extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-26 09:53:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update lib to version 2.0; remove eval calls

Browse Source
This commit is contained in:
Miles Lott 2005-08-14 20:36:46 +00:00
parent 08b61a050e
commit 4248167886
8 changed files with 1034 additions and 695 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
phpgwapi/inc/class.xmlrpc_client.inc.php
View File

@ -31,6 +31,8 @@
// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED // ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
// OF THE POSSIBILITY OF SUCH DAMAGE. // OF THE POSSIBILITY OF SUCH DAMAGE.
/* $Id$ */
class xmlrpc_client class xmlrpc_client
{ {
var $path; var $path;
@ -144,10 +146,10 @@
$credentials = 'Authorization: Basic ' . base64_encode($username . ':' . $password) . "\r\n"; $credentials = 'Authorization: Basic ' . base64_encode($username . ':' . $password) . "\r\n";
} }
$op = 'POST ' . $this->path . " HTTP/1.0\r\nUser-Agent: PHP XMLRPC 1.0\r\n" $op = 'POST ' . $this->path . " HTTP/1.0\r\nUser-Agent: PHP XMLRPC 2.0\r\n"
. 'Host: '. $this->server . "\r\n" . 'Host: '. $this->server . "\r\n"
. 'X-PHPGW-Server: ' . $this->server . ' ' . "\r\n" . 'X-EGW-Server: ' . $this->server . ' ' . "\r\n"
. 'X-PHPGW-Version: ' . $GLOBALS['phpgw_info']['server']['versions']['phpgwapi'] . "\r\n" . 'X-EGW-Version: ' . $GLOBALS['egw_info']['server']['versions']['phpgwapi'] . "\r\n"
. $credentials . $credentials
. "Content-Type: text/xml\r\nContent-Length: " . "Content-Type: text/xml\r\nContent-Length: "
. strlen($msg->payload) . "\r\n\r\n" . strlen($msg->payload) . "\r\n\r\n"
@ -208,8 +210,8 @@
curl_setopt($curl, CURLOPT_HEADER, 1); curl_setopt($curl, CURLOPT_HEADER, 1);
// return the header too // return the header too
curl_setopt($curl, CURLOPT_HTTPHEADER, array( curl_setopt($curl, CURLOPT_HTTPHEADER, array(
'X-PHPGW-Server: ' . $this->server, 'X-EGW-Server: ' . $this->server,
'X-PHPGW-Version: ' . $GLOBALS['phpgw_info']['server']['versions']['phpgwapi'], 'X-EGW-Version: ' . $GLOBALS['egw_info']['server']['versions']['phpgwapi'],
'Content-Type: text/xml' 'Content-Type: text/xml'
)); ));
if ($timeout) if ($timeout)

49
phpgwapi/inc/class.xmlrpc_server.inc.php
View File

@ -77,16 +77,16 @@
// translate cat-ids to array with id-name pairs // translate cat-ids to array with id-name pairs
function cats2xmlrpc($cats) function cats2xmlrpc($cats)
{ {
if (!is_object($GLOBALS['phpgw']->categories)) if (!is_object($GLOBALS['egw']->categories))
{ {
$GLOBALS['phpgw']->categories = CreateObject('phpgwapi.categories'); $GLOBALS['egw']->categories = CreateObject('phpgwapi.categories');
} }
$xcats = array(); $xcats = array();
foreach($cats as $cat) foreach($cats as $cat)
{ {
if ($cat) if ($cat)
{ {
$xcats[$cat] = stripslashes($GLOBALS['phpgw']->categories->id2name($cat)); $xcats[$cat] = stripslashes($GLOBALS['egw']->categories->id2name($cat));
} }
} }
return $xcats; return $xcats;
@ -99,29 +99,29 @@
{ {
$xcats = array(); $xcats = array();
} }
elseif (!is_object($GLOBALS['phpgw']->categories)) elseif (!is_object($GLOBALS['egw']->categories))
{ {
$GLOBALS['phpgw']->categories = CreateObject('phpgwapi.categories'); $GLOBALS['egw']->categories = CreateObject('phpgwapi.categories');
} }
$cats = array(); $cats = array();
foreach($xcats as $cat => $name) foreach($xcats as $cat => $name)
{ {
if ($id = $GLOBALS['phpgw']->categories->name2id($name)) if ($id = $GLOBALS['egw']->categories->name2id($name))
{ {
// existing cat-name use the id // existing cat-name use the id
$cat = $id; $cat = $id;
} }
elseif (!($org_name = stripslashes($GLOBALS['phpgw']->categories->id2name($cat))) || $org_name == '--') elseif (!($org_name = stripslashes($GLOBALS['egw']->categories->id2name($cat))) || $org_name == '--')
{ {
// new cat // new cat
$cat = $GLOBALS['phpgw']->categories->add(array('name' => $name,'parent' => 0)); $cat = $GLOBALS['egw']->categories->add(array('name' => $name,'parent' => 0));
} }
elseif ($org_name != $name) elseif ($org_name != $name)
{ {
// cat-name edited // cat-name edited
list($cat_vals) =$GLOBALS['phpgw']->categories->return_single($cat); list($cat_vals) =$GLOBALS['egw']->categories->return_single($cat);
$cat_vals['name'] = $name; $cat_vals['name'] = $name;
$GLOBALS['phpgw']->categories->edit($cat_vals); $GLOBALS['egw']->categories->edit($cat_vals);
} }
$cats[] = (int)$cat; $cats[] = (int)$cat;
} }
@ -131,18 +131,24 @@
// get list (array with id-name pairs) of all cats of $app // get list (array with id-name pairs) of all cats of $app
function categories($complete = False,$app = '') function categories($complete = False,$app = '')
{ {
if (is_array($complete)) $complete = @$complete[0]; if (is_array($complete))
if (!$app) list($app) = explode('.',$this->last_method); {
$complete = @$complete[0];
}
if (!$app)
{
list($app) = explode('.',$this->last_method);
}
if (!is_object($GLOBALS['phpgw']->categories)) if (!is_object($GLOBALS['egw']->categories))
{ {
$GLOBALS['phpgw']->categories = CreateObject('phpgwapi.categories'); $GLOBALS['egw']->categories = CreateObject('phpgwapi.categories');
} }
if ($GLOBALS['phpgw']->categories->app_name != $app) if ($GLOBALS['egw']->categories->app_name != $app)
{ {
$GLOBALS['phpgw']->categories->categories('',$app); $GLOBALS['egw']->categories->categories('',$app);
} }
$cats_arr = $GLOBALS['phpgw']->categories->return_sorted_array(0,False,'','','',True); $cats_arr = $GLOBALS['egw']->categories->return_sorted_array(0,False,'','','',True);
$cats = array(); $cats = array();
if (is_array($cats_arr)) if (is_array($cats_arr))
{ {
@ -158,13 +164,14 @@
return $cats; return $cats;
} }
function setSimpleDate($enable=True) { function setSimpleDate($enable=True)
{
$this->simpledate = $enable; $this->simpledate = $enable;
} }
} }
if(empty($GLOBALS['phpgw_info']['server']['xmlrpc_type'])) if(empty($GLOBALS['egw_info']['server']['xmlrpc_type']))
{ {
$GLOBALS['phpgw_info']['server']['xmlrpc_type'] = 'php'; $GLOBALS['egw_info']['server']['xmlrpc_type'] = 'php';
} }
include_once(PHPGW_API_INC.SEP.'class.xmlrpc_server_' . $GLOBALS['phpgw_info']['server']['xmlrpc_type'] . '.inc.php'); include_once(EGW_API_INC.SEP.'class.xmlrpc_server_' . $GLOBALS['egw_info']['server']['xmlrpc_type'] . '.inc.php');

14
phpgwapi/inc/class.xmlrpc_server_epi.inc.php
View File

@ -69,7 +69,7 @@
{ {
$fp = fopen($this->log,'a+'); $fp = fopen($this->log,'a+');
fwrite($fp,"\n\n" . date('Y-m-d H:i:s') . " authorized=" fwrite($fp,"\n\n" . date('Y-m-d H:i:s') . " authorized="
. ($this->authed ? $GLOBALS['phpgw_info']['user']['account_lid'] : 'False') . ($this->authed ? $GLOBALS['egw_info']['user']['account_lid'] : 'False')
. ", method='$this->last_method'\n"); . ", method='$this->last_method'\n");
fwrite($fp,"==== GOT ============================\n" . $GLOBALS['HTTP_RAW_POST_DATA'] fwrite($fp,"==== GOT ============================\n" . $GLOBALS['HTTP_RAW_POST_DATA']
. "\n==== RETURNED =======================\n"); . "\n==== RETURNED =======================\n");
@ -149,11 +149,9 @@
function parseRequest($data='') function parseRequest($data='')
{ {
global $HTTP_RAW_POST_DATA;
if($data == '') if($data == '')
{ {
$data = $HTTP_RAW_POST_DATA; $data = $GLOBALS['HTTP_RAW_POST_DATA'];
} }
// return $this->echoInput($data); // return $this->echoInput($data);
@ -204,7 +202,7 @@
case 'server': case 'server':
case 'phpgwapi': case 'phpgwapi':
/* Server role functions only - api access */ /* Server role functions only - api access */
if($GLOBALS['phpgw']->acl->get_role() >= PHPGW_ACL_SERVER) if($GLOBALS['egw']->acl->get_role() >= EGW_ACL_SERVER)
{ {
$dmap = ExecMethod(sprintf('%s.%s.%s','phpgwapi',$class,'list_methods'),'xmlrpc'); $dmap = ExecMethod(sprintf('%s.%s.%s','phpgwapi',$class,'list_methods'),'xmlrpc');
} }
@ -216,7 +214,7 @@
break; break;
default: default:
/* User-level application access */ /* User-level application access */
if($GLOBALS['phpgw']->acl->check('run',PHPGW_ACL_READ,$app)) if($GLOBALS['egw']->acl->check('run',EGW_ACL_READ,$app))
{ {
$dmap = ExecMethod(sprintf('',$app,$class,'list_methods'),'xmlrpc'); $dmap = ExecMethod(sprintf('',$app,$class,'list_methods'),'xmlrpc');
} }
@ -292,14 +290,12 @@
function echoInput() function echoInput()
{ {
global $HTTP_RAW_POST_DATA;
// a debugging routine: just echos back the input // a debugging routine: just echos back the input
// packet as a string value // packet as a string value
/* TODO */ /* TODO */
// $r = CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',"'Aha said I: '" . $HTTP_RAW_POST_DATA,'string')); // $r = CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',"'Aha said I: '" . $HTTP_RAW_POST_DATA,'string'));
return $HTTP_RAW_POST_DATA; return $GLOBALS['HTTP_RAW_POST_DATA'];
} }
function xmlrpc_custom_error($error_number, $error_string, $filename, $line, $vars) function xmlrpc_custom_error($error_number, $error_string, $filename, $line, $vars)

94
phpgwapi/inc/class.xmlrpc_server_php.inc.php
View File

@ -94,14 +94,14 @@
{ {
$payload = "<?xml version=\"1.0\"?>\n" . $this->serializeDebug() . $r->serialize(); $payload = "<?xml version=\"1.0\"?>\n" . $this->serializeDebug() . $r->serialize();
Header("Content-type: text/xml\r\nContent-length: " . strlen($payload)); Header("Content-type: text/xml\r\nContent-length: " . strlen($payload));
echo $GLOBALS['phpgw']->translation->convert($payload,$GLOBALS['phpgw']->translation->charset(),'utf-8'); echo $GLOBALS['egw']->translation->convert($payload,$GLOBALS['egw']->translation->charset(),'utf-8');
} }
if ($this->log) if ($this->log)
{ {
$fp = fopen($this->log,'a+'); $fp = fopen($this->log,'a+');
fwrite($fp,"\n\n".date('Y-m-d H:i:s') . " authorized=" fwrite($fp,"\n\n".date('Y-m-d H:i:s') . " authorized="
. ($this->authed?$GLOBALS['phpgw_info']['user']['account_lid']:'False') . ($this->authed?$GLOBALS['egw_info']['user']['account_lid']:'False')
. ", method='$this->last_method'\n"); . ", method='$this->last_method'\n");
fwrite($fp,"==== GOT ============================\n" . $GLOBALS['HTTP_RAW_POST_DATA'] fwrite($fp,"==== GOT ============================\n" . $GLOBALS['HTTP_RAW_POST_DATA']
. "\n==== RETURNED =======================\n"); . "\n==== RETURNED =======================\n");
@ -117,7 +117,6 @@
fputs($fp,$payload); fputs($fp,$payload);
fclose($fp); fclose($fp);
} }
} }
/* /*
@ -237,8 +236,8 @@
} }
$_type = (is_integer($_res) ? 'int' : gettype($_res)); $_type = (is_integer($_res) ? 'int' : gettype($_res));
if ($_type == 'string' && (ereg('^[0-9]{4}-[0-9]{2}-[0-9]{2}T[0-9]{2}:[0-9]{2}:[0-9]{2}$',$_res) if ($_type == 'string' && (ereg('^[0-9]{4}-[0-9]{2}-[0-9]{2}T[0-9]{2}:[0-9]{2}:[0-9]{2}$',$_res) ||
|| ereg('^[0-9]{4}[0-9]{2}[0-9]{2}T[0-9]{2}:[0-9]{2}:[0-9]{2}$',$_res) ) ) ereg('^[0-9]{4}[0-9]{2}[0-9]{2}T[0-9]{2}:[0-9]{2}:[0-9]{2}$',$_res)))
{ {
$_type = 'dateTime.iso8601'; $_type = 'dateTime.iso8601';
} }
@ -261,10 +260,11 @@
$parser = xml_parser_create($GLOBALS['xmlrpc_defencoding']); $parser = xml_parser_create($GLOBALS['xmlrpc_defencoding']);
$GLOBALS['_xh'][$parser] = array(); $GLOBALS['_xh'][$parser] = array();
$GLOBALS['_xh'][$parser]['st'] = '';
$GLOBALS['_xh'][$parser]['cm'] = 0;
$GLOBALS['_xh'][$parser]['isf'] = 0; $GLOBALS['_xh'][$parser]['isf'] = 0;
$GLOBALS['_xh'][$parser]['isf_reason'] = '';
$GLOBALS['_xh'][$parser]['params'] = array(); $GLOBALS['_xh'][$parser]['params'] = array();
$GLOBALS['_xh'][$parser]['stack']=array();
$GLOBALS['_xh'][$parser]['valuestack'] = array();
$GLOBALS['_xh'][$parser]['method'] = ''; $GLOBALS['_xh'][$parser]['method'] = '';
// decompose incoming XML into request structure // decompose incoming XML into request structure
@ -283,6 +283,16 @@
); );
xml_parser_free($parser); xml_parser_free($parser);
} }
elseif ($GLOBALS['_xh'][$parser]['isf'])
{
xml_parser_free($parser);
$r = CreateObject(
'phpgwapi.xmlrpcresp',
0,
$GLOBALS['xmlrpcerr']['invalid_request'],
$GLOBALS['xmlrpcstr']['invalid_request'] . ' ' . $GLOBALS['_xh'][$parser]['isf_reason']
);
}
else else
{ {
xml_parser_free($parser); xml_parser_free($parser);
@ -292,24 +302,15 @@
for($i=0; $i<sizeof($GLOBALS['_xh'][$parser]['params']); $i++) for($i=0; $i<sizeof($GLOBALS['_xh'][$parser]['params']); $i++)
{ {
// print "<!-- " . $GLOBALS['_xh'][$parser]['params'][$i]. "-->\n"); // print "<!-- " . $GLOBALS['_xh'][$parser]['params'][$i]. "-->\n");
$plist .= "$i - " . $GLOBALS['_xh'][$parser]['params'][$i]. " \n"; $m->addParam($GLOBALS['_xh'][$parser]['params'][$i]);
$code = '$m->addParam(' . $GLOBALS['_xh'][$parser]['params'][$i] . ');';
$code = str_replace(',,',",'',",$code);
$allok = 0;
@eval($code . '; $allok = 1;');
if(!$allok)
{
break;
}
} }
// uncomment this to really see what the server's getting!
// xmlrpc_debugmsg($plist);
// now to deal with the method // now to deal with the method
$methName = $GLOBALS['_xh'][$parser]['method']; $methName = $GLOBALS['_xh'][$parser]['method'];
$_methName = $GLOBALS['_xh'][$parser]['method']; $_methName = $GLOBALS['_xh'][$parser]['method'];
$this->last_method = $methName; $this->last_method = $methName;
if (ereg("^system\.", $methName)) if(ereg("^system\.", $methName))
{ {
$dmap = $GLOBALS['_xmlrpcs_dmap']; $dmap = $GLOBALS['_xmlrpcs_dmap'];
$sysCall=1; $sysCall=1;
@ -320,7 +321,7 @@
$sysCall=0; $sysCall=0;
} }
if (!isset($dmap[$methName]['function'])) if(!isset($dmap[$methName]['function']))
{ {
if($sysCall && $this->authed) if($sysCall && $this->authed)
{ {
@ -331,7 +332,7 @@
); );
return $r; return $r;
} }
if ($this->authed) if($this->authed)
{ {
/* phpgw mod - fetch the (bo) class methods to create the dmap */ /* phpgw mod - fetch the (bo) class methods to create the dmap */
// This part is to update session action to match // This part is to update session action to match
@ -343,12 +344,12 @@
$service = $tmp[1]; $service = $tmp[1];
$class = $tmp[0]; $class = $tmp[0];
if (ereg('^service',$method)) if(ereg('^service',$method))
{ {
$t = 'phpgwapi.' . $class . '.exec'; $t = 'phpgwapi.' . $class . '.exec';
$dmap = ExecMethod($t,array($service,'list_methods','xmlrpc')); $dmap = ExecMethod($t,array($service,'list_methods','xmlrpc'));
} }
elseif($GLOBALS['phpgw']->acl->check('run',1,$class)) elseif($GLOBALS['egw']->acl->check('run',1,$class))
{ {
/* This only happens if they have app access. If not, we will /* This only happens if they have app access. If not, we will
* return a fault below. * return a fault below.
@ -376,55 +377,46 @@
// dispatch if exists // dispatch if exists
if (isset($dmap[$methName]['signature'])) if (isset($dmap[$methName]['signature']))
{ {
$sr = $this->verifySignature($m, $dmap[$methName]['signature'] ); list($sr, $errstr) = $this->verifySignature($m, $dmap[$methName]['signature']);
if(!$sr)
{
// Didn't match.
return CreateObject(
'phpgwapi.xmlrpcresp',
0,
$GLOBALS['xmlrpcerr']['incorrect_params'],
$GLOBALS['xmlrpcstr']['incorrect_params'] . ": ${errstr}"
);
}
} }
if ( (!isset($dmap[$methName]['signature'])) || $sr[0]) if((!isset($dmap[$methName]['signature'])) || $sr)
{ {
// if no signature or correct signature // if no signature or correct signature
if ($sysCall) if($sysCall)
{ {
$code = '$r=' . $dmap[$methName]['function'] . '($this, $m);'; $r = call_user_func($dmap[$methName]['function'], $this, $m);
$code = str_replace(',,',",'',",$code);
$allok = 0;
@eval($code . '; $allok = 1;');
if(!$allok)
{
return CreateObject('phpgwapi.xmlrpcresp','', $GLOBALS['xmlrpcerr']['invalid_return'], $GLOBALS['xmlrpcstr']['invalid_return']);
}
} }
else else
{ {
if (function_exists($dmap[$methName]['function'])) if(function_exists($dmap[$methName]['function']))
{ {
$code = '$r =' . $dmap[$methName]['function'] . '($m);'; $r = call_user_func($dmap[$methName]['function'],$m);
$code = str_replace(',,',",'',",$code);
$allok = 0;
@eval($code . '; $allok = 1;');
if(!$allok)
{
return CreateObject('phpgwapi.xmlrpcresp','', $GLOBALS['xmlrpcerr']['invalid_return'], $GLOBALS['xmlrpcstr']['invalid_return']);
}
} }
else else
{ {
/* phpgw mod - finally, execute the function call and return the values */ /* phpgw mod - finally, execute the function call and return the values */
$params = $GLOBALS['_xh'][$parser]['params'][0]; $params = $GLOBALS['_xh'][$parser]['params'][0];
$code = '$p = ' . $params . ';';
if(count($params) != 0) if(count($params) != 0)
{ {
$allok = 0; $p = $params;
@eval($code . '; $allok = 1;');
if(!$allok)
{
return CreateObject('phpgwapi.xmlrpcresp','', $GLOBALS['xmlrpcerr']['invalid_return'], $GLOBALS['xmlrpcstr']['invalid_return']);
}
$params = $p->getval(); $params = $p->getval();
} }
// _debug_array($params); // _debug_array($params);
$this->reqtoarray($params); $this->reqtoarray($params);
// decode from utf-8 to our charset // decode from utf-8 to our charset
$this->req_array = $GLOBALS['phpgw']->translation->convert($this->req_array,'utf-8'); $this->req_array = $GLOBALS['egw']->translation->convert($this->req_array,'utf-8');
//_debug_array($this->req_array); //_debug_array($this->req_array);
if (ereg('^service',$method)) if (ereg('^service',$method))
{ {

366
phpgwapi/inc/class.xmlrpcmsg.inc.php
View File

@ -29,8 +29,8 @@
function xmlrpcmsg($meth, $pars=0) function xmlrpcmsg($meth, $pars=0)
{ {
$this->methodname = $meth; $this->methodname=$meth;
if (is_array($pars) && sizeof($pars)>0) if(is_array($pars) && sizeof($pars)>0)
{ {
for($i=0; $i<sizeof($pars); $i++) for($i=0; $i<sizeof($pars); $i++)
{ {
@ -41,37 +41,37 @@
function xml_header() function xml_header()
{ {
return '<?xml version="1.0"?>' . "\n" . '<methodCall>' . "\n"; return "<?xml version=\"1.0\"?" . ">\n<methodCall>\n";
} }
function xml_footer() function xml_footer()
{ {
return '</methodCall>' . "\n"; return "</methodCall>\n";
} }
function createPayload() function createPayload()
{ {
$this->payload = $this->xml_header(); $this->payload=$this->xml_header();
$this->payload .= '<methodName>' . $this->methodname . '</methodName>' . "\n"; $this->payload.='<methodName>' . $this->methodname . "</methodName>\n";
if (sizeof($this->params)) // if(sizeof($this->params)) {
$this->payload.="<params>\n";
for($i=0; $i<sizeof($this->params); $i++)
{ {
$this->payload .= '<params>' . "\n"; $p=$this->params[$i];
for($i=0; $i<sizeof($this->params); $i++) $this->payload.="<param>\n" . $p->serialize() .
{ "</param>\n";
$p = $this->params[$i];
$this->payload .= '<param>' . "\n" . $p->serialize() . '</param>' . "\n";
}
$this->payload .= '</params>' . "\n";
} }
$this->payload .= $this->xml_footer(); $this->payload.="</params>\n";
$this->payload = str_replace("\n", "\r\n", $this->payload); // }
$this->payload.=$this->xml_footer();
//$this->payload=str_replace("\n", "\r\n", $this->payload);
} }
function method($meth='') function method($meth='')
{ {
if ($meth != '') if($meth!='')
{ {
$this->methodname = $meth; $this->methodname=$meth;
} }
return $this->methodname; return $this->methodname;
} }
@ -84,108 +84,227 @@
function addParam($par) function addParam($par)
{ {
$this->params[] = $par; // add check: do not add to self params which are not xmlrpcvals
} if(is_object($par) && (get_class($par) == 'xmlrpcval' || is_subclass_of($par, 'xmlrpcval')))
function getParam($i)
{
return $this->params[$i];
}
function getNumParams()
{
return sizeof($this->params);
}
function parseResponseFile($fp)
{
$ipd = '';
while($data = fread($fp, 32768))
{ {
$ipd .= $data; $this->params[]=$par;
return true;
}
else
{
return false;
} }
/* echo $ipd;exit; */
return $this->parseResponse($ipd);
} }
function parseResponse($data='') function getParam($i) { return $this->params[$i]; }
function getNumParams() { return sizeof($this->params); }
function &parseResponseFile($fp)
{
$ipd='';
while($data=fread($fp, 32768))
{
$ipd.=$data;
}
//fclose($fp);
$r =& $this->parseResponse($ipd);
return $r;
}
function &parseResponse($data='', $headers_processed=false)
{ {
$parser = xml_parser_create($GLOBALS['xmlrpc_defencoding']); $parser = xml_parser_create($GLOBALS['xmlrpc_defencoding']);
$GLOBALS['_xh'][$parser] = array();
$GLOBALS['_xh'][$parser]['st'] = '';
$GLOBALS['_xh'][$parser]['cm'] = 0;
$GLOBALS['_xh'][$parser]['isf'] = 0;
$GLOBALS['_xh'][$parser]['ac'] = '';
$GLOBALS['_xh'][$parser]['qt'] = '';
$GLOBALS['_xh'][$parser]['ha'] = '';
xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true);
xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee');
xml_set_character_data_handler($parser, 'xmlrpc_cd');
xml_set_default_handler($parser, 'xmlrpc_dh');
// $xmlrpc_value = CreateObject('phpgwapi.xmlrpcval');
$hdrfnd = 0; $hdrfnd = 0;
if ($this->debug) if($this->debug)
{ {
echo '<PRE style="text-align: left;">---GOT---' . "\n" . htmlspecialchars($data) . "\n" . '---END---' . "\n" . '</PRE>'; //by maHo, replaced htmlspecialchars with htmlentities
print "<PRE>---GOT---\n" . htmlentities($data) . "\n---END---\n</PRE>";
} }
if ($data == '')
if($data == '')
{ {
error_log('No response received from server.'); error_log('No response received from server.');
$r = CreateObject( $r =& CreateObject('phpgwapi.xmlrpcresp',0, $GLOBALS['xmlrpcerr']['no_data'], $GLOBALS['xmlrpcstr']['no_data']);
'phpgwapi.xmlrpcresp',
0,
$GLOBALS['xmlrpcerr']['no_data'],
$GLOBALS['xmlrpcstr']['no_data']
);
xml_parser_free($parser);
return $r; return $r;
} }
// see if we got an HTTP 200 OK, else bomb // see if we got an HTTP 200 OK, else bomb
// but only do this if we're using the HTTP protocol. // but only do this if we're using the HTTP protocol.
if (ereg("^HTTP",$data) && !ereg("^HTTP/[0-9.]+ 200 ", $data)) if(ereg("^HTTP",$data))
{ {
$errstr = substr($data, 0, strpos($data, "\n")-1); // Strip HTTP 1.1 100 Continue header if present
error_log('HTTP error, got response: ' .$errstr); while(ereg('^HTTP/1.1 1[0-9]{2} ', $data))
$r = CreateObject('phpgwapi.xmlrpcresp','', $GLOBALS['xmlrpcerr']['http_error'], {
$GLOBALS['xmlrpcstr']['http_error'] . ' (' . $errstr . ')'); $pos = strpos($data, 'HTTP', 12);
xml_parser_free($parser); // server sent a Continue header without any (valid) content following...
return $r; // give the client a chance to know it
if(!$pos && !is_int($pos)) // works fine in php 3, 4 and 5
{
break;
}
$data = substr($data, $pos);
}
if(!ereg("^HTTP/[0-9\\.]+ 200 ", $data))
{
$errstr= substr($data, 0, strpos($data, "\n")-1);
error_log('HTTP error, got response: ' .$errstr);
$r=& CreateObject('phpgwapi.xmlrpcresp',0, $GLOBALS['xmlrpcerr']['http_error'], $GLOBALS['xmlrpcstr']['http_error']. ' (' . $errstr . ')');
return $r;
}
} }
// if using HTTP, then gotta get rid of HTTP headers here $GLOBALS['_xh'][$parser] = array();
// and we store them in the 'ha' bit of our data array $GLOBALS['_xh'][$parser]['headers'] = array();
if (ereg("^HTTP", $data)) $GLOBALS['_xh'][$parser]['stack'] = array();
$GLOBALS['_xh'][$parser]['valuestack'] = array();
// separate HTTP headers from data
if(ereg("^HTTP", $data))
{ {
$ar=explode("\r\n", $data); // be tolerant to usage of \n instead of \r\n to separate headers and data
$newdata = ''; // (even though it is not valid http)
$hdrfnd = 0; $pos = strpos($data,"\r\n\r\n");
for ($i=0; $i<sizeof($ar); $i++) if($pos || is_int($pos))
{ {
if (!$hdrfnd) $bd = $pos+4;
}
else
{
$pos = strpos($data,"\n\n");
if($pos || is_int($pos))
{ {
if (strlen($ar[$i])>0) $bd = $pos+2;
{
$GLOBALS['_xh'][$parser]['ha'] .= $ar[$i]. "\r\n";
}
else
{
$hdrfnd=1;
}
} }
else else
{ {
$newdata.=$ar[$i] . "\r\n"; // No separation between response headers and body: fault?
$bd = 0;
} }
} }
$data=$newdata; // be tolerant to line endings, and extra empty lines
$ar = split("\r?\n", trim(substr($data, 0, $pos)));
while(list(,$line) = @each($ar))
{
// take care of multi-line headers
$arr = explode(':',$line);
if(count($arr) > 1)
{
$header_name = strtolower(trim($arr[0]));
// TO DO: some headers (the ones that allow a CSV list of values)
// do allow many values to be passed using multiple header lines.
// We should add content to $GLOBALS['_xh'][$parser]['headers'][$header_name]
// instead of replacing it for those...
$GLOBALS['_xh'][$parser]['headers'][$header_name] = $arr[1];
for($i = 2; $i < count($arr); $i++)
{
$GLOBALS['_xh'][$parser]['headers'][$header_name] .= ':'.$arr[$i];
} // while
$GLOBALS['_xh'][$parser]['headers'][$header_name] = trim($GLOBALS['_xh'][$parser]['headers'][$header_name]);
}
elseif(isset($header_name))
{
$GLOBALS['_xh'][$parser]['headers'][$header_name] .= ' ' . trim($line);
}
}
$data = substr($data, $bd);
if($this->debug && count($GLOBALS['_xh'][$parser]['headers']))
{
print '<PRE>';
foreach($GLOBALS['_xh'][$parser]['headers'] as $header => $value)
{
print "HEADER: $header: $value\n";
}
print "</PRE>\n";
}
} }
if (!xml_parse($parser, $data, sizeof($data))) // if CURL was used for the call, http headers have been processed,
// and dechunking + reinflating have been carried out
if(!$headers_processed)
{
// Decode chunked encoding sent by http 1.1 servers
if(isset($GLOBALS['_xh'][$parser]['headers']['transfer-encoding']) && $GLOBALS['_xh'][$parser]['headers']['transfer-encoding'] == 'chunked')
{
if(!$data = decode_chunked($data))
{
error_log('Errors occurred when trying to rebuild the chunked data received from server');
$r =& CreateObject('phpgwapi.xmlrpcresp',0, $GLOBALS['xmlrpcerr']['dechunk_fail'], $GLOBALS['xmlrpcstr']['dechunk_fail']);
return $r;
}
}
// Decode gzip-compressed stuff
// code shamelessly inspired from nusoap library by Dietrich Ayala
if(isset($GLOBALS['_xh'][$parser]['headers']['content-encoding']))
{
if($GLOBALS['_xh'][$parser]['headers']['content-encoding'] == 'deflate' || $GLOBALS['_xh'][$parser]['headers']['content-encoding'] == 'gzip')
{
// if decoding works, use it. else assume data wasn't gzencoded
if(function_exists('gzinflate'))
{
if($GLOBALS['_xh'][$parser]['headers']['content-encoding'] == 'deflate' && $degzdata = @gzinflate($data))
{
$data = $degzdata;
if($this->debug)
print "<PRE>---INFLATED RESPONSE---[".strlen($data)." chars]---\n" . htmlentities($data) . "\n---END---</PRE>";
}
elseif($GLOBALS['_xh'][$parser]['headers']['content-encoding'] == 'gzip' && $degzdata = @gzinflate(substr($data, 10)))
{
$data = $degzdata;
if($this->debug)
print "<PRE>---INFLATED RESPONSE---[".strlen($data)." chars]---\n" . htmlentities($data) . "\n---END---</PRE>";
}
else
{
error_log('Errors occurred when trying to decode the deflated data received from server');
$r =& CreateObject('phpgwapi.xmlrpcresp',0, $GLOBALS['xmlrpcerr']['decompress_fail'], $GLOBALS['xmlrpcstr']['decompress_fail']);
return $r;
}
}
else
{
error_log('The server sent deflated data. Your php install must have the Zlib extension compiled in to support this.');
$r =& CreateObject('phpgwapi.xmlrpcresp',0, $GLOBALS['xmlrpcerr']['cannot_decompress'], $GLOBALS['xmlrpcstr']['cannot_decompress']);
return $r;
}
}
}
} // end of 'de-chunk, re-inflate response'
// be tolerant of extra whitespace in response body
$data = trim($data);
// be tolerant of junk after methodResponse (e.g. javascript automatically inserted by free hosts)
// idea from Luca Mariano <luca.mariano@email.it> originally in PEARified version of the lib
$bd = false;
$pos = strpos($data, '</methodResponse>');
while($pos || is_int($pos))
{
$bd = $pos+17;
$pos = strpos($data, '</methodResponse>', $bd);
}
if($bd)
{
$data = substr($data, 0, $bd);
}
$GLOBALS['_xh'][$parser]['isf']=0;
$GLOBALS['_xh'][$parser]['isf_reason']='';
$GLOBALS['_xh'][$parser]['ac']='';
$GLOBALS['_xh'][$parser]['qt']='';
xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true);
// G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell
// the xml parser to give us back data in the expected charset
xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $GLOBALS['xmlrpc_internalencoding']);
xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee');
xml_set_character_data_handler($parser, 'xmlrpc_cd');
xml_set_default_handler($parser, 'xmlrpc_dh');
//$xmlrpc_value=new xmlrpcval;
if(!xml_parse($parser, $data, sizeof($data)))
{ {
// thanks to Peter Kocks <peter.kocks@baygate.com> // thanks to Peter Kocks <peter.kocks@baygate.com>
if((xml_get_current_line_number($parser)) == 1) if((xml_get_current_line_number($parser)) == 1)
@ -199,49 +318,66 @@
xml_get_current_line_number($parser)); xml_get_current_line_number($parser));
} }
error_log($errstr); error_log($errstr);
$r = CreateObject('phpgwapi.xmlrpcresp', '', $GLOBALS['xmlrpcerr']['invalid_return'],$GLOBALS['xmlrpcstr']['invalid_return']); $r =& CreateObject('phpgwapi.xmlrpcresp',0, $GLOBALS['xmlrpcerr']['invalid_return'], $GLOBALS['xmlrpcstr']['invalid_return'].' ('.$errstr.')');
xml_parser_free($parser); xml_parser_free($parser);
if($this->debug)
{
print $errstr;
}
$r->hdrs = $GLOBALS['_xh'][$parser]['headers'];
return $r; return $r;
} }
xml_parser_free($parser); xml_parser_free($parser);
if ($this->debug) if($GLOBALS['_xh'][$parser]['isf'] > 1)
{ {
echo '<PRE style="text-align: left;">---EVALING---[' if ($this->debug)
. strlen($GLOBALS['_xh'][$parser]['st']) . ' chars]---' . "\n" {
. htmlspecialchars($GLOBALS['_xh'][$parser]['st']) . ';' . "\n" . '---END---</PRE>'; ///@todo echo something for user?
}
$r =& CreateObject('phpgwapi.xmlrpcresp',0, $GLOBALS['xmlrpcerr']['invalid_return'],
$GLOBALS['xmlrpcstr']['invalid_return'] . ' ' . $GLOBALS['_xh'][$parser]['isf_reason']);
} }
if (strlen($GLOBALS['_xh'][$parser]['st']) == 0) elseif (!is_object($GLOBALS['_xh'][$parser]['value']))
{ {
// then something odd has happened // then something odd has happened
// and it's time to generate a client side error // and it's time to generate a client side error
// indicating something odd went on // indicating something odd went on
$r = CreateObject('phpgwapi.xmlrpcresp', '', $GLOBALS['xmlrpcerr']['invalid_return'],$GLOBALS['xmlrpcstr']['invalid_return']); $r=& CreateObject('phpgwapi.xmlrpcresp',0, $GLOBALS['xmlrpcerr']['invalid_return'],
$GLOBALS['xmlrpcstr']['invalid_return']);
} }
else else
{ {
$code = '$v=' . $GLOBALS['_xh'][$parser]['st'] . '; $allok=1;'; if ($this->debug)
$code = str_replace(',,',",'',",$code);
$allok = 0;
@eval($code);
if(!$allok)
{ {
$r = CreateObject('phpgwapi.xmlrpcresp','', $GLOBALS['xmlrpcerr']['invalid_return'], $GLOBALS['xmlrpcstr']['invalid_return']); print "<PRE>---PARSED---\n" ;
var_dump($GLOBALS['_xh'][$parser]['value']);
print "\n---END---</PRE>";
} // note that using =& will raise an error if $GLOBALS['_xh'][$parser]['st'] does not generate an object.
$v = $GLOBALS['_xh'][$parser]['value'];
if($GLOBALS['_xh'][$parser]['isf'])
{
$errno_v = $v->structmem('faultCode');
$errstr_v = $v->structmem('faultString');
$errno = $errno_v->scalarval();
if($errno == 0)
{
// FAULT returned, errno needs to reflect that
$errno = -1;
}
$r =& CreateObject('phpgwapi.xmlrpcresp',$v, $errno, $errstr_v->scalarval());
} }
else else
{ {
if ($GLOBALS['_xh'][$parser]['isf']) $r=& CreateObject('phpgwapi.xmlrpcresp',$v);
{
$f = $v->structmem('faultCode');
$fs = $v->structmem('faultString');
$r = CreateObject('phpgwapi.xmlrpcresp',$v, $f->scalarval(), $fs->scalarval());
}
else
{
$r = CreateObject('phpgwapi.xmlrpcresp',$v);
}
} }
} }
$r->hdrs = $GLOBALS['_xh'][$parser]['ha']; //split("\r?\n", $GLOBALS['_xh'][$parser]['ha'][1]);
$r->hdrs = $GLOBALS['_xh'][$parser]['headers'];
return $r; return $r;
} }
} }

87
phpgwapi/inc/class.xmlrpcresp.inc.php
View File

@ -20,77 +20,78 @@
class xmlrpcresp class xmlrpcresp
{ {
var $xv = array(); var $val = 0;
var $fn; var $errno = 0;
var $fs = ''; var $errstr = '';
var $hdrs; var $hdrs = array();
function xmlrpcresp($val='', $fcode=0, $fstr='') /// @todo add check that $val is of correct type???
function xmlrpcresp($val, $fcode = 0, $fstr = '')
{ {
if ($fcode!=0) if($fcode != 0)
{ {
$this->xv = 0; // error
$this->fn = $fcode; $this->errno = $fcode;
$this->fs = htmlspecialchars($fstr); $this->errstr = $fstr;
//$this->errstr = htmlspecialchars($fstr); // XXX: encoding probably shouldn't be done here; fix later.
}
elseif(!is_object($val) || (get_class($val) != 'xmlrpcval' && !is_subclass_of($val, 'xmlrpcval')))
{
// programmer error
// TODO
error_log("Invalid type '" . gettype($val) . "' (value: $val) passed to xmlrpcresp. Defaulting to empty value.");
$this->val =& new xmlrpcval();
} }
else else
{ {
if($val) // success
{ $this->val = $val;
$this->xv = $val;
}
$this->fn = 0;
} }
} }
function faultCode() function faultCode()
{ {
if (isset($this->fn)) return $this->errno;
{
return $this->fn;
}
else
{
return 0;
}
} }
function faultString() function faultString()
{ {
return $this->fs; return $this->errstr;
} }
function value() function value()
{ {
return $this->xv; return $this->val;
} }
function serialize() function serialize()
{ {
$rs='<methodResponse>'."\n"; $result = "<methodResponse>\n";
if (isset($this->fn) && !empty($this->fn)) if($this->errno)
{ {
$rs .= '<fault> // G. Giunta 2005/2/13: let non-ASCII response messages be tolerated by clients
<value> $result .= '<fault>
<struct> <value>
<member> <struct>
<name>faultCode</name> <member>
<value><int>' . $this->fn . '</int></value> <name>faultCode</name>
</member> <value><int>' . $this->errno . '</int></value>
<member> </member>
<name>faultString</name> <member>
<value><string>' . $this->fs . '</string></value> <name>faultString</name>
</member> <value><string>' . xmlrpc_encode_entitites($this->errstr) . '</string></value>
</struct> </member>
</value> </struct>
</value>
</fault>'; </fault>';
} }
else else
{ {
$rs .= '<params>'."\n".'<param>'."\n".@$this->xv->serialize().'</param>'."\n".'</params>'; $result .= "<params>\n<param>\n" .
$this->val->serialize() .
"</param>\n</params>";
} }
$rs.="\n".'</methodResponse>'; $result .= "\n</methodResponse>";
return $rs; return $result;
} }
} }
?>

326
phpgwapi/inc/class.xmlrpcval.inc.php
View File

@ -18,31 +18,32 @@
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
// THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. // THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
/* $Id$ */
class xmlrpcval class xmlrpcval
{ {
var $me = array(); var $me=array();
var $mytype = 0; var $mytype=0;
function xmlrpcval($val = -1, $type = '') function xmlrpcval($val=-1, $type='')
{ {
$this->me = array(); //$this->me=array();
$this->mytype = 0; //$this->mytype=0;
if($val!==-1 || $type!='')
if ($val != -1 || $type != '')
{ {
if ($type=='') if($type=='')
{ {
$type='string'; $type='string';
} }
if ($GLOBALS['xmlrpcTypes'][$type]==1) if($GLOBALS['xmlrpcTypes'][$type]==1)
{ {
$this->addScalar($val,$type); $this->addScalar($val,$type);
} }
elseif ($GLOBALS['xmlrpcTypes'][$type]==2) elseif($GLOBALS['xmlrpcTypes'][$type]==2)
{ {
$this->addArray($val); $this->addArray($val);
} }
elseif ($GLOBALS['xmlrpcTypes'][$type]==3) elseif($GLOBALS['xmlrpcTypes'][$type]==3)
{ {
$this->addStruct($val); $this->addStruct($val);
} }
@ -51,85 +52,103 @@
function addScalar($val, $type='string') function addScalar($val, $type='string')
{ {
if ($this->mytype==1) $typeof=@$GLOBALS['xmlrpcTypes'][$type];
if($typeof!=1)
{ {
echo '<B>xmlrpcval</B>: scalar can have only one value<BR>'; error_log("addScalar: not a scalar type ($typeof)");
return 0;
}
$typeof=$GLOBALS['xmlrpcTypes'][$type];
if ($typeof!=1)
{
echo '<B>xmlrpcval</B>: not a scalar type ('.$typeof.')<BR>';
return 0; return 0;
} }
if ($type==xmlrpcBoolean) // coerce booleans into correct values
// NB: shall we do it for datetime too?
if($type == xmlrpcBoolean)
{ {
if (strcasecmp($val,'true')==0 || if(strcasecmp($val,'true')==0 || $val==1 || ($val==true && strcasecmp($val,'false')))
$val==1 || ($val==true &&
strcasecmp($val,'false')))
{ {
$val=1; $val=true;
} }
else else
{ {
$val=0; $val=false;
} }
} }
if ($this->mytype==2) switch($this->mytype)
{
case 1:
error_log('addScalar: scalar xmlrpcval can have only one value');
return 0;
case 3:
error_log('addScalar: cannot add anonymous scalar to struct xmlrpcval');
return 0;
case 2:
// we're adding a scalar value to an array here
//$ar=$this->me['array'];
//$ar[]=&new xmlrpcval($val, $type);
//$this->me['array']=$ar;
// Faster (?) avoid all the costly array-copy-by-val done here...
$this->me['array'][]=& CreateObject('phpgwapi.xmlrpcval',$val, $type);
return 1;
default:
// a scalar, so set the value and remember we're scalar
$this->me[$type]=$val;
$this->mytype=$typeof;
return 1;
}
}
///@todo add some checking for $vals to be an array of xmlrpcvals?
function addArray($vals)
{
if($this->mytype==0)
{
$this->mytype=$GLOBALS['xmlrpcTypes']['array'];
$this->me['array']=$vals;
return 1;
}
elseif($this->mytype==2)
{ {
// we're adding to an array here // we're adding to an array here
$ar=$this->me['array']; $this->me['array'] = array_merge($this->me['array'], $vals);
$ar[] = CreateObject('phpgwapi.xmlrpcval',$val, $type);
$this->me['array']=$ar;
} }
else else
{ {
// a scalar, so set the value and remember we're scalar error_log('xmlrpcval: already initialized as a [' . $this->kindOf() . ']');
$this->me[$type]=$val;
$this->mytype=$typeof;
}
return 1;
}
function addArray($vals)
{
if ($this->mytype!=0)
{
echo '<B>xmlrpcval</B>: already initialized as a [' . $this->kindOf() . ']<BR>';
return 0; return 0;
} }
$this->mytype=$GLOBALS['xmlrpcTypes']['array'];
$this->me['array']=$vals;
return 1;
} }
///@todo add some checking for $vals to be an array?
function addStruct($vals) function addStruct($vals)
{ {
// global $xmlrpcTypes; if($this->mytype==0)
if ($this->mytype!=0)
{ {
echo '<B>xmlrpcval</B>: already initialized as a [' . $this->kindOf() . ']<BR>'; $this->mytype = $GLOBALS['xmlrpcTypes']['struct'];
$this->me['struct']=$vals;
return 1;
}
elseif($this->mytype==3)
{
// we're adding to a struct here
$this->me['struct'] = array_merge($this->me['struct'], $vals);
}
else
{
error_log('xmlrpcval: already initialized as a [' . $this->kindOf() . ']');
return 0; return 0;
} }
$this->mytype=$GLOBALS['xmlrpcTypes']['struct'];
$this->me['struct']=$vals;
return 1;
} }
function dump($ar) function dump($ar)
{ {
reset($ar); foreach($ar as $key => $val)
while (list($key,$val) = each($ar))
{ {
echo $key.' => '.$val.'<br>'; echo "$key => $val<br />";
if ($key == 'array') if($key == 'array')
{ {
while (list($key2,$val2) = each($val)) while(list($key2, $val2) = each($val))
{ {
echo '-- '.$key2.' => '.$val2.'<br>'; echo "-- $key2 => $val2<br />";
} }
} }
} }
@ -156,50 +175,49 @@
function serializedata($typ, $val) function serializedata($typ, $val)
{ {
$rs=''; $rs='';
if($typ) switch(@$GLOBALS['xmlrpcTypes'][$typ])
{ {
switch($GLOBALS['xmlrpcTypes'][$typ]) case 3:
{ // struct
case 3: $rs.="<struct>\n";
// struct foreach($val as $key2 => $val2)
$rs .= '<struct>'."\n"; {
reset($val); $rs.="<member><name>${key2}</name>\n";
while(list($key2, $val2)=each($val)) $rs.=$this->serializeval($val2);
{ $rs.="</member>\n";
$rs .= '<member><name>'.$key2.'</name>'."\n".$this->serializeval($val2).'</member>'."\n"; }
} $rs.='</struct>';
$rs .= '</struct>'; break;
break; case 2:
case 2: // array
// array $rs.="<array>\n<data>\n";
$rs .= '<array>'."\n".'<data>'."\n"; for($i=0; $i<sizeof($val); $i++)
for($i=0; $i<sizeof($val); $i++) {
{ $rs.=$this->serializeval($val[$i]);
$rs .= $this->serializeval($val[$i]); }
} $rs.="</data>\n</array>";
$rs .= '</data>'."\n".'</array>'; break;
break; case 1:
case 1: switch($typ)
$rs .= '<'.$typ.'>'; {
switch ($typ) case xmlrpcBase64:
{ $rs.="<${typ}>" . base64_encode($val) . "</${typ}>";
case xmlrpcBase64: break;
$rs.= base64_encode($val); case xmlrpcBoolean:
break; $rs.="<${typ}>" . ($val ? '1' : '0') . "</${typ}>";
case xmlrpcBoolean: break;
$rs.= ($val ? '1' : '0'); case xmlrpcString:
break; // G. Giunta 2005/2/13: do NOT use htmlentities, since
case xmlrpcString: // it will produce named html entities, which are invalid xml
$rs.= htmlspecialchars($val); $rs.="<${typ}>" . xmlrpc_encode_entitites($val). "</${typ}>";
break; // $rs.="<${typ}>" . htmlentities($val). "</${typ}>";
default: break;
$rs.= $val; default:
} $rs.="<${typ}>${val}</${typ}>";
$rs .= '</'.$typ.'>'; }
break; break;
default: default:
break; break;
}
} }
return $rs; return $rs;
} }
@ -211,20 +229,24 @@
function serializeval($o) function serializeval($o)
{ {
$rs=''; // add check? slower, but helps to avoid recursion in serializing broken xmlrpcvals...
//if (is_object($o) && (get_class($o) == 'xmlrpcval' || is_subclass_of($o, 'xmlrpcval')))
//{
$ar=$o->me; $ar=$o->me;
reset($ar); reset($ar);
list($typ, $val) = each($ar); list($typ, $val) = each($ar);
$rs.='<value>'; return '<value>' . $this->serializedata($typ, $val) . "</value>\n";
$rs.= @$this->serializedata($typ, $val); //}
$rs.='</value>'."\n"; }
return $rs;
function structmemexists($m)
{
return array_key_exists($this->me['struct'][$m]);
} }
function structmem($m) function structmem($m)
{ {
$nv=$this->me['struct'][$m]; return $this->me['struct'][$m];
return $nv;
} }
function structreset() function structreset()
@ -237,48 +259,10 @@
return each($this->me['struct']); return each($this->me['struct']);
} }
function getval()
{
// UNSTABLE
reset($this->me);
list($a,$b)=each($this->me);
// contributed by I Sofer, 2001-03-24
// add support for nested arrays to scalarval
// i've created a new method here, so as to
// preserve back compatibility
if (is_array($b))
{
@reset($b);
while(list($id,$cont) = @each($b))
{
$b[$id] = $cont->scalarval();
}
}
// add support for structures directly encoding php objects
if (is_object($b))
{
$t = get_object_vars($b);
@reset($t);
while(list($id,$cont) = @each($t))
{
$t[$id] = $cont->scalarval();
}
@reset($t);
while(list($id,$cont) = @each($t))
{
eval('$b->'.$id.' = $cont;');
}
}
// end contrib
return $b;
}
function scalarval() function scalarval()
{ {
reset($this->me); reset($this->me);
list($a,$b)=each($this->me); list(,$b)=each($this->me);
return $b; return $b;
} }
@ -286,24 +270,64 @@
{ {
reset($this->me); reset($this->me);
list($a,$b)=each($this->me); list($a,$b)=each($this->me);
if ($a==xmlrpcI4) if($a == xmlrpcI4)
{ {
$a=xmlrpcInt; $a = xmlrpcInt;
} }
return $a; return $a;
} }
function arraymem($m) function arraymem($m)
{ {
$nv=@$this->me['array'][$m]; return $this->me['array'][$m];
return $nv;
} }
function arraysize() function arraysize()
{ {
return count($this->me['array']);
}
function structsize()
{
return count($this->me['struct']);
}
// DEPRECATED! this code looks like it is very fragile and has not been fixed
// for a long long time. Shall we remove it for 2.0?
function getval()
{
// UNSTABLE ?
reset($this->me); reset($this->me);
list($a,$b)=each($this->me); list($a,$b)=each($this->me);
return sizeof($b); // contributed by I Sofer, 2001-03-24
// add support for nested arrays to scalarval
// i've created a new method here, so as to
// preserve back compatibility
if(is_array($b))
{
foreach($b as $id => $cont)
{
$b[$id] = $cont->scalarval();
}
}
// add support for structures directly encoding php objects
if(is_object($b))
{
$t = get_object_vars($b);
foreach($t as $id => $cont)
{
$t[$id] = $cont->scalarval();
}
foreach($t as $id => $cont)
{
@$b->$id = $cont;
}
}
// end contrib
return $b;
} }
} }
?> ?>

773
phpgwapi/inc/xml_functions.inc.php
View File

@ -33,6 +33,26 @@
} }
} }
$GLOBALS['xmlrpc_valid_parents'] = array(
'BOOLEAN' => array('VALUE'),
'I4' => array('VALUE'),
'INT' => array('VALUE'),
'STRING' => array('VALUE'),
'DOUBLE' => array('VALUE'),
'DATETIME.ISO8601' => array('VALUE'),
'BASE64' => array('VALUE'),
'ARRAY' => array('VALUE'),
'STRUCT' => array('VALUE'),
'PARAM' => array('PARAMS'),
'METHODNAME' => array('METHODCALL'),
'PARAMS' => array('METHODCALL', 'METHODRESPONSE'),
'MEMBER' => array('STRUCT'),
'NAME' => array('MEMBER'),
'DATA' => array('ARRAY'),
'FAULT' => array('METHODRESPONSE'),
'VALUE' => array('MEMBER', 'DATA', 'PARAM', 'FAULT'),
);
define('xmlrpcI4','i4'); define('xmlrpcI4','i4');
define('xmlrpcInt','int'); define('xmlrpcInt','int');
define('xmlrpcBoolean','boolean'); define('xmlrpcBoolean','boolean');
@ -63,31 +83,63 @@
'apos' => "'" 'apos' => "'"
); );
$GLOBALS['xmlrpcerr']['unknown_method'] = 1; $GLOBALS['xmlrpcerr']['unknown_method']=1;
$GLOBALS['xmlrpcstr']['unknown_method'] = 'Unknown method'; $GLOBALS['xmlrpcstr']['unknown_method']='Unknown method';
$GLOBALS['xmlrpcerr']['invalid_return'] = 2; $GLOBALS['xmlrpcerr']['invalid_return']=2;
$GLOBALS['xmlrpcstr']['invalid_return'] = 'Invalid return payload: enabling debugging to examine incoming payload'; $GLOBALS['xmlrpcstr']['invalid_return']='Invalid return payload: enable debugging to examine incoming payload';
$GLOBALS['xmlrpcerr']['incorrect_params'] = 3; $GLOBALS['xmlrpcerr']['incorrect_params']=3;
$GLOBALS['xmlrpcstr']['incorrect_params'] = 'Incorrect parameters passed to method'; $GLOBALS['xmlrpcstr']['incorrect_params']='Incorrect parameters passed to method';
$GLOBALS['xmlrpcerr']['introspect_unknown'] = 4; $GLOBALS['xmlrpcerr']['introspect_unknown']=4;
$GLOBALS['xmlrpcstr']['introspect_unknown'] = "Can't introspect: method unknown"; $GLOBALS['xmlrpcstr']['introspect_unknown']="Can't introspect: method unknown";
$GLOBALS['xmlrpcerr']['http_error'] = 5; $GLOBALS['xmlrpcerr']['http_error']=5;
$GLOBALS['xmlrpcstr']['http_error'] = "Didn't receive 200 OK from remote server."; $GLOBALS['xmlrpcstr']['http_error']="Didn't receive 200 OK from remote server.";
$GLOBALS['xmlrpcerr']['no_data'] = 6; $GLOBALS['xmlrpcerr']['no_data']=6;
$GLOBALS['xmlrpcstr']['no_data'] = 'No data received from server.'; $GLOBALS['xmlrpcstr']['no_data']='No data received from server.';
$GLOBALS['xmlrpcerr']['no_ssl'] = 7; $GLOBALS['xmlrpcerr']['no_ssl']=7;
$GLOBALS['xmlrpcstr']['no_ssl'] = 'No SSL support compiled in.'; $GLOBALS['xmlrpcstr']['no_ssl']='No SSL support compiled in.';
$GLOBALS['xmlrpcerr']['curl_fail'] = 8; $GLOBALS['xmlrpcerr']['curl_fail']=8;
$GLOBALS['xmlrpcstr']['curl_fail'] = 'CURL error'; $GLOBALS['xmlrpcstr']['curl_fail']='CURL error';
$GLOBALS['xmlrpcerr']['no_access'] = 9; $GLOBALS['xmlrpcerr']['multicall_notstruct'] = 9;
$GLOBALS['xmlrpcstr']['multicall_notstruct'] = 'system.multicall expected struct';
$GLOBALS['xmlrpcerr']['multicall_nomethod'] = 10;
$GLOBALS['xmlrpcstr']['multicall_nomethod'] = 'missing methodName';
$GLOBALS['xmlrpcerr']['multicall_notstring'] = 11;
$GLOBALS['xmlrpcstr']['multicall_notstring'] = 'methodName is not a string';
$GLOBALS['xmlrpcerr']['multicall_recursion'] = 12;
$GLOBALS['xmlrpcstr']['multicall_recursion'] = 'recursive system.multicall forbidden';
$GLOBALS['xmlrpcerr']['multicall_noparams'] = 13;
$GLOBALS['xmlrpcstr']['multicall_noparams'] = 'missing params';
$GLOBALS['xmlrpcerr']['multicall_notarray'] = 14;
$GLOBALS['xmlrpcstr']['multicall_notarray'] = 'params is not an array';
$GLOBALS['xmlrpcerr']['invalid_request']=15;
$GLOBALS['xmlrpcstr']['invalid_request']='Invalid request payload';
$GLOBALS['xmlrpcerr']['no_curl']=16;
$GLOBALS['xmlrpcstr']['no_curl']='No CURL support compiled in.';
$GLOBALS['xmlrpcerr']['server_error']=17;
$GLOBALS['xmlrpcstr']['server_error']='Internal server error';
$GLOBALS['xmlrpcerr']['no_access'] = 18;
$GLOBALS['xmlrpcstr']['no_access'] = 'Access denied'; $GLOBALS['xmlrpcstr']['no_access'] = 'Access denied';
$GLOBALS['xmlrpcerr']['not_existent'] = 10; $GLOBALS['xmlrpcerr']['not_existent'] = 19;
$GLOBALS['xmlrpcstr']['not_existent'] = 'Entry does not (longer) exist!'; $GLOBALS['xmlrpcstr']['not_existent'] = 'Entry does not (longer) exist!';
$GLOBALS['xmlrpcerr']['cannot_decompress']=103;
$GLOBALS['xmlrpcstr']['cannot_decompress']='Received from server compressed HTTP and cannot decompress';
$GLOBALS['xmlrpcerr']['decompress_fail']=104;
$GLOBALS['xmlrpcstr']['decompress_fail']='Received from server invalid compressed HTTP';
$GLOBALS['xmlrpcerr']['dechunk_fail']=105;
$GLOBALS['xmlrpcstr']['dechunk_fail']='Received from server invalid chunked HTTP';
$GLOBALS['xmlrpcerr']['server_cannot_decompress']=106;
$GLOBALS['xmlrpcstr']['server_cannot_decompress']='Received from client compressed HTTP request and cannot decompress';
$GLOBALS['xmlrpcerr']['server_decompress_fail']=107;
$GLOBALS['xmlrpcstr']['server_decompress_fail']='Received from client invalid compressed HTTP request';
$GLOBALS['xmlrpc_defencoding'] = 'UTF-8'; $GLOBALS['xmlrpc_defencoding'] = 'UTF-8';
$GLOBALS['xmlrpc_internalencoding']='ISO-8859-1';
$GLOBALS['xmlrpcName'] = 'XML-RPC for PHP'; $GLOBALS['xmlrpcName'] = 'XML-RPC for PHP';
$GLOBALS['xmlrpcVersion'] = '1.0b9'; $GLOBALS['xmlrpcVersion'] = '2.0';
// let user errors start at 800 // let user errors start at 800
$GLOBALS['xmlrpcerruser'] = 800; $GLOBALS['xmlrpcerruser'] = 800;
@ -117,22 +169,65 @@
Header('Content-type: text/xml'); Header('Content-type: text/xml');
Header('Content-length: ' . strlen($payload)); Header('Content-length: ' . strlen($payload));
print $payload; print $payload;
$GLOBALS['phpgw']->common->phpgw_exit(False); $GLOBALS['egw']->common->phpgw_exit(False);
} }
// used to store state during parsing // used to store state during parsing
// quick explanation of components: // quick explanation of components:
// st - used to build up a string for evaluation
// ac - used to accumulate values // ac - used to accumulate values
// qt - used to decide if quotes are needed for evaluation
// cm - used to denote struct or array (comma needed)
// isf - used to indicate a fault // isf - used to indicate a fault
// lv - used to indicate "looking for a value": implements // lv - used to indicate "looking for a value": implements
// the logic to allow values with no types to be strings // the logic to allow values with no types to be strings
// params - used to store parameters in method calls // params - used to store parameters in method calls
// method - used to store method name // method - used to store method name
// stack - array with genealogy of xml elements names:
// used to validate nesting of xmlrpc elements
$GLOBALS['_xh'] = null;
$GLOBALS['_xh']=array(); /**
* To help correct communication of non-ascii chars inside strings, regardless
* of the charset used when sending requests, parsing them, sending responses
* and parsing responses, convert all non-ascii chars present in the message
* into their equivalent 'charset entity'. Charset entities enumerated this way
* are independent of the charset encoding used to transmit them, and all XML
* parsers are bound to understand them.
*/
function xmlrpc_encode_entitites($data)
{
$length = strlen($data);
$escapeddata = "";
for($position = 0; $position < $length; $position++)
{
$character = substr($data, $position, 1);
$code = Ord($character);
switch($code)
{
case 34:
$character = "&quot;";
break;
case 38:
$character = "&amp;";
break;
case 39:
$character = "&apos;";
break;
case 60:
$character = "&lt;";
break;
case 62:
$character = "&gt;";
break;
default:
if($code < 32 || $code > 159)
{
$character = ("&#".strval($code).";");
}
break;
}
$escapeddata .= $character;
}
return $escapeddata;
}
function xmlrpc_entity_decode($string) function xmlrpc_entity_decode($string)
{ {
@ -177,239 +272,298 @@
function xmlrpc_se($parser, $name, $attrs) function xmlrpc_se($parser, $name, $attrs)
{ {
switch($name) // if invalid xmlrpc already detected, skip all processing
if ($GLOBALS['_xh'][$parser]['isf'] < 2)
{ {
case 'STRUCT': // check for correct element nesting
case 'ARRAY': // top level element can only be of 2 types
$GLOBALS['_xh'][$parser]['st'] .= 'array('; if (count($GLOBALS['_xh'][$parser]['stack']) == 0)
$GLOBALS['_xh'][$parser]['cm']++; {
// this last line turns quoting off if ($name != 'METHODRESPONSE' && $name != 'METHODCALL')
// this means if we get an empty array we'll
// simply get a bit of whitespace in the eval
$GLOBALS['_xh'][$parser]['qt']=0;
break;
case 'NAME':
$GLOBALS['_xh'][$parser]['st'] .= '"';
$GLOBALS['_xh'][$parser]['ac'] = '';
break;
case 'FAULT':
$GLOBALS['_xh'][$parser]['isf'] = 1;
break;
case 'PARAM':
$GLOBALS['_xh'][$parser]['st'] = '';
break;
case 'VALUE':
$GLOBALS['_xh'][$parser]['st'] .= " CreateObject('phpgwapi.xmlrpcval',";
$GLOBALS['_xh'][$parser]['vt'] = xmlrpcString;
$GLOBALS['_xh'][$parser]['ac'] = '';
$GLOBALS['_xh'][$parser]['qt'] = 0;
$GLOBALS['_xh'][$parser]['lv'] = 1;
// look for a value: if this is still 1 by the
// time we reach the first data segment then the type is string
// by implication and we need to add in a quote
break;
case 'I4':
case 'INT':
case 'STRING':
case 'BOOLEAN':
case 'DOUBLE':
case 'DATETIME.ISO8601':
case 'BASE64':
$GLOBALS['_xh'][$parser]['ac']=''; // reset the accumulator
if ($name=='DATETIME.ISO8601' || $name=='STRING')
{ {
$GLOBALS['_xh'][$parser]['qt']=1; $GLOBALS['_xh'][$parser]['isf'] = 2;
if ($name=='DATETIME.ISO8601') $GLOBALS['_xh'][$parser]['isf_reason'] = 'missing top level xmlrpc element';
return;
}
}
else
{
// not top level element: see if parent is OK
if (!in_array($GLOBALS['_xh'][$parser]['stack'][0], $GLOBALS['xmlrpc_valid_parents'][$name]))
{
$GLOBALS['_xh'][$parser]['isf'] = 2;
$GLOBALS['_xh'][$parser]['isf_reason'] = "xmlrpc element $name cannot be child of {$GLOBALS['_xh'][$parser]['stack'][0]}";
return;
}
}
switch($name)
{
case 'STRUCT':
case 'ARRAY':
// create an empty array to hold child values, and push it onto appropriate stack
$cur_val = array();
$cur_val['values'] = array();
$cur_val['type'] = $name;
@array_unshift($GLOBALS['_xh'][$parser]['valuestack'], $cur_val);
break;
case 'DATA':
case 'METHODCALL':
case 'METHODRESPONSE':
case 'PARAMS':
// valid elements that add little to processing
break;
case 'METHODNAME':
case 'NAME':
$GLOBALS['_xh'][$parser]['ac']='';
break;
case 'FAULT':
$GLOBALS['_xh'][$parser]['isf']=1;
break;
case 'VALUE':
$GLOBALS['_xh'][$parser]['vt']='value'; // indicator: no value found yet
$GLOBALS['_xh'][$parser]['ac']='';
$GLOBALS['_xh'][$parser]['lv']=1;
break;
case 'I4':
case 'INT':
case 'STRING':
case 'BOOLEAN':
case 'DOUBLE':
case 'DATETIME.ISO8601':
case 'BASE64':
if ($GLOBALS['_xh'][$parser]['vt']!='value')
{ {
$GLOBALS['_xh'][$parser]['vt']=xmlrpcDateTime; //two data elements inside a value: an error occurred!
$GLOBALS['_xh'][$parser]['isf'] = 2;
$GLOBALS['_xh'][$parser]['isf_reason'] = "$name element following a {$GLOBALS['_xh'][$parser]['vt']} element inside a single value";
return;
} }
}
elseif($name=='BASE64')
{
$GLOBALS['_xh'][$parser]['qt']=2;
}
else
{
// No quoting is required here -- but
// at the end of the element we must check
// for data format errors.
$GLOBALS['_xh'][$parser]['qt']=0;
}
break;
case 'MEMBER':
$GLOBALS['_xh'][$parser]['ac']='';
break;
default:
break;
}
if ($name!='VALUE') $GLOBALS['_xh'][$parser]['ac']=''; // reset the accumulator
{ break;
$GLOBALS['_xh'][$parser]['lv']=0; case 'MEMBER':
$GLOBALS['_xh'][$parser]['valuestack'][0]['name']=''; // set member name to null, in case we do not find in the xml later on
//$GLOBALS['_xh'][$parser]['ac']='';
// Drop trough intentionally
case 'PARAM':
// clear value, so we can check later if no value will passed for this param/member
$GLOBALS['_xh'][$parser]['value']=null;
break;
default:
/// INVALID ELEMENT: RAISE ISF so that it is later recognized!!!
$GLOBALS['_xh'][$parser]['isf'] = 2;
$GLOBALS['_xh'][$parser]['isf_reason'] = "found not-xmlrpc xml element $name";
break;
}
// Save current element name to stack, to validate nesting
@array_unshift($GLOBALS['_xh'][$parser]['stack'], $name);
if($name!='VALUE')
{
$GLOBALS['_xh'][$parser]['lv']=0;
}
} }
} }
function xmlrpc_ee($parser, $name) function xmlrpc_ee($parser, $name)
{ {
switch($name) if ($GLOBALS['_xh'][$parser]['isf'] < 2)
{ {
case 'STRUCT': // push this element name from stack
case 'ARRAY': // NB: if XML validates, correct opening/closing is guaranteed and
if ($GLOBALS['_xh'][$parser]['cm'] && substr($GLOBALS['_xh'][$parser]['st'], -1) ==',') // we do not have to check for $name == $curr_elem.
{ // we also checked for proper nesting at start of elements...
$GLOBALS['_xh'][$parser]['st']=substr($GLOBALS['_xh'][$parser]['st'],0,-1); $curr_elem = array_shift($GLOBALS['_xh'][$parser]['stack']);
}
$GLOBALS['_xh'][$parser]['st'].=')'; switch($name)
$GLOBALS['_xh'][$parser]['vt']=strtolower($name); {
$GLOBALS['_xh'][$parser]['cm']--; case 'STRUCT':
break; case 'ARRAY':
case 'NAME': // fetch out of stack array of values, and promote it to current value
$GLOBALS['_xh'][$parser]['st'].= $GLOBALS['_xh'][$parser]['ac'] . '" => '; $curr_val = array_shift($GLOBALS['_xh'][$parser]['valuestack']);
break; $GLOBALS['_xh'][$parser]['value'] = $curr_val['values'];
case 'BOOLEAN':
// special case here: we translate boolean 1 or 0 into PHP $GLOBALS['_xh'][$parser]['vt']=strtolower($name);
// constants true or false break;
if ($GLOBALS['_xh'][$parser]['ac']=='1') case 'NAME':
{ $GLOBALS['_xh'][$parser]['valuestack'][0]['name'] = $GLOBALS['_xh'][$parser]['ac'];
$GLOBALS['_xh'][$parser]['ac']='True'; break;
} case 'BOOLEAN':
else case 'I4':
{ case 'INT':
$GLOBALS['_xh'][$parser]['ac']='false'; case 'STRING':
} case 'DOUBLE':
$GLOBALS['_xh'][$parser]['vt']=strtolower($name); case 'DATETIME.ISO8601':
// Drop through intentionally. case 'BASE64':
case 'I4': $GLOBALS['_xh'][$parser]['vt']=strtolower($name);
case 'INT': if ($name=='STRING')
case 'STRING':
case 'DOUBLE':
case 'DATETIME.ISO8601':
case 'BASE64':
if ($GLOBALS['_xh'][$parser]['qt']==1)
{
// we use double quotes rather than single so backslashification works OK
$GLOBALS['_xh'][$parser]['st'].='"'. $GLOBALS['_xh'][$parser]['ac'] . '"';
}
elseif ($GLOBALS['_xh'][$parser]['qt']==2)
{
$GLOBALS['_xh'][$parser]['st'].= 'base64_decode("' . $GLOBALS['_xh'][$parser]['ac'] . '")';
}
elseif ($name=='BOOLEAN')
{
$GLOBALS['_xh'][$parser]['st'].=$GLOBALS['_xh'][$parser]['ac'];
}
else
{
// we have an I4, INT or a DOUBLE
// we must check that only 0123456789-.<space> are characters here
if (!ereg("^\-?[0123456789 \t\.]+$", $GLOBALS['_xh'][$parser]['ac']))
{ {
// TODO: find a better way of throwing an error $GLOBALS['_xh'][$parser]['value']=$GLOBALS['_xh'][$parser]['ac'];
// than this! }
error_log('XML-RPC: non numeric value received in INT or DOUBLE'); elseif ($name=='DATETIME.ISO8601')
$GLOBALS['_xh'][$parser]['st'].='ERROR_NON_NUMERIC_FOUND'; {
$GLOBALS['_xh'][$parser]['vt'] = xmlrpcDateTime;
$GLOBALS['_xh'][$parser]['value']=$GLOBALS['_xh'][$parser]['ac'];
}
elseif ($name=='BASE64')
{
///@todo check for failure of base64 decoding / catch warnings
$GLOBALS['_xh'][$parser]['value'] = base64_decode($GLOBALS['_xh'][$parser]['ac']);
}
elseif ($name=='BOOLEAN')
{
// special case here: we translate boolean 1 or 0 into PHP
// constants true or false
// NB: this simple checks helps a lot sanitizing input, ie no
// security problems around here
if ($GLOBALS['_xh'][$parser]['ac']=='1')
{
$GLOBALS['_xh'][$parser]['value']=true;
}
else
{
// log if receiveing something strange, even though we set the value to false anyway
if ($GLOBALS['_xh'][$parser]['ac']!='0')
error_log('XML-RPC: invalid value received in BOOLEAN: '.$GLOBALS['_xh'][$parser]['ac']);
$GLOBALS['_xh'][$parser]['value']=false;
}
}
elseif ($name=='DOUBLE')
{
// we have a DOUBLE
// we must check that only 0123456789-.<space> are characters here
if (!ereg("^[+-]?[eE0123456789 \\t\\.]+$", $GLOBALS['_xh'][$parser]['ac']))
{
// TODO: find a better way of throwing an error
// than this!
error_log('XML-RPC: non numeric value received in DOUBLE: '.$GLOBALS['_xh'][$parser]['ac']);
$GLOBALS['_xh'][$parser]['value']='ERROR_NON_NUMERIC_FOUND';
}
else
{
// it's ok, add it on
$GLOBALS['_xh'][$parser]['value']=(double)$GLOBALS['_xh'][$parser]['ac'];
}
} }
else else
{ {
// it's ok, add it on // we have an I4/INT
$GLOBALS['_xh'][$parser]['st'].=$GLOBALS['_xh'][$parser]['ac']; // we must check that only 0123456789-<space> are characters here
if (!ereg("^[+-]?[0123456789 \\t]+$", $GLOBALS['_xh'][$parser]['ac']))
{
// TODO: find a better way of throwing an error
// than this!
error_log('XML-RPC: non numeric value received in INT: '.$GLOBALS['_xh'][$parser]['ac']);
$GLOBALS['_xh'][$parser]['value']='ERROR_NON_NUMERIC_FOUND';
}
else
{
// it's ok, add it on
$GLOBALS['_xh'][$parser]['value'] = (int)$GLOBALS['_xh'][$parser]['ac'];
}
} }
} $GLOBALS['_xh'][$parser]['ac']=''; // is this necessary?
$GLOBALS['_xh'][$parser]['ac']=""; $GLOBALS['_xh'][$parser]['qt']=0; $GLOBALS['_xh'][$parser]['lv']=3; // indicate we've found a value
$GLOBALS['_xh'][$parser]['lv']=3; // indicate we've found a value break;
break; case 'VALUE':
case 'VALUE': // This if() detects if no scalar was inside <VALUE></VALUE>
// deal with a string value if ($GLOBALS['_xh'][$parser]['vt'] == 'value')
if (strlen($GLOBALS['_xh'][$parser]['ac'])>0 && {
$GLOBALS['_xh'][$parser]['vt']==xmlrpcString) $GLOBALS['_xh'][$parser]['value'] = $GLOBALS['_xh'][$parser]['ac'];
{ $GLOBALS['_xh'][$parser]['vt'] = xmlrpcString;
$GLOBALS['_xh'][$parser]['st'].='"'. $GLOBALS['_xh'][$parser]['ac'] . '"'; }
}
// This if() detects if no scalar was inside <VALUE></VALUE> // build the xmlrpc val out of the data received, and substitute it
// and pads an empty "". $temp =& CreateObject('phpgwapi.xmlrpcval',$GLOBALS['_xh'][$parser]['value'], $GLOBALS['_xh'][$parser]['vt']);
if($GLOBALS['_xh'][$parser]['st'][strlen($GLOBALS['_xh'][$parser]['st'])-1] == '(') // check if we are inside an array or struct:
{ // if value just built is inside an array, let's move it into array on the stack
$GLOBALS['_xh'][$parser]['st'].= '""'; if (count($GLOBALS['_xh'][$parser]['valuestack']) && $GLOBALS['_xh'][$parser]['valuestack'][0]['type']=='ARRAY')
} {
$GLOBALS['_xh'][$parser]['st'].=", '" . $GLOBALS['_xh'][$parser]['vt'] . "')"; $GLOBALS['_xh'][$parser]['valuestack'][0]['values'][] = $temp;
if ($GLOBALS['_xh'][$parser]['cm']) }
{ else
$GLOBALS['_xh'][$parser]['st'].=","; {
} $GLOBALS['_xh'][$parser]['value'] = $temp;
break; }
case 'MEMBER': break;
$GLOBALS['_xh'][$parser]['ac']=""; case 'MEMBER':
$GLOBALS['_xh'][$parser]['qt']=0; $GLOBALS['_xh'][$parser]['ac']=''; // is this necessary?
break; // add to array in the stack the last element built,
case 'DATA': // unless no VALUE was found
$GLOBALS['_xh'][$parser]['ac']=""; if ($GLOBALS['_xh'][$parser]['value'])
$GLOBALS['_xh'][$parser]['qt']=0; $GLOBALS['_xh'][$parser]['valuestack'][0]['values'][$GLOBALS['_xh'][$parser]['valuestack'][0]['name']] = $GLOBALS['_xh'][$parser]['value'];
break; else
case 'PARAM': error_log('XML-RPC: missing VALUE inside STRUCT in received xml');
$GLOBALS['_xh'][$parser]['params'][]=$GLOBALS['_xh'][$parser]['st']; break;
break; case 'DATA':
case 'METHODNAME': $GLOBALS['_xh'][$parser]['ac']=''; // is this necessary?
$GLOBALS['_xh'][$parser]['method']=ereg_replace("^[\n\r\t ]+", "", $GLOBALS['_xh'][$parser]['ac']); break;
break; case 'PARAM':
case 'BOOLEAN': // add to array of params the current value,
// special case here: we translate boolean 1 or 0 into PHP // unless no VALUE was found
// constants true or false if ($GLOBALS['_xh'][$parser]['value'])
if ($GLOBALS['_xh'][$parser]['ac']=='1') $GLOBALS['_xh'][$parser]['params'][]=$GLOBALS['_xh'][$parser]['value'];
{ else
$GLOBALS['_xh'][$parser]['ac']='True'; error_log('XML-RPC: missing VALUE inside PARAM in received xml');
} break;
else case 'METHODNAME':
{ $GLOBALS['_xh'][$parser]['method']=ereg_replace("^[\n\r\t ]+", '', $GLOBALS['_xh'][$parser]['ac']);
$GLOBALS['_xh'][$parser]['ac']='false'; break;
} case 'PARAMS':
$GLOBALS['_xh'][$parser]['vt']=strtolower($name); case 'FAULT':
break; case 'METHODCALL':
default: case 'METHORESPONSE':
break; break;
} default:
// if it's a valid type name, set the type // End of INVALID ELEMENT!
if (isset($GLOBALS['xmlrpcTypes'][strtolower($name)])) // shall we add an assert here for unreachable code???
{ break;
$GLOBALS['_xh'][$parser]['vt']=strtolower($name); }
} }
} }
function xmlrpc_cd($parser, $data) function xmlrpc_cd($parser, $data)
{ {
//if (ereg("^[\n\r \t]+$", $data)) return; //if(ereg("^[\n\r \t]+$", $data)) return;
// print "adding [${data}]\n"; // print "adding [${data}]\n";
if ($GLOBALS['_xh'][$parser]['lv']!=3) // skip processing if xml fault already detected
if ($GLOBALS['_xh'][$parser]['isf'] < 2)
{ {
// "lookforvalue==3" means that we've found an entire value if($GLOBALS['_xh'][$parser]['lv']!=3)
// and should discard any further character data
if ($GLOBALS['_xh'][$parser]['lv']==1)
{ {
// if we've found text and we're just in a <value> then // "lookforvalue==3" means that we've found an entire value
// turn quoting on, as this will be a string // and should discard any further character data
$GLOBALS['_xh'][$parser]['qt']=1; if($GLOBALS['_xh'][$parser]['lv']==1)
// and say we've found a value {
$GLOBALS['_xh'][$parser]['lv']=2; // if we've found text and we're just in a <value> then
// say we've found a value
$GLOBALS['_xh'][$parser]['lv']=2;
}
if(!@isset($GLOBALS['_xh'][$parser]['ac']))
{
$GLOBALS['_xh'][$parser]['ac'] = '';
}
$GLOBALS['_xh'][$parser]['ac'].=$data;
} }
$GLOBALS['_xh'][$parser]['ac'].=str_replace('$', '\$',
str_replace('"', '\"',
str_replace(chr(92),$GLOBALS['xmlrpc_backslash'], $data)));
} }
} }
function xmlrpc_dh($parser, $data) function xmlrpc_dh($parser, $data)
{ {
if (substr($data, 0, 1) == '&' && substr($data, -1, 1) == ';') // skip processing if xml fault already detected
if ($GLOBALS['_xh'][$parser]['isf'] < 2)
{ {
if ($GLOBALS['_xh'][$parser]['lv']==1) if(substr($data, 0, 1) == '&' && substr($data, -1, 1) == ';')
{ {
$GLOBALS['_xh'][$parser]['qt']=1; if($GLOBALS['_xh'][$parser]['lv']==1)
$GLOBALS['_xh'][$parser]['lv']=2; {
$GLOBALS['_xh'][$parser]['lv']=2;
}
$GLOBALS['_xh'][$parser]['ac'].=$data;
} }
$GLOBALS['_xh'][$parser]['ac'].=str_replace('$', '\$',
str_replace('"', '\"',
str_replace(chr(92),$GLOBALS['xmlrpc_backslash'], $data)));
} }
} }
@ -432,15 +586,15 @@
} }
else else
{ {
if (function_exists("gmstrftime")) if(function_exists('gmstrftime'))
{ {
// gmstrftime doesn't exist in some versions // gmstrftime doesn't exist in some versions
// of PHP // of PHP
$t=gmstrftime("%Y%m%dT%H:%M:%S", $timet); $t = gmstrftime("%Y%m%dT%H:%M:%S", $timet);
} }
else else
{ {
$t=strftime("%Y%m%dT%H:%M:%S", $timet-date("Z")); $t = strftime('%Y%m%dT%H:%M:%S', $timet-date('Z'));
} }
} }
return $t; return $t;
@ -448,8 +602,8 @@
function iso8601_decode($idate, $utc=0) function iso8601_decode($idate, $utc=0)
{ {
// return a timet in the localtime, or UTC // return a time in the localtime, or UTC
$t=0; $t = 0;
if (ereg("([0-9]{4})([0-9]{2})([0-9]{2})T([0-9]{2}):([0-9]{2}):([0-9]{2})",$idate, $regs)) if (ereg("([0-9]{4})([0-9]{2})([0-9]{2})T([0-9]{2}):([0-9]{2}):([0-9]{2})",$idate, $regs))
{ {
if ($utc) if ($utc)
@ -474,22 +628,22 @@
{ {
$kind = @$xmlrpc_val->kindOf(); $kind = @$xmlrpc_val->kindOf();
if($kind == "scalar") if($kind == 'scalar')
{ {
return $xmlrpc_val->scalarval(); return $xmlrpc_val->scalarval();
} }
elseif($kind == "array") elseif($kind == 'array')
{ {
$size = $xmlrpc_val->arraysize(); $size = $xmlrpc_val->arraysize();
$arr = array(); $arr = array();
for($i = 0; $i < $size; $i++) for($i = 0; $i < $size; $i++)
{ {
$arr[]=phpgw_xmlrpc_decode($xmlrpc_val->arraymem($i)); $arr[] = phpgw_xmlrpc_decode($xmlrpc_val->arraymem($i));
} }
return $arr; return $arr;
} }
elseif($kind == "struct") elseif($kind == 'struct')
{ {
$xmlrpc_val->structreset(); $xmlrpc_val->structreset();
$arr = array(); $arr = array();
@ -521,39 +675,42 @@
switch($type) switch($type)
{ {
case "array": case 'array':
case "object": case 'object':
$arr = array(); $arr = array();
while (list($k,$v) = each($php_val)) while(list($k,$v) = each($php_val))
{ {
$arr[$k] = phpgw_xmlrpc_encode($v); $arr[$k] = phpgw_xmlrpc_encode($v);
} }
$xmlrpc_val->addStruct($arr); $xmlrpc_val->addStruct($arr);
break; break;
case "integer": case 'integer':
$xmlrpc_val->addScalar($php_val, xmlrpcInt); $xmlrpc_val->addScalar($php_val, xmlrpcInt);
break; break;
case "double": case 'double':
$xmlrpc_val->addScalar($php_val, xmlrpcDouble); $xmlrpc_val->addScalar($php_val, xmlrpcDouble);
break; break;
case "string": case 'string':
$xmlrpc_val->addScalar($php_val, xmlrpcString); $xmlrpc_val->addScalar($php_val, xmlrpcString);
break; break;
// <G_Giunta_2001-02-29> // <G_Giunta_2001-02-29>
// Add support for encoding/decoding of booleans, since they are supported in PHP // Add support for encoding/decoding of booleans, since they are supported in PHP
case "boolean": case 'boolean':
$xmlrpc_val->addScalar($php_val, xmlrpcBoolean); $xmlrpc_val->addScalar($php_val, xmlrpcBoolean);
break; break;
// </G_Giunta_2001-02-29> // </G_Giunta_2001-02-29>
case "unknown type": case 'unknown type':
default: default:
$xmlrpc_val = false; $xmlrpc_val = False;
break; break;
} }
return $xmlrpc_val; return $xmlrpc_val;
} }
// listMethods: either a string, or nothing /* The following functions are the system functions for login, logout, etc.
* They are added to the server map at the end of this file.
*/
$GLOBALS['_xmlrpcs_listMethods_sig'] = array(array(xmlrpcArray, xmlrpcString), array(xmlrpcArray)); $GLOBALS['_xmlrpcs_listMethods_sig'] = array(array(xmlrpcArray, xmlrpcString), array(xmlrpcArray));
$GLOBALS['_xmlrpcs_listMethods_doc'] = 'This method lists all the methods that the XML-RPC server knows how to dispatch'; $GLOBALS['_xmlrpcs_listMethods_doc'] = 'This method lists all the methods that the XML-RPC server knows how to dispatch';
function _xmlrpcs_listMethods($server, $m) function _xmlrpcs_listMethods($server, $m)
@ -656,36 +813,6 @@
return $r; return $r;
} }
/*
$GLOBALS['_xmlrpcs_listApps_sig'] = array(array(xmlrpcStruct,xmlrpcString));
$GLOBALS['_xmlrpcs_listApps_doc'] = 'Returns a list of installed phpgw apps';
function _xmlrpcs_listApps($server,$m)
{
$m->getParam(0);
$GLOBALS['phpgw']->db->query("SELECT * FROM phpgw_applications WHERE app_enabled<3",__LINE__,__FILE__);
if($GLOBALS['phpgw']->db->num_rows())
{
while ($GLOBALS['phpgw']->db->next_record())
{
$name = $GLOBALS['phpgw']->db->f('app_name');
$title = $GLOBALS['phpgw']->db->f('app_title');
$status = $GLOBALS['phpgw']->db->f('app_enabled');
$version= $GLOBALS['phpgw']->db->f('app_version');
$apps[$name] = CreateObject('phpgwapi.xmlrpcval',
array(
'title' => CreateObject('phpgwapi.xmlrpcval',$title,'string'),
'name' => CreateObject('phpgwapi.xmlrpcval',$name,'string'),
'status' => CreateObject('phpgwapi.xmlrpcval',$status,'string'),
'version'=> CreateObject('phpgwapi.xmlrpcval',$version,'string')
),
'struct'
);
}
}
return CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',$apps, 'struct'));
}
*/
$GLOBALS['_xmlrpcs_login_sig'] = array(array(xmlrpcStruct,xmlrpcStruct)); $GLOBALS['_xmlrpcs_login_sig'] = array(array(xmlrpcStruct,xmlrpcStruct));
$GLOBALS['_xmlrpcs_login_doc'] = 'eGroupWare client or server login via XML-RPC'; $GLOBALS['_xmlrpcs_login_doc'] = 'eGroupWare client or server login via XML-RPC';
function _xmlrpcs_login($server,$m) function _xmlrpcs_login($server,$m)
@ -701,12 +828,12 @@
{ {
$domain = $data['domain']->scalarval(); $domain = $data['domain']->scalarval();
} }
$username = $data['username']->scalarval(); $username = $data['username']->scalarval();
$password = $data['password']->scalarval(); $password = $data['password']->scalarval();
if($server_name) if($server_name)
{ {
list($sessionid,$kp3) = $GLOBALS['phpgw']->session->create_server($username.'@'.$server_name,$password,"text"); list($sessionid,$kp3) = $GLOBALS['egw']->session->create_server($username.'@'.$server_name,$password,"text");
} }
else else
{ {
@ -718,9 +845,11 @@
{ {
$user = $username; $user = $username;
} }
$sessionid = $GLOBALS['phpgw']->session->create($user,$password,"text"); $GLOBALS['login'] = $user;
$kp3 = $GLOBALS['phpgw']->session->kp3;
$domain = $GLOBALS['phpgw']->session->account_domain; $sessionid = $GLOBALS['egw']->session->create($user,$password,"text");
$kp3 = $GLOBALS['egw']->session->kp3;
$domain = $GLOBALS['egw']->session->account_domain;
} }
if($sessionid && $kp3) if($sessionid && $kp3)
@ -736,16 +865,6 @@
return CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',$rtrn,'struct')); return CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',$rtrn,'struct'));
} }
$GLOBALS['_xmlrpcs_phpgw_api_version_sig'] = array(array(xmlrpcString,xmlrpcString));
$GLOBALS['_xmlrpcs_phpgw_api_version_doc'] = 'Returns the eGroupWare API version';
function _xmlrpcs_phpgw_api_version($server,$m)
{
$version = $GLOBALS['phpgw_info']['server']['versions']['phpgwapi'];
return CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',$version,'string'));
}
$GLOBALS['_xmlrpcs_logout_sig'] = array(array(xmlrpcStruct,xmlrpcStruct)); $GLOBALS['_xmlrpcs_logout_sig'] = array(array(xmlrpcStruct,xmlrpcStruct));
$GLOBALS['_xmlrpcs_logout_doc'] = 'eGroupWare client or server logout via XML-RPC'; $GLOBALS['_xmlrpcs_logout_doc'] = 'eGroupWare client or server logout via XML-RPC';
function _xmlrpcs_logout($server,$m) function _xmlrpcs_logout($server,$m)
@ -756,7 +875,7 @@
$sessionid = $data['sessionid']->scalarval(); $sessionid = $data['sessionid']->scalarval();
$kp3 = $data['kp3']->scalarval(); $kp3 = $data['kp3']->scalarval();
$later = $GLOBALS['phpgw']->session->destroy($sessionid,$kp3); $later = $GLOBALS['egw']->session->destroy($sessionid,$kp3);
if ($later) if ($later)
{ {
@ -770,6 +889,61 @@
return CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',$rtrn,'struct')); return CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',$rtrn,'struct'));
} }
$GLOBALS['_xmlrpcs_phpgw_api_version_sig'] = array(array(xmlrpcString));
$GLOBALS['_xmlrpcs_phpgw_api_version_doc'] = 'Returns the eGroupWare API version';
function _xmlrpcs_phpgw_api_version($server,$m)
{
$version = $GLOBALS['egw_info']['server']['versions']['phpgwapi'];
return CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',$version,'string'));
}
/*
$GLOBALS['_xmlrpcs_listApps_sig'] = array(array(xmlrpcStruct,xmlrpcString));
$GLOBALS['_xmlrpcs_listApps_doc'] = 'Returns a list of installed phpgw apps';
function _xmlrpcs_listApps($server,$m)
{
$m->getParam(0);
$GLOBALS['egw']->db->query("SELECT * FROM phpgw_applications WHERE app_enabled<3",__LINE__,__FILE__);
if($GLOBALS['egw']->db->num_rows())
{
while($GLOBALS['egw']->db->next_record())
{
$name = $GLOBALS['egw']->db->f('app_name');
$title = $GLOBALS['egw']->db->f('app_title');
$status = $GLOBALS['egw']->db->f('app_enabled');
$version= $GLOBALS['egw']->db->f('app_version');
$apps[$name] = CreateObject('phpgwapi.xmlrpcval',
array(
'title' => CreateObject('phpgwapi.xmlrpcval',$title,'string'),
'name' => CreateObject('phpgwapi.xmlrpcval',$name,'string'),
'status' => CreateObject('phpgwapi.xmlrpcval',$status,'string'),
'version'=> CreateObject('phpgwapi.xmlrpcval',$version,'string')
),
'struct'
);
}
}
return CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',$apps, 'struct'));
}
*/
/*
$GLOBALS['_xmlrpcs_egw_time_sig'] = array(array(xmlrpcString,xmlrpcString));
$GLOBALS['_xmlrpcs_egw_time_doc'] = 'Returns system time based on optional format string';
function _xmlrpcs_time($server,$m)
{
$format = $m->getParam(0);
$format = $format ? $format : 'Y/m/d H:i';
return CreateObject(
'phpgwapi.xmlrpcresp',
CreateObject('phpgwapi.xmlrpcval', date($format,time()), 'string')
);
}
*/
/* Add the system functions to the server map */
$GLOBALS['_xmlrpcs_dmap'] = array( $GLOBALS['_xmlrpcs_dmap'] = array(
'system.listMethods' => array( 'system.listMethods' => array(
'function' => '_xmlrpcs_listMethods', 'function' => '_xmlrpcs_listMethods',
@ -786,13 +960,6 @@
'signature' => $GLOBALS['_xmlrpcs_methodSignature_sig'], 'signature' => $GLOBALS['_xmlrpcs_methodSignature_sig'],
'docstring' => $GLOBALS['_xmlrpcs_methodSignature_doc'] 'docstring' => $GLOBALS['_xmlrpcs_methodSignature_doc']
), ),
/*
'system.listApps' => array(
'function' => '_xmlrpcs_listApps',
'signature' => $GLOBALS['_xmlrpcs_listApps_sig'],
'docstring' => $GLOBALS['_xmlrpcs_listApps_doc']
),
*/
'system.login' => array( 'system.login' => array(
'function' => '_xmlrpcs_login', 'function' => '_xmlrpcs_login',
'signature' => $GLOBALS['_xmlrpcs_login_sig'], 'signature' => $GLOBALS['_xmlrpcs_login_sig'],
@ -808,6 +975,20 @@
'signature' => $GLOBALS['_xmlrpcs_phpgw_api_version_sig'], 'signature' => $GLOBALS['_xmlrpcs_phpgw_api_version_sig'],
'docstring' => $GLOBALS['_xmlrpcs_phpgw_api_version_doc'] 'docstring' => $GLOBALS['_xmlrpcs_phpgw_api_version_doc']
) )
/*
'system.listApps' => array(
'function' => '_xmlrpcs_listApps',
'signature' => $GLOBALS['_xmlrpcs_listApps_sig'],
'docstring' => $GLOBALS['_xmlrpcs_listApps_doc']
),
*/
/*
'system.time' => array(
'function' => '_xmlrpcs_time',
'signature' => $GLOBALS['_xmlrpcs_time_sig'],
'docstring' => $GLOBALS['_xmlrpcs_time_doc']
)
*/
); );
$GLOBALS['_xmlrpc_debuginfo'] = ''; $GLOBALS['_xmlrpc_debuginfo'] = '';