$GLOBALS['xmlrpc_internalencoding']='ISO-8859-1';\r
\r
$GLOBALS['xmlrpcName']='XML-RPC for PHP';\r
- $GLOBALS['xmlrpcVersion']='3.0.0';\r
+ $GLOBALS['xmlrpcVersion']='3.1.2';\r
\r
// let user errors start at 800\r
$GLOBALS['xmlrpcerruser']=800;\r
\r
// set to TRUE to enable encoding of php NULL values to <EX:NIL/> instead of <NIL/>\r
$GLOBALS['xmlrpc_null_apache_encoding']=false;\r
- $GLOBALS['xmlrpc_null_apache_encoding_ns']='http://ws.apache.org/xmlrpc/namespaces/extensions';\r
+ $GLOBALS['xmlrpc_null_apache_encoding_ns']='http://ws.apache.org/xmlrpc/namespaces/extensions';\r
\r
// used to store state during parsing\r
// quick explanation of components:\r
var $keypass='';\r
var $verifypeer=true;\r
var $verifyhost=1;\r
+ var $sslversion=0; // corresponds to CURL_SSLVERSION_DEFAULT\r
var $no_multicall=false;\r
var $proxy='';\r
var $proxyport=0;\r
* @param integer $port the port the server is listening on, defaults to 80 or 443 depending on protocol used\r
* @param string $method the http protocol variant: defaults to 'http', 'https' and 'http11' can be used if CURL is installed\r
*/\r
- function xmlrpc_client($path, $server='', $port='', $method='')\r
+ function __construct($path, $server='', $port='', $method='')\r
{\r
// allow user to specify all params in $path\r
if($server == '' and $port == '' and $method == '')\r
$this->user_agent = $GLOBALS['xmlrpcName'] . ' ' . $GLOBALS['xmlrpcVersion'];\r
}\r
\r
+ /**\r
+ * @deprecated\r
+ */\r
+ function xmlrpc_client($path, $server='', $port='', $method='')\r
+ {\r
+ self::__construct($path, $server, $port, $method);\r
+ }\r
+\r
/**\r
* Enables/disables the echoing to screen of the xmlrpc responses received\r
* @param integer $in values 0, 1 and 2 are supported (2 = echo sent msg too, before received response)\r
$this->verifyhost = $i;\r
}\r
\r
+ /**\r
+ * Set attributes for SSL communication: SSL version to use. Best left at 0 (default value ): let cURL decide\r
+ *\r
+ * @param int $i\r
+ */\r
+ public function setSSLVersion($i)\r
+ {\r
+ $this->sslversion = $i;\r
+ }\r
+\r
/**\r
* Set proxy info\r
* @param string $proxyhost\r
$this->proxy_authtype,\r
$this->keepalive,\r
$this->key,\r
- $this->keypass\r
+ $this->keypass,\r
+ $this->sslversion\r
);\r
}\r
elseif($method == 'http11')\r
function &sendPayloadHTTPS($msg, $server, $port, $timeout=0, $username='',\r
$password='', $authtype=1, $cert='',$certpass='', $cacert='', $cacertdir='',\r
$proxyhost='', $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1,\r
- $keepalive=false, $key='', $keypass='')\r
+ $keepalive=false, $key='', $keypass='', $sslVersion = 0)\r
{\r
$r =& $this->sendPayloadCURL($msg, $server, $port, $timeout, $username,\r
$password, $authtype, $cert, $certpass, $cacert, $cacertdir, $proxyhost, $proxyport,\r
- $proxyusername, $proxypassword, $proxyauthtype, 'https', $keepalive, $key, $keypass);\r
+ $proxyusername, $proxypassword, $proxyauthtype, 'https', $keepalive, $key, $keypass, $sslVersion);\r
return $r;\r
}\r
\r
function &sendPayloadCURL($msg, $server, $port, $timeout=0, $username='',\r
$password='', $authtype=1, $cert='', $certpass='', $cacert='', $cacertdir='',\r
$proxyhost='', $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1, $method='https',\r
- $keepalive=false, $key='', $keypass='')\r
+ $keepalive=false, $key='', $keypass='', $sslVersion = 0)\r
{\r
if(!function_exists('curl_init'))\r
{\r
{\r
curl_setopt($curl, CURLOPT_SSLKEYPASSWD, $keypass);\r
}\r
+\r
+ // Upgrade transparently to more stringent check for versions of php which do not support otherwise.\r
+ // Doing it in constructor would be cleaner; doing it here saves us a couple of function calls\r
+ if($this->verifyhost == 1 && $info = curl_version() && version_compare($info['version'], '7.28.1') >= 0)\r
+ {\r
+ $this->verifyhost = 2;\r
+ }\r
// whether to verify cert's common name (CN); 0 for no, 1 to verify that it exists, and 2 to verify that it matches the hostname used\r
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, $this->verifyhost);\r
+ // allow usage of different SSL versions\r
+ curl_setopt($curl, CURLOPT_SSLVERSION, $sslVersion);\r
}\r
\r
// proxy info\r
curl_close($curl);\r
}\r
$resp =& $msg->parseResponse($result, true, $this->return_type);\r
- // if we got back a 302, we can not reuse the curl handle for later calls\r
- if($resp->faultCode() == $GLOBALS['xmlrpcerr']['http_error'] && $keepalive)\r
- {\r
- curl_close($curl);\r
- $this->xmlrpc_curl_handle = null;\r
- }\r
+ // if we got back a 302, we can not reuse the curl handle for later calls\r
+ if($resp->faultCode() == $GLOBALS['xmlrpcerr']['http_error'] && $keepalive)\r
+ {\r
+ curl_close($curl);\r
+ $this->xmlrpc_curl_handle = null;\r
+ }\r
}\r
return $resp;\r
}\r
* NB: as of now we do not do it, since it might be either an xmlrpcval or a plain\r
* php val, or a complete xml chunk, depending on usage of xmlrpc_client::send() inside which creator is called...\r
*/\r
- function xmlrpcresp($val, $fcode = 0, $fstr = '', $valtyp='')\r
+ function __construct($val, $fcode = 0, $fstr = '', $valtyp='')\r
{\r
if($fcode != 0)\r
{\r
}\r
}\r
\r
+ /**\r
+ * @deprecated\r
+ */\r
+ function xmlrpcresp($val, $fcode = 0, $fstr = '', $valtyp='')\r
+ {\r
+ self::__construct($val, $fcode, $fstr, $valtyp);\r
+ }\r
+\r
/**\r
* Returns the error code of the response.\r
* @return integer the error code of this response (0 for not-error responses)\r
* @param string $meth the name of the method to invoke\r
* @param array $pars array of parameters to be passed to the method (xmlrpcval objects)\r
*/\r
- function xmlrpcmsg($meth, $pars=0)\r
+ function __construct($meth, $pars=0)\r
{\r
$this->methodname=$meth;\r
if(is_array($pars) && count($pars)>0)\r
}\r
}\r
\r
+ /**\r
+ * @deprecated\r
+ */\r
+ function xmlrpcmsg($meth, $pars=0)\r
+ {\r
+ self::__construct($meth, $pars);\r
+ }\r
+\r
/**\r
* @access private\r
*/\r
else\r
$this->content_type = 'text/xml';\r
$this->payload=$this->xml_header($charset_encoding);\r
- $this->payload.='<methodName>' . $this->methodname . "</methodName>\n";\r
+ $this->payload.='<methodName>' . xmlrpc_encode_entitites($this->methodname, $GLOBALS['xmlrpc_internalencoding'], $charset_encoding) . "</methodName>\n";\r
$this->payload.="<params>\n";\r
for($i=0; $i<count($this->params); $i++)\r
{\r
}\r
// be tolerant to line endings, and extra empty lines\r
$ar = preg_split("/\r?\n/", trim(substr($data, 0, $pos)));\r
- while(list(,$line) = @each($ar))\r
+ foreach($ar as $line)\r
{\r
// take care of multi-line headers and cookies\r
$arr = explode(':',$line,2);\r
{\r
if ($tag != 'value')\r
{\r
- $GLOBALS['_xh']['cookies'][$cookiename][$tag] = $val;\r
+ $GLOBALS['_xh']['cookies'][$cookiename][$tag] = $val;\r
}\r
}\r
}\r
$GLOBALS['_xh']['isf_reason']='';\r
$GLOBALS['_xh']['rt']=''; // 'methodcall or 'methodresponse'\r
\r
- // if response charset encoding is not known / supported, try to use\r
- // the default encoding and parse the xml anyway, but log a warning...\r
- if (!in_array($resp_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII')))\r
- // the following code might be better for mb_string enabled installs, but\r
+ // Since parsing will fail if charset is not specified in the xml prologue,\r
+ // the encoding is not UTF8 and there are non-ascii chars in the text, we try to work round that...\r
+ // The following code might be better for mb_string enabled installs, but\r
// makes the lib about 200% slower...\r
- //if (!is_valid_charset($resp_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII')))\r
- {\r
- error_log('XML-RPC: '.__METHOD__.': invalid charset encoding of received response: '.$resp_encoding);\r
- $resp_encoding = $GLOBALS['xmlrpc_defencoding'];\r
+ //if (!is_valid_charset($resp_encoding, array('UTF-8')))\r
+ if (!in_array($resp_encoding, array('UTF-8', 'US-ASCII')) && !has_encoding($data)) {\r
+ if ($resp_encoding == 'ISO-8859-1') {\r
+ $data = utf8_encode($data);\r
+ } else {\r
+ if (extension_loaded('mbstring')) {\r
+ $data = mb_convert_encoding($data, 'UTF-8', $resp_encoding);\r
+ } else {\r
+ error_log('XML-RPC: ' . __METHOD__ . ': invalid charset encoding of received request: ' . $resp_encoding);\r
+ }\r
+ }\r
}\r
- $parser = xml_parser_create($resp_encoding);\r
+\r
+ $parser = xml_parser_create();\r
xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true);\r
// G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell\r
// the xml parser to give us back data in the expected charset.\r
xml_set_default_handler($parser, 'xmlrpc_dh');\r
\r
// first error check: xml not well formed\r
- if(!xml_parse($parser, $data, count($data)))\r
+ if(!xml_parse($parser, $data, 1))\r
{\r
// thanks to Peter Kocks <peter.kocks@baygate.com>\r
if((xml_get_current_line_number($parser)) == 1)\r
* @param mixed $val\r
* @param string $type any valid xmlrpc type name (lowercase). If null, 'string' is assumed\r
*/\r
- function xmlrpcval($val=-1, $type='')\r
+ function __construct($val=-1, $type='')\r
{\r
/// @todo: optimization creep - do not call addXX, do it all inline.\r
/// downside: booleans will not be coerced anymore\r
}\r
}\r
\r
+ /**\r
+ * @deprecated\r
+ */\r
+ function xmlrpcval($val=-1, $type='')\r
+ {\r
+ self::__construct($val, $type);\r
+ }\r
+\r
/**\r
* Add a single php value to an (unitialized) xmlrpcval\r
* @param mixed $val\r
}\r
\r
// poor man's version of print_r ???\r
- // DEPRECATED!\r
+ /// @deprecated\r
function dump($ar)\r
{\r
foreach($ar as $key => $val)\r
echo "$key => $val<br />";\r
if($key == 'array')\r
{\r
- while(list($key2, $val2) = each($val))\r
+ foreach($val as $key2 => $val2)\r
{\r
echo "-- $key2 => $val2<br />";\r
}\r
// add check? slower, but helps to avoid recursion in serializing broken xmlrpcvals...\r
//if (is_object($o) && (get_class($o) == 'xmlrpcval' || is_subclass_of($o, 'xmlrpcval')))\r
//{\r
- reset($this->me);\r
- list($typ, $val) = each($this->me);\r
+ $val = reset($this->me);\r
+ $typ = key($this->me);\r
return '<value>' . $this->serializedata($typ, $val, $charset_encoding) . "</value>\n";\r
//}\r
}\r
\r
- // DEPRECATED\r
+ /// @deprecated\r
function serializeval($o)\r
{\r
// add check? slower, but helps to avoid recursion in serializing broken xmlrpcvals...\r
//if (is_object($o) && (get_class($o) == 'xmlrpcval' || is_subclass_of($o, 'xmlrpcval')))\r
//{\r
- $ar=$o->me;\r
- reset($ar);\r
- list($typ, $val) = each($ar);\r
+ $val = reset($o->me);\r
+ $typ = key($o->me);\r
return '<value>' . $this->serializedata($typ, $val) . "</value>\n";\r
//}\r
}\r
* Return next member element for xmlrpcvals of type struct.\r
* @return xmlrpcval\r
* @access public\r
+ * @deprecated this will be removed in future versions\r
*/\r
function structeach()\r
{\r
- return each($this->me['struct']);\r
+ return @each($this->me['struct']);\r
}\r
\r
- // DEPRECATED! this code looks like it is very fragile and has not been fixed\r
+ // this code looks like it is very fragile and has not been fixed\r
// for a long long time. Shall we remove it for 2.0?\r
+ /// @deprecated\r
function getval()\r
{\r
// UNSTABLE\r
- reset($this->me);\r
- list($a,$b)=each($this->me);\r
+ $b = reset($this->me);\r
// contributed by I Sofer, 2001-03-24\r
// add support for nested arrays to scalarval\r
// i've created a new method here, so as to\r
\r
if(is_array($b))\r
{\r
- @reset($b);\r
- while(list($id,$cont) = @each($b))\r
+ foreach($b as $id => $cont)\r
{\r
$b[$id] = $cont->scalarval();\r
}\r
if(is_object($b))\r
{\r
$t = get_object_vars($b);\r
- @reset($t);\r
- while(list($id,$cont) = @each($t))\r
+ foreach($t as $id => $cont)\r
{\r
$t[$id] = $cont->scalarval();\r
}\r
- @reset($t);\r
- while(list($id,$cont) = @each($t))\r
+ foreach($t as $id => $cont)\r
{\r
@$b->$id = $cont;\r
}\r
*/\r
function scalarval()\r
{\r
- reset($this->me);\r
- list(,$b)=each($this->me);\r
+ $b = reset($this->me);\r
return $b;\r
}\r
\r
function scalartyp()\r
{\r
reset($this->me);\r
- list($a,)=each($this->me);\r
+ $a = key($this->me);\r
if($a==$GLOBALS['xmlrpcI4'])\r
{\r
$a=$GLOBALS['xmlrpcInt'];\r
case 'scalar':\r
if (in_array('extension_api', $options))\r
{\r
- reset($xmlrpc_val->me);\r
- list($typ,$val) = each($xmlrpc_val->me);\r
+ $val = reset($xmlrpc_val->me);\r
+ $typ = key($xmlrpc_val->me);\r
switch ($typ)\r
{\r
case 'dateTime.iso8601':\r
else\r
{\r
$arr = array();\r
- reset($php_val);\r
- while(list($k,$v) = each($php_val))\r
+ foreach($php_val as $k => $v)\r
{\r
$arr[$k] = php_xmlrpc_encode($v, $options);\r
}\r
$GLOBALS['_xh']['isf_reason'] = '';\r
$GLOBALS['_xh']['method'] = false;\r
$GLOBALS['_xh']['rt'] = '';\r
- /// @todo 'guestimate' encoding\r
+\r
+ // 'guestimate' encoding\r
+ $val_encoding = guess_encoding('', $xml_val);\r
+\r
+ // Since parsing will fail if charset is not specified in the xml prologue,\r
+ // the encoding is not UTF8 and there are non-ascii chars in the text, we try to work round that...\r
+ // The following code might be better for mb_string enabled installs, but\r
+ // makes the lib about 200% slower...\r
+ //if (!is_valid_charset($val_encoding, array('UTF-8')))\r
+ if (!in_array($val_encoding, array('UTF-8', 'US-ASCII')) && !has_encoding($xml_val)) {\r
+ if ($val_encoding == 'ISO-8859-1') {\r
+ $xml_val = utf8_encode($xml_val);\r
+ } else {\r
+ if (extension_loaded('mbstring')) {\r
+ $xml_val = mb_convert_encoding($xml_val, 'UTF-8', $val_encoding);\r
+ } else {\r
+ error_log('XML-RPC: ' . __METHOD__ . ': invalid charset encoding of received request: ' . $val_encoding);\r
+ }\r
+ }\r
+ }\r
+\r
$parser = xml_parser_create();\r
xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true);\r
// What if internal encoding is not in one of the 3 allowed?\r
}\r
}\r
\r
+ /**\r
+ * Helper function: checks if an xml chunk as a charset declaration (BOM or in the xml declaration)\r
+ *\r
+ * @param string $xmlChunk\r
+ * @return bool\r
+ */\r
+ function has_encoding($xmlChunk)\r
+ {\r
+ // scan the first bytes of the data for a UTF-16 (or other) BOM pattern\r
+ // (source: http://www.w3.org/TR/2000/REC-xml-20001006)\r
+ if (preg_match('/^(\x00\x00\xFE\xFF|\xFF\xFE\x00\x00|\x00\x00\xFF\xFE|\xFE\xFF\x00\x00)/', $xmlChunk))\r
+ {\r
+ return true;\r
+ }\r
+ elseif (preg_match('/^(\xFE\xFF|\xFF\xFE)/', $xmlChunk))\r
+ {\r
+ return true;\r
+ }\r
+ elseif (preg_match('/^(\xEF\xBB\xBF)/', $xmlChunk))\r
+ {\r
+ return true;\r
+ }\r
+\r
+ // test if encoding is specified in the xml declaration\r
+ // Details:\r
+ // SPACE: (#x20 | #x9 | #xD | #xA)+ === [ \x9\xD\xA]+\r
+ // EQ: SPACE?=SPACE? === [ \x9\xD\xA]*=[ \x9\xD\xA]*\r
+ if (preg_match('/^<\?xml\s+version\s*=\s*' . "((?:\"[a-zA-Z0-9_.:-]+\")|(?:'[a-zA-Z0-9_.:-]+'))" .\r
+ '\s+encoding\s*=\s*' . "((?:\"[A-Za-z][A-Za-z0-9._-]*\")|(?:'[A-Za-z][A-Za-z0-9._-]*'))/",\r
+ $xmlChunk, $matches))\r
+ {\r
+ return true;\r
+ }\r
+\r
+ return false;\r
+ }\r
+\r
/**\r
* Checks if a given charset encoding is present in a list of encodings or\r
* if it is a valid subset of any encoding in the list\r
}\r
}\r
\r
-?>
\ No newline at end of file
+?>\r