foreach($calls as $call) { + $result[] = static::_xmlrpcs_multicall_do_call($server, $call); } } else { - $numCalls = count($m); + $numCalls = count($req); for ($i = 0; $i < $numCalls; $i++) { - $result[$i] = static::_xmlrpcs_multicall_do_call_phpvals($server, $m[$i]); + $result[$i] = static::_xmlrpcs_multicall_do_call_phpvals($server, $req[$i]); } } @@ -988,33 +1101,34 @@ class Server * * NB: in fact a user defined error handler can only handle WARNING, NOTICE and USER_* errors. */ - public static function _xmlrpcs_errorHandler($errcode, $errstring, $filename = null, $lineno = null, $context = null) + public static function _xmlrpcs_errorHandler($errCode, $errString, $filename = null, $lineNo = null, $context = null) { // obey the @ protocol if (error_reporting() == 0) { return; } - //if($errcode != E_NOTICE && $errcode != E_WARNING && $errcode != E_USER_NOTICE && $errcode != E_USER_WARNING) - if ($errcode != E_STRICT) { - \PhpXmlRpc\Server::error_occurred($errstring); + //if($errCode != E_NOTICE && $errCode != E_WARNING && $errCode != E_USER_NOTICE && $errCode != E_USER_WARNING) + if ($errCode != E_STRICT) { + \PhpXmlRpc\Server::error_occurred($errString); } // Try to avoid as much as possible disruption to the previous error handling // mechanism in place - if ($GLOBALS['_xmlrpcs_prev_ehandler'] == '') { + if (self::$_xmlrpcs_prev_ehandler == '') { // The previous error handler was the default: all we should do is log error // to the default error log (if level high enough) - if (ini_get('log_errors') && (intval(ini_get('error_reporting')) & $errcode)) { - error_log($errstring); + if (ini_get('log_errors') && (intval(ini_get('error_reporting')) & $errCode)) { + Logger::instance()->errorLog($errString); } } else { // Pass control on to previous error handler, trying to avoid loops... - if ($GLOBALS['_xmlrpcs_prev_ehandler'] != array('\PhpXmlRpc\Server', '_xmlrpcs_errorHandler')) { - if (is_array($GLOBALS['_xmlrpcs_prev_ehandler'])) { + if (self::$_xmlrpcs_prev_ehandler != array('\PhpXmlRpc\Server', '_xmlrpcs_errorHandler')) { + if (is_array(self::$_xmlrpcs_prev_ehandler)) { // the following works both with static class methods and plain object methods as error handler - call_user_func_array($GLOBALS['_xmlrpcs_prev_ehandler'], array($errcode, $errstring, $filename, $lineno, $context)); + call_user_func_array(self::$_xmlrpcs_prev_ehandler, array($errCode, $errString, $filename, $lineNo, $context)); } else { - $GLOBALS['_xmlrpcs_prev_ehandler']($errcode, $errstring, $filename, $lineno, $context); + $method = self::$_xmlrpcs_prev_ehandler; + $method($errCode, $errString, $filename, $lineNo, $context); } } }