Exemple #1
0
 /**
  * Constructor for the Exception class. This is how you build a new
  * error instance.
  * 
  * @param string $code The code string to return to the flash client :: THIS SHOULD PROBABLY BE SET AUTOMATICALLY ::
  * @param string $description A short reason why the error occured
  * @param string $file The file name that the error occured
  * @param int $line The line number where the error was detected
  */
 function AMFException($code, $description, $file, $line, $detailCode = 'AMFPHP_RUNTIME_ERROR')
 {
     $this->code = $detailCode;
     $this->description = $description;
     // pass the description
     $this->details = $file;
     // pass the details
     $this->level = AMFException::getFriendlyError($code);
     $this->line = $line;
     // pass the line number
 }
Exemple #2
0
/**
 * PHP5 SOAP implementation
 */
function webServiceAction_php5(&$amfbody, $webServiceURI, $webServiceMethod, $args, $phpInternalEncoding)
{
    //Note that encoding is set to php internal encoding,
    //As SoapClient always sends and receives stuff in UTF-8 anyway
    if (class_exists('SoapClient')) {
        $client = new SoapClient($webServiceURI, array("exceptions" => 0, "trace" => 1, "encoding" => $phpInternalEncoding));
        $response = $client->__soapCall($webServiceMethod, $args[0]);
        if (is_soap_fault($response)) {
            $ex = new AMFException(E_USER_ERROR, "SOAP error: " . $client->__getLastResponse(), __FILE__, __LINE__, "AMFPHP_SOAP_ERROR");
            AMFException::throwException($amfbody, $ex);
        }
        return $response;
    } else {
        $ex = new AMFException(E_USER_ERROR, "PHP5 SoapClient is not installed", __FILE__, __LINE__, "AMFPHP_SOAP_NOT_INSTALLED_ERROR");
        AMFException::throwException($amfbody, $ex);
    }
}
 function doAction(&$bodyObj)
 {
     $className = str_replace('.php', '', str_replace('/', '.', $bodyObj->getUriClassPath()));
     $method = $bodyObj->getMethodName();
     $args = $bodyObj->getValue();
     if (!$bodyObj->getIgnoreExecution()) {
         if ($bodyObj->getIsDynamicPage()) {
             $offset = $args[count($args) - 2] - 1;
             $limit = $args[count($args) - 1];
             array_splice($args, -2);
         } else {
             $offset = 0;
             $limit = 3;
         }
         try {
             $records = $this->getRecords($className, $method, $args);
         } catch (Exception $fault) {
             $ex = new AMFException(E_USER_ERROR, $fault->getMessage(), $fault->getFile(), $fault->getLine());
             $records = '__amfphp_error';
             AMFException::throwException($bodyObj, $ex);
         }
         if ($records !== '__amfphp_error') {
             $dataSet = array_slice($records, $offset, $limit);
             $keys = array_keys($dataSet[0]);
             array_pop($keys);
             if ($bodyObj->getIsDynamicPage()) {
                 $results = array("cursor" => $args[count($args) - 2] + 1, "data" => new Arrayf($dataSet, $keys));
                 $bodyObj->setType("__DYNAMIC_PAGE__");
             } else {
                 $results = array('class' => $bodyObj->getUriClassPath(), 'method' => $bodyObj->getMethodName(), 'count' => count($records), "args" => $args, "data" => new Arrayf($dataSet, $keys));
                 $bodyObj->setType('__DYNAMIC_PAGEABLE_RESULTSET__');
             }
             $bodyObj->setResults($results);
             $bodyObj->setResponseURI($bodyObj->getResponseIndex() . "/onResult");
         }
     } else {
         if ($bodyObj->getIsDynamicPage()) {
             $bodyObj->setResults(true);
             $bodyObj->setType('boolean');
             $bodyObj->setResponseURI($bodyObj->getResponseIndex() . "/onResult");
         }
     }
     return true;
 }
Exemple #4
0
function reportExceptions($code, $descr, $filename, $line)
{
    // obey error_level set by system/user
    if (!($code & error_reporting())) {
        return;
    }
    // build a new AMFObject
    $amfout = new AMFObject("");
    // init a new error info object
    $error = array();
    // pass the code
    $error["code"] = "AMFPHP_RUNTIME_ERROR";
    // pass the description
    $error["description"] = $descr;
    // pass the details
    $error["details"] = $filename;
    // pass the level
    $error["level"] = AMFException::getFriendlyError($code);
    // pass the line number
    $error["line"] = $line;
    // add the error object to the body of the AMFObject
    $amfbody = new AMFBody(NULL, $GLOBALS['amfphp']['lastMethodCall']);
    $amfbody->setResults($error);
    $amfout->addBody($amfbody);
    // Add the trace headers we have so far while we're at it
    debugFilter($amfout);
    // create a new serializer
    $serializer = new AMFSerializer();
    // serialize the data
    $data = $serializer->serialize($amfout);
    // send the correct header
    header('Content-type: application/x-amf');
    // flush the amf data to the client.
    print $data;
    // kill the system after we find a single error
    exit;
}
Exemple #5
0
 /**
  * Include a class
  * If there is an error, catch and return to caller
  */
 function includeClass(&$bodyObj, $location)
 {
     $included = false;
     try {
         include_once $location;
         $included = true;
     } catch (Exception $fault) {
         $included = false;
         if (get_class($fault) == "VerboseException") {
             $ex = new AMFException($fault->code, $fault->getMessage(), $fault->file, $fault->line, 'AMFPHP_INCLUDE_ERROR');
         } else {
             $ex = new AMFException(E_USER_ERROR, $fault->getMessage(), $fault->getFile(), $fault->getLine(), 'AMFPHP_INCLUDE_ERROR');
         }
         AMFException::throwException($bodyObj, $ex);
     }
     return $included;
 }
Exemple #6
0
/**
 * Security action checks that the caller has the credentials to run the remote methods
 */
function securityAction(&$amfbody)
{
    $check = true;
    if (!$amfbody->noExec) {
        $classConstruct =& $amfbody->getClassConstruct();
        $methodName = $amfbody->methodName;
        $className = $amfbody->className;
        if ($methodName == "_authenticate") {
            if (method_exists($classConstruct, "_authenticate")) {
                $credentials = $amfbody->getValue();
                //Fix for error in _authenticate
                //Pass throught the executive
                $roles = Executive::doMethodCall($amfbody, $classConstruct, '_authenticate', array($credentials['userid'], $credentials['password']));
                if ($roles !== '__amfphp_error' && $roles !== false && $roles !== "") {
                    Authenticate::login($credentials['userid'], $roles);
                    return false;
                } else {
                    Authenticate::logout();
                    return false;
                }
            } else {
                $ex = new AMFException(E_USER_ERROR, "The _authenticate method was not found in the " . $className . " class", __FILE__, __LINE__, "AMFPHP_AUTHENTICATE_NOT_FOUND");
                AMFException::throwException($amfbody, $ex);
                return false;
            }
        }
        //else
        //Check for gateway restrictions
        $methodRecord = $classConstruct->methodTable[$methodName];
        // create a shortcut for the ugly path
        $instanceName = $GLOBALS['amfphp']['instanceName'];
        if (isset($instanceName) && isset($methodRecord['instance'])) {
            // see if we have an instance defined
            if ($instanceName != $methodRecord['instance']) {
                // if the names don't match die
                $ex = new AMFException(E_USER_ERROR, "The method {" . $methodName . "} instance name does not match this gateway's instance name.", __FILE__, __LINE__, "AMFPHP_INSTANCE_NAME_MISMATCH");
                AMFException::throwException($amfbody, $ex);
                return false;
            }
        } else {
            if (isset($methodRecord['instance'])) {
                // see if the method has an instance defined
                if ($instanceName != $methodRecord['instance']) {
                    // if the names don't match die
                    $ex = new AMFException(E_USER_ERROR, "The restricted method {" . $methodName . "} is not allowed through a non-restricted gateway.", __FILE__, __LINE__, "AMFPHP_INSTANCE_NAME_RESTRICTION");
                    AMFException::throwException($amfbody, $ex);
                    return false;
                }
            }
        }
        if (!isset($methodRecord['access']) || strtolower($methodRecord['access']) != "remote") {
            // make sure we can remotely call it
            $ex = new AMFException(E_USER_ERROR, "ACCESS DENIED: The method {" . $methodName . "} has not been declared a remote method.", __FILE__, __LINE__, "AMFPHP_METHOD_NOT_REMOTE");
            AMFException::throwException($amfbody, $ex);
            return false;
        }
        if (isset($methodRecord['roles']) && !Authenticate::isUserInRole($methodRecord['roles'])) {
            $ex = new AMFException(E_USER_ERROR, "This user is not does not have access to {" . $methodName . "}.", __FILE__, __LINE__, "AMFPHP_AUTH_MISMATCH");
            AMFException::throwException($amfbody, $ex);
            return false;
        }
    }
    return true;
}