/**
* Constructor for the Exception class. This is how you build a new
* error instance.
*
* @param string $code The code string to return to the flash client :: THIS SHOULD PROBABLY BE SET AUTOMATICALLY ::
* @param string $description A short reason why the error occured
* @param string $file The file name that the error occured
* @param int $line The line number where the error was detected
*/
function AMFException($code, $description, $file, $line, $detailCode = 'AMFPHP_RUNTIME_ERROR')
{
$this->code = $detailCode;
$this->description = $description;
// pass the description
$this->details = $file;
// pass the details
$this->level = AMFException::getFriendlyError($code);
$this->line = $line;
// pass the line number
}
/**
* PHP5 SOAP implementation
*/
function webServiceAction_php5(&$amfbody, $webServiceURI, $webServiceMethod, $args, $phpInternalEncoding)
{
//Note that encoding is set to php internal encoding,
//As SoapClient always sends and receives stuff in UTF-8 anyway
if (class_exists('SoapClient')) {
$client = new SoapClient($webServiceURI, array("exceptions" => 0, "trace" => 1, "encoding" => $phpInternalEncoding));
$response = $client->__soapCall($webServiceMethod, $args[0]);
if (is_soap_fault($response)) {
$ex = new AMFException(E_USER_ERROR, "SOAP error: " . $client->__getLastResponse(), __FILE__, __LINE__, "AMFPHP_SOAP_ERROR");
AMFException::throwException($amfbody, $ex);
}
return $response;
} else {
$ex = new AMFException(E_USER_ERROR, "PHP5 SoapClient is not installed", __FILE__, __LINE__, "AMFPHP_SOAP_NOT_INSTALLED_ERROR");
AMFException::throwException($amfbody, $ex);
}
}
function doAction(&$bodyObj)
{
$className = str_replace('.php', '', str_replace('/', '.', $bodyObj->getUriClassPath()));
$method = $bodyObj->getMethodName();
$args = $bodyObj->getValue();
if (!$bodyObj->getIgnoreExecution()) {
if ($bodyObj->getIsDynamicPage()) {
$offset = $args[count($args) - 2] - 1;
$limit = $args[count($args) - 1];
array_splice($args, -2);
} else {
$offset = 0;
$limit = 3;
}
try {
$records = $this->getRecords($className, $method, $args);
} catch (Exception $fault) {
$ex = new AMFException(E_USER_ERROR, $fault->getMessage(), $fault->getFile(), $fault->getLine());
$records = '__amfphp_error';
AMFException::throwException($bodyObj, $ex);
}
if ($records !== '__amfphp_error') {
$dataSet = array_slice($records, $offset, $limit);
$keys = array_keys($dataSet[0]);
array_pop($keys);
if ($bodyObj->getIsDynamicPage()) {
$results = array("cursor" => $args[count($args) - 2] + 1, "data" => new Arrayf($dataSet, $keys));
$bodyObj->setType("__DYNAMIC_PAGE__");
} else {
$results = array('class' => $bodyObj->getUriClassPath(), 'method' => $bodyObj->getMethodName(), 'count' => count($records), "args" => $args, "data" => new Arrayf($dataSet, $keys));
$bodyObj->setType('__DYNAMIC_PAGEABLE_RESULTSET__');
}
$bodyObj->setResults($results);
$bodyObj->setResponseURI($bodyObj->getResponseIndex() . "/onResult");
}
} else {
if ($bodyObj->getIsDynamicPage()) {
$bodyObj->setResults(true);
$bodyObj->setType('boolean');
$bodyObj->setResponseURI($bodyObj->getResponseIndex() . "/onResult");
}
}
return true;
}
function reportExceptions($code, $descr, $filename, $line)
{
// obey error_level set by system/user
if (!($code & error_reporting())) {
return;
}
// build a new AMFObject
$amfout = new AMFObject("");
// init a new error info object
$error = array();
// pass the code
$error["code"] = "AMFPHP_RUNTIME_ERROR";
// pass the description
$error["description"] = $descr;
// pass the details
$error["details"] = $filename;
// pass the level
$error["level"] = AMFException::getFriendlyError($code);
// pass the line number
$error["line"] = $line;
// add the error object to the body of the AMFObject
$amfbody = new AMFBody(NULL, $GLOBALS['amfphp']['lastMethodCall']);
$amfbody->setResults($error);
$amfout->addBody($amfbody);
// Add the trace headers we have so far while we're at it
debugFilter($amfout);
// create a new serializer
$serializer = new AMFSerializer();
// serialize the data
$data = $serializer->serialize($amfout);
// send the correct header
header('Content-type: application/x-amf');
// flush the amf data to the client.
print $data;
// kill the system after we find a single error
exit;
}
/**
* Include a class
* If there is an error, catch and return to caller
*/
function includeClass(&$bodyObj, $location)
{
$included = false;
try {
include_once $location;
$included = true;
} catch (Exception $fault) {
$included = false;
if (get_class($fault) == "VerboseException") {
$ex = new AMFException($fault->code, $fault->getMessage(), $fault->file, $fault->line, 'AMFPHP_INCLUDE_ERROR');
} else {
$ex = new AMFException(E_USER_ERROR, $fault->getMessage(), $fault->getFile(), $fault->getLine(), 'AMFPHP_INCLUDE_ERROR');
}
AMFException::throwException($bodyObj, $ex);
}
return $included;
}
/**
* Security action checks that the caller has the credentials to run the remote methods
*/
function securityAction(&$amfbody)
{
$check = true;
if (!$amfbody->noExec) {
$classConstruct =& $amfbody->getClassConstruct();
$methodName = $amfbody->methodName;
$className = $amfbody->className;
if ($methodName == "_authenticate") {
if (method_exists($classConstruct, "_authenticate")) {
$credentials = $amfbody->getValue();
//Fix for error in _authenticate
//Pass throught the executive
$roles = Executive::doMethodCall($amfbody, $classConstruct, '_authenticate', array($credentials['userid'], $credentials['password']));
if ($roles !== '__amfphp_error' && $roles !== false && $roles !== "") {
Authenticate::login($credentials['userid'], $roles);
return false;
} else {
Authenticate::logout();
return false;
}
} else {
$ex = new AMFException(E_USER_ERROR, "The _authenticate method was not found in the " . $className . " class", __FILE__, __LINE__, "AMFPHP_AUTHENTICATE_NOT_FOUND");
AMFException::throwException($amfbody, $ex);
return false;
}
}
//else
//Check for gateway restrictions
$methodRecord = $classConstruct->methodTable[$methodName];
// create a shortcut for the ugly path
$instanceName = $GLOBALS['amfphp']['instanceName'];
if (isset($instanceName) && isset($methodRecord['instance'])) {
// see if we have an instance defined
if ($instanceName != $methodRecord['instance']) {
// if the names don't match die
$ex = new AMFException(E_USER_ERROR, "The method {" . $methodName . "} instance name does not match this gateway's instance name.", __FILE__, __LINE__, "AMFPHP_INSTANCE_NAME_MISMATCH");
AMFException::throwException($amfbody, $ex);
return false;
}
} else {
if (isset($methodRecord['instance'])) {
// see if the method has an instance defined
if ($instanceName != $methodRecord['instance']) {
// if the names don't match die
$ex = new AMFException(E_USER_ERROR, "The restricted method {" . $methodName . "} is not allowed through a non-restricted gateway.", __FILE__, __LINE__, "AMFPHP_INSTANCE_NAME_RESTRICTION");
AMFException::throwException($amfbody, $ex);
return false;
}
}
}
if (!isset($methodRecord['access']) || strtolower($methodRecord['access']) != "remote") {
// make sure we can remotely call it
$ex = new AMFException(E_USER_ERROR, "ACCESS DENIED: The method {" . $methodName . "} has not been declared a remote method.", __FILE__, __LINE__, "AMFPHP_METHOD_NOT_REMOTE");
AMFException::throwException($amfbody, $ex);
return false;
}
if (isset($methodRecord['roles']) && !Authenticate::isUserInRole($methodRecord['roles'])) {
$ex = new AMFException(E_USER_ERROR, "This user is not does not have access to {" . $methodName . "}.", __FILE__, __LINE__, "AMFPHP_AUTH_MISMATCH");
AMFException::throwException($amfbody, $ex);
return false;
}
}
return true;
}