/** * __construct() test */ public function testConstructorOptionallySetsMethodAndParams() { $r = new Request(); $this->assertEquals('', $r->getMethod()); $this->assertEquals(array(), $r->getParams()); $method = 'foo.bar'; $params = array('baz', 1, array('foo' => 'bar')); $r = new Request($method, $params); $this->assertEquals($method, $r->getMethod()); $this->assertEquals($params, $r->getParams()); }
/** * @group ZF-12293 * * Test should remain, but is defunct since DOCTYPE presence should return FALSE * from loadXml() */ public function testDoesNotAllowExternalEntities() { $payload = file_get_contents(dirname(__FILE__) . '/_files/ZF12293-request.xml'); $payload = sprintf($payload, 'file://' . realpath(dirname(__FILE__) . '/_files/ZF12293-payload.txt')); $this->_request->loadXml($payload); $method = $this->_request->getMethod(); $this->assertTrue(empty($method)); if (is_string($method)) { $this->assertNotContains('Local file inclusion', $method); } }
/** * Handle an xmlrpc call (actual work) * * @param Request $request * @return Response * @throws Server\Exception\RuntimeException * Zend\XmlRpc\Server\Exceptions are thrown for internal errors; otherwise, * any other exception may be thrown by the callback */ protected function handleRequest(Request $request) { $method = $request->getMethod(); // Check for valid method if (!$this->table->hasMethod($method)) { throw new Server\Exception\RuntimeException('Method "' . $method . '" does not exist', 620); } $info = $this->table->getMethod($method); $params = $request->getParams(); $argv = $info->getInvokeArguments(); if (0 < count($argv) and $this->sendArgumentsToAllMethods()) { $params = array_merge($params, $argv); } // Check calling parameters against signatures $matched = false; $sigCalled = $request->getTypes(); $sigLength = count($sigCalled); $paramsLen = count($params); if ($sigLength < $paramsLen) { for ($i = $sigLength; $i < $paramsLen; ++$i) { $xmlRpcValue = AbstractValue::getXmlRpcValue($params[$i]); $sigCalled[] = $xmlRpcValue->getType(); } } $signatures = $info->getPrototypes(); foreach ($signatures as $signature) { $sigParams = $signature->getParameters(); if ($sigCalled === $sigParams) { $matched = true; break; } } if (!$matched) { throw new Server\Exception\RuntimeException('Calling parameters do not match signature', 623); } $return = $this->_dispatch($info, $params); $responseClass = $this->getResponseClass(); return new $responseClass($return); }