/**
* Adds debugging information to outgoing packet
*/
function debugFilter(&$amf)
{
//Add trace headers before outputting
if (!$GLOBALS['amfphp']['isFlashComm'] && !$GLOBALS['amfphp']['disableTrace']) {
$headerresults = array();
// create a result array
$headerresults[0] = array();
// create a sub array in results (CF seems to do this, don't know why)
if (count(NetDebug::getTraceStack()) != 0) {
$ts = NetDebug::getTraceStack();
$headerresults[0][] = new TraceHeader($ts);
}
if (Headers::getHeader("serviceBrowser") == true) {
global $amfphp;
$amfphp['totalTime'] = microtime_float() - $amfphp['startTime'];
$headerresults[0][] = new ProfilingHeader();
}
//Get the last body in the stack
if (count($headerresults[0]) > 0) {
$body =& $amf->getBodyAt($amf->numBody() - 1);
$headers = new MessageBody(NULL, $body->responseIndex, NULL);
// create a new amf body
$headers->responseURI = $body->responseIndex . "/onDebugEvents";
// set the response uri of this body
$headers->setResults($headerresults);
// set the results.
$amf->addBodyAt(0, $headers);
}
}
}
/**
* The service method runs the gateway application. It turns the gateway 'on'. You
* have to call the service method as the last line of the gateway script after all of the
* gateway configuration properties have been set.
*
* Right now the service method also includes a very primitive debugging mode that
* just dumps the raw amf input and output to files. This may change in later versions.
* The debugging implementation is NOT thread safe so be aware of file corruptions that
* may occur in concurrent environments.
*/
function service()
{
//Set the parameters for the charset handler
CharsetHandler::setMethod($this->_charsetMethod);
CharsetHandler::setPhpCharset($this->_charsetPhp);
CharsetHandler::setSqlCharset($this->_charsetSql);
//Attempt to call charset handler to catch any uninstalled extensions
$ch = new CharsetHandler('flashtophp');
$ch->transliterate('?');
$ch2 = new CharsetHandler('sqltophp');
$ch2->transliterate('?');
$GLOBALS['amfphp']['actions'] = $this->actions;
if (!isset($GLOBALS['HTTP_RAW_POST_DATA'])) {
$GLOBALS['HTTP_RAW_POST_DATA'] = file_get_contents('php://input');
}
if (isset($GLOBALS["HTTP_RAW_POST_DATA"]) && $GLOBALS["HTTP_RAW_POST_DATA"] != "") {
//Start NetDebug
NetDebug::initialize();
error_reporting($GLOBALS['amfphp']['errorLevel']);
//Enable loose mode if requested
if ($this->_looseMode) {
ob_start();
}
$amf = new AMFObject($GLOBALS["HTTP_RAW_POST_DATA"]);
// create the amf object
if ($this->incomingMessagesFolder != NULL) {
$mt = microtime();
$pieces = explode(' ', $mt);
file_put_contents($this->incomingMessagesFolder . 'in.' . $pieces[1] . '.' . substr($pieces[0], 2) . ".amf", $GLOBALS["HTTP_RAW_POST_DATA"]);
}
foreach ($this->filters as $key => $filter) {
$filter($amf);
// invoke the first filter in the chain
}
$output = $amf->outputStream;
// grab the output stream
//Clear the current output buffer if requested
if ($this->_looseMode) {
ob_end_clean();
}
//Send content length header
//Thanks to Alec Horley for pointing out the necessity
//of this for FlashComm support
header(AMFPHP_CONTENT_TYPE);
// define the proper header
if (Headers::getHeader('serviceBrowser') == true) {
//Add the total time header
$toAddPos = strpos($output, "СА");
$time = (int) ((microtime_float() - $GLOBALS['amfphp']['startTime']) * 1000);
$b = pack("d", $time);
// pack the bytes
if (AMFPHP_BIG_ENDIAN) {
// if we are a big-endian processor
$r = strrev($b);
} else {
// add the bytes to the output
$r = $b;
}
$output = substr($output, 0, $toAddPos) . $r . substr($output, $toAddPos + 8);
}
//Send expire header, apparently helps for SSL
//Thanks to Gary Rogers for that
//And also to Lucas Filippi from openAMF list
//And to Robert Reinhardt who appears to be the first who
//documented the bug
//Finally to Gary who appears to have find a solution which works even more reliably
$dateStr = date("D, j M Y ") . date("H:i:s", strtotime("-2 days"));
header("Expires: {$dateStr} GMT");
header("Pragma: no-store");
header("Cache-Control: no-store");
//else don't send any special headers at all
if ($this->outgoingMessagesFolder != NULL) {
$mt = microtime();
$pieces = explode(' ', $mt);
file_put_contents($this->outgoingMessagesFolder . 'out.' . $pieces[1] . '.' . substr($pieces[0], 2) . ".amf", $output);
}
$doCompress = false;
$outputCompression = @ini_get("zlib.output_compression");
if (!$outputCompression) {
if (strlen($output) > $this->_gzipCompressionThreshold && extension_loaded("zlib") && strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== FALSE && $this->_enableGzipCompression) {
$doCompress = true;
ob_start();
ob_start('ob_gzhandler');
} else {
header("Content-length: " . strlen($output));
}
}
print $output;
// flush the binary data
if ($doCompress) {
ob_end_flush();
header("Content-length: " . ob_get_length());
ob_end_flush();
}
} else {
$versionData = explode("\n", file_get_contents(APP . DS . "plugins" . DS . "cpamf" . DS . "version.txt"));
$cpamfVersion = $versionData[count($versionData) - 1];
echo "<p> CpAmf plugin v" . $cpamfVersion . " (CakePHP 1.2)</p>";
echo "<p>amfphp and this gateway are installed correctly. You may now connect " . "to this gateway from Flash.</p>";
if (function_exists("amf_decode")) {
echo "<p>AMF C Extension is loaded " . ($GLOBALS['amfphp']['native'] ? "and enabled." : "but disabled") . "</p>";
}
echo "<p>Note: If you're reading an " . "old tutorial, it will tell you that you should see a download " . "window instead of this message. This confused people so this is " . "the new behaviour starting from amfphp 1.2.</p><p>" . "<a href='http://www.amfphp.org/docs'>View the amfphp documentation</p>" . "<p><a href='browser'>Load the service browser</a></p>";
echo "<pre>";
}
}
/**
* MetaDataAction loads the required info from the methodTable
*/
function securityAction(&$amfbody)
{
if (!$amfbody->noExec) {
$classConstruct =& $amfbody->getClassConstruct();
$methodName = $amfbody->methodName;
$className = $amfbody->className;
//Check if method exists
if (!method_exists($classConstruct, $methodName)) {
// check to see if the method exists
$ex = new MessageException(E_USER_ERROR, "The method {" . $methodName . "} does not exist in class {" . $className . "}.", __FILE__, __LINE__, "AMFPHP_INEXISTANT_METHOD");
MessageException::throwException($amfbody, $ex);
return false;
}
//Check if method is private (PHP4)
if (strpos($methodName, '_') === 0) {
// check to see if the method exists
$ex = new MessageException(E_USER_ERROR, "The method {" . $methodName . "} starts with an underscore and is therefore considered private, so it cannot be remotely called.", __FILE__, __LINE__, "AMFPHP_PRIVATE_METHOD");
MessageException::throwException($amfbody, $ex);
return false;
}
//Check to see if method is private or protected (PHP5)
if (class_exists('ReflectionMethod')) {
$method = new ReflectionMethod($className, $methodName);
if (!$method->isPublic()) {
$ex = new MessageException(E_USER_ERROR, "The method {" . $methodName . "} in {" . $className . "} is not public and therefore cannot be called.", __FILE__, __LINE__, "AMFPHP_PRIVATE_METHOD");
MessageException::throwException($amfbody, $ex);
return false;
}
}
$classConstruct =& $amfbody->getClassConstruct();
$methodName = $amfbody->methodName;
$className = $amfbody->className;
if (method_exists($classConstruct, "beforeFilter")) {
//Pass throught the executive
if (Headers::getHeader('Credentials') == true) {
$header = Headers::getHeader('Credentials');
}
//authenticationFilter($amf)
$allow = Executive::doMethodCall($amfbody, $classConstruct, 'beforeFilter', array($methodName, $header["userid"], $header["password"]));
if ($allow === '__amfphp_error' || $allow === false) {
$ex = new MessageException(E_USER_ERROR, "Method access blocked by beforeFilter in " . $className . " class", __FILE__, __LINE__, "AMFPHP_AUTHENTICATE_ERROR");
MessageException::throwException($amfbody, $ex);
return false;
}
}
}
return true;
}
