OSDN Git Service

FIX: PHP5/MySQL5における文法違反コードの修正
[nucleus-jp/nucleus-jp-ancient.git] / nucleus / libs / xmlrpcs.inc.php
1 <?php
2 // by Edd Dumbill (C) 1999-2002
3 // <edd@usefulinc.com>
4 // $Original: xmlrpcs.inc,v 1.66 2006/09/17 21:25:06 ggiunta Exp $
5 // $Id$
6 // $NucleusJP: xmlrpcs.inc.php,v 1.9.2.2 2007/09/07 07:04:24 kimitake Exp $
7
8 // Copyright (c) 1999,2000,2002 Edd Dumbill.
9 // All rights reserved.
10 //
11 // Redistribution and use in source and binary forms, with or without
12 // modification, are permitted provided that the following conditions
13 // are met:
14 //
15 //    * Redistributions of source code must retain the above copyright
16 //      notice, this list of conditions and the following disclaimer.
17 //
18 //    * Redistributions in binary form must reproduce the above
19 //      copyright notice, this list of conditions and the following
20 //      disclaimer in the documentation and/or other materials provided
21 //      with the distribution.
22 //
23 //    * Neither the name of the "XML-RPC for PHP" nor the names of its
24 //      contributors may be used to endorse or promote products derived
25 //      from this software without specific prior written permission.
26 //
27 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
28 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
29 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
30 // FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
31 // REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
32 // INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
33 // (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
34 // SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
35 // HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
36 // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
37 // ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
38 // OF THE POSSIBILITY OF SUCH DAMAGE.
39
40         // XML RPC Server class
41         // requires: xmlrpc.inc
42
43         $GLOBALS['xmlrpcs_capabilities'] = array(
44                 // xmlrpc spec: always supported
45                 'xmlrpc' => new xmlrpcval(array(
46                         'specUrl' => new xmlrpcval('http://www.xmlrpc.com/spec', 'string'),
47                         'specVersion' => new xmlrpcval(1, 'int')
48                 ), 'struct'),
49                 // if we support system.xxx functions, we always support multicall, too...
50                 // Note that, as of 2006/09/17, the following URL does not respond anymore
51                 'system.multicall' => new xmlrpcval(array(
52                         'specUrl' => new xmlrpcval('http://www.xmlrpc.com/discuss/msgReader$1208', 'string'),
53                         'specVersion' => new xmlrpcval(1, 'int')
54                 ), 'struct'),
55                 // introspection: version 2! we support 'mixed', too
56                 'introspection' => new xmlrpcval(array(
57                         'specUrl' => new xmlrpcval('http://phpxmlrpc.sourceforge.net/doc-2/ch10.html', 'string'),
58                         'specVersion' => new xmlrpcval(2, 'int')
59                 ), 'struct')
60         );
61
62         /* Functions that implement system.XXX methods of xmlrpc servers */
63         $_xmlrpcs_getCapabilities_sig=array(array($GLOBALS['xmlrpcStruct']));
64         $_xmlrpcs_getCapabilities_doc='This method lists all the capabilites that the XML-RPC server has: the (more or less standard) extensions to the xmlrpc spec that it adheres to';
65         $_xmlrpcs_getCapabilities_sdoc=array(array('list of capabilities, described as structs with a version number and url for the spec'));
66         function _xmlrpcs_getCapabilities($server, $m=null)
67         {
68                 $outAr = $GLOBALS['xmlrpcs_capabilities'];
69                 // NIL extension
70                 if ($GLOBALS['xmlrpc_null_extension']) {
71                         $outAr['nil'] = new xmlrpcval(array(
72                                 'specUrl' => new xmlrpcval('http://www.ontosys.com/xml-rpc/extensions.php', 'string'),
73                                 'specVersion' => new xmlrpcval(1, 'int')
74                         ), 'struct');
75                 }
76                 return new xmlrpcresp(new xmlrpcval($outAr, 'struct'));
77         }
78
79         // listMethods: signature was either a string, or nothing.
80         // The useless string variant has been removed
81         $_xmlrpcs_listMethods_sig=array(array($GLOBALS['xmlrpcArray']));
82         $_xmlrpcs_listMethods_doc='This method lists all the methods that the XML-RPC server knows how to dispatch';
83         $_xmlrpcs_listMethods_sdoc=array(array('list of method names'));
84         function _xmlrpcs_listMethods($server, $m=null) // if called in plain php values mode, second param is missing
85         {
86
87                 $outAr=array();
88                 foreach($server->dmap as $key => $val)
89                 {
90                         $outAr[]= new xmlrpcval($key, 'string');
91                 }
92                 if($server->allow_system_funcs)
93                 {
94                         foreach($GLOBALS['_xmlrpcs_dmap'] as $key => $val)
95                         {
96                                 $outAr[]= new xmlrpcval($key, 'string');
97                         }
98                 }
99                 return new xmlrpcresp(new xmlrpcval($outAr, 'array'));
100         }
101
102         $_xmlrpcs_methodSignature_sig=array(array($GLOBALS['xmlrpcArray'], $GLOBALS['xmlrpcString']));
103         $_xmlrpcs_methodSignature_doc='Returns an array of known signatures (an array of arrays) for the method name passed. If no signatures are known, returns a none-array (test for type != array to detect missing signature)';
104         $_xmlrpcs_methodSignature_sdoc=array(array('list of known signatures, each sig being an array of xmlrpc type names', 'name of method to be described'));
105         function _xmlrpcs_methodSignature($server, $m)
106         {
107                 // let accept as parameter both an xmlrpcval or string
108                 if (is_object($m))
109                 {
110                         $methName=$m->getParam(0);
111                         $methName=$methName->scalarval();
112                 }
113                 else
114                 {
115                         $methName=$m;
116                 }
117                 if(strpos($methName, "system.") === 0)
118                 {
119                         $dmap=$GLOBALS['_xmlrpcs_dmap']; $sysCall=1;
120                 }
121                 else
122                 {
123                         $dmap=$server->dmap; $sysCall=0;
124                 }
125                 if(isset($dmap[$methName]))
126                 {
127                         if(isset($dmap[$methName]['signature']))
128                         {
129                                 $sigs=array();
130                                 foreach($dmap[$methName]['signature'] as $inSig)
131                                 {
132                                         $cursig=array();
133                                         foreach($inSig as $sig)
134                                         {
135                                                 $cursig[]= new xmlrpcval($sig, 'string');
136                                         }
137                                         $sigs[]= new xmlrpcval($cursig, 'array');
138                                 }
139                                 $r= new xmlrpcresp(new xmlrpcval($sigs, 'array'));
140                         }
141                         else
142                         {
143                                 // NB: according to the official docs, we should be returning a
144                                 // "none-array" here, which means not-an-array
145                                 $r= new xmlrpcresp(new xmlrpcval('undef', 'string'));
146                         }
147                 }
148                 else
149                 {
150                         $r= new xmlrpcresp(0,$GLOBALS['xmlrpcerr']['introspect_unknown'], $GLOBALS['xmlrpcstr']['introspect_unknown']);
151                 }
152                 return $r;
153         }
154
155         $_xmlrpcs_methodHelp_sig=array(array($GLOBALS['xmlrpcString'], $GLOBALS['xmlrpcString']));
156         $_xmlrpcs_methodHelp_doc='Returns help text if defined for the method passed, otherwise returns an empty string';
157         $_xmlrpcs_methodHelp_sdoc=array(array('method description', 'name of the method to be described'));
158         function _xmlrpcs_methodHelp($server, $m)
159         {
160                 // let accept as parameter both an xmlrpcval or string
161                 if (is_object($m))
162                 {
163                         $methName=$m->getParam(0);
164                         $methName=$methName->scalarval();
165                 }
166                 else
167                 {
168                         $methName=$m;
169                 }
170                 if(strpos($methName, "system.") === 0)
171                 {
172                         $dmap=$GLOBALS['_xmlrpcs_dmap']; $sysCall=1;
173                 }
174                 else
175                 {
176                         $dmap=$server->dmap; $sysCall=0;
177                 }
178                 if(isset($dmap[$methName]))
179                 {
180                         if(isset($dmap[$methName]['docstring']))
181                         {
182                                 $r= new xmlrpcresp(new xmlrpcval($dmap[$methName]['docstring']), 'string');
183                         }
184                         else
185                         {
186                                 $r= new xmlrpcresp(new xmlrpcval('', 'string'));
187                         }
188                 }
189                 else
190                 {
191                         $r= new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['introspect_unknown'], $GLOBALS['xmlrpcstr']['introspect_unknown']);
192                 }
193                 return $r;
194         }
195
196         $_xmlrpcs_multicall_sig = array(array($GLOBALS['xmlrpcArray'], $GLOBALS['xmlrpcArray']));
197         $_xmlrpcs_multicall_doc = 'Boxcar multiple RPC calls in one request. See http://www.xmlrpc.com/discuss/msgReader$1208 for details';
198         $_xmlrpcs_multicall_sdoc = array(array('list of response structs, where each struct has the usual members', 'list of calls, with each call being represented as a struct, with members "methodname" and "params"'));
199         function _xmlrpcs_multicall_error($err)
200         {
201                 if(is_string($err))
202                 {
203                         $str = $GLOBALS['xmlrpcstr']["multicall_${err}"];
204                         $code = $GLOBALS['xmlrpcerr']["multicall_${err}"];
205                 }
206                 else
207                 {
208                         $code = $err->faultCode();
209                         $str = $err->faultString();
210                 }
211                 $struct = array();
212                 $struct['faultCode'] = new xmlrpcval($code, 'int');
213                 $struct['faultString'] = new xmlrpcval($str, 'string');
214                 return new xmlrpcval($struct, 'struct');
215         }
216
217         function _xmlrpcs_multicall_do_call($server, $call)
218         {
219                 if($call->kindOf() != 'struct')
220                 {
221                         return _xmlrpcs_multicall_error('notstruct');
222                 }
223                 $methName = @$call->structmem('methodName');
224                 if(!$methName)
225                 {
226                         return _xmlrpcs_multicall_error('nomethod');
227                 }
228                 if($methName->kindOf() != 'scalar' || $methName->scalartyp() != 'string')
229                 {
230                         return _xmlrpcs_multicall_error('notstring');
231                 }
232                 if($methName->scalarval() == 'system.multicall')
233                 {
234                         return _xmlrpcs_multicall_error('recursion');
235                 }
236
237                 $params = @$call->structmem('params');
238                 if(!$params)
239                 {
240                         return _xmlrpcs_multicall_error('noparams');
241                 }
242                 if($params->kindOf() != 'array')
243                 {
244                         return _xmlrpcs_multicall_error('notarray');
245                 }
246                 $numParams = $params->arraysize();
247
248                 $msg = new xmlrpcmsg($methName->scalarval());
249                 for($i = 0; $i < $numParams; $i++)
250                 {
251                         if(!$msg->addParam($params->arraymem($i)))
252                         {
253                                 $i++;
254                                 return _xmlrpcs_multicall_error(new xmlrpcresp(0,
255                                         $GLOBALS['xmlrpcerr']['incorrect_params'],
256                                         $GLOBALS['xmlrpcstr']['incorrect_params'] . ": probable xml error in param " . $i));
257                         }
258                 }
259
260                 $result = $server->execute($msg);
261
262                 if($result->faultCode() != 0)
263                 {
264                         return _xmlrpcs_multicall_error($result);               // Method returned fault.
265                 }
266
267                 return new xmlrpcval(array($result->value()), 'array');
268         }
269
270         function _xmlrpcs_multicall_do_call_phpvals($server, $call)
271         {
272                 if(!is_array($call))
273                 {
274                         return _xmlrpcs_multicall_error('notstruct');
275                 }
276                 if(!array_key_exists('methodName', $call))
277                 {
278                         return _xmlrpcs_multicall_error('nomethod');
279                 }
280                 if (!is_string($call['methodName']))
281                 {
282                         return _xmlrpcs_multicall_error('notstring');
283                 }
284                 if($call['methodName'] == 'system.multicall')
285                 {
286                         return _xmlrpcs_multicall_error('recursion');
287                 }
288                 if(!array_key_exists('params', $call))
289                 {
290                         return _xmlrpcs_multicall_error('noparams');
291                 }
292                 if(!is_array($call['params']))
293                 {
294                         return _xmlrpcs_multicall_error('notarray');
295                 }
296
297                 // this is a real dirty and simplistic hack, since we might have received a
298                 // base64 or datetime values, but they will be listed as strings here...
299                 $numParams = count($call['params']);
300                 $pt = array();
301                 foreach($call['params'] as $val)
302                         $pt[] = php_2_xmlrpc_type(gettype($val));
303
304                 $result = $server->execute($call['methodName'], $call['params'], $pt);
305
306                 if($result->faultCode() != 0)
307                 {
308                         return _xmlrpcs_multicall_error($result);               // Method returned fault.
309                 }
310
311                 return new xmlrpcval(array($result->value()), 'array');
312         }
313
314         function _xmlrpcs_multicall($server, $m)
315         {
316                 $result = array();
317                 // let accept a plain list of php parameters, beside a single xmlrpc msg object
318                 if (is_object($m))
319                 {
320                         $calls = $m->getParam(0);
321                         $numCalls = $calls->arraysize();
322                         for($i = 0; $i < $numCalls; $i++)
323                         {
324                                 $call = $calls->arraymem($i);
325                                 $result[$i] = _xmlrpcs_multicall_do_call($server, $call);
326                         }
327                 }
328                 else
329                 {
330                         $numCalls=count($m);
331                         for($i = 0; $i < $numCalls; $i++)
332                         {
333                                 $result[$i] = _xmlrpcs_multicall_do_call_phpvals($server, $m[$i]);
334                         }
335                 }
336
337                 return new xmlrpcresp(new xmlrpcval($result, 'array'));
338         }
339
340         $GLOBALS['_xmlrpcs_dmap']=array(
341                 'system.listMethods' => array(
342                         'function' => '_xmlrpcs_listMethods',
343                         'signature' => $_xmlrpcs_listMethods_sig,
344                         'docstring' => $_xmlrpcs_listMethods_doc,
345                         'signature_docs' => $_xmlrpcs_listMethods_sdoc),
346                 'system.methodHelp' => array(
347                         'function' => '_xmlrpcs_methodHelp',
348                         'signature' => $_xmlrpcs_methodHelp_sig,
349                         'docstring' => $_xmlrpcs_methodHelp_doc,
350                         'signature_docs' => $_xmlrpcs_methodHelp_sdoc),
351                 'system.methodSignature' => array(
352                         'function' => '_xmlrpcs_methodSignature',
353                         'signature' => $_xmlrpcs_methodSignature_sig,
354                         'docstring' => $_xmlrpcs_methodSignature_doc,
355                         'signature_docs' => $_xmlrpcs_methodSignature_sdoc),
356                 'system.multicall' => array(
357                         'function' => '_xmlrpcs_multicall',
358                         'signature' => $_xmlrpcs_multicall_sig,
359                         'docstring' => $_xmlrpcs_multicall_doc,
360                         'signature_docs' => $_xmlrpcs_multicall_sdoc),
361                 'system.getCapabilities' => array(
362                         'function' => '_xmlrpcs_getCapabilities',
363                         'signature' => $_xmlrpcs_getCapabilities_sig,
364                         'docstring' => $_xmlrpcs_getCapabilities_doc,
365                         'signature_docs' => $_xmlrpcs_getCapabilities_sdoc)
366         );
367
368         $GLOBALS['_xmlrpcs_occurred_errors'] = '';
369         $GLOBALS['_xmlrpcs_prev_ehandler'] = '';
370         /**
371         * Error handler used to track errors that occur during server-side execution of PHP code.
372         * This allows to report back to the client whether an internal error has occurred or not
373         * using an xmlrpc response object, instead of letting the client deal with the html junk
374         * that a PHP execution error on the server generally entails.
375         *
376         * NB: in fact a user defined error handler can only handle WARNING, NOTICE and USER_* errors.
377         *
378         */
379         function _xmlrpcs_errorHandler($errcode, $errstring, $filename=null, $lineno=null, $context=null)
380         {
381                 // obey the @ protocol
382                 if (error_reporting() == 0)
383                         return;
384
385                 //if($errcode != E_NOTICE && $errcode != E_WARNING && $errcode != E_USER_NOTICE && $errcode != E_USER_WARNING)
386                 if($errcode != 2048) // do not use E_STRICT by name, since on PHP 4 it will not be defined
387                 {
388                         $GLOBALS['_xmlrpcs_occurred_errors'] = $GLOBALS['_xmlrpcs_occurred_errors'] . $errstring . "\n";
389                 }
390                 // Try to avoid as much as possible disruption to the previous error handling
391                 // mechanism in place
392                 if($GLOBALS['_xmlrpcs_prev_ehandler'] == '')
393                 {
394                         // The previous error handler was the default: all we should do is log error
395                         // to the default error log (if level high enough)
396                         if(ini_get('log_errors') && (intval(ini_get('error_reporting')) & $errcode))
397                         {
398                                 error_log($errstring);
399                         }
400                 }
401                 else
402                 {
403                         // Pass control on to previous error handler, trying to avoid loops...
404                         if($GLOBALS['_xmlrpcs_prev_ehandler'] != '_xmlrpcs_errorHandler')
405                         {
406                                 // NB: this code will NOT work on php < 4.0.2: only 2 params were used for error handlers
407                                 if(is_array($GLOBALS['_xmlrpcs_prev_ehandler']))
408                                 {
409                                         $GLOBALS['_xmlrpcs_prev_ehandler'][0]->$GLOBALS['_xmlrpcs_prev_ehandler'][1]($errcode, $errstring, $filename, $lineno, $context);
410                                 }
411                                 else
412                                 {
413                                         $GLOBALS['_xmlrpcs_prev_ehandler']($errcode, $errstring, $filename, $lineno, $context);
414                                 }
415                         }
416                 }
417         }
418
419         $GLOBALS['_xmlrpc_debuginfo']='';
420
421         /**
422         * Add a string to the debug info that can be later seralized by the server
423         * as part of the response message.
424         * Note that for best compatbility, the debug string should be encoded using
425         * the $GLOBALS['xmlrpc_internalencoding'] character set.
426         * @param string $m
427         * @access public
428         */
429         function xmlrpc_debugmsg($m)
430         {
431                 $GLOBALS['_xmlrpc_debuginfo'] .= $m . "\n";
432         }
433
434         class xmlrpc_server
435         {
436                 /// array defining php functions exposed as xmlrpc methods by this server
437                 var $dmap=array();
438                 /**
439                 * Defines how functions in dmap will be invokde: either using an xmlrpc msg object
440                 * or plain php values.
441                 * valid strings are 'xmlrpcvals', 'phpvals' or 'epivals'
442                 */
443                 var $functions_parameters_type='xmlrpcvals';
444                 /// controls wether the server is going to echo debugging messages back to the client as comments in response body. valid values: 0,1,2,3
445                 var $debug = 1;
446                 /**
447                 * When set to true, it will enable HTTP compression of the response, in case
448                 * the client has declared its support for compression in the request.
449                 */
450                 var $compress_response = false;
451                 /**
452                 * List of http compression methods accepted by the server for requests.
453                 * NB: PHP supports deflate, gzip compressions out of the box if compiled w. zlib
454                 */
455                 var $accepted_compression = array();
456                 /// shall we serve calls to system.* methods?
457                 var $allow_system_funcs = true;
458                 /// list of charset encodings natively accepted for requests
459                 var $accepted_charset_encodings = array();
460                 /**
461                 * charset encoding to be used for response.
462                 * NB: if we can, we will convert the generated response from internal_encoding to the intended one.
463                 * can be: a supported xml encoding (only UTF-8 and ISO-8859-1 at present, unless mbstring is enabled),
464                 * null (leave unspecified in response, convert output stream to US_ASCII),
465                 * 'default' (use xmlrpc library default as specified in xmlrpc.inc, convert output stream if needed),
466                 * or 'auto' (use client-specified charset encoding or same as request if request headers do not specify it (unless request is US-ASCII: then use library default anyway).
467                 * NB: pretty dangerous if you accept every charset and do not have mbstring enabled)
468                 */
469                 var $response_charset_encoding = '';
470                 /// storage for internal debug info
471                 var $debug_info = '';
472                 /// extra data passed at runtime to method handling functions. Used only by EPI layer
473                 var $user_data = null;
474
475                 /**
476                 * @param array $dispmap the dispatch map withd efinition of exposed services
477                 * @param boolean $servicenow set to false to prevent the server from runnung upon construction
478                 */
479                 function xmlrpc_server($dispMap=null, $serviceNow=true)
480                 {
481                         // if ZLIB is enabled, let the server by default accept compressed requests,
482                         // and compress responses sent to clients that support them
483                         if(function_exists('gzinflate'))
484                         {
485                                 $this->accepted_compression = array('gzip', 'deflate');
486                                 $this->compress_response = true;
487                         }
488
489                         // by default the xml parser can support these 3 charset encodings
490                         $this->accepted_charset_encodings = array('UTF-8', 'ISO-8859-1', 'US-ASCII');
491
492                         // dispMap is a dispatch array of methods
493                         // mapped to function names and signatures
494                         // if a method
495                         // doesn't appear in the map then an unknown
496                         // method error is generated
497                         /* milosch - changed to make passing dispMap optional.
498                          * instead, you can use the class add_to_map() function
499                          * to add functions manually (borrowed from SOAPX4)
500                          */
501                         if($dispMap)
502                         {
503                                 $this->dmap = $dispMap;
504                                 if($serviceNow)
505                                 {
506                                         $this->service();
507                                 }
508                         }
509                 }
510
511                 /**
512                 * Set debug level of server.
513                 * @param integer $in debug lvl: determines info added to xmlrpc responses (as xml comments)
514                 * 0 = no debug info,
515                 * 1 = msgs set from user with debugmsg(),
516                 * 2 = add complete xmlrpc request (headers and body),
517                 * 3 = add also all processing warnings happened during method processing
518                 * (NB: this involves setting a custom error handler, and might interfere
519                 * with the standard processing of the php function exposed as method. In
520                 * particular, triggering an USER_ERROR level error will not halt script
521                 * execution anymore, but just end up logged in the xmlrpc response)
522                 * Note that info added at elevel 2 and 3 will be base64 encoded
523                 * @access public
524                 */
525                 function setDebug($in)
526                 {
527                         $this->debug=$in;
528                 }
529
530                 /**
531                 * Return a string with the serialized representation of all debug info
532                 * @param string $charset_encoding the target charset encoding for the serialization
533                 * @return string an XML comment (or two)
534                 */
535                 function serializeDebug($charset_encoding='')
536                 {
537                         // Tough encoding problem: which internal charset should we assume for debug info?
538                         // It might contain a copy of raw data received from client, ie with unknown encoding,
539                         // intermixed with php generated data and user generated data...
540                         // so we split it: system debug is base 64 encoded,
541                         // user debug info should be encoded by the end user using the INTERNAL_ENCODING
542                         $out = '';
543                         if ($this->debug_info != '')
544                         {
545                                 $out .= "<!-- SERVER DEBUG INFO (BASE64 ENCODED):\n".base64_encode($this->debug_info)."\n-->\n";
546                         }
547                         if($GLOBALS['_xmlrpc_debuginfo']!='')
548                         {
549
550                                 $out .= "<!-- DEBUG INFO:\n" . xmlrpc_encode_entitites(str_replace('--', '_-', $GLOBALS['_xmlrpc_debuginfo']), $GLOBALS['xmlrpc_internalencoding'], $charset_encoding) . "\n-->\n";
551                                 // NB: a better solution MIGHT be to use CDATA, but we need to insert it
552                                 // into return payload AFTER the beginning tag
553                                 //$out .= "<![CDATA[ DEBUG INFO:\n\n" . str_replace(']]>', ']_]_>', $GLOBALS['_xmlrpc_debuginfo']) . "\n]]>\n";
554                         }
555                         return $out;
556                 }
557
558                 /**
559                 * Execute the xmlrpc request, printing the response
560                 * @param string $data the request body. If null, the http POST request will be examined
561                 * @return xmlrpcresp the response object (usually not used by caller...)
562                 * @access public
563                 */
564                 function service($data=null, $return_payload=false)
565                 {
566                         if ($data === null)
567                         {
568                                 $data = isset($GLOBALS['HTTP_RAW_POST_DATA']) ? $GLOBALS['HTTP_RAW_POST_DATA'] : '';
569                         }
570                         $raw_data = $data;
571
572                         // reset internal debug info
573                         $this->debug_info = '';
574
575                         // Echo back what we received, before parsing it
576                         if($this->debug > 1)
577                         {
578                                 $this->debugmsg("+++GOT+++\n" . $data . "\n+++END+++");
579                         }
580
581                         $r = $this->parseRequestHeaders($data, $req_charset, $resp_charset, $resp_encoding);
582                         if (!$r)
583                         {
584                                 $r=$this->parseRequest($data, $req_charset);
585                         }
586
587                         // save full body of request into response, for more debugging usages
588                         $r->raw_data = $raw_data;
589
590                         if($this->debug > 2 && $GLOBALS['_xmlrpcs_occurred_errors'])
591                         {
592                                 $this->debugmsg("+++PROCESSING ERRORS AND WARNINGS+++\n" .
593                                         $GLOBALS['_xmlrpcs_occurred_errors'] . "+++END+++");
594                         }
595
596                         $payload=$this->xml_header($resp_charset);
597                         if($this->debug > 0)
598                         {
599                                 $payload = $payload . $this->serializeDebug($resp_charset);
600                         }
601
602                         // G. Giunta 2006-01-27: do not create response serialization if it has
603                         // already happened. Helps building json magic
604                         if (empty($r->payload))
605                         {
606                                 $r->serialize($resp_charset);
607                         }
608                         $payload = $payload . $r->payload;
609
610                         if ($return_payload)
611                         {
612                                 return $payload;
613                         }
614
615                         // if we get a warning/error that has output some text before here, then we cannot
616                         // add a new header. We cannot say we are sending xml, either...
617                         if(!headers_sent())
618                         {
619                                 header('Content-Type: '.$r->content_type);
620                                 // we do not know if client actually told us an accepted charset, but if he did
621                                 // we have to tell him what we did
622                                 header("Vary: Accept-Charset");
623
624                                 // http compression of output: only
625                                 // if we can do it, and we want to do it, and client asked us to,
626                                 // and php ini settings do not force it already
627                                 $php_no_self_compress = ini_get('zlib.output_compression') == '' && (ini_get('output_handler') != 'ob_gzhandler');
628                                 if($this->compress_response && function_exists('gzencode') && $resp_encoding != ''
629                                         && $php_no_self_compress)
630                                 {
631                                         if(strpos($resp_encoding, 'gzip') !== false)
632                                         {
633                                                 $payload = gzencode($payload);
634                                                 header("Content-Encoding: gzip");
635                                                 header("Vary: Accept-Encoding");
636                                         }
637                                         elseif (strpos($resp_encoding, 'deflate') !== false)
638                                         {
639                                                 $payload = gzcompress($payload);
640                                                 header("Content-Encoding: deflate");
641                                                 header("Vary: Accept-Encoding");
642                                         }
643                                 }
644
645                                 // do not ouput content-length header if php is compressing output for us:
646                                 // it will mess up measurements
647                                 if($php_no_self_compress)
648                                 {
649                                         header('Content-Length: ' . (int)strlen($payload));
650                                 }
651                         }
652                         else
653                         {
654                                 error_log('XML-RPC: xmlrpc_server::service: http headers already sent before response is fully generated. Check for php warning or error messages');
655                         }
656
657                         print $payload;
658
659                         // return request, in case subclasses want it
660                         return $r;
661                 }
662
663                 /**
664                 * Add a method to the dispatch map
665                 * @param string $methodname the name with which the method will be made available
666                 * @param string $function the php function that will get invoked
667                 * @param array $sig the array of valid method signatures
668                 * @param string $doc method documentation
669                 * @access public
670                 */
671                 function add_to_map($methodname,$function,$sig=null,$doc='')
672                 {
673                         $this->dmap[$methodname] = array(
674                                 'function'      => $function,
675                                 'docstring' => $doc
676                         );
677                         if ($sig)
678                         {
679                                 $this->dmap[$methodname]['signature'] = $sig;
680                         }
681                 }
682
683                 /**
684                 * Verify type and number of parameters received against a list of known signatures
685                 * @param array $in array of either xmlrpcval objects or xmlrpc type definitions
686                 * @param array $sig array of known signatures to match against
687                 * @access private
688                 */
689                 function verifySignature($in, $sig)
690                 {
691                         // check each possible signature in turn
692                         if (is_object($in))
693                         {
694                                 $numParams = $in->getNumParams();
695                         }
696                         else
697                         {
698                                 $numParams = count($in);
699                         }
700                         foreach($sig as $cursig)
701                         {
702                                 if(count($cursig)==$numParams+1)
703                                 {
704                                         $itsOK=1;
705                                         for($n=0; $n<$numParams; $n++)
706                                         {
707                                                 if (is_object($in))
708                                                 {
709                                                         $p=$in->getParam($n);
710                                                         if($p->kindOf() == 'scalar')
711                                                         {
712                                                                 $pt=$p->scalartyp();
713                                                         }
714                                                         else
715                                                         {
716                                                                 $pt=$p->kindOf();
717                                                         }
718                                                 }
719                                                 else
720                                                 {
721                                                         $pt= $in[$n] == 'i4' ? 'int' : $in[$n]; // dispatch maps never use i4...
722                                                 }
723
724                                                 // param index is $n+1, as first member of sig is return type
725                                                 if($pt != $cursig[$n+1] && $cursig[$n+1] != $GLOBALS['xmlrpcValue'])
726                                                 {
727                                                         $itsOK=0;
728                                                         $pno=$n+1;
729                                                         $wanted=$cursig[$n+1];
730                                                         $got=$pt;
731                                                         break;
732                                                 }
733                                         }
734                                         if($itsOK)
735                                         {
736                                                 return array(1,'');
737                                         }
738                                 }
739                         }
740                         if(isset($wanted))
741                         {
742                                 return array(0, "Wanted ${wanted}, got ${got} at param ${pno}");
743                         }
744                         else
745                         {
746                                 return array(0, "No method signature matches number of parameters");
747                         }
748                 }
749
750                 /**
751                 * Parse http headers received along with xmlrpc request. If needed, inflate request
752                 * @return null on success or an xmlrpcresp
753                 * @access private
754                 */
755                 function parseRequestHeaders(&$data, &$req_encoding, &$resp_encoding, &$resp_compression)
756                 {
757                         // Play nice to PHP 4.0.x: superglobals were not yet invented...
758                         if(!isset($_SERVER))
759                         {
760                                 $_SERVER = $GLOBALS['HTTP_SERVER_VARS'];
761                         }
762
763                         if($this->debug > 1)
764                         {
765                                 if(function_exists('getallheaders'))
766                                 {
767                                         $this->debugmsg(''); // empty line
768                                         foreach(getallheaders() as $name => $val)
769                                         {
770                                                 $this->debugmsg("HEADER: $name: $val");
771                                         }
772                                 }
773
774                         }
775
776                         if(isset($_SERVER['HTTP_CONTENT_ENCODING']))
777                         {
778                                 $content_encoding = str_replace('x-', '', $_SERVER['HTTP_CONTENT_ENCODING']);
779                         }
780                         else
781                         {
782                                 $content_encoding = '';
783                         }
784
785                         // check if request body has been compressed and decompress it
786                         if($content_encoding != '' && strlen($data))
787                         {
788                                 if($content_encoding == 'deflate' || $content_encoding == 'gzip')
789                                 {
790                                         // if decoding works, use it. else assume data wasn't gzencoded
791                                         if(function_exists('gzinflate') && in_array($content_encoding, $this->accepted_compression))
792                                         {
793                                                 if($content_encoding == 'deflate' && $degzdata = @gzuncompress($data))
794                                                 {
795                                                         $data = $degzdata;
796                                                         if($this->debug > 1)
797                                                         {
798                                                                 $this->debugmsg("\n+++INFLATED REQUEST+++[".strlen($data)." chars]+++\n" . $data . "\n+++END+++");
799                                                         }
800                                                 }
801                                                 elseif($content_encoding == 'gzip' && $degzdata = @gzinflate(substr($data, 10)))
802                                                 {
803                                                         $data = $degzdata;
804                                                         if($this->debug > 1)
805                                                                 $this->debugmsg("+++INFLATED REQUEST+++[".strlen($data)." chars]+++\n" . $data . "\n+++END+++");
806                                                 }
807                                                 else
808                                                 {
809                                                         $r = new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['server_decompress_fail'], $GLOBALS['xmlrpcstr']['server_decompress_fail']);
810                                                         return $r;
811                                                 }
812                                         }
813                                         else
814                                         {
815                                                 //error_log('The server sent deflated data. Your php install must have the Zlib extension compiled in to support this.');
816                                                 $r = new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['server_cannot_decompress'], $GLOBALS['xmlrpcstr']['server_cannot_decompress']);
817                                                 return $r;
818                                         }
819                                 }
820                         }
821
822                         // check if client specified accepted charsets, and if we know how to fulfill
823                         // the request
824                         if ($this->response_charset_encoding == 'auto')
825                         {
826                                 $resp_encoding = '';
827                                 if (isset($_SERVER['HTTP_ACCEPT_CHARSET']))
828                                 {
829                                         // here we should check if we can match the client-requested encoding
830                                         // with the encodings we know we can generate.
831                                         /// @todo we should parse q=0.x preferences instead of getting first charset specified...
832                                         $client_accepted_charsets = explode(',', strtoupper($_SERVER['HTTP_ACCEPT_CHARSET']));
833                                         // Give preference to internal encoding
834                                         $known_charsets = array($this->internal_encoding, 'UTF-8', 'ISO-8859-1', 'US-ASCII');
835                                         foreach ($known_charsets as $charset)
836                                         {
837                                                 foreach ($client_accepted_charsets as $accepted)
838                                                         if (strpos($accepted, $charset) === 0)
839                                                         {
840                                                                 $resp_encoding = $charset;
841                                                                 break;
842                                                         }
843                                                 if ($resp_encoding)
844                                                         break;
845                                         }
846                                 }
847                         }
848                         else
849                         {
850                                 $resp_encoding = $this->response_charset_encoding;
851                         }
852
853                         if (isset($_SERVER['HTTP_ACCEPT_ENCODING']))
854                         {
855                                 $resp_compression = $_SERVER['HTTP_ACCEPT_ENCODING'];
856                         }
857                         else
858                         {
859                                 $resp_compression = '';
860                         }
861
862                         // 'guestimate' request encoding
863                         /// @todo check if mbstring is enabled and automagic input conversion is on: it might mingle with this check???
864                         $req_encoding = guess_encoding(isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : '',
865                                 $data);
866
867                         return null;
868                 }
869
870                 /**
871                 * Parse an xml chunk containing an xmlrpc request and execute the corresponding
872                 * php function registered with the server
873                 * @param string $data the xml request
874                 * @param string $req_encoding (optional) the charset encoding of the xml request
875                 * @return xmlrpcresp
876                 * @access private
877                 */
878                 function parseRequest($data, $req_encoding='')
879                 {
880                         // 2005/05/07 commented and moved into caller function code
881                         //if($data=='')
882                         //{
883                         //      $data=$GLOBALS['HTTP_RAW_POST_DATA'];
884                         //}
885
886                         // G. Giunta 2005/02/13: we do NOT expect to receive html entities
887                         // so we do not try to convert them into xml character entities
888                         //$data = xmlrpc_html_entity_xlate($data);
889
890                         $GLOBALS['_xh']=array();
891                         $GLOBALS['_xh']['ac']='';
892                         $GLOBALS['_xh']['stack']=array();
893                         $GLOBALS['_xh']['valuestack'] = array();
894                         $GLOBALS['_xh']['params']=array();
895                         $GLOBALS['_xh']['pt']=array();
896                         $GLOBALS['_xh']['isf']=0;
897                         $GLOBALS['_xh']['isf_reason']='';
898                         $GLOBALS['_xh']['method']=false; // so we can check later if we got a methodname or not
899                         $GLOBALS['_xh']['rt']='';
900
901                         // decompose incoming XML into request structure
902                         if ($req_encoding != '')
903                         {
904                                 if (!in_array($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII')))
905                                 // the following code might be better for mb_string enabled installs, but
906                                 // makes the lib about 200% slower...
907                                 //if (!is_valid_charset($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII')))
908                                 {
909                                         error_log('XML-RPC: xmlrpc_server::parseRequest: invalid charset encoding of received request: '.$req_encoding);
910                                         $req_encoding = $GLOBALS['xmlrpc_defencoding'];
911                                 }
912                                 /// @BUG this will fail on PHP 5 if charset is not specified in the xml prologue,
913                                 // the encoding is not UTF8 and there are non-ascii chars in the text...
914                                 $parser = xml_parser_create($req_encoding);
915                         }
916                         else
917                         {
918                                 $parser = xml_parser_create();
919                         }
920
921                         xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true);
922                         // G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell
923                         // the xml parser to give us back data in the expected charset
924                         xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $GLOBALS['xmlrpc_internalencoding']);
925
926                         if ($this->functions_parameters_type != 'xmlrpcvals')
927                                 xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee_fast');
928                         else
929                                 xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee');
930                         xml_set_character_data_handler($parser, 'xmlrpc_cd');
931                         xml_set_default_handler($parser, 'xmlrpc_dh');
932                         if(!xml_parse($parser, $data, 1))
933                         {
934                                 // return XML error as a faultCode
935                                 $r= new xmlrpcresp(0,
936                                 $GLOBALS['xmlrpcerrxml']+xml_get_error_code($parser),
937                                 sprintf('XML error: %s at line %d, column %d',
938                                         xml_error_string(xml_get_error_code($parser)),
939                                         xml_get_current_line_number($parser), xml_get_current_column_number($parser)));
940                                 xml_parser_free($parser);
941                         }
942                         elseif ($GLOBALS['_xh']['isf'])
943                         {
944                                 xml_parser_free($parser);
945                                 $r= new xmlrpcresp(0,
946                                         $GLOBALS['xmlrpcerr']['invalid_request'],
947                                         $GLOBALS['xmlrpcstr']['invalid_request'] . ' ' . $GLOBALS['_xh']['isf_reason']);
948                         }
949                         else
950                         {
951                                 xml_parser_free($parser);
952                                 if ($this->functions_parameters_type != 'xmlrpcvals')
953                                 {
954                                         if($this->debug > 1)
955                                         {
956                                                 $this->debugmsg("\n+++PARSED+++\n".var_export($GLOBALS['_xh']['params'], true)."\n+++END+++");
957                                         }
958                                         $r = $this->execute($GLOBALS['_xh']['method'], $GLOBALS['_xh']['params'], $GLOBALS['_xh']['pt']);
959                                 }
960                                 else
961                                 {
962                                         // build an xmlrpcmsg object with data parsed from xml
963                                         $m= new xmlrpcmsg($GLOBALS['_xh']['method']);
964                                         // now add parameters in
965                                         for($i=0; $i<count($GLOBALS['_xh']['params']); $i++)
966                                         {
967                                                 $m->addParam($GLOBALS['_xh']['params'][$i]);
968                                         }
969
970                                         if($this->debug > 1)
971                                         {
972                                                 $this->debugmsg("\n+++PARSED+++\n".var_export($m, true)."\n+++END+++");
973                                         }
974
975                                         $r = $this->execute($m);
976                                 }
977                         }
978                         return $r;
979                 }
980
981                 /**
982                 * Execute a method invoked by the client, checking parameters used
983                 * @param mixed $m either an xmlrpcmsg obj or a method name
984                 * @param array $params array with method parameters as php types (if m is method name only)
985                 * @param array $paramtypes array with xmlrpc types of method parameters (if m is method name only)
986                 * @return xmlrpcresp
987                 * @access private
988                 */
989                 function execute($m, $params=null, $paramtypes=null)
990                 {
991                         if (is_object($m))
992                         {
993                                 $methName = $m->method();
994                         }
995                         else
996                         {
997                                 $methName = $m;
998                         }
999                         $sysCall = $this->allow_system_funcs && (strpos($methName, "system.") === 0);
1000                         $dmap = $sysCall ? $GLOBALS['_xmlrpcs_dmap'] : $this->dmap;
1001
1002                         if(!isset($dmap[$methName]['function']))
1003                         {
1004                                 // No such method
1005                                 return new xmlrpcresp(0,
1006                                         $GLOBALS['xmlrpcerr']['unknown_method'],
1007                                         $GLOBALS['xmlrpcstr']['unknown_method']);
1008                         }
1009
1010                         // Check signature
1011                         if(isset($dmap[$methName]['signature']))
1012                         {
1013                                 $sig = $dmap[$methName]['signature'];
1014                                 if (is_object($m))
1015                                 {
1016                                         list($ok, $errstr) = $this->verifySignature($m, $sig);
1017                                 }
1018                                 else
1019                                 {
1020                                         list($ok, $errstr) = $this->verifySignature($paramtypes, $sig);
1021                                 }
1022                                 if(!$ok)
1023                                 {
1024                                         // Didn't match.
1025                                         return new xmlrpcresp(
1026                                                 0,
1027                                                 $GLOBALS['xmlrpcerr']['incorrect_params'],
1028                                                 $GLOBALS['xmlrpcstr']['incorrect_params'] . ": ${errstr}"
1029                                         );
1030                                 }
1031                         }
1032
1033                         $func = $dmap[$methName]['function'];
1034                         // let the 'class::function' syntax be accepted in dispatch maps
1035                         if(is_string($func) && strpos($func, '::'))
1036                         {
1037                                 $func = explode('::', $func);
1038                         }
1039                         // verify that function to be invoked is in fact callable
1040                         if(!is_callable($func))
1041                         {
1042                                 error_log("XML-RPC: xmlrpc_server::execute: function $func registered as method handler is not callable");
1043                                 return new xmlrpcresp(
1044                                         0,
1045                                         $GLOBALS['xmlrpcerr']['server_error'],
1046                                         $GLOBALS['xmlrpcstr']['server_error'] . ": no function matches method"
1047                                 );
1048                         }
1049
1050                         // If debug level is 3, we should catch all errors generated during
1051                         // processing of user function, and log them as part of response
1052                         if($this->debug > 2)
1053                         {
1054                                 $GLOBALS['_xmlrpcs_prev_ehandler'] = set_error_handler('_xmlrpcs_errorHandler');
1055                         }
1056                         if (is_object($m))
1057                         {
1058                                 if($sysCall)
1059                                 {
1060                                         $r = call_user_func($func, $this, $m);
1061                                 }
1062                                 else
1063                                 {
1064                                         $r = call_user_func($func, $m);
1065                                 }
1066                                 if (!is_a($r, 'xmlrpcresp'))
1067                                 {
1068                                         error_log("XML-RPC: xmlrpc_server::execute: function $func registered as method handler does not return an xmlrpcresp object");
1069                                         if (is_a($r, 'xmlrpcval'))
1070                                         {
1071                                                 $r = new xmlrpcresp($r);
1072                                         }
1073                                         else
1074                                         {
1075                                                 $r = new xmlrpcresp(
1076                                                         0,
1077                                                         $GLOBALS['xmlrpcerr']['server_error'],
1078                                                         $GLOBALS['xmlrpcstr']['server_error'] . ": function does not return xmlrpcresp object"
1079                                                 );
1080                                         }
1081                                 }
1082                         }
1083                         else
1084                         {
1085                                 // call a 'plain php' function
1086                                 if($sysCall)
1087                                 {
1088                                         array_unshift($params, $this);
1089                                         $r = call_user_func_array($func, $params);
1090                                 }
1091                                 else
1092                                 {
1093                                         // 3rd API convention for method-handling functions: EPI-style
1094                                         if ($this->functions_parameters_type == 'epivals')
1095                                         {
1096                                                 $data = array($methName, $params, $this->user_data);
1097                                                 $r = call_user_func_array($func, $data);
1098                                                 // mimic EPI behaviour: if we get an array that looks like an error, make it
1099                                                 // an eror response
1100                                                 if (is_array($r) && array_key_exists('faultCode', $r) && array_key_exists('faultString', $r))
1101                                                 {
1102                                                         $r = new xmlrpcresp(0, (integer)$r['faultCode'], (string)$r['faultString']);
1103                                                 }
1104                                                 else
1105                                                 {
1106                                                         // functions using EPI api should NOT return resp objects,
1107                                                         // so make sure we encode the return type correctly
1108                                                         $r = new xmlrpcresp(php_xmlrpc_encode($r, array('extension_api')));
1109                                                 }
1110                                         }
1111                                         else
1112                                         {
1113                                                 $r = call_user_func_array($func, $params);
1114                                         }
1115                                 }
1116                                 // the return type can be either an xmlrpcresp object or a plain php value...
1117                                 if (!is_a($r, 'xmlrpcresp'))
1118                                 {
1119                                         // what should we assume here about automatic encoding of datetimes
1120                                         // and php classes instances???
1121                                         $r = new xmlrpcresp(php_xmlrpc_encode($r, array('auto_dates')));
1122                                 }
1123                         }
1124                         if($this->debug > 2)
1125                         {
1126                                 // note: restore the error handler we found before calling the
1127                                 // user func, even if it has been changed inside the func itself
1128                                 if($GLOBALS['_xmlrpcs_prev_ehandler'])
1129                                 {
1130                                         set_error_handler($GLOBALS['_xmlrpcs_prev_ehandler']);
1131                                 }
1132                                 else
1133                                 {
1134                                         restore_error_handler();
1135                                 }
1136                         }
1137                         return $r;
1138                 }
1139
1140                 /**
1141                 * add a string to the 'internal debug message' (separate from 'user debug message')
1142                 * @param string $strings
1143                 * @access private
1144                 */
1145                 function debugmsg($string)
1146                 {
1147                         $this->debug_info .= $string."\n";
1148                 }
1149
1150                 /**
1151                 * @access private
1152                 */
1153                 function xml_header($charset_encoding='')
1154                 {
1155                         if ($charset_encoding != '')
1156                         {
1157                                 return "<?xml version=\"1.0\" encoding=\"$charset_encoding\"?" . ">\n";
1158                         }
1159                         else
1160                         {
1161                                 return "<?xml version=\"1.0\"?" . ">\n";
1162                         }
1163                 }
1164
1165                 /**
1166                 * A debugging routine: just echoes back the input packet as a string value
1167                 * DEPRECATED!
1168                 */
1169                 function echoInput()
1170                 {
1171                         $r= new xmlrpcresp(new xmlrpcval( "'Aha said I: '" . $GLOBALS['HTTP_RAW_POST_DATA'], 'string'));
1172                         print $r->serialize();
1173                 }
1174         }
1175 ?>