diff options
| author | dipsol <dipsol@ampache> | 2008-12-11 07:39:41 +0000 |
|---|---|---|
| committer | dipsol <dipsol@ampache> | 2008-12-11 07:39:41 +0000 |
| commit | efa0fda4ff3133e15c79489e49258247182e3c50 (patch) | |
| tree | 21390a52d65c1569e386d28d956797ca81e61677 /modules/xmlrpc | |
| parent | 1d990900fb4228df331f71e1810144f063c754bf (diff) | |
| download | ampache-efa0fda4ff3133e15c79489e49258247182e3c50.tar.gz ampache-efa0fda4ff3133e15c79489e49258247182e3c50.tar.bz2 ampache-efa0fda4ff3133e15c79489e49258247182e3c50.zip | |
changed the xmlrpc library to the pear xmlrpc library. Also fixed some other litle things not worth mentioning.
Diffstat (limited to 'modules/xmlrpc')
| -rw-r--r-- | modules/xmlrpc/ChangeLog | 1365 | ||||
| -rw-r--r-- | modules/xmlrpc/README | 13 | ||||
| -rw-r--r-- | modules/xmlrpc/xmlrpc.inc | 3634 | ||||
| -rw-r--r-- | modules/xmlrpc/xmlrpcs.inc | 1172 |
4 files changed, 0 insertions, 6184 deletions
diff --git a/modules/xmlrpc/ChangeLog b/modules/xmlrpc/ChangeLog deleted file mode 100644 index 7273f893..00000000 --- a/modules/xmlrpc/ChangeLog +++ /dev/null @@ -1,1365 +0,0 @@ -2007-02-25 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * removed a couple of warnings emitted in testsuite.php - - * doc/makefile: added command for invocation of xxe to generate docs - - * better rendering of docs in xml+css format for function prototypes - - * updated documentation - - * tagged and released as 2.2 - -2007-02-22 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * debugger: workaround for case of magic_quotes_gpc being set (properly - unescape user input); fix case of user not setting msg id in jsonrpc case - when executing a remote method; allow strings, false, true and null as msg id - -2007-02-13 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * testsuite.php: added one test for automatic encoding/decoding case - -2007-02-05 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: slightly faster encoding of UTF8 data to ascii - -2007-01-11 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: when calling client::multicall() with an unspecified http version, - use the client default rather than the fixed 'http 1.0' - -2006-09-17 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc, xmlrpcs.inc, testsuite.php: added support for </NIL> and - system.getCapabilities, and one more testcase to go with it - -2006-09-05 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: fix support for https through proxies; client parses debug - messages sent by client even for compressed responses; - - * testsuite.php, parse_args.php: added 3 test cases for proxy connections - -2006-09-01 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - xmlrpc_wrappers.inc: add two more options in wrap_xmlrpc_method and fix - typo to allow obj encoding - -2006-08-28 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc_wrappers.inc: more options added to wrap_php_function and - wrap_xmlrpc_method - - * xmlrpc.inc: pave the way to support for <nil/> - - * doc/xmlrpc_php.xml documentation updated - - * tagged and released as 2.1 - -2006-08-25 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: stricter parsing of incoming messages: detect two DATA elements - inside an ARRAY, a STRUCT or SCALAR inside an already filled VALUE - - * testsuite.php: added two testcases to check for the above cases - -2006-08-24 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: more code optimization in xmlrpcval::serialize() and - php_xmlrpc_encode(); fixed bug where struct elements with non-ascii chars - in their name would not be properly encoded - - * testsuite.php: added a testcase for the new bug - -2006-08-23 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * remove old code left in comments across many files; many more javadoc - comments added - - * xmlrpc.inc: a bit of code optimization: reorder switch() statements of - xml parsing element handlers; inline code for xmlrpcval() - this breaks - new xmlrpcval('true') and changes error msgs on new xmlrpcval($x, 'invalid_type') - - * testsuite.php: change according to above - - * benchmark.php: basic support for xdebug 2 profiling - -2006-08-22 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: addscalar() and addstruct() where not returning 1 when adding - data to an already formed value - -2006-08-21 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpcs.inc, xmlrpc.inc: added support for emulating the xmlrpc-extension - API (the full emulation layer is part of the extras package); - fix support for the HTTP 'deflate' encoding - - * xmlrpc.inc: better support for http compression with and without CURL; - a minor decoding speedup; added a new function: php_xmlrpc_decode_xml(), - that will convert into the appropriate object the xml representation of - either a request, response or a single value; log reception of invalid - datetime values - - * xmlrpcs.inc: add a new parameter and return type to server->service(); - let server->add_to_map() accept method definitions without parameter types - - * xmlrpc_wrappers.inc: more logging of errors; wrap_php_functions now takes - more options; better support for jsonrpc; escape quote chars when wrapping - remothe servers / remote methods - - * added cvs Id tag to files that missed it; speling fixes; updated NEWS files - -2006-08-07 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * assorted fixes to make the suite more compatible with php 4.0.5 and 5.x - -2006-07-02 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc_warppers.inc: added new function to wrap entire remote server into - a local php class; changed default calling synopsis of wrap_remote_method, - to ease passing multiple options at a time (but old syntax still works!) - - * updated makefile, debugger/action.php in accord with the above - -2006-06-30 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * added to debugger capability to generate json-rpc code stubs - - * added to debugger capability to load and launch self correctly if - controller.php is called directly from outside processes (single url access) - -2006-06-26 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * moved wrap_php_functions and wrap_xmlrpc_method into a file of their own. - This will let us add further stub functionality without the base lib growing too much. - All of the files that reference this functionality have been modified accordingly. - - * made wrap_xmlrpc_method generate better code (with php type juggling), and - some phpdoc for the generated function, too - - * added to debugger an option to produce for the user the generated php code - for wrapping a call to a remote method into a php function - -2006-06-22 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpcs.inc: added description of parameters for system.xxx methods (useful with - html-self-documenting servers); - server->service() now returns response object, in case user has need for it... - - * xmlrpc.inc: save full response payload into xmlrpcresp obj for better debugging - -2006-06-15 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * verify_compat.php: more tests - -2006-06-09 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpcs.inc: fixed sending of compressed responses when output compression - is already enabled in php.ini - - * verify_compat.php: split tests between server and client cases - -2006-05-29 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * added new file: verify_compat.php, to help troubleshooting platform - support for the library; added it to makefile, too - -2006-05-24 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: removed residual usage of regexp in favour of pregexps; fixed - a bug in specifying Host http header with non std ports - -2006-05-23 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: improvements to wrap_php_function: let it deal correctly - with php functions returning xmlrpcresp objs; make it generate also - docs for single parameters (useful for documenting_xmlrpc_server class) - -2006-05-22 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc, xmlrpcs.inc: minor performance tuning updates: replaced - some explode vs. split, ereg vs. preg, single vs. double quotes - - * xmlrpc.inc: fix wrap_xmlrpc_method to NOT rebuild php objects received - from the server by default, as it might pose a security risk - -2006-04-24 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * minor fixes makefiles. Tagged and released as 2.0 final - -2006-04-22 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * debugger/*: added option to set cainfo; improve web layout - - * xmlrpc.inc: set sslverifypeer tp TRUE instaed of 1 by default - - * doc/php_xmlrpc.xml: documentation updates - -2006-04-21 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: added option to set ca certs dir instead of single cert - (used to validate server in https connetions) - -2006-04-18 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: fixed bug in xmlrpcval::structmemexists() - - * testsuite.php: added test case for xmlrpcval::structmemexists() - -2006-04-03 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: add support for Digest and NTLM authentication, both to server - and to proxies (note: must use CURL for this to work) - - * debugger/*: add support for Digest/NTLM auth to remote servers - -2006-03-19 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: fix a bug parsing of 'true' bool values; - added a new method to the client class: SetCaCertificate; - add column number in xml parsing error messages; - fix serialization of messages to ISO-8859-1 charset with php 5 (by adding - encoding to the xml prologue of generated messages) - - * xmlrpcs.inc: correct detection of charset in http headers; - add column number in xml parsing error messages; - fix serialization of responses to ISO-8859-1 charset with php 5 (by adding - encoding to the xml prologue of generated responses) - - * testsuite.php: added two more tests on charset encoding - - * NEWS: update info for impending release - -2006-03-23 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * added a new demo file: simple_call.php - -2006-02-20 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpcs.inc: more error checking and logging with regard to user-coded - method handler functions not being well behaved; - fix a case where error handler would not be reset upon user function - returning not valid xmlrpresp - - * xmlrpc.inc: fix bug in detection of php 4.3.0 - - * Makefile: fix uppercase filenames - -2006-02-15 - - * xmlrpc.inc: parse 'true' and 'false' as valid booleans, even though the - spec is quite clear on that; fix small bug w. internal_encoding = utf8; add - definition of $GLOBALS['xmlrpcNull'] for extensibility, e.g. json or - extensions to the xmlrpc spec - -2006-02-05 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: fix bug in wrap_xmlrpc_method if client passed to function has - return_type=phpvals - - * all demo files: review code, add more comments and information - - * added 2 demo files: proxy.php (implementing an xmlrpc proxy server) and - wrap.php (showing usage of wrap_method_call) - -2006-02-04 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: fix bug in multicall in case of no fallback and server error - -2006-01-30 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: fix recursive serialization of xmlrpcvals loosing UTF8 charset; - correctly set type field of xmlrpcvals returned by send() calls - - * xmlrpcs.inc: add to server checks for correct return type of user-coded - method handling function; tolerate xmlrpcval instead of xmlrpcresp - - * minor change in xmlrpcresp internals, to ease subclassing (store payload - in an internal var on serialize(), same as xmlrpcclient does) - -2006-01-22 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * benchmark.php: do not run http 1.1 tests if CURL notfound - - * Released as 2.0 Rc3 - -2006-01-19 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: make xmlrpc_client::setDebug() accept int values instead of - boolean. At level 2, the request payload is printed to screen before being - sent; fix bug with repeated sending of the same msg object and using request - compression w. php 5.1.2 (objects passed by ref by default!!!) - - * xmlrpcs.inc: fix detection of clients accepting compressed responses - - * comment.php: remove warnings due to liberal usage of $HTTP_POST/GET_VARS - - * benchmark.php: add a test using http compression of both requests and - responses - - * testsuite.php: added test for fix in xmlrpc.inc - -2006-01-17 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpcs.php: minor fix: do not raise a PHP warning when std server is - called via GET (global HTTP_RAW_POST_DATA undefined). Some might have called - it a security breach (path disclosure)... - -2006-01-15 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * testsuite.php: minor fix to expected date format in http cookie hedaer - to cope with PHP 5.1.2 - -2006-01-05 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpcs.inc: merge code from the 'extras' subclass that allows server - to register plain php functions in dispatch map instead of functions - accepting a single xmlrpcmgs obj parameter. - One step closer to the kitchen sink!!! - -2005-12-31 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpcs.inc: let the server accept 'class::method' syntax in the dispatch - map - - * testsuite.php, server.php: added new tests for the recent charset encoding - capabilities - -2005-12-24 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: correctly serialize() string xmlrpcvals that have been - created out of non-string php variables, when internal encoding is UTF8; - serialize to '0' int and double values created out of non-string php - variables, eg. 'hello', instead of creating invalid xmlrpc; - extend the php_xmlrpc_encode function to allow serializing string values - to charsets other tha US-ASCII; - minor tweak to xml parsing to allow correct parsing of empty strings when - in 'direct to php values' mode - - * xmlrpcs.inc: advances in system.multicall with plain php values - -2005-12-17 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpcs.inc: let the functions implementing the system.* methods work - fine when called with plain php values as parameters instead of xmlrpcmsg - objects (multicall not quite finished yet...); - encode level 3 debug info as base64 data, to avoid charset encoding hell - - * xmlrpc.inc: added a new xmlrpc_2_php_type function, to get the name of - php types corresponding to xmlrpc types; - in debug mode, when detecting base64 server debug info, print it out fine - - * server.php: cosmetic fixes - -2005-12-09 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: remove one warning emitted when received xml contains an - unknown tag; remove warnings emitted when custom error handler is set - and user calls php_xmlrpc_encode/decode without the 2nd parameter - - * xmlrpcs.inc: added a param to service(), to allow the server to parse - data other than the POST body (useful for subclassing and debugging); - reworked the implementation of server debug messages at debug level 2: - since the debug info generated has no known charset, and putting it back - into the response's xml would most likely break it, send it back to the - client as a base64 encoded comment. Clients can decode it if they need it... - Add some more javadocs - - * testsuite.php: modified the string test, to see if the server can echo - back to the client the received data without breaking the response's xml - -2005-12-05 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc, xmlrpcs.inc: let server and client objects decide if they - want to use some charset encoding other than US-ASCII for serialized data: - add a new var to both objects, and lots of parameters to function calls - that took none up to now; - refactored server method service() and parseRequest(), implementing a - new parserequestHeaders() method to explicitly deal with HTTP - -2005-12-01 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * moved the jsonrpc implementation and the new wsdl stuff to a separate - CVS module; updated the makefile to reflect it - -2005-11-24 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * modified php_xmlrpc_decode() to work on xmlrpcmessages too, besides - xmlrpcvals. To achieve this, added a new method: xmlrpcmsg::kindOf() - -2005-11-22 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * released as 2.0 RC2 - -2005-11-21 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: fix warnings about references for PHP 4.1.X - - * Whitespace cleanup on all the lib - -2005-11-16 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: rewritten xmlrpc_encode_entitites adding two extra parameters - that specify input and output charset encodings. This corrects the bug that - prevented native UTF-8 strings to be correctly serialized (to have them - encoded the user must set $xmlrpc_internalencoing appropriately). - - * xmlrpc.inc: added new method xmlrpcmsg::parseResponseHeaders(), refactoring - parseResponse(). This makes the code more modular and eases subclassing. - - * xmlrpc.inc: set cookies and http headers to xmlrpcresp objs even when calls - to send() do not complete correctly - - * added new file: jsonrpcs.inc, to accomodate server jsonrpc objects in the future - - * jsonrpc.inc: slow progress... - -2005-11-10 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: fixed the xmlrpc_client send and sendpayloadhttps methods - to fix errors in calling https servers; - added a new xmlrpc_client->setkey method to allow usage of client-side ssl - certs in recent php builds; - added to xmlrpcresp objects a content_type var, to be used in HTTP headers - - * xmlrpcs.inc: separate generation of content-type http header and xml prologue - from the service() method, to ease subclassing - -2005-11-03 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: moved the 'text/xml' mimetype string as class var of the xmlrpcmsg - object instead of having it cabled into xmlrpc_client->send(): this allows to - create subclasses of xmlrpcmsg that use a different mimetype - - * jsonrpc.inc: added a new file, with an extremely experimental set of classes, - designed to implement a json-rpc client and server, taking advantage of the - existing xml-rpc infrastructure - -2005-10-28 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: changed constructor method for xmlrpcresp, making it smarter in - case user does not declare the type of value it is passing to it; - minor changes in serialization of xmlrpcresp with error codes, so that it - utputs LF instead of CRLF on windows boxes after an FTP transfer of the code, too - -2005-10-26 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: added a new var of class xmlrpc_client, indicating what kind of - object will be stored in the value() of xmlrpcresp's gotten from the send() - method: xmlrpxc objects, plain php variables or raw xml. This allow the coder - to make use of xmlrpc_decode for better performances if he wishes so. - Modified creator of xmlrpcresp class to allow it to distinguish between being - created out of raw xml or a plain php string (in the former case, serialization - is still possible, opening a new world of opportunity for server-side programming: - the php function implementing a web service has to provide the xml for the - return value on its own). - Modified xmlrpc_client::multicall() to suit; also added a new parameter which - allows calls to multicall without automatic fallback to many-calls in case of - error (speeding up the process of doing a failed multicall() call quite a bit) - Fixed two bugs in guess_encoding. - Audited all regexps and fixed some. - xmlrpc_client::send() does not call xmlrpcmsg::parseresponsefile() anymore. - Shuffled parseresponse() a little bit - - * testsuite.php: added a new testcase for the modifications to multicall(): - now we test the case where xmlrpc_client returns php values, too - -2005-10-24 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: fixed guess_encoding() to always return uppercase chars - - * added new file: benchmark.php. It contains a few tests used to evaluate - speed of the lib in common use cases - - * added file parse_args.php, containing common code for benchmark and - testsuite, and modified testsuite.php accordingly - - * modified makefile adding new files - - * testsuite.php: added a couple of new test cases; fixed one warning - emitted in php 5 E_STRICT mode - -2005-10-20 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: modify 3d param of ParseResponse(), allowing the function to - return the raw xml received as value of the xmlrpcresponse object. - This allows eg. to have epi-xmlrpc decode the xml for faster execution. - -2005-10-09 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: fixed error that prevented usage of HTTPS (the client - always determined that ssl support was not present) - -2005-10-03 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc, xmlrpcs.inc: revert direction of stack growth during xml - parsing for faster execution time; add support for detecting charset - encoding of received xml; add support for cookies; better parsing of - javadoc when building stub code in wrap_php_function; add a lot of - javadoc comments everywhere; rewrite most error messages - - * testsuite.php: add many tests for newly introduced features - - * server.php: add a couple of new functions to support debugging new - features - - * debugger: add switches to enable all the latest lib features; minor - improvements to layout - - * synch included phpunit with latest PEAR release - - * reorganize files included in the distribution in a new hierarchy of folders - - * bump revision number to 2.0RC1 and release - -2005-8-14 Miles Lott <milos@groupwhere.org> - - * xmlrpc.inc, xmlrpcs.inc: Remove all use of eval() to avoid potential - security hole. - - * As of this release we are no longer php3-compatible. - -2005-8-10 Miles Lott <milos@groupwhere.org> - - * xmlrpc.inc, xmlrpcs.inc: Switched to using $GLOBALS instead of calling - global $varname - -2005-07-22 Miles Lott <milos@groupwhere.org> - - * Removed: bug_* files - -2005-07-14 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * debugger: added a workaround to disable using the debugger for attacking - older versions of the lib - - * testsuite.php: added code to test wrap_xmlrpc_method; - use different wording for failed tests - - * xmlrpcs.inc: change for() with foreach() in system.* methods implementations; - remove a possible cause of php warning; - - * xmlrpc.inc: let wrap_php_function and wrap_xmlrpc_method find suitable - function names if default function names are already in use; - correct wrap_xmlrpc_method to not set http protocol to 1.0 when not asked to; - detect curl compiles without SSL - -2005-07-14 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: more auto-fix of xmlrpc_client path: '' -> '/'; - change to the method used for detecting failed evals (php 4.0.x compatibility); - complete rework of return-by-ref functions to comply with php 4.4.0 - - * xmlrpcs.inc: change to the method used for detecting failed evals (php 4.0.x - compatibility) - - * testsuite.php: major rewrite of the multi- tests, to give better feedback on - number of failed tests; - flush html page title to screen before starting tests; - -2005-07-13 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: let xmlrpcmsg creator be forgiving of target paths that miss the - starting '/' char; - completely reworked assign-by-ref to be compliant with php 4.4.0 stricter - warnings - - * testsuite.php: added ability to be run from cli: (really dumb) separation of - html and plain text outputs + parsing of argv parameters - -2005-07-12 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: compatibility fixes with PHP versions 4.0.x (and remove some for - PHP 3) - - * xmlrpcs.inc: compatibility fixes for PHP 4.0.x versions - - * testsuite.php: better support for running with php versions 4.0.x; - do not generate runtime errors but finish tests anyway if some calls to - localhost fail; - correctly detect a localhost port different from 80 for running tests against - -2005-07-11 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: preliminary building of method signature and docs in - wrap_php_function; - fix a bug in extracting function description from javadoc block in - wrap_php_function; - small fix for better compatibility with php < 4.2.0 - - * added compat subdir with extra code, taken form PEAR package Compat, to let - the lib run fine with php 4 versions < 4.1 - -2005-07-10 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: some nazi whitespace corrections; - declared global $xmlrpcBoolean too (was the only one missing); - used @eval inside getval() to have less path disclosure security reports filed - in the future; - added new global var: $xmlrpcValue, to be used in server dispatch maps as - placeholder for a param which can be of any kind; - big chunks (but still incomplete) of javadoc parsing in wrap_php_function - + changed type of return val - now it is the complete array to be put in the - dispatch map - - * xmlrpcs.inc: let previous error handler be called by server to handle errors - even if in debug level 3; - default to compress responses if zlib installed; - added a new val useful for only checking number (not type) of params in method - calls; - let user use object methods in dispatch map using the - array($obj, 'fmethodname') format - - * server.php: Added code called by testsuite.php to exercise registration of - object methods as xmlrpc methods and auto-registration of php functions as xmlrpc - methods - - * testsuite.php: added tests to exercice server registering object methods as - xmlrpc methods and automatic registration of php functions as server methods; - added a hint to enable debug if some test goes wrong; - renamed https test for better clarity - -2005-07-07 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: added function to be used for 'guestimating' charset encoding of - received xml (not activated yet) - - * server.php: Let server compress content by default if user asks so: it allows - testsuite to check for compressed responses - - * testsuite.php: added suite of tests for compressed responses; test CURL - (http1.1) with all possible compression combinations too - -2005-07-06 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: Enable setting usage of keepalives on/off (for CURL cases); - implement compression of xmlrpc requests; enable new syntax of xmlrpclient - constructor: 1 - allow preferred http method to be set at creation time, - 2 - allow user to insert a single complete URL as only parameter and parse it; - try to detect if curl is present whether it has been compiled w. zlib to enable - automatically the reception of compressed responses - - * xmlrpcs.inc: do not add into logs the content of the request, if it was - received gzipped/deflated, to avoid breaking the xml sent back as response - (NB: might be investigated further: is the problem caused by windows chars in - the range 128-160 ?) - - * testsuite.php: run all localhost tests 2 more times, to stress request - compression; - run all localhost tests in a row using keepalives, to test keepalive - functionality - -2005-07-05 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: let CURL pass back to caller function the complete PHP headers - as it did before: it enables better logging / debugging of communication; - small change to the way CURL declares its ability to receive compressed - messages (fix for the case where zlib is compiled in PHP but not in curl); - added Keep-alive (ON BY DEFAULT) for http 1.1 and https messages (had to modify - a lot of functions for that); - always make sure a 'Connection: close' header is sent with curl connections if - keep-alive is not wanted - - * phpunit.php: switched to PEAR PHPUnit (rel 1.2.3), since it is maintained a - lot more than the old version we were using - - * added new folder with code of phpunit classes - - * testsuite.php: added a new run of tests to check for compliance of client - when using http 1.1; - switched to PEAR PHPUnit classes; - divided test for client ability to do multicall() into 2 separate tests - -2005-06-30 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - tagged and released version 1.1.1, backporting security fixes from HEAD - -2005-06-28 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpcs.inc: fix changes introuced yesterday in a rush; - do not list system.* methods for a server that has them explicitly disabled - - * bug_inject.xml: new test case used to check for code injection vulnerability - - * testsuite.php: added a test case for zero parameters method calls; - added two test cases for recently found code injection vulnerabilities - -2005-06-27 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: (tentative) fix for security problem reported by - security@gulftech.org: we were not properly php-escaping xml received for - BASE64 and NAME tags; - some more patching related to junk received in xml messages/responses: if the - PHP code built from the parsed xml is broken, catch any generated errors - without echoing it to screen but take note of the error and propagate to user - code - - * xmlrpcs.inc: some more patching related to junk received in xml messages/ - responses: if the PHP code built from the parsed xml is broken, catch any - generated errors without echoing it to screen but take note of the error and - propagate to user code - -2005-06-24 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: fixed php_xmlrpc_encode detection of php arrays (again!); - removed from wrap_php_function the part about setting a custom error handler - (it can be activated using the more general $server->setdebug(3) anyway) - - * xmlrpcs.inc: added to server the capability to trap all processing errors - during execution of user functions and add them to debug info inside responses; - return a (new) xmlrpcerr response instead of raising some obscure php execution - error if there is an undefined function in the dispatch map - - * testsuite.php: Added new testcases for recently implemented stuff - -2005-06-23 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: added new method: xmlrpcval->structmemexists, to check for - presence of a wanted struct member without having to loop through all members; - fix wrap_php_functions: correctly return false for php internal functions, - whose param list is unknown; - let addscalar fail as it should if called on struct vals; - fix addstruct: do not fail when called for adding stuff to initialized structs; - removed a warning generated when calling addscalar with inexistent type; - massive code review for speed: replaced each() loops with foreach(), removed - lots of useless assignments and duplications of data; - added 'http11' as valid method param for xmlrpclient->send: makes use of curl - for sending http 1.1 requests; - changed a couple '=' into '=&' where objects are returned; - fixed wrap_php_function() to better detect php errors while processing wrapped - function - - * xmlrpcs.inc: Fix php warnings generated when clients requested method - signature / description for a method that had none in its dispatch map; - turned server->debug into an integer value that will change the amount of - logging going as comments into xmlrpc responses - - * server.php: set default server debug level to 2 - - * testsuite.php: removed calls to deleted functions (xmlrpc_encode, - xmlrpc_decode); - added html page title describing target servers used for tests; - added an assign-by-ref - - * phpunit.php: Do not consider as failures PHP 5 E_STRICT errors (arbitrary - choice, but lib is targeted at PHP 4) - -2005-06-22 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: removed lottsa old code that had been left in commented - - * xmlrpc.inc: fixed setting of proxy port - - * xmlrpc.inc: removed one warning when trying to decompress junk sent as - deflated response - - * xmlrpc.inc: changed the error messages (but not the code) that will be found - in xmlrpcresponses when there are socket errors, to differentiate from HTTP - errors - - * xmlrpc.inc: refactored xmlrpcclient->sendpayloadHTTPS: now it calls a new - method (sendpayloadCURL) that could be used also for generating HTTP 1.1 - requests - - * xmlrpc.inc: added two new methods: wrap_php_function and wrap_xmlrpc_method: - designed to let the lazy programmer automagically convert php functions to - xmlrpc methods and vice versa. Details are in the code - - * debugger/*: added initial revision of a 'universal xmlrpc debugger' - -2005-06-20 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: replace usage of 'echo' with error_log when errors arise - in manipulation of xmlrpcval objects - - * xmlrpc.inc: replaced <br> with <br /> in dump function - - * xmlrpc.inc: added method structsize to xmlrpcval class (alias for arraysize) - - * xmlrpc.inc: addarray() now will add extra members to an xmlrpcval object - of array type; addstruct() can be used to add members to an xmlrpcval object - of struct type - - * xmlrpcs.inc: Added member allow_system_funcs to server: controls whether the - server accepts or not calls to system.* functions - -2005-05-10 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: fix regression in php_xmlrpc_encode when encoding php hashes; - fix decompression of gzip/deflated xmlrpc responses; - set user agent string correctly in SSL mode (was forgetting lib name); - add allowed encoding http headers in requests; - do not pass http headers back from curl to parseresponse, to avoid re-decoding - compressed xml or http 100 headers - - * xmlrpcs.inc: added method setDebug; - renamed compress_output to compress_response; - do not try to set http headers if they have already been sent, because trying - to do so will raise a PHP error, and if headers have been sent something has - gone wrong already (shall we send a meaningful error response instead?) - -2005-05-08 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpcs.inc, xmlrpcs.inc: reverted to usage of '=& new' for better - performance on (some) php4 installs. - NB: PHP 3 compatibility is deprecated from now on! - - * xmlrpc.inc: decode xmlrpc boolean type to native php boolean - - * xmlrpcs.inc, xmlrpcs.inc: switched $_xh[$parser] to $_xh, since indexing - an array by object will give a warning in php 5 (and we were resetting the - array of _xh elements on every call anyway) - - * xmlrpc.inc: commented unused code used originally for escaping content - - * xmlrpc.inc: commented deprecated methods xmlrpc_encode and xmlrpc_decode - - * xmlrpc.inc: php_xmlrpc_encode: encode integer-indexed php arrays as xmlrpc - arrays instead of structs; if object given to encode is an xmlrpcval return it - instead of reencoding (makes easier calling encode on an array of xmlrpcvals) - - * xmlrpcs.inc: added $debug field to server class; if false will prevent - the server from echoing debug info back to the client as xml comment - - * xmlrpcs.inc: let the server add to the debug messages the complete request - payload received and (if php installed as apache module) http headers, so that - the client in debug mode can echo a complete fingerprint of the communication - - * xmlrpcs.inc: changed API of ParseRequest method: now it cannot be called - without a 'data' parameter; added 2nd parameter (http encoding); changed the - call to this method from inside service() method - - * xmlrpc.inc, xmlrpcs.inc: enable both server and client to parse compressed xml - (if php is compiled with zlib); client should also be able to decode chunked - http encoding - - * xmlrpc.inc: add support for proxies (only basic auth supported); default port - is 8080 (if left unspecified) - - * xmlrpc.inc: use lowercase for names of http headers received (makes using - them much simpler, since servers can use any upper/lowercase combination) - - * xmlrpc.inc: bumped version number to '2.0 beta' - -2005-05-08 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * release of version 1.1 - -2005-04-24 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpcs.inc: removed charset declaration from xml prologue of responses, - since we are now escaping all non-ascii chars in an encoding-independent way - - * bug_http.xml: modified to exercise some extra functonality of the lib - (it should now be failed by the current PEAR implementation of the lib) - - * xmlrpc.inc: bumped up rev. number to 1.1 - - * doc/xmlrpc_php.xml, doc/announce1_1.txt: documentation updates - - * Makefile: updated to reflect new xml doc source, modified filelist - -2005-04-17 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * client.php, agesort.php, introspect.php, introspect_demo.php, - which.php, test.pl, test.py: use as default target the server.php page hosted - on phpxmlrpc.sf.net - - * server.php: fix for register_globals off; refer to docs on phpxmlrpc.sf.net - -2005-04-15 Miles Lott <milos@groupwhere.org> - - code formatting and comments - -2005-04-03 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: make use of global var $xmlrpcName in building User_Agent HTTP - header (in conjunction with $xmlrpcVersion) - - * agesort.php, client.php, comment.php, dicuss.php, mail.php, server.php, - which.php: various janitorial fixes - + always html escape content received from xmlrpc server or from user input - + make the scripts run fine with register_globals off an register_long_arrays off - + always use the functions php_xmlrpc_en(de)code, even if the EPI extension - is not installed - + in mail.php, allow user to see script source even if support for .phps files - is not configured in the local web server - - * testsuite.php: better detection of local webserver hostname for running tests - against (if the user did not supply a webserver name) - -2005-03-21 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpcs.inc: revert to a PHP3 compatible script (change '=& new' to '= new') - - * xmlrpc.inc: revert to a PHP3 compatible script (lottsa fixes) - - * testsuite.php: default to using local server as test target if no user - provided values are available instead of heddley.com server - - * testsuite.php: play nice to PHP3 in retrieving user-passed values - - * testsuite.php: fix constructor method name for a type of tests - - * phpunit.php: fix all cases of call-time-pass-by-ref - - * phpunit.php: rename Exception class to _Exception if the script is run with - PHP 5 (exception is a reserverd word) - -2005-03-19 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: fixed bug in new http header parsing code in case there is - no correct separator between response headers and body - - * xmlrpc.inc: added recognizing and stripping of HTTP/1.1 100 response headers - - * xmlrpc.inc: strip extra whitespace from response body, as well as any junk - that comes after the last </MethodResponse> tag. It allows the server code to - be put on public providers that add e.g. javascript advertising to served pages - - * xmlrpc.inc: removed unused parts of code, trailing whitespace - - * xmlrpc.inc: fix possible bug (?) in xmlrpc_ee for BOOLEAN values: true was - being handled differently than false - - * testsuite.php: added a new file-based test to stress the response parsing - modifications recently introduced; enabled debugging for file based tests - -2005-03-15 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: fixed missing declaration of global vars in xmlrpc_dh, - sendpayloadhttps and sendpayloadhttp10 - - * xmlrpc.inc: changed error message for invalid responses: 'enable debugging' - is more clear that 'enabling debugging' (the user is being encouraged to do it) - - * xmlrpc.inc: rewrote HTTP response header parsing. It should be more tolerant - of invalid headers, give more accurate error messages and be marginally faster, - too. - - * xmlrpc.inc: cosmetic whitespace fixes and remove useless one-liners - - * xmlrpc.inc: build a shorter PHP command line to be evaluated for rebuilding - values from parsed xml: use '$val =& nex xmlrpcval("value")' for string values - instead of '$val =& nex xmlrpcval("value", $xmlrpcString)' - - * xmlrpc.inc: fix change introduced 2005/01/30 moving call to curl_close() - too early: it did not work on error situations - - * testsuite.php: fix name of testAddingTest method, renamed testErrosString - into testErrorString and removed useless warning for register_globals=off case - -2005-02-27 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: do not echo XML parsing error to screen (it is already dumped - into error log) - - * xmlrpc.inc: set hdrs field into response object in case of XML parsing error - (uniform behaviour with other responses) - -2005-02-26 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: use global var $xmlrpcVersion as number for user agent string - - * xmlrpcs.inc: eliminate server side PHP wanring and give back to caller - a better error msg in case the called method exists but no signature matches - the number of parameters - -2005-02-20 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: accept a + sign in front of floats / integers, since the spec - clearly mentions it - - * xmlrpc.inc, xmlrpcs.inc: renamed function XmlEntities to xmlrpc_encode_entitites, - to avoid using the same name as an array already defined - - * xmlrpc.inc: fix bug introduced with escaping of UTF8 chars in xmlrpc error - responses: correct behaviour is to escape chars inside serialize(), not when - calling the xmlrpcresp creator - - * testsuite.php: made test suite more friendly to modern PHP configs, allowing - register_globals to be off and to set in the URL all testing parameters; - added tests for newly introduced fixes; renamed existing tests acording to the - docs inside phpunit.php (e.g. no subclass of TestCase should have a name - starting with test...) - -2005-02-19 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: accept patch 683153 by mah0: if timeout is set, allow all socket - operations to timeout at the given time, not only the socket connection - -2005-02-13 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: be tolerant to double values received in exponential notation: - even though the spec forbids their usage PHP is fine with them - - * xmlrpc.inc: fix bug: new xmlrpcval('-1') was creating an empty value instead - of a string value! - - * xmlrpc.inc, xmlrpcs.inc: fix the payload encoding changes introduced by - Andres Salomon on 2004-03-17: sending named html entities inside an xml chunk - makes it invalid, and thus renders the lib absolutely non-interoperable with - any other xmlrpc implementation; moreover the current implementation only ever - worked for non-ascii requests, while breaking client-parsing of responses - containing non-ascii chars. - The principle of using entities is preserved though, because it allows the - client to send correct xml regardless of php internal charset encoding vs. - xml request charset encoding, but using 'character references' instead. - - * xmlrpc.inc: encode (non-ascii) chars into charset entities also for error - strings - - * xmlrpcs.inc: encode (non-ascii) chars into charset entities also for debug - messages - - * xmlrpcs.inc: added 'Accept-Charset' header in http request to let the server - know what kind of charset encoding we do expect to be used for responses - - * xmlrpc.inc, xmlrpcs.inc: explicitly tell the xml parser what charset the - application expects to receive content in (notably strings). A new variable, - $xmlrpc_internalencoding, (defaulting to ISO-8859-1) defines what charset the - parser will use for passing back string xmlrpcvals to the PHP application - (both server-side and client-side). - This allows transparent usage of e.g. UTF-8 for encoding xml messages between - server and client and ISO-8859-1 for internal string handling. - ISO-8859-1 is, AFAIK, PHP internal encoding for all installs except - mbstring-enabled ones. - -2005-02-12 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpcs.inc: use '$var =& new(' construct to assign objects: on older versions - of PHP objects are first built then copied over if the ampersand is omitted. - Using it should make the code a little bit faster... - - * doc/xmlrpc.php: update lib version number, release date in preparation for - next release - - * makefile: update lib version number in preparation for next release - - * xmlrpc.inc: split up parsing of xmlrpc INT and DOUBLE values. This allows - finer-grained control over valid values: now the '.' char is not allowed - any more inside int values. - - * xmlrpc.inc: fix for bug #560303: ints and doubles starting with '0' chars are - no more parsed as octal values - -2005-01-30 Gaetano Giunta <giunta.gaetano@sea-aeroportimilano.it> - - * xmlrpc.inc: Modifed last change by Miles: the functions php_xmlrpc_encode - and php_xmlrpc_decode are now always defined, regardless of the existence of - XMLRPC-EPI. This allows users to start using these functions as the 'default' - functions, and pave the way for future deprecation of xmlrpc_encode/encode - while maintaining a stable API. - - * xmlrpc.inc: use '$var =& new(' construct to assign objects: on older versions - of PHP objects are first built then copied over if the ampersand is omitted. - Using it should make the code a little bit faster... - - * xmlrpc.inc: close curl connection as soon as possible for https requests: - it could save some memory / resources. - - * xmlrpc.inc: added some extra info in the PHP error log message generated - when an invalid xmlrpc integer/float value is encountered and we try to - deserialize it. - - * xmlrpc.inc: added @ char before fsockopen to avoid echoing useless warnings - when connection to server fails; added the same to avoid echoing warnings when - deserializing data of an unknown type - - * xmlrpc.inc: reset the _xh array on each xmlrpc call: otherwise a new array - member is created for each consecutive call and never destroyed, thus making it - impossible to build an xmlrpc-client daemon beacuse of memory leaking. - - * xmlrpc.inc: declare global the variables that are used as 'constants', - so that xmlrpc.inc will work even if it is included from within a function - -2004-12-27 Miles Lott <milos@groupwhere.org> - * xmlrpc.inc: A new constant, XMLRPC_EPI_ENABLED, is defined depending on - the existence of the function, xmlrpc_decode. This function will exist in - PHP if the extension, XMLRPC-EPI (http://xmlrpc-epi.sourceforge.net), is - loaded. It defines the functions xmlrpc_encode and xmlrpc_decode, which - will conflict with functions of the same name in xmlrpc.inc. If this - extension is loaded, we instead use the names php_xmlrpc_encode and - php_xmlrpc_decode. Please look at server.php, testsuite.php, etc., for - how this should be handled if using these functions. - -2003-04-17 Andres Salomon <dilinger@voxel.net> - * xmlrpc.inc: encode strings using htmlentities() instead of - htmlspecialchars(), and add xmlrpc_html_entity_xlate(). This - should fix longstanding issues with sending weird chars (from - non-USASCII codesets like UTF-8, ISO-8859-1, etc) that caused - the xml parser to choke. Multi-byte chars are now changed to - entities before sending, so that the xmlrpc server doesn't need - to know the encoding type of the POST data. - * xmlrpcs.inc: call xmlrpc_html_entity_xlate before parsing - request packet. The parser chokes on unknown entities (the - entities created by htmlentities() are exactly that; html - entities, not xml entities), so they must be converted from - name form (é) to numerical form (é). - -2003-01-12 Andres Salomon <dilinger@voxel.net> - - * released 1.0.99.2. - * Makefile: separate doc/Makefile a bit more from Makefile, - and add clean rules. - -2003-01-10 Andres Salomon <dilinger@voxel.net> - - * xmlrpc.inc: xmlrpcresp and parseResponse cleanups; variable - name renames ('xv' to 'val', for example), type checking, and - stricter default values. - * xmlrpc.inc: fix xmlrpcresp's faultcode; return -1 for FAULT - responses from the server whose faultcodes don't reflect any - errors. - -2003-01-08 Andres Salomon <dilinger@voxel.net> - - * xmlrpc.inc: rename $_xh[$parser]['ha'] to - $_xh[$parser]['headers']. - * xmlrpc.inc: fix bugs related to $_xh[$parser]['headers]; - some places treated this as an array, others as a scalar. - Treat unconditionally as an array. Also wrap header debugging - output in PRE tags. - -2002-12-17 Andres Salomon <dilinger@voxel.net> - - * released 1.0.99. - * Makefile: changed the tarball format/dist rule to a more - conventional form, as well as normal release updates. - * xmlrpc.inc: added setSSLVerifyPeer and setSSLVerifyHost; as - of curl 7.10, various certificate checks are done (by default). - The default for CURLOPT_SSL_VERIFYHOST is to ensure the common - name on the cert matches the provided hostname. This breaks a - lot of stuff, so allow users to override it. - * doc/xmlrpc_php.sgml: updated documentation accordingly. - -2002-09-06 Geoffrey T. Dairiki <dairiki@dairiki.org> - - Add support for system.multicall() to both the client - and the server. - - * testsuite.php: Add new tests 'testServerMulticall', - and 'testClientMulticall'. - - * xmlrpc.inc: Added new error messages for system.multicall(). - * xmlrpcs.inc: Added new procedure call system.multicall(). - See http://www.xmlrpc.com/discuss/msgReader$1208 for details. - - * xmlrpc.inc: Added system.multicall functionality to - xmlrpc_client. xmlrpc_client::send can now take an array of - xmlrpcmsg's as an argument. In that case it will attempt - to execute the whole array of procure calls in a single - HTTP request using system.multicall(). (If that attempt fails, - then the calls will be excuted one at a time.) The return - value will be an array of xmlrpcresp's (or 0 upon transport - failure.) - -2001-11-29 Edd Dumbill <edd@usefulinc.com> - - * xmlrpc.inc: fixed problem with processing HTTP headers that - broke any payload with more than one consecutive newline in it. - also initialise the 'ac' array member to empty string at start. - * testsuite.php: added unit test to exercise above bug - * xmlrpcs.inc: fixed uninitialized variable $plist - -2001-09-25 Edd Dumbill <edd@usefulinc.com> - - * xmlrpc.inc: applied urgent security fixes as identified by Dan - Libby - -2001-08-27 Edd Dumbill <edd@usefulinc.com> - - * xmlrpc.inc: Merged in HTTPS support from Justin Miller, with a - few additions for better traceability of failure conditions. Added - small fix from Giancarlo Pinerolo. Bumped rev to 1.0. Changed - license to BSD license. - -2001-06-15 Edd Dumbill <edd@usefulinc.com> - - * xmlrpcs.inc: Added \r into return MIME headers for server class - -2001-04-25 Edd Dumbill <edd@usefulinc.com> - - * server.php: Added interop suite of methods. - -2001-04-24 Edd Dumbill <edd@usefulinc.com> - - * testsuite.php: added in test case for string handling bug. - - * xmlrpc.inc: merged in minor fixes from G Giunta to fix - noninitialization. Created new method, getval(), which includes - experimental support for recreating nested arrays, from Giunta and - Sofer. Fixed string handling bug where characters after </string> - but before </value> weren't ignored. Added in support for native - boolean type into xmlrpc_encode (Giunta). - - * xmlrpcs.inc: updated copyright notice - -2001-01-15 Edd Dumbill <edd@usefulinc.com> - - * xmlrpc.inc: fixed bug with creation of booleans. Put checks in - to ensure that numbers were really numeric. Fixed bug with - non-escaping of dollar signs in strings. - - * testsuite.php: created test suite. - -2000-08-26 Edd Dumbill <edd@usefulinc.com> - - * xmlrpcs.inc: added xmlrpc_debugmsg() function which outputs - debug information in comments inside the return payload XML - - * xmlrpc.inc: merged in some changes from Dan Libby which fix up - whitespace handling. - - * xmlrpcs.inc: added Content-length header on response (bug from - Jan Varga <varga@utcru.sk>. This means you can no longer print - during processing - - * xmlrpc.inc: changed ereg_replace to str_replace in several - places (thanks to Dan Libby <dan@libby.com> for this). - - * xmlrpc.inc: added xmlrpc_encode() and xmlrpc_decode() from Dan - Libby--these helper routines make it easier to work in native PHP - data structures. - -2000-07-21 Edd Dumbill <edd@usefulinc.com> - - * xmlrpc.inc: added xmlrpc_client::setCredentials method to pass - in authorization information, and modified sendPayload* methods to - send this OK. Thanks to Grant Rauscher for the impetus to do this. - Also, made the client send empty <params></params> if there are no - parameters set by the user. - - * doc/xmlrpc_php.sgml: updated documentation to reflect recent - changes - - -2000-07-18 Edd Dumbill <edd@usefulinc.com> - - * server.php: added examples.invertBooleans method to server as a - useful test method for boolean values. - - * xmlrpc.inc: rearranged the way booleans are handled to fix - outstanding problems. Fixed calling addScalar() on arrays so it - works. Finally fixed backslashification issues to remove the - problem will dollar signs disappearing. - - * booltest.php: really fixed booleans this time. - -2000-06-03 Edd Dumbill <edd@usefulinc.com> - - * xmlrpcs.inc: made signature verification more useful - now - returns what it found was wrong - - * xmlrpc.inc: fixed bug with decoding dateTimes. Also fixed a bug - which meant a PHP syntax error happened when attempting to receive - empty arrays or structs. Also fixed bug with booleans always being - interpreted as 'true'. - - * server.php: Added validator1 suite of tests to test against - validator.xmlrpc.com - - -2000-05-06 Edd Dumbill <edd@usefulinc.com> - - * released 1.0b6 - - * added test.pl and test.py, Perl and Python scripts that exercise - server.php somewhat (but not a lot) - - * added extra fault condition for a non 200 OK response from the - remote server. - - * added iso8601_encode() and iso8601_decode() to give some support - for passing dates around. They translate to and from UNIX - timestamps. Updated documentation accordingly. - - * fixed string backslashification -- was previously a little - overzealous! new behavior is '\' --> '\\' and '"' --> - '\"'. Everything else gets left alone. - -2000-04-12 Edd Dumbill <edd@usefulinc.com> - - * updated and bugfixed the documentation - - * fixed base 64 encoding to only happen at serialize() time, - rather than when a base64 value is created. This fixes the double - encoding bug reported by Nicolay Mausz - <castor@flying-dog.com>. The same approach ought to be taken with - encoding XML entities in the data - this is a TODO. - - * integrated further code from Peter Kocks: used his new code for - send(), adding a second, optional, parameter which is a timeout - parameter to fsockopen() - -1999-10-11 Edd Dumbill <edd@usefulinc.com> - - * added bug fixes from Peter Kocks <peter.kocks@baygate.com> - -1999-10-10 Edd Dumbill <edd@usefulinc.com> - - * updated the documentation - -1999-10-08 Edd Dumbill <edd@usefulinc.com> - - * added system.* methods and dispatcher, plus documentation - - * fixed bug which meant request::getNumParams was returning an - incorrect value - - * added signatures into the dispatch map. This BREAKS - COMPATIBILITY with previous releases of this code - -1999-08-18 Edd Dumbill <edd@usefulinc.com> - - * made entity encoding and decoding transparent now on string - passing. - - * de-globalised the globals in the parse routines, using an - associative array to hold all parser state $_xh - - * changed default input encoding to be UTF-8 to match expectation - - * separated out parseResponse into parseResponse and - parseResponseFile so that you can call parseResponse on a string - if you have one handy - -1999-07-20 Edd Dumbill <edd@usefulinc.com> - - * Moved documentation into Docbook format - -1999-07-19 Edd Dumbill <edd@usefulinc.com> - - * Added an echo server into server.php and echotest.php, a client - which will exercise the new echo routine. - - * Added test for no valid value returned: in this case will now - throw the error "invalid payload" - - * Added serialize() method to xmlrpcresp to return a string with - the response serialized as XML - - * Added automatic encoding and decoding for base64 types - - * Added setDebug() method to client to enable HTML output - debugging in the client - -1999-07-08 Edd Dumbill <edd@usefulinc.com> - - * Improved XML parse error reporting on the server side to send it - back in a faultCode packet. expat errors now begin at 100 - -1999-07-07 Edd Dumbill <edd@usefulinc.com> - - * Changed the structmem and arraymem methods of xmlrpcval to always - return xmlrpc vals whether they referred to scalars or complex - types. - - * Added the server class and demonstrations - - * Fixed bugs in the XML parsing and reworked it - - -$Id: ChangeLog,v 1.80 2007/02/25 18:42:53 ggiunta Exp $ diff --git a/modules/xmlrpc/README b/modules/xmlrpc/README deleted file mode 100644 index e757a5d3..00000000 --- a/modules/xmlrpc/README +++ /dev/null @@ -1,13 +0,0 @@ -NAME: XMLRPC FOR PHP - -DESCRIPTION: A php library for building xmlrpc clients and servers - - - -HTML documentation can be found in the doc/ directory. - -Recent changes in the ChangeLog - -Use of this software is subject to the terms in doc/index.html - -The passphrase for the rsakey.pem certificate is 'test'. diff --git a/modules/xmlrpc/xmlrpc.inc b/modules/xmlrpc/xmlrpc.inc deleted file mode 100644 index ad08a05a..00000000 --- a/modules/xmlrpc/xmlrpc.inc +++ /dev/null @@ -1,3634 +0,0 @@ -<?php -// by Edd Dumbill (C) 1999-2002 -// <edd@usefulinc.com> -// $Id: xmlrpc.inc,v 1.158 2007/03/01 21:21:02 ggiunta Exp $ - -// Copyright (c) 1999,2000,2002 Edd Dumbill. -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions -// are met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following -// disclaimer in the documentation and/or other materials provided -// with the distribution. -// -// * Neither the name of the "XML-RPC for PHP" nor the names of its -// contributors may be used to endorse or promote products derived -// from this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -// REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -// OF THE POSSIBILITY OF SUCH DAMAGE. - - if(!function_exists('xml_parser_create')) - { - // For PHP 4 onward, XML functionality is always compiled-in on windows: - // no more need to dl-open it. It might have been compiled out on *nix... - if(strtoupper(substr(PHP_OS, 0, 3) != 'WIN')) - { - dl('xml.so'); - } - } - - // Try to be backward compat with php < 4.2 (are we not being nice ?) - $phpversion = phpversion(); - if($phpversion[0] == '4' && $phpversion[2] < 2) - { - // give an opportunity to user to specify where to include other files from - if(!defined('PHP_XMLRPC_COMPAT_DIR')) - { - define('PHP_XMLRPC_COMPAT_DIR',dirname(__FILE__).'/compat/'); - } - if($phpversion[2] == '0') - { - if($phpversion[4] < 6) - { - include(PHP_XMLRPC_COMPAT_DIR.'is_callable.php'); - } - include(PHP_XMLRPC_COMPAT_DIR.'is_scalar.php'); - include(PHP_XMLRPC_COMPAT_DIR.'array_key_exists.php'); - include(PHP_XMLRPC_COMPAT_DIR.'version_compare.php'); - } - include(PHP_XMLRPC_COMPAT_DIR.'var_export.php'); - include(PHP_XMLRPC_COMPAT_DIR.'is_a.php'); - } - - // G. Giunta 2005/01/29: declare global these variables, - // so that xmlrpc.inc will work even if included from within a function - // Milosch: 2005/08/07 - explicitly request these via $GLOBALS where used. - $GLOBALS['xmlrpcI4']='i4'; - $GLOBALS['xmlrpcInt']='int'; - $GLOBALS['xmlrpcBoolean']='boolean'; - $GLOBALS['xmlrpcDouble']='double'; - $GLOBALS['xmlrpcString']='string'; - $GLOBALS['xmlrpcDateTime']='dateTime.iso8601'; - $GLOBALS['xmlrpcBase64']='base64'; - $GLOBALS['xmlrpcArray']='array'; - $GLOBALS['xmlrpcStruct']='struct'; - $GLOBALS['xmlrpcValue']='undefined'; - - $GLOBALS['xmlrpcTypes']=array( - $GLOBALS['xmlrpcI4'] => 1, - $GLOBALS['xmlrpcInt'] => 1, - $GLOBALS['xmlrpcBoolean'] => 1, - $GLOBALS['xmlrpcString'] => 1, - $GLOBALS['xmlrpcDouble'] => 1, - $GLOBALS['xmlrpcDateTime'] => 1, - $GLOBALS['xmlrpcBase64'] => 1, - $GLOBALS['xmlrpcArray'] => 2, - $GLOBALS['xmlrpcStruct'] => 3 - ); - - $GLOBALS['xmlrpc_valid_parents'] = array( - 'VALUE' => array('MEMBER', 'DATA', 'PARAM', 'FAULT'), - 'BOOLEAN' => array('VALUE'), - 'I4' => array('VALUE'), - 'INT' => array('VALUE'), - 'STRING' => array('VALUE'), - 'DOUBLE' => array('VALUE'), - 'DATETIME.ISO8601' => array('VALUE'), - 'BASE64' => array('VALUE'), - 'MEMBER' => array('STRUCT'), - 'NAME' => array('MEMBER'), - 'DATA' => array('ARRAY'), - 'ARRAY' => array('VALUE'), - 'STRUCT' => array('VALUE'), - 'PARAM' => array('PARAMS'), - 'METHODNAME' => array('METHODCALL'), - 'PARAMS' => array('METHODCALL', 'METHODRESPONSE'), - 'FAULT' => array('METHODRESPONSE'), - 'NIL' => array('VALUE') // only used when extension activated - ); - - // define extra types for supporting NULL (useful for json or <NIL/>) - $GLOBALS['xmlrpcNull']='null'; - $GLOBALS['xmlrpcTypes']['null']=1; - - // Not in use anymore since 2.0. Shall we remove it? - /// @deprecated - $GLOBALS['xmlEntities']=array( - 'amp' => '&', - 'quot' => '"', - 'lt' => '<', - 'gt' => '>', - 'apos' => "'" - ); - - // tables used for transcoding different charsets into us-ascii xml - - $GLOBALS['xml_iso88591_Entities']=array(); - $GLOBALS['xml_iso88591_Entities']['in'] = array(); - $GLOBALS['xml_iso88591_Entities']['out'] = array(); - for ($i = 0; $i < 32; $i++) - { - $GLOBALS['xml_iso88591_Entities']['in'][] = chr($i); - $GLOBALS['xml_iso88591_Entities']['out'][] = '&#'.$i.';'; - } - for ($i = 160; $i < 256; $i++) - { - $GLOBALS['xml_iso88591_Entities']['in'][] = chr($i); - $GLOBALS['xml_iso88591_Entities']['out'][] = '&#'.$i.';'; - } - - /// @todo add to iso table the characters from cp_1252 range, i.e. 128 to 159. - /// These will NOT be present in true ISO-8859-1, but will save the unwary - /// windows user from sending junk. -/* -$cp1252_to_xmlent = - array( - '\x80'=>'€', '\x81'=>'?', '\x82'=>'‚', '\x83'=>'ƒ', - '\x84'=>'„', '\x85'=>'…', '\x86'=>'†', \x87'=>'‡', - '\x88'=>'ˆ', '\x89'=>'‰', '\x8A'=>'Š', '\x8B'=>'‹', - '\x8C'=>'Œ', '\x8D'=>'?', '\x8E'=>'Ž', '\x8F'=>'?', - '\x90'=>'?', '\x91'=>'‘', '\x92'=>'’', '\x93'=>'“', - '\x94'=>'”', '\x95'=>'•', '\x96'=>'–', '\x97'=>'—', - '\x98'=>'˜', '\x99'=>'™', '\x9A'=>'š', '\x9B'=>'›', - '\x9C'=>'œ', '\x9D'=>'?', '\x9E'=>'ž', '\x9F'=>'Ÿ' - ); -*/ - - $GLOBALS['xmlrpcerr']['unknown_method']=1; - $GLOBALS['xmlrpcstr']['unknown_method']='Unknown method'; - $GLOBALS['xmlrpcerr']['invalid_return']=2; - $GLOBALS['xmlrpcstr']['invalid_return']='Invalid return payload: enable debugging to examine incoming payload'; - $GLOBALS['xmlrpcerr']['incorrect_params']=3; - $GLOBALS['xmlrpcstr']['incorrect_params']='Incorrect parameters passed to method'; - $GLOBALS['xmlrpcerr']['introspect_unknown']=4; - $GLOBALS['xmlrpcstr']['introspect_unknown']="Can't introspect: method unknown"; - $GLOBALS['xmlrpcerr']['http_error']=5; - $GLOBALS['xmlrpcstr']['http_error']="Didn't receive 200 OK from remote server."; - $GLOBALS['xmlrpcerr']['no_data']=6; - $GLOBALS['xmlrpcstr']['no_data']='No data received from server.'; - $GLOBALS['xmlrpcerr']['no_ssl']=7; - $GLOBALS['xmlrpcstr']['no_ssl']='No SSL support compiled in.'; - $GLOBALS['xmlrpcerr']['curl_fail']=8; - $GLOBALS['xmlrpcstr']['curl_fail']='CURL error'; - $GLOBALS['xmlrpcerr']['invalid_request']=15; - $GLOBALS['xmlrpcstr']['invalid_request']='Invalid request payload'; - $GLOBALS['xmlrpcerr']['no_curl']=16; - $GLOBALS['xmlrpcstr']['no_curl']='No CURL support compiled in.'; - $GLOBALS['xmlrpcerr']['server_error']=17; - $GLOBALS['xmlrpcstr']['server_error']='Internal server error'; - $GLOBALS['xmlrpcerr']['multicall_error']=18; - $GLOBALS['xmlrpcstr']['multicall_error']='Received from server invalid multicall response'; - - $GLOBALS['xmlrpcerr']['multicall_notstruct'] = 9; - $GLOBALS['xmlrpcstr']['multicall_notstruct'] = 'system.multicall expected struct'; - $GLOBALS['xmlrpcerr']['multicall_nomethod'] = 10; - $GLOBALS['xmlrpcstr']['multicall_nomethod'] = 'missing methodName'; - $GLOBALS['xmlrpcerr']['multicall_notstring'] = 11; - $GLOBALS['xmlrpcstr']['multicall_notstring'] = 'methodName is not a string'; - $GLOBALS['xmlrpcerr']['multicall_recursion'] = 12; - $GLOBALS['xmlrpcstr']['multicall_recursion'] = 'recursive system.multicall forbidden'; - $GLOBALS['xmlrpcerr']['multicall_noparams'] = 13; - $GLOBALS['xmlrpcstr']['multicall_noparams'] = 'missing params'; - $GLOBALS['xmlrpcerr']['multicall_notarray'] = 14; - $GLOBALS['xmlrpcstr']['multicall_notarray'] = 'params is not an array'; - - $GLOBALS['xmlrpcerr']['cannot_decompress']=103; - $GLOBALS['xmlrpcstr']['cannot_decompress']='Received from server compressed HTTP and cannot decompress'; - $GLOBALS['xmlrpcerr']['decompress_fail']=104; - $GLOBALS['xmlrpcstr']['decompress_fail']='Received from server invalid compressed HTTP'; - $GLOBALS['xmlrpcerr']['dechunk_fail']=105; - $GLOBALS['xmlrpcstr']['dechunk_fail']='Received from server invalid chunked HTTP'; - $GLOBALS['xmlrpcerr']['server_cannot_decompress']=106; - $GLOBALS['xmlrpcstr']['server_cannot_decompress']='Received from client compressed HTTP request and cannot decompress'; - $GLOBALS['xmlrpcerr']['server_decompress_fail']=107; - $GLOBALS['xmlrpcstr']['server_decompress_fail']='Received from client invalid compressed HTTP request'; - - // The charset encoding used by the server for received messages and - // by the client for received responses when received charset cannot be determined - // or is not supported - $GLOBALS['xmlrpc_defencoding']='UTF-8'; - - // The encoding used internally by PHP. - // String values received as xml will be converted to this, and php strings will be converted to xml - // as if having been coded with this - $GLOBALS['xmlrpc_internalencoding']='ISO-8859-1'; - - $GLOBALS['xmlrpcName']='XML-RPC for PHP'; - $GLOBALS['xmlrpcVersion']='2.2'; - - // let user errors start at 800 - $GLOBALS['xmlrpcerruser']=800; - // let XML parse errors start at 100 - $GLOBALS['xmlrpcerrxml']=100; - - // formulate backslashes for escaping regexp - // Not in use anymore since 2.0. Shall we remove it? - /// @deprecated - $GLOBALS['xmlrpc_backslash']=chr(92).chr(92); - - // set to TRUE to enable correct decoding of <NIL/> values - $GLOBALS['xmlrpc_null_extension']=false; - - // used to store state during parsing - // quick explanation of components: - // ac - used to accumulate values - // isf - used to indicate a parsing fault (2) or xmlrpcresp fault (1) - // isf_reason - used for storing xmlrpcresp fault string - // lv - used to indicate "looking for a value": implements - // the logic to allow values with no types to be strings - // params - used to store parameters in method calls - // method - used to store method name - // stack - array with genealogy of xml elements names: - // used to validate nesting of xmlrpc elements - $GLOBALS['_xh']=null; - - /** - * Convert a string to the correct XML representation in a target charset - * To help correct communication of non-ascii chars inside strings, regardless - * of the charset used when sending requests, parsing them, sending responses - * and parsing responses, an option is to convert all non-ascii chars present in the message - * into their equivalent 'charset entity'. Charset entities enumerated this way - * are independent of the charset encoding used to transmit them, and all XML - * parsers are bound to understand them. - * Note that in the std case we are not sending a charset encoding mime type - * along with http headers, so we are bound by RFC 3023 to emit strict us-ascii. - * - * @todo do a bit of basic benchmarking (strtr vs. str_replace) - * @todo make usage of iconv() or recode_string() or mb_string() where available - */ - function xmlrpc_encode_entitites($data, $src_encoding='', $dest_encoding='') - { - if ($src_encoding == '') - { - // lame, but we know no better... - $src_encoding = $GLOBALS['xmlrpc_internalencoding']; - } - - switch(strtoupper($src_encoding.'_'.$dest_encoding)) - { - case 'ISO-8859-1_': - case 'ISO-8859-1_US-ASCII': - $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); - $escaped_data = str_replace($GLOBALS['xml_iso88591_Entities']['in'], $GLOBALS['xml_iso88591_Entities']['out'], $escaped_data); - break; - case 'ISO-8859-1_UTF-8': - $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); - $escaped_data = utf8_encode($escaped_data); - break; - case 'ISO-8859-1_ISO-8859-1': - case 'US-ASCII_US-ASCII': - case 'US-ASCII_UTF-8': - case 'US-ASCII_': - case 'US-ASCII_ISO-8859-1': - case 'UTF-8_UTF-8': - $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); - break; - case 'UTF-8_': - case 'UTF-8_US-ASCII': - case 'UTF-8_ISO-8859-1': - // NB: this will choke on invalid UTF-8, going most likely beyond EOF - $escaped_data = ''; - // be kind to users creating string xmlrpcvals out of different php types - $data = (string) $data; - $ns = strlen ($data); - for ($nn = 0; $nn < $ns; $nn++) - { - $ch = $data[$nn]; - $ii = ord($ch); - //1 7 0bbbbbbb (127) - if ($ii < 128) - { - /// @todo shall we replace this with a (supposedly) faster str_replace? - switch($ii){ - case 34: - $escaped_data .= '"'; - break; - case 38: - $escaped_data .= '&'; - break; - case 39: - $escaped_data .= '''; - break; - case 60: - $escaped_data .= '<'; - break; - case 62: - $escaped_data .= '>'; - break; - default: - $escaped_data .= $ch; - } // switch - } - //2 11 110bbbbb 10bbbbbb (2047) - else if ($ii>>5 == 6) - { - $b1 = ($ii & 31); - $ii = ord($data[$nn+1]); - $b2 = ($ii & 63); - $ii = ($b1 * 64) + $b2; - $ent = sprintf ('&#%d;', $ii); - $escaped_data .= $ent; - $nn += 1; - } - //3 16 1110bbbb 10bbbbbb 10bbbbbb - else if ($ii>>4 == 14) - { - $b1 = ($ii & 31); - $ii = ord($data[$nn+1]); - $b2 = ($ii & 63); - $ii = ord($data[$nn+2]); - $b3 = ($ii & 63); - $ii = ((($b1 * 64) + $b2) * 64) + $b3; - $ent = sprintf ('&#%d;', $ii); - $escaped_data .= $ent; - $nn += 2; - } - //4 21 11110bbb 10bbbbbb 10bbbbbb 10bbbbbb - else if ($ii>>3 == 30) - { - $b1 = ($ii & 31); - $ii = ord($data[$nn+1]); - $b2 = ($ii & 63); - $ii = ord($data[$nn+2]); - $b3 = ($ii & 63); - $ii = ord($data[$nn+3]); - $b4 = ($ii & 63); - $ii = ((((($b1 * 64) + $b2) * 64) + $b3) * 64) + $b4; - $ent = sprintf ('&#%d;', $ii); - $escaped_data .= $ent; - $nn += 3; - } - } - break; - default: - $escaped_data = ''; - error_log("Converting from $src_encoding to $dest_encoding: not supported..."); - } - return $escaped_data; - } - - /// xml parser handler function for opening element tags - function xmlrpc_se($parser, $name, $attrs, $accept_single_vals=false) - { - // if invalid xmlrpc already detected, skip all processing - if ($GLOBALS['_xh']['isf'] < 2) - { - // check for correct element nesting - // top level element can only be of 2 types - /// @todo optimization creep: save this check into a bool variable, instead of using count() every time: - /// there is only a single top level element in xml anyway - if (count($GLOBALS['_xh']['stack']) == 0) - { - if ($name != 'METHODRESPONSE' && $name != 'METHODCALL' && ( - $name != 'VALUE' && !$accept_single_vals)) - { - $GLOBALS['_xh']['isf'] = 2; - $GLOBALS['_xh']['isf_reason'] = 'missing top level xmlrpc element'; - return; - } - else - { - $GLOBALS['_xh']['rt'] = strtolower($name); - } - } - else - { - // not top level element: see if parent is OK - $parent = end($GLOBALS['_xh']['stack']); - if (!array_key_exists($name, $GLOBALS['xmlrpc_valid_parents']) || !in_array($parent, $GLOBALS['xmlrpc_valid_parents'][$name])) - { - $GLOBALS['_xh']['isf'] = 2; - $GLOBALS['_xh']['isf_reason'] = "xmlrpc element $name cannot be child of $parent"; - return; - } - } - - switch($name) - { - // optimize for speed switch cases: most common cases first - case 'VALUE': - /// @todo we could check for 2 VALUE elements inside a MEMBER or PARAM element - $GLOBALS['_xh']['vt']='value'; // indicator: no value found yet - $GLOBALS['_xh']['ac']=''; - $GLOBALS['_xh']['lv']=1; - $GLOBALS['_xh']['php_class']=null; - break; - case 'I4': - case 'INT': - case 'STRING': - case 'BOOLEAN': - case 'DOUBLE': - case 'DATETIME.ISO8601': - case 'BASE64': - if ($GLOBALS['_xh']['vt']!='value') - { - //two data elements inside a value: an error occurred! - $GLOBALS['_xh']['isf'] = 2; - $GLOBALS['_xh']['isf_reason'] = "$name element following a {$GLOBALS['_xh']['vt']} element inside a single value"; - return; - } - $GLOBALS['_xh']['ac']=''; // reset the accumulator - break; - case 'STRUCT': - case 'ARRAY': - if ($GLOBALS['_xh']['vt']!='value') - { - //two data elements inside a value: an error occurred! - $GLOBALS['_xh']['isf'] = 2; - $GLOBALS['_xh']['isf_reason'] = "$name element following a {$GLOBALS['_xh']['vt']} element inside a single value"; - return; - } - // create an empty array to hold child values, and push it onto appropriate stack - $cur_val = array(); - $cur_val['values'] = array(); - $cur_val['type'] = $name; - // check for out-of-band information to rebuild php objs - // and in case it is found, save it - if (@isset($attrs['PHP_CLASS'])) - { - $cur_val['php_class'] = $attrs['PHP_CLASS']; - } - $GLOBALS['_xh']['valuestack'][] = $cur_val; - $GLOBALS['_xh']['vt']='data'; // be prepared for a data element next - break; - case 'DATA': - if ($GLOBALS['_xh']['vt']!='data') - { - //two data elements inside a value: an error occurred! - $GLOBALS['_xh']['isf'] = 2; - $GLOBALS['_xh']['isf_reason'] = "found two data elements inside an array element"; - return; - } - case 'METHODCALL': - case 'METHODRESPONSE': - case 'PARAMS': - // valid elements that add little to processing - break; - case 'METHODNAME': - case 'NAME': - /// @todo we could check for 2 NAME elements inside a MEMBER element - $GLOBALS['_xh']['ac']=''; - break; - case 'FAULT': - $GLOBALS['_xh']['isf']=1; - break; - case 'MEMBER': - $GLOBALS['_xh']['valuestack'][count($GLOBALS['_xh']['valuestack'])-1]['name']=''; // set member name to null, in case we do not find in the xml later on - //$GLOBALS['_xh']['ac']=''; - // Drop trough intentionally - case 'PARAM': - // clear value type, so we can check later if no value has been passed for this param/member - $GLOBALS['_xh']['vt']=null; - break; - case 'NIL': - if ($GLOBALS['xmlrpc_null_extension']) - { - if ($GLOBALS['_xh']['vt']!='value') - { - //two data elements inside a value: an error occurred! - $GLOBALS['_xh']['isf'] = 2; - $GLOBALS['_xh']['isf_reason'] = "$name element following a {$GLOBALS['_xh']['vt']} element inside a single value"; - return; - } - $GLOBALS['_xh']['ac']=''; // reset the accumulator - break; - } - // we do not support the <NIL/> extension, so - // drop through intentionally - default: - /// INVALID ELEMENT: RAISE ISF so that it is later recognized!!! - $GLOBALS['_xh']['isf'] = 2; - $GLOBALS['_xh']['isf_reason'] = "found not-xmlrpc xml element $name"; - break; - } - - // Save current element name to stack, to validate nesting - $GLOBALS['_xh']['stack'][] = $name; - - /// @todo optimization creep: move this inside the big switch() above - if($name!='VALUE') - { - $GLOBALS['_xh']['lv']=0; - } - } - } - - /// Used in decoding xml chunks that might represent single xmlrpc values - function xmlrpc_se_any($parser, $name, $attrs) - { - xmlrpc_se($parser, $name, $attrs, true); - } - - /// xml parser handler function for close element tags - function xmlrpc_ee($parser, $name, $rebuild_xmlrpcvals = true) - { - if ($GLOBALS['_xh']['isf'] < 2) - { - // push this element name from stack - // NB: if XML validates, correct opening/closing is guaranteed and - // we do not have to check for $name == $curr_elem. - // we also checked for proper nesting at start of elements... - $curr_elem = array_pop($GLOBALS['_xh']['stack']); - - switch($name) - { - case 'VALUE': - // This if() detects if no scalar was inside <VALUE></VALUE> - if ($GLOBALS['_xh']['vt']=='value') - { - $GLOBALS['_xh']['value']=$GLOBALS['_xh']['ac']; - $GLOBALS['_xh']['vt']=$GLOBALS['xmlrpcString']; - } - - if ($rebuild_xmlrpcvals) - { - // build the xmlrpc val out of the data received, and substitute it - $temp =& new xmlrpcval($GLOBALS['_xh']['value'], $GLOBALS['_xh']['vt']); - // in case we got info about underlying php class, save it - // in the object we're rebuilding - if (isset($GLOBALS['_xh']['php_class'])) - $temp->_php_class = $GLOBALS['_xh']['php_class']; - // check if we are inside an array or struct: - // if value just built is inside an array, let's move it into array on the stack - $vscount = count($GLOBALS['_xh']['valuestack']); - if ($vscount && $GLOBALS['_xh']['valuestack'][$vscount-1]['type']=='ARRAY') - { - $GLOBALS['_xh']['valuestack'][$vscount-1]['values'][] = $temp; - } - else - { - $GLOBALS['_xh']['value'] = $temp; - } - } - else - { - /// @todo this needs to treat correctly php-serialized objects, - /// since std deserializing is done by php_xmlrpc_decode, - /// which we will not be calling... - if (isset($GLOBALS['_xh']['php_class'])) - { - } - - // check if we are inside an array or struct: - // if value just built is inside an array, let's move it into array on the stack - $vscount = count($GLOBALS['_xh']['valuestack']); - if ($vscount && $GLOBALS['_xh']['valuestack'][$vscount-1]['type']=='ARRAY') - { - $GLOBALS['_xh']['valuestack'][$vscount-1]['values'][] = $GLOBALS['_xh']['value']; - } - } - break; - case 'BOOLEAN': - case 'I4': - case 'INT': - case 'STRING': - case 'DOUBLE': - case 'DATETIME.ISO8601': - case 'BASE64': - $GLOBALS['_xh']['vt']=strtolower($name); - /// @todo: optimization creep - remove the if/elseif cycle below - /// since the case() in which we are already did that - if ($name=='STRING') - { - $GLOBALS['_xh']['value']=$GLOBALS['_xh']['ac']; - } - elseif ($name=='DATETIME.ISO8601') - { - if (!preg_match('/^[0-9]{8}T[0-9]{2}:[0-9]{2}:[0-9]{2}$/', $GLOBALS['_xh']['ac'])) - { - error_log('XML-RPC: invalid value received in DATETIME: '.$GLOBALS['_xh']['ac']); - } - $GLOBALS['_xh']['vt']=$GLOBALS['xmlrpcDateTime']; - $GLOBALS['_xh']['value']=$GLOBALS['_xh']['ac']; - } - elseif ($name=='BASE64') - { - /// @todo check for failure of base64 decoding / catch warnings - $GLOBALS['_xh']['value']=base64_decode($GLOBALS['_xh']['ac']); - } - elseif ($name=='BOOLEAN') - { - // special case here: we translate boolean 1 or 0 into PHP - // constants true or false. - // Strings 'true' and 'false' are accepted, even though the - // spec never mentions them (see eg. Blogger api docs) - // NB: this simple checks helps a lot sanitizing input, ie no - // security problems around here - if ($GLOBALS['_xh']['ac']=='1' || strcasecmp($GLOBALS['_xh']['ac'], 'true') == 0) - { - $GLOBALS['_xh']['value']=true; - } - else - { - // log if receiveing something strange, even though we set the value to false anyway - if ($GLOBALS['_xh']['ac']!='0' && strcasecmp($_xh[$parser]['ac'], 'false') != 0) - error_log('XML-RPC: invalid value received in BOOLEAN: '.$GLOBALS['_xh']['ac']); - $GLOBALS['_xh']['value']=false; - } - } - elseif ($name=='DOUBLE') - { - // we have a DOUBLE - // we must check that only 0123456789-.<space> are characters here - if (!preg_match('/^[+-]?[eE0123456789 \t.]+$/', $GLOBALS['_xh']['ac'])) - { - /// @todo: find a better way of throwing an error - // than this! - error_log('XML-RPC: non numeric value received in DOUBLE: '.$GLOBALS['_xh']['ac']); - $GLOBALS['_xh']['value']='ERROR_NON_NUMERIC_FOUND'; - } - else - { - // it's ok, add it on - $GLOBALS['_xh']['value']=(double)$GLOBALS['_xh']['ac']; - } - } - else - { - // we have an I4/INT - // we must check that only 0123456789-<space> are characters here - if (!preg_match('/^[+-]?[0123456789 \t]+$/', $GLOBALS['_xh']['ac'])) - { - /// @todo find a better way of throwing an error - // than this! - error_log('XML-RPC: non numeric value received in INT: '.$GLOBALS['_xh']['ac']); - $GLOBALS['_xh']['value']='ERROR_NON_NUMERIC_FOUND'; - } - else - { - // it's ok, add it on - $GLOBALS['_xh']['value']=(int)$GLOBALS['_xh']['ac']; - } - } - //$GLOBALS['_xh']['ac']=''; // is this necessary? - $GLOBALS['_xh']['lv']=3; // indicate we've found a value - break; - case 'NAME': - $GLOBALS['_xh']['valuestack'][count($GLOBALS['_xh']['valuestack'])-1]['name'] = $GLOBALS['_xh']['ac']; - break; - case 'MEMBER': - //$GLOBALS['_xh']['ac']=''; // is this necessary? - // add to array in the stack the last element built, - // unless no VALUE was found - if ($GLOBALS['_xh']['vt']) - { - $vscount = count($GLOBALS['_xh']['valuestack']); - $GLOBALS['_xh']['valuestack'][$vscount-1]['values'][$GLOBALS['_xh']['valuestack'][$vscount-1]['name']] = $GLOBALS['_xh']['value']; - } else - error_log('XML-RPC: missing VALUE inside STRUCT in received xml'); - break; - case 'DATA': - //$GLOBALS['_xh']['ac']=''; // is this necessary? - $GLOBALS['_xh']['vt']=null; // reset this to check for 2 data elements in a row - even if they're empty - break; - case 'STRUCT': - case 'ARRAY': - // fetch out of stack array of values, and promote it to current value - $curr_val = array_pop($GLOBALS['_xh']['valuestack']); - $GLOBALS['_xh']['value'] = $curr_val['values']; - $GLOBALS['_xh']['vt']=strtolower($name); - if (isset($curr_val['php_class'])) - { - $GLOBALS['_xh']['php_class'] = $curr_val['php_class']; - } - break; - case 'PARAM': - // add to array of params the current value, - // unless no VALUE was found - if ($GLOBALS['_xh']['vt']) - { - $GLOBALS['_xh']['params'][]=$GLOBALS['_xh']['value']; - $GLOBALS['_xh']['pt'][]=$GLOBALS['_xh']['vt']; - } - else - error_log('XML-RPC: missing VALUE inside PARAM in received xml'); - break; - case 'METHODNAME': - $GLOBALS['_xh']['method']=preg_replace('/^[\n\r\t ]+/', '', $GLOBALS['_xh']['ac']); - break; - case 'NIL': - if ($GLOBALS['xmlrpc_null_extension']) - { - $GLOBALS['_xh']['vt']='null'; - $GLOBALS['_xh']['value']=null; - $GLOBALS['_xh']['lv']=3; - break; - } - // drop through intentionally if nil extension not enabled - case 'PARAMS': - case 'FAULT': - case 'METHODCALL': - case 'METHORESPONSE': - break; - default: - // End of INVALID ELEMENT! - // shall we add an assert here for unreachable code??? - break; - } - } - } - - /// Used in decoding xmlrpc requests/responses without rebuilding xmlrpc values - function xmlrpc_ee_fast($parser, $name) - { - xmlrpc_ee($parser, $name, false); - } - - /// xml parser handler function for character data - function xmlrpc_cd($parser, $data) - { - // skip processing if xml fault already detected - if ($GLOBALS['_xh']['isf'] < 2) - { - // "lookforvalue==3" means that we've found an entire value - // and should discard any further character data - if($GLOBALS['_xh']['lv']!=3) - { - // G. Giunta 2006-08-23: useless change of 'lv' from 1 to 2 - //if($GLOBALS['_xh']['lv']==1) - //{ - // if we've found text and we're just in a <value> then - // say we've found a value - //$GLOBALS['_xh']['lv']=2; - //} - // we always initialize the accumulator before starting parsing, anyway... - //if(!@isset($GLOBALS['_xh']['ac'])) - //{ - // $GLOBALS['_xh']['ac'] = ''; - //} - $GLOBALS['_xh']['ac'].=$data; - } - } - } - - /// xml parser handler function for 'other stuff', ie. not char data or - /// element start/end tag. In fact it only gets called on unknown entities... - function xmlrpc_dh($parser, $data) - { - // skip processing if xml fault already detected - if ($GLOBALS['_xh']['isf'] < 2) - { - if(substr($data, 0, 1) == '&' && substr($data, -1, 1) == ';') - { - // G. Giunta 2006-08-25: useless change of 'lv' from 1 to 2 - //if($GLOBALS['_xh']['lv']==1) - //{ - // $GLOBALS['_xh']['lv']=2; - //} - $GLOBALS['_xh']['ac'].=$data; - } - } - return true; - } - - class xmlrpc_client - { - var $path; - var $server; - var $port=0; - var $method='http'; - var $errno; - var $errstr; - var $debug=0; - var $username=''; - var $password=''; - var $authtype=1; - var $cert=''; - var $certpass=''; - var $cacert=''; - var $cacertdir=''; - var $key=''; - var $keypass=''; - var $verifypeer=true; - var $verifyhost=1; - var $no_multicall=false; - var $proxy=''; - var $proxyport=0; - var $proxy_user=''; - var $proxy_pass=''; - var $proxy_authtype=1; - var $cookies=array(); - /** - * List of http compression methods accepted by the client for responses. - * NB: PHP supports deflate, gzip compressions out of the box if compiled w. zlib - * - * NNB: you can set it to any non-empty array for HTTP11 and HTTPS, since - * in those cases it will be up to CURL to decide the compression methods - * it supports. You might check for the presence of 'zlib' in the output of - * curl_version() to determine wheter compression is supported or not - */ - var $accepted_compression = array(); - /** - * Name of compression scheme to be used for sending requests. - * Either null, gzip or deflate - */ - var $request_compression = ''; - /** - * CURL handle: used for keep-alive connections (PHP 4.3.8 up, see: - * http://curl.haxx.se/docs/faq.html#7.3) - */ - var $xmlrpc_curl_handle = null; - /// Wheter to use persistent connections for http 1.1 and https - var $keepalive = false; - /// Charset encodings that can be decoded without problems by the client - var $accepted_charset_encodings = array(); - /// Charset encoding to be used in serializing request. NULL = use ASCII - var $request_charset_encoding = ''; - /** - * Decides the content of xmlrpcresp objects returned by calls to send() - * valid strings are 'xmlrpcvals', 'phpvals' or 'xml' - */ - var $return_type = 'xmlrpcvals'; - - /** - * @param string $path either the complete server URL or the PATH part of the xmlrc server URL, e.g. /xmlrpc/server.php - * @param string $server the server name / ip address - * @param integer $port the port the server is listening on, defaults to 80 or 443 depending on protocol used - * @param string $method the http protocol variant: defaults to 'http', 'https' and 'http11' can be used if CURL is installed - */ - function xmlrpc_client($path, $server='', $port='', $method='') - { - // allow user to specify all params in $path - if($server == '' and $port == '' and $method == '') - { - $parts = parse_url($path); - $server = $parts['host']; - $path = $parts['path']; - if(isset($parts['query'])) - { - $path .= '?'.$parts['query']; - } - if(isset($parts['fragment'])) - { - $path .= '#'.$parts['fragment']; - } - if(isset($parts['port'])) - { - $port = $parts['port']; - } - if(isset($parts['scheme'])) - { - $method = $parts['scheme']; - } - if(isset($parts['user'])) - { - $this->username = $parts['user']; - } - if(isset($parts['pass'])) - { - $this->password = $parts['pass']; - } - } - if($path == '' || $path[0] != '/') - { - $this->path='/'.$path; - } - else - { - $this->path=$path; - } - $this->server=$server; - if($port != '') - { - $this->port=$port; - } - if($method != '') - { - $this->method=$method; - } - - // if ZLIB is enabled, let the client by default accept compressed responses - if(function_exists('gzinflate') || ( - function_exists('curl_init') && (($info = curl_version()) && - ((is_string($info) && strpos($info, 'zlib') !== null) || isset($info['libz_version']))) - )) - { - $this->accepted_compression = array('gzip', 'deflate'); - } - - // keepalives: enabled by default ONLY for PHP >= 4.3.8 - // (see http://curl.haxx.se/docs/faq.html#7.3) - if(version_compare(phpversion(), '4.3.8') >= 0) - { - $this->keepalive = true; - } - - // by default the xml parser can support these 3 charset encodings - $this->accepted_charset_encodings = array('UTF-8', 'ISO-8859-1', 'US-ASCII'); - } - - /** - * Enables/disables the echoing to screen of the xmlrpc responses received - * @param integer $debug values 0, 1 and 2 are supported (2 = echo sent msg too, before received response) - * @access public - */ - function setDebug($in) - { - $this->debug=$in; - } - - /** - * Add some http BASIC AUTH credentials, used by the client to authenticate - * @param string $u username - * @param string $p password - * @param integer $t auth type. See curl_setopt man page for supported auth types. Defaults to CURLAUTH_BASIC (basic auth) - * @access public - */ - function setCredentials($u, $p, $t=1) - { - $this->username=$u; - $this->password=$p; - $this->authtype=$t; - } - - /** - * Add a client-side https certificate - * @param string $cert - * @param string $certpass - * @access public - */ - function setCertificate($cert, $certpass) - { - $this->cert = $cert; - $this->certpass = $certpass; - } - - /** - * Add a CA certificate to verify server with (see man page about - * CURLOPT_CAINFO for more details - * @param string $cacert certificate file name (or dir holding certificates) - * @param bool $is_dir set to true to indicate cacert is a dir. defaults to false - * @access public - */ - function setCaCertificate($cacert, $is_dir=false) - { - if ($is_dir) - { - $this->cacert = $cacert; - } - else - { - $this->cacertdir = $cacert; - } - } - - /** - * Set attributes for SSL communication: private SSL key - * @param string $key The name of a file containing a private SSL key - * @param string $keypass The secret password needed to use the private SSL key - * @access public - * NB: does not work in older php/curl installs - * Thanks to Daniel Convissor - */ - function setKey($key, $keypass) - { - $this->key = $key; - $this->keypass = $keypass; - } - - /** - * Set attributes for SSL communication: verify server certificate - * @param bool $i enable/disable verification of peer certificate - * @access public - */ - function setSSLVerifyPeer($i) - { - $this->verifypeer = $i; - } - - /** - * Set attributes for SSL communication: verify match of server cert w. hostname - * @param int $i - * @access public - */ - function setSSLVerifyHost($i) - { - $this->verifyhost = $i; - } - - /** - * Set proxy info - * @param string $proxyhost - * @param string $proxyport Defaults to 8080 for HTTP and 443 for HTTPS - * @param string $proxyusername Leave blank if proxy has public access - * @param string $proxypassword Leave blank if proxy has public access - * @param int $proxyauthtype set to constant CURLAUTH_NTLM to use NTLM auth with proxy - * @access public - */ - function setProxy($proxyhost, $proxyport, $proxyusername = '', $proxypassword = '', $proxyauthtype = 1) - { - $this->proxy = $proxyhost; - $this->proxyport = $proxyport; - $this->proxy_user = $proxyusername; - $this->proxy_pass = $proxypassword; - $this->proxy_authtype = $proxyauthtype; - } - - /** - * Enables/disables reception of compressed xmlrpc responses. - * Note that enabling reception of compressed responses merely adds some standard - * http headers to xmlrpc requests. It is up to the xmlrpc server to return - * compressed responses when receiving such requests. - * @param string $compmethod either 'gzip', 'deflate', 'any' or '' - * @access public - */ - function setAcceptedCompression($compmethod) - { - if ($compmethod == 'any') - $this->accepted_compression = array('gzip', 'deflate'); - else - $this->accepted_compression = array($compmethod); - } - - /** - * Enables/disables http compression of xmlrpc request. - * Take care when sending compressed requests: servers might not support them - * (and automatic fallback to uncompressed requests is not yet implemented) - * @param string $compmethod either 'gzip', 'deflate' or '' - * @access public - */ - function setRequestCompression($compmethod) - { - $this->request_compression = $compmethod; - } - - /** - * Adds a cookie to list of cookies that will be sent to server. - * NB: setting any param but name and value will turn the cookie into a 'version 1' cookie: - * do not do it unless you know what you are doing - * @param string $name - * @param string $value - * @param string $path - * @param string $domain - * @param int $port - * @access public - * - * @todo check correctness of urlencoding cookie value (copied from php way of doing it...) - */ - function setCookie($name, $value='', $path='', $domain='', $port=null) - { - $this->cookies[$name]['value'] = urlencode($value); - if ($path || $domain || $port) - { - $this->cookies[$name]['path'] = $path; - $this->cookies[$name]['domain'] = $domain; - $this->cookies[$name]['port'] = $port; - $this->cookies[$name]['version'] = 1; - } - else - { - $this->cookies[$name]['version'] = 0; - } - } - - /** - * Send an xmlrpc request - * @param mixed $msg The message object, or an array of messages for using multicall, or the complete xml representation of a request - * @param integer $timeout Connection timeout, in seconds, If unspecified, a platform specific timeout will apply - * @param string $method if left unspecified, the http protocol chosen during creation of the object will be used - * @return xmlrpcresp - * @access public - */ - function& send($msg, $timeout=0, $method='') - { - // if user deos not specify http protocol, use native method of this client - // (i.e. method set during call to constructor) - if($method == '') - { - $method = $this->method; - } - - if(is_array($msg)) - { - // $msg is an array of xmlrpcmsg's - $r = $this->multicall($msg, $timeout, $method); - return $r; - } - elseif(is_string($msg)) - { - $n =& new xmlrpcmsg(''); - $n->payload = $msg; - $msg = $n; - } - - // where msg is an xmlrpcmsg - $msg->debug=$this->debug; - - if($method == 'https') - { - $r =& $this->sendPayloadHTTPS( - $msg, - $this->server, - $this->port, - $timeout, - $this->username, - $this->password, - $this->authtype, - $this->cert, - $this->certpass, - $this->cacert, - $this->cacertdir, - $this->proxy, - $this->proxyport, - $this->proxy_user, - $this->proxy_pass, - $this->proxy_authtype, - $this->keepalive, - $this->key, - $this->keypass - ); - } - elseif($method == 'http11') - { - $r =& $this->sendPayloadCURL( - $msg, - $this->server, - $this->port, - $timeout, - $this->username, - $this->password, - $this->authtype, - null, - null, - null, - null, - $this->proxy, - $this->proxyport, - $this->proxy_user, - $this->proxy_pass, - $this->proxy_authtype, - 'http', - $this->keepalive - ); - } - else - { - $r =& $this->sendPayloadHTTP10( - $msg, - $this->server, - $this->port, - $timeout, - $this->username, - $this->password, - $this->authtype, - $this->proxy, - $this->proxyport, - $this->proxy_user, - $this->proxy_pass, - $this->proxy_authtype - ); - } - - return $r; - } - - /** - * @access private - */ - function &sendPayloadHTTP10($msg, $server, $port, $timeout=0, - $username='', $password='', $authtype=1, $proxyhost='', - $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1) - { - if($port==0) - { - $port=80; - } - - // Only create the payload if it was not created previously - if(empty($msg->payload)) - { - $msg->createPayload($this->request_charset_encoding); - } - - $payload = $msg->payload; - // Deflate request body and set appropriate request headers - if(function_exists('gzdeflate') && ($this->request_compression == 'gzip' || $this->request_compression == 'deflate')) - { - if($this->request_compression == 'gzip') - { - $a = @gzencode($payload); - if($a) - { - $payload = $a; - $encoding_hdr = "Content-Encoding: gzip\r\n"; - } - } - else - { - $a = @gzcompress($payload); - if($a) - { - $payload = $a; - $encoding_hdr = "Content-Encoding: deflate\r\n"; - } - } - } - else - { - $encoding_hdr = ''; - } - - // thanks to Grant Rauscher <grant7@firstworld.net> for this - $credentials=''; - if($username!='') - { - $credentials='Authorization: Basic ' . base64_encode($username . ':' . $password) . "\r\n"; - if ($authtype != 1) - { - error_log('XML-RPC: xmlrpc_client::send: warning. Only Basic auth is supported with HTTP 1.0'); - } - } - - $accepted_encoding = ''; - if(is_array($this->accepted_compression) && count($this->accepted_compression)) - { - $accepted_encoding = 'Accept-Encoding: ' . implode(', ', $this->accepted_compression) . "\r\n"; - } - - $proxy_credentials = ''; - if($proxyhost) - { - if($proxyport == 0) - { - $proxyport = 8080; - } - $connectserver = $proxyhost; - $connectport = $proxyport; - $uri = 'http://'.$server.':'.$port.$this->path; - if($proxyusername != '') - { - if ($proxyauthtype != 1) - { - error_log('XML-RPC: xmlrpc_client::send: warning. Only Basic auth to proxy is supported with HTTP 1.0'); - } - $proxy_credentials = 'Proxy-Authorization: Basic ' . base64_encode($proxyusername.':'.$proxypassword) . "\r\n"; - } - } - else - { - $connectserver = $server; - $connectport = $port; - $uri = $this->path; - } - - // Cookie generation, as per rfc2965 (version 1 cookies) or - // netscape's rules (version 0 cookies) - $cookieheader=''; - foreach ($this->cookies as $name => $cookie) - { - if ($cookie['version']) - { - $cookieheader .= 'Cookie: $Version="' . $cookie['version'] . '"; '; - $cookieheader .= $name . '="' . $cookie['value'] . '";'; - if ($cookie['path']) - $cookieheader .= ' $Path="' . $cookie['path'] . '";'; - if ($cookie['domain']) - $cookieheader .= ' $Domain="' . $cookie['domain'] . '";'; - if ($cookie['port']) - $cookieheader .= ' $Port="' . $cookie['domain'] . '";'; - $cookieheader = substr($cookieheader, 0, -1) . "\r\n"; - } - else - { - $cookieheader .= 'Cookie: ' . $name . '=' . $cookie['value'] . "\r\n"; - } - } - - $op= 'POST ' . $uri. " HTTP/1.0\r\n" . - 'User-Agent: ' . $GLOBALS['xmlrpcName'] . ' ' . $GLOBALS['xmlrpcVersion'] . "\r\n" . - 'Host: '. $server . ':' . $port . "\r\n" . - $credentials . - $proxy_credentials . - $accepted_encoding . - $encoding_hdr . - 'Accept-Charset: ' . implode(',', $this->accepted_charset_encodings) . "\r\n" . - $cookieheader . - 'Content-Type: ' . $msg->content_type . "\r\nContent-Length: " . - strlen($payload) . "\r\n\r\n" . - $payload; - - if($this->debug > 1) - { - debug_event('XMLRPC',"\n---SENDING---\n" . htmlentities($op) . "\n---END---\n</PRE>",'1','xmlrpc'); - flush(); - } - - if($timeout>0) - { - $fp=@fsockopen($connectserver, $connectport, $this->errno, $this->errstr, $timeout); - } - else - { - $fp=@fsockopen($connectserver, $connectport, $this->errno, $this->errstr); - } - if($fp) - { - if($timeout>0 && function_exists('stream_set_timeout')) - { - stream_set_timeout($fp, $timeout); - } - } - else - { - $this->errstr='Connect error: '.$this->errstr; - $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['http_error'], $this->errstr . ' (' . $this->errno . ')'); - return $r; - } - - if(!fputs($fp, $op, strlen($op))) - { - $this->errstr='Write error'; - $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['http_error'], $this->errstr); - return $r; - } - else - { - // reset errno and errstr on succesful socket connection - $this->errstr = ''; - } - // G. Giunta 2005/10/24: close socket before parsing. - // should yeld slightly better execution times, and make easier recursive calls (e.g. to follow http redirects) - $ipd=''; - while($data=fread($fp, 32768)) - { - // shall we check for $data === FALSE? - // as per the manual, it signals an error - $ipd.=$data; - } - fclose($fp); - $r =& $msg->parseResponse($ipd, false, $this->return_type); - return $r; - - } - - /** - * @access private - */ - function &sendPayloadHTTPS($msg, $server, $port, $timeout=0, $username='', - $password='', $authtype=1, $cert='',$certpass='', $cacert='', $cacertdir='', - $proxyhost='', $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1, - $keepalive=false, $key='', $keypass='') - { - $r =& $this->sendPayloadCURL($msg, $server, $port, $timeout, $username, - $password, $authtype, $cert, $certpass, $cacert, $cacertdir, $proxyhost, $proxyport, - $proxyusername, $proxypassword, $proxyauthtype, 'https', $keepalive, $key, $keypass); - return $r; - } - - /** - * Contributed by Justin Miller <justin@voxel.net> - * Requires curl to be built into PHP - * NB: CURL versions before 7.11.10 cannot use proxy to talk to https servers! - * @access private - */ - function &sendPayloadCURL($msg, $server, $port, $timeout=0, $username='', - $password='', $authtype=1, $cert='', $certpass='', $cacert='', $cacertdir='', - $proxyhost='', $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1, $method='https', - $keepalive=false, $key='', $keypass='') - { - if(!function_exists('curl_init')) - { - $this->errstr='CURL unavailable on this install'; - $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['no_curl'], $GLOBALS['xmlrpcstr']['no_curl']); - return $r; - } - if($method == 'https') - { - if(($info = curl_version()) && - ((is_string($info) && strpos($info, 'OpenSSL') === null) || (is_array($info) && !isset($info['ssl_version'])))) - { - $this->errstr='SSL unavailable on this install'; - $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['no_ssl'], $GLOBALS['xmlrpcstr']['no_ssl']); - return $r; - } - } - - if($port == 0) - { - if($method == 'http') - { - $port = 80; - } - else - { - $port = 443; - } - } - - // Only create the payload if it was not created previously - if(empty($msg->payload)) - { - $msg->createPayload($this->request_charset_encoding); - } - - // Deflate request body and set appropriate request headers - $payload = $msg->payload; - if(function_exists('gzdeflate') && ($this->request_compression == 'gzip' || $this->request_compression == 'deflate')) - { - if($this->request_compression == 'gzip') - { - $a = @gzencode($payload); - if($a) - { - $payload = $a; - $encoding_hdr = 'Content-Encoding: gzip'; - } - } - else - { - $a = @gzcompress($payload); - if($a) - { - $payload = $a; - $encoding_hdr = 'Content-Encoding: deflate'; - } - } - } - else - { - $encoding_hdr = ''; - } - - if($this->debug > 1) { - debug_event('XMLRPC',"\n---SENDING---\n" . htmlentities($payload) . "\n---END---\n</PRE>",'1','xmlrpc'); - } - - if(!$keepalive || !$this->xmlrpc_curl_handle) - { - $curl = curl_init($method . '://' . $server . ':' . $port . $this->path); - if($keepalive) - { - $this->xmlrpc_curl_handle = $curl; - } - } - else - { - $curl = $this->xmlrpc_curl_handle; - } - - // results into variable - curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); - - if($this->debug) - { - curl_setopt($curl, CURLOPT_VERBOSE, 1); - } - curl_setopt($curl, CURLOPT_USERAGENT, $GLOBALS['xmlrpcName'].' '.$GLOBALS['xmlrpcVersion']); - // required for XMLRPC: post the data - curl_setopt($curl, CURLOPT_POST, 1); - // the data - curl_setopt($curl, CURLOPT_POSTFIELDS, $payload); - - // return the header too - curl_setopt($curl, CURLOPT_HEADER, 1); - - // will only work with PHP >= 5.0 - // NB: if we set an empty string, CURL will add http header indicating - // ALL methods it is supporting. This is possibly a better option than - // letting the user tell what curl can / cannot do... - if(is_array($this->accepted_compression) && count($this->accepted_compression)) - { - //curl_setopt($curl, CURLOPT_ENCODING, implode(',', $this->accepted_compression)); - // empty string means 'any supported by CURL' (shall we catch errors in case CURLOPT_SSLKEY undefined ?) - if (count($this->accepted_compression) == 1) - { - curl_setopt($curl, CURLOPT_ENCODING, $this->accepted_compression[0]); - } - else - curl_setopt($curl, CURLOPT_ENCODING, ''); - } - // extra headers - $headers = array('Content-Type: ' . $msg->content_type , 'Accept-Charset: ' . implode(',', $this->accepted_charset_encodings)); - // if no keepalive is wanted, let the server know it in advance - if(!$keepalive) - { - $headers[] = 'Connection: close'; - } - // request compression header - if($encoding_hdr) - { - $headers[] = $encoding_hdr; - } - - curl_setopt($curl, CURLOPT_HTTPHEADER, $headers); - // timeout is borked - if($timeout) - { - curl_setopt($curl, CURLOPT_TIMEOUT, $timeout == 1 ? 1 : $timeout - 1); - } - - if($username && $password) - { - curl_setopt($curl, CURLOPT_USERPWD, $username.':'.$password); - if (defined('CURLOPT_HTTPAUTH')) - { - curl_setopt($curl, CURLOPT_HTTPAUTH, $authtype); - } - else if ($authtype != 1) - { - error_log('XML-RPC: xmlrpc_client::send: warning. Only Basic auth is supported by the current PHP/curl install'); - } - } - - if($method == 'https') - { - // set cert file - if($cert) - { - curl_setopt($curl, CURLOPT_SSLCERT, $cert); - } - // set cert password - if($certpass) - { - curl_setopt($curl, CURLOPT_SSLCERTPASSWD, $certpass); - } - // whether to verify remote host's cert - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, $this->verifypeer); - // set ca certificates file/dir - if($cacert) - { - curl_setopt($curl, CURLOPT_CAINFO, $cacert); - } - if($cacertdir) - { - curl_setopt($curl, CURLOPT_CAPATH, $cacertdir); - } - // set key file (shall we catch errors in case CURLOPT_SSLKEY undefined ?) - if($key) - { - curl_setopt($curl, CURLOPT_SSLKEY, $key); - } - // set key password (shall we catch errors in case CURLOPT_SSLKEY undefined ?) - if($keypass) - { - curl_setopt($curl, CURLOPT_SSLKEYPASSWD, $keypass); - } - // whether to verify cert's common name (CN); 0 for no, 1 to verify that it exists, and 2 to verify that it matches the hostname used - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, $this->verifyhost); - } - - // proxy info - if($proxyhost) - { - if($proxyport == 0) - { - $proxyport = 8080; // NB: even for HTTPS, local connection is on port 8080 - } - curl_setopt($curl, CURLOPT_PROXY,$proxyhost.':'.$proxyport); - //curl_setopt($curl, CURLOPT_PROXYPORT,$proxyport); - if($proxyusername) - { - curl_setopt($curl, CURLOPT_PROXYUSERPWD, $proxyusername.':'.$proxypassword); - if (defined('CURLOPT_PROXYAUTH')) - { - curl_setopt($curl, CURLOPT_PROXYAUTH, $proxyauthtype); - } - else if ($proxyauthtype != 1) - { - error_log('XML-RPC: xmlrpc_client::send: warning. Only Basic auth to proxy is supported by the current PHP/curl install'); - } - } - } - - // NB: should we build cookie http headers by hand rather than let CURL do it? - // the following code does not honour 'expires', 'path' and 'domain' cookie attributes - // set to clint obj the the user... - if (count($this->cookies)) - { - $cookieheader = ''; - foreach ($this->cookies as $name => $cookie) - { - $cookieheader .= $name . '=' . $cookie['value'] . ', '; - } - curl_setopt($curl, CURLOPT_COOKIE, substr($cookieheader, 0, -2)); - } - - $result = curl_exec($curl); - - if(!$result) - { - $this->errstr='no response'; - $resp=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['curl_fail'], $GLOBALS['xmlrpcstr']['curl_fail']. ': '. curl_error($curl)); - if(!$keepalive) - { - curl_close($curl); - } - } - else - { - if(!$keepalive) - { - curl_close($curl); - } - $resp =& $msg->parseResponse($result, true, $this->return_type); - } - return $resp; - } - - /** - * Send an array of request messages and return an array of responses. - * Unless $this->no_multicall has been set to true, it will try first - * to use one single xmlrpc call to server method system.multicall, and - * revert to sending many successive calls in case of failure. - * This failure is also stored in $this->no_multicall for subsequent calls. - * Unfortunately, there is no server error code universally used to denote - * the fact that multicall is unsupported, so there is no way to reliably - * distinguish between that and a temporary failure. - * If you are sure that server supports multicall and do not want to - * fallback to using many single calls, set the fourth parameter to FALSE. - * - * NB: trying to shoehorn extra functionality into existing syntax has resulted - * in pretty much convoluted code... - * - * @param array $msgs an array of xmlrpcmsg objects - * @param integer $timeout connection timeout (in seconds) - * @param string $method the http protocol variant to be used - * @param boolean fallback When true, upon receiveing an error during multicall, multiple single calls will be attempted - * @return array - * @access public - */ - function multicall($msgs, $timeout=0, $method='', $fallback=true) - { - if ($method == '') - { - $method = $this->method; - } - if(!$this->no_multicall) - { - $results = $this->_try_multicall($msgs, $timeout, $method); - if(is_array($results)) - { - // System.multicall succeeded - return $results; - } - else - { - // either system.multicall is unsupported by server, - // or call failed for some other reason. - if ($fallback) - { - // Don't try it next time... - $this->no_multicall = true; - } - else - { - if (is_a($results, 'xmlrpcresp')) - { - $result = $results; - } - else - { - $result =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['multicall_error'], $GLOBALS['xmlrpcstr']['multicall_error']); - } - } - } - } - else - { - // override fallback, in case careless user tries to do two - // opposite things at the same time - $fallback = true; - } - - $results = array(); - if ($fallback) - { - // system.multicall is (probably) unsupported by server: - // emulate multicall via multiple requests - foreach($msgs as $msg) - { - $results[] =& $this->send($msg, $timeout, $method); - } - } - else - { - // user does NOT want to fallback on many single calls: - // since we should always return an array of responses, - // return an array with the same error repeated n times - foreach($msgs as $msg) - { - $results[] = $result; - } - } - return $results; - } - - /** - * Attempt to boxcar $msgs via system.multicall. - * Returns either an array of xmlrpcreponses, an xmlrpc error response - * or false (when received response does not respect valid multicall syntax) - * @access private - */ - function _try_multicall($msgs, $timeout, $method) - { - // Construct multicall message - $calls = array(); - foreach($msgs as $msg) - { - $call['methodName'] =& new xmlrpcval($msg->method(),'string'); - $numParams = $msg->getNumParams(); - $params = array(); - for($i = 0; $i < $numParams; $i++) - { - $params[$i] = $msg->getParam($i); - } - $call['params'] =& new xmlrpcval($params, 'array'); - $calls[] =& new xmlrpcval($call, 'struct'); - } - $multicall =& new xmlrpcmsg('system.multicall'); - $multicall->addParam(new xmlrpcval($calls, 'array')); - - // Attempt RPC call - $result =& $this->send($multicall, $timeout, $method); - - if($result->faultCode() != 0) - { - // call to system.multicall failed - return $result; - } - - // Unpack responses. - $rets = $result->value(); - - if ($this->return_type == 'xml') - { - return $rets; - } - else if ($this->return_type == 'phpvals') - { - ///@todo test this code branch... - $rets = $result->value(); - if(!is_array($rets)) - { - return false; // bad return type from system.multicall - } - $numRets = count($rets); - if($numRets != count($msgs)) - { - return false; // wrong number of return values. - } - - $response = array(); - for($i = 0; $i < $numRets; $i++) - { - $val = $rets[$i]; - if (!is_array($val)) { - return false; - } - switch(count($val)) - { - case 1: - if(!isset($val[0])) - { - return false; // Bad value - } - // Normal return value - $response[$i] =& new xmlrpcresp($val[0], 0, '', 'phpvals'); - break; - case 2: - /// @todo remove usage of @: it is apparently quite slow - $code = @$val['faultCode']; - if(!is_int($code)) - { - return false; - } - $str = @$val['faultString']; - if(!is_string($str)) - { - return false; - } - $response[$i] =& new xmlrpcresp(0, $code, $str); - break; - default: - return false; - } - } - return $response; - } - else // return type == 'xmlrpcvals' - { - $rets = $result->value(); - if($rets->kindOf() != 'array') - { - return false; // bad return type from system.multicall - } - $numRets = $rets->arraysize(); - if($numRets != count($msgs)) - { - return false; // wrong number of return values. - } - - $response = array(); - for($i = 0; $i < $numRets; $i++) - { - $val = $rets->arraymem($i); - switch($val->kindOf()) - { - case 'array': - if($val->arraysize() != 1) - { - return false; // Bad value - } - // Normal return value - $response[$i] =& new xmlrpcresp($val->arraymem(0)); - break; - case 'struct': - $code = $val->structmem('faultCode'); - if($code->kindOf() != 'scalar' || $code->scalartyp() != 'int') - { - return false; - } - $str = $val->structmem('faultString'); - if($str->kindOf() != 'scalar' || $str->scalartyp() != 'string') - { - return false; - } - $response[$i] =& new xmlrpcresp(0, $code->scalarval(), $str->scalarval()); - break; - default: - return false; - } - } - return $response; - } - } - } // end class xmlrpc_client - - class xmlrpcresp - { - var $val = 0; - var $valtyp; - var $errno = 0; - var $errstr = ''; - var $payload; - var $hdrs = array(); - var $_cookies = array(); - var $content_type = 'text/xml'; - var $raw_data = ''; - - /** - * @param mixed $val either an xmlrpcval obj, a php value or the xml serialization of an xmlrpcval (a string) - * @param integer $fcode set it to anything but 0 to create an error response - * @param string $fstr the error string, in case of an error response - * @param string $valtyp either 'xmlrpcvals', 'phpvals' or 'xml' - * - * @todo add check that $val / $fcode / $fstr is of correct type??? - * NB: as of now we do not do it, since it might be either an xmlrpcval or a plain - * php val, or a complete xml chunk, depending on usage of xmlrpc_client::send() inside which creator is called... - */ - function xmlrpcresp($val, $fcode = 0, $fstr = '', $valtyp='') - { - if($fcode != 0) - { - // error response - $this->errno = $fcode; - $this->errstr = $fstr; - //$this->errstr = htmlspecialchars($fstr); // XXX: encoding probably shouldn't be done here; fix later. - } - else - { - // successful response - $this->val = $val; - if ($valtyp == '') - { - // user did not declare type of response value: try to guess it - if (is_object($this->val) && $this->val instanceof xmlrpcval) - { - $this->valtyp = 'xmlrpcvals'; - } - else if (is_string($this->val)) - { - $this->valtyp = 'xml'; - - } - else - { - $this->valtyp = 'phpvals'; - } - } - else - { - // user declares type of resp value: believe him - $this->valtyp = $valtyp; - } - } - } - - /** - * Returns the error code of the response. - * @return integer the error code of this response (0 for not-error responses) - * @access public - */ - function faultCode() - { - return $this->errno; - } - - /** - * Returns the error code of the response. - * @return string the error string of this response ('' for not-error responses) - * @access public - */ - function faultString() - { - return $this->errstr; - } - - /** - * Returns the value received by the server. - * @return mixed the xmlrpcval object returned by the server. Might be an xml string or php value if the response has been created by specially configured xmlrpc_client objects - * @access public - */ - function value() - { - return $this->val; - } - - /** - * Returns an array with the cookies received from the server. - * Array has the form: $cookiename => array ('value' => $val, $attr1 => $val1, $attr2 = $val2, ...) - * with attributes being e.g. 'expires', 'path', domain'. - * NB: cookies sent as 'expired' by the server (i.e. with an expiry date in the past) - * are still present in the array. It is up to the user-defined code to decide - * how to use the received cookies, and wheter they have to be sent back with the next - * request to the server (using xmlrpc_client::setCookie) or not - * @return array array of cookies received from the server - * @access public - */ - function cookies() - { - return $this->_cookies; - } - - /** - * Returns xml representation of the response. XML prologue not included - * @param string $charset_encoding the charset to be used for serialization. if null, US-ASCII is assumed - * @return string the xml representation of the response - * @access public - */ - function serialize($charset_encoding='') - { - if ($charset_encoding != '') - $this->content_type = 'text/xml; charset=' . $charset_encoding; - else - $this->content_type = 'text/xml'; - $result = "<methodResponse>\n"; - if($this->errno) - { - // G. Giunta 2005/2/13: let non-ASCII response messages be tolerated by clients - // by xml-encoding non ascii chars - $result .= "<fault>\n" . -"<value>\n<struct><member><name>faultCode</name>\n<value><int>" . $this->errno . -"</int></value>\n</member>\n<member>\n<name>faultString</name>\n<value><string>" . -xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $charset_encoding) . "</string></value>\n</member>\n" . -"</struct>\n</value>\n</fault>"; - } - else - { - if(!is_object($this->val) || !$this->val instanceof xmlrpcval) - { - if (is_string($this->val) && $this->valtyp == 'xml') - { - $result .= "<params>\n<param>\n" . - $this->val . - "</param>\n</params>"; - } - else - { - /// @todo try to build something serializable? - die('cannot serialize xmlrpcresp objects whose content is native php values'); - } - } - else - { - $result .= "<params>\n<param>\n" . - $this->val->serialize($charset_encoding) . - "</param>\n</params>"; - } - } - $result .= "\n</methodResponse>"; - $this->payload = $result; - return $result; - } - } - - class xmlrpcmsg - { - var $payload; - var $methodname; - var $params=array(); - var $debug=0; - var $content_type = 'text/xml'; - - /** - * @param string $meth the name of the method to invoke - * @param array $pars array of parameters to be paased to the method (xmlrpcval objects) - */ - function xmlrpcmsg($meth, $pars=0) - { - $this->methodname=$meth; - if(is_array($pars) && count($pars)>0) - { - for($i=0; $i<count($pars); $i++) - { - $this->addParam($pars[$i]); - } - } - } - - /** - * @access private - */ - function xml_header($charset_encoding='') - { - if ($charset_encoding != '') - { - return "<?xml version=\"1.0\" encoding=\"$charset_encoding\" ?" . ">\n<methodCall>\n"; - } - else - { - return "<?xml version=\"1.0\"?" . ">\n<methodCall>\n"; - } - } - - /** - * @access private - */ - function xml_footer() - { - return '</methodCall>'; - } - - /** - * @access private - */ - function kindOf() - { - return 'msg'; - } - - /** - * @access private - */ - function createPayload($charset_encoding='') - { - if ($charset_encoding != '') - $this->content_type = 'text/xml; charset=' . $charset_encoding; - else - $this->content_type = 'text/xml'; - $this->payload=$this->xml_header($charset_encoding); - $this->payload.='<methodName>' . $this->methodname . "</methodName>\n"; - $this->payload.="<params>\n"; - for($i=0; $i<count($this->params); $i++) - { - $p=$this->params[$i]; - $this->payload.="<param>\n" . $p->serialize($charset_encoding) . - "</param>\n"; - } - $this->payload.="</params>\n"; - $this->payload.=$this->xml_footer(); - } - - /** - * Gets/sets the xmlrpc method to be invoked - * @param string $meth the method to be set (leave empty not to set it) - * @return string the method that will be invoked - * @access public - */ - function method($meth='') - { - if($meth!='') - { - $this->methodname=$meth; - } - return $this->methodname; - } - - /** - * Returns xml representation of the message. XML prologue included - * @return string the xml representation of the message, xml prologue included - * @access public - */ - function serialize($charset_encoding='') - { - $this->createPayload($charset_encoding); - return $this->payload; - } - - /** - * Add a parameter to the list of parameters to be used upon method invocation - * @param xmlrpcval $par - * @return boolean false on failure - * @access public - */ - function addParam($par) - { - // add check: do not add to self params which are not xmlrpcvals - $is_instance = $par instanceof xmlrpcval; - if(is_object($par) && $is_instance) - { - $this->params[]=$par; - return true; - } - else - { - return false; - } - } - - /** - * Returns the nth parameter in the message. The index zero-based. - * @param integer $i the index of the parameter to fetch (zero based) - * @return xmlrpcval the i-th parameter - * @access public - */ - function getParam($i) { return $this->params[$i]; } - - /** - * Returns the number of parameters in the messge. - * @return integer the number of parameters currently set - * @access public - */ - function getNumParams() { return count($this->params); } - - /** - * Given an open file handle, read all data available and parse it as axmlrpc response. - * NB: the file handle is not closed by this function. - * @access public - * @return xmlrpcresp - * @todo add 2nd & 3rd param to be passed to ParseResponse() ??? - */ - function &parseResponseFile($fp) - { - $ipd=''; - while($data=fread($fp, 32768)) - { - $ipd.=$data; - } - //fclose($fp); - $r =& $this->parseResponse($ipd); - return $r; - } - - /** - * Parses HTTP headers and separates them from data. - * @access private - */ - function &parseResponseHeaders(&$data, $headers_processed=false) - { - // Support "web-proxy-tunelling" connections for https through proxies - if(preg_match('/^HTTP\/1\.[0-1] 200 Connection established/', $data)) - { - // Look for CR/LF or simple LF as line separator, - // (even though it is not valid http) - $pos = strpos($data,"\r\n\r\n"); - if($pos || is_int($pos)) - { - $bd = $pos+4; - } - else - { - $pos = strpos($data,"\n\n"); - if($pos || is_int($pos)) - { - $bd = $pos+2; - } - else - { - // No separation between response headers and body: fault? - $bd = 0; - } - } - if ($bd) - { - // this filters out all http headers from proxy. - // maybe we could take them into account, too? - $data = substr($data, $bd); - } - else - { - error_log('XML-RPC: xmlrpcmsg::parseResponse: HTTPS via proxy error, tunnel connection possibly failed'); - $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['http_error'], $GLOBALS['xmlrpcstr']['http_error']. ' (HTTPS via proxy error, tunnel connection possibly failed)'); - return $r; - } - } - - // Strip HTTP 1.1 100 Continue header if present - while(preg_match('/^HTTP\/1\.1 1[0-9]{2} /', $data)) - { - $pos = strpos($data, 'HTTP', 12); - // server sent a Continue header without any (valid) content following... - // give the client a chance to know it - if(!$pos && !is_int($pos)) // works fine in php 3, 4 and 5 - { - break; - } - $data = substr($data, $pos); - } - if(!preg_match('/^HTTP\/[0-9.]+ 200 /', $data)) - { - $errstr= substr($data, 0, strpos($data, "\n")-1); - error_log('XML-RPC: xmlrpcmsg::parseResponse: HTTP error, got response: ' .$errstr); - $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['http_error'], $GLOBALS['xmlrpcstr']['http_error']. ' (' . $errstr . ')'); - return $r; - } - - $GLOBALS['_xh']['headers'] = array(); - $GLOBALS['_xh']['cookies'] = array(); - - // be tolerant to usage of \n instead of \r\n to separate headers and data - // (even though it is not valid http) - $pos = strpos($data,"\r\n\r\n"); - if($pos || is_int($pos)) - { - $bd = $pos+4; - } - else - { - $pos = strpos($data,"\n\n"); - if($pos || is_int($pos)) - { - $bd = $pos+2; - } - else - { - // No separation between response headers and body: fault? - // we could take some action here instead of going on... - $bd = 0; - } - } - // be tolerant to line endings, and extra empty lines - $ar = split("\r?\n", trim(substr($data, 0, $pos))); - while(list(,$line) = @each($ar)) - { - // take care of multi-line headers and cookies - $arr = explode(':',$line,2); - if(count($arr) > 1) - { - $header_name = strtolower(trim($arr[0])); - /// @todo some other headers (the ones that allow a CSV list of values) - /// do allow many values to be passed using multiple header lines. - /// We should add content to $GLOBALS['_xh']['headers'][$header_name] - /// instead of replacing it for those... - if ($header_name == 'set-cookie' || $header_name == 'set-cookie2') - { - if ($header_name == 'set-cookie2') - { - // version 2 cookies: - // there could be many cookies on one line, comma separated - $cookies = explode(',', $arr[1]); - } - else - { - $cookies = array($arr[1]); - } - foreach ($cookies as $cookie) - { - // glue together all received cookies, using a comma to separate them - // (same as php does with getallheaders()) - if (isset($GLOBALS['_xh']['headers'][$header_name])) - $GLOBALS['_xh']['headers'][$header_name] .= ', ' . trim($cookie); - else - $GLOBALS['_xh']['headers'][$header_name] = trim($cookie); - // parse cookie attributes, in case user wants to correctly honour them - // feature creep: only allow rfc-compliant cookie attributes? - $cookie = explode(';', $cookie); - foreach ($cookie as $pos => $val) - { - $val = explode('=', $val, 2); - $tag = trim($val[0]); - $val = trim(@$val[1]); - /// @todo with version 1 cookies, we should strip leading and trailing " chars - if ($pos == 0) - { - $cookiename = $tag; - $GLOBALS['_xh']['cookies'][$tag] = array(); - $GLOBALS['_xh']['cookies'][$cookiename]['value'] = urldecode($val); - } - else - { - $GLOBALS['_xh']['cookies'][$cookiename][$tag] = $val; - } - } - } - } - else - { - $GLOBALS['_xh']['headers'][$header_name] = trim($arr[1]); - } - } - elseif(isset($header_name)) - { - /// @todo version1 cookies might span multiple lines, thus breaking the parsing above - $GLOBALS['_xh']['headers'][$header_name] .= ' ' . trim($line); - } - } - - $data = substr($data, $bd); - - // If we're debuging and we've got some headers - if($this->debug && count($GLOBALS['_xh']['headers'])) { - $debug_string = ''; - - foreach($GLOBALS['_xh']['headers'] as $header => $value) { - $debug_string .= "HEADER: $header: $value\n"; - } - foreach($GLOBALS['_xh']['cookies'] as $header => $value) { - $debug_string .= "COOKIE: $header={$value['value']}\n"; - } - debug_event('XMLRPC',"\n---SENDING---\n" . htmlentities($debug_string) . "\n---END---\n",'1','xmlrpc'); - } - - // if CURL was used for the call, http headers have been processed, - // and dechunking + reinflating have been carried out - if(!$headers_processed) - { - // Decode chunked encoding sent by http 1.1 servers - if(isset($GLOBALS['_xh']['headers']['transfer-encoding']) && $GLOBALS['_xh']['headers']['transfer-encoding'] == 'chunked') - { - if(!$data = decode_chunked($data)) - { - error_log('XML-RPC: xmlrpcmsg::parseResponse: errors occurred when trying to rebuild the chunked data received from server'); - $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['dechunk_fail'], $GLOBALS['xmlrpcstr']['dechunk_fail']); - return $r; - } - } - - // Decode gzip-compressed stuff - // code shamelessly inspired from nusoap library by Dietrich Ayala - if(isset($GLOBALS['_xh']['headers']['content-encoding'])) - { - $GLOBALS['_xh']['headers']['content-encoding'] = str_replace('x-', '', $GLOBALS['_xh']['headers']['content-encoding']); - if($GLOBALS['_xh']['headers']['content-encoding'] == 'deflate' || $GLOBALS['_xh']['headers']['content-encoding'] == 'gzip') - { - // if decoding works, use it. else assume data wasn't gzencoded - if(function_exists('gzinflate')) - { - if($GLOBALS['_xh']['headers']['content-encoding'] == 'deflate' && $degzdata = @gzuncompress($data)) - { - $data = $degzdata; - if($this->debug) - debug_event('XMLRPC',"\n---RESPONSE---\n" . $data . "\n---END---\n",'1','xmlrpc'); - } - elseif($GLOBALS['_xh']['headers']['content-encoding'] == 'gzip' && $degzdata = @gzinflate(substr($data, 10))) - { - $data = $degzdata; - if($this->debug) - debug_event('XMLRPC',"\n---RESPONSE---\n" . $data . "\n---END---\n",'1','xmlrpc'); - } - else - { - error_log('XML-RPC: xmlrpcmsg::parseResponse: errors occurred when trying to decode the deflated data received from server'); - $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['decompress_fail'], $GLOBALS['xmlrpcstr']['decompress_fail']); - return $r; - } - } - else - { - error_log('XML-RPC: xmlrpcmsg::parseResponse: the server sent deflated data. Your php install must have the Zlib extension compiled in to support this.'); - $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['cannot_decompress'], $GLOBALS['xmlrpcstr']['cannot_decompress']); - return $r; - } - } - } - } // end of 'if needed, de-chunk, re-inflate response' - - // real stupid hack to avoid PHP 4 complaining about returning NULL by ref - $r = null; - $r =& $r; - return $r; - } - - /** - * Parse the xmlrpc response contained in the string $data and return an xmlrpcresp object. - * @param string $data the xmlrpc response, eventually including http headers - * @param bool $headers_processed when true prevents parsing HTTP headers for interpretation of content-encoding and consequent decoding - * @param string $return_type decides return type, i.e. content of response->value(). Either 'xmlrpcvals', 'xml' or 'phpvals' - * @return xmlrpcresp - * @access public - */ - function &parseResponse($data='', $headers_processed=false, $return_type='xmlrpcvals') - { - if($this->debug) - { - //by maHo, replaced htmlspecialchars with htmlentities - debug_event('XMLRPC',"\n---GOT---\n" . $data . "\n---END---\n",'1','xmlrpc'); - } - - if($data == '') - { - error_log('XML-RPC: xmlrpcmsg::parseResponse: no response received from server.'); - $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['no_data'], $GLOBALS['xmlrpcstr']['no_data']); - return $r; - } - - $GLOBALS['_xh']=array(); - - $raw_data = $data; - // parse the HTTP headers of the response, if present, and separate them from data - if(substr($data, 0, 4) == 'HTTP') - { - $r =& $this->parseResponseHeaders($data, $headers_processed); - if ($r) - { - // failed processing of HTTP response headers - // save into response obj the full payload received, for debugging - $r->raw_data = $data; - return $r; - } - } - else - { - $GLOBALS['_xh']['headers'] = array(); - $GLOBALS['_xh']['cookies'] = array(); - } - - if($this->debug) - { - $start = strpos($data, '<!-- SERVER DEBUG INFO (BASE64 ENCODED):'); - if ($start) - { - $start += strlen('<!-- SERVER DEBUG INFO (BASE64 ENCODED):'); - $end = strpos($data, '-->', $start); - $comments = substr($data, $start, $end-$start); - print "<PRE>---SERVER DEBUG INFO (DECODED) ---\n\t".htmlentities(str_replace("\n", "\n\t", base64_decode($comments)))."\n---END---\n</PRE>"; - } - } - - // be tolerant of extra whitespace in response body - $data = trim($data); - - /// @todo return an error msg if $data=='' ? - - // be tolerant of junk after methodResponse (e.g. javascript ads automatically inserted by free hosts) - // idea from Luca Mariano <luca.mariano@email.it> originally in PEARified version of the lib - $bd = false; - // Poor man's version of strrpos for php 4... - $pos = strpos($data, '</methodResponse>'); - while($pos || is_int($pos)) - { - $bd = $pos+17; - $pos = strpos($data, '</methodResponse>', $bd); - } - if($bd) - { - $data = substr($data, 0, $bd); - } - - // if user wants back raw xml, give it to him - if ($return_type == 'xml') - { - $r =& new xmlrpcresp($data, 0, '', 'xml'); - $r->hdrs = $GLOBALS['_xh']['headers']; - $r->_cookies = $GLOBALS['_xh']['cookies']; - $r->raw_data = $raw_data; - return $r; - } - - // try to 'guestimate' the character encoding of the received response - $resp_encoding = guess_encoding(@$GLOBALS['_xh']['headers']['content-type'], $data); - - $GLOBALS['_xh']['ac']=''; - //$GLOBALS['_xh']['qt']=''; //unused... - $GLOBALS['_xh']['stack'] = array(); - $GLOBALS['_xh']['valuestack'] = array(); - $GLOBALS['_xh']['isf']=0; // 0 = OK, 1 for xmlrpc fault responses, 2 = invalid xmlrpc - $GLOBALS['_xh']['isf_reason']=''; - $GLOBALS['_xh']['rt']=''; // 'methodcall or 'methodresponse' - - // if response charset encoding is not known / supported, try to use - // the default encoding and parse the xml anyway, but log a warning... - if (!in_array($resp_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) - // the following code might be better for mb_string enabled installs, but - // makes the lib about 200% slower... - //if (!is_valid_charset($resp_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) - { - error_log('XML-RPC: xmlrpcmsg::parseResponse: invalid charset encoding of received response: '.$resp_encoding); - $resp_encoding = $GLOBALS['xmlrpc_defencoding']; - } - $parser = xml_parser_create($resp_encoding); - xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true); - // G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell - // the xml parser to give us back data in the expected charset - xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $GLOBALS['xmlrpc_internalencoding']); - - if ($return_type == 'phpvals') - { - xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee_fast'); - } - else - { - xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee'); - } - - xml_set_character_data_handler($parser, 'xmlrpc_cd'); - xml_set_default_handler($parser, 'xmlrpc_dh'); - - // first error check: xml not well formed - if(!xml_parse($parser, $data, count($data))) - { - // thanks to Peter Kocks <peter.kocks@baygate.com> - if((xml_get_current_line_number($parser)) == 1) - { - $errstr = 'XML error at line 1, check URL'; - } - else - { - $errstr = sprintf('XML error: %s at line %d, column %d', - xml_error_string(xml_get_error_code($parser)), - xml_get_current_line_number($parser), xml_get_current_column_number($parser)); - } - error_log($errstr); - $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['invalid_return'], $GLOBALS['xmlrpcstr']['invalid_return'].' ('.$errstr.')'); - xml_parser_free($parser); - if($this->debug) - { - debug_event('XMLRPC',$errstr,'1','xmlrpc'); - } - $r->hdrs = $GLOBALS['_xh']['headers']; - $r->_cookies = $GLOBALS['_xh']['cookies']; - $r->raw_data = $raw_data; - return $r; - } - xml_parser_free($parser); - // second error check: xml well formed but not xml-rpc compliant - if ($GLOBALS['_xh']['isf'] > 1) - { - if ($this->debug) - { - /// @todo echo something for user? - } - - $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['invalid_return'], - $GLOBALS['xmlrpcstr']['invalid_return'] . ' ' . $GLOBALS['_xh']['isf_reason']); - } - // third error check: parsing of the response has somehow gone boink. - // NB: shall we omit this check, since we trust the parsing code? - elseif ($return_type == 'xmlrpcvals' && !is_object($GLOBALS['_xh']['value'])) - { - // something odd has happened - // and it's time to generate a client side error - // indicating something odd went on - $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['invalid_return'], - $GLOBALS['xmlrpcstr']['invalid_return']); - } - else - { - if ($this->debug) - { - // somehow htmlentities chokes on var_export, and some full html string... - //print htmlentitites(var_export($GLOBALS['_xh']['value'], true)); - debug_event('XMLRPC',var_export($GLOBALS['_xh']['value'],true),'1','xmlrpc'); - } - - // note that using =& will raise an error if $GLOBALS['_xh']['st'] does not generate an object. - $v =& $GLOBALS['_xh']['value']; - - if($GLOBALS['_xh']['isf']) - { - /// @todo we should test here if server sent an int and a string, - /// and/or coerce them into such... - if ($return_type == 'xmlrpcvals') - { - $errno_v = $v->structmem('faultCode'); - $errstr_v = $v->structmem('faultString'); - $errno = $errno_v->scalarval(); - $errstr = $errstr_v->scalarval(); - } - else - { - $errno = $v['faultCode']; - $errstr = $v['faultString']; - } - - if($errno == 0) - { - // FAULT returned, errno needs to reflect that - $errno = -1; - } - - $r =& new xmlrpcresp(0, $errno, $errstr); - } - else - { - $r=&new xmlrpcresp($v, 0, '', $return_type); - } - } - - $r->hdrs = $GLOBALS['_xh']['headers']; - $r->_cookies = $GLOBALS['_xh']['cookies']; - $r->raw_data = $raw_data; - return $r; - } - } - - class xmlrpcval - { - var $me=array(); - var $mytype=0; - var $_php_class=null; - - /** - * @param mixed $val - * @param string $type any valid xmlrpc type name (lowercase). If null, 'string' is assumed - */ - function xmlrpcval($val=-1, $type='') - { - /// @todo: optimization creep - do not call addXX, do it all inline. - /// downside: booleans will not be coerced anymore - if($val!==-1 || $type!='') - { - // optimization creep: inlined all work done by constructor - switch($type) - { - case '': - $this->mytype=1; - $this->me['string']=$val; - break; - case 'i4': - case 'int': - case 'double': - case 'string': - case 'boolean': - case 'dateTime.iso8601': - case 'base64': - case 'null': - $this->mytype=1; - $this->me[$type]=$val; - break; - case 'array': - $this->mytype=2; - $this->me['array']=$val; - break; - case 'struct': - $this->mytype=3; - $this->me['struct']=$val; - break; - default: - error_log("XML-RPC: xmlrpcval::xmlrpcval: not a known type ($type)"); - } - /*if($type=='') - { - $type='string'; - } - if($GLOBALS['xmlrpcTypes'][$type]==1) - { - $this->addScalar($val,$type); - } - elseif($GLOBALS['xmlrpcTypes'][$type]==2) - { - $this->addArray($val); - } - elseif($GLOBALS['xmlrpcTypes'][$type]==3) - { - $this->addStruct($val); - }*/ - } - } - - /** - * Add a single php value to an (unitialized) xmlrpcval - * @param mixed $val - * @param string $type - * @return int 1 or 0 on failure - */ - function addScalar($val, $type='string') - { - $typeof=@$GLOBALS['xmlrpcTypes'][$type]; - if($typeof!=1) - { - error_log("XML-RPC: xmlrpcval::addScalar: not a scalar type ($type)"); - return 0; - } - - // coerce booleans into correct values - // NB: we should iether do it for datetimes, integers and doubles, too, - // or just plain remove this check, implemnted on booleans only... - if($type==$GLOBALS['xmlrpcBoolean']) - { - if(strcasecmp($val,'true')==0 || $val==1 || ($val==true && strcasecmp($val,'false'))) - { - $val=true; - } - else - { - $val=false; - } - } - - switch($this->mytype) - { - case 1: - error_log('XML-RPC: xmlrpcval::addScalar: scalar xmlrpcval can have only one value'); - return 0; - case 3: - error_log('XML-RPC: xmlrpcval::addScalar: cannot add anonymous scalar to struct xmlrpcval'); - return 0; - case 2: - // we're adding a scalar value to an array here - //$ar=$this->me['array']; - //$ar[]=&new xmlrpcval($val, $type); - //$this->me['array']=$ar; - // Faster (?) avoid all the costly array-copy-by-val done here... - $this->me['array'][]=&new xmlrpcval($val, $type); - return 1; - default: - // a scalar, so set the value and remember we're scalar - $this->me[$type]=$val; - $this->mytype=$typeof; - return 1; - } - } - - /** - * Add an array of xmlrpcval objects to an xmlrpcval - * @param array $vals - * @return int 1 or 0 on failure - * @access public - * - * @todo add some checking for $vals to be an array of xmlrpcvals? - */ - function addArray($vals) - { - if($this->mytype==0) - { - $this->mytype=$GLOBALS['xmlrpcTypes']['array']; - $this->me['array']=$vals; - return 1; - } - elseif($this->mytype==2) - { - // we're adding to an array here - $this->me['array'] = array_merge($this->me['array'], $vals); - return 1; - } - else - { - error_log('XML-RPC: xmlrpcval::addArray: already initialized as a [' . $this->kindOf() . ']'); - return 0; - } - } - - /** - * Add an array of named xmlrpcval objects to an xmlrpcval - * @param array $vals - * @return int 1 or 0 on failure - * @access public - * - * @todo add some checking for $vals to be an array? - */ - function addStruct($vals) - { - if($this->mytype==0) - { - $this->mytype=$GLOBALS['xmlrpcTypes']['struct']; - $this->me['struct']=$vals; - return 1; - } - elseif($this->mytype==3) - { - // we're adding to a struct here - $this->me['struct'] = array_merge($this->me['struct'], $vals); - return 1; - } - else - { - error_log('XML-RPC: xmlrpcval::addStruct: already initialized as a [' . $this->kindOf() . ']'); - return 0; - } - } - - // poor man's version of print_r ??? - // DEPRECATED! - function dump($ar) - { - foreach($ar as $key => $val) - { - echo "$key => $val<br />"; - if($key == 'array') - { - while(list($key2, $val2) = each($val)) - { - echo "-- $key2 => $val2<br />"; - } - } - } - } - - /** - * Returns a string containing "struct", "array" or "scalar" describing the base type of the value - * @return string - * @access public - */ - function kindOf() - { - switch($this->mytype) - { - case 3: - return 'struct'; - break; - case 2: - return 'array'; - break; - case 1: - return 'scalar'; - break; - default: - return 'undef'; - } - } - - /** - * @access private - */ - function serializedata($typ, $val, $charset_encoding='') - { - $rs=''; - switch(@$GLOBALS['xmlrpcTypes'][$typ]) - { - case 1: - switch($typ) - { - case $GLOBALS['xmlrpcBase64']: - $rs.="<${typ}>" . base64_encode($val) . "</${typ}>"; - break; - case $GLOBALS['xmlrpcBoolean']: - $rs.="<${typ}>" . ($val ? '1' : '0') . "</${typ}>"; - break; - case $GLOBALS['xmlrpcString']: - // G. Giunta 2005/2/13: do NOT use htmlentities, since - // it will produce named html entities, which are invalid xml - $rs.="<${typ}>" . xmlrpc_encode_entitites($val, $GLOBALS['xmlrpc_internalencoding'], $charset_encoding). "</${typ}>"; - break; - case $GLOBALS['xmlrpcInt']: - case $GLOBALS['xmlrpcI4']: - $rs.="<${typ}>".(int)$val."</${typ}>"; - break; - case $GLOBALS['xmlrpcDouble']: - $rs.="<${typ}>".(double)$val."</${typ}>"; - break; - case $GLOBALS['xmlrpcNull']: - $rs.="<nil/>"; - break; - default: - // no standard type value should arrive here, but provide a possibility - // for xmlrpcvals of unknown type... - $rs.="<${typ}>${val}</${typ}>"; - } - break; - case 3: - // struct - if ($this->_php_class) - { - $rs.='<struct php_class="' . $this->_php_class . "\">\n"; - } - else - { - $rs.="<struct>\n"; - } - foreach($val as $key2 => $val2) - { - $rs.='<member><name>'.xmlrpc_encode_entitites($key2, $GLOBALS['xmlrpc_internalencoding'], $charset_encoding)."</name>\n"; - //$rs.=$this->serializeval($val2); - $rs.=$val2->serialize($charset_encoding); - $rs.="</member>\n"; - } - $rs.='</struct>'; - break; - case 2: - // array - $rs.="<array>\n<data>\n"; - for($i=0; $i<count($val); $i++) - { - //$rs.=$this->serializeval($val[$i]); - $rs.=$val[$i]->serialize($charset_encoding); - } - $rs.="</data>\n</array>"; - break; - default: - break; - } - return $rs; - } - - /** - * Returns xml representation of the value. XML prologue not included - * @param string $charset_encoding the charset to be used for serialization. if null, US-ASCII is assumed - * @return string - * @access public - */ - function serialize($charset_encoding='') - { - // add check? slower, but helps to avoid recursion in serializing broken xmlrpcvals... - //if (is_object($o) && (get_class($o) == 'xmlrpcval' || is_subclass_of($o, 'xmlrpcval'))) - //{ - reset($this->me); - list($typ, $val) = each($this->me); - return '<value>' . $this->serializedata($typ, $val, $charset_encoding) . "</value>\n"; - //} - } - - // DEPRECATED - function serializeval($o) - { - // add check? slower, but helps to avoid recursion in serializing broken xmlrpcvals... - //if (is_object($o) && (get_class($o) == 'xmlrpcval' || is_subclass_of($o, 'xmlrpcval'))) - //{ - $ar=$o->me; - reset($ar); - list($typ, $val) = each($ar); - return '<value>' . $this->serializedata($typ, $val) . "</value>\n"; - //} - } - - /** - * Checks wheter a struct member with a given name is present. - * Works only on xmlrpcvals of type struct. - * @param string $m the name of the struct member to be looked up - * @return boolean - * @access public - */ - function structmemexists($m) - { - return array_key_exists($m, $this->me['struct']); - } - - /** - * Returns the value of a given struct member (an xmlrpcval object in itself). - * Will raise a php warning if struct member of given name does not exist - * @param string $m the name of the struct member to be looked up - * @return xmlrpcval - * @access public - */ - function structmem($m) - { - return $this->me['struct'][$m]; - } - - /** - * Reset internal pointer for xmlrpcvals of type struct. - * @access public - */ - function structreset() - { - reset($this->me['struct']); - } - - /** - * Return next member element for xmlrpcvals of type struct. - * @return xmlrpcval - * @access public - */ - function structeach() - { - return each($this->me['struct']); - } - - // DEPRECATED! this code looks like it is very fragile and has not been fixed - // for a long long time. Shall we remove it for 2.0? - function getval() - { - // UNSTABLE - reset($this->me); - list($a,$b)=each($this->me); - // contributed by I Sofer, 2001-03-24 - // add support for nested arrays to scalarval - // i've created a new method here, so as to - // preserve back compatibility - - if(is_array($b)) - { - @reset($b); - while(list($id,$cont) = @each($b)) - { - $b[$id] = $cont->scalarval(); - } - } - - // add support for structures directly encoding php objects - if(is_object($b)) - { - $t = get_object_vars($b); - @reset($t); - while(list($id,$cont) = @each($t)) - { - $t[$id] = $cont->scalarval(); - } - @reset($t); - while(list($id,$cont) = @each($t)) - { - @$b->$id = $cont; - } - } - // end contrib - return $b; - } - - /** - * Returns the value of a scalar xmlrpcval - * @return mixed - * @access public - */ - function scalarval() - { - reset($this->me); - list(,$b)=each($this->me); - return $b; - } - - /** - * Returns the type of the xmlrpcval. - * For integers, 'int' is always returned in place of 'i4' - * @return string - * @access public - */ - function scalartyp() - { - reset($this->me); - list($a,)=each($this->me); - if($a==$GLOBALS['xmlrpcI4']) - { - $a=$GLOBALS['xmlrpcInt']; - } - return $a; - } - - /** - * Returns the m-th member of an xmlrpcval of struct type - * @param integer $m the index of the value to be retrieved (zero based) - * @return xmlrpcval - * @access public - */ - function arraymem($m) - { - return $this->me['array'][$m]; - } - - /** - * Returns the number of members in an xmlrpcval of array type - * @return integer - * @access public - */ - function arraysize() - { - return count($this->me['array']); - } - - /** - * Returns the number of members in an xmlrpcval of struct type - * @return integer - * @access public - */ - function structsize() - { - return count($this->me['struct']); - } - } - - - // date helpers - - /** - * Given a timestamp, return the corresponding ISO8601 encoded string. - * - * Really, timezones ought to be supported - * but the XML-RPC spec says: - * - * "Don't assume a timezone. It should be specified by the server in its - * documentation what assumptions it makes about timezones." - * - * These routines always assume localtime unless - * $utc is set to 1, in which case UTC is assumed - * and an adjustment for locale is made when encoding - * - * @param int $timet (timestamp) - * @param int $utc (0 or 1) - * @return string - */ - function iso8601_encode($timet, $utc=0) - { - if(!$utc) - { - $t=strftime("%Y%m%dT%H:%M:%S", $timet); - } - else - { - if(function_exists('gmstrftime')) - { - // gmstrftime doesn't exist in some versions - // of PHP - $t=gmstrftime("%Y%m%dT%H:%M:%S", $timet); - } - else - { - $t=strftime("%Y%m%dT%H:%M:%S", $timet-date('Z')); - } - } - return $t; - } - - /** - * Given an ISO8601 date string, return a timet in the localtime, or UTC - * @param string $idate - * @param int $utc either 0 or 1 - * @return int (datetime) - */ - function iso8601_decode($idate, $utc=0) - { - $t=0; - if(preg_match('/([0-9]{4})([0-9]{2})([0-9]{2})T([0-9]{2}):([0-9]{2}):([0-9]{2})/', $idate, $regs)) - { - if($utc) - { - $t=gmmktime($regs[4], $regs[5], $regs[6], $regs[2], $regs[3], $regs[1]); - } - else - { - $t=mktime($regs[4], $regs[5], $regs[6], $regs[2], $regs[3], $regs[1]); - } - } - return $t; - } - - /** - * Takes an xmlrpc value in PHP xmlrpcval object format and translates it into native PHP types. - * - * Works with xmlrpc message objects as input, too. - * - * Given proper options parameter, can rebuild generic php object instances - * (provided those have been encoded to xmlrpc format using a corresponding - * option in php_xmlrpc_encode()) - * PLEASE NOTE that rebuilding php objects involves calling their constructor function. - * This means that the remote communication end can decide which php code will - * get executed on your server, leaving the door possibly open to 'php-injection' - * style of attacks (provided you have some classes defined on your server that - * might wreak havoc if instances are built outside an appropriate context). - * Make sure you trust the remote server/client before eanbling this! - * - * @author Dan Libby (dan@libby.com) - * - * @param xmlrpcval $xmlrpc_val - * @param array $options if 'decode_php_objs' is set in the options array, xmlrpc structs can be decoded into php objects - * @return mixed - */ - function php_xmlrpc_decode($xmlrpc_val, $options=array()) - { - switch($xmlrpc_val->kindOf()) - { - case 'scalar': - if (in_array('extension_api', $options)) - { - reset($xmlrpc_val->me); - list($typ,$val) = each($xmlrpc_val->me); - switch ($typ) - { - case 'dateTime.iso8601': - $xmlrpc_val->scalar = $val; - $xmlrpc_val->xmlrpc_type = 'datetime'; - $xmlrpc_val->timestamp = iso8601_decode($val); - return $xmlrpc_val; - case 'base64': - $xmlrpc_val->scalar = $val; - $xmlrpc_val->type = $typ; - return $xmlrpc_val; - default: - return $xmlrpc_val->scalarval(); - } - } - return $xmlrpc_val->scalarval(); - case 'array': - $size = $xmlrpc_val->arraysize(); - $arr = array(); - for($i = 0; $i < $size; $i++) - { - $arr[] = php_xmlrpc_decode($xmlrpc_val->arraymem($i), $options); - } - return $arr; - case 'struct': - $xmlrpc_val->structreset(); - // If user said so, try to rebuild php objects for specific struct vals. - /// @todo should we raise a warning for class not found? - // shall we check for proper subclass of xmlrpcval instead of - // presence of _php_class to detect what we can do? - if (in_array('decode_php_objs', $options) && $xmlrpc_val->_php_class != '' - && class_exists($xmlrpc_val->_php_class)) - { - $obj = @new $xmlrpc_val->_php_class; - while(list($key,$value)=$xmlrpc_val->structeach()) - { - $obj->$key = php_xmlrpc_decode($value, $options); - } - return $obj; - } - else - { - $arr = array(); - while(list($key,$value)=$xmlrpc_val->structeach()) - { - $arr[$key] = php_xmlrpc_decode($value, $options); - } - return $arr; - } - case 'msg': - $paramcount = $xmlrpc_val->getNumParams(); - $arr = array(); - for($i = 0; $i < $paramcount; $i++) - { - $arr[] = php_xmlrpc_decode($xmlrpc_val->getParam($i)); - } - return $arr; - } - } - - // This constant left here only for historical reasons... - // it was used to decide if we have to define xmlrpc_encode on our own, but - // we do not do it anymore - if(function_exists('xmlrpc_decode')) - { - define('XMLRPC_EPI_ENABLED','1'); - } - else - { - define('XMLRPC_EPI_ENABLED','0'); - } - - /** - * Takes native php types and encodes them into xmlrpc PHP object format. - * It will not re-encode xmlrpcval objects. - * - * Feature creep -- could support more types via optional type argument - * (string => datetime support has been added, ??? => base64 not yet) - * - * If given a proper options parameter, php object instances will be encoded - * into 'special' xmlrpc values, that can later be decoded into php objects - * by calling php_xmlrpc_decode() with a corresponding option - * - * @author Dan Libby (dan@libby.com) - * - * @param mixed $php_val the value to be converted into an xmlrpcval object - * @param array $options can include 'encode_php_objs', 'auto_dates', 'null_extension' or 'extension_api' - * @return xmlrpcval - */ - function &php_xmlrpc_encode($php_val, $options=array()) - { - $type = gettype($php_val); - switch($type) - { - case 'string': - if (in_array('auto_dates', $options) && preg_match('/^[0-9]{8}T[0-9]{2}:[0-9]{2}:[0-9]{2}$/', $php_val)) - $xmlrpc_val =& new xmlrpcval($php_val, $GLOBALS['xmlrpcDateTime']); - else - $xmlrpc_val =& new xmlrpcval($php_val, $GLOBALS['xmlrpcString']); - break; - case 'integer': - $xmlrpc_val =& new xmlrpcval($php_val, $GLOBALS['xmlrpcInt']); - break; - case 'double': - $xmlrpc_val =& new xmlrpcval($php_val, $GLOBALS['xmlrpcDouble']); - break; - // <G_Giunta_2001-02-29> - // Add support for encoding/decoding of booleans, since they are supported in PHP - case 'boolean': - $xmlrpc_val =& new xmlrpcval($php_val, $GLOBALS['xmlrpcBoolean']); - break; - // </G_Giunta_2001-02-29> - case 'array': - // PHP arrays can be encoded to either xmlrpc structs or arrays, - // depending on wheter they are hashes or plain 0..n integer indexed - // A shorter one-liner would be - // $tmp = array_diff(array_keys($php_val), range(0, count($php_val)-1)); - // but execution time skyrockets! - $j = 0; - $arr = array(); - $ko = false; - foreach($php_val as $key => $val) - { - $arr[$key] =& php_xmlrpc_encode($val, $options); - if(!$ko && $key !== $j) - { - $ko = true; - } - $j++; - } - if($ko) - { - $xmlrpc_val =& new xmlrpcval($arr, $GLOBALS['xmlrpcStruct']); - } - else - { - $xmlrpc_val =& new xmlrpcval($arr, $GLOBALS['xmlrpcArray']); - } - break; - case 'object': - if(is_a($php_val, 'xmlrpcval')) - { - $xmlrpc_val = $php_val; - } - else - { - $arr = array(); - while(list($k,$v) = each($php_val)) - { - $arr[$k] = php_xmlrpc_encode($v, $options); - } - $xmlrpc_val =& new xmlrpcval($arr, $GLOBALS['xmlrpcStruct']); - if (in_array('encode_php_objs', $options)) - { - // let's save original class name into xmlrpcval: - // might be useful later on... - $xmlrpc_val->_php_class = get_class($php_val); - } - } - break; - case 'NULL': - if (in_array('extension_api', $options)) - { - $xmlrpc_val =& new xmlrpcval('', $GLOBALS['xmlrpcString']); - } - if (in_array('null_extension', $options)) - { - $xmlrpc_val =& new xmlrpcval('', $GLOBALS['xmlrpcNull']); - } - else - { - $xmlrpc_val =& new xmlrpcval(); - } - break; - case 'resource': - if (in_array('extension_api', $options)) - { - $xmlrpc_val =& new xmlrpcval((int)$php_val, $GLOBALS['xmlrpcInt']); - } - else - { - $xmlrpc_val =& new xmlrpcval(); - } - // catch "user function", "unknown type" - default: - // giancarlo pinerolo <ping@alt.it> - // it has to return - // an empty object in case, not a boolean. - $xmlrpc_val =& new xmlrpcval(); - break; - } - return $xmlrpc_val; - } - - /** - * Convert the xml representation of a method response, method request or single - * xmlrpc value into the appropriate object (a.k.a. deserialize) - * @param string $xml_val - * @param array $options - * @return mixed false on error, or an instance of either xmlrpcval, xmlrpcmsg or xmlrpcresp - */ - function php_xmlrpc_decode_xml($xml_val, $options=array()) - { - $GLOBALS['_xh'] = array(); - $GLOBALS['_xh']['ac'] = ''; - $GLOBALS['_xh']['stack'] = array(); - $GLOBALS['_xh']['valuestack'] = array(); - $GLOBALS['_xh']['params'] = array(); - $GLOBALS['_xh']['pt'] = array(); - $GLOBALS['_xh']['isf'] = 0; - $GLOBALS['_xh']['isf_reason'] = ''; - $GLOBALS['_xh']['method'] = false; - $GLOBALS['_xh']['rt'] = ''; - /// @todo 'guestimate' encoding - $parser = xml_parser_create(); - xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true); - xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $GLOBALS['xmlrpc_internalencoding']); - xml_set_element_handler($parser, 'xmlrpc_se_any', 'xmlrpc_ee'); - xml_set_character_data_handler($parser, 'xmlrpc_cd'); - xml_set_default_handler($parser, 'xmlrpc_dh'); - if(!xml_parse($parser, $xml_val, 1)) - { - $errstr = sprintf('XML error: %s at line %d, column %d', - xml_error_string(xml_get_error_code($parser)), - xml_get_current_line_number($parser), xml_get_current_column_number($parser)); - error_log($errstr); - xml_parser_free($parser); - return false; - } - xml_parser_free($parser); - if ($GLOBALS['_xh']['isf'] > 1) // test that $GLOBALS['_xh']['value'] is an obj, too??? - { - error_log($GLOBALS['_xh']['isf_reason']); - return false; - } - switch ($GLOBALS['_xh']['rt']) - { - case 'methodresponse': - $v =& $GLOBALS['_xh']['value']; - if ($GLOBALS['_xh']['isf'] == 1) - { - $vc = $v->structmem('faultCode'); - $vs = $v->structmem('faultString'); - $r =& new xmlrpcresp(0, $vc->scalarval(), $vs->scalarval()); - } - else - { - $r =& new xmlrpcresp($v); - } - return $r; - case 'methodcall': - $m =& new xmlrpcmsg($GLOBALS['_xh']['method']); - for($i=0; $i < count($GLOBALS['_xh']['params']); $i++) - { - $m->addParam($GLOBALS['_xh']['params'][$i]); - } - return $m; - case 'value': - return $GLOBALS['_xh']['value']; - default: - return false; - } - } - - /** - * decode a string that is encoded w/ "chunked" transfer encoding - * as defined in rfc2068 par. 19.4.6 - * code shamelessly stolen from nusoap library by Dietrich Ayala - * - * @param string $buffer the string to be decoded - * @return string - */ - function decode_chunked($buffer) - { - // length := 0 - $length = 0; - $new = ''; - - // read chunk-size, chunk-extension (if any) and crlf - // get the position of the linebreak - $chunkend = strpos($buffer,"\r\n") + 2; - $temp = substr($buffer,0,$chunkend); - $chunk_size = hexdec( trim($temp) ); - $chunkstart = $chunkend; - while($chunk_size > 0) - { - $chunkend = strpos($buffer, "\r\n", $chunkstart + $chunk_size); - - // just in case we got a broken connection - if($chunkend == false) - { - $chunk = substr($buffer,$chunkstart); - // append chunk-data to entity-body - $new .= $chunk; - $length += strlen($chunk); - break; - } - - // read chunk-data and crlf - $chunk = substr($buffer,$chunkstart,$chunkend-$chunkstart); - // append chunk-data to entity-body - $new .= $chunk; - // length := length + chunk-size - $length += strlen($chunk); - // read chunk-size and crlf - $chunkstart = $chunkend + 2; - - $chunkend = strpos($buffer,"\r\n",$chunkstart)+2; - if($chunkend == false) - { - break; //just in case we got a broken connection - } - $temp = substr($buffer,$chunkstart,$chunkend-$chunkstart); - $chunk_size = hexdec( trim($temp) ); - $chunkstart = $chunkend; - } - return $new; - } - - /** - * xml charset encoding guessing helper function. - * Tries to determine the charset encoding of an XML chunk - * received over HTTP. - * NB: according to the spec (RFC 3023, if text/xml content-type is received over HTTP without a content-type, - * we SHOULD assume it is strictly US-ASCII. But we try to be more tolerant of unconforming (legacy?) clients/servers, - * which will be most probably using UTF-8 anyway... - * - * @param string $httpheaders the http Content-type header - * @param string $xmlchunk xml content buffer - * @param string $encoding_prefs comma separated list of character encodings to be used as default (when mb extension is enabled) - * - * @todo explore usage of mb_http_input(): does it detect http headers + post data? if so, use it instead of hand-detection!!! - */ - function guess_encoding($httpheader='', $xmlchunk='', $encoding_prefs=null) - { - // discussion: see http://www.yale.edu/pclt/encoding/ - // 1 - test if encoding is specified in HTTP HEADERS - - //Details: - // LWS: (\13\10)?( |\t)+ - // token: (any char but excluded stuff)+ - // header: Content-type = ...; charset=value(; ...)* - // where value is of type token, no LWS allowed between 'charset' and value - // Note: we do not check for invalid chars in VALUE: - // this had better be done using pure ereg as below - - /// @todo this test will pass if ANY header has charset specification, not only Content-Type. Fix it? - $matches = array(); - if(preg_match('/;\s*charset=([^;]+)/i', $httpheader, $matches)) - { - return strtoupper(trim($matches[1])); - } - - // 2 - scan the first bytes of the data for a UTF-16 (or other) BOM pattern - // (source: http://www.w3.org/TR/2000/REC-xml-20001006) - // NOTE: actually, according to the spec, even if we find the BOM and determine - // an encoding, we should check if there is an encoding specified - // in the xml declaration, and verify if they match. - /// @todo implement check as described above? - /// @todo implement check for first bytes of string even without a BOM? (It sure looks harder than for cases WITH a BOM) - if(preg_match('/^(\x00\x00\xFE\xFF|\xFF\xFE\x00\x00|\x00\x00\xFF\xFE|\xFE\xFF\x00\x00)/', $xmlchunk)) - { - return 'UCS-4'; - } - elseif(preg_match('/^(\xFE\xFF|\xFF\xFE)/', $xmlchunk)) - { - return 'UTF-16'; - } - elseif(preg_match('/^(\xEF\xBB\xBF)/', $xmlchunk)) - { - return 'UTF-8'; - } - - // 3 - test if encoding is specified in the xml declaration - // Details: - // SPACE: (#x20 | #x9 | #xD | #xA)+ === [ \x9\xD\xA]+ - // EQ: SPACE?=SPACE? === [ \x9\xD\xA]*=[ \x9\xD\xA]* - if (preg_match('/^<\?xml\s+version\s*=\s*'. "((?:\"[a-zA-Z0-9_.:-]+\")|(?:'[a-zA-Z0-9_.:-]+'))". - '\s+encoding\s*=\s*' . "((?:\"[A-Za-z][A-Za-z0-9._-]*\")|(?:'[A-Za-z][A-Za-z0-9._-]*'))/", - $xmlchunk, $matches)) - { - return strtoupper(substr($matches[2], 1, -1)); - } - - // 4 - if mbstring is available, let it do the guesswork - // NB: we favour finding an encoding that is compatible with what we can process - if(extension_loaded('mbstring')) - { - if($encoding_prefs) - { - $enc = mb_detect_encoding($xmlchunk, $encoding_prefs); - } - else - { - $enc = mb_detect_encoding($xmlchunk); - } - // NB: mb_detect likes to call it ascii, xml parser likes to call it US_ASCII... - // IANA also likes better US-ASCII, so go with it - if($enc == 'ASCII') - { - $enc = 'US-'.$enc; - } - return $enc; - } - else - { - // no encoding specified: as per HTTP1.1 assume it is iso-8859-1? - // Both RFC 2616 (HTTP 1.1) and 1945(http 1.0) clearly state that for text/xxx content types - // this should be the standard. And we should be getting text/xml as request and response. - // BUT we have to be backward compatible with the lib, which always used UTF-8 as default... - return $GLOBALS['xmlrpc_defencoding']; - } - } - - /** - * Checks if a given charset encoding is present in a list of encodings or - * if it is a valid subset of any encoding in the list - * @param string $encoding charset to be tested - * @param mixed $validlist comma separated list of valid charsets (or array of charsets) - */ - function is_valid_charset($encoding, $validlist) - { - $charset_supersets = array( - 'US-ASCII' => array ('ISO-8859-1', 'ISO-8859-2', 'ISO-8859-3', 'ISO-8859-4', - 'ISO-8859-5', 'ISO-8859-6', 'ISO-8859-7', 'ISO-8859-8', - 'ISO-8859-9', 'ISO-8859-10', 'ISO-8859-11', 'ISO-8859-12', - 'ISO-8859-13', 'ISO-8859-14', 'ISO-8859-15', 'UTF-8', - 'EUC-JP', 'EUC-', 'EUC-KR', 'EUC-CN') - ); - if (is_string($validlist)) - $validlist = explode(',', $validlist); - if (@in_array(strtoupper($encoding), $validlist)) - return true; - else - { - if (array_key_exists($encoding, $charset_supersets)) - foreach ($validlist as $allowed) - if (in_array($allowed, $charset_supersets[$encoding])) - return true; - return false; - } - } - -?> diff --git a/modules/xmlrpc/xmlrpcs.inc b/modules/xmlrpc/xmlrpcs.inc deleted file mode 100644 index d363bf7d..00000000 --- a/modules/xmlrpc/xmlrpcs.inc +++ /dev/null @@ -1,1172 +0,0 @@ -<?php -// by Edd Dumbill (C) 1999-2002 -// <edd@usefulinc.com> -// $Id: xmlrpcs.inc,v 1.66 2006/09/17 21:25:06 ggiunta Exp $ - -// Copyright (c) 1999,2000,2002 Edd Dumbill. -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions -// are met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following -// disclaimer in the documentation and/or other materials provided -// with the distribution. -// -// * Neither the name of the "XML-RPC for PHP" nor the names of its -// contributors may be used to endorse or promote products derived -// from this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -// REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -// OF THE POSSIBILITY OF SUCH DAMAGE. - - // XML RPC Server class - // requires: xmlrpc.inc - - $GLOBALS['xmlrpcs_capabilities'] = array( - // xmlrpc spec: always supported - 'xmlrpc' => new xmlrpcval(array( - 'specUrl' => new xmlrpcval('http://www.xmlrpc.com/spec', 'string'), - 'specVersion' => new xmlrpcval(1, 'int') - ), 'struct'), - // if we support system.xxx functions, we always support multicall, too... - // Note that, as of 2006/09/17, the following URL does not respond anymore - 'system.multicall' => new xmlrpcval(array( - 'specUrl' => new xmlrpcval('http://www.xmlrpc.com/discuss/msgReader$1208', 'string'), - 'specVersion' => new xmlrpcval(1, 'int') - ), 'struct'), - // introspection: version 2! we support 'mixed', too - 'introspection' => new xmlrpcval(array( - 'specUrl' => new xmlrpcval('http://phpxmlrpc.sourceforge.net/doc-2/ch10.html', 'string'), - 'specVersion' => new xmlrpcval(2, 'int') - ), 'struct') - ); - - /* Functions that implement system.XXX methods of xmlrpc servers */ - $_xmlrpcs_getCapabilities_sig=array(array($GLOBALS['xmlrpcStruct'])); - $_xmlrpcs_getCapabilities_doc='This method lists all the capabilites that the XML-RPC server has: the (more or less standard) extensions to the xmlrpc spec that it adheres to'; - $_xmlrpcs_getCapabilities_sdoc=array(array('list of capabilities, described as structs with a version number and url for the spec')); - function _xmlrpcs_getCapabilities($server, $m=null) - { - $outAr = $GLOBALS['xmlrpcs_capabilities']; - // NIL extension - if ($GLOBALS['xmlrpc_null_extension']) { - $outAr['nil'] = new xmlrpcval(array( - 'specUrl' => new xmlrpcval('http://www.ontosys.com/xml-rpc/extensions.php', 'string'), - 'specVersion' => new xmlrpcval(1, 'int') - ), 'struct'); - } - return new xmlrpcresp(new xmlrpcval($outAr, 'struct')); - } - - // listMethods: signature was either a string, or nothing. - // The useless string variant has been removed - $_xmlrpcs_listMethods_sig=array(array($GLOBALS['xmlrpcArray'])); - $_xmlrpcs_listMethods_doc='This method lists all the methods that the XML-RPC server knows how to dispatch'; - $_xmlrpcs_listMethods_sdoc=array(array('list of method names')); - function _xmlrpcs_listMethods($server, $m=null) // if called in plain php values mode, second param is missing - { - - $outAr=array(); - foreach($server->dmap as $key => $val) - { - $outAr[]=&new xmlrpcval($key, 'string'); - } - if($server->allow_system_funcs) - { - foreach($GLOBALS['_xmlrpcs_dmap'] as $key => $val) - { - $outAr[]=&new xmlrpcval($key, 'string'); - } - } - return new xmlrpcresp(new xmlrpcval($outAr, 'array')); - } - - $_xmlrpcs_methodSignature_sig=array(array($GLOBALS['xmlrpcArray'], $GLOBALS['xmlrpcString'])); - $_xmlrpcs_methodSignature_doc='Returns an array of known signatures (an array of arrays) for the method name passed. If no signatures are known, returns a none-array (test for type != array to detect missing signature)'; - $_xmlrpcs_methodSignature_sdoc=array(array('list of known signatures, each sig being an array of xmlrpc type names', 'name of method to be described')); - function _xmlrpcs_methodSignature($server, $m) - { - // let accept as parameter both an xmlrpcval or string - if (is_object($m)) - { - $methName=$m->getParam(0); - $methName=$methName->scalarval(); - } - else - { - $methName=$m; - } - if(strpos($methName, "system.") === 0) - { - $dmap=$GLOBALS['_xmlrpcs_dmap']; $sysCall=1; - } - else - { - $dmap=$server->dmap; $sysCall=0; - } - if(isset($dmap[$methName])) - { - if(isset($dmap[$methName]['signature'])) - { - $sigs=array(); - foreach($dmap[$methName]['signature'] as $inSig) - { - $cursig=array(); - foreach($inSig as $sig) - { - $cursig[]=&new xmlrpcval($sig, 'string'); - } - $sigs[]=&new xmlrpcval($cursig, 'array'); - } - $r=&new xmlrpcresp(new xmlrpcval($sigs, 'array')); - } - else - { - // NB: according to the official docs, we should be returning a - // "none-array" here, which means not-an-array - $r=&new xmlrpcresp(new xmlrpcval('undef', 'string')); - } - } - else - { - $r=&new xmlrpcresp(0,$GLOBALS['xmlrpcerr']['introspect_unknown'], $GLOBALS['xmlrpcstr']['introspect_unknown']); - } - return $r; - } - - $_xmlrpcs_methodHelp_sig=array(array($GLOBALS['xmlrpcString'], $GLOBALS['xmlrpcString'])); - $_xmlrpcs_methodHelp_doc='Returns help text if defined for the method passed, otherwise returns an empty string'; - $_xmlrpcs_methodHelp_sdoc=array(array('method description', 'name of the method to be described')); - function _xmlrpcs_methodHelp($server, $m) - { - // let accept as parameter both an xmlrpcval or string - if (is_object($m)) - { - $methName=$m->getParam(0); - $methName=$methName->scalarval(); - } - else - { - $methName=$m; - } - if(strpos($methName, "system.") === 0) - { - $dmap=$GLOBALS['_xmlrpcs_dmap']; $sysCall=1; - } - else - { - $dmap=$server->dmap; $sysCall=0; - } - if(isset($dmap[$methName])) - { - if(isset($dmap[$methName]['docstring'])) - { - $r=&new xmlrpcresp(new xmlrpcval($dmap[$methName]['docstring']), 'string'); - } - else - { - $r=&new xmlrpcresp(new xmlrpcval('', 'string')); - } - } - else - { - $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['introspect_unknown'], $GLOBALS['xmlrpcstr']['introspect_unknown']); - } - return $r; - } - - $_xmlrpcs_multicall_sig = array(array($GLOBALS['xmlrpcArray'], $GLOBALS['xmlrpcArray'])); - $_xmlrpcs_multicall_doc = 'Boxcar multiple RPC calls in one request. See http://www.xmlrpc.com/discuss/msgReader$1208 for details'; - $_xmlrpcs_multicall_sdoc = array(array('list of response structs, where each struct has the usual members', 'list of calls, with each call being represented as a struct, with members "methodname" and "params"')); - function _xmlrpcs_multicall_error($err) - { - if(is_string($err)) - { - $str = $GLOBALS['xmlrpcstr']["multicall_${err}"]; - $code = $GLOBALS['xmlrpcerr']["multicall_${err}"]; - } - else - { - $code = $err->faultCode(); - $str = $err->faultString(); - } - $struct = array(); - $struct['faultCode'] =& new xmlrpcval($code, 'int'); - $struct['faultString'] =& new xmlrpcval($str, 'string'); - return new xmlrpcval($struct, 'struct'); - } - - function _xmlrpcs_multicall_do_call($server, $call) - { - if($call->kindOf() != 'struct') - { - return _xmlrpcs_multicall_error('notstruct'); - } - $methName = @$call->structmem('methodName'); - if(!$methName) - { - return _xmlrpcs_multicall_error('nomethod'); - } - if($methName->kindOf() != 'scalar' || $methName->scalartyp() != 'string') - { - return _xmlrpcs_multicall_error('notstring'); - } - if($methName->scalarval() == 'system.multicall') - { - return _xmlrpcs_multicall_error('recursion'); - } - - $params = @$call->structmem('params'); - if(!$params) - { - return _xmlrpcs_multicall_error('noparams'); - } - if($params->kindOf() != 'array') - { - return _xmlrpcs_multicall_error('notarray'); - } - $numParams = $params->arraysize(); - - $msg =& new xmlrpcmsg($methName->scalarval()); - for($i = 0; $i < $numParams; $i++) - { - if(!$msg->addParam($params->arraymem($i))) - { - $i++; - return _xmlrpcs_multicall_error(new xmlrpcresp(0, - $GLOBALS['xmlrpcerr']['incorrect_params'], - $GLOBALS['xmlrpcstr']['incorrect_params'] . ": probable xml error in param " . $i)); - } - } - - $result = $server->execute($msg); - - if($result->faultCode() != 0) - { - return _xmlrpcs_multicall_error($result); // Method returned fault. - } - - return new xmlrpcval(array($result->value()), 'array'); - } - - function _xmlrpcs_multicall_do_call_phpvals($server, $call) - { - if(!is_array($call)) - { - return _xmlrpcs_multicall_error('notstruct'); - } - if(!array_key_exists('methodName', $call)) - { - return _xmlrpcs_multicall_error('nomethod'); - } - if (!is_string($call['methodName'])) - { - return _xmlrpcs_multicall_error('notstring'); - } - if($call['methodName'] == 'system.multicall') - { - return _xmlrpcs_multicall_error('recursion'); - } - if(!array_key_exists('params', $call)) - { - return _xmlrpcs_multicall_error('noparams'); - } - if(!is_array($call['params'])) - { - return _xmlrpcs_multicall_error('notarray'); - } - - // this is a real dirty and simplistic hack, since we might have received a - // base64 or datetime values, but they will be listed as strings here... - $numParams = count($call['params']); - $pt = array(); - foreach($call['params'] as $val) - $pt[] = php_2_xmlrpc_type(gettype($val)); - - $result = $server->execute($call['methodName'], $call['params'], $pt); - - if($result->faultCode() != 0) - { - return _xmlrpcs_multicall_error($result); // Method returned fault. - } - - return new xmlrpcval(array($result->value()), 'array'); - } - - function _xmlrpcs_multicall($server, $m) - { - $result = array(); - // let accept a plain list of php parameters, beside a single xmlrpc msg object - if (is_object($m)) - { - $calls = $m->getParam(0); - $numCalls = $calls->arraysize(); - for($i = 0; $i < $numCalls; $i++) - { - $call = $calls->arraymem($i); - $result[$i] = _xmlrpcs_multicall_do_call($server, $call); - } - } - else - { - $numCalls=count($m); - for($i = 0; $i < $numCalls; $i++) - { - $result[$i] = _xmlrpcs_multicall_do_call_phpvals($server, $m[$i]); - } - } - - return new xmlrpcresp(new xmlrpcval($result, 'array')); - } - - $GLOBALS['_xmlrpcs_dmap']=array( - 'system.listMethods' => array( - 'function' => '_xmlrpcs_listMethods', - 'signature' => $_xmlrpcs_listMethods_sig, - 'docstring' => $_xmlrpcs_listMethods_doc, - 'signature_docs' => $_xmlrpcs_listMethods_sdoc), - 'system.methodHelp' => array( - 'function' => '_xmlrpcs_methodHelp', - 'signature' => $_xmlrpcs_methodHelp_sig, - 'docstring' => $_xmlrpcs_methodHelp_doc, - 'signature_docs' => $_xmlrpcs_methodHelp_sdoc), - 'system.methodSignature' => array( - 'function' => '_xmlrpcs_methodSignature', - 'signature' => $_xmlrpcs_methodSignature_sig, - 'docstring' => $_xmlrpcs_methodSignature_doc, - 'signature_docs' => $_xmlrpcs_methodSignature_sdoc), - 'system.multicall' => array( - 'function' => '_xmlrpcs_multicall', - 'signature' => $_xmlrpcs_multicall_sig, - 'docstring' => $_xmlrpcs_multicall_doc, - 'signature_docs' => $_xmlrpcs_multicall_sdoc), - 'system.getCapabilities' => array( - 'function' => '_xmlrpcs_getCapabilities', - 'signature' => $_xmlrpcs_getCapabilities_sig, - 'docstring' => $_xmlrpcs_getCapabilities_doc, - 'signature_docs' => $_xmlrpcs_getCapabilities_sdoc) - ); - - $GLOBALS['_xmlrpcs_occurred_errors'] = ''; - $GLOBALS['_xmlrpcs_prev_ehandler'] = ''; - /** - * Error handler used to track errors that occur during server-side execution of PHP code. - * This allows to report back to the client whether an internal error has occurred or not - * using an xmlrpc response object, instead of letting the client deal with the html junk - * that a PHP execution error on the server generally entails. - * - * NB: in fact a user defined error handler can only handle WARNING, NOTICE and USER_* errors. - * - */ - function _xmlrpcs_errorHandler($errcode, $errstring, $filename=null, $lineno=null, $context=null) - { - // obey the @ protocol - if (error_reporting() == 0) - return; - - //if($errcode != E_NOTICE && $errcode != E_WARNING && $errcode != E_USER_NOTICE && $errcode != E_USER_WARNING) - if($errcode != 2048) // do not use E_STRICT by name, since on PHP 4 it will not be defined - { - $GLOBALS['_xmlrpcs_occurred_errors'] = $GLOBALS['_xmlrpcs_occurred_errors'] . $errstring . "\n"; - } - // Try to avoid as much as possible disruption to the previous error handling - // mechanism in place - if($GLOBALS['_xmlrpcs_prev_ehandler'] == '') - { - // The previous error handler was the default: all we should do is log error - // to the default error log (if level high enough) - if(ini_get('log_errors') && (intval(ini_get('error_reporting')) & $errcode)) - { - error_log($errstring); - } - } - else - { - // Pass control on to previous error handler, trying to avoid loops... - if($GLOBALS['_xmlrpcs_prev_ehandler'] != '_xmlrpcs_errorHandler') - { - // NB: this code will NOT work on php < 4.0.2: only 2 params were used for error handlers - if(is_array($GLOBALS['_xmlrpcs_prev_ehandler'])) - { - $GLOBALS['_xmlrpcs_prev_ehandler'][0]->$GLOBALS['_xmlrpcs_prev_ehandler'][1]($errcode, $errstring, $filename, $lineno, $context); - } - else - { - $GLOBALS['_xmlrpcs_prev_ehandler']($errcode, $errstring, $filename, $lineno, $context); - } - } - } - } - - $GLOBALS['_xmlrpc_debuginfo']=''; - - /** - * Add a string to the debug info that can be later seralized by the server - * as part of the response message. - * Note that for best compatbility, the debug string should be encoded using - * the $GLOBALS['xmlrpc_internalencoding'] character set. - * @param string $m - * @access public - */ - function xmlrpc_debugmsg($m) - { - $GLOBALS['_xmlrpc_debuginfo'] .= $m . "\n"; - } - - class xmlrpc_server - { - /// array defining php functions exposed as xmlrpc methods by this server - var $dmap=array(); - /** - * Defines how functions in dmap will be invokde: either using an xmlrpc msg object - * or plain php values. - * valid strings are 'xmlrpcvals', 'phpvals' or 'epivals' - */ - var $functions_parameters_type='xmlrpcvals'; - /// controls wether the server is going to echo debugging messages back to the client as comments in response body. valid values: 0,1,2,3 - var $debug = 1; - /** - * When set to true, it will enable HTTP compression of the response, in case - * the client has declared its support for compression in the request. - */ - var $compress_response = false; - /** - * List of http compression methods accepted by the server for requests. - * NB: PHP supports deflate, gzip compressions out of the box if compiled w. zlib - */ - var $accepted_compression = array(); - /// shall we serve calls to system.* methods? - var $allow_system_funcs = true; - /// list of charset encodings natively accepted for requests - var $accepted_charset_encodings = array(); - /** - * charset encoding to be used for response. - * NB: if we can, we will convert the generated response from internal_encoding to the intended one. - * can be: a supported xml encoding (only UTF-8 and ISO-8859-1 at present, unless mbstring is enabled), - * null (leave unspecified in response, convert output stream to US_ASCII), - * 'default' (use xmlrpc library default as specified in xmlrpc.inc, convert output stream if needed), - * or 'auto' (use client-specified charset encoding or same as request if request headers do not specify it (unless request is US-ASCII: then use library default anyway). - * NB: pretty dangerous if you accept every charset and do not have mbstring enabled) - */ - var $response_charset_encoding = ''; - /// storage for internal debug info - var $debug_info = ''; - /// extra data passed at runtime to method handling functions. Used only by EPI layer - var $user_data = null; - - /** - * @param array $dispmap the dispatch map withd efinition of exposed services - * @param boolean $servicenow set to false to prevent the server from runnung upon construction - */ - function xmlrpc_server($dispMap=null, $serviceNow=true) - { - // if ZLIB is enabled, let the server by default accept compressed requests, - // and compress responses sent to clients that support them - if(function_exists('gzinflate')) - { - $this->accepted_compression = array('gzip', 'deflate'); - $this->compress_response = true; - } - - // by default the xml parser can support these 3 charset encodings - $this->accepted_charset_encodings = array('UTF-8', 'ISO-8859-1', 'US-ASCII'); - - // dispMap is a dispatch array of methods - // mapped to function names and signatures - // if a method - // doesn't appear in the map then an unknown - // method error is generated - /* milosch - changed to make passing dispMap optional. - * instead, you can use the class add_to_map() function - * to add functions manually (borrowed from SOAPX4) - */ - if($dispMap) - { - $this->dmap = $dispMap; - if($serviceNow) - { - $this->service(); - } - } - } - - /** - * Set debug level of server. - * @param integer $in debug lvl: determines info added to xmlrpc responses (as xml comments) - * 0 = no debug info, - * 1 = msgs set from user with debugmsg(), - * 2 = add complete xmlrpc request (headers and body), - * 3 = add also all processing warnings happened during method processing - * (NB: this involves setting a custom error handler, and might interfere - * with the standard processing of the php function exposed as method. In - * particular, triggering an USER_ERROR level error will not halt script - * execution anymore, but just end up logged in the xmlrpc response) - * Note that info added at elevel 2 and 3 will be base64 encoded - * @access public - */ - function setDebug($in) - { - $this->debug=$in; - } - - /** - * Return a string with the serialized representation of all debug info - * @param string $charset_encoding the target charset encoding for the serialization - * @return string an XML comment (or two) - */ - function serializeDebug($charset_encoding='') - { - // Tough encoding problem: which internal charset should we assume for debug info? - // It might contain a copy of raw data received from client, ie with unknown encoding, - // intermixed with php generated data and user generated data... - // so we split it: system debug is base 64 encoded, - // user debug info should be encoded by the end user using the INTERNAL_ENCODING - $out = ''; - if ($this->debug_info != '') - { - $out .= "<!-- SERVER DEBUG INFO (BASE64 ENCODED):\n".base64_encode($this->debug_info)."\n-->\n"; - } - if($GLOBALS['_xmlrpc_debuginfo']!='') - { - - $out .= "<!-- DEBUG INFO:\n" . xmlrpc_encode_entitites(str_replace('--', '_-', $GLOBALS['_xmlrpc_debuginfo']), $GLOBALS['xmlrpc_internalencoding'], $charset_encoding) . "\n-->\n"; - // NB: a better solution MIGHT be to use CDATA, but we need to insert it - // into return payload AFTER the beginning tag - //$out .= "<![CDATA[ DEBUG INFO:\n\n" . str_replace(']]>', ']_]_>', $GLOBALS['_xmlrpc_debuginfo']) . "\n]]>\n"; - } - return $out; - } - - /** - * Execute the xmlrpc request, printing the response - * @param string $data the request body. If null, the http POST request will be examined - * @return xmlrpcresp the response object (usually not used by caller...) - * @access public - */ - function service($data=null, $return_payload=false) - { - if ($data === null) - { - $data = isset($GLOBALS['HTTP_RAW_POST_DATA']) ? $GLOBALS['HTTP_RAW_POST_DATA'] : ''; - } - $raw_data = $data; - - // reset internal debug info - $this->debug_info = ''; - - // Echo back what we received, before parsing it - if($this->debug > 1) - { - $this->debugmsg("+++GOT+++\n" . $data . "\n+++END+++"); - } - - $r = $this->parseRequestHeaders($data, $req_charset, $resp_charset, $resp_encoding); - if (!$r) - { - $r=$this->parseRequest($data, $req_charset); - } - - // save full body of request into response, for more debugging usages - $r->raw_data = $raw_data; - - if($this->debug > 2 && $GLOBALS['_xmlrpcs_occurred_errors']) - { - $this->debugmsg("+++PROCESSING ERRORS AND WARNINGS+++\n" . - $GLOBALS['_xmlrpcs_occurred_errors'] . "+++END+++"); - } - - $payload=$this->xml_header($resp_charset); - if($this->debug > 0) - { - $payload = $payload . $this->serializeDebug($resp_charset); - } - - // G. Giunta 2006-01-27: do not create response serialization if it has - // already happened. Helps building json magic - if (empty($r->payload)) - { - $r->serialize($resp_charset); - } - $payload = $payload . $r->payload; - - if ($return_payload) - { - return $payload; - } - - // if we get a warning/error that has output some text before here, then we cannot - // add a new header. We cannot say we are sending xml, either... - if(!headers_sent()) - { - header('Content-Type: '.$r->content_type); - // we do not know if client actually told us an accepted charset, but if he did - // we have to tell him what we did - header("Vary: Accept-Charset"); - - // http compression of output: only - // if we can do it, and we want to do it, and client asked us to, - // and php ini settings do not force it already - $php_no_self_compress = ini_get('zlib.output_compression') == '' && (ini_get('output_handler') != 'ob_gzhandler'); - if($this->compress_response && function_exists('gzencode') && $resp_encoding != '' - && $php_no_self_compress) - { - if(strpos($resp_encoding, 'gzip') !== false) - { - $payload = gzencode($payload); - header("Content-Encoding: gzip"); - header("Vary: Accept-Encoding"); - } - elseif (strpos($resp_encoding, 'deflate') !== false) - { - $payload = gzcompress($payload); - header("Content-Encoding: deflate"); - header("Vary: Accept-Encoding"); - } - } - - // do not ouput content-length header if php is compressing output for us: - // it will mess up measurements - if($php_no_self_compress) - { - header('Content-Length: ' . (int)strlen($payload)); - } - } - else - { - error_log('XML-RPC: xmlrpc_server::service: http headers already sent before response is fully generated. Check for php warning or error messages'); - } - - print $payload; - - // return request, in case subclasses want it - return $r; - } - - /** - * Add a method to the dispatch map - * @param string $methodname the name with which the method will be made available - * @param string $function the php function that will get invoked - * @param array $sig the array of valid method signatures - * @param string $doc method documentation - * @access public - */ - function add_to_map($methodname,$function,$sig=null,$doc='') - { - $this->dmap[$methodname] = array( - 'function' => $function, - 'docstring' => $doc - ); - if ($sig) - { - $this->dmap[$methodname]['signature'] = $sig; - } - } - - /** - * Verify type and number of parameters received against a list of known signatures - * @param array $in array of either xmlrpcval objects or xmlrpc type definitions - * @param array $sig array of known signatures to match against - * @access private - */ - function verifySignature($in, $sig) - { - // check each possible signature in turn - if (is_object($in)) - { - $numParams = $in->getNumParams(); - } - else - { - $numParams = count($in); - } - foreach($sig as $cursig) - { - if(count($cursig)==$numParams+1) - { - $itsOK=1; - for($n=0; $n<$numParams; $n++) - { - if (is_object($in)) - { - $p=$in->getParam($n); - if($p->kindOf() == 'scalar') - { - $pt=$p->scalartyp(); - } - else - { - $pt=$p->kindOf(); - } - } - else - { - $pt= $in[$n] == 'i4' ? 'int' : $in[$n]; // dispatch maps never use i4... - } - - // param index is $n+1, as first member of sig is return type - if($pt != $cursig[$n+1] && $cursig[$n+1] != $GLOBALS['xmlrpcValue']) - { - $itsOK=0; - $pno=$n+1; - $wanted=$cursig[$n+1]; - $got=$pt; - break; - } - } - if($itsOK) - { - return array(1,''); - } - } - } - if(isset($wanted)) - { - return array(0, "Wanted ${wanted}, got ${got} at param ${pno}"); - } - else - { - return array(0, "No method signature matches number of parameters"); - } - } - - /** - * Parse http headers received along with xmlrpc request. If needed, inflate request - * @return null on success or an xmlrpcresp - * @access private - */ - function parseRequestHeaders(&$data, &$req_encoding, &$resp_encoding, &$resp_compression) - { - // Play nice to PHP 4.0.x: superglobals were not yet invented... - if(!isset($_SERVER)) - { - $_SERVER = $GLOBALS['HTTP_SERVER_VARS']; - } - - if($this->debug > 1) - { - if(function_exists('getallheaders')) - { - $this->debugmsg(''); // empty line - foreach(getallheaders() as $name => $val) - { - $this->debugmsg("HEADER: $name: $val"); - } - } - - } - - if(isset($_SERVER['HTTP_CONTENT_ENCODING'])) - { - $content_encoding = str_replace('x-', '', $_SERVER['HTTP_CONTENT_ENCODING']); - } - else - { - $content_encoding = ''; - } - - // check if request body has been compressed and decompress it - if($content_encoding != '' && strlen($data)) - { - if($content_encoding == 'deflate' || $content_encoding == 'gzip') - { - // if decoding works, use it. else assume data wasn't gzencoded - if(function_exists('gzinflate') && in_array($content_encoding, $this->accepted_compression)) - { - if($content_encoding == 'deflate' && $degzdata = @gzuncompress($data)) - { - $data = $degzdata; - if($this->debug > 1) - { - $this->debugmsg("\n+++INFLATED REQUEST+++[".strlen($data)." chars]+++\n" . $data . "\n+++END+++"); - } - } - elseif($content_encoding == 'gzip' && $degzdata = @gzinflate(substr($data, 10))) - { - $data = $degzdata; - if($this->debug > 1) - $this->debugmsg("+++INFLATED REQUEST+++[".strlen($data)." chars]+++\n" . $data . "\n+++END+++"); - } - else - { - $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['server_decompress_fail'], $GLOBALS['xmlrpcstr']['server_decompress_fail']); - return $r; - } - } - else - { - //error_log('The server sent deflated data. Your php install must have the Zlib extension compiled in to support this.'); - $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['server_cannot_decompress'], $GLOBALS['xmlrpcstr']['server_cannot_decompress']); - return $r; - } - } - } - - // check if client specified accepted charsets, and if we know how to fulfill - // the request - if ($this->response_charset_encoding == 'auto') - { - $resp_encoding = ''; - if (isset($_SERVER['HTTP_ACCEPT_CHARSET'])) - { - // here we should check if we can match the client-requested encoding - // with the encodings we know we can generate. - /// @todo we should parse q=0.x preferences instead of getting first charset specified... - $client_accepted_charsets = explode(',', strtoupper($_SERVER['HTTP_ACCEPT_CHARSET'])); - // Give preference to internal encoding - $known_charsets = array($this->internal_encoding, 'UTF-8', 'ISO-8859-1', 'US-ASCII'); - foreach ($known_charsets as $charset) - { - foreach ($client_accepted_charsets as $accepted) - if (strpos($accepted, $charset) === 0) - { - $resp_encoding = $charset; - break; - } - if ($resp_encoding) - break; - } - } - } - else - { - $resp_encoding = $this->response_charset_encoding; - } - - if (isset($_SERVER['HTTP_ACCEPT_ENCODING'])) - { - $resp_compression = $_SERVER['HTTP_ACCEPT_ENCODING']; - } - else - { - $resp_compression = ''; - } - - // 'guestimate' request encoding - /// @todo check if mbstring is enabled and automagic input conversion is on: it might mingle with this check??? - $req_encoding = guess_encoding(isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : '', - $data); - - return null; - } - - /** - * Parse an xml chunk containing an xmlrpc request and execute the corresponding - * php function registered with the server - * @param string $data the xml request - * @param string $req_encoding (optional) the charset encoding of the xml request - * @return xmlrpcresp - * @access private - */ - function parseRequest($data, $req_encoding='') - { - // 2005/05/07 commented and moved into caller function code - //if($data=='') - //{ - // $data=$GLOBALS['HTTP_RAW_POST_DATA']; - //} - - // G. Giunta 2005/02/13: we do NOT expect to receive html entities - // so we do not try to convert them into xml character entities - //$data = xmlrpc_html_entity_xlate($data); - - $GLOBALS['_xh']=array(); - $GLOBALS['_xh']['ac']=''; - $GLOBALS['_xh']['stack']=array(); - $GLOBALS['_xh']['valuestack'] = array(); - $GLOBALS['_xh']['params']=array(); - $GLOBALS['_xh']['pt']=array(); - $GLOBALS['_xh']['isf']=0; - $GLOBALS['_xh']['isf_reason']=''; - $GLOBALS['_xh']['method']=false; // so we can check later if we got a methodname or not - $GLOBALS['_xh']['rt']=''; - - // decompose incoming XML into request structure - if ($req_encoding != '') - { - if (!in_array($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) - // the following code might be better for mb_string enabled installs, but - // makes the lib about 200% slower... - //if (!is_valid_charset($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) - { - error_log('XML-RPC: xmlrpc_server::parseRequest: invalid charset encoding of received request: '.$req_encoding); - $req_encoding = $GLOBALS['xmlrpc_defencoding']; - } - /// @BUG this will fail on PHP 5 if charset is not specified in the xml prologue, - // the encoding is not UTF8 and there are non-ascii chars in the text... - $parser = xml_parser_create($req_encoding); - } - else - { - $parser = xml_parser_create(); - } - - xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true); - // G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell - // the xml parser to give us back data in the expected charset - xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $GLOBALS['xmlrpc_internalencoding']); - - if ($this->functions_parameters_type != 'xmlrpcvals') - xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee_fast'); - else - xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee'); - xml_set_character_data_handler($parser, 'xmlrpc_cd'); - xml_set_default_handler($parser, 'xmlrpc_dh'); - if(!xml_parse($parser, $data, 1)) - { - // return XML error as a faultCode - $r=&new xmlrpcresp(0, - $GLOBALS['xmlrpcerrxml']+xml_get_error_code($parser), - sprintf('XML error: %s at line %d, column %d', - xml_error_string(xml_get_error_code($parser)), - xml_get_current_line_number($parser), xml_get_current_column_number($parser))); - xml_parser_free($parser); - } - elseif ($GLOBALS['_xh']['isf']) - { - xml_parser_free($parser); - $r=&new xmlrpcresp(0, - $GLOBALS['xmlrpcerr']['invalid_request'], - $GLOBALS['xmlrpcstr']['invalid_request'] . ' ' . $GLOBALS['_xh']['isf_reason']); - } - else - { - xml_parser_free($parser); - if ($this->functions_parameters_type != 'xmlrpcvals') - { - if($this->debug > 1) - { - $this->debugmsg("\n+++PARSED+++\n".var_export($GLOBALS['_xh']['params'], true)."\n+++END+++"); - } - $r = $this->execute($GLOBALS['_xh']['method'], $GLOBALS['_xh']['params'], $GLOBALS['_xh']['pt']); - } - else - { - // build an xmlrpcmsg object with data parsed from xml - $m=&new xmlrpcmsg($GLOBALS['_xh']['method']); - // now add parameters in - for($i=0; $i<count($GLOBALS['_xh']['params']); $i++) - { - $m->addParam($GLOBALS['_xh']['params'][$i]); - } - - if($this->debug > 1) - { - $this->debugmsg("\n+++PARSED+++\n".var_export($m, true)."\n+++END+++"); - } - - $r = $this->execute($m); - } - } - return $r; - } - - /** - * Execute a method invoked by the client, checking parameters used - * @param mixed $m either an xmlrpcmsg obj or a method name - * @param array $params array with method parameters as php types (if m is method name only) - * @param array $paramtypes array with xmlrpc types of method parameters (if m is method name only) - * @return xmlrpcresp - * @access private - */ - function execute($m, $params=null, $paramtypes=null) - { - if (is_object($m)) - { - $methName = $m->method(); - } - else - { - $methName = $m; - } - $sysCall = $this->allow_system_funcs && (strpos($methName, "system.") === 0); - $dmap = $sysCall ? $GLOBALS['_xmlrpcs_dmap'] : $this->dmap; - - if(!isset($dmap[$methName]['function'])) - { - // No such method - return new xmlrpcresp(0, - $GLOBALS['xmlrpcerr']['unknown_method'], - $GLOBALS['xmlrpcstr']['unknown_method']); - } - - // Check signature - if(isset($dmap[$methName]['signature'])) - { - $sig = $dmap[$methName]['signature']; - if (is_object($m)) - { - list($ok, $errstr) = $this->verifySignature($m, $sig); - } - else - { - list($ok, $errstr) = $this->verifySignature($paramtypes, $sig); - } - if(!$ok) - { - // Didn't match. - return new xmlrpcresp( - 0, - $GLOBALS['xmlrpcerr']['incorrect_params'], - $GLOBALS['xmlrpcstr']['incorrect_params'] . ": ${errstr}" - ); - } - } - - $func = $dmap[$methName]['function']; - // let the 'class::function' syntax be accepted in dispatch maps - if(is_string($func) && strpos($func, '::')) - { - $func = explode('::', $func); - } - // verify that function to be invoked is in fact callable - if(!is_callable($func)) - { - error_log("XML-RPC: xmlrpc_server::execute: function $func registered as method handler is not callable"); - return new xmlrpcresp( - 0, - $GLOBALS['xmlrpcerr']['server_error'], - $GLOBALS['xmlrpcstr']['server_error'] . ": no function matches method" - ); - } - - // If debug level is 3, we should catch all errors generated during - // processing of user function, and log them as part of response - if($this->debug > 2) - { - $GLOBALS['_xmlrpcs_prev_ehandler'] = set_error_handler('_xmlrpcs_errorHandler'); - } - if (is_object($m)) - { - if($sysCall) - { - $r = call_user_func($func, $this, $m); - } - else - { - $r = call_user_func($func, $m); - } - if (!$r instanceof xmlrpcresp) - { - error_log("XML-RPC: xmlrpc_server::execute: function $func registered as method handler does not return an xmlrpcresp object"); - if (is_a($r, 'xmlrpcval')) - { - $r =& new xmlrpcresp($r); - } - else - { - $r =& new xmlrpcresp( - 0, - $GLOBALS['xmlrpcerr']['server_error'], - $GLOBALS['xmlrpcstr']['server_error'] . ": function does not return xmlrpcresp object" - ); - } - } - } - else - { - // call a 'plain php' function - if($sysCall) - { - array_unshift($params, $this); - $r = call_user_func_array($func, $params); - } - else - { - // 3rd API convention for method-handling functions: EPI-style - if ($this->functions_parameters_type == 'epivals') - { - $r = call_user_func_array($func, array($methName, $params, $this->user_data)); - // mimic EPI behaviour: if we get an array that looks like an error, make it - // an eror response - if (is_array($r) && array_key_exists('faultCode', $r) && array_key_exists('faultString', $r)) - { - $r =& new xmlrpcresp(0, (integer)$r['faultCode'], (string)$r['faultString']); - } - else - { - // functions using EPI api should NOT return resp objects, - // so make sure we encode the return type correctly - $r =& new xmlrpcresp(php_xmlrpc_encode($r, array('extension_api'))); - } - } - else - { - $r = call_user_func_array($func, $params); - } - } - // the return type can be either an xmlrpcresp object or a plain php value... - if (!is_a($r, 'xmlrpcresp')) - { - // what should we assume here about automatic encoding of datetimes - // and php classes instances??? - $r =& new xmlrpcresp(php_xmlrpc_encode($r, array('auto_dates'))); - } - } - if($this->debug > 2) - { - // note: restore the error handler we found before calling the - // user func, even if it has been changed inside the func itself - if($GLOBALS['_xmlrpcs_prev_ehandler']) - { - set_error_handler($GLOBALS['_xmlrpcs_prev_ehandler']); - } - else - { - restore_error_handler(); - } - } - return $r; - } - - /** - * add a string to the 'internal debug message' (separate from 'user debug message') - * @param string $strings - * @access private - */ - function debugmsg($string) - { - $this->debug_info .= $string."\n"; - } - - /** - * @access private - */ - function xml_header($charset_encoding='') - { - if ($charset_encoding != '') - { - return "<?xml version=\"1.0\" encoding=\"$charset_encoding\"?" . ">\n"; - } - else - { - return "<?xml version=\"1.0\"?" . ">\n"; - } - } - - /** - * A debugging routine: just echoes back the input packet as a string value - * DEPRECATED! - */ - function echoInput() - { - $r=&new xmlrpcresp(new xmlrpcval( "'Aha said I: '" . $GLOBALS['HTTP_RAW_POST_DATA'], 'string')); - print $r->serialize(); - } - } -?> |