From d7367564c1cda6bedc8316302f3f848b4d411aac Mon Sep 17 00:00:00 2001 From: Kelly Rauchenberger Date: Fri, 15 Aug 2008 15:02:00 +0000 Subject: Central: Organized files Refs #25 --- central/trunk/activate.php | 4 +- central/trunk/class.phpmailer.php | 1897 ---------- central/trunk/class.smtp.php | 1113 ------ central/trunk/db.php | 28 - central/trunk/includes/class.phpmailer.php | 1897 ++++++++++ central/trunk/includes/class.smtp.php | 1113 ++++++ central/trunk/includes/db.php | 28 + central/trunk/includes/instadisc.php | 400 +++ central/trunk/includes/template.php | 160 + central/trunk/includes/xmlrpc/array_key_exists.php | 55 + central/trunk/includes/xmlrpc/is_a.php | 47 + central/trunk/includes/xmlrpc/is_callable.php | 53 + central/trunk/includes/xmlrpc/is_scalar.php | 38 + central/trunk/includes/xmlrpc/var_export.php | 105 + central/trunk/includes/xmlrpc/version_compare.php | 179 + central/trunk/includes/xmlrpc/xmlrpc.inc | 3705 ++++++++++++++++++++ central/trunk/includes/xmlrpc/xmlrpc_wrappers.inc | 819 +++++ central/trunk/includes/xmlrpc/xmlrpcs.inc | 1193 +++++++ central/trunk/index.php | 4 +- central/trunk/instadisc.php | 400 --- central/trunk/install.php | 2 +- central/trunk/login.php | 4 +- central/trunk/register.php | 3 +- central/trunk/subscription.php | 2 +- central/trunk/template.php | 160 - central/trunk/theme/uniform.css | 268 ++ central/trunk/uniform.css | 268 -- central/trunk/userpanel.php | 4 +- central/trunk/xmlrpc.php | 7 +- central/trunk/xmlrpc/array_key_exists.php | 55 - central/trunk/xmlrpc/is_a.php | 47 - central/trunk/xmlrpc/is_callable.php | 53 - central/trunk/xmlrpc/is_scalar.php | 38 - central/trunk/xmlrpc/var_export.php | 105 - central/trunk/xmlrpc/version_compare.php | 179 - central/trunk/xmlrpc/xmlrpc.inc | 3705 -------------------- central/trunk/xmlrpc/xmlrpc_wrappers.inc | 819 ----- central/trunk/xmlrpc/xmlrpcs.inc | 1193 ------- 38 files changed, 10075 insertions(+), 10075 deletions(-) delete mode 100644 central/trunk/class.phpmailer.php delete mode 100644 central/trunk/class.smtp.php delete mode 100644 central/trunk/db.php create mode 100644 central/trunk/includes/class.phpmailer.php create mode 100644 central/trunk/includes/class.smtp.php create mode 100644 central/trunk/includes/db.php create mode 100644 central/trunk/includes/instadisc.php create mode 100644 central/trunk/includes/template.php create mode 100644 central/trunk/includes/xmlrpc/array_key_exists.php create mode 100644 central/trunk/includes/xmlrpc/is_a.php create mode 100644 central/trunk/includes/xmlrpc/is_callable.php create mode 100644 central/trunk/includes/xmlrpc/is_scalar.php create mode 100644 central/trunk/includes/xmlrpc/var_export.php create mode 100644 central/trunk/includes/xmlrpc/version_compare.php create mode 100644 central/trunk/includes/xmlrpc/xmlrpc.inc create mode 100644 central/trunk/includes/xmlrpc/xmlrpc_wrappers.inc create mode 100644 central/trunk/includes/xmlrpc/xmlrpcs.inc delete mode 100644 central/trunk/instadisc.php delete mode 100644 central/trunk/template.php create mode 100644 central/trunk/theme/uniform.css delete mode 100644 central/trunk/uniform.css delete mode 100644 central/trunk/xmlrpc/array_key_exists.php delete mode 100644 central/trunk/xmlrpc/is_a.php delete mode 100644 central/trunk/xmlrpc/is_callable.php delete mode 100644 central/trunk/xmlrpc/is_scalar.php delete mode 100644 central/trunk/xmlrpc/var_export.php delete mode 100644 central/trunk/xmlrpc/version_compare.php delete mode 100644 central/trunk/xmlrpc/xmlrpc.inc delete mode 100644 central/trunk/xmlrpc/xmlrpc_wrappers.inc delete mode 100644 central/trunk/xmlrpc/xmlrpcs.inc diff --git a/central/trunk/activate.php b/central/trunk/activate.php index 3237b70..61a0fca 100644 --- a/central/trunk/activate.php +++ b/central/trunk/activate.php @@ -2,8 +2,8 @@ /* InstaDisc Server - A Four Island Project */ -include('instadisc.php'); -include('template.php'); +include('includes/instadisc.php'); +include('includes/template.php'); if (!isset($_GET['submit'])) { diff --git a/central/trunk/class.phpmailer.php b/central/trunk/class.phpmailer.php deleted file mode 100644 index 51a50e7..0000000 --- a/central/trunk/class.phpmailer.php +++ /dev/null @@ -1,1897 +0,0 @@ -ContentType = 'text/html'; - } else { - $this->ContentType = 'text/plain'; - } - } - - /** - * Sets Mailer to send message using SMTP. - * @return void - */ - public function IsSMTP() { - $this->Mailer = 'smtp'; - } - - /** - * Sets Mailer to send message using PHP mail() function. - * @return void - */ - public function IsMail() { - $this->Mailer = 'mail'; - } - - /** - * Sets Mailer to send message using the $Sendmail program. - * @return void - */ - public function IsSendmail() { - $this->Mailer = 'sendmail'; - } - - /** - * Sets Mailer to send message using the qmail MTA. - * @return void - */ - public function IsQmail() { - $this->Sendmail = '/var/qmail/bin/sendmail'; - $this->Mailer = 'sendmail'; - } - - ///////////////////////////////////////////////// - // METHODS, RECIPIENTS - ///////////////////////////////////////////////// - - /** - * Adds a "To" address. - * @param string $address - * @param string $name - * @return void - */ - public function AddAddress($address, $name = '') { - $cur = count($this->to); - $this->to[$cur][0] = trim($address); - $this->to[$cur][1] = $name; - } - - /** - * Adds a "Cc" address. Note: this function works - * with the SMTP mailer on win32, not with the "mail" - * mailer. - * @param string $address - * @param string $name - * @return void - */ - public function AddCC($address, $name = '') { - $cur = count($this->cc); - $this->cc[$cur][0] = trim($address); - $this->cc[$cur][1] = $name; - } - - /** - * Adds a "Bcc" address. Note: this function works - * with the SMTP mailer on win32, not with the "mail" - * mailer. - * @param string $address - * @param string $name - * @return void - */ - public function AddBCC($address, $name = '') { - $cur = count($this->bcc); - $this->bcc[$cur][0] = trim($address); - $this->bcc[$cur][1] = $name; - } - - /** - * Adds a "Reply-to" address. - * @param string $address - * @param string $name - * @return void - */ - public function AddReplyTo($address, $name = '') { - $cur = count($this->ReplyTo); - $this->ReplyTo[$cur][0] = trim($address); - $this->ReplyTo[$cur][1] = $name; - } - - ///////////////////////////////////////////////// - // METHODS, MAIL SENDING - ///////////////////////////////////////////////// - - /** - * Creates message and assigns Mailer. If the message is - * not sent successfully then it returns false. Use the ErrorInfo - * variable to view description of the error. - * @return bool - */ - public function Send() { - $header = ''; - $body = ''; - $result = true; - - if((count($this->to) + count($this->cc) + count($this->bcc)) < 1) { - $this->SetError($this->Lang('provide_address')); - return false; - } - - /* Set whether the message is multipart/alternative */ - if(!empty($this->AltBody)) { - $this->ContentType = 'multipart/alternative'; - } - - $this->error_count = 0; // reset errors - $this->SetMessageType(); - $header .= $this->CreateHeader(); - $body = $this->CreateBody(); - - if($body == '') { - return false; - } - - /* Choose the mailer */ - switch($this->Mailer) { - case 'sendmail': - $result = $this->SendmailSend($header, $body); - break; - case 'smtp': - $result = $this->SmtpSend($header, $body); - break; - case 'mail': - $result = $this->MailSend($header, $body); - break; - default: - $result = $this->MailSend($header, $body); - break; - //$this->SetError($this->Mailer . $this->Lang('mailer_not_supported')); - //$result = false; - //break; - } - - return $result; - } - - /** - * Sends mail using the $Sendmail program. - * @access public - * @return bool - */ - public function SendmailSend($header, $body) { - if ($this->Sender != '') { - $sendmail = sprintf("%s -oi -f %s -t", escapeshellcmd($this->Sendmail), escapeshellarg($this->Sender)); - } else { - $sendmail = sprintf("%s -oi -t", escapeshellcmd($this->Sendmail)); - } - - if(!@$mail = popen($sendmail, 'w')) { - $this->SetError($this->Lang('execute') . $this->Sendmail); - return false; - } - - fputs($mail, $header); - fputs($mail, $body); - - $result = pclose($mail); - if (version_compare(phpversion(), '4.2.3') == -1) { - $result = $result >> 8 & 0xFF; - } - if($result != 0) { - $this->SetError($this->Lang('execute') . $this->Sendmail); - return false; - } - - return true; - } - - /** - * Sends mail using the PHP mail() function. - * @access public - * @return bool - */ - public function MailSend($header, $body) { - - $to = ''; - for($i = 0; $i < count($this->to); $i++) { - if($i != 0) { $to .= ', '; } - $to .= $this->AddrFormat($this->to[$i]); - } - - $toArr = split(',', $to); - - $params = sprintf("-oi -f %s", $this->Sender); - if ($this->Sender != '' && strlen(ini_get('safe_mode'))< 1) { - $old_from = ini_get('sendmail_from'); - ini_set('sendmail_from', $this->Sender); - if ($this->SingleTo === true && count($toArr) > 1) { - foreach ($toArr as $key => $val) { - $rt = @mail($val, $this->EncodeHeader($this->SecureHeader($this->Subject)), $body, $header, $params); - } - } else { - $rt = @mail($to, $this->EncodeHeader($this->SecureHeader($this->Subject)), $body, $header, $params); - } - } else { - if ($this->SingleTo === true && count($toArr) > 1) { - foreach ($toArr as $key => $val) { - $rt = @mail($val, $this->EncodeHeader($this->SecureHeader($this->Subject)), $body, $header, $params); - } - } else { - $rt = @mail($to, $this->EncodeHeader($this->SecureHeader($this->Subject)), $body, $header); - } - } - - if (isset($old_from)) { - ini_set('sendmail_from', $old_from); - } - - if(!$rt) { - $this->SetError($this->Lang('instantiate')); - return false; - } - - return true; - } - - /** - * Sends mail via SMTP using PhpSMTP (Author: - * Chris Ryan). Returns bool. Returns false if there is a - * bad MAIL FROM, RCPT, or DATA input. - * @access public - * @return bool - */ - public function SmtpSend($header, $body) { - include_once($this->PluginDir . 'class.smtp.php'); - $error = ''; - $bad_rcpt = array(); - - if(!$this->SmtpConnect()) { - return false; - } - - $smtp_from = ($this->Sender == '') ? $this->From : $this->Sender; - if(!$this->smtp->Mail($smtp_from)) { - $error = $this->Lang('from_failed') . $smtp_from; - $this->SetError($error); - $this->smtp->Reset(); - return false; - } - - /* Attempt to send attach all recipients */ - for($i = 0; $i < count($this->to); $i++) { - if(!$this->smtp->Recipient($this->to[$i][0])) { - $bad_rcpt[] = $this->to[$i][0]; - } - } - for($i = 0; $i < count($this->cc); $i++) { - if(!$this->smtp->Recipient($this->cc[$i][0])) { - $bad_rcpt[] = $this->cc[$i][0]; - } - } - for($i = 0; $i < count($this->bcc); $i++) { - if(!$this->smtp->Recipient($this->bcc[$i][0])) { - $bad_rcpt[] = $this->bcc[$i][0]; - } - } - - if(count($bad_rcpt) > 0) { // Create error message - for($i = 0; $i < count($bad_rcpt); $i++) { - if($i != 0) { - $error .= ', '; - } - $error .= $bad_rcpt[$i]; - } - $error = $this->Lang('recipients_failed') . $error; - $this->SetError($error); - $this->smtp->Reset(); - return false; - } - - if(!$this->smtp->Data($header . $body)) { - $this->SetError($this->Lang('data_not_accepted')); - $this->smtp->Reset(); - return false; - } - if($this->SMTPKeepAlive == true) { - $this->smtp->Reset(); - } else { - $this->SmtpClose(); - } - - return true; - } - - /** - * Initiates a connection to an SMTP server. Returns false if the - * operation failed. - * @access public - * @return bool - */ - public function SmtpConnect() { - if($this->smtp == NULL) { - $this->smtp = new SMTP(); - } - - $this->smtp->do_debug = $this->SMTPDebug; - $hosts = explode(';', $this->Host); - $index = 0; - $connection = ($this->smtp->Connected()); - - /* Retry while there is no connection */ - while($index < count($hosts) && $connection == false) { - $hostinfo = array(); - if(eregi('^(.+):([0-9]+)$', $hosts[$index], $hostinfo)) { - $host = $hostinfo[1]; - $port = $hostinfo[2]; - } else { - $host = $hosts[$index]; - $port = $this->Port; - } - - $tls = ($this->SMTPSecure == 'tls'); - $ssl = ($this->SMTPSecure == 'ssl'); - - if($this->smtp->Connect(($ssl ? 'ssl://':'').$host, $port, $this->Timeout)) { - - $hello = ($this->Helo != '' ? $this->Hello : $this->ServerHostname()); - $this->smtp->Hello($hello); - - if($tls) { - if(!$this->smtp->StartTLS()) { - $this->SetError($this->Lang("tls")); - $this->smtp->Reset(); - $connection = false; - } - - //We must resend HELLO after tls negociation - $this->smtp->Hello($hello); - } - - $connection = true; - if($this->SMTPAuth) { - if(!$this->smtp->Authenticate($this->Username, $this->Password)) { - $this->SetError($this->Lang('authenticate')); - $this->smtp->Reset(); - $connection = false; - } - } - } - $index++; - } - if(!$connection) { - $this->SetError($this->Lang('connect_host')); - } - - return $connection; - } - - /** - * Closes the active SMTP session if one exists. - * @return void - */ - public function SmtpClose() { - if($this->smtp != NULL) { - if($this->smtp->Connected()) { - $this->smtp->Quit(); - $this->smtp->Close(); - } - } - } - - /** - * Sets the language for all class error messages. Returns false - * if it cannot load the language file. The default language type - * is English. - * @param string $lang_type Type of language (e.g. Portuguese: "br") - * @param string $lang_path Path to the language file directory - * @access public - * @return bool - */ - function SetLanguage($lang_type = 'en', $lang_path = 'language/') { - if( !(@include $lang_path.'phpmailer.lang-'.$lang_type.'.php') ) { - $this->SetError('Could not load language file'); - return false; - } - $this->language = $PHPMAILER_LANG; - return true; - } - - ///////////////////////////////////////////////// - // METHODS, MESSAGE CREATION - ///////////////////////////////////////////////// - - /** - * Creates recipient headers. - * @access public - * @return string - */ - public function AddrAppend($type, $addr) { - $addr_str = $type . ': '; - $addr_str .= $this->AddrFormat($addr[0]); - if(count($addr) > 1) { - for($i = 1; $i < count($addr); $i++) { - $addr_str .= ', ' . $this->AddrFormat($addr[$i]); - } - } - $addr_str .= $this->LE; - - return $addr_str; - } - - /** - * Formats an address correctly. - * @access public - * @return string - */ - public function AddrFormat($addr) { - if(empty($addr[1])) { - $formatted = $this->SecureHeader($addr[0]); - } else { - $formatted = $this->EncodeHeader($this->SecureHeader($addr[1]), 'phrase') . " <" . $this->SecureHeader($addr[0]) . ">"; - } - - return $formatted; - } - - /** - * Wraps message for use with mailers that do not - * automatically perform wrapping and for quoted-printable. - * Original written by philippe. - * @access public - * @return string - */ - public function WrapText($message, $length, $qp_mode = false) { - $soft_break = ($qp_mode) ? sprintf(" =%s", $this->LE) : $this->LE; - // If utf-8 encoding is used, we will need to make sure we don't - // split multibyte characters when we wrap - $is_utf8 = (strtolower($this->CharSet) == "utf-8"); - - $message = $this->FixEOL($message); - if (substr($message, -1) == $this->LE) { - $message = substr($message, 0, -1); - } - - $line = explode($this->LE, $message); - $message = ''; - for ($i=0 ;$i < count($line); $i++) { - $line_part = explode(' ', $line[$i]); - $buf = ''; - for ($e = 0; $e $length)) { - $space_left = $length - strlen($buf) - 1; - if ($e != 0) { - if ($space_left > 20) { - $len = $space_left; - if ($is_utf8) { - $len = $this->UTF8CharBoundary($word, $len); - } elseif (substr($word, $len - 1, 1) == "=") { - $len--; - } elseif (substr($word, $len - 2, 1) == "=") { - $len -= 2; - } - $part = substr($word, 0, $len); - $word = substr($word, $len); - $buf .= ' ' . $part; - $message .= $buf . sprintf("=%s", $this->LE); - } else { - $message .= $buf . $soft_break; - } - $buf = ''; - } - while (strlen($word) > 0) { - $len = $length; - if ($is_utf8) { - $len = $this->UTF8CharBoundary($word, $len); - } elseif (substr($word, $len - 1, 1) == "=") { - $len--; - } elseif (substr($word, $len - 2, 1) == "=") { - $len -= 2; - } - $part = substr($word, 0, $len); - $word = substr($word, $len); - - if (strlen($word) > 0) { - $message .= $part . sprintf("=%s", $this->LE); - } else { - $buf = $part; - } - } - } else { - $buf_o = $buf; - $buf .= ($e == 0) ? $word : (' ' . $word); - - if (strlen($buf) > $length and $buf_o != '') { - $message .= $buf_o . $soft_break; - $buf = $word; - } - } - } - $message .= $buf . $this->LE; - } - - return $message; - } - - /** - * Finds last character boundary prior to maxLength in a utf-8 - * quoted (printable) encoded string. - * Original written by Colin Brown. - * @access public - * @param string $encodedText utf-8 QP text - * @param int $maxLength find last character boundary prior to this length - * @return int - */ - public function UTF8CharBoundary($encodedText, $maxLength) { - $foundSplitPos = false; - $lookBack = 3; - while (!$foundSplitPos) { - $lastChunk = substr($encodedText, $maxLength - $lookBack, $lookBack); - $encodedCharPos = strpos($lastChunk, "="); - if ($encodedCharPos !== false) { - // Found start of encoded character byte within $lookBack block. - // Check the encoded byte value (the 2 chars after the '=') - $hex = substr($encodedText, $maxLength - $lookBack + $encodedCharPos + 1, 2); - $dec = hexdec($hex); - if ($dec < 128) { // Single byte character. - // If the encoded char was found at pos 0, it will fit - // otherwise reduce maxLength to start of the encoded char - $maxLength = ($encodedCharPos == 0) ? $maxLength : - $maxLength - ($lookBack - $encodedCharPos); - $foundSplitPos = true; - } elseif ($dec >= 192) { // First byte of a multi byte character - // Reduce maxLength to split at start of character - $maxLength = $maxLength - ($lookBack - $encodedCharPos); - $foundSplitPos = true; - } elseif ($dec < 192) { // Middle byte of a multi byte character, look further back - $lookBack += 3; - } - } else { - // No encoded character found - $foundSplitPos = true; - } - } - return $maxLength; - } - - - /** - * Set the body wrapping. - * @access public - * @return void - */ - public function SetWordWrap() { - if($this->WordWrap < 1) { - return; - } - - switch($this->message_type) { - case 'alt': - /* fall through */ - case 'alt_attachments': - $this->AltBody = $this->WrapText($this->AltBody, $this->WordWrap); - break; - default: - $this->Body = $this->WrapText($this->Body, $this->WordWrap); - break; - } - } - - /** - * Assembles message header. - * @access public - * @return string - */ - public function CreateHeader() { - $result = ''; - - /* Set the boundaries */ - $uniq_id = md5(uniqid(time())); - $this->boundary[1] = 'b1_' . $uniq_id; - $this->boundary[2] = 'b2_' . $uniq_id; - - $result .= $this->HeaderLine('Date', $this->RFCDate()); - if($this->Sender == '') { - $result .= $this->HeaderLine('Return-Path', trim($this->From)); - } else { - $result .= $this->HeaderLine('Return-Path', trim($this->Sender)); - } - - /* To be created automatically by mail() */ - if($this->Mailer != 'mail') { - if(count($this->to) > 0) { - $result .= $this->AddrAppend('To', $this->to); - } elseif (count($this->cc) == 0) { - $result .= $this->HeaderLine('To', 'undisclosed-recipients:;'); - } - if(count($this->cc) > 0) { - $result .= $this->AddrAppend('Cc', $this->cc); - } - } - - $from = array(); - $from[0][0] = trim($this->From); - $from[0][1] = $this->FromName; - $result .= $this->AddrAppend('From', $from); - - /* sendmail and mail() extract Cc from the header before sending */ - if((($this->Mailer == 'sendmail') || ($this->Mailer == 'mail')) && (count($this->cc) > 0)) { - $result .= $this->AddrAppend('Cc', $this->cc); - } - - /* sendmail and mail() extract Bcc from the header before sending */ - if((($this->Mailer == 'sendmail') || ($this->Mailer == 'mail')) && (count($this->bcc) > 0)) { - $result .= $this->AddrAppend('Bcc', $this->bcc); - } - - if(count($this->ReplyTo) > 0) { - $result .= $this->AddrAppend('Reply-to', $this->ReplyTo); - } - - /* mail() sets the subject itself */ - if($this->Mailer != 'mail') { - $result .= $this->HeaderLine('Subject', $this->EncodeHeader($this->SecureHeader($this->Subject))); - } - - if($this->MessageID != '') { - $result .= $this->HeaderLine('Message-ID',$this->MessageID); - } else { - $result .= sprintf("Message-ID: <%s@%s>%s", $uniq_id, $this->ServerHostname(), $this->LE); - } - $result .= $this->HeaderLine('X-Priority', $this->Priority); - $result .= $this->HeaderLine('X-Mailer', 'PHPMailer (phpmailer.codeworxtech.com) [version ' . $this->Version . ']'); - - if($this->ConfirmReadingTo != '') { - $result .= $this->HeaderLine('Disposition-Notification-To', '<' . trim($this->ConfirmReadingTo) . '>'); - } - - // Add custom headers - for($index = 0; $index < count($this->CustomHeader); $index++) { - $result .= $this->HeaderLine(trim($this->CustomHeader[$index][0]), $this->EncodeHeader(trim($this->CustomHeader[$index][1]))); - } - if (!$this->sign_key_file) { - $result .= $this->HeaderLine('MIME-Version', '1.0'); - $result .= $this->GetMailMIME(); - } - - return $result; - } - - /** - * Returns the message MIME. - * @access public - * @return string - */ - public function GetMailMIME() { - $result = ''; - switch($this->message_type) { - case 'plain': - $result .= $this->HeaderLine('Content-Transfer-Encoding', $this->Encoding); - $result .= sprintf("Content-Type: %s; charset=\"%s\"", $this->ContentType, $this->CharSet); - break; - case 'attachments': - /* fall through */ - case 'alt_attachments': - if($this->InlineImageExists()){ - $result .= sprintf("Content-Type: %s;%s\ttype=\"text/html\";%s\tboundary=\"%s\"%s", 'multipart/related', $this->LE, $this->LE, $this->boundary[1], $this->LE); - } else { - $result .= $this->HeaderLine('Content-Type', 'multipart/mixed;'); - $result .= $this->TextLine("\tboundary=\"" . $this->boundary[1] . '"'); - } - break; - case 'alt': - $result .= $this->HeaderLine('Content-Type', 'multipart/alternative;'); - $result .= $this->TextLine("\tboundary=\"" . $this->boundary[1] . '"'); - break; - } - - if($this->Mailer != 'mail') { - $result .= $this->LE.$this->LE; - } - - return $result; - } - - /** - * Assembles the message body. Returns an empty string on failure. - * @access public - * @return string - */ - public function CreateBody() { - $result = ''; - - if ($this->sign_key_file) { - $result .= $this->GetMailMIME(); - } - - $this->SetWordWrap(); - - switch($this->message_type) { - case 'alt': - $result .= $this->GetBoundary($this->boundary[1], '', 'text/plain', ''); - $result .= $this->EncodeString($this->AltBody, $this->Encoding); - $result .= $this->LE.$this->LE; - $result .= $this->GetBoundary($this->boundary[1], '', 'text/html', ''); - $result .= $this->EncodeString($this->Body, $this->Encoding); - $result .= $this->LE.$this->LE; - $result .= $this->EndBoundary($this->boundary[1]); - break; - case 'plain': - $result .= $this->EncodeString($this->Body, $this->Encoding); - break; - case 'attachments': - $result .= $this->GetBoundary($this->boundary[1], '', '', ''); - $result .= $this->EncodeString($this->Body, $this->Encoding); - $result .= $this->LE; - $result .= $this->AttachAll(); - break; - case 'alt_attachments': - $result .= sprintf("--%s%s", $this->boundary[1], $this->LE); - $result .= sprintf("Content-Type: %s;%s" . "\tboundary=\"%s\"%s", 'multipart/alternative', $this->LE, $this->boundary[2], $this->LE.$this->LE); - $result .= $this->GetBoundary($this->boundary[2], '', 'text/plain', '') . $this->LE; // Create text body - $result .= $this->EncodeString($this->AltBody, $this->Encoding); - $result .= $this->LE.$this->LE; - $result .= $this->GetBoundary($this->boundary[2], '', 'text/html', '') . $this->LE; // Create the HTML body - $result .= $this->EncodeString($this->Body, $this->Encoding); - $result .= $this->LE.$this->LE; - $result .= $this->EndBoundary($this->boundary[2]); - $result .= $this->AttachAll(); - break; - } - - if($this->IsError()) { - $result = ''; - } else if ($this->sign_key_file) { - $file = tempnam("", "mail"); - $fp = fopen($file, "w"); - fwrite($fp, $result); - fclose($fp); - $signed = tempnam("", "signed"); - - if (@openssl_pkcs7_sign($file, $signed, "file://".$this->sign_cert_file, array("file://".$this->sign_key_file, $this->sign_key_pass), null)) { - $fp = fopen($signed, "r"); - $result = ''; - while(!feof($fp)){ - $result = $result . fread($fp, 1024); - } - fclose($fp); - } else { - $this->SetError($this->Lang("signing").openssl_error_string()); - $result = ''; - } - - unlink($file); - unlink($signed); - } - - return $result; - } - - /** - * Returns the start of a message boundary. - * @access public - */ - public function GetBoundary($boundary, $charSet, $contentType, $encoding) { - $result = ''; - if($charSet == '') { - $charSet = $this->CharSet; - } - if($contentType == '') { - $contentType = $this->ContentType; - } - if($encoding == '') { - $encoding = $this->Encoding; - } - $result .= $this->TextLine('--' . $boundary); - $result .= sprintf("Content-Type: %s; charset = \"%s\"", $contentType, $charSet); - $result .= $this->LE; - $result .= $this->HeaderLine('Content-Transfer-Encoding', $encoding); - $result .= $this->LE; - - return $result; - } - - /** - * Returns the end of a message boundary. - * @access public - */ - public function EndBoundary($boundary) { - return $this->LE . '--' . $boundary . '--' . $this->LE; - } - - /** - * Sets the message type. - * @access public - * @return void - */ - public function SetMessageType() { - if(count($this->attachment) < 1 && strlen($this->AltBody) < 1) { - $this->message_type = 'plain'; - } else { - if(count($this->attachment) > 0) { - $this->message_type = 'attachments'; - } - if(strlen($this->AltBody) > 0 && count($this->attachment) < 1) { - $this->message_type = 'alt'; - } - if(strlen($this->AltBody) > 0 && count($this->attachment) > 0) { - $this->message_type = 'alt_attachments'; - } - } - } - - /* Returns a formatted header line. - * @access public - * @return string - */ - public function HeaderLine($name, $value) { - return $name . ': ' . $value . $this->LE; - } - - /** - * Returns a formatted mail line. - * @access public - * @return string - */ - public function TextLine($value) { - return $value . $this->LE; - } - - ///////////////////////////////////////////////// - // CLASS METHODS, ATTACHMENTS - ///////////////////////////////////////////////// - - /** - * Adds an attachment from a path on the filesystem. - * Returns false if the file could not be found - * or accessed. - * @param string $path Path to the attachment. - * @param string $name Overrides the attachment name. - * @param string $encoding File encoding (see $Encoding). - * @param string $type File extension (MIME) type. - * @return bool - */ - public function AddAttachment($path, $name = '', $encoding = 'base64', $type = 'application/octet-stream') { - if(!@is_file($path)) { - $this->SetError($this->Lang('file_access') . $path); - return false; - } - - $filename = basename($path); - if($name == '') { - $name = $filename; - } - - $cur = count($this->attachment); - $this->attachment[$cur][0] = $path; - $this->attachment[$cur][1] = $filename; - $this->attachment[$cur][2] = $name; - $this->attachment[$cur][3] = $encoding; - $this->attachment[$cur][4] = $type; - $this->attachment[$cur][5] = false; // isStringAttachment - $this->attachment[$cur][6] = 'attachment'; - $this->attachment[$cur][7] = 0; - - return true; - } - - /** - * Attaches all fs, string, and binary attachments to the message. - * Returns an empty string on failure. - * @access public - * @return string - */ - public function AttachAll() { - /* Return text of body */ - $mime = array(); - - /* Add all attachments */ - for($i = 0; $i < count($this->attachment); $i++) { - /* Check for string attachment */ - $bString = $this->attachment[$i][5]; - if ($bString) { - $string = $this->attachment[$i][0]; - } else { - $path = $this->attachment[$i][0]; - } - - $filename = $this->attachment[$i][1]; - $name = $this->attachment[$i][2]; - $encoding = $this->attachment[$i][3]; - $type = $this->attachment[$i][4]; - $disposition = $this->attachment[$i][6]; - $cid = $this->attachment[$i][7]; - - $mime[] = sprintf("--%s%s", $this->boundary[1], $this->LE); - //$mime[] = sprintf("Content-Type: %s; name=\"%s\"%s", $type, $name, $this->LE); - $mime[] = sprintf("Content-Type: %s; name=\"%s\"%s", $type, $this->EncodeHeader($this->SecureHeader($name)), $this->LE); - $mime[] = sprintf("Content-Transfer-Encoding: %s%s", $encoding, $this->LE); - - if($disposition == 'inline') { - $mime[] = sprintf("Content-ID: <%s>%s", $cid, $this->LE); - } - - //$mime[] = sprintf("Content-Disposition: %s; filename=\"%s\"%s", $disposition, $name, $this->LE.$this->LE); - $mime[] = sprintf("Content-Disposition: %s; filename=\"%s\"%s", $disposition, $this->EncodeHeader($this->SecureHeader($name)), $this->LE.$this->LE); - - /* Encode as string attachment */ - if($bString) { - $mime[] = $this->EncodeString($string, $encoding); - if($this->IsError()) { - return ''; - } - $mime[] = $this->LE.$this->LE; - } else { - $mime[] = $this->EncodeFile($path, $encoding); - if($this->IsError()) { - return ''; - } - $mime[] = $this->LE.$this->LE; - } - } - - $mime[] = sprintf("--%s--%s", $this->boundary[1], $this->LE); - - return join('', $mime); - } - - /** - * Encodes attachment in requested format. Returns an - * empty string on failure. - * @access public - * @return string - */ - public function EncodeFile ($path, $encoding = 'base64') { - if(!@$fd = fopen($path, 'rb')) { - $this->SetError($this->Lang('file_open') . $path); - return ''; - } - if (function_exists('get_magic_quotes')) { - function get_magic_quotes() { - return false; - } -} - if (PHP_VERSION < 6) { - $magic_quotes = get_magic_quotes_runtime(); - set_magic_quotes_runtime(0); - } - $file_buffer = file_get_contents($path); - $file_buffer = $this->EncodeString($file_buffer, $encoding); - fclose($fd); - if (PHP_VERSION < 6) { set_magic_quotes_runtime($magic_quotes); } - return $file_buffer; - } - - /** - * Encodes string to requested format. Returns an - * empty string on failure. - * @access public - * @return string - */ - public function EncodeString ($str, $encoding = 'base64') { - $encoded = ''; - switch(strtolower($encoding)) { - case 'base64': - $encoded = chunk_split(base64_encode($str), 76, $this->LE); - break; - case '7bit': - case '8bit': - $encoded = $this->FixEOL($str); - if (substr($encoded, -(strlen($this->LE))) != $this->LE) - $encoded .= $this->LE; - break; - case 'binary': - $encoded = $str; - break; - case 'quoted-printable': - $encoded = $this->EncodeQP($str); - break; - default: - $this->SetError($this->Lang('encoding') . $encoding); - break; - } - return $encoded; - } - - /** - * Encode a header string to best of Q, B, quoted or none. - * @access public - * @return string - */ - public function EncodeHeader ($str, $position = 'text') { - $x = 0; - - switch (strtolower($position)) { - case 'phrase': - if (!preg_match('/[\200-\377]/', $str)) { - /* Can't use addslashes as we don't know what value has magic_quotes_sybase. */ - $encoded = addcslashes($str, "\0..\37\177\\\""); - if (($str == $encoded) && !preg_match('/[^A-Za-z0-9!#$%&\'*+\/=?^_`{|}~ -]/', $str)) { - return ($encoded); - } else { - return ("\"$encoded\""); - } - } - $x = preg_match_all('/[^\040\041\043-\133\135-\176]/', $str, $matches); - break; - case 'comment': - $x = preg_match_all('/[()"]/', $str, $matches); - /* Fall-through */ - case 'text': - default: - $x += preg_match_all('/[\000-\010\013\014\016-\037\177-\377]/', $str, $matches); - break; - } - - if ($x == 0) { - return ($str); - } - - $maxlen = 75 - 7 - strlen($this->CharSet); - /* Try to select the encoding which should produce the shortest output */ - if (strlen($str)/3 < $x) { - $encoding = 'B'; - if (function_exists('mb_strlen') && $this->HasMultiBytes($str)) { - // Use a custom function which correctly encodes and wraps long - // multibyte strings without breaking lines within a character - $encoded = $this->Base64EncodeWrapMB($str); - } else { - $encoded = base64_encode($str); - $maxlen -= $maxlen % 4; - $encoded = trim(chunk_split($encoded, $maxlen, "\n")); - } - } else { - $encoding = 'Q'; - $encoded = $this->EncodeQ($str, $position); - $encoded = $this->WrapText($encoded, $maxlen, true); - $encoded = str_replace('='.$this->LE, "\n", trim($encoded)); - } - - $encoded = preg_replace('/^(.*)$/m', " =?".$this->CharSet."?$encoding?\\1?=", $encoded); - $encoded = trim(str_replace("\n", $this->LE, $encoded)); - - return $encoded; - } - - /** - * Checks if a string contains multibyte characters. - * @access public - * @param string $str multi-byte text to wrap encode - * @return bool - */ - public function HasMultiBytes($str) { - if (function_exists('mb_strlen')) { - return (strlen($str) > mb_strlen($str, $this->CharSet)); - } else { // Assume no multibytes (we can't handle without mbstring functions anyway) - return False; - } - } - - /** - * Correctly encodes and wraps long multibyte strings for mail headers - * without breaking lines within a character. - * Adapted from a function by paravoid at http://uk.php.net/manual/en/function.mb-encode-mimeheader.php - * @access public - * @param string $str multi-byte text to wrap encode - * @return string - */ - public function Base64EncodeWrapMB($str) { - $start = "=?".$this->CharSet."?B?"; - $end = "?="; - $encoded = ""; - - $mb_length = mb_strlen($str, $this->CharSet); - // Each line must have length <= 75, including $start and $end - $length = 75 - strlen($start) - strlen($end); - // Average multi-byte ratio - $ratio = $mb_length / strlen($str); - // Base64 has a 4:3 ratio - $offset = $avgLength = floor($length * $ratio * .75); - - for ($i = 0; $i < $mb_length; $i += $offset) { - $lookBack = 0; - - do { - $offset = $avgLength - $lookBack; - $chunk = mb_substr($str, $i, $offset, $this->CharSet); - $chunk = base64_encode($chunk); - $lookBack++; - } - while (strlen($chunk) > $length); - - $encoded .= $chunk . $this->LE; - } - - // Chomp the last linefeed - $encoded = substr($encoded, 0, -strlen($this->LE)); - return $encoded; - } - - /** - * Encode string to quoted-printable. - * @access public - * @param string $string the text to encode - * @param integer $line_max Number of chars allowed on a line before wrapping - * @return string - */ - public function EncodeQP( $input = '', $line_max = 76, $space_conv = false ) { - $hex = array('0','1','2','3','4','5','6','7','8','9','A','B','C','D','E','F'); - $lines = preg_split('/(?:\r\n|\r|\n)/', $input); - $eol = "\r\n"; - $escape = '='; - $output = ''; - while( list(, $line) = each($lines) ) { - $linlen = strlen($line); - $newline = ''; - for($i = 0; $i < $linlen; $i++) { - $c = substr( $line, $i, 1 ); - $dec = ord( $c ); - if ( ( $i == 0 ) && ( $dec == 46 ) ) { // convert first point in the line into =2E - $c = '=2E'; - } - if ( $dec == 32 ) { - if ( $i == ( $linlen - 1 ) ) { // convert space at eol only - $c = '=20'; - } else if ( $space_conv ) { - $c = '=20'; - } - } elseif ( ($dec == 61) || ($dec < 32 ) || ($dec > 126) ) { // always encode "\t", which is *not* required - $h2 = floor($dec/16); - $h1 = floor($dec%16); - $c = $escape.$hex[$h2].$hex[$h1]; - } - if ( (strlen($newline) + strlen($c)) >= $line_max ) { // CRLF is not counted - $output .= $newline.$escape.$eol; // soft line break; " =\r\n" is okay - $newline = ''; - // check if newline first character will be point or not - if ( $dec == 46 ) { - $c = '=2E'; - } - } - $newline .= $c; - } // end of for - $output .= $newline.$eol; - } // end of while - return trim($output); - } - - /** - * Encode string to q encoding. - * @access public - * @return string - */ - public function EncodeQ ($str, $position = 'text') { - /* There should not be any EOL in the string */ - $encoded = preg_replace("[\r\n]", '', $str); - - switch (strtolower($position)) { - case 'phrase': - $encoded = preg_replace("/([^A-Za-z0-9!*+\/ -])/e", "'='.sprintf('%02X', ord('\\1'))", $encoded); - break; - case 'comment': - $encoded = preg_replace("/([\(\)\"])/e", "'='.sprintf('%02X', ord('\\1'))", $encoded); - case 'text': - default: - /* Replace every high ascii, control =, ? and _ characters */ - $encoded = preg_replace('/([\000-\011\013\014\016-\037\075\077\137\177-\377])/e', - "'='.sprintf('%02X', ord('\\1'))", $encoded); - break; - } - - /* Replace every spaces to _ (more readable than =20) */ - $encoded = str_replace(' ', '_', $encoded); - - return $encoded; - } - - /** - * Adds a string or binary attachment (non-filesystem) to the list. - * This method can be used to attach ascii or binary data, - * such as a BLOB record from a database. - * @param string $string String attachment data. - * @param string $filename Name of the attachment. - * @param string $encoding File encoding (see $Encoding). - * @param string $type File extension (MIME) type. - * @return void - */ - public function AddStringAttachment($string, $filename, $encoding = 'base64', $type = 'application/octet-stream') { - /* Append to $attachment array */ - $cur = count($this->attachment); - $this->attachment[$cur][0] = $string; - $this->attachment[$cur][1] = $filename; - $this->attachment[$cur][2] = $filename; - $this->attachment[$cur][3] = $encoding; - $this->attachment[$cur][4] = $type; - $this->attachment[$cur][5] = true; // isString - $this->attachment[$cur][6] = 'attachment'; - $this->attachment[$cur][7] = 0; - } - - /** - * Adds an embedded attachment. This can include images, sounds, and - * just about any other document. Make sure to set the $type to an - * image type. For JPEG images use "image/jpeg" and for GIF images - * use "image/gif". - * @param string $path Path to the attachment. - * @param string $cid Content ID of the attachment. Use this to identify - * the Id for accessing the image in an HTML form. - * @param string $name Overrides the attachment name. - * @param string $encoding File encoding (see $Encoding). - * @param string $type File extension (MIME) type. - * @return bool - */ - public function AddEmbeddedImage($path, $cid, $name = '', $encoding = 'base64', $type = 'application/octet-stream') { - - if(!@is_file($path)) { - $this->SetError($this->Lang('file_access') . $path); - return false; - } - - $filename = basename($path); - if($name == '') { - $name = $filename; - } - - /* Append to $attachment array */ - $cur = count($this->attachment); - $this->attachment[$cur][0] = $path; - $this->attachment[$cur][1] = $filename; - $this->attachment[$cur][2] = $name; - $this->attachment[$cur][3] = $encoding; - $this->attachment[$cur][4] = $type; - $this->attachment[$cur][5] = false; - $this->attachment[$cur][6] = 'inline'; - $this->attachment[$cur][7] = $cid; - - return true; - } - - /** - * Returns true if an inline attachment is present. - * @access public - * @return bool - */ - public function InlineImageExists() { - $result = false; - for($i = 0; $i < count($this->attachment); $i++) { - if($this->attachment[$i][6] == 'inline') { - $result = true; - break; - } - } - - return $result; - } - - ///////////////////////////////////////////////// - // CLASS METHODS, MESSAGE RESET - ///////////////////////////////////////////////// - - /** - * Clears all recipients assigned in the TO array. Returns void. - * @return void - */ - public function ClearAddresses() { - $this->to = array(); - } - - /** - * Clears all recipients assigned in the CC array. Returns void. - * @return void - */ - public function ClearCCs() { - $this->cc = array(); - } - - /** - * Clears all recipients assigned in the BCC array. Returns void. - * @return void - */ - public function ClearBCCs() { - $this->bcc = array(); - } - - /** - * Clears all recipients assigned in the ReplyTo array. Returns void. - * @return void - */ - public function ClearReplyTos() { - $this->ReplyTo = array(); - } - - /** - * Clears all recipients assigned in the TO, CC and BCC - * array. Returns void. - * @return void - */ - public function ClearAllRecipients() { - $this->to = array(); - $this->cc = array(); - $this->bcc = array(); - } - - /** - * Clears all previously set filesystem, string, and binary - * attachments. Returns void. - * @return void - */ - public function ClearAttachments() { - $this->attachment = array(); - } - - /** - * Clears all custom headers. Returns void. - * @return void - */ - public function ClearCustomHeaders() { - $this->CustomHeader = array(); - } - - ///////////////////////////////////////////////// - // CLASS METHODS, MISCELLANEOUS - ///////////////////////////////////////////////// - - /** - * Adds the error message to the error container. - * Returns void. - * @access private - * @return void - */ - private function SetError($msg) { - $this->error_count++; - $this->ErrorInfo = $msg; - } - - /** - * Returns the proper RFC 822 formatted date. - * @access private - * @return string - */ - private static function RFCDate() { - $tz = date('Z'); - $tzs = ($tz < 0) ? '-' : '+'; - $tz = abs($tz); - $tz = (int)($tz/3600)*100 + ($tz%3600)/60; - $result = sprintf("%s %s%04d", date('D, j M Y H:i:s'), $tzs, $tz); - - return $result; - } - - /** - * Returns the server hostname or 'localhost.localdomain' if unknown. - * @access private - * @return string - */ - private function ServerHostname() { - if (!empty($this->Hostname)) { - $result = $this->Hostname; - } elseif (isset($_SERVER['SERVER_NAME'])) { - $result = $_SERVER['SERVER_NAME']; - } else { - $result = "localhost.localdomain"; - } - - return $result; - } - - /** - * Returns a message in the appropriate language. - * @access private - * @return string - */ - private function Lang($key) { - if(count($this->language) < 1) { - $this->SetLanguage('en'); // set the default language - } - - if(isset($this->language[$key])) { - return $this->language[$key]; - } else { - return 'Language string failed to load: ' . $key; - } - } - - /** - * Returns true if an error occurred. - * @access public - * @return bool - */ - public function IsError() { - return ($this->error_count > 0); - } - - /** - * Changes every end of line from CR or LF to CRLF. - * @access private - * @return string - */ - private function FixEOL($str) { - $str = str_replace("\r\n", "\n", $str); - $str = str_replace("\r", "\n", $str); - $str = str_replace("\n", $this->LE, $str); - return $str; - } - - /** - * Adds a custom header. - * @access public - * @return void - */ - public function AddCustomHeader($custom_header) { - $this->CustomHeader[] = explode(':', $custom_header, 2); - } - - /** - * Evaluates the message and returns modifications for inline images and backgrounds - * @access public - * @return $message - */ - public function MsgHTML($message,$basedir='') { - preg_match_all("/(src|background)=\"(.*)\"/Ui", $message, $images); - if(isset($images[2])) { - foreach($images[2] as $i => $url) { - // do not change urls for absolute images (thanks to corvuscorax) - if (!preg_match('/^[A-z][A-z]*:\/\//',$url)) { - $filename = basename($url); - $directory = dirname($url); - ($directory == '.')?$directory='':''; - $cid = 'cid:' . md5($filename); - $fileParts = split("\.", $filename); - $ext = $fileParts[1]; - $mimeType = $this->_mime_types($ext); - if ( strlen($basedir) > 1 && substr($basedir,-1) != '/') { $basedir .= '/'; } - if ( strlen($directory) > 1 && substr($basedir,-1) != '/') { $directory .= '/'; } - $this->AddEmbeddedImage($basedir.$directory.$filename, md5($filename), $filename, 'base64', $mimeType); - if ( $this->AddEmbeddedImage($basedir.$directory.$filename, md5($filename), $filename, 'base64',$mimeType) ) { - $message = preg_replace("/".$images[1][$i]."=\"".preg_quote($url, '/')."\"/Ui", $images[1][$i]."=\"".$cid."\"", $message); - } - } - } - } - $this->IsHTML(true); - $this->Body = $message; - $textMsg = trim(strip_tags(preg_replace('/<(head|title|style|script)[^>]*>.*?<\/\\1>/s','',$message))); - if ( !empty($textMsg) && empty($this->AltBody) ) { - $this->AltBody = $textMsg; - } - if ( empty($this->AltBody) ) { - $this->AltBody = 'To view this email message, open the email in with HTML compatibility!' . "\n\n"; - } - } - - /** - * Gets the mime type of the embedded or inline image - * @access public - * @return mime type of ext - */ - public function _mime_types($ext = '') { - $mimes = array( - 'hqx' => 'application/mac-binhex40', - 'cpt' => 'application/mac-compactpro', - 'doc' => 'application/msword', - 'bin' => 'application/macbinary', - 'dms' => 'application/octet-stream', - 'lha' => 'application/octet-stream', - 'lzh' => 'application/octet-stream', - 'exe' => 'application/octet-stream', - 'class' => 'application/octet-stream', - 'psd' => 'application/octet-stream', - 'so' => 'application/octet-stream', - 'sea' => 'application/octet-stream', - 'dll' => 'application/octet-stream', - 'oda' => 'application/oda', - 'pdf' => 'application/pdf', - 'ai' => 'application/postscript', - 'eps' => 'application/postscript', - 'ps' => 'application/postscript', - 'smi' => 'application/smil', - 'smil' => 'application/smil', - 'mif' => 'application/vnd.mif', - 'xls' => 'application/vnd.ms-excel', - 'ppt' => 'application/vnd.ms-powerpoint', - 'wbxml' => 'application/vnd.wap.wbxml', - 'wmlc' => 'application/vnd.wap.wmlc', - 'dcr' => 'application/x-director', - 'dir' => 'application/x-director', - 'dxr' => 'application/x-director', - 'dvi' => 'application/x-dvi', - 'gtar' => 'application/x-gtar', - 'php' => 'application/x-httpd-php', - 'php4' => 'application/x-httpd-php', - 'php3' => 'application/x-httpd-php', - 'phtml' => 'application/x-httpd-php', - 'phps' => 'application/x-httpd-php-source', - 'js' => 'application/x-javascript', - 'swf' => 'application/x-shockwave-flash', - 'sit' => 'application/x-stuffit', - 'tar' => 'application/x-tar', - 'tgz' => 'application/x-tar', - 'xhtml' => 'application/xhtml+xml', - 'xht' => 'application/xhtml+xml', - 'zip' => 'application/zip', - 'mid' => 'audio/midi', - 'midi' => 'audio/midi', - 'mpga' => 'audio/mpeg', - 'mp2' => 'audio/mpeg', - 'mp3' => 'audio/mpeg', - 'aif' => 'audio/x-aiff', - 'aiff' => 'audio/x-aiff', - 'aifc' => 'audio/x-aiff', - 'ram' => 'audio/x-pn-realaudio', - 'rm' => 'audio/x-pn-realaudio', - 'rpm' => 'audio/x-pn-realaudio-plugin', - 'ra' => 'audio/x-realaudio', - 'rv' => 'video/vnd.rn-realvideo', - 'wav' => 'audio/x-wav', - 'bmp' => 'image/bmp', - 'gif' => 'image/gif', - 'jpeg' => 'image/jpeg', - 'jpg' => 'image/jpeg', - 'jpe' => 'image/jpeg', - 'png' => 'image/png', - 'tiff' => 'image/tiff', - 'tif' => 'image/tiff', - 'css' => 'text/css', - 'html' => 'text/html', - 'htm' => 'text/html', - 'shtml' => 'text/html', - 'txt' => 'text/plain', - 'text' => 'text/plain', - 'log' => 'text/plain', - 'rtx' => 'text/richtext', - 'rtf' => 'text/rtf', - 'xml' => 'text/xml', - 'xsl' => 'text/xml', - 'mpeg' => 'video/mpeg', - 'mpg' => 'video/mpeg', - 'mpe' => 'video/mpeg', - 'qt' => 'video/quicktime', - 'mov' => 'video/quicktime', - 'avi' => 'video/x-msvideo', - 'movie' => 'video/x-sgi-movie', - 'doc' => 'application/msword', - 'word' => 'application/msword', - 'xl' => 'application/excel', - 'eml' => 'message/rfc822' - ); - return ( ! isset($mimes[strtolower($ext)])) ? 'application/octet-stream' : $mimes[strtolower($ext)]; - } - - /** - * Set (or reset) Class Objects (variables) - * - * Usage Example: - * $page->set('X-Priority', '3'); - * - * @access public - * @param string $name Parameter Name - * @param mixed $value Parameter Value - * NOTE: will not work with arrays, there are no arrays to set/reset - */ - public function set ( $name, $value = '' ) { - if ( isset($this->$name) ) { - $this->$name = $value; - } else { - $this->SetError('Cannot set or reset variable ' . $name); - return false; - } - } - - /** - * Read a file from a supplied filename and return it. - * - * @access public - * @param string $filename Parameter File Name - */ - public function getFile($filename) { - $return = ''; - if ($fp = fopen($filename, 'rb')) { - while (!feof($fp)) { - $return .= fread($fp, 1024); - } - fclose($fp); - return $return; - } else { - return false; - } - } - - /** - * Strips newlines to prevent header injection. - * @access public - * @param string $str String - * @return string - */ - public function SecureHeader($str) { - $str = trim($str); - $str = str_replace("\r", "", $str); - $str = str_replace("\n", "", $str); - return $str; - } - - /** - * Set the private key file and password to sign the message. - * - * @access public - * @param string $key_filename Parameter File Name - * @param string $key_pass Password for private key - */ - public function Sign($cert_filename, $key_filename, $key_pass) { - $this->sign_cert_file = $cert_filename; - $this->sign_key_file = $key_filename; - $this->sign_key_pass = $key_pass; - } -} - -?> diff --git a/central/trunk/class.smtp.php b/central/trunk/class.smtp.php deleted file mode 100644 index f1c9cfe..0000000 --- a/central/trunk/class.smtp.php +++ /dev/null @@ -1,1113 +0,0 @@ -smtp_conn = 0; - $this->error = null; - $this->helo_rply = null; - - $this->do_debug = 0; - } - - /************************************************************* - * CONNECTION FUNCTIONS * - ***********************************************************/ - - /** - * Connect to the server specified on the port specified. - * If the port is not specified use the default SMTP_PORT. - * If tval is specified then a connection will try and be - * established with the server for that number of seconds. - * If tval is not specified the default is 30 seconds to - * try on the connection. - * - * SMTP CODE SUCCESS: 220 - * SMTP CODE FAILURE: 421 - * @access public - * @return bool - */ - public function Connect($host,$port=0,$tval=30) { - /* set the error val to null so there is no confusion */ - $this->error = null; - - /* make sure we are __not__ connected */ - if($this->connected()) { - /* ok we are connected! what should we do? - * for now we will just give an error saying we - * are already connected - */ - $this->error = array("error" => "Already connected to a server"); - return false; - } - - if(empty($port)) { - $port = $this->SMTP_PORT; - } - - /* connect to the smtp server */ - $this->smtp_conn = fsockopen($host, // the host of the server - $port, // the port to use - $errno, // error number if any - $errstr, // error message if any - $tval); // give up after ? secs - /* verify we connected properly */ - if(empty($this->smtp_conn)) { - $this->error = array("error" => "Failed to connect to server", - "errno" => $errno, - "errstr" => $errstr); - if($this->do_debug >= 1) { - echo "SMTP -> ERROR: " . $this->error["error"] . - ": $errstr ($errno)" . $this->CRLF; - } - return false; - } - - /* sometimes the SMTP server takes a little longer to respond - * so we will give it a longer timeout for the first read - * - Windows still does not have support for this timeout function - */ - if(substr(PHP_OS, 0, 3) != "WIN") - socket_set_timeout($this->smtp_conn, $tval, 0); - - /* get any announcement stuff */ - $announce = $this->get_lines(); - - /* set the timeout of any socket functions at 1/10 of a second */ - //if(function_exists("socket_set_timeout")) - // socket_set_timeout($this->smtp_conn, 0, 100000); - - if($this->do_debug >= 2) { - echo "SMTP -> FROM SERVER:" . $this->CRLF . $announce; - } - - return true; - } - - /** - * Initiate a TSL communication with the server. - * - * SMTP CODE 220 Ready to start TLS - * SMTP CODE 501 Syntax error (no parameters allowed) - * SMTP CODE 454 TLS not available due to temporary reason - * @access public - * @return bool success - */ - public function StartTLS() { - $this->error = null; # to avoid confusion - - if(!$this->connected()) { - $this->error = array("error" => "Called StartTLS() without being connected"); - return false; - } - - fputs($this->smtp_conn,"STARTTLS" . $extra . $this->CRLF); - - $rply = $this->get_lines(); - $code = substr($rply,0,3); - - if($this->do_debug >= 2) { - echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; - } - - if($code != 220) { - $this->error = - array("error" => "STARTTLS not accepted from server", - "smtp_code" => $code, - "smtp_msg" => substr($rply,4)); - if($this->do_debug >= 1) { - echo "SMTP -> ERROR: " . $this->error["error"] . ": " . $rply . $this->CRLF; - } - return false; - } - - //Begin encrypted connection - if(!stream_socket_enable_crypto($this->smtp_conn, true, STREAM_CRYPTO_METHOD_TLS_CLIENT)) { - return false; - } - - return true; - } - - /** - * Performs SMTP authentication. Must be run after running the - * Hello() method. Returns true if successfully authenticated. - * @access public - * @return bool - */ - public function Authenticate($username, $password) { - // Start authentication - fputs($this->smtp_conn,"AUTH LOGIN" . $this->CRLF); - - $rply = $this->get_lines(); - $code = substr($rply,0,3); - - if($code != 334) { - $this->error = - array("error" => "AUTH not accepted from server", - "smtp_code" => $code, - "smtp_msg" => substr($rply,4)); - if($this->do_debug >= 1) { - echo "SMTP -> ERROR: " . $this->error["error"] . - ": " . $rply . $this->CRLF; - } - return false; - } - - // Send encoded username - fputs($this->smtp_conn, base64_encode($username) . $this->CRLF); - - $rply = $this->get_lines(); - $code = substr($rply,0,3); - - if($code != 334) { - $this->error = - array("error" => "Username not accepted from server", - "smtp_code" => $code, - "smtp_msg" => substr($rply,4)); - if($this->do_debug >= 1) { - echo "SMTP -> ERROR: " . $this->error["error"] . - ": " . $rply . $this->CRLF; - } - return false; - } - - // Send encoded password - fputs($this->smtp_conn, base64_encode($password) . $this->CRLF); - - $rply = $this->get_lines(); - $code = substr($rply,0,3); - - if($code != 235) { - $this->error = - array("error" => "Password not accepted from server", - "smtp_code" => $code, - "smtp_msg" => substr($rply,4)); - if($this->do_debug >= 1) { - echo "SMTP -> ERROR: " . $this->error["error"] . - ": " . $rply . $this->CRLF; - } - return false; - } - - return true; - } - - /** - * Returns true if connected to a server otherwise false - * @access public - * @return bool - */ - public function Connected() { - if(!empty($this->smtp_conn)) { - $sock_status = socket_get_status($this->smtp_conn); - if($sock_status["eof"]) { - // hmm this is an odd situation... the socket is - // valid but we are not connected anymore - if($this->do_debug >= 1) { - echo "SMTP -> NOTICE:" . $this->CRLF . - "EOF caught while checking if connected"; - } - $this->Close(); - return false; - } - return true; // everything looks good - } - return false; - } - - /** - * Closes the socket and cleans up the state of the class. - * It is not considered good to use this function without - * first trying to use QUIT. - * @access public - * @return void - */ - public function Close() { - $this->error = null; // so there is no confusion - $this->helo_rply = null; - if(!empty($this->smtp_conn)) { - // close the connection and cleanup - fclose($this->smtp_conn); - $this->smtp_conn = 0; - } - } - - /*************************************************************** - * SMTP COMMANDS * - *************************************************************/ - - /** - * Issues a data command and sends the msg_data to the server - * finializing the mail transaction. $msg_data is the message - * that is to be send with the headers. Each header needs to be - * on a single line followed by a with the message headers - * and the message body being seperated by and additional . - * - * Implements rfc 821: DATA - * - * SMTP CODE INTERMEDIATE: 354 - * [data] - * . - * SMTP CODE SUCCESS: 250 - * SMTP CODE FAILURE: 552,554,451,452 - * SMTP CODE FAILURE: 451,554 - * SMTP CODE ERROR : 500,501,503,421 - * @access public - * @return bool - */ - public function Data($msg_data) { - $this->error = null; // so no confusion is caused - - if(!$this->connected()) { - $this->error = array( - "error" => "Called Data() without being connected"); - return false; - } - - fputs($this->smtp_conn,"DATA" . $this->CRLF); - - $rply = $this->get_lines(); - $code = substr($rply,0,3); - - if($this->do_debug >= 2) { - echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; - } - - if($code != 354) { - $this->error = - array("error" => "DATA command not accepted from server", - "smtp_code" => $code, - "smtp_msg" => substr($rply,4)); - if($this->do_debug >= 1) { - echo "SMTP -> ERROR: " . $this->error["error"] . - ": " . $rply . $this->CRLF; - } - return false; - } - - /* the server is ready to accept data! - * according to rfc 821 we should not send more than 1000 - * including the CRLF - * characters on a single line so we will break the data up - * into lines by \r and/or \n then if needed we will break - * each of those into smaller lines to fit within the limit. - * in addition we will be looking for lines that start with - * a period '.' and append and additional period '.' to that - * line. NOTE: this does not count towards are limit. - */ - - // normalize the line breaks so we know the explode works - $msg_data = str_replace("\r\n","\n",$msg_data); - $msg_data = str_replace("\r","\n",$msg_data); - $lines = explode("\n",$msg_data); - - /* we need to find a good way to determine is headers are - * in the msg_data or if it is a straight msg body - * currently I am assuming rfc 822 definitions of msg headers - * and if the first field of the first line (':' sperated) - * does not contain a space then it _should_ be a header - * and we can process all lines before a blank "" line as - * headers. - */ - $field = substr($lines[0],0,strpos($lines[0],":")); - $in_headers = false; - if(!empty($field) && !strstr($field," ")) { - $in_headers = true; - } - - $max_line_length = 998; // used below; set here for ease in change - - while(list(,$line) = @each($lines)) { - $lines_out = null; - if($line == "" && $in_headers) { - $in_headers = false; - } - // ok we need to break this line up into several smaller lines - while(strlen($line) > $max_line_length) { - $pos = strrpos(substr($line,0,$max_line_length)," "); - - // Patch to fix DOS attack - if(!$pos) { - $pos = $max_line_length - 1; - $lines_out[] = substr($line,0,$pos); - $line = substr($line,$pos); - } else { - $lines_out[] = substr($line,0,$pos); - $line = substr($line,$pos + 1); - } - - /* if we are processing headers we need to - * add a LWSP-char to the front of the new line - * rfc 822 on long msg headers - */ - if($in_headers) { - $line = "\t" . $line; - } - } - $lines_out[] = $line; - - // now send the lines to the server - while(list(,$line_out) = @each($lines_out)) { - if(strlen($line_out) > 0) - { - if(substr($line_out, 0, 1) == ".") { - $line_out = "." . $line_out; - } - } - fputs($this->smtp_conn,$line_out . $this->CRLF); - } - } - - // ok all the message data has been sent so lets get this - // over with aleady - fputs($this->smtp_conn, $this->CRLF . "." . $this->CRLF); - - $rply = $this->get_lines(); - $code = substr($rply,0,3); - - if($this->do_debug >= 2) { - echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; - } - - if($code != 250) { - $this->error = - array("error" => "DATA not accepted from server", - "smtp_code" => $code, - "smtp_msg" => substr($rply,4)); - if($this->do_debug >= 1) { - echo "SMTP -> ERROR: " . $this->error["error"] . - ": " . $rply . $this->CRLF; - } - return false; - } - return true; - } - - /** - * Expand takes the name and asks the server to list all the - * people who are members of the _list_. Expand will return - * back and array of the result or false if an error occurs. - * Each value in the array returned has the format of: - * [ ] - * The definition of is defined in rfc 821 - * - * Implements rfc 821: EXPN - * - * SMTP CODE SUCCESS: 250 - * SMTP CODE FAILURE: 550 - * SMTP CODE ERROR : 500,501,502,504,421 - * @access public - * @return string array - */ - public function Expand($name) { - $this->error = null; // so no confusion is caused - - if(!$this->connected()) { - $this->error = array( - "error" => "Called Expand() without being connected"); - return false; - } - - fputs($this->smtp_conn,"EXPN " . $name . $this->CRLF); - - $rply = $this->get_lines(); - $code = substr($rply,0,3); - - if($this->do_debug >= 2) { - echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; - } - - if($code != 250) { - $this->error = - array("error" => "EXPN not accepted from server", - "smtp_code" => $code, - "smtp_msg" => substr($rply,4)); - if($this->do_debug >= 1) { - echo "SMTP -> ERROR: " . $this->error["error"] . - ": " . $rply . $this->CRLF; - } - return false; - } - - // parse the reply and place in our array to return to user - $entries = explode($this->CRLF,$rply); - while(list(,$l) = @each($entries)) { - $list[] = substr($l,4); - } - - return $list; - } - - /** - * Sends the HELO command to the smtp server. - * This makes sure that we and the server are in - * the same known state. - * - * Implements from rfc 821: HELO - * - * SMTP CODE SUCCESS: 250 - * SMTP CODE ERROR : 500, 501, 504, 421 - * @access public - * @return bool - */ - public function Hello($host="") { - $this->error = null; // so no confusion is caused - - if(!$this->connected()) { - $this->error = array( - "error" => "Called Hello() without being connected"); - return false; - } - - // if a hostname for the HELO was not specified determine - //a suitable one to send - if(empty($host)) { - // we need to determine some sort of appopiate default - // to send to the server - $host = "localhost"; - } - - // Send extended hello first (RFC 2821) - if(!$this->SendHello("EHLO", $host)) - { - if(!$this->SendHello("HELO", $host)) - return false; - } - - return true; - } - - /** - * Sends a HELO/EHLO command. - * @access private - * @return bool - */ - private function SendHello($hello, $host) { - fputs($this->smtp_conn, $hello . " " . $host . $this->CRLF); - - $rply = $this->get_lines(); - $code = substr($rply,0,3); - - if($this->do_debug >= 2) { - echo "SMTP -> FROM SERVER: " . $this->CRLF . $rply; - } - - if($code != 250) { - $this->error = - array("error" => $hello . " not accepted from server", - "smtp_code" => $code, - "smtp_msg" => substr($rply,4)); - if($this->do_debug >= 1) { - echo "SMTP -> ERROR: " . $this->error["error"] . - ": " . $rply . $this->CRLF; - } - return false; - } - - $this->helo_rply = $rply; - - return true; - } - - /** - * Gets help information on the keyword specified. If the keyword - * is not specified then returns generic help, ussually contianing - * A list of keywords that help is available on. This function - * returns the results back to the user. It is up to the user to - * handle the returned data. If an error occurs then false is - * returned with $this->error set appropiately. - * - * Implements rfc 821: HELP [ ] - * - * SMTP CODE SUCCESS: 211,214 - * SMTP CODE ERROR : 500,501,502,504,421 - * @access public - * @return string - */ - public function Help($keyword="") { - $this->error = null; // to avoid confusion - - if(!$this->connected()) { - $this->error = array( - "error" => "Called Help() without being connected"); - return false; - } - - $extra = ""; - if(!empty($keyword)) { - $extra = " " . $keyword; - } - - fputs($this->smtp_conn,"HELP" . $extra . $this->CRLF); - - $rply = $this->get_lines(); - $code = substr($rply,0,3); - - if($this->do_debug >= 2) { - echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; - } - - if($code != 211 && $code != 214) { - $this->error = - array("error" => "HELP not accepted from server", - "smtp_code" => $code, - "smtp_msg" => substr($rply,4)); - if($this->do_debug >= 1) { - echo "SMTP -> ERROR: " . $this->error["error"] . - ": " . $rply . $this->CRLF; - } - return false; - } - - return $rply; - } - - /** - * Starts a mail transaction from the email address specified in - * $from. Returns true if successful or false otherwise. If True - * the mail transaction is started and then one or more Recipient - * commands may be called followed by a Data command. - * - * Implements rfc 821: MAIL FROM: - * - * SMTP CODE SUCCESS: 250 - * SMTP CODE SUCCESS: 552,451,452 - * SMTP CODE SUCCESS: 500,501,421 - * @access public - * @return bool - */ - public function Mail($from) { - $this->error = null; // so no confusion is caused - - if(!$this->connected()) { - $this->error = array( - "error" => "Called Mail() without being connected"); - return false; - } - - $useVerp = ($this->do_verp ? "XVERP" : ""); - fputs($this->smtp_conn,"MAIL FROM:<" . $from . ">" . $useVerp . $this->CRLF); - - $rply = $this->get_lines(); - $code = substr($rply,0,3); - - if($this->do_debug >= 2) { - echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; - } - - if($code != 250) { - $this->error = - array("error" => "MAIL not accepted from server", - "smtp_code" => $code, - "smtp_msg" => substr($rply,4)); - if($this->do_debug >= 1) { - echo "SMTP -> ERROR: " . $this->error["error"] . - ": " . $rply . $this->CRLF; - } - return false; - } - return true; - } - - /** - * Sends the command NOOP to the SMTP server. - * - * Implements from rfc 821: NOOP - * - * SMTP CODE SUCCESS: 250 - * SMTP CODE ERROR : 500, 421 - * @access public - * @return bool - */ - public function Noop() { - $this->error = null; // so no confusion is caused - - if(!$this->connected()) { - $this->error = array( - "error" => "Called Noop() without being connected"); - return false; - } - - fputs($this->smtp_conn,"NOOP" . $this->CRLF); - - $rply = $this->get_lines(); - $code = substr($rply,0,3); - - if($this->do_debug >= 2) { - echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; - } - - if($code != 250) { - $this->error = - array("error" => "NOOP not accepted from server", - "smtp_code" => $code, - "smtp_msg" => substr($rply,4)); - if($this->do_debug >= 1) { - echo "SMTP -> ERROR: " . $this->error["error"] . - ": " . $rply . $this->CRLF; - } - return false; - } - return true; - } - - /** - * Sends the quit command to the server and then closes the socket - * if there is no error or the $close_on_error argument is true. - * - * Implements from rfc 821: QUIT - * - * SMTP CODE SUCCESS: 221 - * SMTP CODE ERROR : 500 - * @access public - * @return bool - */ - public function Quit($close_on_error=true) { - $this->error = null; // so there is no confusion - - if(!$this->connected()) { - $this->error = array( - "error" => "Called Quit() without being connected"); - return false; - } - - // send the quit command to the server - fputs($this->smtp_conn,"quit" . $this->CRLF); - - // get any good-bye messages - $byemsg = $this->get_lines(); - - if($this->do_debug >= 2) { - echo "SMTP -> FROM SERVER:" . $this->CRLF . $byemsg; - } - - $rval = true; - $e = null; - - $code = substr($byemsg,0,3); - if($code != 221) { - // use e as a tmp var cause Close will overwrite $this->error - $e = array("error" => "SMTP server rejected quit command", - "smtp_code" => $code, - "smtp_rply" => substr($byemsg,4)); - $rval = false; - if($this->do_debug >= 1) { - echo "SMTP -> ERROR: " . $e["error"] . ": " . - $byemsg . $this->CRLF; - } - } - - if(empty($e) || $close_on_error) { - $this->Close(); - } - - return $rval; - } - - /** - * Sends the command RCPT to the SMTP server with the TO: argument of $to. - * Returns true if the recipient was accepted false if it was rejected. - * - * Implements from rfc 821: RCPT TO: - * - * SMTP CODE SUCCESS: 250,251 - * SMTP CODE FAILURE: 550,551,552,553,450,451,452 - * SMTP CODE ERROR : 500,501,503,421 - * @access public - * @return bool - */ - public function Recipient($to) { - $this->error = null; // so no confusion is caused - - if(!$this->connected()) { - $this->error = array( - "error" => "Called Recipient() without being connected"); - return false; - } - - fputs($this->smtp_conn,"RCPT TO:<" . $to . ">" . $this->CRLF); - - $rply = $this->get_lines(); - $code = substr($rply,0,3); - - if($this->do_debug >= 2) { - echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; - } - - if($code != 250 && $code != 251) { - $this->error = - array("error" => "RCPT not accepted from server", - "smtp_code" => $code, - "smtp_msg" => substr($rply,4)); - if($this->do_debug >= 1) { - echo "SMTP -> ERROR: " . $this->error["error"] . - ": " . $rply . $this->CRLF; - } - return false; - } - return true; - } - - /** - * Sends the RSET command to abort and transaction that is - * currently in progress. Returns true if successful false - * otherwise. - * - * Implements rfc 821: RSET - * - * SMTP CODE SUCCESS: 250 - * SMTP CODE ERROR : 500,501,504,421 - * @access public - * @return bool - */ - public function Reset() { - $this->error = null; // so no confusion is caused - - if(!$this->connected()) { - $this->error = array( - "error" => "Called Reset() without being connected"); - return false; - } - - fputs($this->smtp_conn,"RSET" . $this->CRLF); - - $rply = $this->get_lines(); - $code = substr($rply,0,3); - - if($this->do_debug >= 2) { - echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; - } - - if($code != 250) { - $this->error = - array("error" => "RSET failed", - "smtp_code" => $code, - "smtp_msg" => substr($rply,4)); - if($this->do_debug >= 1) { - echo "SMTP -> ERROR: " . $this->error["error"] . - ": " . $rply . $this->CRLF; - } - return false; - } - - return true; - } - - /** - * Starts a mail transaction from the email address specified in - * $from. Returns true if successful or false otherwise. If True - * the mail transaction is started and then one or more Recipient - * commands may be called followed by a Data command. This command - * will send the message to the users terminal if they are logged - * in. - * - * Implements rfc 821: SEND FROM: - * - * SMTP CODE SUCCESS: 250 - * SMTP CODE SUCCESS: 552,451,452 - * SMTP CODE SUCCESS: 500,501,502,421 - * @access public - * @return bool - */ - public function Send($from) { - $this->error = null; // so no confusion is caused - - if(!$this->connected()) { - $this->error = array( - "error" => "Called Send() without being connected"); - return false; - } - - fputs($this->smtp_conn,"SEND FROM:" . $from . $this->CRLF); - - $rply = $this->get_lines(); - $code = substr($rply,0,3); - - if($this->do_debug >= 2) { - echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; - } - - if($code != 250) { - $this->error = - array("error" => "SEND not accepted from server", - "smtp_code" => $code, - "smtp_msg" => substr($rply,4)); - if($this->do_debug >= 1) { - echo "SMTP -> ERROR: " . $this->error["error"] . - ": " . $rply . $this->CRLF; - } - return false; - } - return true; - } - - /** - * Starts a mail transaction from the email address specified in - * $from. Returns true if successful or false otherwise. If True - * the mail transaction is started and then one or more Recipient - * commands may be called followed by a Data command. This command - * will send the message to the users terminal if they are logged - * in and send them an email. - * - * Implements rfc 821: SAML FROM: - * - * SMTP CODE SUCCESS: 250 - * SMTP CODE SUCCESS: 552,451,452 - * SMTP CODE SUCCESS: 500,501,502,421 - * @access public - * @return bool - */ - public function SendAndMail($from) { - $this->error = null; // so no confusion is caused - - if(!$this->connected()) { - $this->error = array( - "error" => "Called SendAndMail() without being connected"); - return false; - } - - fputs($this->smtp_conn,"SAML FROM:" . $from . $this->CRLF); - - $rply = $this->get_lines(); - $code = substr($rply,0,3); - - if($this->do_debug >= 2) { - echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; - } - - if($code != 250) { - $this->error = - array("error" => "SAML not accepted from server", - "smtp_code" => $code, - "smtp_msg" => substr($rply,4)); - if($this->do_debug >= 1) { - echo "SMTP -> ERROR: " . $this->error["error"] . - ": " . $rply . $this->CRLF; - } - return false; - } - return true; - } - - /** - * Starts a mail transaction from the email address specified in - * $from. Returns true if successful or false otherwise. If True - * the mail transaction is started and then one or more Recipient - * commands may be called followed by a Data command. This command - * will send the message to the users terminal if they are logged - * in or mail it to them if they are not. - * - * Implements rfc 821: SOML FROM: - * - * SMTP CODE SUCCESS: 250 - * SMTP CODE SUCCESS: 552,451,452 - * SMTP CODE SUCCESS: 500,501,502,421 - * @access public - * @return bool - */ - public function SendOrMail($from) { - $this->error = null; // so no confusion is caused - - if(!$this->connected()) { - $this->error = array( - "error" => "Called SendOrMail() without being connected"); - return false; - } - - fputs($this->smtp_conn,"SOML FROM:" . $from . $this->CRLF); - - $rply = $this->get_lines(); - $code = substr($rply,0,3); - - if($this->do_debug >= 2) { - echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; - } - - if($code != 250) { - $this->error = - array("error" => "SOML not accepted from server", - "smtp_code" => $code, - "smtp_msg" => substr($rply,4)); - if($this->do_debug >= 1) { - echo "SMTP -> ERROR: " . $this->error["error"] . - ": " . $rply . $this->CRLF; - } - return false; - } - return true; - } - - /** - * This is an optional command for SMTP that this class does not - * support. This method is here to make the RFC821 Definition - * complete for this class and __may__ be implimented in the future - * - * Implements from rfc 821: TURN - * - * SMTP CODE SUCCESS: 250 - * SMTP CODE FAILURE: 502 - * SMTP CODE ERROR : 500, 503 - * @access public - * @return bool - */ - public function Turn() { - $this->error = array("error" => "This method, TURN, of the SMTP ". - "is not implemented"); - if($this->do_debug >= 1) { - echo "SMTP -> NOTICE: " . $this->error["error"] . $this->CRLF; - } - return false; - } - - /** - * Verifies that the name is recognized by the server. - * Returns false if the name could not be verified otherwise - * the response from the server is returned. - * - * Implements rfc 821: VRFY - * - * SMTP CODE SUCCESS: 250,251 - * SMTP CODE FAILURE: 550,551,553 - * SMTP CODE ERROR : 500,501,502,421 - * @access public - * @return int - */ - public function Verify($name) { - $this->error = null; // so no confusion is caused - - if(!$this->connected()) { - $this->error = array( - "error" => "Called Verify() without being connected"); - return false; - } - - fputs($this->smtp_conn,"VRFY " . $name . $this->CRLF); - - $rply = $this->get_lines(); - $code = substr($rply,0,3); - - if($this->do_debug >= 2) { - echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; - } - - if($code != 250 && $code != 251) { - $this->error = - array("error" => "VRFY failed on name '$name'", - "smtp_code" => $code, - "smtp_msg" => substr($rply,4)); - if($this->do_debug >= 1) { - echo "SMTP -> ERROR: " . $this->error["error"] . - ": " . $rply . $this->CRLF; - } - return false; - } - return $rply; - } - - /******************************************************************* - * INTERNAL FUNCTIONS * - ******************************************************************/ - - /** - * Read in as many lines as possible - * either before eof or socket timeout occurs on the operation. - * With SMTP we can tell if we have more lines to read if the - * 4th character is '-' symbol. If it is a space then we don't - * need to read anything else. - * @access private - * @return string - */ - private function get_lines() { - $data = ""; - while($str = @fgets($this->smtp_conn,515)) { - if($this->do_debug >= 4) { - echo "SMTP -> get_lines(): \$data was \"$data\"" . - $this->CRLF; - echo "SMTP -> get_lines(): \$str is \"$str\"" . - $this->CRLF; - } - $data .= $str; - if($this->do_debug >= 4) { - echo "SMTP -> get_lines(): \$data is \"$data\"" . $this->CRLF; - } - // if the 4th character is a space then we are done reading - // so just break the loop - if(substr($str,3,1) == " ") { break; } - } - return $data; - } - -} - - - ?> diff --git a/central/trunk/db.php b/central/trunk/db.php deleted file mode 100644 index 168d303..0000000 --- a/central/trunk/db.php +++ /dev/null @@ -1,28 +0,0 @@ - diff --git a/central/trunk/includes/class.phpmailer.php b/central/trunk/includes/class.phpmailer.php new file mode 100644 index 0000000..51a50e7 --- /dev/null +++ b/central/trunk/includes/class.phpmailer.php @@ -0,0 +1,1897 @@ +ContentType = 'text/html'; + } else { + $this->ContentType = 'text/plain'; + } + } + + /** + * Sets Mailer to send message using SMTP. + * @return void + */ + public function IsSMTP() { + $this->Mailer = 'smtp'; + } + + /** + * Sets Mailer to send message using PHP mail() function. + * @return void + */ + public function IsMail() { + $this->Mailer = 'mail'; + } + + /** + * Sets Mailer to send message using the $Sendmail program. + * @return void + */ + public function IsSendmail() { + $this->Mailer = 'sendmail'; + } + + /** + * Sets Mailer to send message using the qmail MTA. + * @return void + */ + public function IsQmail() { + $this->Sendmail = '/var/qmail/bin/sendmail'; + $this->Mailer = 'sendmail'; + } + + ///////////////////////////////////////////////// + // METHODS, RECIPIENTS + ///////////////////////////////////////////////// + + /** + * Adds a "To" address. + * @param string $address + * @param string $name + * @return void + */ + public function AddAddress($address, $name = '') { + $cur = count($this->to); + $this->to[$cur][0] = trim($address); + $this->to[$cur][1] = $name; + } + + /** + * Adds a "Cc" address. Note: this function works + * with the SMTP mailer on win32, not with the "mail" + * mailer. + * @param string $address + * @param string $name + * @return void + */ + public function AddCC($address, $name = '') { + $cur = count($this->cc); + $this->cc[$cur][0] = trim($address); + $this->cc[$cur][1] = $name; + } + + /** + * Adds a "Bcc" address. Note: this function works + * with the SMTP mailer on win32, not with the "mail" + * mailer. + * @param string $address + * @param string $name + * @return void + */ + public function AddBCC($address, $name = '') { + $cur = count($this->bcc); + $this->bcc[$cur][0] = trim($address); + $this->bcc[$cur][1] = $name; + } + + /** + * Adds a "Reply-to" address. + * @param string $address + * @param string $name + * @return void + */ + public function AddReplyTo($address, $name = '') { + $cur = count($this->ReplyTo); + $this->ReplyTo[$cur][0] = trim($address); + $this->ReplyTo[$cur][1] = $name; + } + + ///////////////////////////////////////////////// + // METHODS, MAIL SENDING + ///////////////////////////////////////////////// + + /** + * Creates message and assigns Mailer. If the message is + * not sent successfully then it returns false. Use the ErrorInfo + * variable to view description of the error. + * @return bool + */ + public function Send() { + $header = ''; + $body = ''; + $result = true; + + if((count($this->to) + count($this->cc) + count($this->bcc)) < 1) { + $this->SetError($this->Lang('provide_address')); + return false; + } + + /* Set whether the message is multipart/alternative */ + if(!empty($this->AltBody)) { + $this->ContentType = 'multipart/alternative'; + } + + $this->error_count = 0; // reset errors + $this->SetMessageType(); + $header .= $this->CreateHeader(); + $body = $this->CreateBody(); + + if($body == '') { + return false; + } + + /* Choose the mailer */ + switch($this->Mailer) { + case 'sendmail': + $result = $this->SendmailSend($header, $body); + break; + case 'smtp': + $result = $this->SmtpSend($header, $body); + break; + case 'mail': + $result = $this->MailSend($header, $body); + break; + default: + $result = $this->MailSend($header, $body); + break; + //$this->SetError($this->Mailer . $this->Lang('mailer_not_supported')); + //$result = false; + //break; + } + + return $result; + } + + /** + * Sends mail using the $Sendmail program. + * @access public + * @return bool + */ + public function SendmailSend($header, $body) { + if ($this->Sender != '') { + $sendmail = sprintf("%s -oi -f %s -t", escapeshellcmd($this->Sendmail), escapeshellarg($this->Sender)); + } else { + $sendmail = sprintf("%s -oi -t", escapeshellcmd($this->Sendmail)); + } + + if(!@$mail = popen($sendmail, 'w')) { + $this->SetError($this->Lang('execute') . $this->Sendmail); + return false; + } + + fputs($mail, $header); + fputs($mail, $body); + + $result = pclose($mail); + if (version_compare(phpversion(), '4.2.3') == -1) { + $result = $result >> 8 & 0xFF; + } + if($result != 0) { + $this->SetError($this->Lang('execute') . $this->Sendmail); + return false; + } + + return true; + } + + /** + * Sends mail using the PHP mail() function. + * @access public + * @return bool + */ + public function MailSend($header, $body) { + + $to = ''; + for($i = 0; $i < count($this->to); $i++) { + if($i != 0) { $to .= ', '; } + $to .= $this->AddrFormat($this->to[$i]); + } + + $toArr = split(',', $to); + + $params = sprintf("-oi -f %s", $this->Sender); + if ($this->Sender != '' && strlen(ini_get('safe_mode'))< 1) { + $old_from = ini_get('sendmail_from'); + ini_set('sendmail_from', $this->Sender); + if ($this->SingleTo === true && count($toArr) > 1) { + foreach ($toArr as $key => $val) { + $rt = @mail($val, $this->EncodeHeader($this->SecureHeader($this->Subject)), $body, $header, $params); + } + } else { + $rt = @mail($to, $this->EncodeHeader($this->SecureHeader($this->Subject)), $body, $header, $params); + } + } else { + if ($this->SingleTo === true && count($toArr) > 1) { + foreach ($toArr as $key => $val) { + $rt = @mail($val, $this->EncodeHeader($this->SecureHeader($this->Subject)), $body, $header, $params); + } + } else { + $rt = @mail($to, $this->EncodeHeader($this->SecureHeader($this->Subject)), $body, $header); + } + } + + if (isset($old_from)) { + ini_set('sendmail_from', $old_from); + } + + if(!$rt) { + $this->SetError($this->Lang('instantiate')); + return false; + } + + return true; + } + + /** + * Sends mail via SMTP using PhpSMTP (Author: + * Chris Ryan). Returns bool. Returns false if there is a + * bad MAIL FROM, RCPT, or DATA input. + * @access public + * @return bool + */ + public function SmtpSend($header, $body) { + include_once($this->PluginDir . 'class.smtp.php'); + $error = ''; + $bad_rcpt = array(); + + if(!$this->SmtpConnect()) { + return false; + } + + $smtp_from = ($this->Sender == '') ? $this->From : $this->Sender; + if(!$this->smtp->Mail($smtp_from)) { + $error = $this->Lang('from_failed') . $smtp_from; + $this->SetError($error); + $this->smtp->Reset(); + return false; + } + + /* Attempt to send attach all recipients */ + for($i = 0; $i < count($this->to); $i++) { + if(!$this->smtp->Recipient($this->to[$i][0])) { + $bad_rcpt[] = $this->to[$i][0]; + } + } + for($i = 0; $i < count($this->cc); $i++) { + if(!$this->smtp->Recipient($this->cc[$i][0])) { + $bad_rcpt[] = $this->cc[$i][0]; + } + } + for($i = 0; $i < count($this->bcc); $i++) { + if(!$this->smtp->Recipient($this->bcc[$i][0])) { + $bad_rcpt[] = $this->bcc[$i][0]; + } + } + + if(count($bad_rcpt) > 0) { // Create error message + for($i = 0; $i < count($bad_rcpt); $i++) { + if($i != 0) { + $error .= ', '; + } + $error .= $bad_rcpt[$i]; + } + $error = $this->Lang('recipients_failed') . $error; + $this->SetError($error); + $this->smtp->Reset(); + return false; + } + + if(!$this->smtp->Data($header . $body)) { + $this->SetError($this->Lang('data_not_accepted')); + $this->smtp->Reset(); + return false; + } + if($this->SMTPKeepAlive == true) { + $this->smtp->Reset(); + } else { + $this->SmtpClose(); + } + + return true; + } + + /** + * Initiates a connection to an SMTP server. Returns false if the + * operation failed. + * @access public + * @return bool + */ + public function SmtpConnect() { + if($this->smtp == NULL) { + $this->smtp = new SMTP(); + } + + $this->smtp->do_debug = $this->SMTPDebug; + $hosts = explode(';', $this->Host); + $index = 0; + $connection = ($this->smtp->Connected()); + + /* Retry while there is no connection */ + while($index < count($hosts) && $connection == false) { + $hostinfo = array(); + if(eregi('^(.+):([0-9]+)$', $hosts[$index], $hostinfo)) { + $host = $hostinfo[1]; + $port = $hostinfo[2]; + } else { + $host = $hosts[$index]; + $port = $this->Port; + } + + $tls = ($this->SMTPSecure == 'tls'); + $ssl = ($this->SMTPSecure == 'ssl'); + + if($this->smtp->Connect(($ssl ? 'ssl://':'').$host, $port, $this->Timeout)) { + + $hello = ($this->Helo != '' ? $this->Hello : $this->ServerHostname()); + $this->smtp->Hello($hello); + + if($tls) { + if(!$this->smtp->StartTLS()) { + $this->SetError($this->Lang("tls")); + $this->smtp->Reset(); + $connection = false; + } + + //We must resend HELLO after tls negociation + $this->smtp->Hello($hello); + } + + $connection = true; + if($this->SMTPAuth) { + if(!$this->smtp->Authenticate($this->Username, $this->Password)) { + $this->SetError($this->Lang('authenticate')); + $this->smtp->Reset(); + $connection = false; + } + } + } + $index++; + } + if(!$connection) { + $this->SetError($this->Lang('connect_host')); + } + + return $connection; + } + + /** + * Closes the active SMTP session if one exists. + * @return void + */ + public function SmtpClose() { + if($this->smtp != NULL) { + if($this->smtp->Connected()) { + $this->smtp->Quit(); + $this->smtp->Close(); + } + } + } + + /** + * Sets the language for all class error messages. Returns false + * if it cannot load the language file. The default language type + * is English. + * @param string $lang_type Type of language (e.g. Portuguese: "br") + * @param string $lang_path Path to the language file directory + * @access public + * @return bool + */ + function SetLanguage($lang_type = 'en', $lang_path = 'language/') { + if( !(@include $lang_path.'phpmailer.lang-'.$lang_type.'.php') ) { + $this->SetError('Could not load language file'); + return false; + } + $this->language = $PHPMAILER_LANG; + return true; + } + + ///////////////////////////////////////////////// + // METHODS, MESSAGE CREATION + ///////////////////////////////////////////////// + + /** + * Creates recipient headers. + * @access public + * @return string + */ + public function AddrAppend($type, $addr) { + $addr_str = $type . ': '; + $addr_str .= $this->AddrFormat($addr[0]); + if(count($addr) > 1) { + for($i = 1; $i < count($addr); $i++) { + $addr_str .= ', ' . $this->AddrFormat($addr[$i]); + } + } + $addr_str .= $this->LE; + + return $addr_str; + } + + /** + * Formats an address correctly. + * @access public + * @return string + */ + public function AddrFormat($addr) { + if(empty($addr[1])) { + $formatted = $this->SecureHeader($addr[0]); + } else { + $formatted = $this->EncodeHeader($this->SecureHeader($addr[1]), 'phrase') . " <" . $this->SecureHeader($addr[0]) . ">"; + } + + return $formatted; + } + + /** + * Wraps message for use with mailers that do not + * automatically perform wrapping and for quoted-printable. + * Original written by philippe. + * @access public + * @return string + */ + public function WrapText($message, $length, $qp_mode = false) { + $soft_break = ($qp_mode) ? sprintf(" =%s", $this->LE) : $this->LE; + // If utf-8 encoding is used, we will need to make sure we don't + // split multibyte characters when we wrap + $is_utf8 = (strtolower($this->CharSet) == "utf-8"); + + $message = $this->FixEOL($message); + if (substr($message, -1) == $this->LE) { + $message = substr($message, 0, -1); + } + + $line = explode($this->LE, $message); + $message = ''; + for ($i=0 ;$i < count($line); $i++) { + $line_part = explode(' ', $line[$i]); + $buf = ''; + for ($e = 0; $e $length)) { + $space_left = $length - strlen($buf) - 1; + if ($e != 0) { + if ($space_left > 20) { + $len = $space_left; + if ($is_utf8) { + $len = $this->UTF8CharBoundary($word, $len); + } elseif (substr($word, $len - 1, 1) == "=") { + $len--; + } elseif (substr($word, $len - 2, 1) == "=") { + $len -= 2; + } + $part = substr($word, 0, $len); + $word = substr($word, $len); + $buf .= ' ' . $part; + $message .= $buf . sprintf("=%s", $this->LE); + } else { + $message .= $buf . $soft_break; + } + $buf = ''; + } + while (strlen($word) > 0) { + $len = $length; + if ($is_utf8) { + $len = $this->UTF8CharBoundary($word, $len); + } elseif (substr($word, $len - 1, 1) == "=") { + $len--; + } elseif (substr($word, $len - 2, 1) == "=") { + $len -= 2; + } + $part = substr($word, 0, $len); + $word = substr($word, $len); + + if (strlen($word) > 0) { + $message .= $part . sprintf("=%s", $this->LE); + } else { + $buf = $part; + } + } + } else { + $buf_o = $buf; + $buf .= ($e == 0) ? $word : (' ' . $word); + + if (strlen($buf) > $length and $buf_o != '') { + $message .= $buf_o . $soft_break; + $buf = $word; + } + } + } + $message .= $buf . $this->LE; + } + + return $message; + } + + /** + * Finds last character boundary prior to maxLength in a utf-8 + * quoted (printable) encoded string. + * Original written by Colin Brown. + * @access public + * @param string $encodedText utf-8 QP text + * @param int $maxLength find last character boundary prior to this length + * @return int + */ + public function UTF8CharBoundary($encodedText, $maxLength) { + $foundSplitPos = false; + $lookBack = 3; + while (!$foundSplitPos) { + $lastChunk = substr($encodedText, $maxLength - $lookBack, $lookBack); + $encodedCharPos = strpos($lastChunk, "="); + if ($encodedCharPos !== false) { + // Found start of encoded character byte within $lookBack block. + // Check the encoded byte value (the 2 chars after the '=') + $hex = substr($encodedText, $maxLength - $lookBack + $encodedCharPos + 1, 2); + $dec = hexdec($hex); + if ($dec < 128) { // Single byte character. + // If the encoded char was found at pos 0, it will fit + // otherwise reduce maxLength to start of the encoded char + $maxLength = ($encodedCharPos == 0) ? $maxLength : + $maxLength - ($lookBack - $encodedCharPos); + $foundSplitPos = true; + } elseif ($dec >= 192) { // First byte of a multi byte character + // Reduce maxLength to split at start of character + $maxLength = $maxLength - ($lookBack - $encodedCharPos); + $foundSplitPos = true; + } elseif ($dec < 192) { // Middle byte of a multi byte character, look further back + $lookBack += 3; + } + } else { + // No encoded character found + $foundSplitPos = true; + } + } + return $maxLength; + } + + + /** + * Set the body wrapping. + * @access public + * @return void + */ + public function SetWordWrap() { + if($this->WordWrap < 1) { + return; + } + + switch($this->message_type) { + case 'alt': + /* fall through */ + case 'alt_attachments': + $this->AltBody = $this->WrapText($this->AltBody, $this->WordWrap); + break; + default: + $this->Body = $this->WrapText($this->Body, $this->WordWrap); + break; + } + } + + /** + * Assembles message header. + * @access public + * @return string + */ + public function CreateHeader() { + $result = ''; + + /* Set the boundaries */ + $uniq_id = md5(uniqid(time())); + $this->boundary[1] = 'b1_' . $uniq_id; + $this->boundary[2] = 'b2_' . $uniq_id; + + $result .= $this->HeaderLine('Date', $this->RFCDate()); + if($this->Sender == '') { + $result .= $this->HeaderLine('Return-Path', trim($this->From)); + } else { + $result .= $this->HeaderLine('Return-Path', trim($this->Sender)); + } + + /* To be created automatically by mail() */ + if($this->Mailer != 'mail') { + if(count($this->to) > 0) { + $result .= $this->AddrAppend('To', $this->to); + } elseif (count($this->cc) == 0) { + $result .= $this->HeaderLine('To', 'undisclosed-recipients:;'); + } + if(count($this->cc) > 0) { + $result .= $this->AddrAppend('Cc', $this->cc); + } + } + + $from = array(); + $from[0][0] = trim($this->From); + $from[0][1] = $this->FromName; + $result .= $this->AddrAppend('From', $from); + + /* sendmail and mail() extract Cc from the header before sending */ + if((($this->Mailer == 'sendmail') || ($this->Mailer == 'mail')) && (count($this->cc) > 0)) { + $result .= $this->AddrAppend('Cc', $this->cc); + } + + /* sendmail and mail() extract Bcc from the header before sending */ + if((($this->Mailer == 'sendmail') || ($this->Mailer == 'mail')) && (count($this->bcc) > 0)) { + $result .= $this->AddrAppend('Bcc', $this->bcc); + } + + if(count($this->ReplyTo) > 0) { + $result .= $this->AddrAppend('Reply-to', $this->ReplyTo); + } + + /* mail() sets the subject itself */ + if($this->Mailer != 'mail') { + $result .= $this->HeaderLine('Subject', $this->EncodeHeader($this->SecureHeader($this->Subject))); + } + + if($this->MessageID != '') { + $result .= $this->HeaderLine('Message-ID',$this->MessageID); + } else { + $result .= sprintf("Message-ID: <%s@%s>%s", $uniq_id, $this->ServerHostname(), $this->LE); + } + $result .= $this->HeaderLine('X-Priority', $this->Priority); + $result .= $this->HeaderLine('X-Mailer', 'PHPMailer (phpmailer.codeworxtech.com) [version ' . $this->Version . ']'); + + if($this->ConfirmReadingTo != '') { + $result .= $this->HeaderLine('Disposition-Notification-To', '<' . trim($this->ConfirmReadingTo) . '>'); + } + + // Add custom headers + for($index = 0; $index < count($this->CustomHeader); $index++) { + $result .= $this->HeaderLine(trim($this->CustomHeader[$index][0]), $this->EncodeHeader(trim($this->CustomHeader[$index][1]))); + } + if (!$this->sign_key_file) { + $result .= $this->HeaderLine('MIME-Version', '1.0'); + $result .= $this->GetMailMIME(); + } + + return $result; + } + + /** + * Returns the message MIME. + * @access public + * @return string + */ + public function GetMailMIME() { + $result = ''; + switch($this->message_type) { + case 'plain': + $result .= $this->HeaderLine('Content-Transfer-Encoding', $this->Encoding); + $result .= sprintf("Content-Type: %s; charset=\"%s\"", $this->ContentType, $this->CharSet); + break; + case 'attachments': + /* fall through */ + case 'alt_attachments': + if($this->InlineImageExists()){ + $result .= sprintf("Content-Type: %s;%s\ttype=\"text/html\";%s\tboundary=\"%s\"%s", 'multipart/related', $this->LE, $this->LE, $this->boundary[1], $this->LE); + } else { + $result .= $this->HeaderLine('Content-Type', 'multipart/mixed;'); + $result .= $this->TextLine("\tboundary=\"" . $this->boundary[1] . '"'); + } + break; + case 'alt': + $result .= $this->HeaderLine('Content-Type', 'multipart/alternative;'); + $result .= $this->TextLine("\tboundary=\"" . $this->boundary[1] . '"'); + break; + } + + if($this->Mailer != 'mail') { + $result .= $this->LE.$this->LE; + } + + return $result; + } + + /** + * Assembles the message body. Returns an empty string on failure. + * @access public + * @return string + */ + public function CreateBody() { + $result = ''; + + if ($this->sign_key_file) { + $result .= $this->GetMailMIME(); + } + + $this->SetWordWrap(); + + switch($this->message_type) { + case 'alt': + $result .= $this->GetBoundary($this->boundary[1], '', 'text/plain', ''); + $result .= $this->EncodeString($this->AltBody, $this->Encoding); + $result .= $this->LE.$this->LE; + $result .= $this->GetBoundary($this->boundary[1], '', 'text/html', ''); + $result .= $this->EncodeString($this->Body, $this->Encoding); + $result .= $this->LE.$this->LE; + $result .= $this->EndBoundary($this->boundary[1]); + break; + case 'plain': + $result .= $this->EncodeString($this->Body, $this->Encoding); + break; + case 'attachments': + $result .= $this->GetBoundary($this->boundary[1], '', '', ''); + $result .= $this->EncodeString($this->Body, $this->Encoding); + $result .= $this->LE; + $result .= $this->AttachAll(); + break; + case 'alt_attachments': + $result .= sprintf("--%s%s", $this->boundary[1], $this->LE); + $result .= sprintf("Content-Type: %s;%s" . "\tboundary=\"%s\"%s", 'multipart/alternative', $this->LE, $this->boundary[2], $this->LE.$this->LE); + $result .= $this->GetBoundary($this->boundary[2], '', 'text/plain', '') . $this->LE; // Create text body + $result .= $this->EncodeString($this->AltBody, $this->Encoding); + $result .= $this->LE.$this->LE; + $result .= $this->GetBoundary($this->boundary[2], '', 'text/html', '') . $this->LE; // Create the HTML body + $result .= $this->EncodeString($this->Body, $this->Encoding); + $result .= $this->LE.$this->LE; + $result .= $this->EndBoundary($this->boundary[2]); + $result .= $this->AttachAll(); + break; + } + + if($this->IsError()) { + $result = ''; + } else if ($this->sign_key_file) { + $file = tempnam("", "mail"); + $fp = fopen($file, "w"); + fwrite($fp, $result); + fclose($fp); + $signed = tempnam("", "signed"); + + if (@openssl_pkcs7_sign($file, $signed, "file://".$this->sign_cert_file, array("file://".$this->sign_key_file, $this->sign_key_pass), null)) { + $fp = fopen($signed, "r"); + $result = ''; + while(!feof($fp)){ + $result = $result . fread($fp, 1024); + } + fclose($fp); + } else { + $this->SetError($this->Lang("signing").openssl_error_string()); + $result = ''; + } + + unlink($file); + unlink($signed); + } + + return $result; + } + + /** + * Returns the start of a message boundary. + * @access public + */ + public function GetBoundary($boundary, $charSet, $contentType, $encoding) { + $result = ''; + if($charSet == '') { + $charSet = $this->CharSet; + } + if($contentType == '') { + $contentType = $this->ContentType; + } + if($encoding == '') { + $encoding = $this->Encoding; + } + $result .= $this->TextLine('--' . $boundary); + $result .= sprintf("Content-Type: %s; charset = \"%s\"", $contentType, $charSet); + $result .= $this->LE; + $result .= $this->HeaderLine('Content-Transfer-Encoding', $encoding); + $result .= $this->LE; + + return $result; + } + + /** + * Returns the end of a message boundary. + * @access public + */ + public function EndBoundary($boundary) { + return $this->LE . '--' . $boundary . '--' . $this->LE; + } + + /** + * Sets the message type. + * @access public + * @return void + */ + public function SetMessageType() { + if(count($this->attachment) < 1 && strlen($this->AltBody) < 1) { + $this->message_type = 'plain'; + } else { + if(count($this->attachment) > 0) { + $this->message_type = 'attachments'; + } + if(strlen($this->AltBody) > 0 && count($this->attachment) < 1) { + $this->message_type = 'alt'; + } + if(strlen($this->AltBody) > 0 && count($this->attachment) > 0) { + $this->message_type = 'alt_attachments'; + } + } + } + + /* Returns a formatted header line. + * @access public + * @return string + */ + public function HeaderLine($name, $value) { + return $name . ': ' . $value . $this->LE; + } + + /** + * Returns a formatted mail line. + * @access public + * @return string + */ + public function TextLine($value) { + return $value . $this->LE; + } + + ///////////////////////////////////////////////// + // CLASS METHODS, ATTACHMENTS + ///////////////////////////////////////////////// + + /** + * Adds an attachment from a path on the filesystem. + * Returns false if the file could not be found + * or accessed. + * @param string $path Path to the attachment. + * @param string $name Overrides the attachment name. + * @param string $encoding File encoding (see $Encoding). + * @param string $type File extension (MIME) type. + * @return bool + */ + public function AddAttachment($path, $name = '', $encoding = 'base64', $type = 'application/octet-stream') { + if(!@is_file($path)) { + $this->SetError($this->Lang('file_access') . $path); + return false; + } + + $filename = basename($path); + if($name == '') { + $name = $filename; + } + + $cur = count($this->attachment); + $this->attachment[$cur][0] = $path; + $this->attachment[$cur][1] = $filename; + $this->attachment[$cur][2] = $name; + $this->attachment[$cur][3] = $encoding; + $this->attachment[$cur][4] = $type; + $this->attachment[$cur][5] = false; // isStringAttachment + $this->attachment[$cur][6] = 'attachment'; + $this->attachment[$cur][7] = 0; + + return true; + } + + /** + * Attaches all fs, string, and binary attachments to the message. + * Returns an empty string on failure. + * @access public + * @return string + */ + public function AttachAll() { + /* Return text of body */ + $mime = array(); + + /* Add all attachments */ + for($i = 0; $i < count($this->attachment); $i++) { + /* Check for string attachment */ + $bString = $this->attachment[$i][5]; + if ($bString) { + $string = $this->attachment[$i][0]; + } else { + $path = $this->attachment[$i][0]; + } + + $filename = $this->attachment[$i][1]; + $name = $this->attachment[$i][2]; + $encoding = $this->attachment[$i][3]; + $type = $this->attachment[$i][4]; + $disposition = $this->attachment[$i][6]; + $cid = $this->attachment[$i][7]; + + $mime[] = sprintf("--%s%s", $this->boundary[1], $this->LE); + //$mime[] = sprintf("Content-Type: %s; name=\"%s\"%s", $type, $name, $this->LE); + $mime[] = sprintf("Content-Type: %s; name=\"%s\"%s", $type, $this->EncodeHeader($this->SecureHeader($name)), $this->LE); + $mime[] = sprintf("Content-Transfer-Encoding: %s%s", $encoding, $this->LE); + + if($disposition == 'inline') { + $mime[] = sprintf("Content-ID: <%s>%s", $cid, $this->LE); + } + + //$mime[] = sprintf("Content-Disposition: %s; filename=\"%s\"%s", $disposition, $name, $this->LE.$this->LE); + $mime[] = sprintf("Content-Disposition: %s; filename=\"%s\"%s", $disposition, $this->EncodeHeader($this->SecureHeader($name)), $this->LE.$this->LE); + + /* Encode as string attachment */ + if($bString) { + $mime[] = $this->EncodeString($string, $encoding); + if($this->IsError()) { + return ''; + } + $mime[] = $this->LE.$this->LE; + } else { + $mime[] = $this->EncodeFile($path, $encoding); + if($this->IsError()) { + return ''; + } + $mime[] = $this->LE.$this->LE; + } + } + + $mime[] = sprintf("--%s--%s", $this->boundary[1], $this->LE); + + return join('', $mime); + } + + /** + * Encodes attachment in requested format. Returns an + * empty string on failure. + * @access public + * @return string + */ + public function EncodeFile ($path, $encoding = 'base64') { + if(!@$fd = fopen($path, 'rb')) { + $this->SetError($this->Lang('file_open') . $path); + return ''; + } + if (function_exists('get_magic_quotes')) { + function get_magic_quotes() { + return false; + } +} + if (PHP_VERSION < 6) { + $magic_quotes = get_magic_quotes_runtime(); + set_magic_quotes_runtime(0); + } + $file_buffer = file_get_contents($path); + $file_buffer = $this->EncodeString($file_buffer, $encoding); + fclose($fd); + if (PHP_VERSION < 6) { set_magic_quotes_runtime($magic_quotes); } + return $file_buffer; + } + + /** + * Encodes string to requested format. Returns an + * empty string on failure. + * @access public + * @return string + */ + public function EncodeString ($str, $encoding = 'base64') { + $encoded = ''; + switch(strtolower($encoding)) { + case 'base64': + $encoded = chunk_split(base64_encode($str), 76, $this->LE); + break; + case '7bit': + case '8bit': + $encoded = $this->FixEOL($str); + if (substr($encoded, -(strlen($this->LE))) != $this->LE) + $encoded .= $this->LE; + break; + case 'binary': + $encoded = $str; + break; + case 'quoted-printable': + $encoded = $this->EncodeQP($str); + break; + default: + $this->SetError($this->Lang('encoding') . $encoding); + break; + } + return $encoded; + } + + /** + * Encode a header string to best of Q, B, quoted or none. + * @access public + * @return string + */ + public function EncodeHeader ($str, $position = 'text') { + $x = 0; + + switch (strtolower($position)) { + case 'phrase': + if (!preg_match('/[\200-\377]/', $str)) { + /* Can't use addslashes as we don't know what value has magic_quotes_sybase. */ + $encoded = addcslashes($str, "\0..\37\177\\\""); + if (($str == $encoded) && !preg_match('/[^A-Za-z0-9!#$%&\'*+\/=?^_`{|}~ -]/', $str)) { + return ($encoded); + } else { + return ("\"$encoded\""); + } + } + $x = preg_match_all('/[^\040\041\043-\133\135-\176]/', $str, $matches); + break; + case 'comment': + $x = preg_match_all('/[()"]/', $str, $matches); + /* Fall-through */ + case 'text': + default: + $x += preg_match_all('/[\000-\010\013\014\016-\037\177-\377]/', $str, $matches); + break; + } + + if ($x == 0) { + return ($str); + } + + $maxlen = 75 - 7 - strlen($this->CharSet); + /* Try to select the encoding which should produce the shortest output */ + if (strlen($str)/3 < $x) { + $encoding = 'B'; + if (function_exists('mb_strlen') && $this->HasMultiBytes($str)) { + // Use a custom function which correctly encodes and wraps long + // multibyte strings without breaking lines within a character + $encoded = $this->Base64EncodeWrapMB($str); + } else { + $encoded = base64_encode($str); + $maxlen -= $maxlen % 4; + $encoded = trim(chunk_split($encoded, $maxlen, "\n")); + } + } else { + $encoding = 'Q'; + $encoded = $this->EncodeQ($str, $position); + $encoded = $this->WrapText($encoded, $maxlen, true); + $encoded = str_replace('='.$this->LE, "\n", trim($encoded)); + } + + $encoded = preg_replace('/^(.*)$/m', " =?".$this->CharSet."?$encoding?\\1?=", $encoded); + $encoded = trim(str_replace("\n", $this->LE, $encoded)); + + return $encoded; + } + + /** + * Checks if a string contains multibyte characters. + * @access public + * @param string $str multi-byte text to wrap encode + * @return bool + */ + public function HasMultiBytes($str) { + if (function_exists('mb_strlen')) { + return (strlen($str) > mb_strlen($str, $this->CharSet)); + } else { // Assume no multibytes (we can't handle without mbstring functions anyway) + return False; + } + } + + /** + * Correctly encodes and wraps long multibyte strings for mail headers + * without breaking lines within a character. + * Adapted from a function by paravoid at http://uk.php.net/manual/en/function.mb-encode-mimeheader.php + * @access public + * @param string $str multi-byte text to wrap encode + * @return string + */ + public function Base64EncodeWrapMB($str) { + $start = "=?".$this->CharSet."?B?"; + $end = "?="; + $encoded = ""; + + $mb_length = mb_strlen($str, $this->CharSet); + // Each line must have length <= 75, including $start and $end + $length = 75 - strlen($start) - strlen($end); + // Average multi-byte ratio + $ratio = $mb_length / strlen($str); + // Base64 has a 4:3 ratio + $offset = $avgLength = floor($length * $ratio * .75); + + for ($i = 0; $i < $mb_length; $i += $offset) { + $lookBack = 0; + + do { + $offset = $avgLength - $lookBack; + $chunk = mb_substr($str, $i, $offset, $this->CharSet); + $chunk = base64_encode($chunk); + $lookBack++; + } + while (strlen($chunk) > $length); + + $encoded .= $chunk . $this->LE; + } + + // Chomp the last linefeed + $encoded = substr($encoded, 0, -strlen($this->LE)); + return $encoded; + } + + /** + * Encode string to quoted-printable. + * @access public + * @param string $string the text to encode + * @param integer $line_max Number of chars allowed on a line before wrapping + * @return string + */ + public function EncodeQP( $input = '', $line_max = 76, $space_conv = false ) { + $hex = array('0','1','2','3','4','5','6','7','8','9','A','B','C','D','E','F'); + $lines = preg_split('/(?:\r\n|\r|\n)/', $input); + $eol = "\r\n"; + $escape = '='; + $output = ''; + while( list(, $line) = each($lines) ) { + $linlen = strlen($line); + $newline = ''; + for($i = 0; $i < $linlen; $i++) { + $c = substr( $line, $i, 1 ); + $dec = ord( $c ); + if ( ( $i == 0 ) && ( $dec == 46 ) ) { // convert first point in the line into =2E + $c = '=2E'; + } + if ( $dec == 32 ) { + if ( $i == ( $linlen - 1 ) ) { // convert space at eol only + $c = '=20'; + } else if ( $space_conv ) { + $c = '=20'; + } + } elseif ( ($dec == 61) || ($dec < 32 ) || ($dec > 126) ) { // always encode "\t", which is *not* required + $h2 = floor($dec/16); + $h1 = floor($dec%16); + $c = $escape.$hex[$h2].$hex[$h1]; + } + if ( (strlen($newline) + strlen($c)) >= $line_max ) { // CRLF is not counted + $output .= $newline.$escape.$eol; // soft line break; " =\r\n" is okay + $newline = ''; + // check if newline first character will be point or not + if ( $dec == 46 ) { + $c = '=2E'; + } + } + $newline .= $c; + } // end of for + $output .= $newline.$eol; + } // end of while + return trim($output); + } + + /** + * Encode string to q encoding. + * @access public + * @return string + */ + public function EncodeQ ($str, $position = 'text') { + /* There should not be any EOL in the string */ + $encoded = preg_replace("[\r\n]", '', $str); + + switch (strtolower($position)) { + case 'phrase': + $encoded = preg_replace("/([^A-Za-z0-9!*+\/ -])/e", "'='.sprintf('%02X', ord('\\1'))", $encoded); + break; + case 'comment': + $encoded = preg_replace("/([\(\)\"])/e", "'='.sprintf('%02X', ord('\\1'))", $encoded); + case 'text': + default: + /* Replace every high ascii, control =, ? and _ characters */ + $encoded = preg_replace('/([\000-\011\013\014\016-\037\075\077\137\177-\377])/e', + "'='.sprintf('%02X', ord('\\1'))", $encoded); + break; + } + + /* Replace every spaces to _ (more readable than =20) */ + $encoded = str_replace(' ', '_', $encoded); + + return $encoded; + } + + /** + * Adds a string or binary attachment (non-filesystem) to the list. + * This method can be used to attach ascii or binary data, + * such as a BLOB record from a database. + * @param string $string String attachment data. + * @param string $filename Name of the attachment. + * @param string $encoding File encoding (see $Encoding). + * @param string $type File extension (MIME) type. + * @return void + */ + public function AddStringAttachment($string, $filename, $encoding = 'base64', $type = 'application/octet-stream') { + /* Append to $attachment array */ + $cur = count($this->attachment); + $this->attachment[$cur][0] = $string; + $this->attachment[$cur][1] = $filename; + $this->attachment[$cur][2] = $filename; + $this->attachment[$cur][3] = $encoding; + $this->attachment[$cur][4] = $type; + $this->attachment[$cur][5] = true; // isString + $this->attachment[$cur][6] = 'attachment'; + $this->attachment[$cur][7] = 0; + } + + /** + * Adds an embedded attachment. This can include images, sounds, and + * just about any other document. Make sure to set the $type to an + * image type. For JPEG images use "image/jpeg" and for GIF images + * use "image/gif". + * @param string $path Path to the attachment. + * @param string $cid Content ID of the attachment. Use this to identify + * the Id for accessing the image in an HTML form. + * @param string $name Overrides the attachment name. + * @param string $encoding File encoding (see $Encoding). + * @param string $type File extension (MIME) type. + * @return bool + */ + public function AddEmbeddedImage($path, $cid, $name = '', $encoding = 'base64', $type = 'application/octet-stream') { + + if(!@is_file($path)) { + $this->SetError($this->Lang('file_access') . $path); + return false; + } + + $filename = basename($path); + if($name == '') { + $name = $filename; + } + + /* Append to $attachment array */ + $cur = count($this->attachment); + $this->attachment[$cur][0] = $path; + $this->attachment[$cur][1] = $filename; + $this->attachment[$cur][2] = $name; + $this->attachment[$cur][3] = $encoding; + $this->attachment[$cur][4] = $type; + $this->attachment[$cur][5] = false; + $this->attachment[$cur][6] = 'inline'; + $this->attachment[$cur][7] = $cid; + + return true; + } + + /** + * Returns true if an inline attachment is present. + * @access public + * @return bool + */ + public function InlineImageExists() { + $result = false; + for($i = 0; $i < count($this->attachment); $i++) { + if($this->attachment[$i][6] == 'inline') { + $result = true; + break; + } + } + + return $result; + } + + ///////////////////////////////////////////////// + // CLASS METHODS, MESSAGE RESET + ///////////////////////////////////////////////// + + /** + * Clears all recipients assigned in the TO array. Returns void. + * @return void + */ + public function ClearAddresses() { + $this->to = array(); + } + + /** + * Clears all recipients assigned in the CC array. Returns void. + * @return void + */ + public function ClearCCs() { + $this->cc = array(); + } + + /** + * Clears all recipients assigned in the BCC array. Returns void. + * @return void + */ + public function ClearBCCs() { + $this->bcc = array(); + } + + /** + * Clears all recipients assigned in the ReplyTo array. Returns void. + * @return void + */ + public function ClearReplyTos() { + $this->ReplyTo = array(); + } + + /** + * Clears all recipients assigned in the TO, CC and BCC + * array. Returns void. + * @return void + */ + public function ClearAllRecipients() { + $this->to = array(); + $this->cc = array(); + $this->bcc = array(); + } + + /** + * Clears all previously set filesystem, string, and binary + * attachments. Returns void. + * @return void + */ + public function ClearAttachments() { + $this->attachment = array(); + } + + /** + * Clears all custom headers. Returns void. + * @return void + */ + public function ClearCustomHeaders() { + $this->CustomHeader = array(); + } + + ///////////////////////////////////////////////// + // CLASS METHODS, MISCELLANEOUS + ///////////////////////////////////////////////// + + /** + * Adds the error message to the error container. + * Returns void. + * @access private + * @return void + */ + private function SetError($msg) { + $this->error_count++; + $this->ErrorInfo = $msg; + } + + /** + * Returns the proper RFC 822 formatted date. + * @access private + * @return string + */ + private static function RFCDate() { + $tz = date('Z'); + $tzs = ($tz < 0) ? '-' : '+'; + $tz = abs($tz); + $tz = (int)($tz/3600)*100 + ($tz%3600)/60; + $result = sprintf("%s %s%04d", date('D, j M Y H:i:s'), $tzs, $tz); + + return $result; + } + + /** + * Returns the server hostname or 'localhost.localdomain' if unknown. + * @access private + * @return string + */ + private function ServerHostname() { + if (!empty($this->Hostname)) { + $result = $this->Hostname; + } elseif (isset($_SERVER['SERVER_NAME'])) { + $result = $_SERVER['SERVER_NAME']; + } else { + $result = "localhost.localdomain"; + } + + return $result; + } + + /** + * Returns a message in the appropriate language. + * @access private + * @return string + */ + private function Lang($key) { + if(count($this->language) < 1) { + $this->SetLanguage('en'); // set the default language + } + + if(isset($this->language[$key])) { + return $this->language[$key]; + } else { + return 'Language string failed to load: ' . $key; + } + } + + /** + * Returns true if an error occurred. + * @access public + * @return bool + */ + public function IsError() { + return ($this->error_count > 0); + } + + /** + * Changes every end of line from CR or LF to CRLF. + * @access private + * @return string + */ + private function FixEOL($str) { + $str = str_replace("\r\n", "\n", $str); + $str = str_replace("\r", "\n", $str); + $str = str_replace("\n", $this->LE, $str); + return $str; + } + + /** + * Adds a custom header. + * @access public + * @return void + */ + public function AddCustomHeader($custom_header) { + $this->CustomHeader[] = explode(':', $custom_header, 2); + } + + /** + * Evaluates the message and returns modifications for inline images and backgrounds + * @access public + * @return $message + */ + public function MsgHTML($message,$basedir='') { + preg_match_all("/(src|background)=\"(.*)\"/Ui", $message, $images); + if(isset($images[2])) { + foreach($images[2] as $i => $url) { + // do not change urls for absolute images (thanks to corvuscorax) + if (!preg_match('/^[A-z][A-z]*:\/\//',$url)) { + $filename = basename($url); + $directory = dirname($url); + ($directory == '.')?$directory='':''; + $cid = 'cid:' . md5($filename); + $fileParts = split("\.", $filename); + $ext = $fileParts[1]; + $mimeType = $this->_mime_types($ext); + if ( strlen($basedir) > 1 && substr($basedir,-1) != '/') { $basedir .= '/'; } + if ( strlen($directory) > 1 && substr($basedir,-1) != '/') { $directory .= '/'; } + $this->AddEmbeddedImage($basedir.$directory.$filename, md5($filename), $filename, 'base64', $mimeType); + if ( $this->AddEmbeddedImage($basedir.$directory.$filename, md5($filename), $filename, 'base64',$mimeType) ) { + $message = preg_replace("/".$images[1][$i]."=\"".preg_quote($url, '/')."\"/Ui", $images[1][$i]."=\"".$cid."\"", $message); + } + } + } + } + $this->IsHTML(true); + $this->Body = $message; + $textMsg = trim(strip_tags(preg_replace('/<(head|title|style|script)[^>]*>.*?<\/\\1>/s','',$message))); + if ( !empty($textMsg) && empty($this->AltBody) ) { + $this->AltBody = $textMsg; + } + if ( empty($this->AltBody) ) { + $this->AltBody = 'To view this email message, open the email in with HTML compatibility!' . "\n\n"; + } + } + + /** + * Gets the mime type of the embedded or inline image + * @access public + * @return mime type of ext + */ + public function _mime_types($ext = '') { + $mimes = array( + 'hqx' => 'application/mac-binhex40', + 'cpt' => 'application/mac-compactpro', + 'doc' => 'application/msword', + 'bin' => 'application/macbinary', + 'dms' => 'application/octet-stream', + 'lha' => 'application/octet-stream', + 'lzh' => 'application/octet-stream', + 'exe' => 'application/octet-stream', + 'class' => 'application/octet-stream', + 'psd' => 'application/octet-stream', + 'so' => 'application/octet-stream', + 'sea' => 'application/octet-stream', + 'dll' => 'application/octet-stream', + 'oda' => 'application/oda', + 'pdf' => 'application/pdf', + 'ai' => 'application/postscript', + 'eps' => 'application/postscript', + 'ps' => 'application/postscript', + 'smi' => 'application/smil', + 'smil' => 'application/smil', + 'mif' => 'application/vnd.mif', + 'xls' => 'application/vnd.ms-excel', + 'ppt' => 'application/vnd.ms-powerpoint', + 'wbxml' => 'application/vnd.wap.wbxml', + 'wmlc' => 'application/vnd.wap.wmlc', + 'dcr' => 'application/x-director', + 'dir' => 'application/x-director', + 'dxr' => 'application/x-director', + 'dvi' => 'application/x-dvi', + 'gtar' => 'application/x-gtar', + 'php' => 'application/x-httpd-php', + 'php4' => 'application/x-httpd-php', + 'php3' => 'application/x-httpd-php', + 'phtml' => 'application/x-httpd-php', + 'phps' => 'application/x-httpd-php-source', + 'js' => 'application/x-javascript', + 'swf' => 'application/x-shockwave-flash', + 'sit' => 'application/x-stuffit', + 'tar' => 'application/x-tar', + 'tgz' => 'application/x-tar', + 'xhtml' => 'application/xhtml+xml', + 'xht' => 'application/xhtml+xml', + 'zip' => 'application/zip', + 'mid' => 'audio/midi', + 'midi' => 'audio/midi', + 'mpga' => 'audio/mpeg', + 'mp2' => 'audio/mpeg', + 'mp3' => 'audio/mpeg', + 'aif' => 'audio/x-aiff', + 'aiff' => 'audio/x-aiff', + 'aifc' => 'audio/x-aiff', + 'ram' => 'audio/x-pn-realaudio', + 'rm' => 'audio/x-pn-realaudio', + 'rpm' => 'audio/x-pn-realaudio-plugin', + 'ra' => 'audio/x-realaudio', + 'rv' => 'video/vnd.rn-realvideo', + 'wav' => 'audio/x-wav', + 'bmp' => 'image/bmp', + 'gif' => 'image/gif', + 'jpeg' => 'image/jpeg', + 'jpg' => 'image/jpeg', + 'jpe' => 'image/jpeg', + 'png' => 'image/png', + 'tiff' => 'image/tiff', + 'tif' => 'image/tiff', + 'css' => 'text/css', + 'html' => 'text/html', + 'htm' => 'text/html', + 'shtml' => 'text/html', + 'txt' => 'text/plain', + 'text' => 'text/plain', + 'log' => 'text/plain', + 'rtx' => 'text/richtext', + 'rtf' => 'text/rtf', + 'xml' => 'text/xml', + 'xsl' => 'text/xml', + 'mpeg' => 'video/mpeg', + 'mpg' => 'video/mpeg', + 'mpe' => 'video/mpeg', + 'qt' => 'video/quicktime', + 'mov' => 'video/quicktime', + 'avi' => 'video/x-msvideo', + 'movie' => 'video/x-sgi-movie', + 'doc' => 'application/msword', + 'word' => 'application/msword', + 'xl' => 'application/excel', + 'eml' => 'message/rfc822' + ); + return ( ! isset($mimes[strtolower($ext)])) ? 'application/octet-stream' : $mimes[strtolower($ext)]; + } + + /** + * Set (or reset) Class Objects (variables) + * + * Usage Example: + * $page->set('X-Priority', '3'); + * + * @access public + * @param string $name Parameter Name + * @param mixed $value Parameter Value + * NOTE: will not work with arrays, there are no arrays to set/reset + */ + public function set ( $name, $value = '' ) { + if ( isset($this->$name) ) { + $this->$name = $value; + } else { + $this->SetError('Cannot set or reset variable ' . $name); + return false; + } + } + + /** + * Read a file from a supplied filename and return it. + * + * @access public + * @param string $filename Parameter File Name + */ + public function getFile($filename) { + $return = ''; + if ($fp = fopen($filename, 'rb')) { + while (!feof($fp)) { + $return .= fread($fp, 1024); + } + fclose($fp); + return $return; + } else { + return false; + } + } + + /** + * Strips newlines to prevent header injection. + * @access public + * @param string $str String + * @return string + */ + public function SecureHeader($str) { + $str = trim($str); + $str = str_replace("\r", "", $str); + $str = str_replace("\n", "", $str); + return $str; + } + + /** + * Set the private key file and password to sign the message. + * + * @access public + * @param string $key_filename Parameter File Name + * @param string $key_pass Password for private key + */ + public function Sign($cert_filename, $key_filename, $key_pass) { + $this->sign_cert_file = $cert_filename; + $this->sign_key_file = $key_filename; + $this->sign_key_pass = $key_pass; + } +} + +?> diff --git a/central/trunk/includes/class.smtp.php b/central/trunk/includes/class.smtp.php new file mode 100644 index 0000000..f1c9cfe --- /dev/null +++ b/central/trunk/includes/class.smtp.php @@ -0,0 +1,1113 @@ +smtp_conn = 0; + $this->error = null; + $this->helo_rply = null; + + $this->do_debug = 0; + } + + /************************************************************* + * CONNECTION FUNCTIONS * + ***********************************************************/ + + /** + * Connect to the server specified on the port specified. + * If the port is not specified use the default SMTP_PORT. + * If tval is specified then a connection will try and be + * established with the server for that number of seconds. + * If tval is not specified the default is 30 seconds to + * try on the connection. + * + * SMTP CODE SUCCESS: 220 + * SMTP CODE FAILURE: 421 + * @access public + * @return bool + */ + public function Connect($host,$port=0,$tval=30) { + /* set the error val to null so there is no confusion */ + $this->error = null; + + /* make sure we are __not__ connected */ + if($this->connected()) { + /* ok we are connected! what should we do? + * for now we will just give an error saying we + * are already connected + */ + $this->error = array("error" => "Already connected to a server"); + return false; + } + + if(empty($port)) { + $port = $this->SMTP_PORT; + } + + /* connect to the smtp server */ + $this->smtp_conn = fsockopen($host, // the host of the server + $port, // the port to use + $errno, // error number if any + $errstr, // error message if any + $tval); // give up after ? secs + /* verify we connected properly */ + if(empty($this->smtp_conn)) { + $this->error = array("error" => "Failed to connect to server", + "errno" => $errno, + "errstr" => $errstr); + if($this->do_debug >= 1) { + echo "SMTP -> ERROR: " . $this->error["error"] . + ": $errstr ($errno)" . $this->CRLF; + } + return false; + } + + /* sometimes the SMTP server takes a little longer to respond + * so we will give it a longer timeout for the first read + * - Windows still does not have support for this timeout function + */ + if(substr(PHP_OS, 0, 3) != "WIN") + socket_set_timeout($this->smtp_conn, $tval, 0); + + /* get any announcement stuff */ + $announce = $this->get_lines(); + + /* set the timeout of any socket functions at 1/10 of a second */ + //if(function_exists("socket_set_timeout")) + // socket_set_timeout($this->smtp_conn, 0, 100000); + + if($this->do_debug >= 2) { + echo "SMTP -> FROM SERVER:" . $this->CRLF . $announce; + } + + return true; + } + + /** + * Initiate a TSL communication with the server. + * + * SMTP CODE 220 Ready to start TLS + * SMTP CODE 501 Syntax error (no parameters allowed) + * SMTP CODE 454 TLS not available due to temporary reason + * @access public + * @return bool success + */ + public function StartTLS() { + $this->error = null; # to avoid confusion + + if(!$this->connected()) { + $this->error = array("error" => "Called StartTLS() without being connected"); + return false; + } + + fputs($this->smtp_conn,"STARTTLS" . $extra . $this->CRLF); + + $rply = $this->get_lines(); + $code = substr($rply,0,3); + + if($this->do_debug >= 2) { + echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; + } + + if($code != 220) { + $this->error = + array("error" => "STARTTLS not accepted from server", + "smtp_code" => $code, + "smtp_msg" => substr($rply,4)); + if($this->do_debug >= 1) { + echo "SMTP -> ERROR: " . $this->error["error"] . ": " . $rply . $this->CRLF; + } + return false; + } + + //Begin encrypted connection + if(!stream_socket_enable_crypto($this->smtp_conn, true, STREAM_CRYPTO_METHOD_TLS_CLIENT)) { + return false; + } + + return true; + } + + /** + * Performs SMTP authentication. Must be run after running the + * Hello() method. Returns true if successfully authenticated. + * @access public + * @return bool + */ + public function Authenticate($username, $password) { + // Start authentication + fputs($this->smtp_conn,"AUTH LOGIN" . $this->CRLF); + + $rply = $this->get_lines(); + $code = substr($rply,0,3); + + if($code != 334) { + $this->error = + array("error" => "AUTH not accepted from server", + "smtp_code" => $code, + "smtp_msg" => substr($rply,4)); + if($this->do_debug >= 1) { + echo "SMTP -> ERROR: " . $this->error["error"] . + ": " . $rply . $this->CRLF; + } + return false; + } + + // Send encoded username + fputs($this->smtp_conn, base64_encode($username) . $this->CRLF); + + $rply = $this->get_lines(); + $code = substr($rply,0,3); + + if($code != 334) { + $this->error = + array("error" => "Username not accepted from server", + "smtp_code" => $code, + "smtp_msg" => substr($rply,4)); + if($this->do_debug >= 1) { + echo "SMTP -> ERROR: " . $this->error["error"] . + ": " . $rply . $this->CRLF; + } + return false; + } + + // Send encoded password + fputs($this->smtp_conn, base64_encode($password) . $this->CRLF); + + $rply = $this->get_lines(); + $code = substr($rply,0,3); + + if($code != 235) { + $this->error = + array("error" => "Password not accepted from server", + "smtp_code" => $code, + "smtp_msg" => substr($rply,4)); + if($this->do_debug >= 1) { + echo "SMTP -> ERROR: " . $this->error["error"] . + ": " . $rply . $this->CRLF; + } + return false; + } + + return true; + } + + /** + * Returns true if connected to a server otherwise false + * @access public + * @return bool + */ + public function Connected() { + if(!empty($this->smtp_conn)) { + $sock_status = socket_get_status($this->smtp_conn); + if($sock_status["eof"]) { + // hmm this is an odd situation... the socket is + // valid but we are not connected anymore + if($this->do_debug >= 1) { + echo "SMTP -> NOTICE:" . $this->CRLF . + "EOF caught while checking if connected"; + } + $this->Close(); + return false; + } + return true; // everything looks good + } + return false; + } + + /** + * Closes the socket and cleans up the state of the class. + * It is not considered good to use this function without + * first trying to use QUIT. + * @access public + * @return void + */ + public function Close() { + $this->error = null; // so there is no confusion + $this->helo_rply = null; + if(!empty($this->smtp_conn)) { + // close the connection and cleanup + fclose($this->smtp_conn); + $this->smtp_conn = 0; + } + } + + /*************************************************************** + * SMTP COMMANDS * + *************************************************************/ + + /** + * Issues a data command and sends the msg_data to the server + * finializing the mail transaction. $msg_data is the message + * that is to be send with the headers. Each header needs to be + * on a single line followed by a with the message headers + * and the message body being seperated by and additional . + * + * Implements rfc 821: DATA + * + * SMTP CODE INTERMEDIATE: 354 + * [data] + * . + * SMTP CODE SUCCESS: 250 + * SMTP CODE FAILURE: 552,554,451,452 + * SMTP CODE FAILURE: 451,554 + * SMTP CODE ERROR : 500,501,503,421 + * @access public + * @return bool + */ + public function Data($msg_data) { + $this->error = null; // so no confusion is caused + + if(!$this->connected()) { + $this->error = array( + "error" => "Called Data() without being connected"); + return false; + } + + fputs($this->smtp_conn,"DATA" . $this->CRLF); + + $rply = $this->get_lines(); + $code = substr($rply,0,3); + + if($this->do_debug >= 2) { + echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; + } + + if($code != 354) { + $this->error = + array("error" => "DATA command not accepted from server", + "smtp_code" => $code, + "smtp_msg" => substr($rply,4)); + if($this->do_debug >= 1) { + echo "SMTP -> ERROR: " . $this->error["error"] . + ": " . $rply . $this->CRLF; + } + return false; + } + + /* the server is ready to accept data! + * according to rfc 821 we should not send more than 1000 + * including the CRLF + * characters on a single line so we will break the data up + * into lines by \r and/or \n then if needed we will break + * each of those into smaller lines to fit within the limit. + * in addition we will be looking for lines that start with + * a period '.' and append and additional period '.' to that + * line. NOTE: this does not count towards are limit. + */ + + // normalize the line breaks so we know the explode works + $msg_data = str_replace("\r\n","\n",$msg_data); + $msg_data = str_replace("\r","\n",$msg_data); + $lines = explode("\n",$msg_data); + + /* we need to find a good way to determine is headers are + * in the msg_data or if it is a straight msg body + * currently I am assuming rfc 822 definitions of msg headers + * and if the first field of the first line (':' sperated) + * does not contain a space then it _should_ be a header + * and we can process all lines before a blank "" line as + * headers. + */ + $field = substr($lines[0],0,strpos($lines[0],":")); + $in_headers = false; + if(!empty($field) && !strstr($field," ")) { + $in_headers = true; + } + + $max_line_length = 998; // used below; set here for ease in change + + while(list(,$line) = @each($lines)) { + $lines_out = null; + if($line == "" && $in_headers) { + $in_headers = false; + } + // ok we need to break this line up into several smaller lines + while(strlen($line) > $max_line_length) { + $pos = strrpos(substr($line,0,$max_line_length)," "); + + // Patch to fix DOS attack + if(!$pos) { + $pos = $max_line_length - 1; + $lines_out[] = substr($line,0,$pos); + $line = substr($line,$pos); + } else { + $lines_out[] = substr($line,0,$pos); + $line = substr($line,$pos + 1); + } + + /* if we are processing headers we need to + * add a LWSP-char to the front of the new line + * rfc 822 on long msg headers + */ + if($in_headers) { + $line = "\t" . $line; + } + } + $lines_out[] = $line; + + // now send the lines to the server + while(list(,$line_out) = @each($lines_out)) { + if(strlen($line_out) > 0) + { + if(substr($line_out, 0, 1) == ".") { + $line_out = "." . $line_out; + } + } + fputs($this->smtp_conn,$line_out . $this->CRLF); + } + } + + // ok all the message data has been sent so lets get this + // over with aleady + fputs($this->smtp_conn, $this->CRLF . "." . $this->CRLF); + + $rply = $this->get_lines(); + $code = substr($rply,0,3); + + if($this->do_debug >= 2) { + echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; + } + + if($code != 250) { + $this->error = + array("error" => "DATA not accepted from server", + "smtp_code" => $code, + "smtp_msg" => substr($rply,4)); + if($this->do_debug >= 1) { + echo "SMTP -> ERROR: " . $this->error["error"] . + ": " . $rply . $this->CRLF; + } + return false; + } + return true; + } + + /** + * Expand takes the name and asks the server to list all the + * people who are members of the _list_. Expand will return + * back and array of the result or false if an error occurs. + * Each value in the array returned has the format of: + * [ ] + * The definition of is defined in rfc 821 + * + * Implements rfc 821: EXPN + * + * SMTP CODE SUCCESS: 250 + * SMTP CODE FAILURE: 550 + * SMTP CODE ERROR : 500,501,502,504,421 + * @access public + * @return string array + */ + public function Expand($name) { + $this->error = null; // so no confusion is caused + + if(!$this->connected()) { + $this->error = array( + "error" => "Called Expand() without being connected"); + return false; + } + + fputs($this->smtp_conn,"EXPN " . $name . $this->CRLF); + + $rply = $this->get_lines(); + $code = substr($rply,0,3); + + if($this->do_debug >= 2) { + echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; + } + + if($code != 250) { + $this->error = + array("error" => "EXPN not accepted from server", + "smtp_code" => $code, + "smtp_msg" => substr($rply,4)); + if($this->do_debug >= 1) { + echo "SMTP -> ERROR: " . $this->error["error"] . + ": " . $rply . $this->CRLF; + } + return false; + } + + // parse the reply and place in our array to return to user + $entries = explode($this->CRLF,$rply); + while(list(,$l) = @each($entries)) { + $list[] = substr($l,4); + } + + return $list; + } + + /** + * Sends the HELO command to the smtp server. + * This makes sure that we and the server are in + * the same known state. + * + * Implements from rfc 821: HELO + * + * SMTP CODE SUCCESS: 250 + * SMTP CODE ERROR : 500, 501, 504, 421 + * @access public + * @return bool + */ + public function Hello($host="") { + $this->error = null; // so no confusion is caused + + if(!$this->connected()) { + $this->error = array( + "error" => "Called Hello() without being connected"); + return false; + } + + // if a hostname for the HELO was not specified determine + //a suitable one to send + if(empty($host)) { + // we need to determine some sort of appopiate default + // to send to the server + $host = "localhost"; + } + + // Send extended hello first (RFC 2821) + if(!$this->SendHello("EHLO", $host)) + { + if(!$this->SendHello("HELO", $host)) + return false; + } + + return true; + } + + /** + * Sends a HELO/EHLO command. + * @access private + * @return bool + */ + private function SendHello($hello, $host) { + fputs($this->smtp_conn, $hello . " " . $host . $this->CRLF); + + $rply = $this->get_lines(); + $code = substr($rply,0,3); + + if($this->do_debug >= 2) { + echo "SMTP -> FROM SERVER: " . $this->CRLF . $rply; + } + + if($code != 250) { + $this->error = + array("error" => $hello . " not accepted from server", + "smtp_code" => $code, + "smtp_msg" => substr($rply,4)); + if($this->do_debug >= 1) { + echo "SMTP -> ERROR: " . $this->error["error"] . + ": " . $rply . $this->CRLF; + } + return false; + } + + $this->helo_rply = $rply; + + return true; + } + + /** + * Gets help information on the keyword specified. If the keyword + * is not specified then returns generic help, ussually contianing + * A list of keywords that help is available on. This function + * returns the results back to the user. It is up to the user to + * handle the returned data. If an error occurs then false is + * returned with $this->error set appropiately. + * + * Implements rfc 821: HELP [ ] + * + * SMTP CODE SUCCESS: 211,214 + * SMTP CODE ERROR : 500,501,502,504,421 + * @access public + * @return string + */ + public function Help($keyword="") { + $this->error = null; // to avoid confusion + + if(!$this->connected()) { + $this->error = array( + "error" => "Called Help() without being connected"); + return false; + } + + $extra = ""; + if(!empty($keyword)) { + $extra = " " . $keyword; + } + + fputs($this->smtp_conn,"HELP" . $extra . $this->CRLF); + + $rply = $this->get_lines(); + $code = substr($rply,0,3); + + if($this->do_debug >= 2) { + echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; + } + + if($code != 211 && $code != 214) { + $this->error = + array("error" => "HELP not accepted from server", + "smtp_code" => $code, + "smtp_msg" => substr($rply,4)); + if($this->do_debug >= 1) { + echo "SMTP -> ERROR: " . $this->error["error"] . + ": " . $rply . $this->CRLF; + } + return false; + } + + return $rply; + } + + /** + * Starts a mail transaction from the email address specified in + * $from. Returns true if successful or false otherwise. If True + * the mail transaction is started and then one or more Recipient + * commands may be called followed by a Data command. + * + * Implements rfc 821: MAIL FROM: + * + * SMTP CODE SUCCESS: 250 + * SMTP CODE SUCCESS: 552,451,452 + * SMTP CODE SUCCESS: 500,501,421 + * @access public + * @return bool + */ + public function Mail($from) { + $this->error = null; // so no confusion is caused + + if(!$this->connected()) { + $this->error = array( + "error" => "Called Mail() without being connected"); + return false; + } + + $useVerp = ($this->do_verp ? "XVERP" : ""); + fputs($this->smtp_conn,"MAIL FROM:<" . $from . ">" . $useVerp . $this->CRLF); + + $rply = $this->get_lines(); + $code = substr($rply,0,3); + + if($this->do_debug >= 2) { + echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; + } + + if($code != 250) { + $this->error = + array("error" => "MAIL not accepted from server", + "smtp_code" => $code, + "smtp_msg" => substr($rply,4)); + if($this->do_debug >= 1) { + echo "SMTP -> ERROR: " . $this->error["error"] . + ": " . $rply . $this->CRLF; + } + return false; + } + return true; + } + + /** + * Sends the command NOOP to the SMTP server. + * + * Implements from rfc 821: NOOP + * + * SMTP CODE SUCCESS: 250 + * SMTP CODE ERROR : 500, 421 + * @access public + * @return bool + */ + public function Noop() { + $this->error = null; // so no confusion is caused + + if(!$this->connected()) { + $this->error = array( + "error" => "Called Noop() without being connected"); + return false; + } + + fputs($this->smtp_conn,"NOOP" . $this->CRLF); + + $rply = $this->get_lines(); + $code = substr($rply,0,3); + + if($this->do_debug >= 2) { + echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; + } + + if($code != 250) { + $this->error = + array("error" => "NOOP not accepted from server", + "smtp_code" => $code, + "smtp_msg" => substr($rply,4)); + if($this->do_debug >= 1) { + echo "SMTP -> ERROR: " . $this->error["error"] . + ": " . $rply . $this->CRLF; + } + return false; + } + return true; + } + + /** + * Sends the quit command to the server and then closes the socket + * if there is no error or the $close_on_error argument is true. + * + * Implements from rfc 821: QUIT + * + * SMTP CODE SUCCESS: 221 + * SMTP CODE ERROR : 500 + * @access public + * @return bool + */ + public function Quit($close_on_error=true) { + $this->error = null; // so there is no confusion + + if(!$this->connected()) { + $this->error = array( + "error" => "Called Quit() without being connected"); + return false; + } + + // send the quit command to the server + fputs($this->smtp_conn,"quit" . $this->CRLF); + + // get any good-bye messages + $byemsg = $this->get_lines(); + + if($this->do_debug >= 2) { + echo "SMTP -> FROM SERVER:" . $this->CRLF . $byemsg; + } + + $rval = true; + $e = null; + + $code = substr($byemsg,0,3); + if($code != 221) { + // use e as a tmp var cause Close will overwrite $this->error + $e = array("error" => "SMTP server rejected quit command", + "smtp_code" => $code, + "smtp_rply" => substr($byemsg,4)); + $rval = false; + if($this->do_debug >= 1) { + echo "SMTP -> ERROR: " . $e["error"] . ": " . + $byemsg . $this->CRLF; + } + } + + if(empty($e) || $close_on_error) { + $this->Close(); + } + + return $rval; + } + + /** + * Sends the command RCPT to the SMTP server with the TO: argument of $to. + * Returns true if the recipient was accepted false if it was rejected. + * + * Implements from rfc 821: RCPT TO: + * + * SMTP CODE SUCCESS: 250,251 + * SMTP CODE FAILURE: 550,551,552,553,450,451,452 + * SMTP CODE ERROR : 500,501,503,421 + * @access public + * @return bool + */ + public function Recipient($to) { + $this->error = null; // so no confusion is caused + + if(!$this->connected()) { + $this->error = array( + "error" => "Called Recipient() without being connected"); + return false; + } + + fputs($this->smtp_conn,"RCPT TO:<" . $to . ">" . $this->CRLF); + + $rply = $this->get_lines(); + $code = substr($rply,0,3); + + if($this->do_debug >= 2) { + echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; + } + + if($code != 250 && $code != 251) { + $this->error = + array("error" => "RCPT not accepted from server", + "smtp_code" => $code, + "smtp_msg" => substr($rply,4)); + if($this->do_debug >= 1) { + echo "SMTP -> ERROR: " . $this->error["error"] . + ": " . $rply . $this->CRLF; + } + return false; + } + return true; + } + + /** + * Sends the RSET command to abort and transaction that is + * currently in progress. Returns true if successful false + * otherwise. + * + * Implements rfc 821: RSET + * + * SMTP CODE SUCCESS: 250 + * SMTP CODE ERROR : 500,501,504,421 + * @access public + * @return bool + */ + public function Reset() { + $this->error = null; // so no confusion is caused + + if(!$this->connected()) { + $this->error = array( + "error" => "Called Reset() without being connected"); + return false; + } + + fputs($this->smtp_conn,"RSET" . $this->CRLF); + + $rply = $this->get_lines(); + $code = substr($rply,0,3); + + if($this->do_debug >= 2) { + echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; + } + + if($code != 250) { + $this->error = + array("error" => "RSET failed", + "smtp_code" => $code, + "smtp_msg" => substr($rply,4)); + if($this->do_debug >= 1) { + echo "SMTP -> ERROR: " . $this->error["error"] . + ": " . $rply . $this->CRLF; + } + return false; + } + + return true; + } + + /** + * Starts a mail transaction from the email address specified in + * $from. Returns true if successful or false otherwise. If True + * the mail transaction is started and then one or more Recipient + * commands may be called followed by a Data command. This command + * will send the message to the users terminal if they are logged + * in. + * + * Implements rfc 821: SEND FROM: + * + * SMTP CODE SUCCESS: 250 + * SMTP CODE SUCCESS: 552,451,452 + * SMTP CODE SUCCESS: 500,501,502,421 + * @access public + * @return bool + */ + public function Send($from) { + $this->error = null; // so no confusion is caused + + if(!$this->connected()) { + $this->error = array( + "error" => "Called Send() without being connected"); + return false; + } + + fputs($this->smtp_conn,"SEND FROM:" . $from . $this->CRLF); + + $rply = $this->get_lines(); + $code = substr($rply,0,3); + + if($this->do_debug >= 2) { + echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; + } + + if($code != 250) { + $this->error = + array("error" => "SEND not accepted from server", + "smtp_code" => $code, + "smtp_msg" => substr($rply,4)); + if($this->do_debug >= 1) { + echo "SMTP -> ERROR: " . $this->error["error"] . + ": " . $rply . $this->CRLF; + } + return false; + } + return true; + } + + /** + * Starts a mail transaction from the email address specified in + * $from. Returns true if successful or false otherwise. If True + * the mail transaction is started and then one or more Recipient + * commands may be called followed by a Data command. This command + * will send the message to the users terminal if they are logged + * in and send them an email. + * + * Implements rfc 821: SAML FROM: + * + * SMTP CODE SUCCESS: 250 + * SMTP CODE SUCCESS: 552,451,452 + * SMTP CODE SUCCESS: 500,501,502,421 + * @access public + * @return bool + */ + public function SendAndMail($from) { + $this->error = null; // so no confusion is caused + + if(!$this->connected()) { + $this->error = array( + "error" => "Called SendAndMail() without being connected"); + return false; + } + + fputs($this->smtp_conn,"SAML FROM:" . $from . $this->CRLF); + + $rply = $this->get_lines(); + $code = substr($rply,0,3); + + if($this->do_debug >= 2) { + echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; + } + + if($code != 250) { + $this->error = + array("error" => "SAML not accepted from server", + "smtp_code" => $code, + "smtp_msg" => substr($rply,4)); + if($this->do_debug >= 1) { + echo "SMTP -> ERROR: " . $this->error["error"] . + ": " . $rply . $this->CRLF; + } + return false; + } + return true; + } + + /** + * Starts a mail transaction from the email address specified in + * $from. Returns true if successful or false otherwise. If True + * the mail transaction is started and then one or more Recipient + * commands may be called followed by a Data command. This command + * will send the message to the users terminal if they are logged + * in or mail it to them if they are not. + * + * Implements rfc 821: SOML FROM: + * + * SMTP CODE SUCCESS: 250 + * SMTP CODE SUCCESS: 552,451,452 + * SMTP CODE SUCCESS: 500,501,502,421 + * @access public + * @return bool + */ + public function SendOrMail($from) { + $this->error = null; // so no confusion is caused + + if(!$this->connected()) { + $this->error = array( + "error" => "Called SendOrMail() without being connected"); + return false; + } + + fputs($this->smtp_conn,"SOML FROM:" . $from . $this->CRLF); + + $rply = $this->get_lines(); + $code = substr($rply,0,3); + + if($this->do_debug >= 2) { + echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; + } + + if($code != 250) { + $this->error = + array("error" => "SOML not accepted from server", + "smtp_code" => $code, + "smtp_msg" => substr($rply,4)); + if($this->do_debug >= 1) { + echo "SMTP -> ERROR: " . $this->error["error"] . + ": " . $rply . $this->CRLF; + } + return false; + } + return true; + } + + /** + * This is an optional command for SMTP that this class does not + * support. This method is here to make the RFC821 Definition + * complete for this class and __may__ be implimented in the future + * + * Implements from rfc 821: TURN + * + * SMTP CODE SUCCESS: 250 + * SMTP CODE FAILURE: 502 + * SMTP CODE ERROR : 500, 503 + * @access public + * @return bool + */ + public function Turn() { + $this->error = array("error" => "This method, TURN, of the SMTP ". + "is not implemented"); + if($this->do_debug >= 1) { + echo "SMTP -> NOTICE: " . $this->error["error"] . $this->CRLF; + } + return false; + } + + /** + * Verifies that the name is recognized by the server. + * Returns false if the name could not be verified otherwise + * the response from the server is returned. + * + * Implements rfc 821: VRFY + * + * SMTP CODE SUCCESS: 250,251 + * SMTP CODE FAILURE: 550,551,553 + * SMTP CODE ERROR : 500,501,502,421 + * @access public + * @return int + */ + public function Verify($name) { + $this->error = null; // so no confusion is caused + + if(!$this->connected()) { + $this->error = array( + "error" => "Called Verify() without being connected"); + return false; + } + + fputs($this->smtp_conn,"VRFY " . $name . $this->CRLF); + + $rply = $this->get_lines(); + $code = substr($rply,0,3); + + if($this->do_debug >= 2) { + echo "SMTP -> FROM SERVER:" . $this->CRLF . $rply; + } + + if($code != 250 && $code != 251) { + $this->error = + array("error" => "VRFY failed on name '$name'", + "smtp_code" => $code, + "smtp_msg" => substr($rply,4)); + if($this->do_debug >= 1) { + echo "SMTP -> ERROR: " . $this->error["error"] . + ": " . $rply . $this->CRLF; + } + return false; + } + return $rply; + } + + /******************************************************************* + * INTERNAL FUNCTIONS * + ******************************************************************/ + + /** + * Read in as many lines as possible + * either before eof or socket timeout occurs on the operation. + * With SMTP we can tell if we have more lines to read if the + * 4th character is '-' symbol. If it is a space then we don't + * need to read anything else. + * @access private + * @return string + */ + private function get_lines() { + $data = ""; + while($str = @fgets($this->smtp_conn,515)) { + if($this->do_debug >= 4) { + echo "SMTP -> get_lines(): \$data was \"$data\"" . + $this->CRLF; + echo "SMTP -> get_lines(): \$str is \"$str\"" . + $this->CRLF; + } + $data .= $str; + if($this->do_debug >= 4) { + echo "SMTP -> get_lines(): \$data is \"$data\"" . $this->CRLF; + } + // if the 4th character is a space then we are done reading + // so just break the loop + if(substr($str,3,1) == " ") { break; } + } + return $data; + } + +} + + + ?> diff --git a/central/trunk/includes/db.php b/central/trunk/includes/db.php new file mode 100644 index 0000000..b9f275b --- /dev/null +++ b/central/trunk/includes/db.php @@ -0,0 +1,28 @@ + diff --git a/central/trunk/includes/instadisc.php b/central/trunk/includes/instadisc.php new file mode 100644 index 0000000..96f4940 --- /dev/null +++ b/central/trunk/includes/instadisc.php @@ -0,0 +1,400 @@ += intval(instaDisc_getConfig('verIDBufferSize'))) + { + $delverid = "DELETE FROM oldVerID WHERE username = \"" . mysql_real_escape_string($username) . "\""; + $delverid2 = mysql_query($delverid); + } + + $insverid = "INSERT INTO oldVerID (username, verID) VALUES (\"" . mysql_real_escape_string($username) . "\", " . $verificationID . ")"; + $insverid2 = mysql_query($insverid); + + if (($table == 'users') && ($getitem3['ip'] != $_SERVER['REMOTE_ADDR'])) + { + $setuser = "UPDATE users SET ip = \"" . $_SERVER['REMOTE_ADDR'] . "\" WHERE id = " . $getitem3['id']; + $setuser2 = mysql_query($setuser); + } + + return true; + } + } + } + + return false; +} + +function instaDisc_sendItem($username, $id) +{ + $getitem = "SELECT * FROM inbox WHERE username = \"" . mysql_real_escape_string($username) . "\" AND itemID = " . $id; + $getitem2 = mysql_query($getitem); + $getitem3 = mysql_fetch_array($getitem2); + if ($getitem3['username'] == $username) + { + $getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($username) . "\""; + $getuser2 = mysql_query($getuser); + $getuser3 = mysql_fetch_array($getuser2); + + $fp = @fsockopen($getuser3['ip'], 1204, $errno, $errstr); + if ($fp) + { + $verID = rand(1,65536); + + $title = str_replace(': ', '__INSTADISC__', $getitem3['title']); + + $out = 'ID: ' . $id . "\r\n"; + $out .= 'Verification: ' . md5($username . ':' . $getuser3['password'] . ':' . $verID) . "\r\n"; + $out .= 'Verification-ID: ' . $verID . "\r\n"; + $out .= 'Subscription: ' . $getitem3['subscription'] . "\r\n"; + $out .= 'Title: ' . $title . "\r\n"; + $out .= 'Author: ' . $getitem3['author'] . "\r\n"; + $out .= 'URL: ' . $getitem3['url'] . "\r\n"; + + $semantics = unserialize($getitem3['semantics']); + foreach ($semantics as $name => $value) + { + $value = str_replace(': ', '__INSTADISC__', $value); + $out .= $name . ': ' . $value . "\r\n"; + } + + if ($getitem3['encryptionID'] != 0) + { + $out .= 'Encryption-ID: ' . $getitem3['encryptionID'] . "\r\n"; + } + + $out .= "\r\n\r\n"; + + fwrite($fp, $out); + fclose($fp); + + return true; + } else { + return false; + } + } +} + +function instaDisc_sendUpdateNotice($softwareVersion) +{ + $username = instaDisc_getConfig('owner'); + $subscription = 'http://fourisland.com/' . $_SERVER['SERVER_NAME'] . '/'; + $title = 'Update your software to ' . $software; + $author = 'Hatkirby'; + $url = 'http://fourisland.com/projects/instadisc/wiki/CentralSoftwareUpdate'; + $semantics = array(); + + instaDisc_addItem($username, $subscription, $title, $author, $url, $semantics); +} + +function instaDisc_sendDatabase($cserver) +{ + $getdb = "SELECT * FROM centralServers"; + $getdb2 = mysql_query($getdb); + $i=0; + while ($getdb3[$i] = mysql_fetch_array($getdb2)) + { + $db[$getdb3[$i]['url']]['code'] = $getdb3[$i]['code']; + $db[$getdb3[$i]['url']]['xmlrpc'] = $getdb3[$i]['xmlrpc']; + $i++; + } + + $cserver2 = $_SERVER['HTTP_HOST']; + $getuk = "SELECT * FROM centralServers WHERE url = \"" . mysql_real_escape_string($cserver2) . "\""; + $getuk2 = mysql_query($getuk); + $getuk3 = mysql_fetch_array($getuk2); + + $verID = rand(1,65536); + + $client = new xmlrpc_client($cserver); + $msg = new xmlrpcmsg("InstaDisc.sendDatabase", array( new xmlrpcval($cserver2, 'string'), + new xmlrpcval(md5($cserver2 . ":" . $getuk3['code'] . ":" . $verID), 'string'), + new xmlrpcval($verID, 'int'), + new xmlrpcval(serialize($db), 'string'), + new xmlrpcval(instaDisc_getConfig('databaseVersion'), 'string'))); + $client->send($msg); +} + +function instaDisc_addItem($username, $subscription, $title, $author, $url, $semantics, $encryptionID) +{ + $getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($username) . "\""; + $getuser2 = mysql_query($getuser); + $getuser3 = mysql_fetch_array($getuser2); + if ($getuser3['username'] == $username) + { + $itemID = $getuser3['nextItemID']; + $setuser = "UPDATE users SET nextItemID = nextItemID+1 WHERE username = \"" . mysql_real_escape_string($username) . "\""; + $setuser2 = mysql_query($setuser); + + $insitem = "INSERT INTO inbox (username, itemID, subscription, title, author, url, semantics, encryptionID) VALUES (\"" . mysql_real_escape_string($username) . "\", " . $itemID . ", \"" . mysql_real_escape_string($subscription) . "\", \"" . mysql_real_escape_string($title) . "\", \"" . mysql_real_escape_string($author) . "\", \"" . mysql_real_escape_string($url) . "\", \"" . mysql_real_escape_string($semantics) . "\"," . $encryptionID . ")"; + $insitem2 = mysql_query($insitem); + + instaDisc_sendItem($username, $itemID); + } +} + +function instaDisc_phpMailer() +{ + $mail = new PHPMailer(); + $mail->IsSMTP(); + $mail->From = 'instadisc@' . instaDisc_getConfig('mailDomain'); + $mail->FromName = 'InstaDisc'; + $mail->Host = instaDisc_getConfig('smtpHost'); + if (instaDisc_getConfig('smtpAuth') == 'true') + { + $mail->SMTPAuth = true; + $mail->Username = instaDisc_getConfig('smtpUser'); + $mail->Password = instaDisc_getConfig('smtpPass'); + } + $mail->Helo = $_SERVER['SERVER_NAME']; + $mail->ClearAddresses(); + + return $mail; +} + +function instaDisc_sendActivationEmail($username, $password, $email) +{ + $penKey = md5(rand(1,65536)); + + $inspending = "INSERT INTO pending (username, password, email, code) VALUES (\"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string(md5($password)) . "\", \"" . mysql_real_escape_string($email) . "\", \"" . mysql_real_escape_string($penKey) . "\")"; + $inspending2 = mysql_query($inspending); + + $mail = instaDisc_phpMailer(); + $mail->AddAddress($email, $username); + $mail->Subject = 'InstaDisc Account Verification'; + $mail->Body = "Hello, someone has recently registered an account at " . $_SERVER['HTTP_HOST'] . " with your email address. If that was you, and your chosen username IS " . $username . ", then copy the account verification code below to our Account Verification page, enter your username and press Activate!\r\n\r\n" . $penKey . "\r\n\r\nIf that was not you, copy the above code to our Account Verification page, enter the above username, and click Delete."; + $mail->Send(); + + return ($mail->IsError() ? $mail->ErrorInfo : true); +} + +function instaDisc_activateAccount($username, $penKey) +{ + $getuser = "SELECT * FROM pending WHERE username = \"" . mysql_real_escape_string($username) . "\" AND code = \"" . mysql_real_escape_string($penKey) . "\""; + $getuser2 = mysql_query($getuser); + $getuser3 = mysql_fetch_array($getuser2); + if ($getuser3['username'] == $username) + { + $insuser = "INSERT INTO users (username, password, email) VALUES (\"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string($getuser3['password']) . "\", \"" . mysql_real_escape_string($getuser3['email']) . "\")"; + $insuser2 = mysql_query($insuser); + + $delpending = "DELETE FROM pending WHERE username = \"" . mysql_real_escape_string($username) . "\""; + $delpending2 = mysql_query($delpending); + + $mail = instaDisc_phpMailer(); + $mail->AddAddress($getuser3['email'], $username); + $mail->Subject = 'Welcome to InstaDisc!'; + $mail->Body = "Welcome to InstaDisc! Thank you for registering at " . instaDisc_getConfig('siteName') . " Central Server, we hope you enjoy our service! Now, when you download an InstaDisc Client, it will ask you for the following information which you will need to enter into it for it to work:\r\n\r\nUsername: " . $username . "\r\nPassword: (you should know this, it's not displayed here for security reasons)\r\nCentral Server URL: " . instaDisc_getConfig("xmlrpcURL") . "\r\n\r\nOnce again, thank you for choosing " . instaDisc_getConfig("siteName") . "!"; + $mail->Send(); + + return ($mail->IsError() ? $mail->ErrorInfo : true); + } else { + return false; + } +} + +function instaDisc_deactivateAccount($username, $penKey) +{ + $getuser = "SELECT * FROM pending WHERE username = \"" . mysql_real_escape_string($username) . "\" AND code = \"" . mysql_real_escape_string($penKey) . "\""; + $getuser2 = mysql_query($getuser); + $getuser3 = mysql_fetch_array($getuser2); + if ($getuser3['username'] == $username) + { + $delpending = "DELETE FROM pending WHERE username = \"" . mysql_real_escape_string($username) . "\""; + $delpending2 = mysql_query($delpending); + + return true; + } else { + return false; + } +} + +function instaDisc_verifyUser($username, $password) +{ + return instaDisc_checkVerification($username, md5($username . ':' . md5($password) . ':0'), 0, 'users', 'username', 'password'); +} + +function instaDisc_deleteAccount($username) +{ + $getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($username) . "\""; + $getuser2 = mysql_query($getuser); + $getuser3 = mysql_fetch_array($getuser2); + if ($getuser3['username'] == $username) + { + $deluser = "DELETE FROM users WHERE username = \"" . mysql_real_escape_string($username) . "\""; + $deluser2 = mysql_query($deluser); + + $delsubs = "DELETE FROM subscriptions WHERE username = \"" . mysql_real_escape_string($username) . "\""; + $delsubs2 = mysql_query($delsubs); + + $delitems = "DELETE FROM inbox WHERE username = \"" . mysql_real_escape_string($username) . "\""; + $delitems2 = mysql_query($delitems); + + return true; + } + + return false; +} + +function instaDisc_getConfig($key) +{ + $getconfig = "SELECT * FROM config WHERE name = \"" . mysql_real_escape_string($key) . "\""; + $getconfig2 = mysql_query($getconfig); + $getconfig3 = mysql_fetch_array($getconfig2); + + return $getconfig3['value']; +} + +function instaDisc_listSubscriptions($username) +{ + $getsubs = "SELECT * FROM subscriptions WHERE username = \"" . mysql_real_escape_string($username) . "\" AND owner = \"true\""; + $getsubs2 = mysql_query($getsubs); + $i=0; + while ($getsubs3[$i] = mysql_fetch_array($getsubs2)) + { + $subs[$i] = $getsubs3[$i]['url']; + + $i++; + } + + $subs['size'] = $i; + return $subs; +} + +function instaDisc_addSubscription($username, $url) +{ + $getcode = "SELECT * FROM pending2 WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\""; + $getcode2 = mysql_query($getcode); + $getcode3 = mysql_fetch_array($getcode2); + if ($getcode3['username'] == $username) + { + $delcode = "DELETE FROM pending2 WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\""; + $delcode2 = mysql_query($delcode); + + $c = curl_init(); + curl_setopt($c, CURLOPT_URL, $url); + curl_setopt($c, CURLOPT_HEADER, false); + curl_setopt($c, CURLOPT_RETURNTRANSFER, true); + $page_data = curl_exec($c); + curl_close($c); + + $headers = split("\n", $page_date); + foreach ($headers as $name => $value) + { + $header = split(": ", $value); + $headerMap[$header[0]] = $header[1]; + } + + if (isset($header['Subscription'])) + { + if (isset($header['Title'])) + { + if (isset($header['Category'])) + { + if (isset($header['Key'])) + { + if ($header['Key'] == $getcode3['code']) + { + $inssub = "INSERT INTO subscriptions (username,url,owner,category) VALUES (\"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string($header['Subscription']) . "\", \"true\", \"" . mysql_real_escape_string($header['Category']) . "\")"; + $inssub2 = mysql_query($inssub); + + return true; + } + } + } + } + } + } + + return false; +} + +function instaDisc_listPendingSubscriptions($username) +{ + $getsubs = "SELECT * FROM pending2 WHERE username = \"" . mysql_real_escape_string($username) . "\""; + $getsubs2 = mysql_query($getsubs); + $i=0; + while ($getsubs3[$i] = mysql_fetch_array($getsubs2)) + { + $subs[$i] = array('url' => $getsubs3[$i]['url'], 'code' => $getsubs3[$i]['code']); + + $i++; + } + + $subs['size'] = $i; + return $subs; +} + +function instaDisc_generateSubscriptionActivation($username, $url) +{ + $getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($username) . "\""; + $getuser2 = mysql_query($getuser); + $getuser3 = mysql_fetch_array($getuser2); + if ($getuser3['username'] == $username) + { + $key = md5(rand(1,65536)); + + $inspending = "INSERT INTO pending2 (username, url, code) VALUES (\"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string($url) . "\", \"" . mysql_real_escape_string($key) . "\")"; + $inspending2 = mysql_query($inspending); + + return $key; + } + + return false; +} + +function instaDisc_deleteSubscription($username, $url) +{ + $getsub = "SELECT * FROM subscriptions WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\")"; + $getsub2 = mysql_query($getsub); + $getsub3 = mysql_fetch_array($getsub2); + if ($getsub3['username'] == $username) + { + $delsub = "DELETE FROM subscriptions WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\")"; + $delsub2 = mysql_query($delsub); + + return true; + } + + return false; +} + +function instaDisc_cancelSubscription($username, $url) +{ + $getsub = "SELECT * FROM pending2 WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\")"; + $getsub2 = mysql_query($getsub); + $getsub3 = mysql_fetch_array($getsub2); + if ($getsub3['username'] == $username) + { + $delsub = "DELETE FROM pending2 WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\")"; + $delsub2 = mysql_query($delsub); + + return true; + } + + return false; +} + +?> diff --git a/central/trunk/includes/template.php b/central/trunk/includes/template.php new file mode 100644 index 0000000..b4ec16b --- /dev/null +++ b/central/trunk/includes/template.php @@ -0,0 +1,160 @@ +file = $tfn; + } else { + throw new Exception($tfn . ' does not exist'); + } + } + + function add($name, $value) + { + $this->tags[$name] = $value; + } + + function adds($tagarr) + { + foreach ($tagarr as $name => $value) + { + $this->add($name,$value); + } + } + + function adds_block($block, $tagarr) + { + if (!isset($this->blocks[$block])) + { + $this->blocks[$block] = array('count' => 1); + } + foreach ($tagarr as $name => $value) + { + $this->blocks[$block][$this->blocks[$block]['count']][$name] = $value; + } + $this->blocks[$block]['count']++; + } + + function add_ref($id, $block, $tagarr) + { + $this->adds_block($block,$tagarr); + $this->refs[$id] = &$this->blocks[$block][$this->blocks[$block]['count']-1];//'$this->blocks[\'' . $block . '\'][' . ($this->blocks[$block]['count']-1) . ']'; + } + + function adds_ref($id, $tagarr) + { + foreach ($tagarr as $name => $value) + { + $this->refs[$id][$name] = $value; + } + } + + function adds_ref_sub($id, $block, $tagarr) + { + if (!isset($this->refs[$id][$block])) + { + $this->refs[$id][$block] = array('count' => 1); + } + foreach ($tagarr as $name => $value) + { + $this->refs[$id][$block][$this->refs[$id][$block]['count']][$name] = $value; + } + $this->refs[$id][$block]['count']++; + } + + function display() + { + $template = file_get_contents($this->file); + while (preg_match('//',$template) == 1) + { + preg_match('//',$template,$mat); + $fname = $mat[1]; + $itmp = new FITemplate($fname); + $template = str_replace('',file_get_contents($itmp->file),$template); + } + if (isset($this->tags)) + { + foreach ($this->tags as $name => $value) + { + $template = str_replace('',$value,$template); + } + } + if (isset($this->blocks)) + { + foreach ($this->blocks as $bname => $block) + { + $this->parseBlock($template, $bname, $block); + } + } + while (preg_match('//',$template) == 1) + { + preg_match('//',$template,$mat); + $bname = $mat[1]; + $start = strpos($template,''); + $end = strpos($template,''); + $template = str_replace(substr($template,$start,$end-$start+strlen($bname)+11),'',$template); + } + $template = preg_replace('//','',$template); + echo($template); + } + + function parseBlock(&$template, $bname, $block) + { + while (strpos($template,'') !== FALSE) + { + $start = strpos($template,''); + $end = strpos($template,''); + $gencont = substr($template,$start+strlen($bname)+13,$end-$start-strlen($bname)-13); + $blockcont = ''; + foreach ($block as $lname => $blocktags) + { + if ($lname != 'count') + { + $scrcont = $gencont; + foreach ($blocktags as $name => $value) + { + if (!is_array($value)) + { + $scrcont = str_replace('',$value,$scrcont); + } else { + $this->parseBlock($scrcont, $bname . '.' . $name, $value); + } + } + $blockcont .= $scrcont; + } + } + $template = str_replace(substr($template,$start,$end-$start+strlen($bname)+11),$blockcont,$template); + } + } + +} + +?> diff --git a/central/trunk/includes/xmlrpc/array_key_exists.php b/central/trunk/includes/xmlrpc/array_key_exists.php new file mode 100644 index 0000000..c5ae519 --- /dev/null +++ b/central/trunk/includes/xmlrpc/array_key_exists.php @@ -0,0 +1,55 @@ + | +// +----------------------------------------------------------------------+ +// +// $Id: array_key_exists.php,v 1.1 2005/07/11 16:34:35 ggiunta Exp $ + + +/** + * Replace array_key_exists() + * + * @category PHP + * @package PHP_Compat + * @link http://php.net/function.array_key_exists + * @author Aidan Lister + * @version $Revision: 1.1 $ + * @since PHP 4.1.0 + * @require PHP 4.0.0 (user_error) + */ +if (!function_exists('array_key_exists')) { + function array_key_exists($key, $search) + { + if (!is_scalar($key)) { + user_error('array_key_exists() The first argument should be either a string or an integer', + E_USER_WARNING); + return false; + } + + if (is_object($search)) { + $search = get_object_vars($search); + } + + if (!is_array($search)) { + user_error('array_key_exists() The second argument should be either an array or an object', + E_USER_WARNING); + return false; + } + + return in_array($key, array_keys($search)); + } +} + +?> \ No newline at end of file diff --git a/central/trunk/includes/xmlrpc/is_a.php b/central/trunk/includes/xmlrpc/is_a.php new file mode 100644 index 0000000..d98db1f --- /dev/null +++ b/central/trunk/includes/xmlrpc/is_a.php @@ -0,0 +1,47 @@ + | +// +----------------------------------------------------------------------+ +// +// $Id: is_a.php,v 1.2 2005/11/21 10:57:23 ggiunta Exp $ + + +/** + * Replace function is_a() + * + * @category PHP + * @package PHP_Compat + * @link http://php.net/function.is_a + * @author Aidan Lister + * @version $Revision: 1.2 $ + * @since PHP 4.2.0 + * @require PHP 4.0.0 (user_error) (is_subclass_of) + */ +if (!function_exists('is_a')) { + function is_a($object, $class) + { + if (!is_object($object)) { + return false; + } + + if (get_class($object) == strtolower($class)) { + return true; + } else { + return is_subclass_of($object, $class); + } + } +} + +?> \ No newline at end of file diff --git a/central/trunk/includes/xmlrpc/is_callable.php b/central/trunk/includes/xmlrpc/is_callable.php new file mode 100644 index 0000000..b769c41 --- /dev/null +++ b/central/trunk/includes/xmlrpc/is_callable.php @@ -0,0 +1,53 @@ + + * @version $Id: is_callable.php,v 1.3 2006/08/21 14:03:15 ggiunta Exp $ + * @since PHP 4.0.6 + * @require PHP 4.0.0 (true, false, etc...) + * @todo add the 3rd parameter syntax... + */ +if (!function_exists('is_callable')) { + function is_callable($var, $syntax_only=false) + { + if ($syntax_only) + { + /* from The Manual: + * If the syntax_only argument is TRUE the function only verifies + * that var might be a function or method. It will only reject simple + * variables that are not strings, or an array that does not have a + * valid structure to be used as a callback. The valid ones are + * supposed to have only 2 entries, the first of which is an object + * or a string, and the second a string + */ + return (is_string($var) || (is_array($var) && count($var) == 2 && is_string(end($var)) && (is_string(reset($var)) || is_object(reset($var))))); + } + else + { + if (is_string($var)) + { + return function_exists($var); + } + else if (is_array($var) && count($var) == 2 && is_string($method = end($var))) + { + $obj = reset($var); + if (is_string($obj)) + { + $methods = get_class_methods($obj); + return (bool)(is_array($methods) && in_array(strtolower($method), $methods)); + } + else if (is_object($obj)) + { + return method_exists($obj, $method); + } + } + return false; + } + } +} + +?> \ No newline at end of file diff --git a/central/trunk/includes/xmlrpc/is_scalar.php b/central/trunk/includes/xmlrpc/is_scalar.php new file mode 100644 index 0000000..c8f2bfc --- /dev/null +++ b/central/trunk/includes/xmlrpc/is_scalar.php @@ -0,0 +1,38 @@ + \ No newline at end of file diff --git a/central/trunk/includes/xmlrpc/var_export.php b/central/trunk/includes/xmlrpc/var_export.php new file mode 100644 index 0000000..3a5ac3f --- /dev/null +++ b/central/trunk/includes/xmlrpc/var_export.php @@ -0,0 +1,105 @@ + | +// +----------------------------------------------------------------------+ +// +// $Id: var_export.php,v 1.2 2005/11/21 10:57:23 ggiunta Exp $ + + +/** + * Replace var_export() + * + * @category PHP + * @package PHP_Compat + * @link http://php.net/function.var_export + * @author Aidan Lister + * @version $Revision: 1.2 $ + * @since PHP 4.2.0 + * @require PHP 4.0.0 (user_error) + */ +if (!function_exists('var_export')) { + function var_export($array, $return = false, $lvl=0) + { + // Common output variables + $indent = ' '; + $doublearrow = ' => '; + $lineend = ",\n"; + $stringdelim = '\''; + + // Check the export isn't a simple string / int + if (is_string($array)) { + $out = $stringdelim . str_replace('\'', '\\\'', str_replace('\\', '\\\\', $array)) . $stringdelim; + } elseif (is_int($array) || is_float($array)) { + $out = (string)$array; + } elseif (is_bool($array)) { + $out = $array ? 'true' : 'false'; + } elseif (is_null($array)) { + $out = 'NULL'; + } elseif (is_resource($array)) { + $out = 'resource'; + } else { + // Begin the array export + // Start the string + $out = "array (\n"; + + // Loop through each value in array + foreach ($array as $key => $value) { + // If the key is a string, delimit it + if (is_string($key)) { + $key = str_replace('\'', '\\\'', str_replace('\\', '\\\\', $key)); + $key = $stringdelim . $key . $stringdelim; + } + + $val = var_export($value, true, $lvl+1); + // Delimit value + /*if (is_array($value)) { + // We have an array, so do some recursion + // Do some basic recursion while increasing the indent + $recur_array = explode($newline, var_export($value, true)); + $temp_array = array(); + foreach ($recur_array as $recur_line) { + $temp_array[] = $indent . $recur_line; + } + $recur_array = implode($newline, $temp_array); + $value = $newline . $recur_array; + } elseif (is_null($value)) { + $value = 'NULL'; + } else { + $value = str_replace($find, $replace, $value); + $value = $stringdelim . $value . $stringdelim; + }*/ + + // Piece together the line + for ($i = 0; $i < $lvl; $i++) + $out .= $indent; + $out .= $key . $doublearrow . $val . $lineend; + } + + // End our string + for ($i = 0; $i < $lvl; $i++) + $out .= $indent; + $out .= ")"; + } + + // Decide method of output + if ($return === true) { + return $out; + } else { + echo $out; + return; + } + } +} +?> \ No newline at end of file diff --git a/central/trunk/includes/xmlrpc/version_compare.php b/central/trunk/includes/xmlrpc/version_compare.php new file mode 100644 index 0000000..fc3abac --- /dev/null +++ b/central/trunk/includes/xmlrpc/version_compare.php @@ -0,0 +1,179 @@ + | +// | Aidan Lister | +// +----------------------------------------------------------------------+ +// +// $Id: version_compare.php,v 1.1 2005/07/11 16:34:36 ggiunta Exp $ + + +/** + * Replace version_compare() + * + * @category PHP + * @package PHP_Compat + * @link http://php.net/function.version_compare + * @author Philippe Jausions + * @author Aidan Lister + * @version $Revision: 1.1 $ + * @since PHP 4.1.0 + * @require PHP 4.0.0 (user_error) + */ +if (!function_exists('version_compare')) { + function version_compare($version1, $version2, $operator = '<') + { + // Check input + if (!is_scalar($version1)) { + user_error('version_compare() expects parameter 1 to be string, ' . + gettype($version1) . ' given', E_USER_WARNING); + return; + } + + if (!is_scalar($version2)) { + user_error('version_compare() expects parameter 2 to be string, ' . + gettype($version2) . ' given', E_USER_WARNING); + return; + } + + if (!is_scalar($operator)) { + user_error('version_compare() expects parameter 3 to be string, ' . + gettype($operator) . ' given', E_USER_WARNING); + return; + } + + // Standardise versions + $v1 = explode('.', + str_replace('..', '.', + preg_replace('/([^0-9\.]+)/', '.$1.', + str_replace(array('-', '_', '+'), '.', + trim($version1))))); + + $v2 = explode('.', + str_replace('..', '.', + preg_replace('/([^0-9\.]+)/', '.$1.', + str_replace(array('-', '_', '+'), '.', + trim($version2))))); + + // Replace empty entries at the start of the array + while (empty($v1[0]) && array_shift($v1)) {} + while (empty($v2[0]) && array_shift($v2)) {} + + // Release state order + // '#' stands for any number + $versions = array( + 'dev' => 0, + 'alpha' => 1, + 'a' => 1, + 'beta' => 2, + 'b' => 2, + 'RC' => 3, + '#' => 4, + 'p' => 5, + 'pl' => 5); + + // Loop through each segment in the version string + $compare = 0; + for ($i = 0, $x = min(count($v1), count($v2)); $i < $x; $i++) { + if ($v1[$i] == $v2[$i]) { + continue; + } + $i1 = $v1[$i]; + $i2 = $v2[$i]; + if (is_numeric($i1) && is_numeric($i2)) { + $compare = ($i1 < $i2) ? -1 : 1; + break; + } + // We use the position of '#' in the versions list + // for numbers... (so take care of # in original string) + if ($i1 == '#') { + $i1 = ''; + } elseif (is_numeric($i1)) { + $i1 = '#'; + } + if ($i2 == '#') { + $i2 = ''; + } elseif (is_numeric($i2)) { + $i2 = '#'; + } + if (isset($versions[$i1]) && isset($versions[$i2])) { + $compare = ($versions[$i1] < $versions[$i2]) ? -1 : 1; + } elseif (isset($versions[$i1])) { + $compare = 1; + } elseif (isset($versions[$i2])) { + $compare = -1; + } else { + $compare = 0; + } + + break; + } + + // If previous loop didn't find anything, compare the "extra" segments + if ($compare == 0) { + if (count($v2) > count($v1)) { + if (isset($versions[$v2[$i]])) { + $compare = ($versions[$v2[$i]] < 4) ? 1 : -1; + } else { + $compare = -1; + } + } elseif (count($v2) < count($v1)) { + if (isset($versions[$v1[$i]])) { + $compare = ($versions[$v1[$i]] < 4) ? -1 : 1; + } else { + $compare = 1; + } + } + } + + // Compare the versions + if (func_num_args() > 2) { + switch ($operator) { + case '>': + case 'gt': + return (bool) ($compare > 0); + break; + case '>=': + case 'ge': + return (bool) ($compare >= 0); + break; + case '<=': + case 'le': + return (bool) ($compare <= 0); + break; + case '==': + case '=': + case 'eq': + return (bool) ($compare == 0); + break; + case '<>': + case '!=': + case 'ne': + return (bool) ($compare != 0); + break; + case '': + case '<': + case 'lt': + return (bool) ($compare < 0); + break; + default: + return; + } + } + + return $compare; + } +} + +?> \ No newline at end of file diff --git a/central/trunk/includes/xmlrpc/xmlrpc.inc b/central/trunk/includes/xmlrpc/xmlrpc.inc new file mode 100644 index 0000000..06c6e44 --- /dev/null +++ b/central/trunk/includes/xmlrpc/xmlrpc.inc @@ -0,0 +1,3705 @@ + +// $Id: xmlrpc.inc,v 1.169 2008/03/06 18:47:24 ggiunta Exp $ + +// Copyright (c) 1999,2000,2002 Edd Dumbill. +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions +// are met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following +// disclaimer in the documentation and/or other materials provided +// with the distribution. +// +// * Neither the name of the "XML-RPC for PHP" nor the names of its +// contributors may be used to endorse or promote products derived +// from this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +// REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +// OF THE POSSIBILITY OF SUCH DAMAGE. + + if(!function_exists('xml_parser_create')) + { + // For PHP 4 onward, XML functionality is always compiled-in on windows: + // no more need to dl-open it. It might have been compiled out on *nix... + if(strtoupper(substr(PHP_OS, 0, 3) != 'WIN')) + { + dl('xml.so'); + } + } + + // Try to be backward compat with php < 4.2 (are we not being nice ?) + $phpversion = phpversion(); + if($phpversion[0] == '4' && $phpversion[2] < 2) + { + // give an opportunity to user to specify where to include other files from + if(!defined('PHP_XMLRPC_COMPAT_DIR')) + { + define('PHP_XMLRPC_COMPAT_DIR',dirname(__FILE__).'/compat/'); + } + if($phpversion[2] == '0') + { + if($phpversion[4] < 6) + { + include(PHP_XMLRPC_COMPAT_DIR.'is_callable.php'); + } + include(PHP_XMLRPC_COMPAT_DIR.'is_scalar.php'); + include(PHP_XMLRPC_COMPAT_DIR.'array_key_exists.php'); + include(PHP_XMLRPC_COMPAT_DIR.'version_compare.php'); + } + include(PHP_XMLRPC_COMPAT_DIR.'var_export.php'); + include(PHP_XMLRPC_COMPAT_DIR.'is_a.php'); + } + + // G. Giunta 2005/01/29: declare global these variables, + // so that xmlrpc.inc will work even if included from within a function + // Milosch: 2005/08/07 - explicitly request these via $GLOBALS where used. + $GLOBALS['xmlrpcI4']='i4'; + $GLOBALS['xmlrpcInt']='int'; + $GLOBALS['xmlrpcBoolean']='boolean'; + $GLOBALS['xmlrpcDouble']='double'; + $GLOBALS['xmlrpcString']='string'; + $GLOBALS['xmlrpcDateTime']='dateTime.iso8601'; + $GLOBALS['xmlrpcBase64']='base64'; + $GLOBALS['xmlrpcArray']='array'; + $GLOBALS['xmlrpcStruct']='struct'; + $GLOBALS['xmlrpcValue']='undefined'; + + $GLOBALS['xmlrpcTypes']=array( + $GLOBALS['xmlrpcI4'] => 1, + $GLOBALS['xmlrpcInt'] => 1, + $GLOBALS['xmlrpcBoolean'] => 1, + $GLOBALS['xmlrpcString'] => 1, + $GLOBALS['xmlrpcDouble'] => 1, + $GLOBALS['xmlrpcDateTime'] => 1, + $GLOBALS['xmlrpcBase64'] => 1, + $GLOBALS['xmlrpcArray'] => 2, + $GLOBALS['xmlrpcStruct'] => 3 + ); + + $GLOBALS['xmlrpc_valid_parents'] = array( + 'VALUE' => array('MEMBER', 'DATA', 'PARAM', 'FAULT'), + 'BOOLEAN' => array('VALUE'), + 'I4' => array('VALUE'), + 'INT' => array('VALUE'), + 'STRING' => array('VALUE'), + 'DOUBLE' => array('VALUE'), + 'DATETIME.ISO8601' => array('VALUE'), + 'BASE64' => array('VALUE'), + 'MEMBER' => array('STRUCT'), + 'NAME' => array('MEMBER'), + 'DATA' => array('ARRAY'), + 'ARRAY' => array('VALUE'), + 'STRUCT' => array('VALUE'), + 'PARAM' => array('PARAMS'), + 'METHODNAME' => array('METHODCALL'), + 'PARAMS' => array('METHODCALL', 'METHODRESPONSE'), + 'FAULT' => array('METHODRESPONSE'), + 'NIL' => array('VALUE') // only used when extension activated + ); + + // define extra types for supporting NULL (useful for json or ) + $GLOBALS['xmlrpcNull']='null'; + $GLOBALS['xmlrpcTypes']['null']=1; + + // Not in use anymore since 2.0. Shall we remove it? + /// @deprecated + $GLOBALS['xmlEntities']=array( + 'amp' => '&', + 'quot' => '"', + 'lt' => '<', + 'gt' => '>', + 'apos' => "'" + ); + + // tables used for transcoding different charsets into us-ascii xml + + $GLOBALS['xml_iso88591_Entities']=array(); + $GLOBALS['xml_iso88591_Entities']['in'] = array(); + $GLOBALS['xml_iso88591_Entities']['out'] = array(); + for ($i = 0; $i < 32; $i++) + { + $GLOBALS['xml_iso88591_Entities']['in'][] = chr($i); + $GLOBALS['xml_iso88591_Entities']['out'][] = '&#'.$i.';'; + } + for ($i = 160; $i < 256; $i++) + { + $GLOBALS['xml_iso88591_Entities']['in'][] = chr($i); + $GLOBALS['xml_iso88591_Entities']['out'][] = '&#'.$i.';'; + } + + /// @todo add to iso table the characters from cp_1252 range, i.e. 128 to 159? + /// These will NOT be present in true ISO-8859-1, but will save the unwary + /// windows user from sending junk (though no luck when reciving them...) + /* + $GLOBALS['xml_cp1252_Entities']=array(); + for ($i = 128; $i < 160; $i++) + { + $GLOBALS['xml_cp1252_Entities']['in'][] = chr($i); + } + $GLOBALS['xml_cp1252_Entities']['out'] = array( + '€', '?', '‚', 'ƒ', + '„', '…', '†', '‡', + 'ˆ', '‰', 'Š', '‹', + 'Œ', '?', 'Ž', '?', + '?', '‘', '’', '“', + '”', '•', '–', '—', + '˜', '™', 'š', '›', + 'œ', '?', 'ž', 'Ÿ' + ); + */ + + $GLOBALS['xmlrpcerr'] = array( + 'unknown_method'=>1, + 'invalid_return'=>2, + 'incorrect_params'=>3, + 'introspect_unknown'=>4, + 'http_error'=>5, + 'no_data'=>6, + 'no_ssl'=>7, + 'curl_fail'=>8, + 'invalid_request'=>15, + 'no_curl'=>16, + 'server_error'=>17, + 'multicall_error'=>18, + 'multicall_notstruct'=>9, + 'multicall_nomethod'=>10, + 'multicall_notstring'=>11, + 'multicall_recursion'=>12, + 'multicall_noparams'=>13, + 'multicall_notarray'=>14, + + 'cannot_decompress'=>103, + 'decompress_fail'=>104, + 'dechunk_fail'=>105, + 'server_cannot_decompress'=>106, + 'server_decompress_fail'=>107 + ); + + $GLOBALS['xmlrpcstr'] = array( + 'unknown_method'=>'Unknown method', + 'invalid_return'=>'Invalid return payload: enable debugging to examine incoming payload', + 'incorrect_params'=>'Incorrect parameters passed to method', + 'introspect_unknown'=>"Can't introspect: method unknown", + 'http_error'=>"Didn't receive 200 OK from remote server.", + 'no_data'=>'No data received from server.', + 'no_ssl'=>'No SSL support compiled in.', + 'curl_fail'=>'CURL error', + 'invalid_request'=>'Invalid request payload', + 'no_curl'=>'No CURL support compiled in.', + 'server_error'=>'Internal server error', + 'multicall_error'=>'Received from server invalid multicall response', + 'multicall_notstruct'=>'system.multicall expected struct', + 'multicall_nomethod'=>'missing methodName', + 'multicall_notstring'=>'methodName is not a string', + 'multicall_recursion'=>'recursive system.multicall forbidden', + 'multicall_noparams'=>'missing params', + 'multicall_notarray'=>'params is not an array', + + 'cannot_decompress'=>'Received from server compressed HTTP and cannot decompress', + 'decompress_fail'=>'Received from server invalid compressed HTTP', + 'dechunk_fail'=>'Received from server invalid chunked HTTP', + 'server_cannot_decompress'=>'Received from client compressed HTTP request and cannot decompress', + 'server_decompress_fail'=>'Received from client invalid compressed HTTP request' + ); + + // The charset encoding used by the server for received messages and + // by the client for received responses when received charset cannot be determined + // or is not supported + $GLOBALS['xmlrpc_defencoding']='UTF-8'; + + // The encoding used internally by PHP. + // String values received as xml will be converted to this, and php strings will be converted to xml + // as if having been coded with this + $GLOBALS['xmlrpc_internalencoding']='ISO-8859-1'; + + $GLOBALS['xmlrpcName']='XML-RPC for PHP'; + $GLOBALS['xmlrpcVersion']='2.2.1'; + + // let user errors start at 800 + $GLOBALS['xmlrpcerruser']=800; + // let XML parse errors start at 100 + $GLOBALS['xmlrpcerrxml']=100; + + // formulate backslashes for escaping regexp + // Not in use anymore since 2.0. Shall we remove it? + /// @deprecated + $GLOBALS['xmlrpc_backslash']=chr(92).chr(92); + + // set to TRUE to enable correct decoding of values + $GLOBALS['xmlrpc_null_extension']=false; + + // used to store state during parsing + // quick explanation of components: + // ac - used to accumulate values + // isf - used to indicate a parsing fault (2) or xmlrpcresp fault (1) + // isf_reason - used for storing xmlrpcresp fault string + // lv - used to indicate "looking for a value": implements + // the logic to allow values with no types to be strings + // params - used to store parameters in method calls + // method - used to store method name + // stack - array with genealogy of xml elements names: + // used to validate nesting of xmlrpc elements + $GLOBALS['_xh']=null; + + /** + * Convert a string to the correct XML representation in a target charset + * To help correct communication of non-ascii chars inside strings, regardless + * of the charset used when sending requests, parsing them, sending responses + * and parsing responses, an option is to convert all non-ascii chars present in the message + * into their equivalent 'charset entity'. Charset entities enumerated this way + * are independent of the charset encoding used to transmit them, and all XML + * parsers are bound to understand them. + * Note that in the std case we are not sending a charset encoding mime type + * along with http headers, so we are bound by RFC 3023 to emit strict us-ascii. + * + * @todo do a bit of basic benchmarking (strtr vs. str_replace) + * @todo make usage of iconv() or recode_string() or mb_string() where available + */ + function xmlrpc_encode_entitites($data, $src_encoding='', $dest_encoding='') + { + if ($src_encoding == '') + { + // lame, but we know no better... + $src_encoding = $GLOBALS['xmlrpc_internalencoding']; + } + + switch(strtoupper($src_encoding.'_'.$dest_encoding)) + { + case 'ISO-8859-1_': + case 'ISO-8859-1_US-ASCII': + $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); + $escaped_data = str_replace($GLOBALS['xml_iso88591_Entities']['in'], $GLOBALS['xml_iso88591_Entities']['out'], $escaped_data); + break; + case 'ISO-8859-1_UTF-8': + $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); + $escaped_data = utf8_encode($escaped_data); + break; + case 'ISO-8859-1_ISO-8859-1': + case 'US-ASCII_US-ASCII': + case 'US-ASCII_UTF-8': + case 'US-ASCII_': + case 'US-ASCII_ISO-8859-1': + case 'UTF-8_UTF-8': + //case 'CP1252_CP1252': + $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); + break; + case 'UTF-8_': + case 'UTF-8_US-ASCII': + case 'UTF-8_ISO-8859-1': + // NB: this will choke on invalid UTF-8, going most likely beyond EOF + $escaped_data = ''; + // be kind to users creating string xmlrpcvals out of different php types + $data = (string) $data; + $ns = strlen ($data); + for ($nn = 0; $nn < $ns; $nn++) + { + $ch = $data[$nn]; + $ii = ord($ch); + //1 7 0bbbbbbb (127) + if ($ii < 128) + { + /// @todo shall we replace this with a (supposedly) faster str_replace? + switch($ii){ + case 34: + $escaped_data .= '"'; + break; + case 38: + $escaped_data .= '&'; + break; + case 39: + $escaped_data .= '''; + break; + case 60: + $escaped_data .= '<'; + break; + case 62: + $escaped_data .= '>'; + break; + default: + $escaped_data .= $ch; + } // switch + } + //2 11 110bbbbb 10bbbbbb (2047) + else if ($ii>>5 == 6) + { + $b1 = ($ii & 31); + $ii = ord($data[$nn+1]); + $b2 = ($ii & 63); + $ii = ($b1 * 64) + $b2; + $ent = sprintf ('&#%d;', $ii); + $escaped_data .= $ent; + $nn += 1; + } + //3 16 1110bbbb 10bbbbbb 10bbbbbb + else if ($ii>>4 == 14) + { + $b1 = ($ii & 31); + $ii = ord($data[$nn+1]); + $b2 = ($ii & 63); + $ii = ord($data[$nn+2]); + $b3 = ($ii & 63); + $ii = ((($b1 * 64) + $b2) * 64) + $b3; + $ent = sprintf ('&#%d;', $ii); + $escaped_data .= $ent; + $nn += 2; + } + //4 21 11110bbb 10bbbbbb 10bbbbbb 10bbbbbb + else if ($ii>>3 == 30) + { + $b1 = ($ii & 31); + $ii = ord($data[$nn+1]); + $b2 = ($ii & 63); + $ii = ord($data[$nn+2]); + $b3 = ($ii & 63); + $ii = ord($data[$nn+3]); + $b4 = ($ii & 63); + $ii = ((((($b1 * 64) + $b2) * 64) + $b3) * 64) + $b4; + $ent = sprintf ('&#%d;', $ii); + $escaped_data .= $ent; + $nn += 3; + } + } + break; +/* + case 'CP1252_': + case 'CP1252_US-ASCII': + $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); + $escaped_data = str_replace($GLOBALS['xml_iso88591_Entities']['in'], $GLOBALS['xml_iso88591_Entities']['out'], $escaped_data); + $escaped_data = str_replace($GLOBALS['xml_cp1252_Entities']['in'], $GLOBALS['xml_cp1252_Entities']['out'], $escaped_data); + break; + case 'CP1252_UTF-8': + $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); + /// @todo we could use real UTF8 chars here instead of xml entities... (note that utf_8 encode all allone will NOT convert them) + $escaped_data = str_replace($GLOBALS['xml_cp1252_Entities']['in'], $GLOBALS['xml_cp1252_Entities']['out'], $escaped_data); + $escaped_data = utf8_encode($escaped_data); + break; + case 'CP1252_ISO-8859-1': + $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); + // we might as well replave all funky chars with a '?' here, but we are kind and leave it to the receiving application layer to decide what to do with these weird entities... + $escaped_data = str_replace($GLOBALS['xml_cp1252_Entities']['in'], $GLOBALS['xml_cp1252_Entities']['out'], $escaped_data); + break; +*/ + default: + $escaped_data = ''; + error_log("Converting from $src_encoding to $dest_encoding: not supported..."); + } + return $escaped_data; + } + + /// xml parser handler function for opening element tags + function xmlrpc_se($parser, $name, $attrs, $accept_single_vals=false) + { + // if invalid xmlrpc already detected, skip all processing + if ($GLOBALS['_xh']['isf'] < 2) + { + // check for correct element nesting + // top level element can only be of 2 types + /// @todo optimization creep: save this check into a bool variable, instead of using count() every time: + /// there is only a single top level element in xml anyway + if (count($GLOBALS['_xh']['stack']) == 0) + { + if ($name != 'METHODRESPONSE' && $name != 'METHODCALL' && ( + $name != 'VALUE' && !$accept_single_vals)) + { + $GLOBALS['_xh']['isf'] = 2; + $GLOBALS['_xh']['isf_reason'] = 'missing top level xmlrpc element'; + return; + } + else + { + $GLOBALS['_xh']['rt'] = strtolower($name); + } + } + else + { + // not top level element: see if parent is OK + $parent = end($GLOBALS['_xh']['stack']); + if (!array_key_exists($name, $GLOBALS['xmlrpc_valid_parents']) || !in_array($parent, $GLOBALS['xmlrpc_valid_parents'][$name])) + { + $GLOBALS['_xh']['isf'] = 2; + $GLOBALS['_xh']['isf_reason'] = "xmlrpc element $name cannot be child of $parent"; + return; + } + } + + switch($name) + { + // optimize for speed switch cases: most common cases first + case 'VALUE': + /// @todo we could check for 2 VALUE elements inside a MEMBER or PARAM element + $GLOBALS['_xh']['vt']='value'; // indicator: no value found yet + $GLOBALS['_xh']['ac']=''; + $GLOBALS['_xh']['lv']=1; + $GLOBALS['_xh']['php_class']=null; + break; + case 'I4': + case 'INT': + case 'STRING': + case 'BOOLEAN': + case 'DOUBLE': + case 'DATETIME.ISO8601': + case 'BASE64': + if ($GLOBALS['_xh']['vt']!='value') + { + //two data elements inside a value: an error occurred! + $GLOBALS['_xh']['isf'] = 2; + $GLOBALS['_xh']['isf_reason'] = "$name element following a {$GLOBALS['_xh']['vt']} element inside a single value"; + return; + } + $GLOBALS['_xh']['ac']=''; // reset the accumulator + break; + case 'STRUCT': + case 'ARRAY': + if ($GLOBALS['_xh']['vt']!='value') + { + //two data elements inside a value: an error occurred! + $GLOBALS['_xh']['isf'] = 2; + $GLOBALS['_xh']['isf_reason'] = "$name element following a {$GLOBALS['_xh']['vt']} element inside a single value"; + return; + } + // create an empty array to hold child values, and push it onto appropriate stack + $cur_val = array(); + $cur_val['values'] = array(); + $cur_val['type'] = $name; + // check for out-of-band information to rebuild php objs + // and in case it is found, save it + if (@isset($attrs['PHP_CLASS'])) + { + $cur_val['php_class'] = $attrs['PHP_CLASS']; + } + $GLOBALS['_xh']['valuestack'][] = $cur_val; + $GLOBALS['_xh']['vt']='data'; // be prepared for a data element next + break; + case 'DATA': + if ($GLOBALS['_xh']['vt']!='data') + { + //two data elements inside a value: an error occurred! + $GLOBALS['_xh']['isf'] = 2; + $GLOBALS['_xh']['isf_reason'] = "found two data elements inside an array element"; + return; + } + case 'METHODCALL': + case 'METHODRESPONSE': + case 'PARAMS': + // valid elements that add little to processing + break; + case 'METHODNAME': + case 'NAME': + /// @todo we could check for 2 NAME elements inside a MEMBER element + $GLOBALS['_xh']['ac']=''; + break; + case 'FAULT': + $GLOBALS['_xh']['isf']=1; + break; + case 'MEMBER': + $GLOBALS['_xh']['valuestack'][count($GLOBALS['_xh']['valuestack'])-1]['name']=''; // set member name to null, in case we do not find in the xml later on + //$GLOBALS['_xh']['ac']=''; + // Drop trough intentionally + case 'PARAM': + // clear value type, so we can check later if no value has been passed for this param/member + $GLOBALS['_xh']['vt']=null; + break; + case 'NIL': + if ($GLOBALS['xmlrpc_null_extension']) + { + if ($GLOBALS['_xh']['vt']!='value') + { + //two data elements inside a value: an error occurred! + $GLOBALS['_xh']['isf'] = 2; + $GLOBALS['_xh']['isf_reason'] = "$name element following a {$GLOBALS['_xh']['vt']} element inside a single value"; + return; + } + $GLOBALS['_xh']['ac']=''; // reset the accumulator + break; + } + // we do not support the extension, so + // drop through intentionally + default: + /// INVALID ELEMENT: RAISE ISF so that it is later recognized!!! + $GLOBALS['_xh']['isf'] = 2; + $GLOBALS['_xh']['isf_reason'] = "found not-xmlrpc xml element $name"; + break; + } + + // Save current element name to stack, to validate nesting + $GLOBALS['_xh']['stack'][] = $name; + + /// @todo optimization creep: move this inside the big switch() above + if($name!='VALUE') + { + $GLOBALS['_xh']['lv']=0; + } + } + } + + /// Used in decoding xml chunks that might represent single xmlrpc values + function xmlrpc_se_any($parser, $name, $attrs) + { + xmlrpc_se($parser, $name, $attrs, true); + } + + /// xml parser handler function for close element tags + function xmlrpc_ee($parser, $name, $rebuild_xmlrpcvals = true) + { + if ($GLOBALS['_xh']['isf'] < 2) + { + // push this element name from stack + // NB: if XML validates, correct opening/closing is guaranteed and + // we do not have to check for $name == $curr_elem. + // we also checked for proper nesting at start of elements... + $curr_elem = array_pop($GLOBALS['_xh']['stack']); + + switch($name) + { + case 'VALUE': + // This if() detects if no scalar was inside + if ($GLOBALS['_xh']['vt']=='value') + { + $GLOBALS['_xh']['value']=$GLOBALS['_xh']['ac']; + $GLOBALS['_xh']['vt']=$GLOBALS['xmlrpcString']; + } + + if ($rebuild_xmlrpcvals) + { + // build the xmlrpc val out of the data received, and substitute it + $temp =& new xmlrpcval($GLOBALS['_xh']['value'], $GLOBALS['_xh']['vt']); + // in case we got info about underlying php class, save it + // in the object we're rebuilding + if (isset($GLOBALS['_xh']['php_class'])) + $temp->_php_class = $GLOBALS['_xh']['php_class']; + // check if we are inside an array or struct: + // if value just built is inside an array, let's move it into array on the stack + $vscount = count($GLOBALS['_xh']['valuestack']); + if ($vscount && $GLOBALS['_xh']['valuestack'][$vscount-1]['type']=='ARRAY') + { + $GLOBALS['_xh']['valuestack'][$vscount-1]['values'][] = $temp; + } + else + { + $GLOBALS['_xh']['value'] = $temp; + } + } + else + { + /// @todo this needs to treat correctly php-serialized objects, + /// since std deserializing is done by php_xmlrpc_decode, + /// which we will not be calling... + if (isset($GLOBALS['_xh']['php_class'])) + { + } + + // check if we are inside an array or struct: + // if value just built is inside an array, let's move it into array on the stack + $vscount = count($GLOBALS['_xh']['valuestack']); + if ($vscount && $GLOBALS['_xh']['valuestack'][$vscount-1]['type']=='ARRAY') + { + $GLOBALS['_xh']['valuestack'][$vscount-1]['values'][] = $GLOBALS['_xh']['value']; + } + } + break; + case 'BOOLEAN': + case 'I4': + case 'INT': + case 'STRING': + case 'DOUBLE': + case 'DATETIME.ISO8601': + case 'BASE64': + $GLOBALS['_xh']['vt']=strtolower($name); + /// @todo: optimization creep - remove the if/elseif cycle below + /// since the case() in which we are already did that + if ($name=='STRING') + { + $GLOBALS['_xh']['value']=$GLOBALS['_xh']['ac']; + } + elseif ($name=='DATETIME.ISO8601') + { + if (!preg_match('/^[0-9]{8}T[0-9]{2}:[0-9]{2}:[0-9]{2}$/', $GLOBALS['_xh']['ac'])) + { + error_log('XML-RPC: invalid value received in DATETIME: '.$GLOBALS['_xh']['ac']); + } + $GLOBALS['_xh']['vt']=$GLOBALS['xmlrpcDateTime']; + $GLOBALS['_xh']['value']=$GLOBALS['_xh']['ac']; + } + elseif ($name=='BASE64') + { + /// @todo check for failure of base64 decoding / catch warnings + $GLOBALS['_xh']['value']=base64_decode($GLOBALS['_xh']['ac']); + } + elseif ($name=='BOOLEAN') + { + // special case here: we translate boolean 1 or 0 into PHP + // constants true or false. + // Strings 'true' and 'false' are accepted, even though the + // spec never mentions them (see eg. Blogger api docs) + // NB: this simple checks helps a lot sanitizing input, ie no + // security problems around here + if ($GLOBALS['_xh']['ac']=='1' || strcasecmp($GLOBALS['_xh']['ac'], 'true') == 0) + { + $GLOBALS['_xh']['value']=true; + } + else + { + // log if receiveing something strange, even though we set the value to false anyway + if ($GLOBALS['_xh']['ac']!='0' && strcasecmp($_xh[$parser]['ac'], 'false') != 0) + error_log('XML-RPC: invalid value received in BOOLEAN: '.$GLOBALS['_xh']['ac']); + $GLOBALS['_xh']['value']=false; + } + } + elseif ($name=='DOUBLE') + { + // we have a DOUBLE + // we must check that only 0123456789-. are characters here + // NOTE: regexp could be much stricter than this... + if (!preg_match('/^[+-eE0123456789 \t.]+$/', $GLOBALS['_xh']['ac'])) + { + /// @todo: find a better way of throwing an error than this! + error_log('XML-RPC: non numeric value received in DOUBLE: '.$GLOBALS['_xh']['ac']); + $GLOBALS['_xh']['value']='ERROR_NON_NUMERIC_FOUND'; + } + else + { + // it's ok, add it on + $GLOBALS['_xh']['value']=(double)$GLOBALS['_xh']['ac']; + } + } + else + { + // we have an I4/INT + // we must check that only 0123456789- are characters here + if (!preg_match('/^[+-]?[0123456789 \t]+$/', $GLOBALS['_xh']['ac'])) + { + /// @todo find a better way of throwing an error than this! + error_log('XML-RPC: non numeric value received in INT: '.$GLOBALS['_xh']['ac']); + $GLOBALS['_xh']['value']='ERROR_NON_NUMERIC_FOUND'; + } + else + { + // it's ok, add it on + $GLOBALS['_xh']['value']=(int)$GLOBALS['_xh']['ac']; + } + } + //$GLOBALS['_xh']['ac']=''; // is this necessary? + $GLOBALS['_xh']['lv']=3; // indicate we've found a value + break; + case 'NAME': + $GLOBALS['_xh']['valuestack'][count($GLOBALS['_xh']['valuestack'])-1]['name'] = $GLOBALS['_xh']['ac']; + break; + case 'MEMBER': + //$GLOBALS['_xh']['ac']=''; // is this necessary? + // add to array in the stack the last element built, + // unless no VALUE was found + if ($GLOBALS['_xh']['vt']) + { + $vscount = count($GLOBALS['_xh']['valuestack']); + $GLOBALS['_xh']['valuestack'][$vscount-1]['values'][$GLOBALS['_xh']['valuestack'][$vscount-1]['name']] = $GLOBALS['_xh']['value']; + } else + error_log('XML-RPC: missing VALUE inside STRUCT in received xml'); + break; + case 'DATA': + //$GLOBALS['_xh']['ac']=''; // is this necessary? + $GLOBALS['_xh']['vt']=null; // reset this to check for 2 data elements in a row - even if they're empty + break; + case 'STRUCT': + case 'ARRAY': + // fetch out of stack array of values, and promote it to current value + $curr_val = array_pop($GLOBALS['_xh']['valuestack']); + $GLOBALS['_xh']['value'] = $curr_val['values']; + $GLOBALS['_xh']['vt']=strtolower($name); + if (isset($curr_val['php_class'])) + { + $GLOBALS['_xh']['php_class'] = $curr_val['php_class']; + } + break; + case 'PARAM': + // add to array of params the current value, + // unless no VALUE was found + if ($GLOBALS['_xh']['vt']) + { + $GLOBALS['_xh']['params'][]=$GLOBALS['_xh']['value']; + $GLOBALS['_xh']['pt'][]=$GLOBALS['_xh']['vt']; + } + else + error_log('XML-RPC: missing VALUE inside PARAM in received xml'); + break; + case 'METHODNAME': + $GLOBALS['_xh']['method']=preg_replace('/^[\n\r\t ]+/', '', $GLOBALS['_xh']['ac']); + break; + case 'NIL': + if ($GLOBALS['xmlrpc_null_extension']) + { + $GLOBALS['_xh']['vt']='null'; + $GLOBALS['_xh']['value']=null; + $GLOBALS['_xh']['lv']=3; + break; + } + // drop through intentionally if nil extension not enabled + case 'PARAMS': + case 'FAULT': + case 'METHODCALL': + case 'METHORESPONSE': + break; + default: + // End of INVALID ELEMENT! + // shall we add an assert here for unreachable code??? + break; + } + } + } + + /// Used in decoding xmlrpc requests/responses without rebuilding xmlrpc values + function xmlrpc_ee_fast($parser, $name) + { + xmlrpc_ee($parser, $name, false); + } + + /// xml parser handler function for character data + function xmlrpc_cd($parser, $data) + { + // skip processing if xml fault already detected + if ($GLOBALS['_xh']['isf'] < 2) + { + // "lookforvalue==3" means that we've found an entire value + // and should discard any further character data + if($GLOBALS['_xh']['lv']!=3) + { + // G. Giunta 2006-08-23: useless change of 'lv' from 1 to 2 + //if($GLOBALS['_xh']['lv']==1) + //{ + // if we've found text and we're just in a then + // say we've found a value + //$GLOBALS['_xh']['lv']=2; + //} + // we always initialize the accumulator before starting parsing, anyway... + //if(!@isset($GLOBALS['_xh']['ac'])) + //{ + // $GLOBALS['_xh']['ac'] = ''; + //} + $GLOBALS['_xh']['ac'].=$data; + } + } + } + + /// xml parser handler function for 'other stuff', ie. not char data or + /// element start/end tag. In fact it only gets called on unknown entities... + function xmlrpc_dh($parser, $data) + { + // skip processing if xml fault already detected + if ($GLOBALS['_xh']['isf'] < 2) + { + if(substr($data, 0, 1) == '&' && substr($data, -1, 1) == ';') + { + // G. Giunta 2006-08-25: useless change of 'lv' from 1 to 2 + //if($GLOBALS['_xh']['lv']==1) + //{ + // $GLOBALS['_xh']['lv']=2; + //} + $GLOBALS['_xh']['ac'].=$data; + } + } + return true; + } + + class xmlrpc_client + { + var $path; + var $server; + var $port=0; + var $method='http'; + var $errno; + var $errstr; + var $debug=0; + var $username=''; + var $password=''; + var $authtype=1; + var $cert=''; + var $certpass=''; + var $cacert=''; + var $cacertdir=''; + var $key=''; + var $keypass=''; + var $verifypeer=true; + var $verifyhost=1; + var $no_multicall=false; + var $proxy=''; + var $proxyport=0; + var $proxy_user=''; + var $proxy_pass=''; + var $proxy_authtype=1; + var $cookies=array(); + /** + * List of http compression methods accepted by the client for responses. + * NB: PHP supports deflate, gzip compressions out of the box if compiled w. zlib + * + * NNB: you can set it to any non-empty array for HTTP11 and HTTPS, since + * in those cases it will be up to CURL to decide the compression methods + * it supports. You might check for the presence of 'zlib' in the output of + * curl_version() to determine wheter compression is supported or not + */ + var $accepted_compression = array(); + /** + * Name of compression scheme to be used for sending requests. + * Either null, gzip or deflate + */ + var $request_compression = ''; + /** + * CURL handle: used for keep-alive connections (PHP 4.3.8 up, see: + * http://curl.haxx.se/docs/faq.html#7.3) + */ + var $xmlrpc_curl_handle = null; + /// Wheter to use persistent connections for http 1.1 and https + var $keepalive = false; + /// Charset encodings that can be decoded without problems by the client + var $accepted_charset_encodings = array(); + /// Charset encoding to be used in serializing request. NULL = use ASCII + var $request_charset_encoding = ''; + /** + * Decides the content of xmlrpcresp objects returned by calls to send() + * valid strings are 'xmlrpcvals', 'phpvals' or 'xml' + */ + var $return_type = 'xmlrpcvals'; + + /** + * @param string $path either the complete server URL or the PATH part of the xmlrc server URL, e.g. /xmlrpc/server.php + * @param string $server the server name / ip address + * @param integer $port the port the server is listening on, defaults to 80 or 443 depending on protocol used + * @param string $method the http protocol variant: defaults to 'http', 'https' and 'http11' can be used if CURL is installed + */ + function xmlrpc_client($path, $server='', $port='', $method='') + { + // allow user to specify all params in $path + if($server == '' and $port == '' and $method == '') + { + $parts = parse_url($path); + $server = $parts['host']; + $path = isset($parts['path']) ? $parts['path'] : ''; + if(isset($parts['query'])) + { + $path .= '?'.$parts['query']; + } + if(isset($parts['fragment'])) + { + $path .= '#'.$parts['fragment']; + } + if(isset($parts['port'])) + { + $port = $parts['port']; + } + if(isset($parts['scheme'])) + { + $method = $parts['scheme']; + } + if(isset($parts['user'])) + { + $this->username = $parts['user']; + } + if(isset($parts['pass'])) + { + $this->password = $parts['pass']; + } + } + if($path == '' || $path[0] != '/') + { + $this->path='/'.$path; + } + else + { + $this->path=$path; + } + $this->server=$server; + if($port != '') + { + $this->port=$port; + } + if($method != '') + { + $this->method=$method; + } + + // if ZLIB is enabled, let the client by default accept compressed responses + if(function_exists('gzinflate') || ( + function_exists('curl_init') && (($info = curl_version()) && + ((is_string($info) && strpos($info, 'zlib') !== null) || isset($info['libz_version']))) + )) + { + $this->accepted_compression = array('gzip', 'deflate'); + } + + // keepalives: enabled by default ONLY for PHP >= 4.3.8 + // (see http://curl.haxx.se/docs/faq.html#7.3) + if(version_compare(phpversion(), '4.3.8') >= 0) + { + $this->keepalive = true; + } + + // by default the xml parser can support these 3 charset encodings + $this->accepted_charset_encodings = array('UTF-8', 'ISO-8859-1', 'US-ASCII'); + } + + /** + * Enables/disables the echoing to screen of the xmlrpc responses received + * @param integer $debug values 0, 1 and 2 are supported (2 = echo sent msg too, before received response) + * @access public + */ + function setDebug($in) + { + $this->debug=$in; + } + + /** + * Add some http BASIC AUTH credentials, used by the client to authenticate + * @param string $u username + * @param string $p password + * @param integer $t auth type. See curl_setopt man page for supported auth types. Defaults to CURLAUTH_BASIC (basic auth) + * @access public + */ + function setCredentials($u, $p, $t=1) + { + $this->username=$u; + $this->password=$p; + $this->authtype=$t; + } + + /** + * Add a client-side https certificate + * @param string $cert + * @param string $certpass + * @access public + */ + function setCertificate($cert, $certpass) + { + $this->cert = $cert; + $this->certpass = $certpass; + } + + /** + * Add a CA certificate to verify server with (see man page about + * CURLOPT_CAINFO for more details + * @param string $cacert certificate file name (or dir holding certificates) + * @param bool $is_dir set to true to indicate cacert is a dir. defaults to false + * @access public + */ + function setCaCertificate($cacert, $is_dir=false) + { + if ($is_dir) + { + $this->cacertdir = $cacert; + } + else + { + $this->cacert = $cacert; + } + } + + /** + * Set attributes for SSL communication: private SSL key + * NB: does not work in older php/curl installs + * Thanks to Daniel Convissor + * @param string $key The name of a file containing a private SSL key + * @param string $keypass The secret password needed to use the private SSL key + * @access public + */ + function setKey($key, $keypass) + { + $this->key = $key; + $this->keypass = $keypass; + } + + /** + * Set attributes for SSL communication: verify server certificate + * @param bool $i enable/disable verification of peer certificate + * @access public + */ + function setSSLVerifyPeer($i) + { + $this->verifypeer = $i; + } + + /** + * Set attributes for SSL communication: verify match of server cert w. hostname + * @param int $i + * @access public + */ + function setSSLVerifyHost($i) + { + $this->verifyhost = $i; + } + + /** + * Set proxy info + * @param string $proxyhost + * @param string $proxyport Defaults to 8080 for HTTP and 443 for HTTPS + * @param string $proxyusername Leave blank if proxy has public access + * @param string $proxypassword Leave blank if proxy has public access + * @param int $proxyauthtype set to constant CURLAUTH_NTLM to use NTLM auth with proxy + * @access public + */ + function setProxy($proxyhost, $proxyport, $proxyusername = '', $proxypassword = '', $proxyauthtype = 1) + { + $this->proxy = $proxyhost; + $this->proxyport = $proxyport; + $this->proxy_user = $proxyusername; + $this->proxy_pass = $proxypassword; + $this->proxy_authtype = $proxyauthtype; + } + + /** + * Enables/disables reception of compressed xmlrpc responses. + * Note that enabling reception of compressed responses merely adds some standard + * http headers to xmlrpc requests. It is up to the xmlrpc server to return + * compressed responses when receiving such requests. + * @param string $compmethod either 'gzip', 'deflate', 'any' or '' + * @access public + */ + function setAcceptedCompression($compmethod) + { + if ($compmethod == 'any') + $this->accepted_compression = array('gzip', 'deflate'); + else + $this->accepted_compression = array($compmethod); + } + + /** + * Enables/disables http compression of xmlrpc request. + * Take care when sending compressed requests: servers might not support them + * (and automatic fallback to uncompressed requests is not yet implemented) + * @param string $compmethod either 'gzip', 'deflate' or '' + * @access public + */ + function setRequestCompression($compmethod) + { + $this->request_compression = $compmethod; + } + + /** + * Adds a cookie to list of cookies that will be sent to server. + * NB: setting any param but name and value will turn the cookie into a 'version 1' cookie: + * do not do it unless you know what you are doing + * @param string $name + * @param string $value + * @param string $path + * @param string $domain + * @param int $port + * @access public + * + * @todo check correctness of urlencoding cookie value (copied from php way of doing it...) + */ + function setCookie($name, $value='', $path='', $domain='', $port=null) + { + $this->cookies[$name]['value'] = urlencode($value); + if ($path || $domain || $port) + { + $this->cookies[$name]['path'] = $path; + $this->cookies[$name]['domain'] = $domain; + $this->cookies[$name]['port'] = $port; + $this->cookies[$name]['version'] = 1; + } + else + { + $this->cookies[$name]['version'] = 0; + } + } + + /** + * Send an xmlrpc request + * @param mixed $msg The message object, or an array of messages for using multicall, or the complete xml representation of a request + * @param integer $timeout Connection timeout, in seconds, If unspecified, a platform specific timeout will apply + * @param string $method if left unspecified, the http protocol chosen during creation of the object will be used + * @return xmlrpcresp + * @access public + */ + function& send($msg, $timeout=0, $method='') + { + // if user deos not specify http protocol, use native method of this client + // (i.e. method set during call to constructor) + if($method == '') + { + $method = $this->method; + } + + if(is_array($msg)) + { + // $msg is an array of xmlrpcmsg's + $r = $this->multicall($msg, $timeout, $method); + return $r; + } + elseif(is_string($msg)) + { + $n =& new xmlrpcmsg(''); + $n->payload = $msg; + $msg = $n; + } + + // where msg is an xmlrpcmsg + $msg->debug=$this->debug; + + if($method == 'https') + { + $r =& $this->sendPayloadHTTPS( + $msg, + $this->server, + $this->port, + $timeout, + $this->username, + $this->password, + $this->authtype, + $this->cert, + $this->certpass, + $this->cacert, + $this->cacertdir, + $this->proxy, + $this->proxyport, + $this->proxy_user, + $this->proxy_pass, + $this->proxy_authtype, + $this->keepalive, + $this->key, + $this->keypass + ); + } + elseif($method == 'http11') + { + $r =& $this->sendPayloadCURL( + $msg, + $this->server, + $this->port, + $timeout, + $this->username, + $this->password, + $this->authtype, + null, + null, + null, + null, + $this->proxy, + $this->proxyport, + $this->proxy_user, + $this->proxy_pass, + $this->proxy_authtype, + 'http', + $this->keepalive + ); + } + else + { + $r =& $this->sendPayloadHTTP10( + $msg, + $this->server, + $this->port, + $timeout, + $this->username, + $this->password, + $this->authtype, + $this->proxy, + $this->proxyport, + $this->proxy_user, + $this->proxy_pass, + $this->proxy_authtype + ); + } + + return $r; + } + + /** + * @access private + */ + function &sendPayloadHTTP10($msg, $server, $port, $timeout=0, + $username='', $password='', $authtype=1, $proxyhost='', + $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1) + { + if($port==0) + { + $port=80; + } + + // Only create the payload if it was not created previously + if(empty($msg->payload)) + { + $msg->createPayload($this->request_charset_encoding); + } + + $payload = $msg->payload; + // Deflate request body and set appropriate request headers + if(function_exists('gzdeflate') && ($this->request_compression == 'gzip' || $this->request_compression == 'deflate')) + { + if($this->request_compression == 'gzip') + { + $a = @gzencode($payload); + if($a) + { + $payload = $a; + $encoding_hdr = "Content-Encoding: gzip\r\n"; + } + } + else + { + $a = @gzcompress($payload); + if($a) + { + $payload = $a; + $encoding_hdr = "Content-Encoding: deflate\r\n"; + } + } + } + else + { + $encoding_hdr = ''; + } + + // thanks to Grant Rauscher for this + $credentials=''; + if($username!='') + { + $credentials='Authorization: Basic ' . base64_encode($username . ':' . $password) . "\r\n"; + if ($authtype != 1) + { + error_log('XML-RPC: xmlrpc_client::send: warning. Only Basic auth is supported with HTTP 1.0'); + } + } + + $accepted_encoding = ''; + if(is_array($this->accepted_compression) && count($this->accepted_compression)) + { + $accepted_encoding = 'Accept-Encoding: ' . implode(', ', $this->accepted_compression) . "\r\n"; + } + + $proxy_credentials = ''; + if($proxyhost) + { + if($proxyport == 0) + { + $proxyport = 8080; + } + $connectserver = $proxyhost; + $connectport = $proxyport; + $uri = 'http://'.$server.':'.$port.$this->path; + if($proxyusername != '') + { + if ($proxyauthtype != 1) + { + error_log('XML-RPC: xmlrpc_client::send: warning. Only Basic auth to proxy is supported with HTTP 1.0'); + } + $proxy_credentials = 'Proxy-Authorization: Basic ' . base64_encode($proxyusername.':'.$proxypassword) . "\r\n"; + } + } + else + { + $connectserver = $server; + $connectport = $port; + $uri = $this->path; + } + + // Cookie generation, as per rfc2965 (version 1 cookies) or + // netscape's rules (version 0 cookies) + $cookieheader=''; + if (count($this->cookies)) + { + $version = ''; + foreach ($this->cookies as $name => $cookie) + { + if ($cookie['version']) + { + $version = ' $Version="' . $cookie['version'] . '";'; + $cookieheader .= ' ' . $name . '="' . $cookie['value'] . '";'; + if ($cookie['path']) + $cookieheader .= ' $Path="' . $cookie['path'] . '";'; + if ($cookie['domain']) + $cookieheader .= ' $Domain="' . $cookie['domain'] . '";'; + if ($cookie['port']) + $cookieheader .= ' $Port="' . $cookie['port'] . '";'; + } + else + { + $cookieheader .= ' ' . $name . '=' . $cookie['value'] . ";"; + } + } + $cookieheader = 'Cookie:' . $version . substr($cookieheader, 0, -1) . "\r\n"; + } + + $op= 'POST ' . $uri. " HTTP/1.0\r\n" . + 'User-Agent: ' . $GLOBALS['xmlrpcName'] . ' ' . $GLOBALS['xmlrpcVersion'] . "\r\n" . + 'Host: '. $server . ':' . $port . "\r\n" . + $credentials . + $proxy_credentials . + $accepted_encoding . + $encoding_hdr . + 'Accept-Charset: ' . implode(',', $this->accepted_charset_encodings) . "\r\n" . + $cookieheader . + 'Content-Type: ' . $msg->content_type . "\r\nContent-Length: " . + strlen($payload) . "\r\n\r\n" . + $payload; + + if($this->debug > 1) + { + print "
\n---SENDING---\n" . htmlentities($op) . "\n---END---\n
"; + // let the client see this now in case http times out... + flush(); + } + + if($timeout>0) + { + $fp=@fsockopen($connectserver, $connectport, $this->errno, $this->errstr, $timeout); + } + else + { + $fp=@fsockopen($connectserver, $connectport, $this->errno, $this->errstr); + } + if($fp) + { + if($timeout>0 && function_exists('stream_set_timeout')) + { + stream_set_timeout($fp, $timeout); + } + } + else + { + $this->errstr='Connect error: '.$this->errstr; + $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['http_error'], $this->errstr . ' (' . $this->errno . ')'); + return $r; + } + + if(!fputs($fp, $op, strlen($op))) + { + $this->errstr='Write error'; + $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['http_error'], $this->errstr); + return $r; + } + else + { + // reset errno and errstr on succesful socket connection + $this->errstr = ''; + } + // G. Giunta 2005/10/24: close socket before parsing. + // should yeld slightly better execution times, and make easier recursive calls (e.g. to follow http redirects) + $ipd=''; + while($data=fread($fp, 32768)) + { + // shall we check for $data === FALSE? + // as per the manual, it signals an error + $ipd.=$data; + } + fclose($fp); + $r =& $msg->parseResponse($ipd, false, $this->return_type); + return $r; + + } + + /** + * @access private + */ + function &sendPayloadHTTPS($msg, $server, $port, $timeout=0, $username='', + $password='', $authtype=1, $cert='',$certpass='', $cacert='', $cacertdir='', + $proxyhost='', $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1, + $keepalive=false, $key='', $keypass='') + { + $r =& $this->sendPayloadCURL($msg, $server, $port, $timeout, $username, + $password, $authtype, $cert, $certpass, $cacert, $cacertdir, $proxyhost, $proxyport, + $proxyusername, $proxypassword, $proxyauthtype, 'https', $keepalive, $key, $keypass); + return $r; + } + + /** + * Contributed by Justin Miller + * Requires curl to be built into PHP + * NB: CURL versions before 7.11.10 cannot use proxy to talk to https servers! + * @access private + */ + function &sendPayloadCURL($msg, $server, $port, $timeout=0, $username='', + $password='', $authtype=1, $cert='', $certpass='', $cacert='', $cacertdir='', + $proxyhost='', $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1, $method='https', + $keepalive=false, $key='', $keypass='') + { + if(!function_exists('curl_init')) + { + $this->errstr='CURL unavailable on this install'; + $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['no_curl'], $GLOBALS['xmlrpcstr']['no_curl']); + return $r; + } + if($method == 'https') + { + if(($info = curl_version()) && + ((is_string($info) && strpos($info, 'OpenSSL') === null) || (is_array($info) && !isset($info['ssl_version'])))) + { + $this->errstr='SSL unavailable on this install'; + $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['no_ssl'], $GLOBALS['xmlrpcstr']['no_ssl']); + return $r; + } + } + + if($port == 0) + { + if($method == 'http') + { + $port = 80; + } + else + { + $port = 443; + } + } + + // Only create the payload if it was not created previously + if(empty($msg->payload)) + { + $msg->createPayload($this->request_charset_encoding); + } + + // Deflate request body and set appropriate request headers + $payload = $msg->payload; + if(function_exists('gzdeflate') && ($this->request_compression == 'gzip' || $this->request_compression == 'deflate')) + { + if($this->request_compression == 'gzip') + { + $a = @gzencode($payload); + if($a) + { + $payload = $a; + $encoding_hdr = 'Content-Encoding: gzip'; + } + } + else + { + $a = @gzcompress($payload); + if($a) + { + $payload = $a; + $encoding_hdr = 'Content-Encoding: deflate'; + } + } + } + else + { + $encoding_hdr = ''; + } + + if($this->debug > 1) + { + print "
\n---SENDING---\n" . htmlentities($payload) . "\n---END---\n
"; + // let the client see this now in case http times out... + flush(); + } + + if(!$keepalive || !$this->xmlrpc_curl_handle) + { + $curl = curl_init($method . '://' . $server . ':' . $port . $this->path); + if($keepalive) + { + $this->xmlrpc_curl_handle = $curl; + } + } + else + { + $curl = $this->xmlrpc_curl_handle; + } + + // results into variable + curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); + + if($this->debug) + { + curl_setopt($curl, CURLOPT_VERBOSE, 1); + } + curl_setopt($curl, CURLOPT_USERAGENT, $GLOBALS['xmlrpcName'].' '.$GLOBALS['xmlrpcVersion']); + // required for XMLRPC: post the data + curl_setopt($curl, CURLOPT_POST, 1); + // the data + curl_setopt($curl, CURLOPT_POSTFIELDS, $payload); + + // return the header too + curl_setopt($curl, CURLOPT_HEADER, 1); + + // will only work with PHP >= 5.0 + // NB: if we set an empty string, CURL will add http header indicating + // ALL methods it is supporting. This is possibly a better option than + // letting the user tell what curl can / cannot do... + if(is_array($this->accepted_compression) && count($this->accepted_compression)) + { + //curl_setopt($curl, CURLOPT_ENCODING, implode(',', $this->accepted_compression)); + // empty string means 'any supported by CURL' (shall we catch errors in case CURLOPT_SSLKEY undefined ?) + if (count($this->accepted_compression) == 1) + { + curl_setopt($curl, CURLOPT_ENCODING, $this->accepted_compression[0]); + } + else + curl_setopt($curl, CURLOPT_ENCODING, ''); + } + // extra headers + $headers = array('Content-Type: ' . $msg->content_type , 'Accept-Charset: ' . implode(',', $this->accepted_charset_encodings)); + // if no keepalive is wanted, let the server know it in advance + if(!$keepalive) + { + $headers[] = 'Connection: close'; + } + // request compression header + if($encoding_hdr) + { + $headers[] = $encoding_hdr; + } + + curl_setopt($curl, CURLOPT_HTTPHEADER, $headers); + // timeout is borked + if($timeout) + { + curl_setopt($curl, CURLOPT_TIMEOUT, $timeout == 1 ? 1 : $timeout - 1); + } + + if($username && $password) + { + curl_setopt($curl, CURLOPT_USERPWD, $username.':'.$password); + if (defined('CURLOPT_HTTPAUTH')) + { + curl_setopt($curl, CURLOPT_HTTPAUTH, $authtype); + } + else if ($authtype != 1) + { + error_log('XML-RPC: xmlrpc_client::send: warning. Only Basic auth is supported by the current PHP/curl install'); + } + } + + if($method == 'https') + { + // set cert file + if($cert) + { + curl_setopt($curl, CURLOPT_SSLCERT, $cert); + } + // set cert password + if($certpass) + { + curl_setopt($curl, CURLOPT_SSLCERTPASSWD, $certpass); + } + // whether to verify remote host's cert + curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, $this->verifypeer); + // set ca certificates file/dir + if($cacert) + { + curl_setopt($curl, CURLOPT_CAINFO, $cacert); + } + if($cacertdir) + { + curl_setopt($curl, CURLOPT_CAPATH, $cacertdir); + } + // set key file (shall we catch errors in case CURLOPT_SSLKEY undefined ?) + if($key) + { + curl_setopt($curl, CURLOPT_SSLKEY, $key); + } + // set key password (shall we catch errors in case CURLOPT_SSLKEY undefined ?) + if($keypass) + { + curl_setopt($curl, CURLOPT_SSLKEYPASSWD, $keypass); + } + // whether to verify cert's common name (CN); 0 for no, 1 to verify that it exists, and 2 to verify that it matches the hostname used + curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, $this->verifyhost); + } + + // proxy info + if($proxyhost) + { + if($proxyport == 0) + { + $proxyport = 8080; // NB: even for HTTPS, local connection is on port 8080 + } + curl_setopt($curl, CURLOPT_PROXY, $proxyhost.':'.$proxyport); + //curl_setopt($curl, CURLOPT_PROXYPORT,$proxyport); + if($proxyusername) + { + curl_setopt($curl, CURLOPT_PROXYUSERPWD, $proxyusername.':'.$proxypassword); + if (defined('CURLOPT_PROXYAUTH')) + { + curl_setopt($curl, CURLOPT_PROXYAUTH, $proxyauthtype); + } + else if ($proxyauthtype != 1) + { + error_log('XML-RPC: xmlrpc_client::send: warning. Only Basic auth to proxy is supported by the current PHP/curl install'); + } + } + } + + // NB: should we build cookie http headers by hand rather than let CURL do it? + // the following code does not honour 'expires', 'path' and 'domain' cookie attributes + // set to client obj the the user... + if (count($this->cookies)) + { + $cookieheader = ''; + foreach ($this->cookies as $name => $cookie) + { + $cookieheader .= $name . '=' . $cookie['value'] . '; '; + } + curl_setopt($curl, CURLOPT_COOKIE, substr($cookieheader, 0, -2)); + } + + $result = curl_exec($curl); + + if ($this->debug > 1) + { + print "
\n---CURL INFO---\n";
+				foreach(curl_getinfo($curl) as $name => $val)
+					 print $name . ': ' . htmlentities($val). "\n";
+				print "---END---\n
"; + } + + if(!$result) /// @todo we should use a better check here - what if we get back '' or '0'? + { + $this->errstr='no response'; + $resp=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['curl_fail'], $GLOBALS['xmlrpcstr']['curl_fail']. ': '. curl_error($curl)); + curl_close($curl); + if($keepalive) + { + $this->xmlrpc_curl_handle = null; + } + } + else + { + if(!$keepalive) + { + curl_close($curl); + } + $resp =& $msg->parseResponse($result, true, $this->return_type); + } + return $resp; + } + + /** + * Send an array of request messages and return an array of responses. + * Unless $this->no_multicall has been set to true, it will try first + * to use one single xmlrpc call to server method system.multicall, and + * revert to sending many successive calls in case of failure. + * This failure is also stored in $this->no_multicall for subsequent calls. + * Unfortunately, there is no server error code universally used to denote + * the fact that multicall is unsupported, so there is no way to reliably + * distinguish between that and a temporary failure. + * If you are sure that server supports multicall and do not want to + * fallback to using many single calls, set the fourth parameter to FALSE. + * + * NB: trying to shoehorn extra functionality into existing syntax has resulted + * in pretty much convoluted code... + * + * @param array $msgs an array of xmlrpcmsg objects + * @param integer $timeout connection timeout (in seconds) + * @param string $method the http protocol variant to be used + * @param boolean fallback When true, upon receiveing an error during multicall, multiple single calls will be attempted + * @return array + * @access public + */ + function multicall($msgs, $timeout=0, $method='', $fallback=true) + { + if ($method == '') + { + $method = $this->method; + } + if(!$this->no_multicall) + { + $results = $this->_try_multicall($msgs, $timeout, $method); + if(is_array($results)) + { + // System.multicall succeeded + return $results; + } + else + { + // either system.multicall is unsupported by server, + // or call failed for some other reason. + if ($fallback) + { + // Don't try it next time... + $this->no_multicall = true; + } + else + { + if (is_a($results, 'xmlrpcresp')) + { + $result = $results; + } + else + { + $result =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['multicall_error'], $GLOBALS['xmlrpcstr']['multicall_error']); + } + } + } + } + else + { + // override fallback, in case careless user tries to do two + // opposite things at the same time + $fallback = true; + } + + $results = array(); + if ($fallback) + { + // system.multicall is (probably) unsupported by server: + // emulate multicall via multiple requests + foreach($msgs as $msg) + { + $results[] =& $this->send($msg, $timeout, $method); + } + } + else + { + // user does NOT want to fallback on many single calls: + // since we should always return an array of responses, + // return an array with the same error repeated n times + foreach($msgs as $msg) + { + $results[] = $result; + } + } + return $results; + } + + /** + * Attempt to boxcar $msgs via system.multicall. + * Returns either an array of xmlrpcreponses, an xmlrpc error response + * or false (when received response does not respect valid multicall syntax) + * @access private + */ + function _try_multicall($msgs, $timeout, $method) + { + // Construct multicall message + $calls = array(); + foreach($msgs as $msg) + { + $call['methodName'] =& new xmlrpcval($msg->method(),'string'); + $numParams = $msg->getNumParams(); + $params = array(); + for($i = 0; $i < $numParams; $i++) + { + $params[$i] = $msg->getParam($i); + } + $call['params'] =& new xmlrpcval($params, 'array'); + $calls[] =& new xmlrpcval($call, 'struct'); + } + $multicall =& new xmlrpcmsg('system.multicall'); + $multicall->addParam(new xmlrpcval($calls, 'array')); + + // Attempt RPC call + $result =& $this->send($multicall, $timeout, $method); + + if($result->faultCode() != 0) + { + // call to system.multicall failed + return $result; + } + + // Unpack responses. + $rets = $result->value(); + + if ($this->return_type == 'xml') + { + return $rets; + } + else if ($this->return_type == 'phpvals') + { + ///@todo test this code branch... + $rets = $result->value(); + if(!is_array($rets)) + { + return false; // bad return type from system.multicall + } + $numRets = count($rets); + if($numRets != count($msgs)) + { + return false; // wrong number of return values. + } + + $response = array(); + for($i = 0; $i < $numRets; $i++) + { + $val = $rets[$i]; + if (!is_array($val)) { + return false; + } + switch(count($val)) + { + case 1: + if(!isset($val[0])) + { + return false; // Bad value + } + // Normal return value + $response[$i] =& new xmlrpcresp($val[0], 0, '', 'phpvals'); + break; + case 2: + /// @todo remove usage of @: it is apparently quite slow + $code = @$val['faultCode']; + if(!is_int($code)) + { + return false; + } + $str = @$val['faultString']; + if(!is_string($str)) + { + return false; + } + $response[$i] =& new xmlrpcresp(0, $code, $str); + break; + default: + return false; + } + } + return $response; + } + else // return type == 'xmlrpcvals' + { + $rets = $result->value(); + if($rets->kindOf() != 'array') + { + return false; // bad return type from system.multicall + } + $numRets = $rets->arraysize(); + if($numRets != count($msgs)) + { + return false; // wrong number of return values. + } + + $response = array(); + for($i = 0; $i < $numRets; $i++) + { + $val = $rets->arraymem($i); + switch($val->kindOf()) + { + case 'array': + if($val->arraysize() != 1) + { + return false; // Bad value + } + // Normal return value + $response[$i] =& new xmlrpcresp($val->arraymem(0)); + break; + case 'struct': + $code = $val->structmem('faultCode'); + if($code->kindOf() != 'scalar' || $code->scalartyp() != 'int') + { + return false; + } + $str = $val->structmem('faultString'); + if($str->kindOf() != 'scalar' || $str->scalartyp() != 'string') + { + return false; + } + $response[$i] =& new xmlrpcresp(0, $code->scalarval(), $str->scalarval()); + break; + default: + return false; + } + } + return $response; + } + } + } // end class xmlrpc_client + + class xmlrpcresp + { + var $val = 0; + var $valtyp; + var $errno = 0; + var $errstr = ''; + var $payload; + var $hdrs = array(); + var $_cookies = array(); + var $content_type = 'text/xml'; + var $raw_data = ''; + + /** + * @param mixed $val either an xmlrpcval obj, a php value or the xml serialization of an xmlrpcval (a string) + * @param integer $fcode set it to anything but 0 to create an error response + * @param string $fstr the error string, in case of an error response + * @param string $valtyp either 'xmlrpcvals', 'phpvals' or 'xml' + * + * @todo add check that $val / $fcode / $fstr is of correct type??? + * NB: as of now we do not do it, since it might be either an xmlrpcval or a plain + * php val, or a complete xml chunk, depending on usage of xmlrpc_client::send() inside which creator is called... + */ + function xmlrpcresp($val, $fcode = 0, $fstr = '', $valtyp='') + { + if($fcode != 0) + { + // error response + $this->errno = $fcode; + $this->errstr = $fstr; + //$this->errstr = htmlspecialchars($fstr); // XXX: encoding probably shouldn't be done here; fix later. + } + else + { + // successful response + $this->val = $val; + if ($valtyp == '') + { + // user did not declare type of response value: try to guess it + if (is_object($this->val) && is_a($this->val, 'xmlrpcval')) + { + $this->valtyp = 'xmlrpcvals'; + } + else if (is_string($this->val)) + { + $this->valtyp = 'xml'; + + } + else + { + $this->valtyp = 'phpvals'; + } + } + else + { + // user declares type of resp value: believe him + $this->valtyp = $valtyp; + } + } + } + + /** + * Returns the error code of the response. + * @return integer the error code of this response (0 for not-error responses) + * @access public + */ + function faultCode() + { + return $this->errno; + } + + /** + * Returns the error code of the response. + * @return string the error string of this response ('' for not-error responses) + * @access public + */ + function faultString() + { + return $this->errstr; + } + + /** + * Returns the value received by the server. + * @return mixed the xmlrpcval object returned by the server. Might be an xml string or php value if the response has been created by specially configured xmlrpc_client objects + * @access public + */ + function value() + { + return $this->val; + } + + /** + * Returns an array with the cookies received from the server. + * Array has the form: $cookiename => array ('value' => $val, $attr1 => $val1, $attr2 = $val2, ...) + * with attributes being e.g. 'expires', 'path', domain'. + * NB: cookies sent as 'expired' by the server (i.e. with an expiry date in the past) + * are still present in the array. It is up to the user-defined code to decide + * how to use the received cookies, and wheter they have to be sent back with the next + * request to the server (using xmlrpc_client::setCookie) or not + * @return array array of cookies received from the server + * @access public + */ + function cookies() + { + return $this->_cookies; + } + + /** + * Returns xml representation of the response. XML prologue not included + * @param string $charset_encoding the charset to be used for serialization. if null, US-ASCII is assumed + * @return string the xml representation of the response + * @access public + */ + function serialize($charset_encoding='') + { + if ($charset_encoding != '') + $this->content_type = 'text/xml; charset=' . $charset_encoding; + else + $this->content_type = 'text/xml'; + $result = "\n"; + if($this->errno) + { + // G. Giunta 2005/2/13: let non-ASCII response messages be tolerated by clients + // by xml-encoding non ascii chars + $result .= "\n" . +"\nfaultCode\n" . $this->errno . +"\n\n\nfaultString\n" . +xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $charset_encoding) . "\n\n" . +"\n\n"; + } + else + { + if(!is_object($this->val) || !is_a($this->val, 'xmlrpcval')) + { + if (is_string($this->val) && $this->valtyp == 'xml') + { + $result .= "\n\n" . + $this->val . + "\n"; + } + else + { + /// @todo try to build something serializable? + die('cannot serialize xmlrpcresp objects whose content is native php values'); + } + } + else + { + $result .= "\n\n" . + $this->val->serialize($charset_encoding) . + "\n"; + } + } + $result .= "\n"; + $this->payload = $result; + return $result; + } + } + + class xmlrpcmsg + { + var $payload; + var $methodname; + var $params=array(); + var $debug=0; + var $content_type = 'text/xml'; + + /** + * @param string $meth the name of the method to invoke + * @param array $pars array of parameters to be paased to the method (xmlrpcval objects) + */ + function xmlrpcmsg($meth, $pars=0) + { + $this->methodname=$meth; + if(is_array($pars) && count($pars)>0) + { + for($i=0; $iaddParam($pars[$i]); + } + } + } + + /** + * @access private + */ + function xml_header($charset_encoding='') + { + if ($charset_encoding != '') + { + return "\n\n"; + } + else + { + return "\n\n"; + } + } + + /** + * @access private + */ + function xml_footer() + { + return ''; + } + + /** + * @access private + */ + function kindOf() + { + return 'msg'; + } + + /** + * @access private + */ + function createPayload($charset_encoding='') + { + if ($charset_encoding != '') + $this->content_type = 'text/xml; charset=' . $charset_encoding; + else + $this->content_type = 'text/xml'; + $this->payload=$this->xml_header($charset_encoding); + $this->payload.='' . $this->methodname . "\n"; + $this->payload.="\n"; + for($i=0; $iparams); $i++) + { + $p=$this->params[$i]; + $this->payload.="\n" . $p->serialize($charset_encoding) . + "\n"; + } + $this->payload.="\n"; + $this->payload.=$this->xml_footer(); + } + + /** + * Gets/sets the xmlrpc method to be invoked + * @param string $meth the method to be set (leave empty not to set it) + * @return string the method that will be invoked + * @access public + */ + function method($meth='') + { + if($meth!='') + { + $this->methodname=$meth; + } + return $this->methodname; + } + + /** + * Returns xml representation of the message. XML prologue included + * @return string the xml representation of the message, xml prologue included + * @access public + */ + function serialize($charset_encoding='') + { + $this->createPayload($charset_encoding); + return $this->payload; + } + + /** + * Add a parameter to the list of parameters to be used upon method invocation + * @param xmlrpcval $par + * @return boolean false on failure + * @access public + */ + function addParam($par) + { + // add check: do not add to self params which are not xmlrpcvals + if(is_object($par) && is_a($par, 'xmlrpcval')) + { + $this->params[]=$par; + return true; + } + else + { + return false; + } + } + + /** + * Returns the nth parameter in the message. The index zero-based. + * @param integer $i the index of the parameter to fetch (zero based) + * @return xmlrpcval the i-th parameter + * @access public + */ + function getParam($i) { return $this->params[$i]; } + + /** + * Returns the number of parameters in the messge. + * @return integer the number of parameters currently set + * @access public + */ + function getNumParams() { return count($this->params); } + + /** + * Given an open file handle, read all data available and parse it as axmlrpc response. + * NB: the file handle is not closed by this function. + * @access public + * @return xmlrpcresp + * @todo add 2nd & 3rd param to be passed to ParseResponse() ??? + */ + function &parseResponseFile($fp) + { + $ipd=''; + while($data=fread($fp, 32768)) + { + $ipd.=$data; + } + //fclose($fp); + $r =& $this->parseResponse($ipd); + return $r; + } + + /** + * Parses HTTP headers and separates them from data. + * @access private + */ + function &parseResponseHeaders(&$data, $headers_processed=false) + { + // Support "web-proxy-tunelling" connections for https through proxies + if(preg_match('/^HTTP\/1\.[0-1] 200 Connection established/', $data)) + { + // Look for CR/LF or simple LF as line separator, + // (even though it is not valid http) + $pos = strpos($data,"\r\n\r\n"); + if($pos || is_int($pos)) + { + $bd = $pos+4; + } + else + { + $pos = strpos($data,"\n\n"); + if($pos || is_int($pos)) + { + $bd = $pos+2; + } + else + { + // No separation between response headers and body: fault? + $bd = 0; + } + } + if ($bd) + { + // this filters out all http headers from proxy. + // maybe we could take them into account, too? + $data = substr($data, $bd); + } + else + { + error_log('XML-RPC: xmlrpcmsg::parseResponse: HTTPS via proxy error, tunnel connection possibly failed'); + $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['http_error'], $GLOBALS['xmlrpcstr']['http_error']. ' (HTTPS via proxy error, tunnel connection possibly failed)'); + return $r; + } + } + + // Strip HTTP 1.1 100 Continue header if present + while(preg_match('/^HTTP\/1\.1 1[0-9]{2} /', $data)) + { + $pos = strpos($data, 'HTTP', 12); + // server sent a Continue header without any (valid) content following... + // give the client a chance to know it + if(!$pos && !is_int($pos)) // works fine in php 3, 4 and 5 + { + break; + } + $data = substr($data, $pos); + } + if(!preg_match('/^HTTP\/[0-9.]+ 200 /', $data)) + { + $errstr= substr($data, 0, strpos($data, "\n")-1); + error_log('XML-RPC: xmlrpcmsg::parseResponse: HTTP error, got response: ' .$errstr); + $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['http_error'], $GLOBALS['xmlrpcstr']['http_error']. ' (' . $errstr . ')'); + return $r; + } + + $GLOBALS['_xh']['headers'] = array(); + $GLOBALS['_xh']['cookies'] = array(); + + // be tolerant to usage of \n instead of \r\n to separate headers and data + // (even though it is not valid http) + $pos = strpos($data,"\r\n\r\n"); + if($pos || is_int($pos)) + { + $bd = $pos+4; + } + else + { + $pos = strpos($data,"\n\n"); + if($pos || is_int($pos)) + { + $bd = $pos+2; + } + else + { + // No separation between response headers and body: fault? + // we could take some action here instead of going on... + $bd = 0; + } + } + // be tolerant to line endings, and extra empty lines + $ar = split("\r?\n", trim(substr($data, 0, $pos))); + while(list(,$line) = @each($ar)) + { + // take care of multi-line headers and cookies + $arr = explode(':',$line,2); + if(count($arr) > 1) + { + $header_name = strtolower(trim($arr[0])); + /// @todo some other headers (the ones that allow a CSV list of values) + /// do allow many values to be passed using multiple header lines. + /// We should add content to $GLOBALS['_xh']['headers'][$header_name] + /// instead of replacing it for those... + if ($header_name == 'set-cookie' || $header_name == 'set-cookie2') + { + if ($header_name == 'set-cookie2') + { + // version 2 cookies: + // there could be many cookies on one line, comma separated + $cookies = explode(',', $arr[1]); + } + else + { + $cookies = array($arr[1]); + } + foreach ($cookies as $cookie) + { + // glue together all received cookies, using a comma to separate them + // (same as php does with getallheaders()) + if (isset($GLOBALS['_xh']['headers'][$header_name])) + $GLOBALS['_xh']['headers'][$header_name] .= ', ' . trim($cookie); + else + $GLOBALS['_xh']['headers'][$header_name] = trim($cookie); + // parse cookie attributes, in case user wants to correctly honour them + // feature creep: only allow rfc-compliant cookie attributes? + // @todo support for server sending multiple time cookie with same name, but using different PATHs + $cookie = explode(';', $cookie); + foreach ($cookie as $pos => $val) + { + $val = explode('=', $val, 2); + $tag = trim($val[0]); + $val = trim(@$val[1]); + /// @todo with version 1 cookies, we should strip leading and trailing " chars + if ($pos == 0) + { + $cookiename = $tag; + $GLOBALS['_xh']['cookies'][$tag] = array(); + $GLOBALS['_xh']['cookies'][$cookiename]['value'] = urldecode($val); + } + else + { + if ($tag != 'value') + { + $GLOBALS['_xh']['cookies'][$cookiename][$tag] = $val; + } + } + } + } + } + else + { + $GLOBALS['_xh']['headers'][$header_name] = trim($arr[1]); + } + } + elseif(isset($header_name)) + { + /// @todo version1 cookies might span multiple lines, thus breaking the parsing above + $GLOBALS['_xh']['headers'][$header_name] .= ' ' . trim($line); + } + } + + $data = substr($data, $bd); + + if($this->debug && count($GLOBALS['_xh']['headers'])) + { + print '
';
+					foreach($GLOBALS['_xh']['headers'] as $header => $value)
+					{
+						print htmlentities("HEADER: $header: $value\n");
+					}
+					foreach($GLOBALS['_xh']['cookies'] as $header => $value)
+					{
+						print htmlentities("COOKIE: $header={$value['value']}\n");
+					}
+					print "
\n"; + } + + // if CURL was used for the call, http headers have been processed, + // and dechunking + reinflating have been carried out + if(!$headers_processed) + { + // Decode chunked encoding sent by http 1.1 servers + if(isset($GLOBALS['_xh']['headers']['transfer-encoding']) && $GLOBALS['_xh']['headers']['transfer-encoding'] == 'chunked') + { + if(!$data = decode_chunked($data)) + { + error_log('XML-RPC: xmlrpcmsg::parseResponse: errors occurred when trying to rebuild the chunked data received from server'); + $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['dechunk_fail'], $GLOBALS['xmlrpcstr']['dechunk_fail']); + return $r; + } + } + + // Decode gzip-compressed stuff + // code shamelessly inspired from nusoap library by Dietrich Ayala + if(isset($GLOBALS['_xh']['headers']['content-encoding'])) + { + $GLOBALS['_xh']['headers']['content-encoding'] = str_replace('x-', '', $GLOBALS['_xh']['headers']['content-encoding']); + if($GLOBALS['_xh']['headers']['content-encoding'] == 'deflate' || $GLOBALS['_xh']['headers']['content-encoding'] == 'gzip') + { + // if decoding works, use it. else assume data wasn't gzencoded + if(function_exists('gzinflate')) + { + if($GLOBALS['_xh']['headers']['content-encoding'] == 'deflate' && $degzdata = @gzuncompress($data)) + { + $data = $degzdata; + if($this->debug) + print "
---INFLATED RESPONSE---[".strlen($data)." chars]---\n" . htmlentities($data) . "\n---END---
"; + } + elseif($GLOBALS['_xh']['headers']['content-encoding'] == 'gzip' && $degzdata = @gzinflate(substr($data, 10))) + { + $data = $degzdata; + if($this->debug) + print "
---INFLATED RESPONSE---[".strlen($data)." chars]---\n" . htmlentities($data) . "\n---END---
"; + } + else + { + error_log('XML-RPC: xmlrpcmsg::parseResponse: errors occurred when trying to decode the deflated data received from server'); + $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['decompress_fail'], $GLOBALS['xmlrpcstr']['decompress_fail']); + return $r; + } + } + else + { + error_log('XML-RPC: xmlrpcmsg::parseResponse: the server sent deflated data. Your php install must have the Zlib extension compiled in to support this.'); + $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['cannot_decompress'], $GLOBALS['xmlrpcstr']['cannot_decompress']); + return $r; + } + } + } + } // end of 'if needed, de-chunk, re-inflate response' + + // real stupid hack to avoid PHP 4 complaining about returning NULL by ref + $r = null; + $r =& $r; + return $r; + } + + /** + * Parse the xmlrpc response contained in the string $data and return an xmlrpcresp object. + * @param string $data the xmlrpc response, eventually including http headers + * @param bool $headers_processed when true prevents parsing HTTP headers for interpretation of content-encoding and consequent decoding + * @param string $return_type decides return type, i.e. content of response->value(). Either 'xmlrpcvals', 'xml' or 'phpvals' + * @return xmlrpcresp + * @access public + */ + function &parseResponse($data='', $headers_processed=false, $return_type='xmlrpcvals') + { + if($this->debug) + { + //by maHo, replaced htmlspecialchars with htmlentities + print "
---GOT---\n" . htmlentities($data) . "\n---END---\n
"; + } + + if($data == '') + { + error_log('XML-RPC: xmlrpcmsg::parseResponse: no response received from server.'); + $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['no_data'], $GLOBALS['xmlrpcstr']['no_data']); + return $r; + } + + $GLOBALS['_xh']=array(); + + $raw_data = $data; + // parse the HTTP headers of the response, if present, and separate them from data + if(substr($data, 0, 4) == 'HTTP') + { + $r =& $this->parseResponseHeaders($data, $headers_processed); + if ($r) + { + // failed processing of HTTP response headers + // save into response obj the full payload received, for debugging + $r->raw_data = $data; + return $r; + } + } + else + { + $GLOBALS['_xh']['headers'] = array(); + $GLOBALS['_xh']['cookies'] = array(); + } + + if($this->debug) + { + $start = strpos($data, '', $start); + $comments = substr($data, $start, $end-$start); + print "
---SERVER DEBUG INFO (DECODED) ---\n\t".htmlentities(str_replace("\n", "\n\t", base64_decode($comments)))."\n---END---\n
"; + } + } + + // be tolerant of extra whitespace in response body + $data = trim($data); + + /// @todo return an error msg if $data=='' ? + + // be tolerant of junk after methodResponse (e.g. javascript ads automatically inserted by free hosts) + // idea from Luca Mariano originally in PEARified version of the lib + $bd = false; + // Poor man's version of strrpos for php 4... + $pos = strpos($data, ''); + while($pos || is_int($pos)) + { + $bd = $pos+17; + $pos = strpos($data, '', $bd); + } + if($bd) + { + $data = substr($data, 0, $bd); + } + + // if user wants back raw xml, give it to him + if ($return_type == 'xml') + { + $r =& new xmlrpcresp($data, 0, '', 'xml'); + $r->hdrs = $GLOBALS['_xh']['headers']; + $r->_cookies = $GLOBALS['_xh']['cookies']; + $r->raw_data = $raw_data; + return $r; + } + + // try to 'guestimate' the character encoding of the received response + $resp_encoding = guess_encoding(@$GLOBALS['_xh']['headers']['content-type'], $data); + + $GLOBALS['_xh']['ac']=''; + //$GLOBALS['_xh']['qt']=''; //unused... + $GLOBALS['_xh']['stack'] = array(); + $GLOBALS['_xh']['valuestack'] = array(); + $GLOBALS['_xh']['isf']=0; // 0 = OK, 1 for xmlrpc fault responses, 2 = invalid xmlrpc + $GLOBALS['_xh']['isf_reason']=''; + $GLOBALS['_xh']['rt']=''; // 'methodcall or 'methodresponse' + + // if response charset encoding is not known / supported, try to use + // the default encoding and parse the xml anyway, but log a warning... + if (!in_array($resp_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) + // the following code might be better for mb_string enabled installs, but + // makes the lib about 200% slower... + //if (!is_valid_charset($resp_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) + { + error_log('XML-RPC: xmlrpcmsg::parseResponse: invalid charset encoding of received response: '.$resp_encoding); + $resp_encoding = $GLOBALS['xmlrpc_defencoding']; + } + $parser = xml_parser_create($resp_encoding); + xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true); + // G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell + // the xml parser to give us back data in the expected charset. + // What if internal encoding is not in one of the 3 allowed? + // we use the broadest one, ie. utf8 + // This allows to send data which is native in various charset, + // by extending xmlrpc_encode_entitites() and setting xmlrpc_internalencoding + if (!in_array($GLOBALS['xmlrpc_internalencoding'], array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) + { + xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, 'UTF-8'); + } + else + { + xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $GLOBALS['xmlrpc_internalencoding']); + } + + if ($return_type == 'phpvals') + { + xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee_fast'); + } + else + { + xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee'); + } + + xml_set_character_data_handler($parser, 'xmlrpc_cd'); + xml_set_default_handler($parser, 'xmlrpc_dh'); + + // first error check: xml not well formed + if(!xml_parse($parser, $data, count($data))) + { + // thanks to Peter Kocks + if((xml_get_current_line_number($parser)) == 1) + { + $errstr = 'XML error at line 1, check URL'; + } + else + { + $errstr = sprintf('XML error: %s at line %d, column %d', + xml_error_string(xml_get_error_code($parser)), + xml_get_current_line_number($parser), xml_get_current_column_number($parser)); + } + error_log($errstr); + $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['invalid_return'], $GLOBALS['xmlrpcstr']['invalid_return'].' ('.$errstr.')'); + xml_parser_free($parser); + if($this->debug) + { + print $errstr; + } + $r->hdrs = $GLOBALS['_xh']['headers']; + $r->_cookies = $GLOBALS['_xh']['cookies']; + $r->raw_data = $raw_data; + return $r; + } + xml_parser_free($parser); + // second error check: xml well formed but not xml-rpc compliant + if ($GLOBALS['_xh']['isf'] > 1) + { + if ($this->debug) + { + /// @todo echo something for user? + } + + $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['invalid_return'], + $GLOBALS['xmlrpcstr']['invalid_return'] . ' ' . $GLOBALS['_xh']['isf_reason']); + } + // third error check: parsing of the response has somehow gone boink. + // NB: shall we omit this check, since we trust the parsing code? + elseif ($return_type == 'xmlrpcvals' && !is_object($GLOBALS['_xh']['value'])) + { + // something odd has happened + // and it's time to generate a client side error + // indicating something odd went on + $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['invalid_return'], + $GLOBALS['xmlrpcstr']['invalid_return']); + } + else + { + if ($this->debug) + { + print "
---PARSED---\n";
+					// somehow htmlentities chokes on var_export, and some full html string...
+					//print htmlentitites(var_export($GLOBALS['_xh']['value'], true));
+					print htmlspecialchars(var_export($GLOBALS['_xh']['value'], true));
+					print "\n---END---
"; + } + + // note that using =& will raise an error if $GLOBALS['_xh']['st'] does not generate an object. + $v =& $GLOBALS['_xh']['value']; + + if($GLOBALS['_xh']['isf']) + { + /// @todo we should test here if server sent an int and a string, + /// and/or coerce them into such... + if ($return_type == 'xmlrpcvals') + { + $errno_v = $v->structmem('faultCode'); + $errstr_v = $v->structmem('faultString'); + $errno = $errno_v->scalarval(); + $errstr = $errstr_v->scalarval(); + } + else + { + $errno = $v['faultCode']; + $errstr = $v['faultString']; + } + + if($errno == 0) + { + // FAULT returned, errno needs to reflect that + $errno = -1; + } + + $r =& new xmlrpcresp(0, $errno, $errstr); + } + else + { + $r=&new xmlrpcresp($v, 0, '', $return_type); + } + } + + $r->hdrs = $GLOBALS['_xh']['headers']; + $r->_cookies = $GLOBALS['_xh']['cookies']; + $r->raw_data = $raw_data; + return $r; + } + } + + class xmlrpcval + { + var $me=array(); + var $mytype=0; + var $_php_class=null; + + /** + * @param mixed $val + * @param string $type any valid xmlrpc type name (lowercase). If null, 'string' is assumed + */ + function xmlrpcval($val=-1, $type='') + { + /// @todo: optimization creep - do not call addXX, do it all inline. + /// downside: booleans will not be coerced anymore + if($val!==-1 || $type!='') + { + // optimization creep: inlined all work done by constructor + switch($type) + { + case '': + $this->mytype=1; + $this->me['string']=$val; + break; + case 'i4': + case 'int': + case 'double': + case 'string': + case 'boolean': + case 'dateTime.iso8601': + case 'base64': + case 'null': + $this->mytype=1; + $this->me[$type]=$val; + break; + case 'array': + $this->mytype=2; + $this->me['array']=$val; + break; + case 'struct': + $this->mytype=3; + $this->me['struct']=$val; + break; + default: + error_log("XML-RPC: xmlrpcval::xmlrpcval: not a known type ($type)"); + } + /*if($type=='') + { + $type='string'; + } + if($GLOBALS['xmlrpcTypes'][$type]==1) + { + $this->addScalar($val,$type); + } + elseif($GLOBALS['xmlrpcTypes'][$type]==2) + { + $this->addArray($val); + } + elseif($GLOBALS['xmlrpcTypes'][$type]==3) + { + $this->addStruct($val); + }*/ + } + } + + /** + * Add a single php value to an (unitialized) xmlrpcval + * @param mixed $val + * @param string $type + * @return int 1 or 0 on failure + */ + function addScalar($val, $type='string') + { + $typeof=@$GLOBALS['xmlrpcTypes'][$type]; + if($typeof!=1) + { + error_log("XML-RPC: xmlrpcval::addScalar: not a scalar type ($type)"); + return 0; + } + + // coerce booleans into correct values + // NB: we should iether do it for datetimes, integers and doubles, too, + // or just plain remove this check, implemnted on booleans only... + if($type==$GLOBALS['xmlrpcBoolean']) + { + if(strcasecmp($val,'true')==0 || $val==1 || ($val==true && strcasecmp($val,'false'))) + { + $val=true; + } + else + { + $val=false; + } + } + + switch($this->mytype) + { + case 1: + error_log('XML-RPC: xmlrpcval::addScalar: scalar xmlrpcval can have only one value'); + return 0; + case 3: + error_log('XML-RPC: xmlrpcval::addScalar: cannot add anonymous scalar to struct xmlrpcval'); + return 0; + case 2: + // we're adding a scalar value to an array here + //$ar=$this->me['array']; + //$ar[]=&new xmlrpcval($val, $type); + //$this->me['array']=$ar; + // Faster (?) avoid all the costly array-copy-by-val done here... + $this->me['array'][]=&new xmlrpcval($val, $type); + return 1; + default: + // a scalar, so set the value and remember we're scalar + $this->me[$type]=$val; + $this->mytype=$typeof; + return 1; + } + } + + /** + * Add an array of xmlrpcval objects to an xmlrpcval + * @param array $vals + * @return int 1 or 0 on failure + * @access public + * + * @todo add some checking for $vals to be an array of xmlrpcvals? + */ + function addArray($vals) + { + if($this->mytype==0) + { + $this->mytype=$GLOBALS['xmlrpcTypes']['array']; + $this->me['array']=$vals; + return 1; + } + elseif($this->mytype==2) + { + // we're adding to an array here + $this->me['array'] = array_merge($this->me['array'], $vals); + return 1; + } + else + { + error_log('XML-RPC: xmlrpcval::addArray: already initialized as a [' . $this->kindOf() . ']'); + return 0; + } + } + + /** + * Add an array of named xmlrpcval objects to an xmlrpcval + * @param array $vals + * @return int 1 or 0 on failure + * @access public + * + * @todo add some checking for $vals to be an array? + */ + function addStruct($vals) + { + if($this->mytype==0) + { + $this->mytype=$GLOBALS['xmlrpcTypes']['struct']; + $this->me['struct']=$vals; + return 1; + } + elseif($this->mytype==3) + { + // we're adding to a struct here + $this->me['struct'] = array_merge($this->me['struct'], $vals); + return 1; + } + else + { + error_log('XML-RPC: xmlrpcval::addStruct: already initialized as a [' . $this->kindOf() . ']'); + return 0; + } + } + + // poor man's version of print_r ??? + // DEPRECATED! + function dump($ar) + { + foreach($ar as $key => $val) + { + echo "$key => $val
"; + if($key == 'array') + { + while(list($key2, $val2) = each($val)) + { + echo "-- $key2 => $val2
"; + } + } + } + } + + /** + * Returns a string containing "struct", "array" or "scalar" describing the base type of the value + * @return string + * @access public + */ + function kindOf() + { + switch($this->mytype) + { + case 3: + return 'struct'; + break; + case 2: + return 'array'; + break; + case 1: + return 'scalar'; + break; + default: + return 'undef'; + } + } + + /** + * @access private + */ + function serializedata($typ, $val, $charset_encoding='') + { + $rs=''; + switch(@$GLOBALS['xmlrpcTypes'][$typ]) + { + case 1: + switch($typ) + { + case $GLOBALS['xmlrpcBase64']: + $rs.="<${typ}>" . base64_encode($val) . ""; + break; + case $GLOBALS['xmlrpcBoolean']: + $rs.="<${typ}>" . ($val ? '1' : '0') . ""; + break; + case $GLOBALS['xmlrpcString']: + // G. Giunta 2005/2/13: do NOT use htmlentities, since + // it will produce named html entities, which are invalid xml + $rs.="<${typ}>" . xmlrpc_encode_entitites($val, $GLOBALS['xmlrpc_internalencoding'], $charset_encoding). ""; + break; + case $GLOBALS['xmlrpcInt']: + case $GLOBALS['xmlrpcI4']: + $rs.="<${typ}>".(int)$val.""; + break; + case $GLOBALS['xmlrpcDouble']: + $rs.="<${typ}>".(double)$val.""; + break; + case $GLOBALS['xmlrpcNull']: + $rs.=""; + break; + default: + // no standard type value should arrive here, but provide a possibility + // for xmlrpcvals of unknown type... + $rs.="<${typ}>${val}"; + } + break; + case 3: + // struct + if ($this->_php_class) + { + $rs.='\n"; + } + else + { + $rs.="\n"; + } + foreach($val as $key2 => $val2) + { + $rs.=''.xmlrpc_encode_entitites($key2, $GLOBALS['xmlrpc_internalencoding'], $charset_encoding)."\n"; + //$rs.=$this->serializeval($val2); + $rs.=$val2->serialize($charset_encoding); + $rs.="\n"; + } + $rs.=''; + break; + case 2: + // array + $rs.="\n\n"; + for($i=0; $iserializeval($val[$i]); + $rs.=$val[$i]->serialize($charset_encoding); + } + $rs.="\n"; + break; + default: + break; + } + return $rs; + } + + /** + * Returns xml representation of the value. XML prologue not included + * @param string $charset_encoding the charset to be used for serialization. if null, US-ASCII is assumed + * @return string + * @access public + */ + function serialize($charset_encoding='') + { + // add check? slower, but helps to avoid recursion in serializing broken xmlrpcvals... + //if (is_object($o) && (get_class($o) == 'xmlrpcval' || is_subclass_of($o, 'xmlrpcval'))) + //{ + reset($this->me); + list($typ, $val) = each($this->me); + return '' . $this->serializedata($typ, $val, $charset_encoding) . "\n"; + //} + } + + // DEPRECATED + function serializeval($o) + { + // add check? slower, but helps to avoid recursion in serializing broken xmlrpcvals... + //if (is_object($o) && (get_class($o) == 'xmlrpcval' || is_subclass_of($o, 'xmlrpcval'))) + //{ + $ar=$o->me; + reset($ar); + list($typ, $val) = each($ar); + return '' . $this->serializedata($typ, $val) . "\n"; + //} + } + + /** + * Checks wheter a struct member with a given name is present. + * Works only on xmlrpcvals of type struct. + * @param string $m the name of the struct member to be looked up + * @return boolean + * @access public + */ + function structmemexists($m) + { + return array_key_exists($m, $this->me['struct']); + } + + /** + * Returns the value of a given struct member (an xmlrpcval object in itself). + * Will raise a php warning if struct member of given name does not exist + * @param string $m the name of the struct member to be looked up + * @return xmlrpcval + * @access public + */ + function structmem($m) + { + return $this->me['struct'][$m]; + } + + /** + * Reset internal pointer for xmlrpcvals of type struct. + * @access public + */ + function structreset() + { + reset($this->me['struct']); + } + + /** + * Return next member element for xmlrpcvals of type struct. + * @return xmlrpcval + * @access public + */ + function structeach() + { + return each($this->me['struct']); + } + + // DEPRECATED! this code looks like it is very fragile and has not been fixed + // for a long long time. Shall we remove it for 2.0? + function getval() + { + // UNSTABLE + reset($this->me); + list($a,$b)=each($this->me); + // contributed by I Sofer, 2001-03-24 + // add support for nested arrays to scalarval + // i've created a new method here, so as to + // preserve back compatibility + + if(is_array($b)) + { + @reset($b); + while(list($id,$cont) = @each($b)) + { + $b[$id] = $cont->scalarval(); + } + } + + // add support for structures directly encoding php objects + if(is_object($b)) + { + $t = get_object_vars($b); + @reset($t); + while(list($id,$cont) = @each($t)) + { + $t[$id] = $cont->scalarval(); + } + @reset($t); + while(list($id,$cont) = @each($t)) + { + @$b->$id = $cont; + } + } + // end contrib + return $b; + } + + /** + * Returns the value of a scalar xmlrpcval + * @return mixed + * @access public + */ + function scalarval() + { + reset($this->me); + list(,$b)=each($this->me); + return $b; + } + + /** + * Returns the type of the xmlrpcval. + * For integers, 'int' is always returned in place of 'i4' + * @return string + * @access public + */ + function scalartyp() + { + reset($this->me); + list($a,)=each($this->me); + if($a==$GLOBALS['xmlrpcI4']) + { + $a=$GLOBALS['xmlrpcInt']; + } + return $a; + } + + /** + * Returns the m-th member of an xmlrpcval of struct type + * @param integer $m the index of the value to be retrieved (zero based) + * @return xmlrpcval + * @access public + */ + function arraymem($m) + { + return $this->me['array'][$m]; + } + + /** + * Returns the number of members in an xmlrpcval of array type + * @return integer + * @access public + */ + function arraysize() + { + return count($this->me['array']); + } + + /** + * Returns the number of members in an xmlrpcval of struct type + * @return integer + * @access public + */ + function structsize() + { + return count($this->me['struct']); + } + } + + + // date helpers + + /** + * Given a timestamp, return the corresponding ISO8601 encoded string. + * + * Really, timezones ought to be supported + * but the XML-RPC spec says: + * + * "Don't assume a timezone. It should be specified by the server in its + * documentation what assumptions it makes about timezones." + * + * These routines always assume localtime unless + * $utc is set to 1, in which case UTC is assumed + * and an adjustment for locale is made when encoding + * + * @param int $timet (timestamp) + * @param int $utc (0 or 1) + * @return string + */ + function iso8601_encode($timet, $utc=0) + { + if(!$utc) + { + $t=strftime("%Y%m%dT%H:%M:%S", $timet); + } + else + { + if(function_exists('gmstrftime')) + { + // gmstrftime doesn't exist in some versions + // of PHP + $t=gmstrftime("%Y%m%dT%H:%M:%S", $timet); + } + else + { + $t=strftime("%Y%m%dT%H:%M:%S", $timet-date('Z')); + } + } + return $t; + } + + /** + * Given an ISO8601 date string, return a timet in the localtime, or UTC + * @param string $idate + * @param int $utc either 0 or 1 + * @return int (datetime) + */ + function iso8601_decode($idate, $utc=0) + { + $t=0; + if(preg_match('/([0-9]{4})([0-9]{2})([0-9]{2})T([0-9]{2}):([0-9]{2}):([0-9]{2})/', $idate, $regs)) + { + if($utc) + { + $t=gmmktime($regs[4], $regs[5], $regs[6], $regs[2], $regs[3], $regs[1]); + } + else + { + $t=mktime($regs[4], $regs[5], $regs[6], $regs[2], $regs[3], $regs[1]); + } + } + return $t; + } + + /** + * Takes an xmlrpc value in PHP xmlrpcval object format and translates it into native PHP types. + * + * Works with xmlrpc message objects as input, too. + * + * Given proper options parameter, can rebuild generic php object instances + * (provided those have been encoded to xmlrpc format using a corresponding + * option in php_xmlrpc_encode()) + * PLEASE NOTE that rebuilding php objects involves calling their constructor function. + * This means that the remote communication end can decide which php code will + * get executed on your server, leaving the door possibly open to 'php-injection' + * style of attacks (provided you have some classes defined on your server that + * might wreak havoc if instances are built outside an appropriate context). + * Make sure you trust the remote server/client before eanbling this! + * + * @author Dan Libby (dan@libby.com) + * + * @param xmlrpcval $xmlrpc_val + * @param array $options if 'decode_php_objs' is set in the options array, xmlrpc structs can be decoded into php objects + * @return mixed + */ + function php_xmlrpc_decode($xmlrpc_val, $options=array()) + { + switch($xmlrpc_val->kindOf()) + { + case 'scalar': + if (in_array('extension_api', $options)) + { + reset($xmlrpc_val->me); + list($typ,$val) = each($xmlrpc_val->me); + switch ($typ) + { + case 'dateTime.iso8601': + $xmlrpc_val->scalar = $val; + $xmlrpc_val->xmlrpc_type = 'datetime'; + $xmlrpc_val->timestamp = iso8601_decode($val); + return $xmlrpc_val; + case 'base64': + $xmlrpc_val->scalar = $val; + $xmlrpc_val->type = $typ; + return $xmlrpc_val; + default: + return $xmlrpc_val->scalarval(); + } + } + return $xmlrpc_val->scalarval(); + case 'array': + $size = $xmlrpc_val->arraysize(); + $arr = array(); + for($i = 0; $i < $size; $i++) + { + $arr[] = php_xmlrpc_decode($xmlrpc_val->arraymem($i), $options); + } + return $arr; + case 'struct': + $xmlrpc_val->structreset(); + // If user said so, try to rebuild php objects for specific struct vals. + /// @todo should we raise a warning for class not found? + // shall we check for proper subclass of xmlrpcval instead of + // presence of _php_class to detect what we can do? + if (in_array('decode_php_objs', $options) && $xmlrpc_val->_php_class != '' + && class_exists($xmlrpc_val->_php_class)) + { + $obj = @new $xmlrpc_val->_php_class; + while(list($key,$value)=$xmlrpc_val->structeach()) + { + $obj->$key = php_xmlrpc_decode($value, $options); + } + return $obj; + } + else + { + $arr = array(); + while(list($key,$value)=$xmlrpc_val->structeach()) + { + $arr[$key] = php_xmlrpc_decode($value, $options); + } + return $arr; + } + case 'msg': + $paramcount = $xmlrpc_val->getNumParams(); + $arr = array(); + for($i = 0; $i < $paramcount; $i++) + { + $arr[] = php_xmlrpc_decode($xmlrpc_val->getParam($i)); + } + return $arr; + } + } + + // This constant left here only for historical reasons... + // it was used to decide if we have to define xmlrpc_encode on our own, but + // we do not do it anymore + if(function_exists('xmlrpc_decode')) + { + define('XMLRPC_EPI_ENABLED','1'); + } + else + { + define('XMLRPC_EPI_ENABLED','0'); + } + + /** + * Takes native php types and encodes them into xmlrpc PHP object format. + * It will not re-encode xmlrpcval objects. + * + * Feature creep -- could support more types via optional type argument + * (string => datetime support has been added, ??? => base64 not yet) + * + * If given a proper options parameter, php object instances will be encoded + * into 'special' xmlrpc values, that can later be decoded into php objects + * by calling php_xmlrpc_decode() with a corresponding option + * + * @author Dan Libby (dan@libby.com) + * + * @param mixed $php_val the value to be converted into an xmlrpcval object + * @param array $options can include 'encode_php_objs', 'auto_dates', 'null_extension' or 'extension_api' + * @return xmlrpcval + */ + function &php_xmlrpc_encode($php_val, $options=array()) + { + $type = gettype($php_val); + switch($type) + { + case 'string': + if (in_array('auto_dates', $options) && preg_match('/^[0-9]{8}T[0-9]{2}:[0-9]{2}:[0-9]{2}$/', $php_val)) + $xmlrpc_val =& new xmlrpcval($php_val, $GLOBALS['xmlrpcDateTime']); + else + $xmlrpc_val =& new xmlrpcval($php_val, $GLOBALS['xmlrpcString']); + break; + case 'integer': + $xmlrpc_val =& new xmlrpcval($php_val, $GLOBALS['xmlrpcInt']); + break; + case 'double': + $xmlrpc_val =& new xmlrpcval($php_val, $GLOBALS['xmlrpcDouble']); + break; + // + // Add support for encoding/decoding of booleans, since they are supported in PHP + case 'boolean': + $xmlrpc_val =& new xmlrpcval($php_val, $GLOBALS['xmlrpcBoolean']); + break; + // + case 'array': + // PHP arrays can be encoded to either xmlrpc structs or arrays, + // depending on wheter they are hashes or plain 0..n integer indexed + // A shorter one-liner would be + // $tmp = array_diff(array_keys($php_val), range(0, count($php_val)-1)); + // but execution time skyrockets! + $j = 0; + $arr = array(); + $ko = false; + foreach($php_val as $key => $val) + { + $arr[$key] =& php_xmlrpc_encode($val, $options); + if(!$ko && $key !== $j) + { + $ko = true; + } + $j++; + } + if($ko) + { + $xmlrpc_val =& new xmlrpcval($arr, $GLOBALS['xmlrpcStruct']); + } + else + { + $xmlrpc_val =& new xmlrpcval($arr, $GLOBALS['xmlrpcArray']); + } + break; + case 'object': + if(is_a($php_val, 'xmlrpcval')) + { + $xmlrpc_val = $php_val; + } + else + { + $arr = array(); + while(list($k,$v) = each($php_val)) + { + $arr[$k] = php_xmlrpc_encode($v, $options); + } + $xmlrpc_val =& new xmlrpcval($arr, $GLOBALS['xmlrpcStruct']); + if (in_array('encode_php_objs', $options)) + { + // let's save original class name into xmlrpcval: + // might be useful later on... + $xmlrpc_val->_php_class = get_class($php_val); + } + } + break; + case 'NULL': + if (in_array('extension_api', $options)) + { + $xmlrpc_val =& new xmlrpcval('', $GLOBALS['xmlrpcString']); + } + if (in_array('null_extension', $options)) + { + $xmlrpc_val =& new xmlrpcval('', $GLOBALS['xmlrpcNull']); + } + else + { + $xmlrpc_val =& new xmlrpcval(); + } + break; + case 'resource': + if (in_array('extension_api', $options)) + { + $xmlrpc_val =& new xmlrpcval((int)$php_val, $GLOBALS['xmlrpcInt']); + } + else + { + $xmlrpc_val =& new xmlrpcval(); + } + // catch "user function", "unknown type" + default: + // giancarlo pinerolo + // it has to return + // an empty object in case, not a boolean. + $xmlrpc_val =& new xmlrpcval(); + break; + } + return $xmlrpc_val; + } + + /** + * Convert the xml representation of a method response, method request or single + * xmlrpc value into the appropriate object (a.k.a. deserialize) + * @param string $xml_val + * @param array $options + * @return mixed false on error, or an instance of either xmlrpcval, xmlrpcmsg or xmlrpcresp + */ + function php_xmlrpc_decode_xml($xml_val, $options=array()) + { + $GLOBALS['_xh'] = array(); + $GLOBALS['_xh']['ac'] = ''; + $GLOBALS['_xh']['stack'] = array(); + $GLOBALS['_xh']['valuestack'] = array(); + $GLOBALS['_xh']['params'] = array(); + $GLOBALS['_xh']['pt'] = array(); + $GLOBALS['_xh']['isf'] = 0; + $GLOBALS['_xh']['isf_reason'] = ''; + $GLOBALS['_xh']['method'] = false; + $GLOBALS['_xh']['rt'] = ''; + /// @todo 'guestimate' encoding + $parser = xml_parser_create(); + xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true); + // What if internal encoding is not in one of the 3 allowed? + // we use the broadest one, ie. utf8! + if (!in_array($GLOBALS['xmlrpc_internalencoding'], array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) + { + xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, 'UTF-8'); + } + else + { + xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $GLOBALS['xmlrpc_internalencoding']); + } + xml_set_element_handler($parser, 'xmlrpc_se_any', 'xmlrpc_ee'); + xml_set_character_data_handler($parser, 'xmlrpc_cd'); + xml_set_default_handler($parser, 'xmlrpc_dh'); + if(!xml_parse($parser, $xml_val, 1)) + { + $errstr = sprintf('XML error: %s at line %d, column %d', + xml_error_string(xml_get_error_code($parser)), + xml_get_current_line_number($parser), xml_get_current_column_number($parser)); + error_log($errstr); + xml_parser_free($parser); + return false; + } + xml_parser_free($parser); + if ($GLOBALS['_xh']['isf'] > 1) // test that $GLOBALS['_xh']['value'] is an obj, too??? + { + error_log($GLOBALS['_xh']['isf_reason']); + return false; + } + switch ($GLOBALS['_xh']['rt']) + { + case 'methodresponse': + $v =& $GLOBALS['_xh']['value']; + if ($GLOBALS['_xh']['isf'] == 1) + { + $vc = $v->structmem('faultCode'); + $vs = $v->structmem('faultString'); + $r =& new xmlrpcresp(0, $vc->scalarval(), $vs->scalarval()); + } + else + { + $r =& new xmlrpcresp($v); + } + return $r; + case 'methodcall': + $m =& new xmlrpcmsg($GLOBALS['_xh']['method']); + for($i=0; $i < count($GLOBALS['_xh']['params']); $i++) + { + $m->addParam($GLOBALS['_xh']['params'][$i]); + } + return $m; + case 'value': + return $GLOBALS['_xh']['value']; + default: + return false; + } + } + + /** + * decode a string that is encoded w/ "chunked" transfer encoding + * as defined in rfc2068 par. 19.4.6 + * code shamelessly stolen from nusoap library by Dietrich Ayala + * + * @param string $buffer the string to be decoded + * @return string + */ + function decode_chunked($buffer) + { + // length := 0 + $length = 0; + $new = ''; + + // read chunk-size, chunk-extension (if any) and crlf + // get the position of the linebreak + $chunkend = strpos($buffer,"\r\n") + 2; + $temp = substr($buffer,0,$chunkend); + $chunk_size = hexdec( trim($temp) ); + $chunkstart = $chunkend; + while($chunk_size > 0) + { + $chunkend = strpos($buffer, "\r\n", $chunkstart + $chunk_size); + + // just in case we got a broken connection + if($chunkend == false) + { + $chunk = substr($buffer,$chunkstart); + // append chunk-data to entity-body + $new .= $chunk; + $length += strlen($chunk); + break; + } + + // read chunk-data and crlf + $chunk = substr($buffer,$chunkstart,$chunkend-$chunkstart); + // append chunk-data to entity-body + $new .= $chunk; + // length := length + chunk-size + $length += strlen($chunk); + // read chunk-size and crlf + $chunkstart = $chunkend + 2; + + $chunkend = strpos($buffer,"\r\n",$chunkstart)+2; + if($chunkend == false) + { + break; //just in case we got a broken connection + } + $temp = substr($buffer,$chunkstart,$chunkend-$chunkstart); + $chunk_size = hexdec( trim($temp) ); + $chunkstart = $chunkend; + } + return $new; + } + + /** + * xml charset encoding guessing helper function. + * Tries to determine the charset encoding of an XML chunk + * received over HTTP. + * NB: according to the spec (RFC 3023, if text/xml content-type is received over HTTP without a content-type, + * we SHOULD assume it is strictly US-ASCII. But we try to be more tolerant of unconforming (legacy?) clients/servers, + * which will be most probably using UTF-8 anyway... + * + * @param string $httpheaders the http Content-type header + * @param string $xmlchunk xml content buffer + * @param string $encoding_prefs comma separated list of character encodings to be used as default (when mb extension is enabled) + * + * @todo explore usage of mb_http_input(): does it detect http headers + post data? if so, use it instead of hand-detection!!! + */ + function guess_encoding($httpheader='', $xmlchunk='', $encoding_prefs=null) + { + // discussion: see http://www.yale.edu/pclt/encoding/ + // 1 - test if encoding is specified in HTTP HEADERS + + //Details: + // LWS: (\13\10)?( |\t)+ + // token: (any char but excluded stuff)+ + // header: Content-type = ...; charset=value(; ...)* + // where value is of type token, no LWS allowed between 'charset' and value + // Note: we do not check for invalid chars in VALUE: + // this had better be done using pure ereg as below + + /// @todo this test will pass if ANY header has charset specification, not only Content-Type. Fix it? + $matches = array(); + if(preg_match('/;\s*charset=([^;]+)/i', $httpheader, $matches)) + { + return strtoupper(trim($matches[1])); + } + + // 2 - scan the first bytes of the data for a UTF-16 (or other) BOM pattern + // (source: http://www.w3.org/TR/2000/REC-xml-20001006) + // NOTE: actually, according to the spec, even if we find the BOM and determine + // an encoding, we should check if there is an encoding specified + // in the xml declaration, and verify if they match. + /// @todo implement check as described above? + /// @todo implement check for first bytes of string even without a BOM? (It sure looks harder than for cases WITH a BOM) + if(preg_match('/^(\x00\x00\xFE\xFF|\xFF\xFE\x00\x00|\x00\x00\xFF\xFE|\xFE\xFF\x00\x00)/', $xmlchunk)) + { + return 'UCS-4'; + } + elseif(preg_match('/^(\xFE\xFF|\xFF\xFE)/', $xmlchunk)) + { + return 'UTF-16'; + } + elseif(preg_match('/^(\xEF\xBB\xBF)/', $xmlchunk)) + { + return 'UTF-8'; + } + + // 3 - test if encoding is specified in the xml declaration + // Details: + // SPACE: (#x20 | #x9 | #xD | #xA)+ === [ \x9\xD\xA]+ + // EQ: SPACE?=SPACE? === [ \x9\xD\xA]*=[ \x9\xD\xA]* + if (preg_match('/^<\?xml\s+version\s*=\s*'. "((?:\"[a-zA-Z0-9_.:-]+\")|(?:'[a-zA-Z0-9_.:-]+'))". + '\s+encoding\s*=\s*' . "((?:\"[A-Za-z][A-Za-z0-9._-]*\")|(?:'[A-Za-z][A-Za-z0-9._-]*'))/", + $xmlchunk, $matches)) + { + return strtoupper(substr($matches[2], 1, -1)); + } + + // 4 - if mbstring is available, let it do the guesswork + // NB: we favour finding an encoding that is compatible with what we can process + if(extension_loaded('mbstring')) + { + if($encoding_prefs) + { + $enc = mb_detect_encoding($xmlchunk, $encoding_prefs); + } + else + { + $enc = mb_detect_encoding($xmlchunk); + } + // NB: mb_detect likes to call it ascii, xml parser likes to call it US_ASCII... + // IANA also likes better US-ASCII, so go with it + if($enc == 'ASCII') + { + $enc = 'US-'.$enc; + } + return $enc; + } + else + { + // no encoding specified: as per HTTP1.1 assume it is iso-8859-1? + // Both RFC 2616 (HTTP 1.1) and 1945(http 1.0) clearly state that for text/xxx content types + // this should be the standard. And we should be getting text/xml as request and response. + // BUT we have to be backward compatible with the lib, which always used UTF-8 as default... + return $GLOBALS['xmlrpc_defencoding']; + } + } + + /** + * Checks if a given charset encoding is present in a list of encodings or + * if it is a valid subset of any encoding in the list + * @param string $encoding charset to be tested + * @param mixed $validlist comma separated list of valid charsets (or array of charsets) + */ + function is_valid_charset($encoding, $validlist) + { + $charset_supersets = array( + 'US-ASCII' => array ('ISO-8859-1', 'ISO-8859-2', 'ISO-8859-3', 'ISO-8859-4', + 'ISO-8859-5', 'ISO-8859-6', 'ISO-8859-7', 'ISO-8859-8', + 'ISO-8859-9', 'ISO-8859-10', 'ISO-8859-11', 'ISO-8859-12', + 'ISO-8859-13', 'ISO-8859-14', 'ISO-8859-15', 'UTF-8', + 'EUC-JP', 'EUC-', 'EUC-KR', 'EUC-CN') + ); + if (is_string($validlist)) + $validlist = explode(',', $validlist); + if (@in_array(strtoupper($encoding), $validlist)) + return true; + else + { + if (array_key_exists($encoding, $charset_supersets)) + foreach ($validlist as $allowed) + if (in_array($allowed, $charset_supersets[$encoding])) + return true; + return false; + } + } + +?> \ No newline at end of file diff --git a/central/trunk/includes/xmlrpc/xmlrpc_wrappers.inc b/central/trunk/includes/xmlrpc/xmlrpc_wrappers.inc new file mode 100644 index 0000000..cd0a56f --- /dev/null +++ b/central/trunk/includes/xmlrpc/xmlrpc_wrappers.inc @@ -0,0 +1,819 @@ +isInternal()) + { + // Note: from PHP 5.1.0 onward, we will possibly be able to use invokeargs + // instead of getparameters to fully reflect internal php functions ? + error_log('XML-RPC: function to be wrapped is internal: '.$funcname); + return false; + } + + // retrieve parameter names, types and description from javadoc comments + + // function description + $desc = ''; + // type of return val: by default 'any' + $returns = $GLOBALS['xmlrpcValue']; + // desc of return val + $returnsDocs = ''; + // type + name of function parameters + $paramDocs = array(); + + $docs = $func->getDocComment(); + if($docs != '') + { + $docs = explode("\n", $docs); + $i = 0; + foreach($docs as $doc) + { + $doc = trim($doc, " \r\t/*"); + if(strlen($doc) && strpos($doc, '@') !== 0 && !$i) + { + if($desc) + { + $desc .= "\n"; + } + $desc .= $doc; + } + elseif(strpos($doc, '@param') === 0) + { + // syntax: @param type [$name] desc + if(preg_match('/@param\s+(\S+)(\s+\$\S+)?\s+(.+)/', $doc, $matches)) + { + if(strpos($matches[1], '|')) + { + //$paramDocs[$i]['type'] = explode('|', $matches[1]); + $paramDocs[$i]['type'] = 'mixed'; + } + else + { + $paramDocs[$i]['type'] = $matches[1]; + } + $paramDocs[$i]['name'] = trim($matches[2]); + $paramDocs[$i]['doc'] = $matches[3]; + } + $i++; + } + elseif(strpos($doc, '@return') === 0) + { + // syntax: @return type desc + //$returns = preg_split('/\s+/', $doc); + if(preg_match('/@return\s+(\S+)\s+(.+)/', $doc, $matches)) + { + $returns = php_2_xmlrpc_type($matches[1]); + if(isset($matches[2])) + { + $returnsDocs = $matches[2]; + } + } + } + } + } + + // execute introspection of actual function prototype + $params = array(); + $i = 0; + foreach($func->getParameters() as $paramobj) + { + $params[$i] = array(); + $params[$i]['name'] = '$'.$paramobj->getName(); + $params[$i]['isoptional'] = $paramobj->isOptional(); + $i++; + } + + + // start building of PHP code to be eval'd + $innercode = ''; + $i = 0; + $parsvariations = array(); + $pars = array(); + $pnum = count($params); + foreach($params as $param) + { + if (isset($paramDocs[$i]['name']) && $paramDocs[$i]['name'] && strtolower($paramDocs[$i]['name']) != strtolower($param['name'])) + { + // param name from phpdoc info does not match param definition! + $paramDocs[$i]['type'] = 'mixed'; + } + + if($param['isoptional']) + { + // this particular parameter is optional. save as valid previous list of parameters + $innercode .= "if (\$paramcount > $i) {\n"; + $parsvariations[] = $pars; + } + $innercode .= "\$p$i = \$msg->getParam($i);\n"; + if ($decode_php_objects) + { + $innercode .= "if (\$p{$i}->kindOf() == 'scalar') \$p$i = \$p{$i}->scalarval(); else \$p$i = php_{$prefix}_decode(\$p$i, array('decode_php_objs'));\n"; + } + else + { + $innercode .= "if (\$p{$i}->kindOf() == 'scalar') \$p$i = \$p{$i}->scalarval(); else \$p$i = php_{$prefix}_decode(\$p$i);\n"; + } + + $pars[] = "\$p$i"; + $i++; + if($param['isoptional']) + { + $innercode .= "}\n"; + } + if($i == $pnum) + { + // last allowed parameters combination + $parsvariations[] = $pars; + } + } + + $sigs = array(); + $psigs = array(); + if(count($parsvariations) == 0) + { + // only known good synopsis = no parameters + $parsvariations[] = array(); + $minpars = 0; + } + else + { + $minpars = count($parsvariations[0]); + } + + if($minpars) + { + // add to code the check for min params number + // NB: this check needs to be done BEFORE decoding param values + $innercode = "\$paramcount = \$msg->getNumParams();\n" . + "if (\$paramcount < $minpars) return new {$prefix}resp(0, {$GLOBALS['xmlrpcerr']['incorrect_params']}, '{$GLOBALS['xmlrpcstr']['incorrect_params']}');\n" . $innercode; + } + else + { + $innercode = "\$paramcount = \$msg->getNumParams();\n" . $innercode; + } + + $innercode .= "\$np = false;\n"; + foreach($parsvariations as $pars) + { + $innercode .= "if (\$paramcount == " . count($pars) . ") \$retval = {$catch_warnings}$funcname(" . implode(',', $pars) . "); else\n"; + // build a 'generic' signature (only use an appropriate return type) + $sig = array($returns); + $psig = array($returnsDocs); + for($i=0; $i < count($pars); $i++) + { + if (isset($paramDocs[$i]['type'])) + { + $sig[] = php_2_xmlrpc_type($paramDocs[$i]['type']); + } + else + { + $sig[] = $GLOBALS['xmlrpcValue']; + } + $psig[] = isset($paramDocs[$i]['doc']) ? $paramDocs[$i]['doc'] : ''; + } + $sigs[] = $sig; + $psigs[] = $psig; + } + $innercode .= "\$np = true;\n"; + $innercode .= "if (\$np) return new {$prefix}resp(0, {$GLOBALS['xmlrpcerr']['incorrect_params']}, '{$GLOBALS['xmlrpcstr']['incorrect_params']}'); else {\n"; + //$innercode .= "if (\$_xmlrpcs_error_occurred) return new xmlrpcresp(0, $GLOBALS['xmlrpcerr']user, \$_xmlrpcs_error_occurred); else\n"; + $innercode .= "if (is_a(\$retval, '{$prefix}resp')) return \$retval; else\n"; + if($returns == $GLOBALS['xmlrpcDateTime'] || $returns == $GLOBALS['xmlrpcBase64']) + { + $innercode .= "return new {$prefix}resp(new {$prefix}val(\$retval, '$returns'));"; + } + else + { + if ($encode_php_objects) + $innercode .= "return new {$prefix}resp(php_{$prefix}_encode(\$retval, array('encode_php_objs')));\n"; + else + $innercode .= "return new {$prefix}resp(php_{$prefix}_encode(\$retval));\n"; + } + // shall we exclude functions returning by ref? + // if($func->returnsReference()) + // return false; + $code = "function $xmlrpcfuncname(\$msg) {\n" . $innercode . "}\n}"; + //print_r($code); + if ($buildit) + { + $allOK = 0; + eval($code.'$allOK=1;'); + // alternative + //$xmlrpcfuncname = create_function('$m', $innercode); + + if(!$allOK) + { + error_log('XML-RPC: could not create function '.$xmlrpcfuncname.' to wrap php function '.$funcname); + return false; + } + } + + /// @todo examine if $paramDocs matches $parsvariations and build array for + /// usage as method signature, plus put together a nice string for docs + + $ret = array('function' => $xmlrpcfuncname, 'signature' => $sigs, 'docstring' => $desc, 'signature_docs' => $psigs, 'source' => $code); + return $ret; + } + } + + /** + * Given an xmlrpc client and a method name, register a php wrapper function + * that will call it and return results using native php types for both + * params and results. The generated php function will return an xmlrpcresp + * oject for failed xmlrpc calls + * + * Known limitations: + * - server must support system.methodsignature for the wanted xmlrpc method + * - for methods that expose many signatures, only one can be picked (we + * could in priciple check if signatures differ only by number of params + * and not by type, but it would be more complication than we can spare time) + * - nested xmlrpc params: the caller of the generated php function has to + * encode on its own the params passed to the php function if these are structs + * or arrays whose (sub)members include values of type datetime or base64 + * + * Notes: the connection properties of the given client will be copied + * and reused for the connection used during the call to the generated + * php function. + * Calling the generated php function 'might' be slow: a new xmlrpc client + * is created on every invocation and an xmlrpc-connection opened+closed. + * An extra 'debug' param is appended to param list of xmlrpc method, useful + * for debugging purposes. + * + * @param xmlrpc_client $client an xmlrpc client set up correctly to communicate with target server + * @param string $methodname the xmlrpc method to be mapped to a php function + * @param array $extra_options array of options that specify conversion details. valid ptions include + * integer signum the index of the method signature to use in mapping (if method exposes many sigs) + * integer timeout timeout (in secs) to be used when executing function/calling remote method + * string protocol 'http' (default), 'http11' or 'https' + * string new_function_name the name of php function to create. If unsepcified, lib will pick an appropriate name + * string return_source if true return php code w. function definition instead fo function name + * bool encode_php_objs let php objects be sent to server using the 'improved' xmlrpc notation, so server can deserialize them as php objects + * bool decode_php_objs --- WARNING !!! possible security hazard. only use it with trusted servers --- + * mixed return_on_fault a php value to be returned when the xmlrpc call fails/returns a fault response (by default the xmlrpcresp object is returned in this case). If a string is used, '%faultCode%' and '%faultString%' tokens will be substituted with actual error values + * bool debug set it to 1 or 2 to see debug results of querying server for method synopsis + * @return string the name of the generated php function (or false) - OR AN ARRAY... + */ + function wrap_xmlrpc_method($client, $methodname, $extra_options=0, $timeout=0, $protocol='', $newfuncname='') + { + // mind numbing: let caller use sane calling convention (as per javadoc, 3 params), + // OR the 2.0 calling convention (no ptions) - we really love backward compat, don't we? + if (!is_array($extra_options)) + { + $signum = $extra_options; + $extra_options = array(); + } + else + { + $signum = isset($extra_options['signum']) ? (int)$extra_options['signum'] : 0; + $timeout = isset($extra_options['timeout']) ? (int)$extra_options['timeout'] : 0; + $protocol = isset($extra_options['protocol']) ? $extra_options['protocol'] : ''; + $newfuncname = isset($extra_options['new_function_name']) ? $extra_options['new_function_name'] : ''; + } + //$encode_php_objects = in_array('encode_php_objects', $extra_options); + //$verbatim_client_copy = in_array('simple_client_copy', $extra_options) ? 1 : + // in_array('build_class_code', $extra_options) ? 2 : 0; + + $encode_php_objects = isset($extra_options['encode_php_objs']) ? (bool)$extra_options['encode_php_objs'] : false; + $decode_php_objects = isset($extra_options['decode_php_objs']) ? (bool)$extra_options['decode_php_objs'] : false; + $simple_client_copy = isset($extra_options['simple_client_copy']) ? (int)($extra_options['simple_client_copy']) : 0; + $buildit = isset($extra_options['return_source']) ? !($extra_options['return_source']) : true; + $prefix = isset($extra_options['prefix']) ? $extra_options['prefix'] : 'xmlrpc'; + if (isset($extra_options['return_on_fault'])) + { + $decode_fault = true; + $fault_response = $extra_options['return_on_fault']; + } + else + { + $decode_fault = false; + $fault_response = ''; + } + $debug = isset($extra_options['debug']) ? ($extra_options['debug']) : 0; + + $msgclass = $prefix.'msg'; + $valclass = $prefix.'val'; + $decodefunc = 'php_'.$prefix.'_decode'; + + $msg =& new $msgclass('system.methodSignature'); + $msg->addparam(new $valclass($methodname)); + $client->setDebug($debug); + $response =& $client->send($msg, $timeout, $protocol); + if($response->faultCode()) + { + error_log('XML-RPC: could not retrieve method signature from remote server for method '.$methodname); + return false; + } + else + { + $msig = $response->value(); + if ($client->return_type != 'phpvals') + { + $msig = $decodefunc($msig); + } + if(!is_array($msig) || count($msig) <= $signum) + { + error_log('XML-RPC: could not retrieve method signature nr.'.$signum.' from remote server for method '.$methodname); + return false; + } + else + { + // pick a suitable name for the new function, avoiding collisions + if($newfuncname != '') + { + $xmlrpcfuncname = $newfuncname; + } + else + { + // take care to insure that methodname is translated to valid + // php function name + $xmlrpcfuncname = $prefix.'_'.preg_replace(array('/\./', '/[^a-zA-Z0-9_\x7f-\xff]/'), + array('_', ''), $methodname); + } + while($buildit && function_exists($xmlrpcfuncname)) + { + $xmlrpcfuncname .= 'x'; + } + + $msig = $msig[$signum]; + $mdesc = ''; + // if in 'offline' mode, get method description too. + // in online mode, favour speed of operation + if(!$buildit) + { + $msg =& new $msgclass('system.methodHelp'); + $msg->addparam(new $valclass($methodname)); + $response =& $client->send($msg, $timeout, $protocol); + if (!$response->faultCode()) + { + $mdesc = $response->value(); + if ($client->return_type != 'phpvals') + { + $mdesc = $mdesc->scalarval(); + } + } + } + + $results = build_remote_method_wrapper_code($client, $methodname, + $xmlrpcfuncname, $msig, $mdesc, $timeout, $protocol, $simple_client_copy, + $prefix, $decode_php_objects, $encode_php_objects, $decode_fault, + $fault_response); + + //print_r($code); + if ($buildit) + { + $allOK = 0; + eval($results['source'].'$allOK=1;'); + // alternative + //$xmlrpcfuncname = create_function('$m', $innercode); + if($allOK) + { + return $xmlrpcfuncname; + } + else + { + error_log('XML-RPC: could not create function '.$xmlrpcfuncname.' to wrap remote method '.$methodname); + return false; + } + } + else + { + $results['function'] = $xmlrpcfuncname; + return $results; + } + } + } + } + + /** + * Similar to wrap_xmlrpc_method, but will generate a php class that wraps + * all xmlrpc methods exposed by the remote server as own methods. + * For more details see wrap_xmlrpc_method. + * @param xmlrpc_client $client the client obj all set to query the desired server + * @param array $extra_options list of options for wrapped code + * @return mixed false on error, the name of the created class if all ok or an array with code, class name and comments (if the appropriatevoption is set in extra_options) + */ + function wrap_xmlrpc_server($client, $extra_options=array()) + { + $methodfilter = isset($extra_options['method_filter']) ? $extra_options['method_filter'] : ''; + $signum = isset($extra_options['signum']) ? (int)$extra_options['signum'] : 0; + $timeout = isset($extra_options['timeout']) ? (int)$extra_options['timeout'] : 0; + $protocol = isset($extra_options['protocol']) ? $extra_options['protocol'] : ''; + $newclassname = isset($extra_options['new_class_name']) ? $extra_options['new_class_name'] : ''; + $encode_php_objects = isset($extra_options['encode_php_objs']) ? (bool)$extra_options['encode_php_objs'] : false; + $decode_php_objects = isset($extra_options['decode_php_objs']) ? (bool)$extra_options['decode_php_objs'] : false; + $verbatim_client_copy = isset($extra_options['simple_client_copy']) ? !($extra_options['simple_client_copy']) : true; + $buildit = isset($extra_options['return_source']) ? !($extra_options['return_source']) : true; + $prefix = isset($extra_options['prefix']) ? $extra_options['prefix'] : 'xmlrpc'; + + $msgclass = $prefix.'msg'; + //$valclass = $prefix.'val'; + $decodefunc = 'php_'.$prefix.'_decode'; + + $msg =& new $msgclass('system.listMethods'); + $response =& $client->send($msg, $timeout, $protocol); + if($response->faultCode()) + { + error_log('XML-RPC: could not retrieve method list from remote server'); + return false; + } + else + { + $mlist = $response->value(); + if ($client->return_type != 'phpvals') + { + $mlist = $decodefunc($mlist); + } + if(!is_array($mlist) || !count($mlist)) + { + error_log('XML-RPC: could not retrieve meaningful method list from remote server'); + return false; + } + else + { + // pick a suitable name for the new function, avoiding collisions + if($newclassname != '') + { + $xmlrpcclassname = $newclassname; + } + else + { + $xmlrpcclassname = $prefix.'_'.preg_replace(array('/\./', '/[^a-zA-Z0-9_\x7f-\xff]/'), + array('_', ''), $client->server).'_client'; + } + while($buildit && class_exists($xmlrpcclassname)) + { + $xmlrpcclassname .= 'x'; + } + + /// @todo add function setdebug() to new class, to enable/disable debugging + $source = "class $xmlrpcclassname\n{\nvar \$client;\n\n"; + $source .= "function $xmlrpcclassname()\n{\n"; + $source .= build_client_wrapper_code($client, $verbatim_client_copy, $prefix); + $source .= "\$this->client =& \$client;\n}\n\n"; + $opts = array('simple_client_copy' => 2, 'return_source' => true, + 'timeout' => $timeout, 'protocol' => $protocol, + 'encode_php_objs' => $encode_php_objects, 'prefix' => $prefix, + 'decode_php_objs' => $decode_php_objects + ); + /// @todo build javadoc for class definition, too + foreach($mlist as $mname) + { + if ($methodfilter == '' || preg_match($methodfilter, $mname)) + { + $opts['new_function_name'] = preg_replace(array('/\./', '/[^a-zA-Z0-9_\x7f-\xff]/'), + array('_', ''), $mname); + $methodwrap = wrap_xmlrpc_method($client, $mname, $opts); + if ($methodwrap) + { + if (!$buildit) + { + $source .= $methodwrap['docstring']; + } + $source .= $methodwrap['source']."\n"; + } + else + { + error_log('XML-RPC: will not create class method to wrap remote method '.$mname); + } + } + } + $source .= "}\n"; + if ($buildit) + { + $allOK = 0; + eval($source.'$allOK=1;'); + // alternative + //$xmlrpcfuncname = create_function('$m', $innercode); + if($allOK) + { + return $xmlrpcclassname; + } + else + { + error_log('XML-RPC: could not create class '.$xmlrpcclassname.' to wrap remote server '.$client->server); + return false; + } + } + else + { + return array('class' => $xmlrpcclassname, 'code' => $source, 'docstring' => ''); + } + } + } + } + + /** + * Given the necessary info, build php code that creates a new function to + * invoke a remote xmlrpc method. + * Take care that no full checking of input parameters is done to ensure that + * valid php code is emitted. + * Note: real spaghetti code follows... + * @access private + */ + function build_remote_method_wrapper_code($client, $methodname, $xmlrpcfuncname, + $msig, $mdesc='', $timeout=0, $protocol='', $client_copy_mode=0, $prefix='xmlrpc', + $decode_php_objects=false, $encode_php_objects=false, $decode_fault=false, + $fault_response='') + { + $code = "function $xmlrpcfuncname ("; + if ($client_copy_mode < 2) + { + // client copy mode 0 or 1 == partial / full client copy in emitted code + $innercode = build_client_wrapper_code($client, $client_copy_mode, $prefix); + $innercode .= "\$client->setDebug(\$debug);\n"; + $this_ = ''; + } + else + { + // client copy mode 2 == no client copy in emitted code + $innercode = ''; + $this_ = 'this->'; + } + $innercode .= "\$msg =& new {$prefix}msg('$methodname');\n"; + + if ($mdesc != '') + { + // take care that PHP comment is not terminated unwillingly by method description + $mdesc = "/**\n* ".str_replace('*/', '* /', $mdesc)."\n"; + } + else + { + $mdesc = "/**\nFunction $xmlrpcfuncname\n"; + } + + // param parsing + $plist = array(); + $pcount = count($msig); + for($i = 1; $i < $pcount; $i++) + { + $plist[] = "\$p$i"; + $ptype = $msig[$i]; + if($ptype == 'i4' || $ptype == 'int' || $ptype == 'boolean' || $ptype == 'double' || + $ptype == 'string' || $ptype == 'dateTime.iso8601' || $ptype == 'base64' || $ptype == 'null') + { + // only build directly xmlrpcvals when type is known and scalar + $innercode .= "\$p$i =& new {$prefix}val(\$p$i, '$ptype');\n"; + } + else + { + if ($encode_php_objects) + { + $innercode .= "\$p$i =& php_{$prefix}_encode(\$p$i, array('encode_php_objs'));\n"; + } + else + { + $innercode .= "\$p$i =& php_{$prefix}_encode(\$p$i);\n"; + } + } + $innercode .= "\$msg->addparam(\$p$i);\n"; + $mdesc .= '* @param '.xmlrpc_2_php_type($ptype)." \$p$i\n"; + } + if ($client_copy_mode < 2) + { + $plist[] = '$debug=0'; + $mdesc .= "* @param int \$debug when 1 (or 2) will enable debugging of the underlying {$prefix} call (defaults to 0)\n"; + } + $plist = implode(', ', $plist); + $mdesc .= '* @return '.xmlrpc_2_php_type($msig[0])." (or an {$prefix}resp obj instance if call fails)\n*/\n"; + + $innercode .= "\$res =& \${$this_}client->send(\$msg, $timeout, '$protocol');\n"; + if ($decode_fault) + { + if (is_string($fault_response) && ((strpos($fault_response, '%faultCode%') !== false) || (strpos($fault_response, '%faultString%') !== false))) + { + $respcode = "str_replace(array('%faultCode%', '%faultString%'), array(\$res->faultCode(), \$res->faultString()), '".str_replace("'", "''", $fault_response)."')"; + } + else + { + $respcode = var_export($fault_response, true); + } + } + else + { + $respcode = '$res'; + } + if ($decode_php_objects) + { + $innercode .= "if (\$res->faultcode()) return $respcode; else return php_{$prefix}_decode(\$res->value(), array('decode_php_objs'));"; + } + else + { + $innercode .= "if (\$res->faultcode()) return $respcode; else return php_{$prefix}_decode(\$res->value());"; + } + + $code = $code . $plist. ") {\n" . $innercode . "\n}\n"; + + return array('source' => $code, 'docstring' => $mdesc); + } + + /** + * Given necessary info, generate php code that will rebuild a client object + * Take care that no full checking of input parameters is done to ensure that + * valid php code is emitted. + * @access private + */ + function build_client_wrapper_code($client, $verbatim_client_copy, $prefix='xmlrpc') + { + $code = "\$client =& new {$prefix}_client('".str_replace("'", "\'", $client->path). + "', '" . str_replace("'", "\'", $client->server) . "', $client->port);\n"; + + // copy all client fields to the client that will be generated runtime + // (this provides for future expansion or subclassing of client obj) + if ($verbatim_client_copy) + { + foreach($client as $fld => $val) + { + if($fld != 'debug' && $fld != 'return_type') + { + $val = var_export($val, true); + $code .= "\$client->$fld = $val;\n"; + } + } + } + // only make sure that client always returns the correct data type + $code .= "\$client->return_type = '{$prefix}vals';\n"; + //$code .= "\$client->setDebug(\$debug);\n"; + return $code; + } +?> \ No newline at end of file diff --git a/central/trunk/includes/xmlrpc/xmlrpcs.inc b/central/trunk/includes/xmlrpc/xmlrpcs.inc new file mode 100644 index 0000000..9588919 --- /dev/null +++ b/central/trunk/includes/xmlrpc/xmlrpcs.inc @@ -0,0 +1,1193 @@ + +// $Id: xmlrpcs.inc,v 1.69 2007/09/20 20:14:25 ggiunta Exp $ + +// Copyright (c) 1999,2000,2002 Edd Dumbill. +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions +// are met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following +// disclaimer in the documentation and/or other materials provided +// with the distribution. +// +// * Neither the name of the "XML-RPC for PHP" nor the names of its +// contributors may be used to endorse or promote products derived +// from this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +// REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +// OF THE POSSIBILITY OF SUCH DAMAGE. + + // XML RPC Server class + // requires: xmlrpc.inc + + $GLOBALS['xmlrpcs_capabilities'] = array( + // xmlrpc spec: always supported + 'xmlrpc' => new xmlrpcval(array( + 'specUrl' => new xmlrpcval('http://www.xmlrpc.com/spec', 'string'), + 'specVersion' => new xmlrpcval(1, 'int') + ), 'struct'), + // if we support system.xxx functions, we always support multicall, too... + // Note that, as of 2006/09/17, the following URL does not respond anymore + 'system.multicall' => new xmlrpcval(array( + 'specUrl' => new xmlrpcval('http://www.xmlrpc.com/discuss/msgReader$1208', 'string'), + 'specVersion' => new xmlrpcval(1, 'int') + ), 'struct'), + // introspection: version 2! we support 'mixed', too + 'introspection' => new xmlrpcval(array( + 'specUrl' => new xmlrpcval('http://phpxmlrpc.sourceforge.net/doc-2/ch10.html', 'string'), + 'specVersion' => new xmlrpcval(2, 'int') + ), 'struct') + ); + + /* Functions that implement system.XXX methods of xmlrpc servers */ + $_xmlrpcs_getCapabilities_sig=array(array($GLOBALS['xmlrpcStruct'])); + $_xmlrpcs_getCapabilities_doc='This method lists all the capabilites that the XML-RPC server has: the (more or less standard) extensions to the xmlrpc spec that it adheres to'; + $_xmlrpcs_getCapabilities_sdoc=array(array('list of capabilities, described as structs with a version number and url for the spec')); + function _xmlrpcs_getCapabilities($server, $m=null) + { + $outAr = $GLOBALS['xmlrpcs_capabilities']; + // NIL extension + if ($GLOBALS['xmlrpc_null_extension']) { + $outAr['nil'] = new xmlrpcval(array( + 'specUrl' => new xmlrpcval('http://www.ontosys.com/xml-rpc/extensions.php', 'string'), + 'specVersion' => new xmlrpcval(1, 'int') + ), 'struct'); + } + return new xmlrpcresp(new xmlrpcval($outAr, 'struct')); + } + + // listMethods: signature was either a string, or nothing. + // The useless string variant has been removed + $_xmlrpcs_listMethods_sig=array(array($GLOBALS['xmlrpcArray'])); + $_xmlrpcs_listMethods_doc='This method lists all the methods that the XML-RPC server knows how to dispatch'; + $_xmlrpcs_listMethods_sdoc=array(array('list of method names')); + function _xmlrpcs_listMethods($server, $m=null) // if called in plain php values mode, second param is missing + { + + $outAr=array(); + foreach($server->dmap as $key => $val) + { + $outAr[]=&new xmlrpcval($key, 'string'); + } + if($server->allow_system_funcs) + { + foreach($GLOBALS['_xmlrpcs_dmap'] as $key => $val) + { + $outAr[]=&new xmlrpcval($key, 'string'); + } + } + return new xmlrpcresp(new xmlrpcval($outAr, 'array')); + } + + $_xmlrpcs_methodSignature_sig=array(array($GLOBALS['xmlrpcArray'], $GLOBALS['xmlrpcString'])); + $_xmlrpcs_methodSignature_doc='Returns an array of known signatures (an array of arrays) for the method name passed. If no signatures are known, returns a none-array (test for type != array to detect missing signature)'; + $_xmlrpcs_methodSignature_sdoc=array(array('list of known signatures, each sig being an array of xmlrpc type names', 'name of method to be described')); + function _xmlrpcs_methodSignature($server, $m) + { + // let accept as parameter both an xmlrpcval or string + if (is_object($m)) + { + $methName=$m->getParam(0); + $methName=$methName->scalarval(); + } + else + { + $methName=$m; + } + if(strpos($methName, "system.") === 0) + { + $dmap=$GLOBALS['_xmlrpcs_dmap']; $sysCall=1; + } + else + { + $dmap=$server->dmap; $sysCall=0; + } + if(isset($dmap[$methName])) + { + if(isset($dmap[$methName]['signature'])) + { + $sigs=array(); + foreach($dmap[$methName]['signature'] as $inSig) + { + $cursig=array(); + foreach($inSig as $sig) + { + $cursig[]=&new xmlrpcval($sig, 'string'); + } + $sigs[]=&new xmlrpcval($cursig, 'array'); + } + $r=&new xmlrpcresp(new xmlrpcval($sigs, 'array')); + } + else + { + // NB: according to the official docs, we should be returning a + // "none-array" here, which means not-an-array + $r=&new xmlrpcresp(new xmlrpcval('undef', 'string')); + } + } + else + { + $r=&new xmlrpcresp(0,$GLOBALS['xmlrpcerr']['introspect_unknown'], $GLOBALS['xmlrpcstr']['introspect_unknown']); + } + return $r; + } + + $_xmlrpcs_methodHelp_sig=array(array($GLOBALS['xmlrpcString'], $GLOBALS['xmlrpcString'])); + $_xmlrpcs_methodHelp_doc='Returns help text if defined for the method passed, otherwise returns an empty string'; + $_xmlrpcs_methodHelp_sdoc=array(array('method description', 'name of the method to be described')); + function _xmlrpcs_methodHelp($server, $m) + { + // let accept as parameter both an xmlrpcval or string + if (is_object($m)) + { + $methName=$m->getParam(0); + $methName=$methName->scalarval(); + } + else + { + $methName=$m; + } + if(strpos($methName, "system.") === 0) + { + $dmap=$GLOBALS['_xmlrpcs_dmap']; $sysCall=1; + } + else + { + $dmap=$server->dmap; $sysCall=0; + } + if(isset($dmap[$methName])) + { + if(isset($dmap[$methName]['docstring'])) + { + $r=&new xmlrpcresp(new xmlrpcval($dmap[$methName]['docstring']), 'string'); + } + else + { + $r=&new xmlrpcresp(new xmlrpcval('', 'string')); + } + } + else + { + $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['introspect_unknown'], $GLOBALS['xmlrpcstr']['introspect_unknown']); + } + return $r; + } + + $_xmlrpcs_multicall_sig = array(array($GLOBALS['xmlrpcArray'], $GLOBALS['xmlrpcArray'])); + $_xmlrpcs_multicall_doc = 'Boxcar multiple RPC calls in one request. See http://www.xmlrpc.com/discuss/msgReader$1208 for details'; + $_xmlrpcs_multicall_sdoc = array(array('list of response structs, where each struct has the usual members', 'list of calls, with each call being represented as a struct, with members "methodname" and "params"')); + function _xmlrpcs_multicall_error($err) + { + if(is_string($err)) + { + $str = $GLOBALS['xmlrpcstr']["multicall_${err}"]; + $code = $GLOBALS['xmlrpcerr']["multicall_${err}"]; + } + else + { + $code = $err->faultCode(); + $str = $err->faultString(); + } + $struct = array(); + $struct['faultCode'] =& new xmlrpcval($code, 'int'); + $struct['faultString'] =& new xmlrpcval($str, 'string'); + return new xmlrpcval($struct, 'struct'); + } + + function _xmlrpcs_multicall_do_call($server, $call) + { + if($call->kindOf() != 'struct') + { + return _xmlrpcs_multicall_error('notstruct'); + } + $methName = @$call->structmem('methodName'); + if(!$methName) + { + return _xmlrpcs_multicall_error('nomethod'); + } + if($methName->kindOf() != 'scalar' || $methName->scalartyp() != 'string') + { + return _xmlrpcs_multicall_error('notstring'); + } + if($methName->scalarval() == 'system.multicall') + { + return _xmlrpcs_multicall_error('recursion'); + } + + $params = @$call->structmem('params'); + if(!$params) + { + return _xmlrpcs_multicall_error('noparams'); + } + if($params->kindOf() != 'array') + { + return _xmlrpcs_multicall_error('notarray'); + } + $numParams = $params->arraysize(); + + $msg =& new xmlrpcmsg($methName->scalarval()); + for($i = 0; $i < $numParams; $i++) + { + if(!$msg->addParam($params->arraymem($i))) + { + $i++; + return _xmlrpcs_multicall_error(new xmlrpcresp(0, + $GLOBALS['xmlrpcerr']['incorrect_params'], + $GLOBALS['xmlrpcstr']['incorrect_params'] . ": probable xml error in param " . $i)); + } + } + + $result = $server->execute($msg); + + if($result->faultCode() != 0) + { + return _xmlrpcs_multicall_error($result); // Method returned fault. + } + + return new xmlrpcval(array($result->value()), 'array'); + } + + function _xmlrpcs_multicall_do_call_phpvals($server, $call) + { + if(!is_array($call)) + { + return _xmlrpcs_multicall_error('notstruct'); + } + if(!array_key_exists('methodName', $call)) + { + return _xmlrpcs_multicall_error('nomethod'); + } + if (!is_string($call['methodName'])) + { + return _xmlrpcs_multicall_error('notstring'); + } + if($call['methodName'] == 'system.multicall') + { + return _xmlrpcs_multicall_error('recursion'); + } + if(!array_key_exists('params', $call)) + { + return _xmlrpcs_multicall_error('noparams'); + } + if(!is_array($call['params'])) + { + return _xmlrpcs_multicall_error('notarray'); + } + + // this is a real dirty and simplistic hack, since we might have received a + // base64 or datetime values, but they will be listed as strings here... + $numParams = count($call['params']); + $pt = array(); + foreach($call['params'] as $val) + $pt[] = php_2_xmlrpc_type(gettype($val)); + + $result = $server->execute($call['methodName'], $call['params'], $pt); + + if($result->faultCode() != 0) + { + return _xmlrpcs_multicall_error($result); // Method returned fault. + } + + return new xmlrpcval(array($result->value()), 'array'); + } + + function _xmlrpcs_multicall($server, $m) + { + $result = array(); + // let accept a plain list of php parameters, beside a single xmlrpc msg object + if (is_object($m)) + { + $calls = $m->getParam(0); + $numCalls = $calls->arraysize(); + for($i = 0; $i < $numCalls; $i++) + { + $call = $calls->arraymem($i); + $result[$i] = _xmlrpcs_multicall_do_call($server, $call); + } + } + else + { + $numCalls=count($m); + for($i = 0; $i < $numCalls; $i++) + { + $result[$i] = _xmlrpcs_multicall_do_call_phpvals($server, $m[$i]); + } + } + + return new xmlrpcresp(new xmlrpcval($result, 'array')); + } + + $GLOBALS['_xmlrpcs_dmap']=array( + 'system.listMethods' => array( + 'function' => '_xmlrpcs_listMethods', + 'signature' => $_xmlrpcs_listMethods_sig, + 'docstring' => $_xmlrpcs_listMethods_doc, + 'signature_docs' => $_xmlrpcs_listMethods_sdoc), + 'system.methodHelp' => array( + 'function' => '_xmlrpcs_methodHelp', + 'signature' => $_xmlrpcs_methodHelp_sig, + 'docstring' => $_xmlrpcs_methodHelp_doc, + 'signature_docs' => $_xmlrpcs_methodHelp_sdoc), + 'system.methodSignature' => array( + 'function' => '_xmlrpcs_methodSignature', + 'signature' => $_xmlrpcs_methodSignature_sig, + 'docstring' => $_xmlrpcs_methodSignature_doc, + 'signature_docs' => $_xmlrpcs_methodSignature_sdoc), + 'system.multicall' => array( + 'function' => '_xmlrpcs_multicall', + 'signature' => $_xmlrpcs_multicall_sig, + 'docstring' => $_xmlrpcs_multicall_doc, + 'signature_docs' => $_xmlrpcs_multicall_sdoc), + 'system.getCapabilities' => array( + 'function' => '_xmlrpcs_getCapabilities', + 'signature' => $_xmlrpcs_getCapabilities_sig, + 'docstring' => $_xmlrpcs_getCapabilities_doc, + 'signature_docs' => $_xmlrpcs_getCapabilities_sdoc) + ); + + $GLOBALS['_xmlrpcs_occurred_errors'] = ''; + $GLOBALS['_xmlrpcs_prev_ehandler'] = ''; + /** + * Error handler used to track errors that occur during server-side execution of PHP code. + * This allows to report back to the client whether an internal error has occurred or not + * using an xmlrpc response object, instead of letting the client deal with the html junk + * that a PHP execution error on the server generally entails. + * + * NB: in fact a user defined error handler can only handle WARNING, NOTICE and USER_* errors. + * + */ + function _xmlrpcs_errorHandler($errcode, $errstring, $filename=null, $lineno=null, $context=null) + { + // obey the @ protocol + if (error_reporting() == 0) + return; + + //if($errcode != E_NOTICE && $errcode != E_WARNING && $errcode != E_USER_NOTICE && $errcode != E_USER_WARNING) + if($errcode != 2048) // do not use E_STRICT by name, since on PHP 4 it will not be defined + { + $GLOBALS['_xmlrpcs_occurred_errors'] = $GLOBALS['_xmlrpcs_occurred_errors'] . $errstring . "\n"; + } + // Try to avoid as much as possible disruption to the previous error handling + // mechanism in place + if($GLOBALS['_xmlrpcs_prev_ehandler'] == '') + { + // The previous error handler was the default: all we should do is log error + // to the default error log (if level high enough) + if(ini_get('log_errors') && (intval(ini_get('error_reporting')) & $errcode)) + { + error_log($errstring); + } + } + else + { + // Pass control on to previous error handler, trying to avoid loops... + if($GLOBALS['_xmlrpcs_prev_ehandler'] != '_xmlrpcs_errorHandler') + { + // NB: this code will NOT work on php < 4.0.2: only 2 params were used for error handlers + if(is_array($GLOBALS['_xmlrpcs_prev_ehandler'])) + { + // the following works both with static class methods and plain object methods as error handler + call_user_func_array($GLOBALS['_xmlrpcs_prev_ehandler'], array($errcode, $errstring, $filename, $lineno, $context)); + } + else + { + $GLOBALS['_xmlrpcs_prev_ehandler']($errcode, $errstring, $filename, $lineno, $context); + } + } + } + } + + $GLOBALS['_xmlrpc_debuginfo']=''; + + /** + * Add a string to the debug info that can be later seralized by the server + * as part of the response message. + * Note that for best compatbility, the debug string should be encoded using + * the $GLOBALS['xmlrpc_internalencoding'] character set. + * @param string $m + * @access public + */ + function xmlrpc_debugmsg($m) + { + $GLOBALS['_xmlrpc_debuginfo'] .= $m . "\n"; + } + + class xmlrpc_server + { + /// array defining php functions exposed as xmlrpc methods by this server + var $dmap=array(); + /** + * Defines how functions in dmap will be invokde: either using an xmlrpc msg object + * or plain php values. + * valid strings are 'xmlrpcvals', 'phpvals' or 'epivals' + */ + var $functions_parameters_type='xmlrpcvals'; + /// controls wether the server is going to echo debugging messages back to the client as comments in response body. valid values: 0,1,2,3 + var $debug = 1; + /** + * When set to true, it will enable HTTP compression of the response, in case + * the client has declared its support for compression in the request. + */ + var $compress_response = false; + /** + * List of http compression methods accepted by the server for requests. + * NB: PHP supports deflate, gzip compressions out of the box if compiled w. zlib + */ + var $accepted_compression = array(); + /// shall we serve calls to system.* methods? + var $allow_system_funcs = true; + /// list of charset encodings natively accepted for requests + var $accepted_charset_encodings = array(); + /** + * charset encoding to be used for response. + * NB: if we can, we will convert the generated response from internal_encoding to the intended one. + * can be: a supported xml encoding (only UTF-8 and ISO-8859-1 at present, unless mbstring is enabled), + * null (leave unspecified in response, convert output stream to US_ASCII), + * 'default' (use xmlrpc library default as specified in xmlrpc.inc, convert output stream if needed), + * or 'auto' (use client-specified charset encoding or same as request if request headers do not specify it (unless request is US-ASCII: then use library default anyway). + * NB: pretty dangerous if you accept every charset and do not have mbstring enabled) + */ + var $response_charset_encoding = ''; + /// storage for internal debug info + var $debug_info = ''; + /// extra data passed at runtime to method handling functions. Used only by EPI layer + var $user_data = null; + + /** + * @param array $dispmap the dispatch map withd efinition of exposed services + * @param boolean $servicenow set to false to prevent the server from runnung upon construction + */ + function xmlrpc_server($dispMap=null, $serviceNow=true) + { + // if ZLIB is enabled, let the server by default accept compressed requests, + // and compress responses sent to clients that support them + if(function_exists('gzinflate')) + { + $this->accepted_compression = array('gzip', 'deflate'); + $this->compress_response = true; + } + + // by default the xml parser can support these 3 charset encodings + $this->accepted_charset_encodings = array('UTF-8', 'ISO-8859-1', 'US-ASCII'); + + // dispMap is a dispatch array of methods + // mapped to function names and signatures + // if a method + // doesn't appear in the map then an unknown + // method error is generated + /* milosch - changed to make passing dispMap optional. + * instead, you can use the class add_to_map() function + * to add functions manually (borrowed from SOAPX4) + */ + if($dispMap) + { + $this->dmap = $dispMap; + if($serviceNow) + { + $this->service(); + } + } + } + + /** + * Set debug level of server. + * @param integer $in debug lvl: determines info added to xmlrpc responses (as xml comments) + * 0 = no debug info, + * 1 = msgs set from user with debugmsg(), + * 2 = add complete xmlrpc request (headers and body), + * 3 = add also all processing warnings happened during method processing + * (NB: this involves setting a custom error handler, and might interfere + * with the standard processing of the php function exposed as method. In + * particular, triggering an USER_ERROR level error will not halt script + * execution anymore, but just end up logged in the xmlrpc response) + * Note that info added at elevel 2 and 3 will be base64 encoded + * @access public + */ + function setDebug($in) + { + $this->debug=$in; + } + + /** + * Return a string with the serialized representation of all debug info + * @param string $charset_encoding the target charset encoding for the serialization + * @return string an XML comment (or two) + */ + function serializeDebug($charset_encoding='') + { + // Tough encoding problem: which internal charset should we assume for debug info? + // It might contain a copy of raw data received from client, ie with unknown encoding, + // intermixed with php generated data and user generated data... + // so we split it: system debug is base 64 encoded, + // user debug info should be encoded by the end user using the INTERNAL_ENCODING + $out = ''; + if ($this->debug_info != '') + { + $out .= "\n"; + } + if($GLOBALS['_xmlrpc_debuginfo']!='') + { + + $out .= "\n"; + // NB: a better solution MIGHT be to use CDATA, but we need to insert it + // into return payload AFTER the beginning tag + //$out .= "', ']_]_>', $GLOBALS['_xmlrpc_debuginfo']) . "\n]]>\n"; + } + return $out; + } + + /** + * Execute the xmlrpc request, printing the response + * @param string $data the request body. If null, the http POST request will be examined + * @return xmlrpcresp the response object (usually not used by caller...) + * @access public + */ + function service($data=null, $return_payload=false) + { + if ($data === null) + { + // workaround for a known bug in php ver. 5.2.2 that broke $HTTP_RAW_POST_DATA + $ver = phpversion(); + if ($ver[0] >= 5) + { + $data = file_get_contents('php://input'); + } + else + { + $data = isset($GLOBALS['HTTP_RAW_POST_DATA']) ? $GLOBALS['HTTP_RAW_POST_DATA'] : ''; + } + } + $raw_data = $data; + + // reset internal debug info + $this->debug_info = ''; + + // Echo back what we received, before parsing it + if($this->debug > 1) + { + $this->debugmsg("+++GOT+++\n" . $data . "\n+++END+++"); + } + + $r = $this->parseRequestHeaders($data, $req_charset, $resp_charset, $resp_encoding); + if (!$r) + { + $r=$this->parseRequest($data, $req_charset); + } + + // save full body of request into response, for more debugging usages + $r->raw_data = $raw_data; + + if($this->debug > 2 && $GLOBALS['_xmlrpcs_occurred_errors']) + { + $this->debugmsg("+++PROCESSING ERRORS AND WARNINGS+++\n" . + $GLOBALS['_xmlrpcs_occurred_errors'] . "+++END+++"); + } + + $payload=$this->xml_header($resp_charset); + if($this->debug > 0) + { + $payload = $payload . $this->serializeDebug($resp_charset); + } + + // G. Giunta 2006-01-27: do not create response serialization if it has + // already happened. Helps building json magic + if (empty($r->payload)) + { + $r->serialize($resp_charset); + } + $payload = $payload . $r->payload; + + if ($return_payload) + { + return $payload; + } + + // if we get a warning/error that has output some text before here, then we cannot + // add a new header. We cannot say we are sending xml, either... + if(!headers_sent()) + { + header('Content-Type: '.$r->content_type); + // we do not know if client actually told us an accepted charset, but if he did + // we have to tell him what we did + header("Vary: Accept-Charset"); + + // http compression of output: only + // if we can do it, and we want to do it, and client asked us to, + // and php ini settings do not force it already + $php_no_self_compress = ini_get('zlib.output_compression') == '' && (ini_get('output_handler') != 'ob_gzhandler'); + if($this->compress_response && function_exists('gzencode') && $resp_encoding != '' + && $php_no_self_compress) + { + if(strpos($resp_encoding, 'gzip') !== false) + { + $payload = gzencode($payload); + header("Content-Encoding: gzip"); + header("Vary: Accept-Encoding"); + } + elseif (strpos($resp_encoding, 'deflate') !== false) + { + $payload = gzcompress($payload); + header("Content-Encoding: deflate"); + header("Vary: Accept-Encoding"); + } + } + + // do not ouput content-length header if php is compressing output for us: + // it will mess up measurements + if($php_no_self_compress) + { + header('Content-Length: ' . (int)strlen($payload)); + } + } + else + { + error_log('XML-RPC: xmlrpc_server::service: http headers already sent before response is fully generated. Check for php warning or error messages'); + } + + print $payload; + + // return request, in case subclasses want it + return $r; + } + + /** + * Add a method to the dispatch map + * @param string $methodname the name with which the method will be made available + * @param string $function the php function that will get invoked + * @param array $sig the array of valid method signatures + * @param string $doc method documentation + * @access public + */ + function add_to_map($methodname,$function,$sig=null,$doc='') + { + $this->dmap[$methodname] = array( + 'function' => $function, + 'docstring' => $doc + ); + if ($sig) + { + $this->dmap[$methodname]['signature'] = $sig; + } + } + + /** + * Verify type and number of parameters received against a list of known signatures + * @param array $in array of either xmlrpcval objects or xmlrpc type definitions + * @param array $sig array of known signatures to match against + * @access private + */ + function verifySignature($in, $sig) + { + // check each possible signature in turn + if (is_object($in)) + { + $numParams = $in->getNumParams(); + } + else + { + $numParams = count($in); + } + foreach($sig as $cursig) + { + if(count($cursig)==$numParams+1) + { + $itsOK=1; + for($n=0; $n<$numParams; $n++) + { + if (is_object($in)) + { + $p=$in->getParam($n); + if($p->kindOf() == 'scalar') + { + $pt=$p->scalartyp(); + } + else + { + $pt=$p->kindOf(); + } + } + else + { + $pt= $in[$n] == 'i4' ? 'int' : $in[$n]; // dispatch maps never use i4... + } + + // param index is $n+1, as first member of sig is return type + if($pt != $cursig[$n+1] && $cursig[$n+1] != $GLOBALS['xmlrpcValue']) + { + $itsOK=0; + $pno=$n+1; + $wanted=$cursig[$n+1]; + $got=$pt; + break; + } + } + if($itsOK) + { + return array(1,''); + } + } + } + if(isset($wanted)) + { + return array(0, "Wanted ${wanted}, got ${got} at param ${pno}"); + } + else + { + return array(0, "No method signature matches number of parameters"); + } + } + + /** + * Parse http headers received along with xmlrpc request. If needed, inflate request + * @return null on success or an xmlrpcresp + * @access private + */ + function parseRequestHeaders(&$data, &$req_encoding, &$resp_encoding, &$resp_compression) + { + // Play nice to PHP 4.0.x: superglobals were not yet invented... + if(!isset($_SERVER)) + { + $_SERVER = $GLOBALS['HTTP_SERVER_VARS']; + } + + if($this->debug > 1) + { + if(function_exists('getallheaders')) + { + $this->debugmsg(''); // empty line + foreach(getallheaders() as $name => $val) + { + $this->debugmsg("HEADER: $name: $val"); + } + } + + } + + if(isset($_SERVER['HTTP_CONTENT_ENCODING'])) + { + $content_encoding = str_replace('x-', '', $_SERVER['HTTP_CONTENT_ENCODING']); + } + else + { + $content_encoding = ''; + } + + // check if request body has been compressed and decompress it + if($content_encoding != '' && strlen($data)) + { + if($content_encoding == 'deflate' || $content_encoding == 'gzip') + { + // if decoding works, use it. else assume data wasn't gzencoded + if(function_exists('gzinflate') && in_array($content_encoding, $this->accepted_compression)) + { + if($content_encoding == 'deflate' && $degzdata = @gzuncompress($data)) + { + $data = $degzdata; + if($this->debug > 1) + { + $this->debugmsg("\n+++INFLATED REQUEST+++[".strlen($data)." chars]+++\n" . $data . "\n+++END+++"); + } + } + elseif($content_encoding == 'gzip' && $degzdata = @gzinflate(substr($data, 10))) + { + $data = $degzdata; + if($this->debug > 1) + $this->debugmsg("+++INFLATED REQUEST+++[".strlen($data)." chars]+++\n" . $data . "\n+++END+++"); + } + else + { + $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['server_decompress_fail'], $GLOBALS['xmlrpcstr']['server_decompress_fail']); + return $r; + } + } + else + { + //error_log('The server sent deflated data. Your php install must have the Zlib extension compiled in to support this.'); + $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['server_cannot_decompress'], $GLOBALS['xmlrpcstr']['server_cannot_decompress']); + return $r; + } + } + } + + // check if client specified accepted charsets, and if we know how to fulfill + // the request + if ($this->response_charset_encoding == 'auto') + { + $resp_encoding = ''; + if (isset($_SERVER['HTTP_ACCEPT_CHARSET'])) + { + // here we should check if we can match the client-requested encoding + // with the encodings we know we can generate. + /// @todo we should parse q=0.x preferences instead of getting first charset specified... + $client_accepted_charsets = explode(',', strtoupper($_SERVER['HTTP_ACCEPT_CHARSET'])); + // Give preference to internal encoding + $known_charsets = array($GLOBALS['xmlrpc_internalencoding'], 'UTF-8', 'ISO-8859-1', 'US-ASCII'); + foreach ($known_charsets as $charset) + { + foreach ($client_accepted_charsets as $accepted) + if (strpos($accepted, $charset) === 0) + { + $resp_encoding = $charset; + break; + } + if ($resp_encoding) + break; + } + } + } + else + { + $resp_encoding = $this->response_charset_encoding; + } + + if (isset($_SERVER['HTTP_ACCEPT_ENCODING'])) + { + $resp_compression = $_SERVER['HTTP_ACCEPT_ENCODING']; + } + else + { + $resp_compression = ''; + } + + // 'guestimate' request encoding + /// @todo check if mbstring is enabled and automagic input conversion is on: it might mingle with this check??? + $req_encoding = guess_encoding(isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : '', + $data); + + return null; + } + + /** + * Parse an xml chunk containing an xmlrpc request and execute the corresponding + * php function registered with the server + * @param string $data the xml request + * @param string $req_encoding (optional) the charset encoding of the xml request + * @return xmlrpcresp + * @access private + */ + function parseRequest($data, $req_encoding='') + { + // 2005/05/07 commented and moved into caller function code + //if($data=='') + //{ + // $data=$GLOBALS['HTTP_RAW_POST_DATA']; + //} + + // G. Giunta 2005/02/13: we do NOT expect to receive html entities + // so we do not try to convert them into xml character entities + //$data = xmlrpc_html_entity_xlate($data); + + $GLOBALS['_xh']=array(); + $GLOBALS['_xh']['ac']=''; + $GLOBALS['_xh']['stack']=array(); + $GLOBALS['_xh']['valuestack'] = array(); + $GLOBALS['_xh']['params']=array(); + $GLOBALS['_xh']['pt']=array(); + $GLOBALS['_xh']['isf']=0; + $GLOBALS['_xh']['isf_reason']=''; + $GLOBALS['_xh']['method']=false; // so we can check later if we got a methodname or not + $GLOBALS['_xh']['rt']=''; + + // decompose incoming XML into request structure + if ($req_encoding != '') + { + if (!in_array($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) + // the following code might be better for mb_string enabled installs, but + // makes the lib about 200% slower... + //if (!is_valid_charset($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) + { + error_log('XML-RPC: xmlrpc_server::parseRequest: invalid charset encoding of received request: '.$req_encoding); + $req_encoding = $GLOBALS['xmlrpc_defencoding']; + } + /// @BUG this will fail on PHP 5 if charset is not specified in the xml prologue, + // the encoding is not UTF8 and there are non-ascii chars in the text... + /// @todo use an ampty string for php 5 ??? + $parser = xml_parser_create($req_encoding); + } + else + { + $parser = xml_parser_create(); + } + + xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true); + // G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell + // the xml parser to give us back data in the expected charset + // What if internal encoding is not in one of the 3 allowed? + // we use the broadest one, ie. utf8 + // This allows to send data which is native in various charset, + // by extending xmlrpc_encode_entitites() and setting xmlrpc_internalencoding + if (!in_array($GLOBALS['xmlrpc_internalencoding'], array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) + { + xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, 'UTF-8'); + } + else + { + xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $GLOBALS['xmlrpc_internalencoding']); + } + + if ($this->functions_parameters_type != 'xmlrpcvals') + xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee_fast'); + else + xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee'); + xml_set_character_data_handler($parser, 'xmlrpc_cd'); + xml_set_default_handler($parser, 'xmlrpc_dh'); + if(!xml_parse($parser, $data, 1)) + { + // return XML error as a faultCode + $r=&new xmlrpcresp(0, + $GLOBALS['xmlrpcerrxml']+xml_get_error_code($parser), + sprintf('XML error: %s at line %d, column %d', + xml_error_string(xml_get_error_code($parser)), + xml_get_current_line_number($parser), xml_get_current_column_number($parser))); + xml_parser_free($parser); + } + elseif ($GLOBALS['_xh']['isf']) + { + xml_parser_free($parser); + $r=&new xmlrpcresp(0, + $GLOBALS['xmlrpcerr']['invalid_request'], + $GLOBALS['xmlrpcstr']['invalid_request'] . ' ' . $GLOBALS['_xh']['isf_reason']); + } + else + { + xml_parser_free($parser); + if ($this->functions_parameters_type != 'xmlrpcvals') + { + if($this->debug > 1) + { + $this->debugmsg("\n+++PARSED+++\n".var_export($GLOBALS['_xh']['params'], true)."\n+++END+++"); + } + $r = $this->execute($GLOBALS['_xh']['method'], $GLOBALS['_xh']['params'], $GLOBALS['_xh']['pt']); + } + else + { + // build an xmlrpcmsg object with data parsed from xml + $m=&new xmlrpcmsg($GLOBALS['_xh']['method']); + // now add parameters in + for($i=0; $iaddParam($GLOBALS['_xh']['params'][$i]); + } + + if($this->debug > 1) + { + $this->debugmsg("\n+++PARSED+++\n".var_export($m, true)."\n+++END+++"); + } + $r = $this->execute($m); + } + } + return $r; + } + + /** + * Execute a method invoked by the client, checking parameters used + * @param mixed $m either an xmlrpcmsg obj or a method name + * @param array $params array with method parameters as php types (if m is method name only) + * @param array $paramtypes array with xmlrpc types of method parameters (if m is method name only) + * @return xmlrpcresp + * @access private + */ + function execute($m, $params=null, $paramtypes=null) + { + if (is_object($m)) + { + $methName = $m->method(); + } + else + { + $methName = $m; + } + $sysCall = $this->allow_system_funcs && (strpos($methName, "system.") === 0); + $dmap = $sysCall ? $GLOBALS['_xmlrpcs_dmap'] : $this->dmap; + + if(!isset($dmap[$methName]['function'])) + { + // No such method + return new xmlrpcresp(0, + $GLOBALS['xmlrpcerr']['unknown_method'], + $GLOBALS['xmlrpcstr']['unknown_method']); + } + + // Check signature + if(isset($dmap[$methName]['signature'])) + { + $sig = $dmap[$methName]['signature']; + if (is_object($m)) + { + list($ok, $errstr) = $this->verifySignature($m, $sig); + } + else + { + list($ok, $errstr) = $this->verifySignature($paramtypes, $sig); + } + if(!$ok) + { + // Didn't match. + return new xmlrpcresp( + 0, + $GLOBALS['xmlrpcerr']['incorrect_params'], + $GLOBALS['xmlrpcstr']['incorrect_params'] . ": ${errstr}" + ); + } + } + + $func = $dmap[$methName]['function']; + // let the 'class::function' syntax be accepted in dispatch maps + if(is_string($func) && strpos($func, '::')) + { + $func = explode('::', $func); + } + // verify that function to be invoked is in fact callable + if(!is_callable($func)) + { + error_log("XML-RPC: xmlrpc_server::execute: function $func registered as method handler is not callable"); + return new xmlrpcresp( + 0, + $GLOBALS['xmlrpcerr']['server_error'], + $GLOBALS['xmlrpcstr']['server_error'] . ": no function matches method" + ); + } + + // If debug level is 3, we should catch all errors generated during + // processing of user function, and log them as part of response + if($this->debug > 2) + { + $GLOBALS['_xmlrpcs_prev_ehandler'] = set_error_handler('_xmlrpcs_errorHandler'); + } + if (is_object($m)) + { + if($sysCall) + { + $r = call_user_func($func, $this, $m); + } + else + { + $r = call_user_func($func, $m); + } + if (!is_a($r, 'xmlrpcresp')) + { + error_log("XML-RPC: xmlrpc_server::execute: function $func registered as method handler does not return an xmlrpcresp object"); + if (is_a($r, 'xmlrpcval')) + { + $r =& new xmlrpcresp($r); + } + else + { + $r =& new xmlrpcresp( + 0, + $GLOBALS['xmlrpcerr']['server_error'], + $GLOBALS['xmlrpcstr']['server_error'] . ": function does not return xmlrpcresp object" + ); + } + } + } + else + { + // call a 'plain php' function + if($sysCall) + { + array_unshift($params, $this); + $r = call_user_func_array($func, $params); + } + else + { + // 3rd API convention for method-handling functions: EPI-style + if ($this->functions_parameters_type == 'epivals') + { + $r = call_user_func_array($func, array($methName, $params, $this->user_data)); + // mimic EPI behaviour: if we get an array that looks like an error, make it + // an eror response + if (is_array($r) && array_key_exists('faultCode', $r) && array_key_exists('faultString', $r)) + { + $r =& new xmlrpcresp(0, (integer)$r['faultCode'], (string)$r['faultString']); + } + else + { + // functions using EPI api should NOT return resp objects, + // so make sure we encode the return type correctly + $r =& new xmlrpcresp(php_xmlrpc_encode($r, array('extension_api'))); + } + } + else + { + $r = call_user_func_array($func, $params); + } + } + // the return type can be either an xmlrpcresp object or a plain php value... + if (!is_a($r, 'xmlrpcresp')) + { + // what should we assume here about automatic encoding of datetimes + // and php classes instances??? + $r =& new xmlrpcresp(php_xmlrpc_encode($r, array('auto_dates'))); + } + } + if($this->debug > 2) + { + // note: restore the error handler we found before calling the + // user func, even if it has been changed inside the func itself + if($GLOBALS['_xmlrpcs_prev_ehandler']) + { + set_error_handler($GLOBALS['_xmlrpcs_prev_ehandler']); + } + else + { + restore_error_handler(); + } + } + return $r; + } + + /** + * add a string to the 'internal debug message' (separate from 'user debug message') + * @param string $strings + * @access private + */ + function debugmsg($string) + { + $this->debug_info .= $string."\n"; + } + + /** + * @access private + */ + function xml_header($charset_encoding='') + { + if ($charset_encoding != '') + { + return "\n"; + } + else + { + return "\n"; + } + } + + /** + * A debugging routine: just echoes back the input packet as a string value + * DEPRECATED! + */ + function echoInput() + { + $r=&new xmlrpcresp(new xmlrpcval( "'Aha said I: '" . $GLOBALS['HTTP_RAW_POST_DATA'], 'string')); + print $r->serialize(); + } + } +?> \ No newline at end of file diff --git a/central/trunk/index.php b/central/trunk/index.php index 1ef9c9d..703cab8 100644 --- a/central/trunk/index.php +++ b/central/trunk/index.php @@ -2,8 +2,8 @@ /* InstaDisc Server - A Four Island Project */ -include('instadisc.php'); -include('template.php'); +include('includes/instadisc.php'); +include('includes/template.php'); $template = new FITemplate('index'); $template->add('SITENAME', instaDisc_getConfig('siteName')); diff --git a/central/trunk/instadisc.php b/central/trunk/instadisc.php deleted file mode 100644 index 1867757..0000000 --- a/central/trunk/instadisc.php +++ /dev/null @@ -1,400 +0,0 @@ -= intval(instaDisc_getConfig('verIDBufferSize'))) - { - $delverid = "DELETE FROM oldVerID WHERE username = \"" . mysql_real_escape_string($username) . "\""; - $delverid2 = mysql_query($delverid); - } - - $insverid = "INSERT INTO oldVerID (username, verID) VALUES (\"" . mysql_real_escape_string($username) . "\", " . $verificationID . ")"; - $insverid2 = mysql_query($insverid); - - if (($table == 'users') && ($getitem3['ip'] != $_SERVER['REMOTE_ADDR'])) - { - $setuser = "UPDATE users SET ip = \"" . $_SERVER['REMOTE_ADDR'] . "\" WHERE id = " . $getitem3['id']; - $setuser2 = mysql_query($setuser); - } - - return true; - } - } - } - - return false; -} - -function instaDisc_sendItem($username, $id) -{ - $getitem = "SELECT * FROM inbox WHERE username = \"" . mysql_real_escape_string($username) . "\" AND itemID = " . $id; - $getitem2 = mysql_query($getitem); - $getitem3 = mysql_fetch_array($getitem2); - if ($getitem3['username'] == $username) - { - $getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($username) . "\""; - $getuser2 = mysql_query($getuser); - $getuser3 = mysql_fetch_array($getuser2); - - $fp = @fsockopen($getuser3['ip'], 1204, $errno, $errstr); - if ($fp) - { - $verID = rand(1,65536); - - $title = str_replace(': ', '__INSTADISC__', $getitem3['title']); - - $out = 'ID: ' . $id . "\r\n"; - $out .= 'Verification: ' . md5($username . ':' . $getuser3['password'] . ':' . $verID) . "\r\n"; - $out .= 'Verification-ID: ' . $verID . "\r\n"; - $out .= 'Subscription: ' . $getitem3['subscription'] . "\r\n"; - $out .= 'Title: ' . $title . "\r\n"; - $out .= 'Author: ' . $getitem3['author'] . "\r\n"; - $out .= 'URL: ' . $getitem3['url'] . "\r\n"; - - $semantics = unserialize($getitem3['semantics']); - foreach ($semantics as $name => $value) - { - $value = str_replace(': ', '__INSTADISC__', $value); - $out .= $name . ': ' . $value . "\r\n"; - } - - if ($getitem3['encryptionID'] != 0) - { - $out .= 'Encryption-ID: ' . $getitem3['encryptionID'] . "\r\n"; - } - - $out .= "\r\n\r\n"; - - fwrite($fp, $out); - fclose($fp); - - return true; - } else { - return false; - } - } -} - -function instaDisc_sendUpdateNotice($softwareVersion) -{ - $username = instaDisc_getConfig('owner'); - $subscription = 'http://fourisland.com/' . $_SERVER['SERVER_NAME'] . '/'; - $title = 'Update your software to ' . $software; - $author = 'Hatkirby'; - $url = 'http://fourisland.com/projects/instadisc/wiki/CentralSoftwareUpdate'; - $semantics = array(); - - instaDisc_addItem($username, $subscription, $title, $author, $url, $semantics); -} - -function instaDisc_sendDatabase($cserver) -{ - $getdb = "SELECT * FROM centralServers"; - $getdb2 = mysql_query($getdb); - $i=0; - while ($getdb3[$i] = mysql_fetch_array($getdb2)) - { - $db[$getdb3[$i]['url']]['code'] = $getdb3[$i]['code']; - $db[$getdb3[$i]['url']]['xmlrpc'] = $getdb3[$i]['xmlrpc']; - $i++; - } - - $cserver2 = $_SERVER['HTTP_HOST']; - $getuk = "SELECT * FROM centralServers WHERE url = \"" . mysql_real_escape_string($cserver2) . "\""; - $getuk2 = mysql_query($getuk); - $getuk3 = mysql_fetch_array($getuk2); - - $verID = rand(1,65536); - - $client = new xmlrpc_client($cserver); - $msg = new xmlrpcmsg("InstaDisc.sendDatabase", array( new xmlrpcval($cserver2, 'string'), - new xmlrpcval(md5($cserver2 . ":" . $getuk3['code'] . ":" . $verID), 'string'), - new xmlrpcval($verID, 'int'), - new xmlrpcval(serialize($db), 'string'), - new xmlrpcval(instaDisc_getConfig('databaseVersion'), 'string'))); - $client->send($msg); -} - -function instaDisc_addItem($username, $subscription, $title, $author, $url, $semantics, $encryptionID) -{ - $getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($username) . "\""; - $getuser2 = mysql_query($getuser); - $getuser3 = mysql_fetch_array($getuser2); - if ($getuser3['username'] == $username) - { - $itemID = $getuser3['nextItemID']; - $setuser = "UPDATE users SET nextItemID = nextItemID+1 WHERE username = \"" . mysql_real_escape_string($username) . "\""; - $setuser2 = mysql_query($setuser); - - $insitem = "INSERT INTO inbox (username, itemID, subscription, title, author, url, semantics, encryptionID) VALUES (\"" . mysql_real_escape_string($username) . "\", " . $itemID . ", \"" . mysql_real_escape_string($subscription) . "\", \"" . mysql_real_escape_string($title) . "\", \"" . mysql_real_escape_string($author) . "\", \"" . mysql_real_escape_string($url) . "\", \"" . mysql_real_escape_string($semantics) . "\"," . $encryptionID . ")"; - $insitem2 = mysql_query($insitem); - - instaDisc_sendItem($username, $itemID); - } -} - -function instaDisc_phpMailer() -{ - $mail = new PHPMailer(); - $mail->IsSMTP(); - $mail->From = 'instadisc@' . instaDisc_getConfig('mailDomain'); - $mail->FromName = 'InstaDisc'; - $mail->Host = instaDisc_getConfig('smtpHost'); - if (instaDisc_getConfig('smtpAuth') == 'true') - { - $mail->SMTPAuth = true; - $mail->Username = instaDisc_getConfig('smtpUser'); - $mail->Password = instaDisc_getConfig('smtpPass'); - } - $mail->Helo = $_SERVER['SERVER_NAME']; - $mail->ClearAddresses(); - - return $mail; -} - -function instaDisc_sendActivationEmail($username, $password, $email) -{ - $penKey = md5(rand(1,65536)); - - $inspending = "INSERT INTO pending (username, password, email, code) VALUES (\"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string(md5($password)) . "\", \"" . mysql_real_escape_string($email) . "\", \"" . mysql_real_escape_string($penKey) . "\")"; - $inspending2 = mysql_query($inspending); - - $mail = instaDisc_phpMailer(); - $mail->AddAddress($email, $username); - $mail->Subject = 'InstaDisc Account Verification'; - $mail->Body = "Hello, someone has recently registered an account at " . $_SERVER['HTTP_HOST'] . " with your email address. If that was you, and your chosen username IS " . $username . ", then copy the account verification code below to our Account Verification page, enter your username and press Activate!\r\n\r\n" . $penKey . "\r\n\r\nIf that was not you, copy the above code to our Account Verification page, enter the above username, and click Delete."; - $mail->Send(); - - return ($mail->IsError() ? $mail->ErrorInfo : true); -} - -function instaDisc_activateAccount($username, $penKey) -{ - $getuser = "SELECT * FROM pending WHERE username = \"" . mysql_real_escape_string($username) . "\" AND code = \"" . mysql_real_escape_string($penKey) . "\""; - $getuser2 = mysql_query($getuser); - $getuser3 = mysql_fetch_array($getuser2); - if ($getuser3['username'] == $username) - { - $insuser = "INSERT INTO users (username, password, email) VALUES (\"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string($getuser3['password']) . "\", \"" . mysql_real_escape_string($getuser3['email']) . "\")"; - $insuser2 = mysql_query($insuser); - - $delpending = "DELETE FROM pending WHERE username = \"" . mysql_real_escape_string($username) . "\""; - $delpending2 = mysql_query($delpending); - - $mail = instaDisc_phpMailer(); - $mail->AddAddress($getuser3['email'], $username); - $mail->Subject = 'Welcome to InstaDisc!'; - $mail->Body = "Welcome to InstaDisc! Thank you for registering at " . instaDisc_getConfig('siteName') . " Central Server, we hope you enjoy our service! Now, when you download an InstaDisc Client, it will ask you for the following information which you will need to enter into it for it to work:\r\n\r\nUsername: " . $username . "\r\nPassword: (you should know this, it's not displayed here for security reasons)\r\nCentral Server URL: " . instaDisc_getConfig("xmlrpcURL") . "\r\n\r\nOnce again, thank you for choosing " . instaDisc_getConfig("siteName") . "!"; - $mail->Send(); - - return ($mail->IsError() ? $mail->ErrorInfo : true); - } else { - return false; - } -} - -function instaDisc_deactivateAccount($username, $penKey) -{ - $getuser = "SELECT * FROM pending WHERE username = \"" . mysql_real_escape_string($username) . "\" AND code = \"" . mysql_real_escape_string($penKey) . "\""; - $getuser2 = mysql_query($getuser); - $getuser3 = mysql_fetch_array($getuser2); - if ($getuser3['username'] == $username) - { - $delpending = "DELETE FROM pending WHERE username = \"" . mysql_real_escape_string($username) . "\""; - $delpending2 = mysql_query($delpending); - - return true; - } else { - return false; - } -} - -function instaDisc_verifyUser($username, $password) -{ - return instaDisc_checkVerification($username, md5($username . ':' . md5($password) . ':0'), 0, 'users', 'username', 'password'); -} - -function instaDisc_deleteAccount($username) -{ - $getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($username) . "\""; - $getuser2 = mysql_query($getuser); - $getuser3 = mysql_fetch_array($getuser2); - if ($getuser3['username'] == $username) - { - $deluser = "DELETE FROM users WHERE username = \"" . mysql_real_escape_string($username) . "\""; - $deluser2 = mysql_query($deluser); - - $delsubs = "DELETE FROM subscriptions WHERE username = \"" . mysql_real_escape_string($username) . "\""; - $delsubs2 = mysql_query($delsubs); - - $delitems = "DELETE FROM inbox WHERE username = \"" . mysql_real_escape_string($username) . "\""; - $delitems2 = mysql_query($delitems); - - return true; - } - - return false; -} - -function instaDisc_getConfig($key) -{ - $getconfig = "SELECT * FROM config WHERE name = \"" . mysql_real_escape_string($key) . "\""; - $getconfig2 = mysql_query($getconfig); - $getconfig3 = mysql_fetch_array($getconfig2); - - return $getconfig3['value']; -} - -function instaDisc_listSubscriptions($username) -{ - $getsubs = "SELECT * FROM subscriptions WHERE username = \"" . mysql_real_escape_string($username) . "\" AND owner = \"true\""; - $getsubs2 = mysql_query($getsubs); - $i=0; - while ($getsubs3[$i] = mysql_fetch_array($getsubs2)) - { - $subs[$i] = $getsubs3[$i]['url']; - - $i++; - } - - $subs['size'] = $i; - return $subs; -} - -function instaDisc_addSubscription($username, $url) -{ - $getcode = "SELECT * FROM pending2 WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\""; - $getcode2 = mysql_query($getcode); - $getcode3 = mysql_fetch_array($getcode2); - if ($getcode3['username'] == $username) - { - $delcode = "DELETE FROM pending2 WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\""; - $delcode2 = mysql_query($delcode); - - $c = curl_init(); - curl_setopt($c, CURLOPT_URL, $url); - curl_setopt($c, CURLOPT_HEADER, false); - curl_setopt($c, CURLOPT_RETURNTRANSFER, true); - $page_data = curl_exec($c); - curl_close($c); - - $headers = split("\n", $page_date); - foreach ($headers as $name => $value) - { - $header = split(": ", $value); - $headerMap[$header[0]] = $header[1]; - } - - if (isset($header['Subscription'])) - { - if (isset($header['Title'])) - { - if (isset($header['Category'])) - { - if (isset($header['Key'])) - { - if ($header['Key'] == $getcode3['code']) - { - $inssub = "INSERT INTO subscriptions (username,url,owner,category) VALUES (\"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string($header['Subscription']) . "\", \"true\", \"" . mysql_real_escape_string($header['Category']) . "\")"; - $inssub2 = mysql_query($inssub); - - return true; - } - } - } - } - } - } - - return false; -} - -function instaDisc_listPendingSubscriptions($username) -{ - $getsubs = "SELECT * FROM pending2 WHERE username = \"" . mysql_real_escape_string($username) . "\""; - $getsubs2 = mysql_query($getsubs); - $i=0; - while ($getsubs3[$i] = mysql_fetch_array($getsubs2)) - { - $subs[$i] = array('url' => $getsubs3[$i]['url'], 'code' => $getsubs3[$i]['code']); - - $i++; - } - - $subs['size'] = $i; - return $subs; -} - -function instaDisc_generateSubscriptionActivation($username, $url) -{ - $getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($username) . "\""; - $getuser2 = mysql_query($getuser); - $getuser3 = mysql_fetch_array($getuser2); - if ($getuser3['username'] == $username) - { - $key = md5(rand(1,65536)); - - $inspending = "INSERT INTO pending2 (username, url, code) VALUES (\"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string($url) . "\", \"" . mysql_real_escape_string($key) . "\")"; - $inspending2 = mysql_query($inspending); - - return $key; - } - - return false; -} - -function instaDisc_deleteSubscription($username, $url) -{ - $getsub = "SELECT * FROM subscriptions WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\")"; - $getsub2 = mysql_query($getsub); - $getsub3 = mysql_fetch_array($getsub2); - if ($getsub3['username'] == $username) - { - $delsub = "DELETE FROM subscriptions WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\")"; - $delsub2 = mysql_query($delsub); - - return true; - } - - return false; -} - -function instaDisc_cancelSubscription($username, $url) -{ - $getsub = "SELECT * FROM pending2 WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\")"; - $getsub2 = mysql_query($getsub); - $getsub3 = mysql_fetch_array($getsub2); - if ($getsub3['username'] == $username) - { - $delsub = "DELETE FROM pending2 WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\")"; - $delsub2 = mysql_query($delsub); - - return true; - } - - return false; -} - -?> diff --git a/central/trunk/install.php b/central/trunk/install.php index f41713f..b819e84 100644 --- a/central/trunk/install.php +++ b/central/trunk/install.php @@ -2,7 +2,7 @@ /* InstaDisc Server - A Four Island Project */ -include('class.phpmailer.php'); +include('includes/class.phpmailer.php'); $softwareVersion = 1; diff --git a/central/trunk/login.php b/central/trunk/login.php index cb96356..041376a 100644 --- a/central/trunk/login.php +++ b/central/trunk/login.php @@ -2,8 +2,8 @@ /* InstaDisc Server - A Four Island Project */ -include('instadisc.php'); -include('template.php'); +include('includes/instadisc.php'); +include('includes/template.php'); if (!isset($_GET['submit'])) { diff --git a/central/trunk/register.php b/central/trunk/register.php index 87774fc..fd09fde 100644 --- a/central/trunk/register.php +++ b/central/trunk/register.php @@ -2,7 +2,8 @@ /* InstaDisc Server - A Four Island Project */ -include('instadisc.php'); +include('includes/instadisc.php'); +include('includes/template.php'); if (!isset($_GET['submit'])) { diff --git a/central/trunk/subscription.php b/central/trunk/subscription.php index 020f7d7..9b6a61c 100644 --- a/central/trunk/subscription.php +++ b/central/trunk/subscription.php @@ -2,7 +2,7 @@ /* InstaDisc Server - A Four Island Project */ -include('instadisc.php'); +include('includes/instadisc.php'); ?>Subscription: http://fourisland.com/ Title: diff --git a/central/trunk/template.php b/central/trunk/template.php deleted file mode 100644 index b4ec16b..0000000 --- a/central/trunk/template.php +++ /dev/null @@ -1,160 +0,0 @@ -file = $tfn; - } else { - throw new Exception($tfn . ' does not exist'); - } - } - - function add($name, $value) - { - $this->tags[$name] = $value; - } - - function adds($tagarr) - { - foreach ($tagarr as $name => $value) - { - $this->add($name,$value); - } - } - - function adds_block($block, $tagarr) - { - if (!isset($this->blocks[$block])) - { - $this->blocks[$block] = array('count' => 1); - } - foreach ($tagarr as $name => $value) - { - $this->blocks[$block][$this->blocks[$block]['count']][$name] = $value; - } - $this->blocks[$block]['count']++; - } - - function add_ref($id, $block, $tagarr) - { - $this->adds_block($block,$tagarr); - $this->refs[$id] = &$this->blocks[$block][$this->blocks[$block]['count']-1];//'$this->blocks[\'' . $block . '\'][' . ($this->blocks[$block]['count']-1) . ']'; - } - - function adds_ref($id, $tagarr) - { - foreach ($tagarr as $name => $value) - { - $this->refs[$id][$name] = $value; - } - } - - function adds_ref_sub($id, $block, $tagarr) - { - if (!isset($this->refs[$id][$block])) - { - $this->refs[$id][$block] = array('count' => 1); - } - foreach ($tagarr as $name => $value) - { - $this->refs[$id][$block][$this->refs[$id][$block]['count']][$name] = $value; - } - $this->refs[$id][$block]['count']++; - } - - function display() - { - $template = file_get_contents($this->file); - while (preg_match('//',$template) == 1) - { - preg_match('//',$template,$mat); - $fname = $mat[1]; - $itmp = new FITemplate($fname); - $template = str_replace('',file_get_contents($itmp->file),$template); - } - if (isset($this->tags)) - { - foreach ($this->tags as $name => $value) - { - $template = str_replace('',$value,$template); - } - } - if (isset($this->blocks)) - { - foreach ($this->blocks as $bname => $block) - { - $this->parseBlock($template, $bname, $block); - } - } - while (preg_match('//',$template) == 1) - { - preg_match('//',$template,$mat); - $bname = $mat[1]; - $start = strpos($template,''); - $end = strpos($template,''); - $template = str_replace(substr($template,$start,$end-$start+strlen($bname)+11),'',$template); - } - $template = preg_replace('//','',$template); - echo($template); - } - - function parseBlock(&$template, $bname, $block) - { - while (strpos($template,'') !== FALSE) - { - $start = strpos($template,''); - $end = strpos($template,''); - $gencont = substr($template,$start+strlen($bname)+13,$end-$start-strlen($bname)-13); - $blockcont = ''; - foreach ($block as $lname => $blocktags) - { - if ($lname != 'count') - { - $scrcont = $gencont; - foreach ($blocktags as $name => $value) - { - if (!is_array($value)) - { - $scrcont = str_replace('',$value,$scrcont); - } else { - $this->parseBlock($scrcont, $bname . '.' . $name, $value); - } - } - $blockcont .= $scrcont; - } - } - $template = str_replace(substr($template,$start,$end-$start+strlen($bname)+11),$blockcont,$template); - } - } - -} - -?> diff --git a/central/trunk/theme/uniform.css b/central/trunk/theme/uniform.css new file mode 100644 index 0000000..ae810cb --- /dev/null +++ b/central/trunk/theme/uniform.css @@ -0,0 +1,268 @@ +/* uniForm */ + .uniForm{ + margin:0; padding:0; + position:relative; + width:100%; + /* user prefs */ + padding:10px 0; + } + + /* Some generals */ + .uniForm fieldset{ + border:none; + margin:0; padding:0; + /* user prefs */ + margin:0 0 7px 0; padding:0 0 10px 0; + border-bottom:1px solid #efefef; + } + .uniForm fieldset legend{ + color:#000; /* Reset IE */ + margin:0; padding:0; + /* user prefs */ + margin:0 0 .5em 0; + font:bold small-caps 100%/100% "lucida grande", "lucida sans unicode", "trebuchet ms", arial, verdana, sans-serif; + letter-spacing:.1em; + color:#93b5be; + } + + .ctrlHolder{ /* This is the main unit that contains our form "modules" */ + overflow:hidden; + margin:0; padding:0; + clear:both; + /* user prefs */ + background:#f9f9f9; + margin:0; padding:7px 4px; + } + + .buttonHolder{ + overflow:hidden; + clear:both; + /* user prefs */ + background:#f9f9f9; + border:1px solid #ccc; border-width:1px 0; + margin:10px 0 0 0; padding:10px; + text-align:right; + } + .resetButton{ + } + .submitButton{ + } + + .uniForm .inlineLabel{ + width:auto; + float:none; + display:inline; + /* user prefs */ + margin:0 2em 0 0; + font-weight:normal; + } + .uniForm .inlineLabel input{ + } + + /* Highlighting the rows on input focus */ + .focused{ + background:#FFFCDF url(/theme/images/uf_focused.png); + border:1px solid #EFE795; border-width:1px 0; + padding:6px 4px; + } + + + /* Styles for form controls where labels are in line with the input elements */ + /* Set the class to the parent to .inlineLabels */ + .inlineLabels .ctrlHolder{ + } + .inlineLabels label, + .inlineLabels .label{ + float:left; + margin:.3em 0 0 0; padding:0; + line-height:100%; + /* user prefs */ + width:30%; + font-weight:bold; + } + + .inlineLabels .textInput, + .inlineLabels .fileUpload{ + float:left; + /* user prefs */ + width:68%; + border:2px solid #dfdfdf; + } + .inlineLabels .fileUpload > input{ + } + + .inlineLabels .selectInput{ + float:left; + /* user prefs */ + width:69%; + border:2px solid #dfdfdf; + } + + .inlineLabels textarea{ + float:left; + width:68%; + /* user prefs */ + border:2px solid #dfdfdf; + height:12em; + } + + .inlineLabels .formHint{ + clear:both; + /* user prefs */ + color:#999; + margin:.5em 0 0 30%; padding:3px 0; + font-size:80%; + } + + /* inlineLabels esthetics */ + .inlineLabels .formHint strong{ + padding:0 0 0 14px; + background:url(/theme/images/icon_alert.png) 0 0 no-repeat; + display:inline-block; + } + + + /* ########################################################################## */ + + /* Styles for form controls where labels are above the input elements */ + /* Set the class to the parent to .blockLabels */ + .blockLabels .ctrlHolder{ + } + + .blockLabels label, + .blockLabels .label{ + display:block; + float:none; + margin:.3em 0; padding:0; + line-height:100%; + width:60%; + /* user prefs */ + font-weight:bold; + width:auto; + } + .blockLabels .label{ + float:left; + margin-right:3em; + } + + .blockLabels .textInput{ + float:left; + width:60%; + /* user prefs */ + border:2px solid #dfdfdf; + } + + .blockLabels .selectInput{ + float:left; + width:60%; + /* user prefs */ + border:2px solid #dfdfdf; + + } + + .blockLabels textarea{ + display:block; + float:left; + /* user prefs */ + border:2px solid #dfdfdf; + height:12em; + } + + .blockLabels .formHint{ + float:right; + margin:0; + width:38%; + clear:none; + /* user prefs */ + color:#999; + font-size:80%; + font-style:italic; + } + + /* blockLabels esthetics */ + .blockLabels .ctrlHolder{ + border:1px solid #dfdfdf; border-width:1px 0; + margin-top:-1px; + } + + .blockLabels .focused{ + padding:7px 4px; + } + + /* ########################################################################## */ + + /* Focus pseudoclasses */ + .ctrlHolder .textInput:focus{ + border-color:#DFD77D; + } + div.focused .textInput:focus{ + } + div.focused .formHint{ + color:#000; + } + + /* Required asterisk styling, use if needed */ + label em, + .label em{ + display:block; + position:absolute; left:28%; + font-style:normal; + font-weight:bold; + } + .blockLabels label em, + .blockLabels .label em{ + position:static; + display:inline; + } + + /* Messages */ + .uniForm #errorMsg{ + background:#ffdfdf url(/theme/images/uf_error.png); + border:1px solid #df7d7d; border-width:1px 0; + margin:0 0 1em 0; padding:1em; + } + .uniForm .error, + .uniForm .blockLabels.ctrlHolder.error{ + background:#ffdfdf url(/theme/images/uf_error.png); + border:1px solid #df7d7d; border-width:1px 0; + position:relative; + } + .uniForm #errorMsg dt, + .uniForm #errorMsg h3{ + margin:0 0 .5em 0; + font-size:110%; + line-height:100%; + font-weight:bold; + color:#000; + padding:2px 0 2px 18px; + background:url(/theme/images/icon-error.png) 0 0 no-repeat; + } + .uniForm #errorMsg dd{ + margin:0; padding:0; + } + .uniForm #errorMsg ol{ + margin:0; padding:0; + } + .uniForm #errorMsg ol li{ + margin:0; padding:2px; + list-style-position:inside; + border-bottom:1px dotted #df7d7d; + position:relative; + } + .uniForm .errorField{ + margin:0 0 3px 0; + } + .uniForm .inlineLabels .errorField{ + margin-left:30%; + } + .uniForm .errorField strong{ + background:#FFE2E2; + padding:1px 3px 3px 3px; + } + .ctrlHolder.error input, + .ctrlHolder.error input:focus{ + border-color:#DF7D7D; + } + .ctrlHolder.error.focused{ + padding:7px 4px; + } diff --git a/central/trunk/uniform.css b/central/trunk/uniform.css deleted file mode 100644 index ae810cb..0000000 --- a/central/trunk/uniform.css +++ /dev/null @@ -1,268 +0,0 @@ -/* uniForm */ - .uniForm{ - margin:0; padding:0; - position:relative; - width:100%; - /* user prefs */ - padding:10px 0; - } - - /* Some generals */ - .uniForm fieldset{ - border:none; - margin:0; padding:0; - /* user prefs */ - margin:0 0 7px 0; padding:0 0 10px 0; - border-bottom:1px solid #efefef; - } - .uniForm fieldset legend{ - color:#000; /* Reset IE */ - margin:0; padding:0; - /* user prefs */ - margin:0 0 .5em 0; - font:bold small-caps 100%/100% "lucida grande", "lucida sans unicode", "trebuchet ms", arial, verdana, sans-serif; - letter-spacing:.1em; - color:#93b5be; - } - - .ctrlHolder{ /* This is the main unit that contains our form "modules" */ - overflow:hidden; - margin:0; padding:0; - clear:both; - /* user prefs */ - background:#f9f9f9; - margin:0; padding:7px 4px; - } - - .buttonHolder{ - overflow:hidden; - clear:both; - /* user prefs */ - background:#f9f9f9; - border:1px solid #ccc; border-width:1px 0; - margin:10px 0 0 0; padding:10px; - text-align:right; - } - .resetButton{ - } - .submitButton{ - } - - .uniForm .inlineLabel{ - width:auto; - float:none; - display:inline; - /* user prefs */ - margin:0 2em 0 0; - font-weight:normal; - } - .uniForm .inlineLabel input{ - } - - /* Highlighting the rows on input focus */ - .focused{ - background:#FFFCDF url(/theme/images/uf_focused.png); - border:1px solid #EFE795; border-width:1px 0; - padding:6px 4px; - } - - - /* Styles for form controls where labels are in line with the input elements */ - /* Set the class to the parent to .inlineLabels */ - .inlineLabels .ctrlHolder{ - } - .inlineLabels label, - .inlineLabels .label{ - float:left; - margin:.3em 0 0 0; padding:0; - line-height:100%; - /* user prefs */ - width:30%; - font-weight:bold; - } - - .inlineLabels .textInput, - .inlineLabels .fileUpload{ - float:left; - /* user prefs */ - width:68%; - border:2px solid #dfdfdf; - } - .inlineLabels .fileUpload > input{ - } - - .inlineLabels .selectInput{ - float:left; - /* user prefs */ - width:69%; - border:2px solid #dfdfdf; - } - - .inlineLabels textarea{ - float:left; - width:68%; - /* user prefs */ - border:2px solid #dfdfdf; - height:12em; - } - - .inlineLabels .formHint{ - clear:both; - /* user prefs */ - color:#999; - margin:.5em 0 0 30%; padding:3px 0; - font-size:80%; - } - - /* inlineLabels esthetics */ - .inlineLabels .formHint strong{ - padding:0 0 0 14px; - background:url(/theme/images/icon_alert.png) 0 0 no-repeat; - display:inline-block; - } - - - /* ########################################################################## */ - - /* Styles for form controls where labels are above the input elements */ - /* Set the class to the parent to .blockLabels */ - .blockLabels .ctrlHolder{ - } - - .blockLabels label, - .blockLabels .label{ - display:block; - float:none; - margin:.3em 0; padding:0; - line-height:100%; - width:60%; - /* user prefs */ - font-weight:bold; - width:auto; - } - .blockLabels .label{ - float:left; - margin-right:3em; - } - - .blockLabels .textInput{ - float:left; - width:60%; - /* user prefs */ - border:2px solid #dfdfdf; - } - - .blockLabels .selectInput{ - float:left; - width:60%; - /* user prefs */ - border:2px solid #dfdfdf; - - } - - .blockLabels textarea{ - display:block; - float:left; - /* user prefs */ - border:2px solid #dfdfdf; - height:12em; - } - - .blockLabels .formHint{ - float:right; - margin:0; - width:38%; - clear:none; - /* user prefs */ - color:#999; - font-size:80%; - font-style:italic; - } - - /* blockLabels esthetics */ - .blockLabels .ctrlHolder{ - border:1px solid #dfdfdf; border-width:1px 0; - margin-top:-1px; - } - - .blockLabels .focused{ - padding:7px 4px; - } - - /* ########################################################################## */ - - /* Focus pseudoclasses */ - .ctrlHolder .textInput:focus{ - border-color:#DFD77D; - } - div.focused .textInput:focus{ - } - div.focused .formHint{ - color:#000; - } - - /* Required asterisk styling, use if needed */ - label em, - .label em{ - display:block; - position:absolute; left:28%; - font-style:normal; - font-weight:bold; - } - .blockLabels label em, - .blockLabels .label em{ - position:static; - display:inline; - } - - /* Messages */ - .uniForm #errorMsg{ - background:#ffdfdf url(/theme/images/uf_error.png); - border:1px solid #df7d7d; border-width:1px 0; - margin:0 0 1em 0; padding:1em; - } - .uniForm .error, - .uniForm .blockLabels.ctrlHolder.error{ - background:#ffdfdf url(/theme/images/uf_error.png); - border:1px solid #df7d7d; border-width:1px 0; - position:relative; - } - .uniForm #errorMsg dt, - .uniForm #errorMsg h3{ - margin:0 0 .5em 0; - font-size:110%; - line-height:100%; - font-weight:bold; - color:#000; - padding:2px 0 2px 18px; - background:url(/theme/images/icon-error.png) 0 0 no-repeat; - } - .uniForm #errorMsg dd{ - margin:0; padding:0; - } - .uniForm #errorMsg ol{ - margin:0; padding:0; - } - .uniForm #errorMsg ol li{ - margin:0; padding:2px; - list-style-position:inside; - border-bottom:1px dotted #df7d7d; - position:relative; - } - .uniForm .errorField{ - margin:0 0 3px 0; - } - .uniForm .inlineLabels .errorField{ - margin-left:30%; - } - .uniForm .errorField strong{ - background:#FFE2E2; - padding:1px 3px 3px 3px; - } - .ctrlHolder.error input, - .ctrlHolder.error input:focus{ - border-color:#DF7D7D; - } - .ctrlHolder.error.focused{ - padding:7px 4px; - } diff --git a/central/trunk/userpanel.php b/central/trunk/userpanel.php index 879a75c..f28b8fb 100644 --- a/central/trunk/userpanel.php +++ b/central/trunk/userpanel.php @@ -2,8 +2,8 @@ /* InstaDisc Server - A Four Island Project */ -include('instadisc.php'); -include('template.php'); +include('includes/instadisc.php'); +include('includes/template.php'); if (isset($_SESSION['username'])) { diff --git a/central/trunk/xmlrpc.php b/central/trunk/xmlrpc.php index 37c3216..88fff7f 100644 --- a/central/trunk/xmlrpc.php +++ b/central/trunk/xmlrpc.php @@ -2,10 +2,9 @@ /* InstaDisc Server - A Four Island Project */ -include('xmlrpc/xmlrpc.inc'); -include('xmlrpc/xmlrpcs.inc'); -include('db.php'); -include('instadisc.php'); +include('includes/xmlrpc/xmlrpc.inc'); +include('includes/xmlrpc/xmlrpcs.inc'); +include('includes/instadisc.php'); function checkRegistration($username, $verification, $verificationID) { diff --git a/central/trunk/xmlrpc/array_key_exists.php b/central/trunk/xmlrpc/array_key_exists.php deleted file mode 100644 index c5ae519..0000000 --- a/central/trunk/xmlrpc/array_key_exists.php +++ /dev/null @@ -1,55 +0,0 @@ - | -// +----------------------------------------------------------------------+ -// -// $Id: array_key_exists.php,v 1.1 2005/07/11 16:34:35 ggiunta Exp $ - - -/** - * Replace array_key_exists() - * - * @category PHP - * @package PHP_Compat - * @link http://php.net/function.array_key_exists - * @author Aidan Lister - * @version $Revision: 1.1 $ - * @since PHP 4.1.0 - * @require PHP 4.0.0 (user_error) - */ -if (!function_exists('array_key_exists')) { - function array_key_exists($key, $search) - { - if (!is_scalar($key)) { - user_error('array_key_exists() The first argument should be either a string or an integer', - E_USER_WARNING); - return false; - } - - if (is_object($search)) { - $search = get_object_vars($search); - } - - if (!is_array($search)) { - user_error('array_key_exists() The second argument should be either an array or an object', - E_USER_WARNING); - return false; - } - - return in_array($key, array_keys($search)); - } -} - -?> \ No newline at end of file diff --git a/central/trunk/xmlrpc/is_a.php b/central/trunk/xmlrpc/is_a.php deleted file mode 100644 index d98db1f..0000000 --- a/central/trunk/xmlrpc/is_a.php +++ /dev/null @@ -1,47 +0,0 @@ - | -// +----------------------------------------------------------------------+ -// -// $Id: is_a.php,v 1.2 2005/11/21 10:57:23 ggiunta Exp $ - - -/** - * Replace function is_a() - * - * @category PHP - * @package PHP_Compat - * @link http://php.net/function.is_a - * @author Aidan Lister - * @version $Revision: 1.2 $ - * @since PHP 4.2.0 - * @require PHP 4.0.0 (user_error) (is_subclass_of) - */ -if (!function_exists('is_a')) { - function is_a($object, $class) - { - if (!is_object($object)) { - return false; - } - - if (get_class($object) == strtolower($class)) { - return true; - } else { - return is_subclass_of($object, $class); - } - } -} - -?> \ No newline at end of file diff --git a/central/trunk/xmlrpc/is_callable.php b/central/trunk/xmlrpc/is_callable.php deleted file mode 100644 index b769c41..0000000 --- a/central/trunk/xmlrpc/is_callable.php +++ /dev/null @@ -1,53 +0,0 @@ - - * @version $Id: is_callable.php,v 1.3 2006/08/21 14:03:15 ggiunta Exp $ - * @since PHP 4.0.6 - * @require PHP 4.0.0 (true, false, etc...) - * @todo add the 3rd parameter syntax... - */ -if (!function_exists('is_callable')) { - function is_callable($var, $syntax_only=false) - { - if ($syntax_only) - { - /* from The Manual: - * If the syntax_only argument is TRUE the function only verifies - * that var might be a function or method. It will only reject simple - * variables that are not strings, or an array that does not have a - * valid structure to be used as a callback. The valid ones are - * supposed to have only 2 entries, the first of which is an object - * or a string, and the second a string - */ - return (is_string($var) || (is_array($var) && count($var) == 2 && is_string(end($var)) && (is_string(reset($var)) || is_object(reset($var))))); - } - else - { - if (is_string($var)) - { - return function_exists($var); - } - else if (is_array($var) && count($var) == 2 && is_string($method = end($var))) - { - $obj = reset($var); - if (is_string($obj)) - { - $methods = get_class_methods($obj); - return (bool)(is_array($methods) && in_array(strtolower($method), $methods)); - } - else if (is_object($obj)) - { - return method_exists($obj, $method); - } - } - return false; - } - } -} - -?> \ No newline at end of file diff --git a/central/trunk/xmlrpc/is_scalar.php b/central/trunk/xmlrpc/is_scalar.php deleted file mode 100644 index c8f2bfc..0000000 --- a/central/trunk/xmlrpc/is_scalar.php +++ /dev/null @@ -1,38 +0,0 @@ - \ No newline at end of file diff --git a/central/trunk/xmlrpc/var_export.php b/central/trunk/xmlrpc/var_export.php deleted file mode 100644 index 3a5ac3f..0000000 --- a/central/trunk/xmlrpc/var_export.php +++ /dev/null @@ -1,105 +0,0 @@ - | -// +----------------------------------------------------------------------+ -// -// $Id: var_export.php,v 1.2 2005/11/21 10:57:23 ggiunta Exp $ - - -/** - * Replace var_export() - * - * @category PHP - * @package PHP_Compat - * @link http://php.net/function.var_export - * @author Aidan Lister - * @version $Revision: 1.2 $ - * @since PHP 4.2.0 - * @require PHP 4.0.0 (user_error) - */ -if (!function_exists('var_export')) { - function var_export($array, $return = false, $lvl=0) - { - // Common output variables - $indent = ' '; - $doublearrow = ' => '; - $lineend = ",\n"; - $stringdelim = '\''; - - // Check the export isn't a simple string / int - if (is_string($array)) { - $out = $stringdelim . str_replace('\'', '\\\'', str_replace('\\', '\\\\', $array)) . $stringdelim; - } elseif (is_int($array) || is_float($array)) { - $out = (string)$array; - } elseif (is_bool($array)) { - $out = $array ? 'true' : 'false'; - } elseif (is_null($array)) { - $out = 'NULL'; - } elseif (is_resource($array)) { - $out = 'resource'; - } else { - // Begin the array export - // Start the string - $out = "array (\n"; - - // Loop through each value in array - foreach ($array as $key => $value) { - // If the key is a string, delimit it - if (is_string($key)) { - $key = str_replace('\'', '\\\'', str_replace('\\', '\\\\', $key)); - $key = $stringdelim . $key . $stringdelim; - } - - $val = var_export($value, true, $lvl+1); - // Delimit value - /*if (is_array($value)) { - // We have an array, so do some recursion - // Do some basic recursion while increasing the indent - $recur_array = explode($newline, var_export($value, true)); - $temp_array = array(); - foreach ($recur_array as $recur_line) { - $temp_array[] = $indent . $recur_line; - } - $recur_array = implode($newline, $temp_array); - $value = $newline . $recur_array; - } elseif (is_null($value)) { - $value = 'NULL'; - } else { - $value = str_replace($find, $replace, $value); - $value = $stringdelim . $value . $stringdelim; - }*/ - - // Piece together the line - for ($i = 0; $i < $lvl; $i++) - $out .= $indent; - $out .= $key . $doublearrow . $val . $lineend; - } - - // End our string - for ($i = 0; $i < $lvl; $i++) - $out .= $indent; - $out .= ")"; - } - - // Decide method of output - if ($return === true) { - return $out; - } else { - echo $out; - return; - } - } -} -?> \ No newline at end of file diff --git a/central/trunk/xmlrpc/version_compare.php b/central/trunk/xmlrpc/version_compare.php deleted file mode 100644 index fc3abac..0000000 --- a/central/trunk/xmlrpc/version_compare.php +++ /dev/null @@ -1,179 +0,0 @@ - | -// | Aidan Lister | -// +----------------------------------------------------------------------+ -// -// $Id: version_compare.php,v 1.1 2005/07/11 16:34:36 ggiunta Exp $ - - -/** - * Replace version_compare() - * - * @category PHP - * @package PHP_Compat - * @link http://php.net/function.version_compare - * @author Philippe Jausions - * @author Aidan Lister - * @version $Revision: 1.1 $ - * @since PHP 4.1.0 - * @require PHP 4.0.0 (user_error) - */ -if (!function_exists('version_compare')) { - function version_compare($version1, $version2, $operator = '<') - { - // Check input - if (!is_scalar($version1)) { - user_error('version_compare() expects parameter 1 to be string, ' . - gettype($version1) . ' given', E_USER_WARNING); - return; - } - - if (!is_scalar($version2)) { - user_error('version_compare() expects parameter 2 to be string, ' . - gettype($version2) . ' given', E_USER_WARNING); - return; - } - - if (!is_scalar($operator)) { - user_error('version_compare() expects parameter 3 to be string, ' . - gettype($operator) . ' given', E_USER_WARNING); - return; - } - - // Standardise versions - $v1 = explode('.', - str_replace('..', '.', - preg_replace('/([^0-9\.]+)/', '.$1.', - str_replace(array('-', '_', '+'), '.', - trim($version1))))); - - $v2 = explode('.', - str_replace('..', '.', - preg_replace('/([^0-9\.]+)/', '.$1.', - str_replace(array('-', '_', '+'), '.', - trim($version2))))); - - // Replace empty entries at the start of the array - while (empty($v1[0]) && array_shift($v1)) {} - while (empty($v2[0]) && array_shift($v2)) {} - - // Release state order - // '#' stands for any number - $versions = array( - 'dev' => 0, - 'alpha' => 1, - 'a' => 1, - 'beta' => 2, - 'b' => 2, - 'RC' => 3, - '#' => 4, - 'p' => 5, - 'pl' => 5); - - // Loop through each segment in the version string - $compare = 0; - for ($i = 0, $x = min(count($v1), count($v2)); $i < $x; $i++) { - if ($v1[$i] == $v2[$i]) { - continue; - } - $i1 = $v1[$i]; - $i2 = $v2[$i]; - if (is_numeric($i1) && is_numeric($i2)) { - $compare = ($i1 < $i2) ? -1 : 1; - break; - } - // We use the position of '#' in the versions list - // for numbers... (so take care of # in original string) - if ($i1 == '#') { - $i1 = ''; - } elseif (is_numeric($i1)) { - $i1 = '#'; - } - if ($i2 == '#') { - $i2 = ''; - } elseif (is_numeric($i2)) { - $i2 = '#'; - } - if (isset($versions[$i1]) && isset($versions[$i2])) { - $compare = ($versions[$i1] < $versions[$i2]) ? -1 : 1; - } elseif (isset($versions[$i1])) { - $compare = 1; - } elseif (isset($versions[$i2])) { - $compare = -1; - } else { - $compare = 0; - } - - break; - } - - // If previous loop didn't find anything, compare the "extra" segments - if ($compare == 0) { - if (count($v2) > count($v1)) { - if (isset($versions[$v2[$i]])) { - $compare = ($versions[$v2[$i]] < 4) ? 1 : -1; - } else { - $compare = -1; - } - } elseif (count($v2) < count($v1)) { - if (isset($versions[$v1[$i]])) { - $compare = ($versions[$v1[$i]] < 4) ? -1 : 1; - } else { - $compare = 1; - } - } - } - - // Compare the versions - if (func_num_args() > 2) { - switch ($operator) { - case '>': - case 'gt': - return (bool) ($compare > 0); - break; - case '>=': - case 'ge': - return (bool) ($compare >= 0); - break; - case '<=': - case 'le': - return (bool) ($compare <= 0); - break; - case '==': - case '=': - case 'eq': - return (bool) ($compare == 0); - break; - case '<>': - case '!=': - case 'ne': - return (bool) ($compare != 0); - break; - case '': - case '<': - case 'lt': - return (bool) ($compare < 0); - break; - default: - return; - } - } - - return $compare; - } -} - -?> \ No newline at end of file diff --git a/central/trunk/xmlrpc/xmlrpc.inc b/central/trunk/xmlrpc/xmlrpc.inc deleted file mode 100644 index 06c6e44..0000000 --- a/central/trunk/xmlrpc/xmlrpc.inc +++ /dev/null @@ -1,3705 +0,0 @@ - -// $Id: xmlrpc.inc,v 1.169 2008/03/06 18:47:24 ggiunta Exp $ - -// Copyright (c) 1999,2000,2002 Edd Dumbill. -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions -// are met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following -// disclaimer in the documentation and/or other materials provided -// with the distribution. -// -// * Neither the name of the "XML-RPC for PHP" nor the names of its -// contributors may be used to endorse or promote products derived -// from this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -// REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -// OF THE POSSIBILITY OF SUCH DAMAGE. - - if(!function_exists('xml_parser_create')) - { - // For PHP 4 onward, XML functionality is always compiled-in on windows: - // no more need to dl-open it. It might have been compiled out on *nix... - if(strtoupper(substr(PHP_OS, 0, 3) != 'WIN')) - { - dl('xml.so'); - } - } - - // Try to be backward compat with php < 4.2 (are we not being nice ?) - $phpversion = phpversion(); - if($phpversion[0] == '4' && $phpversion[2] < 2) - { - // give an opportunity to user to specify where to include other files from - if(!defined('PHP_XMLRPC_COMPAT_DIR')) - { - define('PHP_XMLRPC_COMPAT_DIR',dirname(__FILE__).'/compat/'); - } - if($phpversion[2] == '0') - { - if($phpversion[4] < 6) - { - include(PHP_XMLRPC_COMPAT_DIR.'is_callable.php'); - } - include(PHP_XMLRPC_COMPAT_DIR.'is_scalar.php'); - include(PHP_XMLRPC_COMPAT_DIR.'array_key_exists.php'); - include(PHP_XMLRPC_COMPAT_DIR.'version_compare.php'); - } - include(PHP_XMLRPC_COMPAT_DIR.'var_export.php'); - include(PHP_XMLRPC_COMPAT_DIR.'is_a.php'); - } - - // G. Giunta 2005/01/29: declare global these variables, - // so that xmlrpc.inc will work even if included from within a function - // Milosch: 2005/08/07 - explicitly request these via $GLOBALS where used. - $GLOBALS['xmlrpcI4']='i4'; - $GLOBALS['xmlrpcInt']='int'; - $GLOBALS['xmlrpcBoolean']='boolean'; - $GLOBALS['xmlrpcDouble']='double'; - $GLOBALS['xmlrpcString']='string'; - $GLOBALS['xmlrpcDateTime']='dateTime.iso8601'; - $GLOBALS['xmlrpcBase64']='base64'; - $GLOBALS['xmlrpcArray']='array'; - $GLOBALS['xmlrpcStruct']='struct'; - $GLOBALS['xmlrpcValue']='undefined'; - - $GLOBALS['xmlrpcTypes']=array( - $GLOBALS['xmlrpcI4'] => 1, - $GLOBALS['xmlrpcInt'] => 1, - $GLOBALS['xmlrpcBoolean'] => 1, - $GLOBALS['xmlrpcString'] => 1, - $GLOBALS['xmlrpcDouble'] => 1, - $GLOBALS['xmlrpcDateTime'] => 1, - $GLOBALS['xmlrpcBase64'] => 1, - $GLOBALS['xmlrpcArray'] => 2, - $GLOBALS['xmlrpcStruct'] => 3 - ); - - $GLOBALS['xmlrpc_valid_parents'] = array( - 'VALUE' => array('MEMBER', 'DATA', 'PARAM', 'FAULT'), - 'BOOLEAN' => array('VALUE'), - 'I4' => array('VALUE'), - 'INT' => array('VALUE'), - 'STRING' => array('VALUE'), - 'DOUBLE' => array('VALUE'), - 'DATETIME.ISO8601' => array('VALUE'), - 'BASE64' => array('VALUE'), - 'MEMBER' => array('STRUCT'), - 'NAME' => array('MEMBER'), - 'DATA' => array('ARRAY'), - 'ARRAY' => array('VALUE'), - 'STRUCT' => array('VALUE'), - 'PARAM' => array('PARAMS'), - 'METHODNAME' => array('METHODCALL'), - 'PARAMS' => array('METHODCALL', 'METHODRESPONSE'), - 'FAULT' => array('METHODRESPONSE'), - 'NIL' => array('VALUE') // only used when extension activated - ); - - // define extra types for supporting NULL (useful for json or ) - $GLOBALS['xmlrpcNull']='null'; - $GLOBALS['xmlrpcTypes']['null']=1; - - // Not in use anymore since 2.0. Shall we remove it? - /// @deprecated - $GLOBALS['xmlEntities']=array( - 'amp' => '&', - 'quot' => '"', - 'lt' => '<', - 'gt' => '>', - 'apos' => "'" - ); - - // tables used for transcoding different charsets into us-ascii xml - - $GLOBALS['xml_iso88591_Entities']=array(); - $GLOBALS['xml_iso88591_Entities']['in'] = array(); - $GLOBALS['xml_iso88591_Entities']['out'] = array(); - for ($i = 0; $i < 32; $i++) - { - $GLOBALS['xml_iso88591_Entities']['in'][] = chr($i); - $GLOBALS['xml_iso88591_Entities']['out'][] = '&#'.$i.';'; - } - for ($i = 160; $i < 256; $i++) - { - $GLOBALS['xml_iso88591_Entities']['in'][] = chr($i); - $GLOBALS['xml_iso88591_Entities']['out'][] = '&#'.$i.';'; - } - - /// @todo add to iso table the characters from cp_1252 range, i.e. 128 to 159? - /// These will NOT be present in true ISO-8859-1, but will save the unwary - /// windows user from sending junk (though no luck when reciving them...) - /* - $GLOBALS['xml_cp1252_Entities']=array(); - for ($i = 128; $i < 160; $i++) - { - $GLOBALS['xml_cp1252_Entities']['in'][] = chr($i); - } - $GLOBALS['xml_cp1252_Entities']['out'] = array( - '€', '?', '‚', 'ƒ', - '„', '…', '†', '‡', - 'ˆ', '‰', 'Š', '‹', - 'Œ', '?', 'Ž', '?', - '?', '‘', '’', '“', - '”', '•', '–', '—', - '˜', '™', 'š', '›', - 'œ', '?', 'ž', 'Ÿ' - ); - */ - - $GLOBALS['xmlrpcerr'] = array( - 'unknown_method'=>1, - 'invalid_return'=>2, - 'incorrect_params'=>3, - 'introspect_unknown'=>4, - 'http_error'=>5, - 'no_data'=>6, - 'no_ssl'=>7, - 'curl_fail'=>8, - 'invalid_request'=>15, - 'no_curl'=>16, - 'server_error'=>17, - 'multicall_error'=>18, - 'multicall_notstruct'=>9, - 'multicall_nomethod'=>10, - 'multicall_notstring'=>11, - 'multicall_recursion'=>12, - 'multicall_noparams'=>13, - 'multicall_notarray'=>14, - - 'cannot_decompress'=>103, - 'decompress_fail'=>104, - 'dechunk_fail'=>105, - 'server_cannot_decompress'=>106, - 'server_decompress_fail'=>107 - ); - - $GLOBALS['xmlrpcstr'] = array( - 'unknown_method'=>'Unknown method', - 'invalid_return'=>'Invalid return payload: enable debugging to examine incoming payload', - 'incorrect_params'=>'Incorrect parameters passed to method', - 'introspect_unknown'=>"Can't introspect: method unknown", - 'http_error'=>"Didn't receive 200 OK from remote server.", - 'no_data'=>'No data received from server.', - 'no_ssl'=>'No SSL support compiled in.', - 'curl_fail'=>'CURL error', - 'invalid_request'=>'Invalid request payload', - 'no_curl'=>'No CURL support compiled in.', - 'server_error'=>'Internal server error', - 'multicall_error'=>'Received from server invalid multicall response', - 'multicall_notstruct'=>'system.multicall expected struct', - 'multicall_nomethod'=>'missing methodName', - 'multicall_notstring'=>'methodName is not a string', - 'multicall_recursion'=>'recursive system.multicall forbidden', - 'multicall_noparams'=>'missing params', - 'multicall_notarray'=>'params is not an array', - - 'cannot_decompress'=>'Received from server compressed HTTP and cannot decompress', - 'decompress_fail'=>'Received from server invalid compressed HTTP', - 'dechunk_fail'=>'Received from server invalid chunked HTTP', - 'server_cannot_decompress'=>'Received from client compressed HTTP request and cannot decompress', - 'server_decompress_fail'=>'Received from client invalid compressed HTTP request' - ); - - // The charset encoding used by the server for received messages and - // by the client for received responses when received charset cannot be determined - // or is not supported - $GLOBALS['xmlrpc_defencoding']='UTF-8'; - - // The encoding used internally by PHP. - // String values received as xml will be converted to this, and php strings will be converted to xml - // as if having been coded with this - $GLOBALS['xmlrpc_internalencoding']='ISO-8859-1'; - - $GLOBALS['xmlrpcName']='XML-RPC for PHP'; - $GLOBALS['xmlrpcVersion']='2.2.1'; - - // let user errors start at 800 - $GLOBALS['xmlrpcerruser']=800; - // let XML parse errors start at 100 - $GLOBALS['xmlrpcerrxml']=100; - - // formulate backslashes for escaping regexp - // Not in use anymore since 2.0. Shall we remove it? - /// @deprecated - $GLOBALS['xmlrpc_backslash']=chr(92).chr(92); - - // set to TRUE to enable correct decoding of values - $GLOBALS['xmlrpc_null_extension']=false; - - // used to store state during parsing - // quick explanation of components: - // ac - used to accumulate values - // isf - used to indicate a parsing fault (2) or xmlrpcresp fault (1) - // isf_reason - used for storing xmlrpcresp fault string - // lv - used to indicate "looking for a value": implements - // the logic to allow values with no types to be strings - // params - used to store parameters in method calls - // method - used to store method name - // stack - array with genealogy of xml elements names: - // used to validate nesting of xmlrpc elements - $GLOBALS['_xh']=null; - - /** - * Convert a string to the correct XML representation in a target charset - * To help correct communication of non-ascii chars inside strings, regardless - * of the charset used when sending requests, parsing them, sending responses - * and parsing responses, an option is to convert all non-ascii chars present in the message - * into their equivalent 'charset entity'. Charset entities enumerated this way - * are independent of the charset encoding used to transmit them, and all XML - * parsers are bound to understand them. - * Note that in the std case we are not sending a charset encoding mime type - * along with http headers, so we are bound by RFC 3023 to emit strict us-ascii. - * - * @todo do a bit of basic benchmarking (strtr vs. str_replace) - * @todo make usage of iconv() or recode_string() or mb_string() where available - */ - function xmlrpc_encode_entitites($data, $src_encoding='', $dest_encoding='') - { - if ($src_encoding == '') - { - // lame, but we know no better... - $src_encoding = $GLOBALS['xmlrpc_internalencoding']; - } - - switch(strtoupper($src_encoding.'_'.$dest_encoding)) - { - case 'ISO-8859-1_': - case 'ISO-8859-1_US-ASCII': - $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); - $escaped_data = str_replace($GLOBALS['xml_iso88591_Entities']['in'], $GLOBALS['xml_iso88591_Entities']['out'], $escaped_data); - break; - case 'ISO-8859-1_UTF-8': - $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); - $escaped_data = utf8_encode($escaped_data); - break; - case 'ISO-8859-1_ISO-8859-1': - case 'US-ASCII_US-ASCII': - case 'US-ASCII_UTF-8': - case 'US-ASCII_': - case 'US-ASCII_ISO-8859-1': - case 'UTF-8_UTF-8': - //case 'CP1252_CP1252': - $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); - break; - case 'UTF-8_': - case 'UTF-8_US-ASCII': - case 'UTF-8_ISO-8859-1': - // NB: this will choke on invalid UTF-8, going most likely beyond EOF - $escaped_data = ''; - // be kind to users creating string xmlrpcvals out of different php types - $data = (string) $data; - $ns = strlen ($data); - for ($nn = 0; $nn < $ns; $nn++) - { - $ch = $data[$nn]; - $ii = ord($ch); - //1 7 0bbbbbbb (127) - if ($ii < 128) - { - /// @todo shall we replace this with a (supposedly) faster str_replace? - switch($ii){ - case 34: - $escaped_data .= '"'; - break; - case 38: - $escaped_data .= '&'; - break; - case 39: - $escaped_data .= '''; - break; - case 60: - $escaped_data .= '<'; - break; - case 62: - $escaped_data .= '>'; - break; - default: - $escaped_data .= $ch; - } // switch - } - //2 11 110bbbbb 10bbbbbb (2047) - else if ($ii>>5 == 6) - { - $b1 = ($ii & 31); - $ii = ord($data[$nn+1]); - $b2 = ($ii & 63); - $ii = ($b1 * 64) + $b2; - $ent = sprintf ('&#%d;', $ii); - $escaped_data .= $ent; - $nn += 1; - } - //3 16 1110bbbb 10bbbbbb 10bbbbbb - else if ($ii>>4 == 14) - { - $b1 = ($ii & 31); - $ii = ord($data[$nn+1]); - $b2 = ($ii & 63); - $ii = ord($data[$nn+2]); - $b3 = ($ii & 63); - $ii = ((($b1 * 64) + $b2) * 64) + $b3; - $ent = sprintf ('&#%d;', $ii); - $escaped_data .= $ent; - $nn += 2; - } - //4 21 11110bbb 10bbbbbb 10bbbbbb 10bbbbbb - else if ($ii>>3 == 30) - { - $b1 = ($ii & 31); - $ii = ord($data[$nn+1]); - $b2 = ($ii & 63); - $ii = ord($data[$nn+2]); - $b3 = ($ii & 63); - $ii = ord($data[$nn+3]); - $b4 = ($ii & 63); - $ii = ((((($b1 * 64) + $b2) * 64) + $b3) * 64) + $b4; - $ent = sprintf ('&#%d;', $ii); - $escaped_data .= $ent; - $nn += 3; - } - } - break; -/* - case 'CP1252_': - case 'CP1252_US-ASCII': - $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); - $escaped_data = str_replace($GLOBALS['xml_iso88591_Entities']['in'], $GLOBALS['xml_iso88591_Entities']['out'], $escaped_data); - $escaped_data = str_replace($GLOBALS['xml_cp1252_Entities']['in'], $GLOBALS['xml_cp1252_Entities']['out'], $escaped_data); - break; - case 'CP1252_UTF-8': - $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); - /// @todo we could use real UTF8 chars here instead of xml entities... (note that utf_8 encode all allone will NOT convert them) - $escaped_data = str_replace($GLOBALS['xml_cp1252_Entities']['in'], $GLOBALS['xml_cp1252_Entities']['out'], $escaped_data); - $escaped_data = utf8_encode($escaped_data); - break; - case 'CP1252_ISO-8859-1': - $escaped_data = str_replace(array('&', '"', "'", '<', '>'), array('&', '"', ''', '<', '>'), $data); - // we might as well replave all funky chars with a '?' here, but we are kind and leave it to the receiving application layer to decide what to do with these weird entities... - $escaped_data = str_replace($GLOBALS['xml_cp1252_Entities']['in'], $GLOBALS['xml_cp1252_Entities']['out'], $escaped_data); - break; -*/ - default: - $escaped_data = ''; - error_log("Converting from $src_encoding to $dest_encoding: not supported..."); - } - return $escaped_data; - } - - /// xml parser handler function for opening element tags - function xmlrpc_se($parser, $name, $attrs, $accept_single_vals=false) - { - // if invalid xmlrpc already detected, skip all processing - if ($GLOBALS['_xh']['isf'] < 2) - { - // check for correct element nesting - // top level element can only be of 2 types - /// @todo optimization creep: save this check into a bool variable, instead of using count() every time: - /// there is only a single top level element in xml anyway - if (count($GLOBALS['_xh']['stack']) == 0) - { - if ($name != 'METHODRESPONSE' && $name != 'METHODCALL' && ( - $name != 'VALUE' && !$accept_single_vals)) - { - $GLOBALS['_xh']['isf'] = 2; - $GLOBALS['_xh']['isf_reason'] = 'missing top level xmlrpc element'; - return; - } - else - { - $GLOBALS['_xh']['rt'] = strtolower($name); - } - } - else - { - // not top level element: see if parent is OK - $parent = end($GLOBALS['_xh']['stack']); - if (!array_key_exists($name, $GLOBALS['xmlrpc_valid_parents']) || !in_array($parent, $GLOBALS['xmlrpc_valid_parents'][$name])) - { - $GLOBALS['_xh']['isf'] = 2; - $GLOBALS['_xh']['isf_reason'] = "xmlrpc element $name cannot be child of $parent"; - return; - } - } - - switch($name) - { - // optimize for speed switch cases: most common cases first - case 'VALUE': - /// @todo we could check for 2 VALUE elements inside a MEMBER or PARAM element - $GLOBALS['_xh']['vt']='value'; // indicator: no value found yet - $GLOBALS['_xh']['ac']=''; - $GLOBALS['_xh']['lv']=1; - $GLOBALS['_xh']['php_class']=null; - break; - case 'I4': - case 'INT': - case 'STRING': - case 'BOOLEAN': - case 'DOUBLE': - case 'DATETIME.ISO8601': - case 'BASE64': - if ($GLOBALS['_xh']['vt']!='value') - { - //two data elements inside a value: an error occurred! - $GLOBALS['_xh']['isf'] = 2; - $GLOBALS['_xh']['isf_reason'] = "$name element following a {$GLOBALS['_xh']['vt']} element inside a single value"; - return; - } - $GLOBALS['_xh']['ac']=''; // reset the accumulator - break; - case 'STRUCT': - case 'ARRAY': - if ($GLOBALS['_xh']['vt']!='value') - { - //two data elements inside a value: an error occurred! - $GLOBALS['_xh']['isf'] = 2; - $GLOBALS['_xh']['isf_reason'] = "$name element following a {$GLOBALS['_xh']['vt']} element inside a single value"; - return; - } - // create an empty array to hold child values, and push it onto appropriate stack - $cur_val = array(); - $cur_val['values'] = array(); - $cur_val['type'] = $name; - // check for out-of-band information to rebuild php objs - // and in case it is found, save it - if (@isset($attrs['PHP_CLASS'])) - { - $cur_val['php_class'] = $attrs['PHP_CLASS']; - } - $GLOBALS['_xh']['valuestack'][] = $cur_val; - $GLOBALS['_xh']['vt']='data'; // be prepared for a data element next - break; - case 'DATA': - if ($GLOBALS['_xh']['vt']!='data') - { - //two data elements inside a value: an error occurred! - $GLOBALS['_xh']['isf'] = 2; - $GLOBALS['_xh']['isf_reason'] = "found two data elements inside an array element"; - return; - } - case 'METHODCALL': - case 'METHODRESPONSE': - case 'PARAMS': - // valid elements that add little to processing - break; - case 'METHODNAME': - case 'NAME': - /// @todo we could check for 2 NAME elements inside a MEMBER element - $GLOBALS['_xh']['ac']=''; - break; - case 'FAULT': - $GLOBALS['_xh']['isf']=1; - break; - case 'MEMBER': - $GLOBALS['_xh']['valuestack'][count($GLOBALS['_xh']['valuestack'])-1]['name']=''; // set member name to null, in case we do not find in the xml later on - //$GLOBALS['_xh']['ac']=''; - // Drop trough intentionally - case 'PARAM': - // clear value type, so we can check later if no value has been passed for this param/member - $GLOBALS['_xh']['vt']=null; - break; - case 'NIL': - if ($GLOBALS['xmlrpc_null_extension']) - { - if ($GLOBALS['_xh']['vt']!='value') - { - //two data elements inside a value: an error occurred! - $GLOBALS['_xh']['isf'] = 2; - $GLOBALS['_xh']['isf_reason'] = "$name element following a {$GLOBALS['_xh']['vt']} element inside a single value"; - return; - } - $GLOBALS['_xh']['ac']=''; // reset the accumulator - break; - } - // we do not support the extension, so - // drop through intentionally - default: - /// INVALID ELEMENT: RAISE ISF so that it is later recognized!!! - $GLOBALS['_xh']['isf'] = 2; - $GLOBALS['_xh']['isf_reason'] = "found not-xmlrpc xml element $name"; - break; - } - - // Save current element name to stack, to validate nesting - $GLOBALS['_xh']['stack'][] = $name; - - /// @todo optimization creep: move this inside the big switch() above - if($name!='VALUE') - { - $GLOBALS['_xh']['lv']=0; - } - } - } - - /// Used in decoding xml chunks that might represent single xmlrpc values - function xmlrpc_se_any($parser, $name, $attrs) - { - xmlrpc_se($parser, $name, $attrs, true); - } - - /// xml parser handler function for close element tags - function xmlrpc_ee($parser, $name, $rebuild_xmlrpcvals = true) - { - if ($GLOBALS['_xh']['isf'] < 2) - { - // push this element name from stack - // NB: if XML validates, correct opening/closing is guaranteed and - // we do not have to check for $name == $curr_elem. - // we also checked for proper nesting at start of elements... - $curr_elem = array_pop($GLOBALS['_xh']['stack']); - - switch($name) - { - case 'VALUE': - // This if() detects if no scalar was inside - if ($GLOBALS['_xh']['vt']=='value') - { - $GLOBALS['_xh']['value']=$GLOBALS['_xh']['ac']; - $GLOBALS['_xh']['vt']=$GLOBALS['xmlrpcString']; - } - - if ($rebuild_xmlrpcvals) - { - // build the xmlrpc val out of the data received, and substitute it - $temp =& new xmlrpcval($GLOBALS['_xh']['value'], $GLOBALS['_xh']['vt']); - // in case we got info about underlying php class, save it - // in the object we're rebuilding - if (isset($GLOBALS['_xh']['php_class'])) - $temp->_php_class = $GLOBALS['_xh']['php_class']; - // check if we are inside an array or struct: - // if value just built is inside an array, let's move it into array on the stack - $vscount = count($GLOBALS['_xh']['valuestack']); - if ($vscount && $GLOBALS['_xh']['valuestack'][$vscount-1]['type']=='ARRAY') - { - $GLOBALS['_xh']['valuestack'][$vscount-1]['values'][] = $temp; - } - else - { - $GLOBALS['_xh']['value'] = $temp; - } - } - else - { - /// @todo this needs to treat correctly php-serialized objects, - /// since std deserializing is done by php_xmlrpc_decode, - /// which we will not be calling... - if (isset($GLOBALS['_xh']['php_class'])) - { - } - - // check if we are inside an array or struct: - // if value just built is inside an array, let's move it into array on the stack - $vscount = count($GLOBALS['_xh']['valuestack']); - if ($vscount && $GLOBALS['_xh']['valuestack'][$vscount-1]['type']=='ARRAY') - { - $GLOBALS['_xh']['valuestack'][$vscount-1]['values'][] = $GLOBALS['_xh']['value']; - } - } - break; - case 'BOOLEAN': - case 'I4': - case 'INT': - case 'STRING': - case 'DOUBLE': - case 'DATETIME.ISO8601': - case 'BASE64': - $GLOBALS['_xh']['vt']=strtolower($name); - /// @todo: optimization creep - remove the if/elseif cycle below - /// since the case() in which we are already did that - if ($name=='STRING') - { - $GLOBALS['_xh']['value']=$GLOBALS['_xh']['ac']; - } - elseif ($name=='DATETIME.ISO8601') - { - if (!preg_match('/^[0-9]{8}T[0-9]{2}:[0-9]{2}:[0-9]{2}$/', $GLOBALS['_xh']['ac'])) - { - error_log('XML-RPC: invalid value received in DATETIME: '.$GLOBALS['_xh']['ac']); - } - $GLOBALS['_xh']['vt']=$GLOBALS['xmlrpcDateTime']; - $GLOBALS['_xh']['value']=$GLOBALS['_xh']['ac']; - } - elseif ($name=='BASE64') - { - /// @todo check for failure of base64 decoding / catch warnings - $GLOBALS['_xh']['value']=base64_decode($GLOBALS['_xh']['ac']); - } - elseif ($name=='BOOLEAN') - { - // special case here: we translate boolean 1 or 0 into PHP - // constants true or false. - // Strings 'true' and 'false' are accepted, even though the - // spec never mentions them (see eg. Blogger api docs) - // NB: this simple checks helps a lot sanitizing input, ie no - // security problems around here - if ($GLOBALS['_xh']['ac']=='1' || strcasecmp($GLOBALS['_xh']['ac'], 'true') == 0) - { - $GLOBALS['_xh']['value']=true; - } - else - { - // log if receiveing something strange, even though we set the value to false anyway - if ($GLOBALS['_xh']['ac']!='0' && strcasecmp($_xh[$parser]['ac'], 'false') != 0) - error_log('XML-RPC: invalid value received in BOOLEAN: '.$GLOBALS['_xh']['ac']); - $GLOBALS['_xh']['value']=false; - } - } - elseif ($name=='DOUBLE') - { - // we have a DOUBLE - // we must check that only 0123456789-. are characters here - // NOTE: regexp could be much stricter than this... - if (!preg_match('/^[+-eE0123456789 \t.]+$/', $GLOBALS['_xh']['ac'])) - { - /// @todo: find a better way of throwing an error than this! - error_log('XML-RPC: non numeric value received in DOUBLE: '.$GLOBALS['_xh']['ac']); - $GLOBALS['_xh']['value']='ERROR_NON_NUMERIC_FOUND'; - } - else - { - // it's ok, add it on - $GLOBALS['_xh']['value']=(double)$GLOBALS['_xh']['ac']; - } - } - else - { - // we have an I4/INT - // we must check that only 0123456789- are characters here - if (!preg_match('/^[+-]?[0123456789 \t]+$/', $GLOBALS['_xh']['ac'])) - { - /// @todo find a better way of throwing an error than this! - error_log('XML-RPC: non numeric value received in INT: '.$GLOBALS['_xh']['ac']); - $GLOBALS['_xh']['value']='ERROR_NON_NUMERIC_FOUND'; - } - else - { - // it's ok, add it on - $GLOBALS['_xh']['value']=(int)$GLOBALS['_xh']['ac']; - } - } - //$GLOBALS['_xh']['ac']=''; // is this necessary? - $GLOBALS['_xh']['lv']=3; // indicate we've found a value - break; - case 'NAME': - $GLOBALS['_xh']['valuestack'][count($GLOBALS['_xh']['valuestack'])-1]['name'] = $GLOBALS['_xh']['ac']; - break; - case 'MEMBER': - //$GLOBALS['_xh']['ac']=''; // is this necessary? - // add to array in the stack the last element built, - // unless no VALUE was found - if ($GLOBALS['_xh']['vt']) - { - $vscount = count($GLOBALS['_xh']['valuestack']); - $GLOBALS['_xh']['valuestack'][$vscount-1]['values'][$GLOBALS['_xh']['valuestack'][$vscount-1]['name']] = $GLOBALS['_xh']['value']; - } else - error_log('XML-RPC: missing VALUE inside STRUCT in received xml'); - break; - case 'DATA': - //$GLOBALS['_xh']['ac']=''; // is this necessary? - $GLOBALS['_xh']['vt']=null; // reset this to check for 2 data elements in a row - even if they're empty - break; - case 'STRUCT': - case 'ARRAY': - // fetch out of stack array of values, and promote it to current value - $curr_val = array_pop($GLOBALS['_xh']['valuestack']); - $GLOBALS['_xh']['value'] = $curr_val['values']; - $GLOBALS['_xh']['vt']=strtolower($name); - if (isset($curr_val['php_class'])) - { - $GLOBALS['_xh']['php_class'] = $curr_val['php_class']; - } - break; - case 'PARAM': - // add to array of params the current value, - // unless no VALUE was found - if ($GLOBALS['_xh']['vt']) - { - $GLOBALS['_xh']['params'][]=$GLOBALS['_xh']['value']; - $GLOBALS['_xh']['pt'][]=$GLOBALS['_xh']['vt']; - } - else - error_log('XML-RPC: missing VALUE inside PARAM in received xml'); - break; - case 'METHODNAME': - $GLOBALS['_xh']['method']=preg_replace('/^[\n\r\t ]+/', '', $GLOBALS['_xh']['ac']); - break; - case 'NIL': - if ($GLOBALS['xmlrpc_null_extension']) - { - $GLOBALS['_xh']['vt']='null'; - $GLOBALS['_xh']['value']=null; - $GLOBALS['_xh']['lv']=3; - break; - } - // drop through intentionally if nil extension not enabled - case 'PARAMS': - case 'FAULT': - case 'METHODCALL': - case 'METHORESPONSE': - break; - default: - // End of INVALID ELEMENT! - // shall we add an assert here for unreachable code??? - break; - } - } - } - - /// Used in decoding xmlrpc requests/responses without rebuilding xmlrpc values - function xmlrpc_ee_fast($parser, $name) - { - xmlrpc_ee($parser, $name, false); - } - - /// xml parser handler function for character data - function xmlrpc_cd($parser, $data) - { - // skip processing if xml fault already detected - if ($GLOBALS['_xh']['isf'] < 2) - { - // "lookforvalue==3" means that we've found an entire value - // and should discard any further character data - if($GLOBALS['_xh']['lv']!=3) - { - // G. Giunta 2006-08-23: useless change of 'lv' from 1 to 2 - //if($GLOBALS['_xh']['lv']==1) - //{ - // if we've found text and we're just in a then - // say we've found a value - //$GLOBALS['_xh']['lv']=2; - //} - // we always initialize the accumulator before starting parsing, anyway... - //if(!@isset($GLOBALS['_xh']['ac'])) - //{ - // $GLOBALS['_xh']['ac'] = ''; - //} - $GLOBALS['_xh']['ac'].=$data; - } - } - } - - /// xml parser handler function for 'other stuff', ie. not char data or - /// element start/end tag. In fact it only gets called on unknown entities... - function xmlrpc_dh($parser, $data) - { - // skip processing if xml fault already detected - if ($GLOBALS['_xh']['isf'] < 2) - { - if(substr($data, 0, 1) == '&' && substr($data, -1, 1) == ';') - { - // G. Giunta 2006-08-25: useless change of 'lv' from 1 to 2 - //if($GLOBALS['_xh']['lv']==1) - //{ - // $GLOBALS['_xh']['lv']=2; - //} - $GLOBALS['_xh']['ac'].=$data; - } - } - return true; - } - - class xmlrpc_client - { - var $path; - var $server; - var $port=0; - var $method='http'; - var $errno; - var $errstr; - var $debug=0; - var $username=''; - var $password=''; - var $authtype=1; - var $cert=''; - var $certpass=''; - var $cacert=''; - var $cacertdir=''; - var $key=''; - var $keypass=''; - var $verifypeer=true; - var $verifyhost=1; - var $no_multicall=false; - var $proxy=''; - var $proxyport=0; - var $proxy_user=''; - var $proxy_pass=''; - var $proxy_authtype=1; - var $cookies=array(); - /** - * List of http compression methods accepted by the client for responses. - * NB: PHP supports deflate, gzip compressions out of the box if compiled w. zlib - * - * NNB: you can set it to any non-empty array for HTTP11 and HTTPS, since - * in those cases it will be up to CURL to decide the compression methods - * it supports. You might check for the presence of 'zlib' in the output of - * curl_version() to determine wheter compression is supported or not - */ - var $accepted_compression = array(); - /** - * Name of compression scheme to be used for sending requests. - * Either null, gzip or deflate - */ - var $request_compression = ''; - /** - * CURL handle: used for keep-alive connections (PHP 4.3.8 up, see: - * http://curl.haxx.se/docs/faq.html#7.3) - */ - var $xmlrpc_curl_handle = null; - /// Wheter to use persistent connections for http 1.1 and https - var $keepalive = false; - /// Charset encodings that can be decoded without problems by the client - var $accepted_charset_encodings = array(); - /// Charset encoding to be used in serializing request. NULL = use ASCII - var $request_charset_encoding = ''; - /** - * Decides the content of xmlrpcresp objects returned by calls to send() - * valid strings are 'xmlrpcvals', 'phpvals' or 'xml' - */ - var $return_type = 'xmlrpcvals'; - - /** - * @param string $path either the complete server URL or the PATH part of the xmlrc server URL, e.g. /xmlrpc/server.php - * @param string $server the server name / ip address - * @param integer $port the port the server is listening on, defaults to 80 or 443 depending on protocol used - * @param string $method the http protocol variant: defaults to 'http', 'https' and 'http11' can be used if CURL is installed - */ - function xmlrpc_client($path, $server='', $port='', $method='') - { - // allow user to specify all params in $path - if($server == '' and $port == '' and $method == '') - { - $parts = parse_url($path); - $server = $parts['host']; - $path = isset($parts['path']) ? $parts['path'] : ''; - if(isset($parts['query'])) - { - $path .= '?'.$parts['query']; - } - if(isset($parts['fragment'])) - { - $path .= '#'.$parts['fragment']; - } - if(isset($parts['port'])) - { - $port = $parts['port']; - } - if(isset($parts['scheme'])) - { - $method = $parts['scheme']; - } - if(isset($parts['user'])) - { - $this->username = $parts['user']; - } - if(isset($parts['pass'])) - { - $this->password = $parts['pass']; - } - } - if($path == '' || $path[0] != '/') - { - $this->path='/'.$path; - } - else - { - $this->path=$path; - } - $this->server=$server; - if($port != '') - { - $this->port=$port; - } - if($method != '') - { - $this->method=$method; - } - - // if ZLIB is enabled, let the client by default accept compressed responses - if(function_exists('gzinflate') || ( - function_exists('curl_init') && (($info = curl_version()) && - ((is_string($info) && strpos($info, 'zlib') !== null) || isset($info['libz_version']))) - )) - { - $this->accepted_compression = array('gzip', 'deflate'); - } - - // keepalives: enabled by default ONLY for PHP >= 4.3.8 - // (see http://curl.haxx.se/docs/faq.html#7.3) - if(version_compare(phpversion(), '4.3.8') >= 0) - { - $this->keepalive = true; - } - - // by default the xml parser can support these 3 charset encodings - $this->accepted_charset_encodings = array('UTF-8', 'ISO-8859-1', 'US-ASCII'); - } - - /** - * Enables/disables the echoing to screen of the xmlrpc responses received - * @param integer $debug values 0, 1 and 2 are supported (2 = echo sent msg too, before received response) - * @access public - */ - function setDebug($in) - { - $this->debug=$in; - } - - /** - * Add some http BASIC AUTH credentials, used by the client to authenticate - * @param string $u username - * @param string $p password - * @param integer $t auth type. See curl_setopt man page for supported auth types. Defaults to CURLAUTH_BASIC (basic auth) - * @access public - */ - function setCredentials($u, $p, $t=1) - { - $this->username=$u; - $this->password=$p; - $this->authtype=$t; - } - - /** - * Add a client-side https certificate - * @param string $cert - * @param string $certpass - * @access public - */ - function setCertificate($cert, $certpass) - { - $this->cert = $cert; - $this->certpass = $certpass; - } - - /** - * Add a CA certificate to verify server with (see man page about - * CURLOPT_CAINFO for more details - * @param string $cacert certificate file name (or dir holding certificates) - * @param bool $is_dir set to true to indicate cacert is a dir. defaults to false - * @access public - */ - function setCaCertificate($cacert, $is_dir=false) - { - if ($is_dir) - { - $this->cacertdir = $cacert; - } - else - { - $this->cacert = $cacert; - } - } - - /** - * Set attributes for SSL communication: private SSL key - * NB: does not work in older php/curl installs - * Thanks to Daniel Convissor - * @param string $key The name of a file containing a private SSL key - * @param string $keypass The secret password needed to use the private SSL key - * @access public - */ - function setKey($key, $keypass) - { - $this->key = $key; - $this->keypass = $keypass; - } - - /** - * Set attributes for SSL communication: verify server certificate - * @param bool $i enable/disable verification of peer certificate - * @access public - */ - function setSSLVerifyPeer($i) - { - $this->verifypeer = $i; - } - - /** - * Set attributes for SSL communication: verify match of server cert w. hostname - * @param int $i - * @access public - */ - function setSSLVerifyHost($i) - { - $this->verifyhost = $i; - } - - /** - * Set proxy info - * @param string $proxyhost - * @param string $proxyport Defaults to 8080 for HTTP and 443 for HTTPS - * @param string $proxyusername Leave blank if proxy has public access - * @param string $proxypassword Leave blank if proxy has public access - * @param int $proxyauthtype set to constant CURLAUTH_NTLM to use NTLM auth with proxy - * @access public - */ - function setProxy($proxyhost, $proxyport, $proxyusername = '', $proxypassword = '', $proxyauthtype = 1) - { - $this->proxy = $proxyhost; - $this->proxyport = $proxyport; - $this->proxy_user = $proxyusername; - $this->proxy_pass = $proxypassword; - $this->proxy_authtype = $proxyauthtype; - } - - /** - * Enables/disables reception of compressed xmlrpc responses. - * Note that enabling reception of compressed responses merely adds some standard - * http headers to xmlrpc requests. It is up to the xmlrpc server to return - * compressed responses when receiving such requests. - * @param string $compmethod either 'gzip', 'deflate', 'any' or '' - * @access public - */ - function setAcceptedCompression($compmethod) - { - if ($compmethod == 'any') - $this->accepted_compression = array('gzip', 'deflate'); - else - $this->accepted_compression = array($compmethod); - } - - /** - * Enables/disables http compression of xmlrpc request. - * Take care when sending compressed requests: servers might not support them - * (and automatic fallback to uncompressed requests is not yet implemented) - * @param string $compmethod either 'gzip', 'deflate' or '' - * @access public - */ - function setRequestCompression($compmethod) - { - $this->request_compression = $compmethod; - } - - /** - * Adds a cookie to list of cookies that will be sent to server. - * NB: setting any param but name and value will turn the cookie into a 'version 1' cookie: - * do not do it unless you know what you are doing - * @param string $name - * @param string $value - * @param string $path - * @param string $domain - * @param int $port - * @access public - * - * @todo check correctness of urlencoding cookie value (copied from php way of doing it...) - */ - function setCookie($name, $value='', $path='', $domain='', $port=null) - { - $this->cookies[$name]['value'] = urlencode($value); - if ($path || $domain || $port) - { - $this->cookies[$name]['path'] = $path; - $this->cookies[$name]['domain'] = $domain; - $this->cookies[$name]['port'] = $port; - $this->cookies[$name]['version'] = 1; - } - else - { - $this->cookies[$name]['version'] = 0; - } - } - - /** - * Send an xmlrpc request - * @param mixed $msg The message object, or an array of messages for using multicall, or the complete xml representation of a request - * @param integer $timeout Connection timeout, in seconds, If unspecified, a platform specific timeout will apply - * @param string $method if left unspecified, the http protocol chosen during creation of the object will be used - * @return xmlrpcresp - * @access public - */ - function& send($msg, $timeout=0, $method='') - { - // if user deos not specify http protocol, use native method of this client - // (i.e. method set during call to constructor) - if($method == '') - { - $method = $this->method; - } - - if(is_array($msg)) - { - // $msg is an array of xmlrpcmsg's - $r = $this->multicall($msg, $timeout, $method); - return $r; - } - elseif(is_string($msg)) - { - $n =& new xmlrpcmsg(''); - $n->payload = $msg; - $msg = $n; - } - - // where msg is an xmlrpcmsg - $msg->debug=$this->debug; - - if($method == 'https') - { - $r =& $this->sendPayloadHTTPS( - $msg, - $this->server, - $this->port, - $timeout, - $this->username, - $this->password, - $this->authtype, - $this->cert, - $this->certpass, - $this->cacert, - $this->cacertdir, - $this->proxy, - $this->proxyport, - $this->proxy_user, - $this->proxy_pass, - $this->proxy_authtype, - $this->keepalive, - $this->key, - $this->keypass - ); - } - elseif($method == 'http11') - { - $r =& $this->sendPayloadCURL( - $msg, - $this->server, - $this->port, - $timeout, - $this->username, - $this->password, - $this->authtype, - null, - null, - null, - null, - $this->proxy, - $this->proxyport, - $this->proxy_user, - $this->proxy_pass, - $this->proxy_authtype, - 'http', - $this->keepalive - ); - } - else - { - $r =& $this->sendPayloadHTTP10( - $msg, - $this->server, - $this->port, - $timeout, - $this->username, - $this->password, - $this->authtype, - $this->proxy, - $this->proxyport, - $this->proxy_user, - $this->proxy_pass, - $this->proxy_authtype - ); - } - - return $r; - } - - /** - * @access private - */ - function &sendPayloadHTTP10($msg, $server, $port, $timeout=0, - $username='', $password='', $authtype=1, $proxyhost='', - $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1) - { - if($port==0) - { - $port=80; - } - - // Only create the payload if it was not created previously - if(empty($msg->payload)) - { - $msg->createPayload($this->request_charset_encoding); - } - - $payload = $msg->payload; - // Deflate request body and set appropriate request headers - if(function_exists('gzdeflate') && ($this->request_compression == 'gzip' || $this->request_compression == 'deflate')) - { - if($this->request_compression == 'gzip') - { - $a = @gzencode($payload); - if($a) - { - $payload = $a; - $encoding_hdr = "Content-Encoding: gzip\r\n"; - } - } - else - { - $a = @gzcompress($payload); - if($a) - { - $payload = $a; - $encoding_hdr = "Content-Encoding: deflate\r\n"; - } - } - } - else - { - $encoding_hdr = ''; - } - - // thanks to Grant Rauscher for this - $credentials=''; - if($username!='') - { - $credentials='Authorization: Basic ' . base64_encode($username . ':' . $password) . "\r\n"; - if ($authtype != 1) - { - error_log('XML-RPC: xmlrpc_client::send: warning. Only Basic auth is supported with HTTP 1.0'); - } - } - - $accepted_encoding = ''; - if(is_array($this->accepted_compression) && count($this->accepted_compression)) - { - $accepted_encoding = 'Accept-Encoding: ' . implode(', ', $this->accepted_compression) . "\r\n"; - } - - $proxy_credentials = ''; - if($proxyhost) - { - if($proxyport == 0) - { - $proxyport = 8080; - } - $connectserver = $proxyhost; - $connectport = $proxyport; - $uri = 'http://'.$server.':'.$port.$this->path; - if($proxyusername != '') - { - if ($proxyauthtype != 1) - { - error_log('XML-RPC: xmlrpc_client::send: warning. Only Basic auth to proxy is supported with HTTP 1.0'); - } - $proxy_credentials = 'Proxy-Authorization: Basic ' . base64_encode($proxyusername.':'.$proxypassword) . "\r\n"; - } - } - else - { - $connectserver = $server; - $connectport = $port; - $uri = $this->path; - } - - // Cookie generation, as per rfc2965 (version 1 cookies) or - // netscape's rules (version 0 cookies) - $cookieheader=''; - if (count($this->cookies)) - { - $version = ''; - foreach ($this->cookies as $name => $cookie) - { - if ($cookie['version']) - { - $version = ' $Version="' . $cookie['version'] . '";'; - $cookieheader .= ' ' . $name . '="' . $cookie['value'] . '";'; - if ($cookie['path']) - $cookieheader .= ' $Path="' . $cookie['path'] . '";'; - if ($cookie['domain']) - $cookieheader .= ' $Domain="' . $cookie['domain'] . '";'; - if ($cookie['port']) - $cookieheader .= ' $Port="' . $cookie['port'] . '";'; - } - else - { - $cookieheader .= ' ' . $name . '=' . $cookie['value'] . ";"; - } - } - $cookieheader = 'Cookie:' . $version . substr($cookieheader, 0, -1) . "\r\n"; - } - - $op= 'POST ' . $uri. " HTTP/1.0\r\n" . - 'User-Agent: ' . $GLOBALS['xmlrpcName'] . ' ' . $GLOBALS['xmlrpcVersion'] . "\r\n" . - 'Host: '. $server . ':' . $port . "\r\n" . - $credentials . - $proxy_credentials . - $accepted_encoding . - $encoding_hdr . - 'Accept-Charset: ' . implode(',', $this->accepted_charset_encodings) . "\r\n" . - $cookieheader . - 'Content-Type: ' . $msg->content_type . "\r\nContent-Length: " . - strlen($payload) . "\r\n\r\n" . - $payload; - - if($this->debug > 1) - { - print "
\n---SENDING---\n" . htmlentities($op) . "\n---END---\n
"; - // let the client see this now in case http times out... - flush(); - } - - if($timeout>0) - { - $fp=@fsockopen($connectserver, $connectport, $this->errno, $this->errstr, $timeout); - } - else - { - $fp=@fsockopen($connectserver, $connectport, $this->errno, $this->errstr); - } - if($fp) - { - if($timeout>0 && function_exists('stream_set_timeout')) - { - stream_set_timeout($fp, $timeout); - } - } - else - { - $this->errstr='Connect error: '.$this->errstr; - $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['http_error'], $this->errstr . ' (' . $this->errno . ')'); - return $r; - } - - if(!fputs($fp, $op, strlen($op))) - { - $this->errstr='Write error'; - $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['http_error'], $this->errstr); - return $r; - } - else - { - // reset errno and errstr on succesful socket connection - $this->errstr = ''; - } - // G. Giunta 2005/10/24: close socket before parsing. - // should yeld slightly better execution times, and make easier recursive calls (e.g. to follow http redirects) - $ipd=''; - while($data=fread($fp, 32768)) - { - // shall we check for $data === FALSE? - // as per the manual, it signals an error - $ipd.=$data; - } - fclose($fp); - $r =& $msg->parseResponse($ipd, false, $this->return_type); - return $r; - - } - - /** - * @access private - */ - function &sendPayloadHTTPS($msg, $server, $port, $timeout=0, $username='', - $password='', $authtype=1, $cert='',$certpass='', $cacert='', $cacertdir='', - $proxyhost='', $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1, - $keepalive=false, $key='', $keypass='') - { - $r =& $this->sendPayloadCURL($msg, $server, $port, $timeout, $username, - $password, $authtype, $cert, $certpass, $cacert, $cacertdir, $proxyhost, $proxyport, - $proxyusername, $proxypassword, $proxyauthtype, 'https', $keepalive, $key, $keypass); - return $r; - } - - /** - * Contributed by Justin Miller - * Requires curl to be built into PHP - * NB: CURL versions before 7.11.10 cannot use proxy to talk to https servers! - * @access private - */ - function &sendPayloadCURL($msg, $server, $port, $timeout=0, $username='', - $password='', $authtype=1, $cert='', $certpass='', $cacert='', $cacertdir='', - $proxyhost='', $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1, $method='https', - $keepalive=false, $key='', $keypass='') - { - if(!function_exists('curl_init')) - { - $this->errstr='CURL unavailable on this install'; - $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['no_curl'], $GLOBALS['xmlrpcstr']['no_curl']); - return $r; - } - if($method == 'https') - { - if(($info = curl_version()) && - ((is_string($info) && strpos($info, 'OpenSSL') === null) || (is_array($info) && !isset($info['ssl_version'])))) - { - $this->errstr='SSL unavailable on this install'; - $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['no_ssl'], $GLOBALS['xmlrpcstr']['no_ssl']); - return $r; - } - } - - if($port == 0) - { - if($method == 'http') - { - $port = 80; - } - else - { - $port = 443; - } - } - - // Only create the payload if it was not created previously - if(empty($msg->payload)) - { - $msg->createPayload($this->request_charset_encoding); - } - - // Deflate request body and set appropriate request headers - $payload = $msg->payload; - if(function_exists('gzdeflate') && ($this->request_compression == 'gzip' || $this->request_compression == 'deflate')) - { - if($this->request_compression == 'gzip') - { - $a = @gzencode($payload); - if($a) - { - $payload = $a; - $encoding_hdr = 'Content-Encoding: gzip'; - } - } - else - { - $a = @gzcompress($payload); - if($a) - { - $payload = $a; - $encoding_hdr = 'Content-Encoding: deflate'; - } - } - } - else - { - $encoding_hdr = ''; - } - - if($this->debug > 1) - { - print "
\n---SENDING---\n" . htmlentities($payload) . "\n---END---\n
"; - // let the client see this now in case http times out... - flush(); - } - - if(!$keepalive || !$this->xmlrpc_curl_handle) - { - $curl = curl_init($method . '://' . $server . ':' . $port . $this->path); - if($keepalive) - { - $this->xmlrpc_curl_handle = $curl; - } - } - else - { - $curl = $this->xmlrpc_curl_handle; - } - - // results into variable - curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); - - if($this->debug) - { - curl_setopt($curl, CURLOPT_VERBOSE, 1); - } - curl_setopt($curl, CURLOPT_USERAGENT, $GLOBALS['xmlrpcName'].' '.$GLOBALS['xmlrpcVersion']); - // required for XMLRPC: post the data - curl_setopt($curl, CURLOPT_POST, 1); - // the data - curl_setopt($curl, CURLOPT_POSTFIELDS, $payload); - - // return the header too - curl_setopt($curl, CURLOPT_HEADER, 1); - - // will only work with PHP >= 5.0 - // NB: if we set an empty string, CURL will add http header indicating - // ALL methods it is supporting. This is possibly a better option than - // letting the user tell what curl can / cannot do... - if(is_array($this->accepted_compression) && count($this->accepted_compression)) - { - //curl_setopt($curl, CURLOPT_ENCODING, implode(',', $this->accepted_compression)); - // empty string means 'any supported by CURL' (shall we catch errors in case CURLOPT_SSLKEY undefined ?) - if (count($this->accepted_compression) == 1) - { - curl_setopt($curl, CURLOPT_ENCODING, $this->accepted_compression[0]); - } - else - curl_setopt($curl, CURLOPT_ENCODING, ''); - } - // extra headers - $headers = array('Content-Type: ' . $msg->content_type , 'Accept-Charset: ' . implode(',', $this->accepted_charset_encodings)); - // if no keepalive is wanted, let the server know it in advance - if(!$keepalive) - { - $headers[] = 'Connection: close'; - } - // request compression header - if($encoding_hdr) - { - $headers[] = $encoding_hdr; - } - - curl_setopt($curl, CURLOPT_HTTPHEADER, $headers); - // timeout is borked - if($timeout) - { - curl_setopt($curl, CURLOPT_TIMEOUT, $timeout == 1 ? 1 : $timeout - 1); - } - - if($username && $password) - { - curl_setopt($curl, CURLOPT_USERPWD, $username.':'.$password); - if (defined('CURLOPT_HTTPAUTH')) - { - curl_setopt($curl, CURLOPT_HTTPAUTH, $authtype); - } - else if ($authtype != 1) - { - error_log('XML-RPC: xmlrpc_client::send: warning. Only Basic auth is supported by the current PHP/curl install'); - } - } - - if($method == 'https') - { - // set cert file - if($cert) - { - curl_setopt($curl, CURLOPT_SSLCERT, $cert); - } - // set cert password - if($certpass) - { - curl_setopt($curl, CURLOPT_SSLCERTPASSWD, $certpass); - } - // whether to verify remote host's cert - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, $this->verifypeer); - // set ca certificates file/dir - if($cacert) - { - curl_setopt($curl, CURLOPT_CAINFO, $cacert); - } - if($cacertdir) - { - curl_setopt($curl, CURLOPT_CAPATH, $cacertdir); - } - // set key file (shall we catch errors in case CURLOPT_SSLKEY undefined ?) - if($key) - { - curl_setopt($curl, CURLOPT_SSLKEY, $key); - } - // set key password (shall we catch errors in case CURLOPT_SSLKEY undefined ?) - if($keypass) - { - curl_setopt($curl, CURLOPT_SSLKEYPASSWD, $keypass); - } - // whether to verify cert's common name (CN); 0 for no, 1 to verify that it exists, and 2 to verify that it matches the hostname used - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, $this->verifyhost); - } - - // proxy info - if($proxyhost) - { - if($proxyport == 0) - { - $proxyport = 8080; // NB: even for HTTPS, local connection is on port 8080 - } - curl_setopt($curl, CURLOPT_PROXY, $proxyhost.':'.$proxyport); - //curl_setopt($curl, CURLOPT_PROXYPORT,$proxyport); - if($proxyusername) - { - curl_setopt($curl, CURLOPT_PROXYUSERPWD, $proxyusername.':'.$proxypassword); - if (defined('CURLOPT_PROXYAUTH')) - { - curl_setopt($curl, CURLOPT_PROXYAUTH, $proxyauthtype); - } - else if ($proxyauthtype != 1) - { - error_log('XML-RPC: xmlrpc_client::send: warning. Only Basic auth to proxy is supported by the current PHP/curl install'); - } - } - } - - // NB: should we build cookie http headers by hand rather than let CURL do it? - // the following code does not honour 'expires', 'path' and 'domain' cookie attributes - // set to client obj the the user... - if (count($this->cookies)) - { - $cookieheader = ''; - foreach ($this->cookies as $name => $cookie) - { - $cookieheader .= $name . '=' . $cookie['value'] . '; '; - } - curl_setopt($curl, CURLOPT_COOKIE, substr($cookieheader, 0, -2)); - } - - $result = curl_exec($curl); - - if ($this->debug > 1) - { - print "
\n---CURL INFO---\n";
-				foreach(curl_getinfo($curl) as $name => $val)
-					 print $name . ': ' . htmlentities($val). "\n";
-				print "---END---\n
"; - } - - if(!$result) /// @todo we should use a better check here - what if we get back '' or '0'? - { - $this->errstr='no response'; - $resp=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['curl_fail'], $GLOBALS['xmlrpcstr']['curl_fail']. ': '. curl_error($curl)); - curl_close($curl); - if($keepalive) - { - $this->xmlrpc_curl_handle = null; - } - } - else - { - if(!$keepalive) - { - curl_close($curl); - } - $resp =& $msg->parseResponse($result, true, $this->return_type); - } - return $resp; - } - - /** - * Send an array of request messages and return an array of responses. - * Unless $this->no_multicall has been set to true, it will try first - * to use one single xmlrpc call to server method system.multicall, and - * revert to sending many successive calls in case of failure. - * This failure is also stored in $this->no_multicall for subsequent calls. - * Unfortunately, there is no server error code universally used to denote - * the fact that multicall is unsupported, so there is no way to reliably - * distinguish between that and a temporary failure. - * If you are sure that server supports multicall and do not want to - * fallback to using many single calls, set the fourth parameter to FALSE. - * - * NB: trying to shoehorn extra functionality into existing syntax has resulted - * in pretty much convoluted code... - * - * @param array $msgs an array of xmlrpcmsg objects - * @param integer $timeout connection timeout (in seconds) - * @param string $method the http protocol variant to be used - * @param boolean fallback When true, upon receiveing an error during multicall, multiple single calls will be attempted - * @return array - * @access public - */ - function multicall($msgs, $timeout=0, $method='', $fallback=true) - { - if ($method == '') - { - $method = $this->method; - } - if(!$this->no_multicall) - { - $results = $this->_try_multicall($msgs, $timeout, $method); - if(is_array($results)) - { - // System.multicall succeeded - return $results; - } - else - { - // either system.multicall is unsupported by server, - // or call failed for some other reason. - if ($fallback) - { - // Don't try it next time... - $this->no_multicall = true; - } - else - { - if (is_a($results, 'xmlrpcresp')) - { - $result = $results; - } - else - { - $result =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['multicall_error'], $GLOBALS['xmlrpcstr']['multicall_error']); - } - } - } - } - else - { - // override fallback, in case careless user tries to do two - // opposite things at the same time - $fallback = true; - } - - $results = array(); - if ($fallback) - { - // system.multicall is (probably) unsupported by server: - // emulate multicall via multiple requests - foreach($msgs as $msg) - { - $results[] =& $this->send($msg, $timeout, $method); - } - } - else - { - // user does NOT want to fallback on many single calls: - // since we should always return an array of responses, - // return an array with the same error repeated n times - foreach($msgs as $msg) - { - $results[] = $result; - } - } - return $results; - } - - /** - * Attempt to boxcar $msgs via system.multicall. - * Returns either an array of xmlrpcreponses, an xmlrpc error response - * or false (when received response does not respect valid multicall syntax) - * @access private - */ - function _try_multicall($msgs, $timeout, $method) - { - // Construct multicall message - $calls = array(); - foreach($msgs as $msg) - { - $call['methodName'] =& new xmlrpcval($msg->method(),'string'); - $numParams = $msg->getNumParams(); - $params = array(); - for($i = 0; $i < $numParams; $i++) - { - $params[$i] = $msg->getParam($i); - } - $call['params'] =& new xmlrpcval($params, 'array'); - $calls[] =& new xmlrpcval($call, 'struct'); - } - $multicall =& new xmlrpcmsg('system.multicall'); - $multicall->addParam(new xmlrpcval($calls, 'array')); - - // Attempt RPC call - $result =& $this->send($multicall, $timeout, $method); - - if($result->faultCode() != 0) - { - // call to system.multicall failed - return $result; - } - - // Unpack responses. - $rets = $result->value(); - - if ($this->return_type == 'xml') - { - return $rets; - } - else if ($this->return_type == 'phpvals') - { - ///@todo test this code branch... - $rets = $result->value(); - if(!is_array($rets)) - { - return false; // bad return type from system.multicall - } - $numRets = count($rets); - if($numRets != count($msgs)) - { - return false; // wrong number of return values. - } - - $response = array(); - for($i = 0; $i < $numRets; $i++) - { - $val = $rets[$i]; - if (!is_array($val)) { - return false; - } - switch(count($val)) - { - case 1: - if(!isset($val[0])) - { - return false; // Bad value - } - // Normal return value - $response[$i] =& new xmlrpcresp($val[0], 0, '', 'phpvals'); - break; - case 2: - /// @todo remove usage of @: it is apparently quite slow - $code = @$val['faultCode']; - if(!is_int($code)) - { - return false; - } - $str = @$val['faultString']; - if(!is_string($str)) - { - return false; - } - $response[$i] =& new xmlrpcresp(0, $code, $str); - break; - default: - return false; - } - } - return $response; - } - else // return type == 'xmlrpcvals' - { - $rets = $result->value(); - if($rets->kindOf() != 'array') - { - return false; // bad return type from system.multicall - } - $numRets = $rets->arraysize(); - if($numRets != count($msgs)) - { - return false; // wrong number of return values. - } - - $response = array(); - for($i = 0; $i < $numRets; $i++) - { - $val = $rets->arraymem($i); - switch($val->kindOf()) - { - case 'array': - if($val->arraysize() != 1) - { - return false; // Bad value - } - // Normal return value - $response[$i] =& new xmlrpcresp($val->arraymem(0)); - break; - case 'struct': - $code = $val->structmem('faultCode'); - if($code->kindOf() != 'scalar' || $code->scalartyp() != 'int') - { - return false; - } - $str = $val->structmem('faultString'); - if($str->kindOf() != 'scalar' || $str->scalartyp() != 'string') - { - return false; - } - $response[$i] =& new xmlrpcresp(0, $code->scalarval(), $str->scalarval()); - break; - default: - return false; - } - } - return $response; - } - } - } // end class xmlrpc_client - - class xmlrpcresp - { - var $val = 0; - var $valtyp; - var $errno = 0; - var $errstr = ''; - var $payload; - var $hdrs = array(); - var $_cookies = array(); - var $content_type = 'text/xml'; - var $raw_data = ''; - - /** - * @param mixed $val either an xmlrpcval obj, a php value or the xml serialization of an xmlrpcval (a string) - * @param integer $fcode set it to anything but 0 to create an error response - * @param string $fstr the error string, in case of an error response - * @param string $valtyp either 'xmlrpcvals', 'phpvals' or 'xml' - * - * @todo add check that $val / $fcode / $fstr is of correct type??? - * NB: as of now we do not do it, since it might be either an xmlrpcval or a plain - * php val, or a complete xml chunk, depending on usage of xmlrpc_client::send() inside which creator is called... - */ - function xmlrpcresp($val, $fcode = 0, $fstr = '', $valtyp='') - { - if($fcode != 0) - { - // error response - $this->errno = $fcode; - $this->errstr = $fstr; - //$this->errstr = htmlspecialchars($fstr); // XXX: encoding probably shouldn't be done here; fix later. - } - else - { - // successful response - $this->val = $val; - if ($valtyp == '') - { - // user did not declare type of response value: try to guess it - if (is_object($this->val) && is_a($this->val, 'xmlrpcval')) - { - $this->valtyp = 'xmlrpcvals'; - } - else if (is_string($this->val)) - { - $this->valtyp = 'xml'; - - } - else - { - $this->valtyp = 'phpvals'; - } - } - else - { - // user declares type of resp value: believe him - $this->valtyp = $valtyp; - } - } - } - - /** - * Returns the error code of the response. - * @return integer the error code of this response (0 for not-error responses) - * @access public - */ - function faultCode() - { - return $this->errno; - } - - /** - * Returns the error code of the response. - * @return string the error string of this response ('' for not-error responses) - * @access public - */ - function faultString() - { - return $this->errstr; - } - - /** - * Returns the value received by the server. - * @return mixed the xmlrpcval object returned by the server. Might be an xml string or php value if the response has been created by specially configured xmlrpc_client objects - * @access public - */ - function value() - { - return $this->val; - } - - /** - * Returns an array with the cookies received from the server. - * Array has the form: $cookiename => array ('value' => $val, $attr1 => $val1, $attr2 = $val2, ...) - * with attributes being e.g. 'expires', 'path', domain'. - * NB: cookies sent as 'expired' by the server (i.e. with an expiry date in the past) - * are still present in the array. It is up to the user-defined code to decide - * how to use the received cookies, and wheter they have to be sent back with the next - * request to the server (using xmlrpc_client::setCookie) or not - * @return array array of cookies received from the server - * @access public - */ - function cookies() - { - return $this->_cookies; - } - - /** - * Returns xml representation of the response. XML prologue not included - * @param string $charset_encoding the charset to be used for serialization. if null, US-ASCII is assumed - * @return string the xml representation of the response - * @access public - */ - function serialize($charset_encoding='') - { - if ($charset_encoding != '') - $this->content_type = 'text/xml; charset=' . $charset_encoding; - else - $this->content_type = 'text/xml'; - $result = "\n"; - if($this->errno) - { - // G. Giunta 2005/2/13: let non-ASCII response messages be tolerated by clients - // by xml-encoding non ascii chars - $result .= "\n" . -"\nfaultCode\n" . $this->errno . -"\n\n\nfaultString\n" . -xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $charset_encoding) . "\n\n" . -"\n\n"; - } - else - { - if(!is_object($this->val) || !is_a($this->val, 'xmlrpcval')) - { - if (is_string($this->val) && $this->valtyp == 'xml') - { - $result .= "\n\n" . - $this->val . - "\n"; - } - else - { - /// @todo try to build something serializable? - die('cannot serialize xmlrpcresp objects whose content is native php values'); - } - } - else - { - $result .= "\n\n" . - $this->val->serialize($charset_encoding) . - "\n"; - } - } - $result .= "\n"; - $this->payload = $result; - return $result; - } - } - - class xmlrpcmsg - { - var $payload; - var $methodname; - var $params=array(); - var $debug=0; - var $content_type = 'text/xml'; - - /** - * @param string $meth the name of the method to invoke - * @param array $pars array of parameters to be paased to the method (xmlrpcval objects) - */ - function xmlrpcmsg($meth, $pars=0) - { - $this->methodname=$meth; - if(is_array($pars) && count($pars)>0) - { - for($i=0; $iaddParam($pars[$i]); - } - } - } - - /** - * @access private - */ - function xml_header($charset_encoding='') - { - if ($charset_encoding != '') - { - return "\n\n"; - } - else - { - return "\n\n"; - } - } - - /** - * @access private - */ - function xml_footer() - { - return ''; - } - - /** - * @access private - */ - function kindOf() - { - return 'msg'; - } - - /** - * @access private - */ - function createPayload($charset_encoding='') - { - if ($charset_encoding != '') - $this->content_type = 'text/xml; charset=' . $charset_encoding; - else - $this->content_type = 'text/xml'; - $this->payload=$this->xml_header($charset_encoding); - $this->payload.='' . $this->methodname . "\n"; - $this->payload.="\n"; - for($i=0; $iparams); $i++) - { - $p=$this->params[$i]; - $this->payload.="\n" . $p->serialize($charset_encoding) . - "\n"; - } - $this->payload.="\n"; - $this->payload.=$this->xml_footer(); - } - - /** - * Gets/sets the xmlrpc method to be invoked - * @param string $meth the method to be set (leave empty not to set it) - * @return string the method that will be invoked - * @access public - */ - function method($meth='') - { - if($meth!='') - { - $this->methodname=$meth; - } - return $this->methodname; - } - - /** - * Returns xml representation of the message. XML prologue included - * @return string the xml representation of the message, xml prologue included - * @access public - */ - function serialize($charset_encoding='') - { - $this->createPayload($charset_encoding); - return $this->payload; - } - - /** - * Add a parameter to the list of parameters to be used upon method invocation - * @param xmlrpcval $par - * @return boolean false on failure - * @access public - */ - function addParam($par) - { - // add check: do not add to self params which are not xmlrpcvals - if(is_object($par) && is_a($par, 'xmlrpcval')) - { - $this->params[]=$par; - return true; - } - else - { - return false; - } - } - - /** - * Returns the nth parameter in the message. The index zero-based. - * @param integer $i the index of the parameter to fetch (zero based) - * @return xmlrpcval the i-th parameter - * @access public - */ - function getParam($i) { return $this->params[$i]; } - - /** - * Returns the number of parameters in the messge. - * @return integer the number of parameters currently set - * @access public - */ - function getNumParams() { return count($this->params); } - - /** - * Given an open file handle, read all data available and parse it as axmlrpc response. - * NB: the file handle is not closed by this function. - * @access public - * @return xmlrpcresp - * @todo add 2nd & 3rd param to be passed to ParseResponse() ??? - */ - function &parseResponseFile($fp) - { - $ipd=''; - while($data=fread($fp, 32768)) - { - $ipd.=$data; - } - //fclose($fp); - $r =& $this->parseResponse($ipd); - return $r; - } - - /** - * Parses HTTP headers and separates them from data. - * @access private - */ - function &parseResponseHeaders(&$data, $headers_processed=false) - { - // Support "web-proxy-tunelling" connections for https through proxies - if(preg_match('/^HTTP\/1\.[0-1] 200 Connection established/', $data)) - { - // Look for CR/LF or simple LF as line separator, - // (even though it is not valid http) - $pos = strpos($data,"\r\n\r\n"); - if($pos || is_int($pos)) - { - $bd = $pos+4; - } - else - { - $pos = strpos($data,"\n\n"); - if($pos || is_int($pos)) - { - $bd = $pos+2; - } - else - { - // No separation between response headers and body: fault? - $bd = 0; - } - } - if ($bd) - { - // this filters out all http headers from proxy. - // maybe we could take them into account, too? - $data = substr($data, $bd); - } - else - { - error_log('XML-RPC: xmlrpcmsg::parseResponse: HTTPS via proxy error, tunnel connection possibly failed'); - $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['http_error'], $GLOBALS['xmlrpcstr']['http_error']. ' (HTTPS via proxy error, tunnel connection possibly failed)'); - return $r; - } - } - - // Strip HTTP 1.1 100 Continue header if present - while(preg_match('/^HTTP\/1\.1 1[0-9]{2} /', $data)) - { - $pos = strpos($data, 'HTTP', 12); - // server sent a Continue header without any (valid) content following... - // give the client a chance to know it - if(!$pos && !is_int($pos)) // works fine in php 3, 4 and 5 - { - break; - } - $data = substr($data, $pos); - } - if(!preg_match('/^HTTP\/[0-9.]+ 200 /', $data)) - { - $errstr= substr($data, 0, strpos($data, "\n")-1); - error_log('XML-RPC: xmlrpcmsg::parseResponse: HTTP error, got response: ' .$errstr); - $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['http_error'], $GLOBALS['xmlrpcstr']['http_error']. ' (' . $errstr . ')'); - return $r; - } - - $GLOBALS['_xh']['headers'] = array(); - $GLOBALS['_xh']['cookies'] = array(); - - // be tolerant to usage of \n instead of \r\n to separate headers and data - // (even though it is not valid http) - $pos = strpos($data,"\r\n\r\n"); - if($pos || is_int($pos)) - { - $bd = $pos+4; - } - else - { - $pos = strpos($data,"\n\n"); - if($pos || is_int($pos)) - { - $bd = $pos+2; - } - else - { - // No separation between response headers and body: fault? - // we could take some action here instead of going on... - $bd = 0; - } - } - // be tolerant to line endings, and extra empty lines - $ar = split("\r?\n", trim(substr($data, 0, $pos))); - while(list(,$line) = @each($ar)) - { - // take care of multi-line headers and cookies - $arr = explode(':',$line,2); - if(count($arr) > 1) - { - $header_name = strtolower(trim($arr[0])); - /// @todo some other headers (the ones that allow a CSV list of values) - /// do allow many values to be passed using multiple header lines. - /// We should add content to $GLOBALS['_xh']['headers'][$header_name] - /// instead of replacing it for those... - if ($header_name == 'set-cookie' || $header_name == 'set-cookie2') - { - if ($header_name == 'set-cookie2') - { - // version 2 cookies: - // there could be many cookies on one line, comma separated - $cookies = explode(',', $arr[1]); - } - else - { - $cookies = array($arr[1]); - } - foreach ($cookies as $cookie) - { - // glue together all received cookies, using a comma to separate them - // (same as php does with getallheaders()) - if (isset($GLOBALS['_xh']['headers'][$header_name])) - $GLOBALS['_xh']['headers'][$header_name] .= ', ' . trim($cookie); - else - $GLOBALS['_xh']['headers'][$header_name] = trim($cookie); - // parse cookie attributes, in case user wants to correctly honour them - // feature creep: only allow rfc-compliant cookie attributes? - // @todo support for server sending multiple time cookie with same name, but using different PATHs - $cookie = explode(';', $cookie); - foreach ($cookie as $pos => $val) - { - $val = explode('=', $val, 2); - $tag = trim($val[0]); - $val = trim(@$val[1]); - /// @todo with version 1 cookies, we should strip leading and trailing " chars - if ($pos == 0) - { - $cookiename = $tag; - $GLOBALS['_xh']['cookies'][$tag] = array(); - $GLOBALS['_xh']['cookies'][$cookiename]['value'] = urldecode($val); - } - else - { - if ($tag != 'value') - { - $GLOBALS['_xh']['cookies'][$cookiename][$tag] = $val; - } - } - } - } - } - else - { - $GLOBALS['_xh']['headers'][$header_name] = trim($arr[1]); - } - } - elseif(isset($header_name)) - { - /// @todo version1 cookies might span multiple lines, thus breaking the parsing above - $GLOBALS['_xh']['headers'][$header_name] .= ' ' . trim($line); - } - } - - $data = substr($data, $bd); - - if($this->debug && count($GLOBALS['_xh']['headers'])) - { - print '
';
-					foreach($GLOBALS['_xh']['headers'] as $header => $value)
-					{
-						print htmlentities("HEADER: $header: $value\n");
-					}
-					foreach($GLOBALS['_xh']['cookies'] as $header => $value)
-					{
-						print htmlentities("COOKIE: $header={$value['value']}\n");
-					}
-					print "
\n"; - } - - // if CURL was used for the call, http headers have been processed, - // and dechunking + reinflating have been carried out - if(!$headers_processed) - { - // Decode chunked encoding sent by http 1.1 servers - if(isset($GLOBALS['_xh']['headers']['transfer-encoding']) && $GLOBALS['_xh']['headers']['transfer-encoding'] == 'chunked') - { - if(!$data = decode_chunked($data)) - { - error_log('XML-RPC: xmlrpcmsg::parseResponse: errors occurred when trying to rebuild the chunked data received from server'); - $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['dechunk_fail'], $GLOBALS['xmlrpcstr']['dechunk_fail']); - return $r; - } - } - - // Decode gzip-compressed stuff - // code shamelessly inspired from nusoap library by Dietrich Ayala - if(isset($GLOBALS['_xh']['headers']['content-encoding'])) - { - $GLOBALS['_xh']['headers']['content-encoding'] = str_replace('x-', '', $GLOBALS['_xh']['headers']['content-encoding']); - if($GLOBALS['_xh']['headers']['content-encoding'] == 'deflate' || $GLOBALS['_xh']['headers']['content-encoding'] == 'gzip') - { - // if decoding works, use it. else assume data wasn't gzencoded - if(function_exists('gzinflate')) - { - if($GLOBALS['_xh']['headers']['content-encoding'] == 'deflate' && $degzdata = @gzuncompress($data)) - { - $data = $degzdata; - if($this->debug) - print "
---INFLATED RESPONSE---[".strlen($data)." chars]---\n" . htmlentities($data) . "\n---END---
"; - } - elseif($GLOBALS['_xh']['headers']['content-encoding'] == 'gzip' && $degzdata = @gzinflate(substr($data, 10))) - { - $data = $degzdata; - if($this->debug) - print "
---INFLATED RESPONSE---[".strlen($data)." chars]---\n" . htmlentities($data) . "\n---END---
"; - } - else - { - error_log('XML-RPC: xmlrpcmsg::parseResponse: errors occurred when trying to decode the deflated data received from server'); - $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['decompress_fail'], $GLOBALS['xmlrpcstr']['decompress_fail']); - return $r; - } - } - else - { - error_log('XML-RPC: xmlrpcmsg::parseResponse: the server sent deflated data. Your php install must have the Zlib extension compiled in to support this.'); - $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['cannot_decompress'], $GLOBALS['xmlrpcstr']['cannot_decompress']); - return $r; - } - } - } - } // end of 'if needed, de-chunk, re-inflate response' - - // real stupid hack to avoid PHP 4 complaining about returning NULL by ref - $r = null; - $r =& $r; - return $r; - } - - /** - * Parse the xmlrpc response contained in the string $data and return an xmlrpcresp object. - * @param string $data the xmlrpc response, eventually including http headers - * @param bool $headers_processed when true prevents parsing HTTP headers for interpretation of content-encoding and consequent decoding - * @param string $return_type decides return type, i.e. content of response->value(). Either 'xmlrpcvals', 'xml' or 'phpvals' - * @return xmlrpcresp - * @access public - */ - function &parseResponse($data='', $headers_processed=false, $return_type='xmlrpcvals') - { - if($this->debug) - { - //by maHo, replaced htmlspecialchars with htmlentities - print "
---GOT---\n" . htmlentities($data) . "\n---END---\n
"; - } - - if($data == '') - { - error_log('XML-RPC: xmlrpcmsg::parseResponse: no response received from server.'); - $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['no_data'], $GLOBALS['xmlrpcstr']['no_data']); - return $r; - } - - $GLOBALS['_xh']=array(); - - $raw_data = $data; - // parse the HTTP headers of the response, if present, and separate them from data - if(substr($data, 0, 4) == 'HTTP') - { - $r =& $this->parseResponseHeaders($data, $headers_processed); - if ($r) - { - // failed processing of HTTP response headers - // save into response obj the full payload received, for debugging - $r->raw_data = $data; - return $r; - } - } - else - { - $GLOBALS['_xh']['headers'] = array(); - $GLOBALS['_xh']['cookies'] = array(); - } - - if($this->debug) - { - $start = strpos($data, '', $start); - $comments = substr($data, $start, $end-$start); - print "
---SERVER DEBUG INFO (DECODED) ---\n\t".htmlentities(str_replace("\n", "\n\t", base64_decode($comments)))."\n---END---\n
"; - } - } - - // be tolerant of extra whitespace in response body - $data = trim($data); - - /// @todo return an error msg if $data=='' ? - - // be tolerant of junk after methodResponse (e.g. javascript ads automatically inserted by free hosts) - // idea from Luca Mariano originally in PEARified version of the lib - $bd = false; - // Poor man's version of strrpos for php 4... - $pos = strpos($data, ''); - while($pos || is_int($pos)) - { - $bd = $pos+17; - $pos = strpos($data, '', $bd); - } - if($bd) - { - $data = substr($data, 0, $bd); - } - - // if user wants back raw xml, give it to him - if ($return_type == 'xml') - { - $r =& new xmlrpcresp($data, 0, '', 'xml'); - $r->hdrs = $GLOBALS['_xh']['headers']; - $r->_cookies = $GLOBALS['_xh']['cookies']; - $r->raw_data = $raw_data; - return $r; - } - - // try to 'guestimate' the character encoding of the received response - $resp_encoding = guess_encoding(@$GLOBALS['_xh']['headers']['content-type'], $data); - - $GLOBALS['_xh']['ac']=''; - //$GLOBALS['_xh']['qt']=''; //unused... - $GLOBALS['_xh']['stack'] = array(); - $GLOBALS['_xh']['valuestack'] = array(); - $GLOBALS['_xh']['isf']=0; // 0 = OK, 1 for xmlrpc fault responses, 2 = invalid xmlrpc - $GLOBALS['_xh']['isf_reason']=''; - $GLOBALS['_xh']['rt']=''; // 'methodcall or 'methodresponse' - - // if response charset encoding is not known / supported, try to use - // the default encoding and parse the xml anyway, but log a warning... - if (!in_array($resp_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) - // the following code might be better for mb_string enabled installs, but - // makes the lib about 200% slower... - //if (!is_valid_charset($resp_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) - { - error_log('XML-RPC: xmlrpcmsg::parseResponse: invalid charset encoding of received response: '.$resp_encoding); - $resp_encoding = $GLOBALS['xmlrpc_defencoding']; - } - $parser = xml_parser_create($resp_encoding); - xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true); - // G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell - // the xml parser to give us back data in the expected charset. - // What if internal encoding is not in one of the 3 allowed? - // we use the broadest one, ie. utf8 - // This allows to send data which is native in various charset, - // by extending xmlrpc_encode_entitites() and setting xmlrpc_internalencoding - if (!in_array($GLOBALS['xmlrpc_internalencoding'], array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) - { - xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, 'UTF-8'); - } - else - { - xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $GLOBALS['xmlrpc_internalencoding']); - } - - if ($return_type == 'phpvals') - { - xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee_fast'); - } - else - { - xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee'); - } - - xml_set_character_data_handler($parser, 'xmlrpc_cd'); - xml_set_default_handler($parser, 'xmlrpc_dh'); - - // first error check: xml not well formed - if(!xml_parse($parser, $data, count($data))) - { - // thanks to Peter Kocks - if((xml_get_current_line_number($parser)) == 1) - { - $errstr = 'XML error at line 1, check URL'; - } - else - { - $errstr = sprintf('XML error: %s at line %d, column %d', - xml_error_string(xml_get_error_code($parser)), - xml_get_current_line_number($parser), xml_get_current_column_number($parser)); - } - error_log($errstr); - $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['invalid_return'], $GLOBALS['xmlrpcstr']['invalid_return'].' ('.$errstr.')'); - xml_parser_free($parser); - if($this->debug) - { - print $errstr; - } - $r->hdrs = $GLOBALS['_xh']['headers']; - $r->_cookies = $GLOBALS['_xh']['cookies']; - $r->raw_data = $raw_data; - return $r; - } - xml_parser_free($parser); - // second error check: xml well formed but not xml-rpc compliant - if ($GLOBALS['_xh']['isf'] > 1) - { - if ($this->debug) - { - /// @todo echo something for user? - } - - $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['invalid_return'], - $GLOBALS['xmlrpcstr']['invalid_return'] . ' ' . $GLOBALS['_xh']['isf_reason']); - } - // third error check: parsing of the response has somehow gone boink. - // NB: shall we omit this check, since we trust the parsing code? - elseif ($return_type == 'xmlrpcvals' && !is_object($GLOBALS['_xh']['value'])) - { - // something odd has happened - // and it's time to generate a client side error - // indicating something odd went on - $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['invalid_return'], - $GLOBALS['xmlrpcstr']['invalid_return']); - } - else - { - if ($this->debug) - { - print "
---PARSED---\n";
-					// somehow htmlentities chokes on var_export, and some full html string...
-					//print htmlentitites(var_export($GLOBALS['_xh']['value'], true));
-					print htmlspecialchars(var_export($GLOBALS['_xh']['value'], true));
-					print "\n---END---
"; - } - - // note that using =& will raise an error if $GLOBALS['_xh']['st'] does not generate an object. - $v =& $GLOBALS['_xh']['value']; - - if($GLOBALS['_xh']['isf']) - { - /// @todo we should test here if server sent an int and a string, - /// and/or coerce them into such... - if ($return_type == 'xmlrpcvals') - { - $errno_v = $v->structmem('faultCode'); - $errstr_v = $v->structmem('faultString'); - $errno = $errno_v->scalarval(); - $errstr = $errstr_v->scalarval(); - } - else - { - $errno = $v['faultCode']; - $errstr = $v['faultString']; - } - - if($errno == 0) - { - // FAULT returned, errno needs to reflect that - $errno = -1; - } - - $r =& new xmlrpcresp(0, $errno, $errstr); - } - else - { - $r=&new xmlrpcresp($v, 0, '', $return_type); - } - } - - $r->hdrs = $GLOBALS['_xh']['headers']; - $r->_cookies = $GLOBALS['_xh']['cookies']; - $r->raw_data = $raw_data; - return $r; - } - } - - class xmlrpcval - { - var $me=array(); - var $mytype=0; - var $_php_class=null; - - /** - * @param mixed $val - * @param string $type any valid xmlrpc type name (lowercase). If null, 'string' is assumed - */ - function xmlrpcval($val=-1, $type='') - { - /// @todo: optimization creep - do not call addXX, do it all inline. - /// downside: booleans will not be coerced anymore - if($val!==-1 || $type!='') - { - // optimization creep: inlined all work done by constructor - switch($type) - { - case '': - $this->mytype=1; - $this->me['string']=$val; - break; - case 'i4': - case 'int': - case 'double': - case 'string': - case 'boolean': - case 'dateTime.iso8601': - case 'base64': - case 'null': - $this->mytype=1; - $this->me[$type]=$val; - break; - case 'array': - $this->mytype=2; - $this->me['array']=$val; - break; - case 'struct': - $this->mytype=3; - $this->me['struct']=$val; - break; - default: - error_log("XML-RPC: xmlrpcval::xmlrpcval: not a known type ($type)"); - } - /*if($type=='') - { - $type='string'; - } - if($GLOBALS['xmlrpcTypes'][$type]==1) - { - $this->addScalar($val,$type); - } - elseif($GLOBALS['xmlrpcTypes'][$type]==2) - { - $this->addArray($val); - } - elseif($GLOBALS['xmlrpcTypes'][$type]==3) - { - $this->addStruct($val); - }*/ - } - } - - /** - * Add a single php value to an (unitialized) xmlrpcval - * @param mixed $val - * @param string $type - * @return int 1 or 0 on failure - */ - function addScalar($val, $type='string') - { - $typeof=@$GLOBALS['xmlrpcTypes'][$type]; - if($typeof!=1) - { - error_log("XML-RPC: xmlrpcval::addScalar: not a scalar type ($type)"); - return 0; - } - - // coerce booleans into correct values - // NB: we should iether do it for datetimes, integers and doubles, too, - // or just plain remove this check, implemnted on booleans only... - if($type==$GLOBALS['xmlrpcBoolean']) - { - if(strcasecmp($val,'true')==0 || $val==1 || ($val==true && strcasecmp($val,'false'))) - { - $val=true; - } - else - { - $val=false; - } - } - - switch($this->mytype) - { - case 1: - error_log('XML-RPC: xmlrpcval::addScalar: scalar xmlrpcval can have only one value'); - return 0; - case 3: - error_log('XML-RPC: xmlrpcval::addScalar: cannot add anonymous scalar to struct xmlrpcval'); - return 0; - case 2: - // we're adding a scalar value to an array here - //$ar=$this->me['array']; - //$ar[]=&new xmlrpcval($val, $type); - //$this->me['array']=$ar; - // Faster (?) avoid all the costly array-copy-by-val done here... - $this->me['array'][]=&new xmlrpcval($val, $type); - return 1; - default: - // a scalar, so set the value and remember we're scalar - $this->me[$type]=$val; - $this->mytype=$typeof; - return 1; - } - } - - /** - * Add an array of xmlrpcval objects to an xmlrpcval - * @param array $vals - * @return int 1 or 0 on failure - * @access public - * - * @todo add some checking for $vals to be an array of xmlrpcvals? - */ - function addArray($vals) - { - if($this->mytype==0) - { - $this->mytype=$GLOBALS['xmlrpcTypes']['array']; - $this->me['array']=$vals; - return 1; - } - elseif($this->mytype==2) - { - // we're adding to an array here - $this->me['array'] = array_merge($this->me['array'], $vals); - return 1; - } - else - { - error_log('XML-RPC: xmlrpcval::addArray: already initialized as a [' . $this->kindOf() . ']'); - return 0; - } - } - - /** - * Add an array of named xmlrpcval objects to an xmlrpcval - * @param array $vals - * @return int 1 or 0 on failure - * @access public - * - * @todo add some checking for $vals to be an array? - */ - function addStruct($vals) - { - if($this->mytype==0) - { - $this->mytype=$GLOBALS['xmlrpcTypes']['struct']; - $this->me['struct']=$vals; - return 1; - } - elseif($this->mytype==3) - { - // we're adding to a struct here - $this->me['struct'] = array_merge($this->me['struct'], $vals); - return 1; - } - else - { - error_log('XML-RPC: xmlrpcval::addStruct: already initialized as a [' . $this->kindOf() . ']'); - return 0; - } - } - - // poor man's version of print_r ??? - // DEPRECATED! - function dump($ar) - { - foreach($ar as $key => $val) - { - echo "$key => $val
"; - if($key == 'array') - { - while(list($key2, $val2) = each($val)) - { - echo "-- $key2 => $val2
"; - } - } - } - } - - /** - * Returns a string containing "struct", "array" or "scalar" describing the base type of the value - * @return string - * @access public - */ - function kindOf() - { - switch($this->mytype) - { - case 3: - return 'struct'; - break; - case 2: - return 'array'; - break; - case 1: - return 'scalar'; - break; - default: - return 'undef'; - } - } - - /** - * @access private - */ - function serializedata($typ, $val, $charset_encoding='') - { - $rs=''; - switch(@$GLOBALS['xmlrpcTypes'][$typ]) - { - case 1: - switch($typ) - { - case $GLOBALS['xmlrpcBase64']: - $rs.="<${typ}>" . base64_encode($val) . ""; - break; - case $GLOBALS['xmlrpcBoolean']: - $rs.="<${typ}>" . ($val ? '1' : '0') . ""; - break; - case $GLOBALS['xmlrpcString']: - // G. Giunta 2005/2/13: do NOT use htmlentities, since - // it will produce named html entities, which are invalid xml - $rs.="<${typ}>" . xmlrpc_encode_entitites($val, $GLOBALS['xmlrpc_internalencoding'], $charset_encoding). ""; - break; - case $GLOBALS['xmlrpcInt']: - case $GLOBALS['xmlrpcI4']: - $rs.="<${typ}>".(int)$val.""; - break; - case $GLOBALS['xmlrpcDouble']: - $rs.="<${typ}>".(double)$val.""; - break; - case $GLOBALS['xmlrpcNull']: - $rs.=""; - break; - default: - // no standard type value should arrive here, but provide a possibility - // for xmlrpcvals of unknown type... - $rs.="<${typ}>${val}"; - } - break; - case 3: - // struct - if ($this->_php_class) - { - $rs.='\n"; - } - else - { - $rs.="\n"; - } - foreach($val as $key2 => $val2) - { - $rs.=''.xmlrpc_encode_entitites($key2, $GLOBALS['xmlrpc_internalencoding'], $charset_encoding)."\n"; - //$rs.=$this->serializeval($val2); - $rs.=$val2->serialize($charset_encoding); - $rs.="\n"; - } - $rs.=''; - break; - case 2: - // array - $rs.="\n\n"; - for($i=0; $iserializeval($val[$i]); - $rs.=$val[$i]->serialize($charset_encoding); - } - $rs.="\n"; - break; - default: - break; - } - return $rs; - } - - /** - * Returns xml representation of the value. XML prologue not included - * @param string $charset_encoding the charset to be used for serialization. if null, US-ASCII is assumed - * @return string - * @access public - */ - function serialize($charset_encoding='') - { - // add check? slower, but helps to avoid recursion in serializing broken xmlrpcvals... - //if (is_object($o) && (get_class($o) == 'xmlrpcval' || is_subclass_of($o, 'xmlrpcval'))) - //{ - reset($this->me); - list($typ, $val) = each($this->me); - return '' . $this->serializedata($typ, $val, $charset_encoding) . "\n"; - //} - } - - // DEPRECATED - function serializeval($o) - { - // add check? slower, but helps to avoid recursion in serializing broken xmlrpcvals... - //if (is_object($o) && (get_class($o) == 'xmlrpcval' || is_subclass_of($o, 'xmlrpcval'))) - //{ - $ar=$o->me; - reset($ar); - list($typ, $val) = each($ar); - return '' . $this->serializedata($typ, $val) . "\n"; - //} - } - - /** - * Checks wheter a struct member with a given name is present. - * Works only on xmlrpcvals of type struct. - * @param string $m the name of the struct member to be looked up - * @return boolean - * @access public - */ - function structmemexists($m) - { - return array_key_exists($m, $this->me['struct']); - } - - /** - * Returns the value of a given struct member (an xmlrpcval object in itself). - * Will raise a php warning if struct member of given name does not exist - * @param string $m the name of the struct member to be looked up - * @return xmlrpcval - * @access public - */ - function structmem($m) - { - return $this->me['struct'][$m]; - } - - /** - * Reset internal pointer for xmlrpcvals of type struct. - * @access public - */ - function structreset() - { - reset($this->me['struct']); - } - - /** - * Return next member element for xmlrpcvals of type struct. - * @return xmlrpcval - * @access public - */ - function structeach() - { - return each($this->me['struct']); - } - - // DEPRECATED! this code looks like it is very fragile and has not been fixed - // for a long long time. Shall we remove it for 2.0? - function getval() - { - // UNSTABLE - reset($this->me); - list($a,$b)=each($this->me); - // contributed by I Sofer, 2001-03-24 - // add support for nested arrays to scalarval - // i've created a new method here, so as to - // preserve back compatibility - - if(is_array($b)) - { - @reset($b); - while(list($id,$cont) = @each($b)) - { - $b[$id] = $cont->scalarval(); - } - } - - // add support for structures directly encoding php objects - if(is_object($b)) - { - $t = get_object_vars($b); - @reset($t); - while(list($id,$cont) = @each($t)) - { - $t[$id] = $cont->scalarval(); - } - @reset($t); - while(list($id,$cont) = @each($t)) - { - @$b->$id = $cont; - } - } - // end contrib - return $b; - } - - /** - * Returns the value of a scalar xmlrpcval - * @return mixed - * @access public - */ - function scalarval() - { - reset($this->me); - list(,$b)=each($this->me); - return $b; - } - - /** - * Returns the type of the xmlrpcval. - * For integers, 'int' is always returned in place of 'i4' - * @return string - * @access public - */ - function scalartyp() - { - reset($this->me); - list($a,)=each($this->me); - if($a==$GLOBALS['xmlrpcI4']) - { - $a=$GLOBALS['xmlrpcInt']; - } - return $a; - } - - /** - * Returns the m-th member of an xmlrpcval of struct type - * @param integer $m the index of the value to be retrieved (zero based) - * @return xmlrpcval - * @access public - */ - function arraymem($m) - { - return $this->me['array'][$m]; - } - - /** - * Returns the number of members in an xmlrpcval of array type - * @return integer - * @access public - */ - function arraysize() - { - return count($this->me['array']); - } - - /** - * Returns the number of members in an xmlrpcval of struct type - * @return integer - * @access public - */ - function structsize() - { - return count($this->me['struct']); - } - } - - - // date helpers - - /** - * Given a timestamp, return the corresponding ISO8601 encoded string. - * - * Really, timezones ought to be supported - * but the XML-RPC spec says: - * - * "Don't assume a timezone. It should be specified by the server in its - * documentation what assumptions it makes about timezones." - * - * These routines always assume localtime unless - * $utc is set to 1, in which case UTC is assumed - * and an adjustment for locale is made when encoding - * - * @param int $timet (timestamp) - * @param int $utc (0 or 1) - * @return string - */ - function iso8601_encode($timet, $utc=0) - { - if(!$utc) - { - $t=strftime("%Y%m%dT%H:%M:%S", $timet); - } - else - { - if(function_exists('gmstrftime')) - { - // gmstrftime doesn't exist in some versions - // of PHP - $t=gmstrftime("%Y%m%dT%H:%M:%S", $timet); - } - else - { - $t=strftime("%Y%m%dT%H:%M:%S", $timet-date('Z')); - } - } - return $t; - } - - /** - * Given an ISO8601 date string, return a timet in the localtime, or UTC - * @param string $idate - * @param int $utc either 0 or 1 - * @return int (datetime) - */ - function iso8601_decode($idate, $utc=0) - { - $t=0; - if(preg_match('/([0-9]{4})([0-9]{2})([0-9]{2})T([0-9]{2}):([0-9]{2}):([0-9]{2})/', $idate, $regs)) - { - if($utc) - { - $t=gmmktime($regs[4], $regs[5], $regs[6], $regs[2], $regs[3], $regs[1]); - } - else - { - $t=mktime($regs[4], $regs[5], $regs[6], $regs[2], $regs[3], $regs[1]); - } - } - return $t; - } - - /** - * Takes an xmlrpc value in PHP xmlrpcval object format and translates it into native PHP types. - * - * Works with xmlrpc message objects as input, too. - * - * Given proper options parameter, can rebuild generic php object instances - * (provided those have been encoded to xmlrpc format using a corresponding - * option in php_xmlrpc_encode()) - * PLEASE NOTE that rebuilding php objects involves calling their constructor function. - * This means that the remote communication end can decide which php code will - * get executed on your server, leaving the door possibly open to 'php-injection' - * style of attacks (provided you have some classes defined on your server that - * might wreak havoc if instances are built outside an appropriate context). - * Make sure you trust the remote server/client before eanbling this! - * - * @author Dan Libby (dan@libby.com) - * - * @param xmlrpcval $xmlrpc_val - * @param array $options if 'decode_php_objs' is set in the options array, xmlrpc structs can be decoded into php objects - * @return mixed - */ - function php_xmlrpc_decode($xmlrpc_val, $options=array()) - { - switch($xmlrpc_val->kindOf()) - { - case 'scalar': - if (in_array('extension_api', $options)) - { - reset($xmlrpc_val->me); - list($typ,$val) = each($xmlrpc_val->me); - switch ($typ) - { - case 'dateTime.iso8601': - $xmlrpc_val->scalar = $val; - $xmlrpc_val->xmlrpc_type = 'datetime'; - $xmlrpc_val->timestamp = iso8601_decode($val); - return $xmlrpc_val; - case 'base64': - $xmlrpc_val->scalar = $val; - $xmlrpc_val->type = $typ; - return $xmlrpc_val; - default: - return $xmlrpc_val->scalarval(); - } - } - return $xmlrpc_val->scalarval(); - case 'array': - $size = $xmlrpc_val->arraysize(); - $arr = array(); - for($i = 0; $i < $size; $i++) - { - $arr[] = php_xmlrpc_decode($xmlrpc_val->arraymem($i), $options); - } - return $arr; - case 'struct': - $xmlrpc_val->structreset(); - // If user said so, try to rebuild php objects for specific struct vals. - /// @todo should we raise a warning for class not found? - // shall we check for proper subclass of xmlrpcval instead of - // presence of _php_class to detect what we can do? - if (in_array('decode_php_objs', $options) && $xmlrpc_val->_php_class != '' - && class_exists($xmlrpc_val->_php_class)) - { - $obj = @new $xmlrpc_val->_php_class; - while(list($key,$value)=$xmlrpc_val->structeach()) - { - $obj->$key = php_xmlrpc_decode($value, $options); - } - return $obj; - } - else - { - $arr = array(); - while(list($key,$value)=$xmlrpc_val->structeach()) - { - $arr[$key] = php_xmlrpc_decode($value, $options); - } - return $arr; - } - case 'msg': - $paramcount = $xmlrpc_val->getNumParams(); - $arr = array(); - for($i = 0; $i < $paramcount; $i++) - { - $arr[] = php_xmlrpc_decode($xmlrpc_val->getParam($i)); - } - return $arr; - } - } - - // This constant left here only for historical reasons... - // it was used to decide if we have to define xmlrpc_encode on our own, but - // we do not do it anymore - if(function_exists('xmlrpc_decode')) - { - define('XMLRPC_EPI_ENABLED','1'); - } - else - { - define('XMLRPC_EPI_ENABLED','0'); - } - - /** - * Takes native php types and encodes them into xmlrpc PHP object format. - * It will not re-encode xmlrpcval objects. - * - * Feature creep -- could support more types via optional type argument - * (string => datetime support has been added, ??? => base64 not yet) - * - * If given a proper options parameter, php object instances will be encoded - * into 'special' xmlrpc values, that can later be decoded into php objects - * by calling php_xmlrpc_decode() with a corresponding option - * - * @author Dan Libby (dan@libby.com) - * - * @param mixed $php_val the value to be converted into an xmlrpcval object - * @param array $options can include 'encode_php_objs', 'auto_dates', 'null_extension' or 'extension_api' - * @return xmlrpcval - */ - function &php_xmlrpc_encode($php_val, $options=array()) - { - $type = gettype($php_val); - switch($type) - { - case 'string': - if (in_array('auto_dates', $options) && preg_match('/^[0-9]{8}T[0-9]{2}:[0-9]{2}:[0-9]{2}$/', $php_val)) - $xmlrpc_val =& new xmlrpcval($php_val, $GLOBALS['xmlrpcDateTime']); - else - $xmlrpc_val =& new xmlrpcval($php_val, $GLOBALS['xmlrpcString']); - break; - case 'integer': - $xmlrpc_val =& new xmlrpcval($php_val, $GLOBALS['xmlrpcInt']); - break; - case 'double': - $xmlrpc_val =& new xmlrpcval($php_val, $GLOBALS['xmlrpcDouble']); - break; - // - // Add support for encoding/decoding of booleans, since they are supported in PHP - case 'boolean': - $xmlrpc_val =& new xmlrpcval($php_val, $GLOBALS['xmlrpcBoolean']); - break; - // - case 'array': - // PHP arrays can be encoded to either xmlrpc structs or arrays, - // depending on wheter they are hashes or plain 0..n integer indexed - // A shorter one-liner would be - // $tmp = array_diff(array_keys($php_val), range(0, count($php_val)-1)); - // but execution time skyrockets! - $j = 0; - $arr = array(); - $ko = false; - foreach($php_val as $key => $val) - { - $arr[$key] =& php_xmlrpc_encode($val, $options); - if(!$ko && $key !== $j) - { - $ko = true; - } - $j++; - } - if($ko) - { - $xmlrpc_val =& new xmlrpcval($arr, $GLOBALS['xmlrpcStruct']); - } - else - { - $xmlrpc_val =& new xmlrpcval($arr, $GLOBALS['xmlrpcArray']); - } - break; - case 'object': - if(is_a($php_val, 'xmlrpcval')) - { - $xmlrpc_val = $php_val; - } - else - { - $arr = array(); - while(list($k,$v) = each($php_val)) - { - $arr[$k] = php_xmlrpc_encode($v, $options); - } - $xmlrpc_val =& new xmlrpcval($arr, $GLOBALS['xmlrpcStruct']); - if (in_array('encode_php_objs', $options)) - { - // let's save original class name into xmlrpcval: - // might be useful later on... - $xmlrpc_val->_php_class = get_class($php_val); - } - } - break; - case 'NULL': - if (in_array('extension_api', $options)) - { - $xmlrpc_val =& new xmlrpcval('', $GLOBALS['xmlrpcString']); - } - if (in_array('null_extension', $options)) - { - $xmlrpc_val =& new xmlrpcval('', $GLOBALS['xmlrpcNull']); - } - else - { - $xmlrpc_val =& new xmlrpcval(); - } - break; - case 'resource': - if (in_array('extension_api', $options)) - { - $xmlrpc_val =& new xmlrpcval((int)$php_val, $GLOBALS['xmlrpcInt']); - } - else - { - $xmlrpc_val =& new xmlrpcval(); - } - // catch "user function", "unknown type" - default: - // giancarlo pinerolo - // it has to return - // an empty object in case, not a boolean. - $xmlrpc_val =& new xmlrpcval(); - break; - } - return $xmlrpc_val; - } - - /** - * Convert the xml representation of a method response, method request or single - * xmlrpc value into the appropriate object (a.k.a. deserialize) - * @param string $xml_val - * @param array $options - * @return mixed false on error, or an instance of either xmlrpcval, xmlrpcmsg or xmlrpcresp - */ - function php_xmlrpc_decode_xml($xml_val, $options=array()) - { - $GLOBALS['_xh'] = array(); - $GLOBALS['_xh']['ac'] = ''; - $GLOBALS['_xh']['stack'] = array(); - $GLOBALS['_xh']['valuestack'] = array(); - $GLOBALS['_xh']['params'] = array(); - $GLOBALS['_xh']['pt'] = array(); - $GLOBALS['_xh']['isf'] = 0; - $GLOBALS['_xh']['isf_reason'] = ''; - $GLOBALS['_xh']['method'] = false; - $GLOBALS['_xh']['rt'] = ''; - /// @todo 'guestimate' encoding - $parser = xml_parser_create(); - xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true); - // What if internal encoding is not in one of the 3 allowed? - // we use the broadest one, ie. utf8! - if (!in_array($GLOBALS['xmlrpc_internalencoding'], array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) - { - xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, 'UTF-8'); - } - else - { - xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $GLOBALS['xmlrpc_internalencoding']); - } - xml_set_element_handler($parser, 'xmlrpc_se_any', 'xmlrpc_ee'); - xml_set_character_data_handler($parser, 'xmlrpc_cd'); - xml_set_default_handler($parser, 'xmlrpc_dh'); - if(!xml_parse($parser, $xml_val, 1)) - { - $errstr = sprintf('XML error: %s at line %d, column %d', - xml_error_string(xml_get_error_code($parser)), - xml_get_current_line_number($parser), xml_get_current_column_number($parser)); - error_log($errstr); - xml_parser_free($parser); - return false; - } - xml_parser_free($parser); - if ($GLOBALS['_xh']['isf'] > 1) // test that $GLOBALS['_xh']['value'] is an obj, too??? - { - error_log($GLOBALS['_xh']['isf_reason']); - return false; - } - switch ($GLOBALS['_xh']['rt']) - { - case 'methodresponse': - $v =& $GLOBALS['_xh']['value']; - if ($GLOBALS['_xh']['isf'] == 1) - { - $vc = $v->structmem('faultCode'); - $vs = $v->structmem('faultString'); - $r =& new xmlrpcresp(0, $vc->scalarval(), $vs->scalarval()); - } - else - { - $r =& new xmlrpcresp($v); - } - return $r; - case 'methodcall': - $m =& new xmlrpcmsg($GLOBALS['_xh']['method']); - for($i=0; $i < count($GLOBALS['_xh']['params']); $i++) - { - $m->addParam($GLOBALS['_xh']['params'][$i]); - } - return $m; - case 'value': - return $GLOBALS['_xh']['value']; - default: - return false; - } - } - - /** - * decode a string that is encoded w/ "chunked" transfer encoding - * as defined in rfc2068 par. 19.4.6 - * code shamelessly stolen from nusoap library by Dietrich Ayala - * - * @param string $buffer the string to be decoded - * @return string - */ - function decode_chunked($buffer) - { - // length := 0 - $length = 0; - $new = ''; - - // read chunk-size, chunk-extension (if any) and crlf - // get the position of the linebreak - $chunkend = strpos($buffer,"\r\n") + 2; - $temp = substr($buffer,0,$chunkend); - $chunk_size = hexdec( trim($temp) ); - $chunkstart = $chunkend; - while($chunk_size > 0) - { - $chunkend = strpos($buffer, "\r\n", $chunkstart + $chunk_size); - - // just in case we got a broken connection - if($chunkend == false) - { - $chunk = substr($buffer,$chunkstart); - // append chunk-data to entity-body - $new .= $chunk; - $length += strlen($chunk); - break; - } - - // read chunk-data and crlf - $chunk = substr($buffer,$chunkstart,$chunkend-$chunkstart); - // append chunk-data to entity-body - $new .= $chunk; - // length := length + chunk-size - $length += strlen($chunk); - // read chunk-size and crlf - $chunkstart = $chunkend + 2; - - $chunkend = strpos($buffer,"\r\n",$chunkstart)+2; - if($chunkend == false) - { - break; //just in case we got a broken connection - } - $temp = substr($buffer,$chunkstart,$chunkend-$chunkstart); - $chunk_size = hexdec( trim($temp) ); - $chunkstart = $chunkend; - } - return $new; - } - - /** - * xml charset encoding guessing helper function. - * Tries to determine the charset encoding of an XML chunk - * received over HTTP. - * NB: according to the spec (RFC 3023, if text/xml content-type is received over HTTP without a content-type, - * we SHOULD assume it is strictly US-ASCII. But we try to be more tolerant of unconforming (legacy?) clients/servers, - * which will be most probably using UTF-8 anyway... - * - * @param string $httpheaders the http Content-type header - * @param string $xmlchunk xml content buffer - * @param string $encoding_prefs comma separated list of character encodings to be used as default (when mb extension is enabled) - * - * @todo explore usage of mb_http_input(): does it detect http headers + post data? if so, use it instead of hand-detection!!! - */ - function guess_encoding($httpheader='', $xmlchunk='', $encoding_prefs=null) - { - // discussion: see http://www.yale.edu/pclt/encoding/ - // 1 - test if encoding is specified in HTTP HEADERS - - //Details: - // LWS: (\13\10)?( |\t)+ - // token: (any char but excluded stuff)+ - // header: Content-type = ...; charset=value(; ...)* - // where value is of type token, no LWS allowed between 'charset' and value - // Note: we do not check for invalid chars in VALUE: - // this had better be done using pure ereg as below - - /// @todo this test will pass if ANY header has charset specification, not only Content-Type. Fix it? - $matches = array(); - if(preg_match('/;\s*charset=([^;]+)/i', $httpheader, $matches)) - { - return strtoupper(trim($matches[1])); - } - - // 2 - scan the first bytes of the data for a UTF-16 (or other) BOM pattern - // (source: http://www.w3.org/TR/2000/REC-xml-20001006) - // NOTE: actually, according to the spec, even if we find the BOM and determine - // an encoding, we should check if there is an encoding specified - // in the xml declaration, and verify if they match. - /// @todo implement check as described above? - /// @todo implement check for first bytes of string even without a BOM? (It sure looks harder than for cases WITH a BOM) - if(preg_match('/^(\x00\x00\xFE\xFF|\xFF\xFE\x00\x00|\x00\x00\xFF\xFE|\xFE\xFF\x00\x00)/', $xmlchunk)) - { - return 'UCS-4'; - } - elseif(preg_match('/^(\xFE\xFF|\xFF\xFE)/', $xmlchunk)) - { - return 'UTF-16'; - } - elseif(preg_match('/^(\xEF\xBB\xBF)/', $xmlchunk)) - { - return 'UTF-8'; - } - - // 3 - test if encoding is specified in the xml declaration - // Details: - // SPACE: (#x20 | #x9 | #xD | #xA)+ === [ \x9\xD\xA]+ - // EQ: SPACE?=SPACE? === [ \x9\xD\xA]*=[ \x9\xD\xA]* - if (preg_match('/^<\?xml\s+version\s*=\s*'. "((?:\"[a-zA-Z0-9_.:-]+\")|(?:'[a-zA-Z0-9_.:-]+'))". - '\s+encoding\s*=\s*' . "((?:\"[A-Za-z][A-Za-z0-9._-]*\")|(?:'[A-Za-z][A-Za-z0-9._-]*'))/", - $xmlchunk, $matches)) - { - return strtoupper(substr($matches[2], 1, -1)); - } - - // 4 - if mbstring is available, let it do the guesswork - // NB: we favour finding an encoding that is compatible with what we can process - if(extension_loaded('mbstring')) - { - if($encoding_prefs) - { - $enc = mb_detect_encoding($xmlchunk, $encoding_prefs); - } - else - { - $enc = mb_detect_encoding($xmlchunk); - } - // NB: mb_detect likes to call it ascii, xml parser likes to call it US_ASCII... - // IANA also likes better US-ASCII, so go with it - if($enc == 'ASCII') - { - $enc = 'US-'.$enc; - } - return $enc; - } - else - { - // no encoding specified: as per HTTP1.1 assume it is iso-8859-1? - // Both RFC 2616 (HTTP 1.1) and 1945(http 1.0) clearly state that for text/xxx content types - // this should be the standard. And we should be getting text/xml as request and response. - // BUT we have to be backward compatible with the lib, which always used UTF-8 as default... - return $GLOBALS['xmlrpc_defencoding']; - } - } - - /** - * Checks if a given charset encoding is present in a list of encodings or - * if it is a valid subset of any encoding in the list - * @param string $encoding charset to be tested - * @param mixed $validlist comma separated list of valid charsets (or array of charsets) - */ - function is_valid_charset($encoding, $validlist) - { - $charset_supersets = array( - 'US-ASCII' => array ('ISO-8859-1', 'ISO-8859-2', 'ISO-8859-3', 'ISO-8859-4', - 'ISO-8859-5', 'ISO-8859-6', 'ISO-8859-7', 'ISO-8859-8', - 'ISO-8859-9', 'ISO-8859-10', 'ISO-8859-11', 'ISO-8859-12', - 'ISO-8859-13', 'ISO-8859-14', 'ISO-8859-15', 'UTF-8', - 'EUC-JP', 'EUC-', 'EUC-KR', 'EUC-CN') - ); - if (is_string($validlist)) - $validlist = explode(',', $validlist); - if (@in_array(strtoupper($encoding), $validlist)) - return true; - else - { - if (array_key_exists($encoding, $charset_supersets)) - foreach ($validlist as $allowed) - if (in_array($allowed, $charset_supersets[$encoding])) - return true; - return false; - } - } - -?> \ No newline at end of file diff --git a/central/trunk/xmlrpc/xmlrpc_wrappers.inc b/central/trunk/xmlrpc/xmlrpc_wrappers.inc deleted file mode 100644 index cd0a56f..0000000 --- a/central/trunk/xmlrpc/xmlrpc_wrappers.inc +++ /dev/null @@ -1,819 +0,0 @@ -isInternal()) - { - // Note: from PHP 5.1.0 onward, we will possibly be able to use invokeargs - // instead of getparameters to fully reflect internal php functions ? - error_log('XML-RPC: function to be wrapped is internal: '.$funcname); - return false; - } - - // retrieve parameter names, types and description from javadoc comments - - // function description - $desc = ''; - // type of return val: by default 'any' - $returns = $GLOBALS['xmlrpcValue']; - // desc of return val - $returnsDocs = ''; - // type + name of function parameters - $paramDocs = array(); - - $docs = $func->getDocComment(); - if($docs != '') - { - $docs = explode("\n", $docs); - $i = 0; - foreach($docs as $doc) - { - $doc = trim($doc, " \r\t/*"); - if(strlen($doc) && strpos($doc, '@') !== 0 && !$i) - { - if($desc) - { - $desc .= "\n"; - } - $desc .= $doc; - } - elseif(strpos($doc, '@param') === 0) - { - // syntax: @param type [$name] desc - if(preg_match('/@param\s+(\S+)(\s+\$\S+)?\s+(.+)/', $doc, $matches)) - { - if(strpos($matches[1], '|')) - { - //$paramDocs[$i]['type'] = explode('|', $matches[1]); - $paramDocs[$i]['type'] = 'mixed'; - } - else - { - $paramDocs[$i]['type'] = $matches[1]; - } - $paramDocs[$i]['name'] = trim($matches[2]); - $paramDocs[$i]['doc'] = $matches[3]; - } - $i++; - } - elseif(strpos($doc, '@return') === 0) - { - // syntax: @return type desc - //$returns = preg_split('/\s+/', $doc); - if(preg_match('/@return\s+(\S+)\s+(.+)/', $doc, $matches)) - { - $returns = php_2_xmlrpc_type($matches[1]); - if(isset($matches[2])) - { - $returnsDocs = $matches[2]; - } - } - } - } - } - - // execute introspection of actual function prototype - $params = array(); - $i = 0; - foreach($func->getParameters() as $paramobj) - { - $params[$i] = array(); - $params[$i]['name'] = '$'.$paramobj->getName(); - $params[$i]['isoptional'] = $paramobj->isOptional(); - $i++; - } - - - // start building of PHP code to be eval'd - $innercode = ''; - $i = 0; - $parsvariations = array(); - $pars = array(); - $pnum = count($params); - foreach($params as $param) - { - if (isset($paramDocs[$i]['name']) && $paramDocs[$i]['name'] && strtolower($paramDocs[$i]['name']) != strtolower($param['name'])) - { - // param name from phpdoc info does not match param definition! - $paramDocs[$i]['type'] = 'mixed'; - } - - if($param['isoptional']) - { - // this particular parameter is optional. save as valid previous list of parameters - $innercode .= "if (\$paramcount > $i) {\n"; - $parsvariations[] = $pars; - } - $innercode .= "\$p$i = \$msg->getParam($i);\n"; - if ($decode_php_objects) - { - $innercode .= "if (\$p{$i}->kindOf() == 'scalar') \$p$i = \$p{$i}->scalarval(); else \$p$i = php_{$prefix}_decode(\$p$i, array('decode_php_objs'));\n"; - } - else - { - $innercode .= "if (\$p{$i}->kindOf() == 'scalar') \$p$i = \$p{$i}->scalarval(); else \$p$i = php_{$prefix}_decode(\$p$i);\n"; - } - - $pars[] = "\$p$i"; - $i++; - if($param['isoptional']) - { - $innercode .= "}\n"; - } - if($i == $pnum) - { - // last allowed parameters combination - $parsvariations[] = $pars; - } - } - - $sigs = array(); - $psigs = array(); - if(count($parsvariations) == 0) - { - // only known good synopsis = no parameters - $parsvariations[] = array(); - $minpars = 0; - } - else - { - $minpars = count($parsvariations[0]); - } - - if($minpars) - { - // add to code the check for min params number - // NB: this check needs to be done BEFORE decoding param values - $innercode = "\$paramcount = \$msg->getNumParams();\n" . - "if (\$paramcount < $minpars) return new {$prefix}resp(0, {$GLOBALS['xmlrpcerr']['incorrect_params']}, '{$GLOBALS['xmlrpcstr']['incorrect_params']}');\n" . $innercode; - } - else - { - $innercode = "\$paramcount = \$msg->getNumParams();\n" . $innercode; - } - - $innercode .= "\$np = false;\n"; - foreach($parsvariations as $pars) - { - $innercode .= "if (\$paramcount == " . count($pars) . ") \$retval = {$catch_warnings}$funcname(" . implode(',', $pars) . "); else\n"; - // build a 'generic' signature (only use an appropriate return type) - $sig = array($returns); - $psig = array($returnsDocs); - for($i=0; $i < count($pars); $i++) - { - if (isset($paramDocs[$i]['type'])) - { - $sig[] = php_2_xmlrpc_type($paramDocs[$i]['type']); - } - else - { - $sig[] = $GLOBALS['xmlrpcValue']; - } - $psig[] = isset($paramDocs[$i]['doc']) ? $paramDocs[$i]['doc'] : ''; - } - $sigs[] = $sig; - $psigs[] = $psig; - } - $innercode .= "\$np = true;\n"; - $innercode .= "if (\$np) return new {$prefix}resp(0, {$GLOBALS['xmlrpcerr']['incorrect_params']}, '{$GLOBALS['xmlrpcstr']['incorrect_params']}'); else {\n"; - //$innercode .= "if (\$_xmlrpcs_error_occurred) return new xmlrpcresp(0, $GLOBALS['xmlrpcerr']user, \$_xmlrpcs_error_occurred); else\n"; - $innercode .= "if (is_a(\$retval, '{$prefix}resp')) return \$retval; else\n"; - if($returns == $GLOBALS['xmlrpcDateTime'] || $returns == $GLOBALS['xmlrpcBase64']) - { - $innercode .= "return new {$prefix}resp(new {$prefix}val(\$retval, '$returns'));"; - } - else - { - if ($encode_php_objects) - $innercode .= "return new {$prefix}resp(php_{$prefix}_encode(\$retval, array('encode_php_objs')));\n"; - else - $innercode .= "return new {$prefix}resp(php_{$prefix}_encode(\$retval));\n"; - } - // shall we exclude functions returning by ref? - // if($func->returnsReference()) - // return false; - $code = "function $xmlrpcfuncname(\$msg) {\n" . $innercode . "}\n}"; - //print_r($code); - if ($buildit) - { - $allOK = 0; - eval($code.'$allOK=1;'); - // alternative - //$xmlrpcfuncname = create_function('$m', $innercode); - - if(!$allOK) - { - error_log('XML-RPC: could not create function '.$xmlrpcfuncname.' to wrap php function '.$funcname); - return false; - } - } - - /// @todo examine if $paramDocs matches $parsvariations and build array for - /// usage as method signature, plus put together a nice string for docs - - $ret = array('function' => $xmlrpcfuncname, 'signature' => $sigs, 'docstring' => $desc, 'signature_docs' => $psigs, 'source' => $code); - return $ret; - } - } - - /** - * Given an xmlrpc client and a method name, register a php wrapper function - * that will call it and return results using native php types for both - * params and results. The generated php function will return an xmlrpcresp - * oject for failed xmlrpc calls - * - * Known limitations: - * - server must support system.methodsignature for the wanted xmlrpc method - * - for methods that expose many signatures, only one can be picked (we - * could in priciple check if signatures differ only by number of params - * and not by type, but it would be more complication than we can spare time) - * - nested xmlrpc params: the caller of the generated php function has to - * encode on its own the params passed to the php function if these are structs - * or arrays whose (sub)members include values of type datetime or base64 - * - * Notes: the connection properties of the given client will be copied - * and reused for the connection used during the call to the generated - * php function. - * Calling the generated php function 'might' be slow: a new xmlrpc client - * is created on every invocation and an xmlrpc-connection opened+closed. - * An extra 'debug' param is appended to param list of xmlrpc method, useful - * for debugging purposes. - * - * @param xmlrpc_client $client an xmlrpc client set up correctly to communicate with target server - * @param string $methodname the xmlrpc method to be mapped to a php function - * @param array $extra_options array of options that specify conversion details. valid ptions include - * integer signum the index of the method signature to use in mapping (if method exposes many sigs) - * integer timeout timeout (in secs) to be used when executing function/calling remote method - * string protocol 'http' (default), 'http11' or 'https' - * string new_function_name the name of php function to create. If unsepcified, lib will pick an appropriate name - * string return_source if true return php code w. function definition instead fo function name - * bool encode_php_objs let php objects be sent to server using the 'improved' xmlrpc notation, so server can deserialize them as php objects - * bool decode_php_objs --- WARNING !!! possible security hazard. only use it with trusted servers --- - * mixed return_on_fault a php value to be returned when the xmlrpc call fails/returns a fault response (by default the xmlrpcresp object is returned in this case). If a string is used, '%faultCode%' and '%faultString%' tokens will be substituted with actual error values - * bool debug set it to 1 or 2 to see debug results of querying server for method synopsis - * @return string the name of the generated php function (or false) - OR AN ARRAY... - */ - function wrap_xmlrpc_method($client, $methodname, $extra_options=0, $timeout=0, $protocol='', $newfuncname='') - { - // mind numbing: let caller use sane calling convention (as per javadoc, 3 params), - // OR the 2.0 calling convention (no ptions) - we really love backward compat, don't we? - if (!is_array($extra_options)) - { - $signum = $extra_options; - $extra_options = array(); - } - else - { - $signum = isset($extra_options['signum']) ? (int)$extra_options['signum'] : 0; - $timeout = isset($extra_options['timeout']) ? (int)$extra_options['timeout'] : 0; - $protocol = isset($extra_options['protocol']) ? $extra_options['protocol'] : ''; - $newfuncname = isset($extra_options['new_function_name']) ? $extra_options['new_function_name'] : ''; - } - //$encode_php_objects = in_array('encode_php_objects', $extra_options); - //$verbatim_client_copy = in_array('simple_client_copy', $extra_options) ? 1 : - // in_array('build_class_code', $extra_options) ? 2 : 0; - - $encode_php_objects = isset($extra_options['encode_php_objs']) ? (bool)$extra_options['encode_php_objs'] : false; - $decode_php_objects = isset($extra_options['decode_php_objs']) ? (bool)$extra_options['decode_php_objs'] : false; - $simple_client_copy = isset($extra_options['simple_client_copy']) ? (int)($extra_options['simple_client_copy']) : 0; - $buildit = isset($extra_options['return_source']) ? !($extra_options['return_source']) : true; - $prefix = isset($extra_options['prefix']) ? $extra_options['prefix'] : 'xmlrpc'; - if (isset($extra_options['return_on_fault'])) - { - $decode_fault = true; - $fault_response = $extra_options['return_on_fault']; - } - else - { - $decode_fault = false; - $fault_response = ''; - } - $debug = isset($extra_options['debug']) ? ($extra_options['debug']) : 0; - - $msgclass = $prefix.'msg'; - $valclass = $prefix.'val'; - $decodefunc = 'php_'.$prefix.'_decode'; - - $msg =& new $msgclass('system.methodSignature'); - $msg->addparam(new $valclass($methodname)); - $client->setDebug($debug); - $response =& $client->send($msg, $timeout, $protocol); - if($response->faultCode()) - { - error_log('XML-RPC: could not retrieve method signature from remote server for method '.$methodname); - return false; - } - else - { - $msig = $response->value(); - if ($client->return_type != 'phpvals') - { - $msig = $decodefunc($msig); - } - if(!is_array($msig) || count($msig) <= $signum) - { - error_log('XML-RPC: could not retrieve method signature nr.'.$signum.' from remote server for method '.$methodname); - return false; - } - else - { - // pick a suitable name for the new function, avoiding collisions - if($newfuncname != '') - { - $xmlrpcfuncname = $newfuncname; - } - else - { - // take care to insure that methodname is translated to valid - // php function name - $xmlrpcfuncname = $prefix.'_'.preg_replace(array('/\./', '/[^a-zA-Z0-9_\x7f-\xff]/'), - array('_', ''), $methodname); - } - while($buildit && function_exists($xmlrpcfuncname)) - { - $xmlrpcfuncname .= 'x'; - } - - $msig = $msig[$signum]; - $mdesc = ''; - // if in 'offline' mode, get method description too. - // in online mode, favour speed of operation - if(!$buildit) - { - $msg =& new $msgclass('system.methodHelp'); - $msg->addparam(new $valclass($methodname)); - $response =& $client->send($msg, $timeout, $protocol); - if (!$response->faultCode()) - { - $mdesc = $response->value(); - if ($client->return_type != 'phpvals') - { - $mdesc = $mdesc->scalarval(); - } - } - } - - $results = build_remote_method_wrapper_code($client, $methodname, - $xmlrpcfuncname, $msig, $mdesc, $timeout, $protocol, $simple_client_copy, - $prefix, $decode_php_objects, $encode_php_objects, $decode_fault, - $fault_response); - - //print_r($code); - if ($buildit) - { - $allOK = 0; - eval($results['source'].'$allOK=1;'); - // alternative - //$xmlrpcfuncname = create_function('$m', $innercode); - if($allOK) - { - return $xmlrpcfuncname; - } - else - { - error_log('XML-RPC: could not create function '.$xmlrpcfuncname.' to wrap remote method '.$methodname); - return false; - } - } - else - { - $results['function'] = $xmlrpcfuncname; - return $results; - } - } - } - } - - /** - * Similar to wrap_xmlrpc_method, but will generate a php class that wraps - * all xmlrpc methods exposed by the remote server as own methods. - * For more details see wrap_xmlrpc_method. - * @param xmlrpc_client $client the client obj all set to query the desired server - * @param array $extra_options list of options for wrapped code - * @return mixed false on error, the name of the created class if all ok or an array with code, class name and comments (if the appropriatevoption is set in extra_options) - */ - function wrap_xmlrpc_server($client, $extra_options=array()) - { - $methodfilter = isset($extra_options['method_filter']) ? $extra_options['method_filter'] : ''; - $signum = isset($extra_options['signum']) ? (int)$extra_options['signum'] : 0; - $timeout = isset($extra_options['timeout']) ? (int)$extra_options['timeout'] : 0; - $protocol = isset($extra_options['protocol']) ? $extra_options['protocol'] : ''; - $newclassname = isset($extra_options['new_class_name']) ? $extra_options['new_class_name'] : ''; - $encode_php_objects = isset($extra_options['encode_php_objs']) ? (bool)$extra_options['encode_php_objs'] : false; - $decode_php_objects = isset($extra_options['decode_php_objs']) ? (bool)$extra_options['decode_php_objs'] : false; - $verbatim_client_copy = isset($extra_options['simple_client_copy']) ? !($extra_options['simple_client_copy']) : true; - $buildit = isset($extra_options['return_source']) ? !($extra_options['return_source']) : true; - $prefix = isset($extra_options['prefix']) ? $extra_options['prefix'] : 'xmlrpc'; - - $msgclass = $prefix.'msg'; - //$valclass = $prefix.'val'; - $decodefunc = 'php_'.$prefix.'_decode'; - - $msg =& new $msgclass('system.listMethods'); - $response =& $client->send($msg, $timeout, $protocol); - if($response->faultCode()) - { - error_log('XML-RPC: could not retrieve method list from remote server'); - return false; - } - else - { - $mlist = $response->value(); - if ($client->return_type != 'phpvals') - { - $mlist = $decodefunc($mlist); - } - if(!is_array($mlist) || !count($mlist)) - { - error_log('XML-RPC: could not retrieve meaningful method list from remote server'); - return false; - } - else - { - // pick a suitable name for the new function, avoiding collisions - if($newclassname != '') - { - $xmlrpcclassname = $newclassname; - } - else - { - $xmlrpcclassname = $prefix.'_'.preg_replace(array('/\./', '/[^a-zA-Z0-9_\x7f-\xff]/'), - array('_', ''), $client->server).'_client'; - } - while($buildit && class_exists($xmlrpcclassname)) - { - $xmlrpcclassname .= 'x'; - } - - /// @todo add function setdebug() to new class, to enable/disable debugging - $source = "class $xmlrpcclassname\n{\nvar \$client;\n\n"; - $source .= "function $xmlrpcclassname()\n{\n"; - $source .= build_client_wrapper_code($client, $verbatim_client_copy, $prefix); - $source .= "\$this->client =& \$client;\n}\n\n"; - $opts = array('simple_client_copy' => 2, 'return_source' => true, - 'timeout' => $timeout, 'protocol' => $protocol, - 'encode_php_objs' => $encode_php_objects, 'prefix' => $prefix, - 'decode_php_objs' => $decode_php_objects - ); - /// @todo build javadoc for class definition, too - foreach($mlist as $mname) - { - if ($methodfilter == '' || preg_match($methodfilter, $mname)) - { - $opts['new_function_name'] = preg_replace(array('/\./', '/[^a-zA-Z0-9_\x7f-\xff]/'), - array('_', ''), $mname); - $methodwrap = wrap_xmlrpc_method($client, $mname, $opts); - if ($methodwrap) - { - if (!$buildit) - { - $source .= $methodwrap['docstring']; - } - $source .= $methodwrap['source']."\n"; - } - else - { - error_log('XML-RPC: will not create class method to wrap remote method '.$mname); - } - } - } - $source .= "}\n"; - if ($buildit) - { - $allOK = 0; - eval($source.'$allOK=1;'); - // alternative - //$xmlrpcfuncname = create_function('$m', $innercode); - if($allOK) - { - return $xmlrpcclassname; - } - else - { - error_log('XML-RPC: could not create class '.$xmlrpcclassname.' to wrap remote server '.$client->server); - return false; - } - } - else - { - return array('class' => $xmlrpcclassname, 'code' => $source, 'docstring' => ''); - } - } - } - } - - /** - * Given the necessary info, build php code that creates a new function to - * invoke a remote xmlrpc method. - * Take care that no full checking of input parameters is done to ensure that - * valid php code is emitted. - * Note: real spaghetti code follows... - * @access private - */ - function build_remote_method_wrapper_code($client, $methodname, $xmlrpcfuncname, - $msig, $mdesc='', $timeout=0, $protocol='', $client_copy_mode=0, $prefix='xmlrpc', - $decode_php_objects=false, $encode_php_objects=false, $decode_fault=false, - $fault_response='') - { - $code = "function $xmlrpcfuncname ("; - if ($client_copy_mode < 2) - { - // client copy mode 0 or 1 == partial / full client copy in emitted code - $innercode = build_client_wrapper_code($client, $client_copy_mode, $prefix); - $innercode .= "\$client->setDebug(\$debug);\n"; - $this_ = ''; - } - else - { - // client copy mode 2 == no client copy in emitted code - $innercode = ''; - $this_ = 'this->'; - } - $innercode .= "\$msg =& new {$prefix}msg('$methodname');\n"; - - if ($mdesc != '') - { - // take care that PHP comment is not terminated unwillingly by method description - $mdesc = "/**\n* ".str_replace('*/', '* /', $mdesc)."\n"; - } - else - { - $mdesc = "/**\nFunction $xmlrpcfuncname\n"; - } - - // param parsing - $plist = array(); - $pcount = count($msig); - for($i = 1; $i < $pcount; $i++) - { - $plist[] = "\$p$i"; - $ptype = $msig[$i]; - if($ptype == 'i4' || $ptype == 'int' || $ptype == 'boolean' || $ptype == 'double' || - $ptype == 'string' || $ptype == 'dateTime.iso8601' || $ptype == 'base64' || $ptype == 'null') - { - // only build directly xmlrpcvals when type is known and scalar - $innercode .= "\$p$i =& new {$prefix}val(\$p$i, '$ptype');\n"; - } - else - { - if ($encode_php_objects) - { - $innercode .= "\$p$i =& php_{$prefix}_encode(\$p$i, array('encode_php_objs'));\n"; - } - else - { - $innercode .= "\$p$i =& php_{$prefix}_encode(\$p$i);\n"; - } - } - $innercode .= "\$msg->addparam(\$p$i);\n"; - $mdesc .= '* @param '.xmlrpc_2_php_type($ptype)." \$p$i\n"; - } - if ($client_copy_mode < 2) - { - $plist[] = '$debug=0'; - $mdesc .= "* @param int \$debug when 1 (or 2) will enable debugging of the underlying {$prefix} call (defaults to 0)\n"; - } - $plist = implode(', ', $plist); - $mdesc .= '* @return '.xmlrpc_2_php_type($msig[0])." (or an {$prefix}resp obj instance if call fails)\n*/\n"; - - $innercode .= "\$res =& \${$this_}client->send(\$msg, $timeout, '$protocol');\n"; - if ($decode_fault) - { - if (is_string($fault_response) && ((strpos($fault_response, '%faultCode%') !== false) || (strpos($fault_response, '%faultString%') !== false))) - { - $respcode = "str_replace(array('%faultCode%', '%faultString%'), array(\$res->faultCode(), \$res->faultString()), '".str_replace("'", "''", $fault_response)."')"; - } - else - { - $respcode = var_export($fault_response, true); - } - } - else - { - $respcode = '$res'; - } - if ($decode_php_objects) - { - $innercode .= "if (\$res->faultcode()) return $respcode; else return php_{$prefix}_decode(\$res->value(), array('decode_php_objs'));"; - } - else - { - $innercode .= "if (\$res->faultcode()) return $respcode; else return php_{$prefix}_decode(\$res->value());"; - } - - $code = $code . $plist. ") {\n" . $innercode . "\n}\n"; - - return array('source' => $code, 'docstring' => $mdesc); - } - - /** - * Given necessary info, generate php code that will rebuild a client object - * Take care that no full checking of input parameters is done to ensure that - * valid php code is emitted. - * @access private - */ - function build_client_wrapper_code($client, $verbatim_client_copy, $prefix='xmlrpc') - { - $code = "\$client =& new {$prefix}_client('".str_replace("'", "\'", $client->path). - "', '" . str_replace("'", "\'", $client->server) . "', $client->port);\n"; - - // copy all client fields to the client that will be generated runtime - // (this provides for future expansion or subclassing of client obj) - if ($verbatim_client_copy) - { - foreach($client as $fld => $val) - { - if($fld != 'debug' && $fld != 'return_type') - { - $val = var_export($val, true); - $code .= "\$client->$fld = $val;\n"; - } - } - } - // only make sure that client always returns the correct data type - $code .= "\$client->return_type = '{$prefix}vals';\n"; - //$code .= "\$client->setDebug(\$debug);\n"; - return $code; - } -?> \ No newline at end of file diff --git a/central/trunk/xmlrpc/xmlrpcs.inc b/central/trunk/xmlrpc/xmlrpcs.inc deleted file mode 100644 index 9588919..0000000 --- a/central/trunk/xmlrpc/xmlrpcs.inc +++ /dev/null @@ -1,1193 +0,0 @@ - -// $Id: xmlrpcs.inc,v 1.69 2007/09/20 20:14:25 ggiunta Exp $ - -// Copyright (c) 1999,2000,2002 Edd Dumbill. -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions -// are met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following -// disclaimer in the documentation and/or other materials provided -// with the distribution. -// -// * Neither the name of the "XML-RPC for PHP" nor the names of its -// contributors may be used to endorse or promote products derived -// from this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -// REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -// OF THE POSSIBILITY OF SUCH DAMAGE. - - // XML RPC Server class - // requires: xmlrpc.inc - - $GLOBALS['xmlrpcs_capabilities'] = array( - // xmlrpc spec: always supported - 'xmlrpc' => new xmlrpcval(array( - 'specUrl' => new xmlrpcval('http://www.xmlrpc.com/spec', 'string'), - 'specVersion' => new xmlrpcval(1, 'int') - ), 'struct'), - // if we support system.xxx functions, we always support multicall, too... - // Note that, as of 2006/09/17, the following URL does not respond anymore - 'system.multicall' => new xmlrpcval(array( - 'specUrl' => new xmlrpcval('http://www.xmlrpc.com/discuss/msgReader$1208', 'string'), - 'specVersion' => new xmlrpcval(1, 'int') - ), 'struct'), - // introspection: version 2! we support 'mixed', too - 'introspection' => new xmlrpcval(array( - 'specUrl' => new xmlrpcval('http://phpxmlrpc.sourceforge.net/doc-2/ch10.html', 'string'), - 'specVersion' => new xmlrpcval(2, 'int') - ), 'struct') - ); - - /* Functions that implement system.XXX methods of xmlrpc servers */ - $_xmlrpcs_getCapabilities_sig=array(array($GLOBALS['xmlrpcStruct'])); - $_xmlrpcs_getCapabilities_doc='This method lists all the capabilites that the XML-RPC server has: the (more or less standard) extensions to the xmlrpc spec that it adheres to'; - $_xmlrpcs_getCapabilities_sdoc=array(array('list of capabilities, described as structs with a version number and url for the spec')); - function _xmlrpcs_getCapabilities($server, $m=null) - { - $outAr = $GLOBALS['xmlrpcs_capabilities']; - // NIL extension - if ($GLOBALS['xmlrpc_null_extension']) { - $outAr['nil'] = new xmlrpcval(array( - 'specUrl' => new xmlrpcval('http://www.ontosys.com/xml-rpc/extensions.php', 'string'), - 'specVersion' => new xmlrpcval(1, 'int') - ), 'struct'); - } - return new xmlrpcresp(new xmlrpcval($outAr, 'struct')); - } - - // listMethods: signature was either a string, or nothing. - // The useless string variant has been removed - $_xmlrpcs_listMethods_sig=array(array($GLOBALS['xmlrpcArray'])); - $_xmlrpcs_listMethods_doc='This method lists all the methods that the XML-RPC server knows how to dispatch'; - $_xmlrpcs_listMethods_sdoc=array(array('list of method names')); - function _xmlrpcs_listMethods($server, $m=null) // if called in plain php values mode, second param is missing - { - - $outAr=array(); - foreach($server->dmap as $key => $val) - { - $outAr[]=&new xmlrpcval($key, 'string'); - } - if($server->allow_system_funcs) - { - foreach($GLOBALS['_xmlrpcs_dmap'] as $key => $val) - { - $outAr[]=&new xmlrpcval($key, 'string'); - } - } - return new xmlrpcresp(new xmlrpcval($outAr, 'array')); - } - - $_xmlrpcs_methodSignature_sig=array(array($GLOBALS['xmlrpcArray'], $GLOBALS['xmlrpcString'])); - $_xmlrpcs_methodSignature_doc='Returns an array of known signatures (an array of arrays) for the method name passed. If no signatures are known, returns a none-array (test for type != array to detect missing signature)'; - $_xmlrpcs_methodSignature_sdoc=array(array('list of known signatures, each sig being an array of xmlrpc type names', 'name of method to be described')); - function _xmlrpcs_methodSignature($server, $m) - { - // let accept as parameter both an xmlrpcval or string - if (is_object($m)) - { - $methName=$m->getParam(0); - $methName=$methName->scalarval(); - } - else - { - $methName=$m; - } - if(strpos($methName, "system.") === 0) - { - $dmap=$GLOBALS['_xmlrpcs_dmap']; $sysCall=1; - } - else - { - $dmap=$server->dmap; $sysCall=0; - } - if(isset($dmap[$methName])) - { - if(isset($dmap[$methName]['signature'])) - { - $sigs=array(); - foreach($dmap[$methName]['signature'] as $inSig) - { - $cursig=array(); - foreach($inSig as $sig) - { - $cursig[]=&new xmlrpcval($sig, 'string'); - } - $sigs[]=&new xmlrpcval($cursig, 'array'); - } - $r=&new xmlrpcresp(new xmlrpcval($sigs, 'array')); - } - else - { - // NB: according to the official docs, we should be returning a - // "none-array" here, which means not-an-array - $r=&new xmlrpcresp(new xmlrpcval('undef', 'string')); - } - } - else - { - $r=&new xmlrpcresp(0,$GLOBALS['xmlrpcerr']['introspect_unknown'], $GLOBALS['xmlrpcstr']['introspect_unknown']); - } - return $r; - } - - $_xmlrpcs_methodHelp_sig=array(array($GLOBALS['xmlrpcString'], $GLOBALS['xmlrpcString'])); - $_xmlrpcs_methodHelp_doc='Returns help text if defined for the method passed, otherwise returns an empty string'; - $_xmlrpcs_methodHelp_sdoc=array(array('method description', 'name of the method to be described')); - function _xmlrpcs_methodHelp($server, $m) - { - // let accept as parameter both an xmlrpcval or string - if (is_object($m)) - { - $methName=$m->getParam(0); - $methName=$methName->scalarval(); - } - else - { - $methName=$m; - } - if(strpos($methName, "system.") === 0) - { - $dmap=$GLOBALS['_xmlrpcs_dmap']; $sysCall=1; - } - else - { - $dmap=$server->dmap; $sysCall=0; - } - if(isset($dmap[$methName])) - { - if(isset($dmap[$methName]['docstring'])) - { - $r=&new xmlrpcresp(new xmlrpcval($dmap[$methName]['docstring']), 'string'); - } - else - { - $r=&new xmlrpcresp(new xmlrpcval('', 'string')); - } - } - else - { - $r=&new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['introspect_unknown'], $GLOBALS['xmlrpcstr']['introspect_unknown']); - } - return $r; - } - - $_xmlrpcs_multicall_sig = array(array($GLOBALS['xmlrpcArray'], $GLOBALS['xmlrpcArray'])); - $_xmlrpcs_multicall_doc = 'Boxcar multiple RPC calls in one request. See http://www.xmlrpc.com/discuss/msgReader$1208 for details'; - $_xmlrpcs_multicall_sdoc = array(array('list of response structs, where each struct has the usual members', 'list of calls, with each call being represented as a struct, with members "methodname" and "params"')); - function _xmlrpcs_multicall_error($err) - { - if(is_string($err)) - { - $str = $GLOBALS['xmlrpcstr']["multicall_${err}"]; - $code = $GLOBALS['xmlrpcerr']["multicall_${err}"]; - } - else - { - $code = $err->faultCode(); - $str = $err->faultString(); - } - $struct = array(); - $struct['faultCode'] =& new xmlrpcval($code, 'int'); - $struct['faultString'] =& new xmlrpcval($str, 'string'); - return new xmlrpcval($struct, 'struct'); - } - - function _xmlrpcs_multicall_do_call($server, $call) - { - if($call->kindOf() != 'struct') - { - return _xmlrpcs_multicall_error('notstruct'); - } - $methName = @$call->structmem('methodName'); - if(!$methName) - { - return _xmlrpcs_multicall_error('nomethod'); - } - if($methName->kindOf() != 'scalar' || $methName->scalartyp() != 'string') - { - return _xmlrpcs_multicall_error('notstring'); - } - if($methName->scalarval() == 'system.multicall') - { - return _xmlrpcs_multicall_error('recursion'); - } - - $params = @$call->structmem('params'); - if(!$params) - { - return _xmlrpcs_multicall_error('noparams'); - } - if($params->kindOf() != 'array') - { - return _xmlrpcs_multicall_error('notarray'); - } - $numParams = $params->arraysize(); - - $msg =& new xmlrpcmsg($methName->scalarval()); - for($i = 0; $i < $numParams; $i++) - { - if(!$msg->addParam($params->arraymem($i))) - { - $i++; - return _xmlrpcs_multicall_error(new xmlrpcresp(0, - $GLOBALS['xmlrpcerr']['incorrect_params'], - $GLOBALS['xmlrpcstr']['incorrect_params'] . ": probable xml error in param " . $i)); - } - } - - $result = $server->execute($msg); - - if($result->faultCode() != 0) - { - return _xmlrpcs_multicall_error($result); // Method returned fault. - } - - return new xmlrpcval(array($result->value()), 'array'); - } - - function _xmlrpcs_multicall_do_call_phpvals($server, $call) - { - if(!is_array($call)) - { - return _xmlrpcs_multicall_error('notstruct'); - } - if(!array_key_exists('methodName', $call)) - { - return _xmlrpcs_multicall_error('nomethod'); - } - if (!is_string($call['methodName'])) - { - return _xmlrpcs_multicall_error('notstring'); - } - if($call['methodName'] == 'system.multicall') - { - return _xmlrpcs_multicall_error('recursion'); - } - if(!array_key_exists('params', $call)) - { - return _xmlrpcs_multicall_error('noparams'); - } - if(!is_array($call['params'])) - { - return _xmlrpcs_multicall_error('notarray'); - } - - // this is a real dirty and simplistic hack, since we might have received a - // base64 or datetime values, but they will be listed as strings here... - $numParams = count($call['params']); - $pt = array(); - foreach($call['params'] as $val) - $pt[] = php_2_xmlrpc_type(gettype($val)); - - $result = $server->execute($call['methodName'], $call['params'], $pt); - - if($result->faultCode() != 0) - { - return _xmlrpcs_multicall_error($result); // Method returned fault. - } - - return new xmlrpcval(array($result->value()), 'array'); - } - - function _xmlrpcs_multicall($server, $m) - { - $result = array(); - // let accept a plain list of php parameters, beside a single xmlrpc msg object - if (is_object($m)) - { - $calls = $m->getParam(0); - $numCalls = $calls->arraysize(); - for($i = 0; $i < $numCalls; $i++) - { - $call = $calls->arraymem($i); - $result[$i] = _xmlrpcs_multicall_do_call($server, $call); - } - } - else - { - $numCalls=count($m); - for($i = 0; $i < $numCalls; $i++) - { - $result[$i] = _xmlrpcs_multicall_do_call_phpvals($server, $m[$i]); - } - } - - return new xmlrpcresp(new xmlrpcval($result, 'array')); - } - - $GLOBALS['_xmlrpcs_dmap']=array( - 'system.listMethods' => array( - 'function' => '_xmlrpcs_listMethods', - 'signature' => $_xmlrpcs_listMethods_sig, - 'docstring' => $_xmlrpcs_listMethods_doc, - 'signature_docs' => $_xmlrpcs_listMethods_sdoc), - 'system.methodHelp' => array( - 'function' => '_xmlrpcs_methodHelp', - 'signature' => $_xmlrpcs_methodHelp_sig, - 'docstring' => $_xmlrpcs_methodHelp_doc, - 'signature_docs' => $_xmlrpcs_methodHelp_sdoc), - 'system.methodSignature' => array( - 'function' => '_xmlrpcs_methodSignature', - 'signature' => $_xmlrpcs_methodSignature_sig, - 'docstring' => $_xmlrpcs_methodSignature_doc, - 'signature_docs' => $_xmlrpcs_methodSignature_sdoc), - 'system.multicall' => array( - 'function' => '_xmlrpcs_multicall', - 'signature' => $_xmlrpcs_multicall_sig, - 'docstring' => $_xmlrpcs_multicall_doc, - 'signature_docs' => $_xmlrpcs_multicall_sdoc), - 'system.getCapabilities' => array( - 'function' => '_xmlrpcs_getCapabilities', - 'signature' => $_xmlrpcs_getCapabilities_sig, - 'docstring' => $_xmlrpcs_getCapabilities_doc, - 'signature_docs' => $_xmlrpcs_getCapabilities_sdoc) - ); - - $GLOBALS['_xmlrpcs_occurred_errors'] = ''; - $GLOBALS['_xmlrpcs_prev_ehandler'] = ''; - /** - * Error handler used to track errors that occur during server-side execution of PHP code. - * This allows to report back to the client whether an internal error has occurred or not - * using an xmlrpc response object, instead of letting the client deal with the html junk - * that a PHP execution error on the server generally entails. - * - * NB: in fact a user defined error handler can only handle WARNING, NOTICE and USER_* errors. - * - */ - function _xmlrpcs_errorHandler($errcode, $errstring, $filename=null, $lineno=null, $context=null) - { - // obey the @ protocol - if (error_reporting() == 0) - return; - - //if($errcode != E_NOTICE && $errcode != E_WARNING && $errcode != E_USER_NOTICE && $errcode != E_USER_WARNING) - if($errcode != 2048) // do not use E_STRICT by name, since on PHP 4 it will not be defined - { - $GLOBALS['_xmlrpcs_occurred_errors'] = $GLOBALS['_xmlrpcs_occurred_errors'] . $errstring . "\n"; - } - // Try to avoid as much as possible disruption to the previous error handling - // mechanism in place - if($GLOBALS['_xmlrpcs_prev_ehandler'] == '') - { - // The previous error handler was the default: all we should do is log error - // to the default error log (if level high enough) - if(ini_get('log_errors') && (intval(ini_get('error_reporting')) & $errcode)) - { - error_log($errstring); - } - } - else - { - // Pass control on to previous error handler, trying to avoid loops... - if($GLOBALS['_xmlrpcs_prev_ehandler'] != '_xmlrpcs_errorHandler') - { - // NB: this code will NOT work on php < 4.0.2: only 2 params were used for error handlers - if(is_array($GLOBALS['_xmlrpcs_prev_ehandler'])) - { - // the following works both with static class methods and plain object methods as error handler - call_user_func_array($GLOBALS['_xmlrpcs_prev_ehandler'], array($errcode, $errstring, $filename, $lineno, $context)); - } - else - { - $GLOBALS['_xmlrpcs_prev_ehandler']($errcode, $errstring, $filename, $lineno, $context); - } - } - } - } - - $GLOBALS['_xmlrpc_debuginfo']=''; - - /** - * Add a string to the debug info that can be later seralized by the server - * as part of the response message. - * Note that for best compatbility, the debug string should be encoded using - * the $GLOBALS['xmlrpc_internalencoding'] character set. - * @param string $m - * @access public - */ - function xmlrpc_debugmsg($m) - { - $GLOBALS['_xmlrpc_debuginfo'] .= $m . "\n"; - } - - class xmlrpc_server - { - /// array defining php functions exposed as xmlrpc methods by this server - var $dmap=array(); - /** - * Defines how functions in dmap will be invokde: either using an xmlrpc msg object - * or plain php values. - * valid strings are 'xmlrpcvals', 'phpvals' or 'epivals' - */ - var $functions_parameters_type='xmlrpcvals'; - /// controls wether the server is going to echo debugging messages back to the client as comments in response body. valid values: 0,1,2,3 - var $debug = 1; - /** - * When set to true, it will enable HTTP compression of the response, in case - * the client has declared its support for compression in the request. - */ - var $compress_response = false; - /** - * List of http compression methods accepted by the server for requests. - * NB: PHP supports deflate, gzip compressions out of the box if compiled w. zlib - */ - var $accepted_compression = array(); - /// shall we serve calls to system.* methods? - var $allow_system_funcs = true; - /// list of charset encodings natively accepted for requests - var $accepted_charset_encodings = array(); - /** - * charset encoding to be used for response. - * NB: if we can, we will convert the generated response from internal_encoding to the intended one. - * can be: a supported xml encoding (only UTF-8 and ISO-8859-1 at present, unless mbstring is enabled), - * null (leave unspecified in response, convert output stream to US_ASCII), - * 'default' (use xmlrpc library default as specified in xmlrpc.inc, convert output stream if needed), - * or 'auto' (use client-specified charset encoding or same as request if request headers do not specify it (unless request is US-ASCII: then use library default anyway). - * NB: pretty dangerous if you accept every charset and do not have mbstring enabled) - */ - var $response_charset_encoding = ''; - /// storage for internal debug info - var $debug_info = ''; - /// extra data passed at runtime to method handling functions. Used only by EPI layer - var $user_data = null; - - /** - * @param array $dispmap the dispatch map withd efinition of exposed services - * @param boolean $servicenow set to false to prevent the server from runnung upon construction - */ - function xmlrpc_server($dispMap=null, $serviceNow=true) - { - // if ZLIB is enabled, let the server by default accept compressed requests, - // and compress responses sent to clients that support them - if(function_exists('gzinflate')) - { - $this->accepted_compression = array('gzip', 'deflate'); - $this->compress_response = true; - } - - // by default the xml parser can support these 3 charset encodings - $this->accepted_charset_encodings = array('UTF-8', 'ISO-8859-1', 'US-ASCII'); - - // dispMap is a dispatch array of methods - // mapped to function names and signatures - // if a method - // doesn't appear in the map then an unknown - // method error is generated - /* milosch - changed to make passing dispMap optional. - * instead, you can use the class add_to_map() function - * to add functions manually (borrowed from SOAPX4) - */ - if($dispMap) - { - $this->dmap = $dispMap; - if($serviceNow) - { - $this->service(); - } - } - } - - /** - * Set debug level of server. - * @param integer $in debug lvl: determines info added to xmlrpc responses (as xml comments) - * 0 = no debug info, - * 1 = msgs set from user with debugmsg(), - * 2 = add complete xmlrpc request (headers and body), - * 3 = add also all processing warnings happened during method processing - * (NB: this involves setting a custom error handler, and might interfere - * with the standard processing of the php function exposed as method. In - * particular, triggering an USER_ERROR level error will not halt script - * execution anymore, but just end up logged in the xmlrpc response) - * Note that info added at elevel 2 and 3 will be base64 encoded - * @access public - */ - function setDebug($in) - { - $this->debug=$in; - } - - /** - * Return a string with the serialized representation of all debug info - * @param string $charset_encoding the target charset encoding for the serialization - * @return string an XML comment (or two) - */ - function serializeDebug($charset_encoding='') - { - // Tough encoding problem: which internal charset should we assume for debug info? - // It might contain a copy of raw data received from client, ie with unknown encoding, - // intermixed with php generated data and user generated data... - // so we split it: system debug is base 64 encoded, - // user debug info should be encoded by the end user using the INTERNAL_ENCODING - $out = ''; - if ($this->debug_info != '') - { - $out .= "\n"; - } - if($GLOBALS['_xmlrpc_debuginfo']!='') - { - - $out .= "\n"; - // NB: a better solution MIGHT be to use CDATA, but we need to insert it - // into return payload AFTER the beginning tag - //$out .= "', ']_]_>', $GLOBALS['_xmlrpc_debuginfo']) . "\n]]>\n"; - } - return $out; - } - - /** - * Execute the xmlrpc request, printing the response - * @param string $data the request body. If null, the http POST request will be examined - * @return xmlrpcresp the response object (usually not used by caller...) - * @access public - */ - function service($data=null, $return_payload=false) - { - if ($data === null) - { - // workaround for a known bug in php ver. 5.2.2 that broke $HTTP_RAW_POST_DATA - $ver = phpversion(); - if ($ver[0] >= 5) - { - $data = file_get_contents('php://input'); - } - else - { - $data = isset($GLOBALS['HTTP_RAW_POST_DATA']) ? $GLOBALS['HTTP_RAW_POST_DATA'] : ''; - } - } - $raw_data = $data; - - // reset internal debug info - $this->debug_info = ''; - - // Echo back what we received, before parsing it - if($this->debug > 1) - { - $this->debugmsg("+++GOT+++\n" . $data . "\n+++END+++"); - } - - $r = $this->parseRequestHeaders($data, $req_charset, $resp_charset, $resp_encoding); - if (!$r) - { - $r=$this->parseRequest($data, $req_charset); - } - - // save full body of request into response, for more debugging usages - $r->raw_data = $raw_data; - - if($this->debug > 2 && $GLOBALS['_xmlrpcs_occurred_errors']) - { - $this->debugmsg("+++PROCESSING ERRORS AND WARNINGS+++\n" . - $GLOBALS['_xmlrpcs_occurred_errors'] . "+++END+++"); - } - - $payload=$this->xml_header($resp_charset); - if($this->debug > 0) - { - $payload = $payload . $this->serializeDebug($resp_charset); - } - - // G. Giunta 2006-01-27: do not create response serialization if it has - // already happened. Helps building json magic - if (empty($r->payload)) - { - $r->serialize($resp_charset); - } - $payload = $payload . $r->payload; - - if ($return_payload) - { - return $payload; - } - - // if we get a warning/error that has output some text before here, then we cannot - // add a new header. We cannot say we are sending xml, either... - if(!headers_sent()) - { - header('Content-Type: '.$r->content_type); - // we do not know if client actually told us an accepted charset, but if he did - // we have to tell him what we did - header("Vary: Accept-Charset"); - - // http compression of output: only - // if we can do it, and we want to do it, and client asked us to, - // and php ini settings do not force it already - $php_no_self_compress = ini_get('zlib.output_compression') == '' && (ini_get('output_handler') != 'ob_gzhandler'); - if($this->compress_response && function_exists('gzencode') && $resp_encoding != '' - && $php_no_self_compress) - { - if(strpos($resp_encoding, 'gzip') !== false) - { - $payload = gzencode($payload); - header("Content-Encoding: gzip"); - header("Vary: Accept-Encoding"); - } - elseif (strpos($resp_encoding, 'deflate') !== false) - { - $payload = gzcompress($payload); - header("Content-Encoding: deflate"); - header("Vary: Accept-Encoding"); - } - } - - // do not ouput content-length header if php is compressing output for us: - // it will mess up measurements - if($php_no_self_compress) - { - header('Content-Length: ' . (int)strlen($payload)); - } - } - else - { - error_log('XML-RPC: xmlrpc_server::service: http headers already sent before response is fully generated. Check for php warning or error messages'); - } - - print $payload; - - // return request, in case subclasses want it - return $r; - } - - /** - * Add a method to the dispatch map - * @param string $methodname the name with which the method will be made available - * @param string $function the php function that will get invoked - * @param array $sig the array of valid method signatures - * @param string $doc method documentation - * @access public - */ - function add_to_map($methodname,$function,$sig=null,$doc='') - { - $this->dmap[$methodname] = array( - 'function' => $function, - 'docstring' => $doc - ); - if ($sig) - { - $this->dmap[$methodname]['signature'] = $sig; - } - } - - /** - * Verify type and number of parameters received against a list of known signatures - * @param array $in array of either xmlrpcval objects or xmlrpc type definitions - * @param array $sig array of known signatures to match against - * @access private - */ - function verifySignature($in, $sig) - { - // check each possible signature in turn - if (is_object($in)) - { - $numParams = $in->getNumParams(); - } - else - { - $numParams = count($in); - } - foreach($sig as $cursig) - { - if(count($cursig)==$numParams+1) - { - $itsOK=1; - for($n=0; $n<$numParams; $n++) - { - if (is_object($in)) - { - $p=$in->getParam($n); - if($p->kindOf() == 'scalar') - { - $pt=$p->scalartyp(); - } - else - { - $pt=$p->kindOf(); - } - } - else - { - $pt= $in[$n] == 'i4' ? 'int' : $in[$n]; // dispatch maps never use i4... - } - - // param index is $n+1, as first member of sig is return type - if($pt != $cursig[$n+1] && $cursig[$n+1] != $GLOBALS['xmlrpcValue']) - { - $itsOK=0; - $pno=$n+1; - $wanted=$cursig[$n+1]; - $got=$pt; - break; - } - } - if($itsOK) - { - return array(1,''); - } - } - } - if(isset($wanted)) - { - return array(0, "Wanted ${wanted}, got ${got} at param ${pno}"); - } - else - { - return array(0, "No method signature matches number of parameters"); - } - } - - /** - * Parse http headers received along with xmlrpc request. If needed, inflate request - * @return null on success or an xmlrpcresp - * @access private - */ - function parseRequestHeaders(&$data, &$req_encoding, &$resp_encoding, &$resp_compression) - { - // Play nice to PHP 4.0.x: superglobals were not yet invented... - if(!isset($_SERVER)) - { - $_SERVER = $GLOBALS['HTTP_SERVER_VARS']; - } - - if($this->debug > 1) - { - if(function_exists('getallheaders')) - { - $this->debugmsg(''); // empty line - foreach(getallheaders() as $name => $val) - { - $this->debugmsg("HEADER: $name: $val"); - } - } - - } - - if(isset($_SERVER['HTTP_CONTENT_ENCODING'])) - { - $content_encoding = str_replace('x-', '', $_SERVER['HTTP_CONTENT_ENCODING']); - } - else - { - $content_encoding = ''; - } - - // check if request body has been compressed and decompress it - if($content_encoding != '' && strlen($data)) - { - if($content_encoding == 'deflate' || $content_encoding == 'gzip') - { - // if decoding works, use it. else assume data wasn't gzencoded - if(function_exists('gzinflate') && in_array($content_encoding, $this->accepted_compression)) - { - if($content_encoding == 'deflate' && $degzdata = @gzuncompress($data)) - { - $data = $degzdata; - if($this->debug > 1) - { - $this->debugmsg("\n+++INFLATED REQUEST+++[".strlen($data)." chars]+++\n" . $data . "\n+++END+++"); - } - } - elseif($content_encoding == 'gzip' && $degzdata = @gzinflate(substr($data, 10))) - { - $data = $degzdata; - if($this->debug > 1) - $this->debugmsg("+++INFLATED REQUEST+++[".strlen($data)." chars]+++\n" . $data . "\n+++END+++"); - } - else - { - $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['server_decompress_fail'], $GLOBALS['xmlrpcstr']['server_decompress_fail']); - return $r; - } - } - else - { - //error_log('The server sent deflated data. Your php install must have the Zlib extension compiled in to support this.'); - $r =& new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['server_cannot_decompress'], $GLOBALS['xmlrpcstr']['server_cannot_decompress']); - return $r; - } - } - } - - // check if client specified accepted charsets, and if we know how to fulfill - // the request - if ($this->response_charset_encoding == 'auto') - { - $resp_encoding = ''; - if (isset($_SERVER['HTTP_ACCEPT_CHARSET'])) - { - // here we should check if we can match the client-requested encoding - // with the encodings we know we can generate. - /// @todo we should parse q=0.x preferences instead of getting first charset specified... - $client_accepted_charsets = explode(',', strtoupper($_SERVER['HTTP_ACCEPT_CHARSET'])); - // Give preference to internal encoding - $known_charsets = array($GLOBALS['xmlrpc_internalencoding'], 'UTF-8', 'ISO-8859-1', 'US-ASCII'); - foreach ($known_charsets as $charset) - { - foreach ($client_accepted_charsets as $accepted) - if (strpos($accepted, $charset) === 0) - { - $resp_encoding = $charset; - break; - } - if ($resp_encoding) - break; - } - } - } - else - { - $resp_encoding = $this->response_charset_encoding; - } - - if (isset($_SERVER['HTTP_ACCEPT_ENCODING'])) - { - $resp_compression = $_SERVER['HTTP_ACCEPT_ENCODING']; - } - else - { - $resp_compression = ''; - } - - // 'guestimate' request encoding - /// @todo check if mbstring is enabled and automagic input conversion is on: it might mingle with this check??? - $req_encoding = guess_encoding(isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : '', - $data); - - return null; - } - - /** - * Parse an xml chunk containing an xmlrpc request and execute the corresponding - * php function registered with the server - * @param string $data the xml request - * @param string $req_encoding (optional) the charset encoding of the xml request - * @return xmlrpcresp - * @access private - */ - function parseRequest($data, $req_encoding='') - { - // 2005/05/07 commented and moved into caller function code - //if($data=='') - //{ - // $data=$GLOBALS['HTTP_RAW_POST_DATA']; - //} - - // G. Giunta 2005/02/13: we do NOT expect to receive html entities - // so we do not try to convert them into xml character entities - //$data = xmlrpc_html_entity_xlate($data); - - $GLOBALS['_xh']=array(); - $GLOBALS['_xh']['ac']=''; - $GLOBALS['_xh']['stack']=array(); - $GLOBALS['_xh']['valuestack'] = array(); - $GLOBALS['_xh']['params']=array(); - $GLOBALS['_xh']['pt']=array(); - $GLOBALS['_xh']['isf']=0; - $GLOBALS['_xh']['isf_reason']=''; - $GLOBALS['_xh']['method']=false; // so we can check later if we got a methodname or not - $GLOBALS['_xh']['rt']=''; - - // decompose incoming XML into request structure - if ($req_encoding != '') - { - if (!in_array($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) - // the following code might be better for mb_string enabled installs, but - // makes the lib about 200% slower... - //if (!is_valid_charset($req_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) - { - error_log('XML-RPC: xmlrpc_server::parseRequest: invalid charset encoding of received request: '.$req_encoding); - $req_encoding = $GLOBALS['xmlrpc_defencoding']; - } - /// @BUG this will fail on PHP 5 if charset is not specified in the xml prologue, - // the encoding is not UTF8 and there are non-ascii chars in the text... - /// @todo use an ampty string for php 5 ??? - $parser = xml_parser_create($req_encoding); - } - else - { - $parser = xml_parser_create(); - } - - xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true); - // G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell - // the xml parser to give us back data in the expected charset - // What if internal encoding is not in one of the 3 allowed? - // we use the broadest one, ie. utf8 - // This allows to send data which is native in various charset, - // by extending xmlrpc_encode_entitites() and setting xmlrpc_internalencoding - if (!in_array($GLOBALS['xmlrpc_internalencoding'], array('UTF-8', 'ISO-8859-1', 'US-ASCII'))) - { - xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, 'UTF-8'); - } - else - { - xml_parser_set_option($parser, XML_OPTION_TARGET_ENCODING, $GLOBALS['xmlrpc_internalencoding']); - } - - if ($this->functions_parameters_type != 'xmlrpcvals') - xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee_fast'); - else - xml_set_element_handler($parser, 'xmlrpc_se', 'xmlrpc_ee'); - xml_set_character_data_handler($parser, 'xmlrpc_cd'); - xml_set_default_handler($parser, 'xmlrpc_dh'); - if(!xml_parse($parser, $data, 1)) - { - // return XML error as a faultCode - $r=&new xmlrpcresp(0, - $GLOBALS['xmlrpcerrxml']+xml_get_error_code($parser), - sprintf('XML error: %s at line %d, column %d', - xml_error_string(xml_get_error_code($parser)), - xml_get_current_line_number($parser), xml_get_current_column_number($parser))); - xml_parser_free($parser); - } - elseif ($GLOBALS['_xh']['isf']) - { - xml_parser_free($parser); - $r=&new xmlrpcresp(0, - $GLOBALS['xmlrpcerr']['invalid_request'], - $GLOBALS['xmlrpcstr']['invalid_request'] . ' ' . $GLOBALS['_xh']['isf_reason']); - } - else - { - xml_parser_free($parser); - if ($this->functions_parameters_type != 'xmlrpcvals') - { - if($this->debug > 1) - { - $this->debugmsg("\n+++PARSED+++\n".var_export($GLOBALS['_xh']['params'], true)."\n+++END+++"); - } - $r = $this->execute($GLOBALS['_xh']['method'], $GLOBALS['_xh']['params'], $GLOBALS['_xh']['pt']); - } - else - { - // build an xmlrpcmsg object with data parsed from xml - $m=&new xmlrpcmsg($GLOBALS['_xh']['method']); - // now add parameters in - for($i=0; $iaddParam($GLOBALS['_xh']['params'][$i]); - } - - if($this->debug > 1) - { - $this->debugmsg("\n+++PARSED+++\n".var_export($m, true)."\n+++END+++"); - } - $r = $this->execute($m); - } - } - return $r; - } - - /** - * Execute a method invoked by the client, checking parameters used - * @param mixed $m either an xmlrpcmsg obj or a method name - * @param array $params array with method parameters as php types (if m is method name only) - * @param array $paramtypes array with xmlrpc types of method parameters (if m is method name only) - * @return xmlrpcresp - * @access private - */ - function execute($m, $params=null, $paramtypes=null) - { - if (is_object($m)) - { - $methName = $m->method(); - } - else - { - $methName = $m; - } - $sysCall = $this->allow_system_funcs && (strpos($methName, "system.") === 0); - $dmap = $sysCall ? $GLOBALS['_xmlrpcs_dmap'] : $this->dmap; - - if(!isset($dmap[$methName]['function'])) - { - // No such method - return new xmlrpcresp(0, - $GLOBALS['xmlrpcerr']['unknown_method'], - $GLOBALS['xmlrpcstr']['unknown_method']); - } - - // Check signature - if(isset($dmap[$methName]['signature'])) - { - $sig = $dmap[$methName]['signature']; - if (is_object($m)) - { - list($ok, $errstr) = $this->verifySignature($m, $sig); - } - else - { - list($ok, $errstr) = $this->verifySignature($paramtypes, $sig); - } - if(!$ok) - { - // Didn't match. - return new xmlrpcresp( - 0, - $GLOBALS['xmlrpcerr']['incorrect_params'], - $GLOBALS['xmlrpcstr']['incorrect_params'] . ": ${errstr}" - ); - } - } - - $func = $dmap[$methName]['function']; - // let the 'class::function' syntax be accepted in dispatch maps - if(is_string($func) && strpos($func, '::')) - { - $func = explode('::', $func); - } - // verify that function to be invoked is in fact callable - if(!is_callable($func)) - { - error_log("XML-RPC: xmlrpc_server::execute: function $func registered as method handler is not callable"); - return new xmlrpcresp( - 0, - $GLOBALS['xmlrpcerr']['server_error'], - $GLOBALS['xmlrpcstr']['server_error'] . ": no function matches method" - ); - } - - // If debug level is 3, we should catch all errors generated during - // processing of user function, and log them as part of response - if($this->debug > 2) - { - $GLOBALS['_xmlrpcs_prev_ehandler'] = set_error_handler('_xmlrpcs_errorHandler'); - } - if (is_object($m)) - { - if($sysCall) - { - $r = call_user_func($func, $this, $m); - } - else - { - $r = call_user_func($func, $m); - } - if (!is_a($r, 'xmlrpcresp')) - { - error_log("XML-RPC: xmlrpc_server::execute: function $func registered as method handler does not return an xmlrpcresp object"); - if (is_a($r, 'xmlrpcval')) - { - $r =& new xmlrpcresp($r); - } - else - { - $r =& new xmlrpcresp( - 0, - $GLOBALS['xmlrpcerr']['server_error'], - $GLOBALS['xmlrpcstr']['server_error'] . ": function does not return xmlrpcresp object" - ); - } - } - } - else - { - // call a 'plain php' function - if($sysCall) - { - array_unshift($params, $this); - $r = call_user_func_array($func, $params); - } - else - { - // 3rd API convention for method-handling functions: EPI-style - if ($this->functions_parameters_type == 'epivals') - { - $r = call_user_func_array($func, array($methName, $params, $this->user_data)); - // mimic EPI behaviour: if we get an array that looks like an error, make it - // an eror response - if (is_array($r) && array_key_exists('faultCode', $r) && array_key_exists('faultString', $r)) - { - $r =& new xmlrpcresp(0, (integer)$r['faultCode'], (string)$r['faultString']); - } - else - { - // functions using EPI api should NOT return resp objects, - // so make sure we encode the return type correctly - $r =& new xmlrpcresp(php_xmlrpc_encode($r, array('extension_api'))); - } - } - else - { - $r = call_user_func_array($func, $params); - } - } - // the return type can be either an xmlrpcresp object or a plain php value... - if (!is_a($r, 'xmlrpcresp')) - { - // what should we assume here about automatic encoding of datetimes - // and php classes instances??? - $r =& new xmlrpcresp(php_xmlrpc_encode($r, array('auto_dates'))); - } - } - if($this->debug > 2) - { - // note: restore the error handler we found before calling the - // user func, even if it has been changed inside the func itself - if($GLOBALS['_xmlrpcs_prev_ehandler']) - { - set_error_handler($GLOBALS['_xmlrpcs_prev_ehandler']); - } - else - { - restore_error_handler(); - } - } - return $r; - } - - /** - * add a string to the 'internal debug message' (separate from 'user debug message') - * @param string $strings - * @access private - */ - function debugmsg($string) - { - $this->debug_info .= $string."\n"; - } - - /** - * @access private - */ - function xml_header($charset_encoding='') - { - if ($charset_encoding != '') - { - return "\n"; - } - else - { - return "\n"; - } - } - - /** - * A debugging routine: just echoes back the input packet as a string value - * DEPRECATED! - */ - function echoInput() - { - $r=&new xmlrpcresp(new xmlrpcval( "'Aha said I: '" . $GLOBALS['HTTP_RAW_POST_DATA'], 'string')); - print $r->serialize(); - } - } -?> \ No newline at end of file -- cgit 1.4.1