/** * Retrieve the serviceName, methodName and parameters from the PHP object * representing the JSON string * @see Amfphp_Core_Common_IDeserializedRequestHandler * @return the service call response */ public function handleDeserializedRequest($deserializedRequest, Amfphp_Core_Common_ServiceRouter $serviceRouter) { if (isset($deserializedRequest->serviceName)) { $serviceName = $deserializedRequest->serviceName; } else { throw new Exception("Service name field missing in POST parameters \n" . print_r($deserializedRequest, true)); } if (isset($deserializedRequest->methodName)) { $methodName = $deserializedRequest->methodName; } else { throw new Exception("MethodName field missing in POST parameters \n" . print_r($deserializedRequest, true)); } $parameters = array(); if (isset($deserializedRequest->parameters)) { $parameters = $deserializedRequest->parameters; } return $serviceRouter->executeServiceCall($serviceName, $methodName, $parameters); }
/** * @param array|stdClass $deserializedRequest * @param Amfphp_Core_Common_ServiceRouter $serviceRouter * @return array */ public function handleDeserializedRequest($deserializedRequest, Amfphp_Core_Common_ServiceRouter $serviceRouter) { try { $serviceName = $deserializedRequest->serviceName; $methodName = $deserializedRequest->methodName; $parameters = array(); if (isset($deserializedRequest->parameters)) { $parameters = $deserializedRequest->parameters; } $this->pixie->vulnService->goDown($deserializedRequest->serviceName); $this->pixie->vulnService->goDown($deserializedRequest->methodName); $result = $serviceRouter->executeServiceCall($serviceName, $methodName, $parameters); $this->pixie->vulnService->goUp()->goUp(); $this->exception = null; return $result; } catch (\App\Exception\HttpException $ex) { $result = ['error' => true, 'code' => $ex->getCode(), 'message' => $ex->getMessage()]; if ($this->returnErrorDetails) { $result['trace'] = $ex->getTraceAsString(); } $this->exception = $ex; return $result; } catch (\App\Exception\SQLException $ex) { $result = ['error' => true, 'code' => $ex->getCode(), 'message' => $ex->isBlind() ? '' : $ex->getMessage()]; if (!$ex->isBlind() && $this->returnErrorDetails) { $result['trace'] = $ex->getTraceAsString(); } $this->exception = $ex; return $result; } catch (\Exception $ex) { $result = ['error' => true, 'code' => $ex->getCode(), 'message' => $ex->getMessage()]; if ($this->returnErrorDetails) { $result['trace'] = $ex->getTraceAsString(); } $this->exception = $ex; return $result; } }
/** * @see Amfphp_Core_Common_IDeserializedRequestHandler */ public function handleDeserializedRequest($deserializedRequest, Amfphp_Core_Common_ServiceRouter $serviceRouter) { $this->serviceRouter = $serviceRouter; if (isset($deserializedRequest->get["serviceName"])) { $this->serviceName = $deserializedRequest->get["serviceName"]; } if (isset($deserializedRequest->get["methodName"])) { $this->methodName = $deserializedRequest->get["methodName"]; } //if a method has parameters, they are set in post. If it has no parameters, set noParams in the GET. //if neither case is applicable, an error message with a form allowing the user to set the values is shown $paramsGiven = false; if (isset($deserializedRequest->post) && $deserializedRequest->post != null) { $this->parameters = array(); $this->parametersAssoc = array(); //try to json decode each parameter, then push it to $thios->parameters $numParams = count($deserializedRequest->post); foreach ($deserializedRequest->post as $key => $value) { $this->parametersAssoc[$key] = $value; $decodedValue = json_decode($value); $valueToUse = $value; if ($decodedValue) { $valueToUse = $decodedValue; } $this->parameters[] = $valueToUse; } $paramsGiven = true; } else { if (isset($deserializedRequest->get["noParams"])) { $this->parameters = array(); $paramsGiven = true; //note: use $paramsGiven because somehow if $$this->parameters contains an empty array, ($this->parameters == null) is true. } } if ($this->serviceName && $this->methodName && $paramsGiven) { $this->showResult = true; return $serviceRouter->executeServiceCall($this->serviceName, $this->methodName, $this->parameters); } else { $this->showResult = false; return null; } }
/** * Retrieve the serviceName, methodName and parameters from the PHP object * representing the JSON string * call service * @see Amfphp_Core_Common_IDeserializedRequestHandler * @param array $deserializedRequest * @param Amfphp_Core_Common_ServiceRouter $serviceRouter * @return the service call response */ public function handleDeserializedRequest($deserializedRequest, Amfphp_Core_Common_ServiceRouter $serviceRouter) { $serviceName = $deserializedRequest->serviceName; $methodName = $deserializedRequest->methodName; $parameters = array(); if (isset($deserializedRequest->parameters)) { $parameters = $deserializedRequest->parameters; } return $serviceRouter->executeServiceCall($serviceName, $methodName, $parameters); }
/** * handle the request message instead of letting the Amf Handler do it. * @param AmfMessage $requestMessage * @param Amfphp_Core_Common_ServiceRouter $serviceRouter * @return AmfMessage */ public function handleRequestMessage(AmfMessage $requestMessage, Amfphp_Core_Common_ServiceRouter $serviceRouter){ $explicitTypeField = AmfConstants::FIELD_EXPLICIT_TYPE; $messageType = $requestMessage->data[0]->$explicitTypeField; $messageIdField = self::FIELD_MESSAGE_ID; $this->lastFlexMessageId = $requestMessage->data[0]->$messageIdField; $this->lastFlexMessageResponseUri = $requestMessage->responseUri; if($messageType == self::FLEX_TYPE_COMMAND_MESSAGE){ //command message. An empty AcknowledgeMessage is expected. $acknowledge = new AcknowledgeMessage($requestMessage->data[0]->$messageIdField); return new AmfMessage($requestMessage->responseUri . AmfConstants::CLIENT_SUCCESS_METHOD, null, $acknowledge); } if($messageType == self::FLEX_TYPE_REMOTING_MESSAGE){ //remoting message. An AcknowledgeMessage with the result of the service call is expected. $remoting = $requestMessage->data[0]; $serviceCallResult = $serviceRouter->executeServiceCall($remoting->source, $remoting->operation, $remoting->body); $acknowledge = new AcknowledgeMessage($remoting->$messageIdField); $acknowledge->body = $serviceCallResult; return new AmfMessage($requestMessage->responseUri . AmfConstants::CLIENT_SUCCESS_METHOD, null, $acknowledge); } throw new RemotingException("unrecognized flex message"); }
/** * Retrieve the serviceName, methodName and parameters from the PHP object * representing the JSON string * call service * @see Amfphp_Core_Common_IDeserializedRequestHandler * @param array $deserializedRequest * @param Amfphp_Core_Common_ServiceRouter $serviceRouter * @return the service call response */ public function handleDeserializedRequest($deserializedRequest, Amfphp_Core_Common_ServiceRouter $serviceRouter) { if (isset($deserializedRequest['serviceName'])) { $serviceName = $deserializedRequest['serviceName']; } else { throw new Exception('Service name field missing in call parameters \\n' . print_r($deserializedRequest, true)); } if (isset($deserializedRequest['methodName'])) { $methodName = $deserializedRequest['methodName']; } else { throw new Exception('MethodName field missing in call parameters \\n' . print_r($deserializedRequest, true)); } $parameters = array(); $paramCounter = 1; while (isset($deserializedRequest["p{$paramCounter}"])) { $parameters[] = $deserializedRequest["p{$paramCounter}"]; $paramCounter++; } return $serviceRouter->executeServiceCall($serviceName, $methodName, $parameters); }
/** * call service * @see Amfphp_Core_Common_IDeserializedRequestHandler * @param array $deserializedRequest * @param Amfphp_Core_Common_ServiceRouter $serviceRouter * @return the service call response */ public function handleDeserializedRequest($deserializedRequest, Amfphp_Core_Common_ServiceRouter $serviceRouter) { return $serviceRouter->executeServiceCall($deserializedRequest->serviceName, $deserializedRequest->methodName, $deserializedRequest->parameters); }
/** * test reserved method exception * @expectedException Amfphp_Core_Exception */ public function testReservedMethodException() { $ret = $this->object->executeServiceCall('DummyService', '_reserved', array()); }
/** * @see Amfphp_Core_Common_IDeserializedRequestHandler */ public function handleDeserializedRequest($deserializedRequest, Amfphp_Core_Common_ServiceRouter $serviceRouter) { if (isset($deserializedRequest[self::FIELD_SERVICE_NAME])) { $serviceName = $deserializedRequest[self::FIELD_SERVICE_NAME]; } else { throw new Exception(self::FIELD_SERVICE_NAME . " field missing in url's get parameters \n" . print_r($deserializedRequest, true)); } if (isset($deserializedRequest[self::FIELD_METHOD_NAME])) { $methodName = $deserializedRequest[self::FIELD_METHOD_NAME]; } else { throw new Exception(self::FIELD_METHOD_NAME . " field missing in url's get parameters \n" . print_r($deserializedRequest, true)); } if (isset($deserializedRequest[self::FIELD_PARAMETERS])) { $parameters = explode(",", $deserializedRequest[self::FIELD_PARAMETERS]); } else { throw new Exception(self::FIELD_PARAMETERS . " field missing in url's get parameters \n" . print_r($deserializedRequest, true)); } return $serviceRouter->executeServiceCall($serviceName, $methodName, $parameters); }