/**
* Contributed by Justin Miller <*****@*****.**>
* Requires curl to be built into PHP
* NB: CURL versions before 7.11.10 cannot use proxy to talk to https servers!
* @access private
*/
function &sendPayloadCURL($msg, $server, $port, $timeout = 0, $username = '', $password = '', $authtype = 1, $cert = '', $certpass = '', $cacert = '', $cacertdir = '', $proxyhost = '', $proxyport = 0, $proxyusername = '', $proxypassword = '', $proxyauthtype = 1, $method = 'https', $keepalive = false, $key = '', $keypass = '')
{
if (!function_exists('curl_init')) {
$this->errstr = 'CURL unavailable on this install';
$r = new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['no_curl'], $GLOBALS['xmlrpcstr']['no_curl']);
return $r;
}
if ($method == 'https') {
if (($info = curl_version()) && (is_string($info) && strpos($info, 'OpenSSL') === null || is_array($info) && !isset($info['ssl_version']))) {
$this->errstr = 'SSL unavailable on this install';
$r = new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['no_ssl'], $GLOBALS['xmlrpcstr']['no_ssl']);
return $r;
}
}
if ($port == 0) {
if ($method == 'http') {
$port = 80;
} else {
$port = 443;
}
}
// Only create the payload if it was not created previously
if (empty($msg->payload)) {
$msg->createPayload($this->request_charset_encoding);
}
// Deflate request body and set appropriate request headers
$payload = $msg->payload;
if (function_exists('gzdeflate') && ($this->request_compression == 'gzip' || $this->request_compression == 'deflate')) {
if ($this->request_compression == 'gzip') {
$a = @gzencode($payload);
if ($a) {
$payload = $a;
$encoding_hdr = 'Content-Encoding: gzip';
}
} else {
$a = @gzcompress($payload);
if ($a) {
$payload = $a;
$encoding_hdr = 'Content-Encoding: deflate';
}
}
} else {
$encoding_hdr = '';
}
if ($this->debug > 1) {
print "<PRE>\n---SENDING---\n" . htmlentities($payload) . "\n---END---\n</PRE>";
// let the client see this now in case http times out...
flush();
}
if (!$keepalive || !$this->xmlrpc_curl_handle) {
$curl = curl_init($method . '://' . $server . ':' . $port . $this->path);
if ($keepalive) {
$this->xmlrpc_curl_handle = $curl;
}
} else {
$curl = $this->xmlrpc_curl_handle;
}
// results into variable
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
if ($this->debug) {
curl_setopt($curl, CURLOPT_VERBOSE, 1);
}
curl_setopt($curl, CURLOPT_USERAGENT, $this->user_agent);
// required for XMLRPC: post the data
curl_setopt($curl, CURLOPT_POST, 1);
// the data
curl_setopt($curl, CURLOPT_POSTFIELDS, $payload);
// return the header too
curl_setopt($curl, CURLOPT_HEADER, 1);
// NB: if we set an empty string, CURL will add http header indicating
// ALL methods it is supporting. This is possibly a better option than
// letting the user tell what curl can / cannot do...
if (is_array($this->accepted_compression) && count($this->accepted_compression)) {
//curl_setopt($curl, CURLOPT_ENCODING, implode(',', $this->accepted_compression));
// empty string means 'any supported by CURL' (shall we catch errors in case CURLOPT_SSLKEY undefined ?)
if (count($this->accepted_compression) == 1) {
curl_setopt($curl, CURLOPT_ENCODING, $this->accepted_compression[0]);
} else {
curl_setopt($curl, CURLOPT_ENCODING, '');
}
}
// extra headers
$headers = array('Content-Type: ' . $msg->content_type, 'Accept-Charset: ' . implode(',', $this->accepted_charset_encodings));
if (is_array($this->accepted_content_type) && count($this->accepted_content_type)) {
$headers[] = 'Accept: ' . implode(', ', $this->accepted_content_type);
}
// if no keepalive is wanted, let the server know it in advance
if (!$keepalive) {
$headers[] = 'Connection: close';
}
// request compression header
if ($encoding_hdr) {
$headers[] = $encoding_hdr;
}
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
// timeout is borked
if ($timeout) {
curl_setopt($curl, CURLOPT_TIMEOUT, $timeout == 1 ? 1 : $timeout - 1);
}
if ($username && $password) {
curl_setopt($curl, CURLOPT_USERPWD, $username . ':' . $password);
if (defined('CURLOPT_HTTPAUTH')) {
curl_setopt($curl, CURLOPT_HTTPAUTH, $authtype);
} else {
if ($authtype != 1) {
error_log('XML-RPC: ' . __METHOD__ . ': warning. Only Basic auth is supported by the current PHP/curl install');
}
}
}
if ($method == 'https') {
// set cert file
if ($cert) {
curl_setopt($curl, CURLOPT_SSLCERT, $cert);
}
// set cert password
if ($certpass) {
curl_setopt($curl, CURLOPT_SSLCERTPASSWD, $certpass);
}
// whether to verify remote host's cert
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, $this->verifypeer);
// set ca certificates file/dir
if ($cacert) {
curl_setopt($curl, CURLOPT_CAINFO, $cacert);
}
if ($cacertdir) {
curl_setopt($curl, CURLOPT_CAPATH, $cacertdir);
}
// set key file (shall we catch errors in case CURLOPT_SSLKEY undefined ?)
if ($key) {
curl_setopt($curl, CURLOPT_SSLKEY, $key);
}
// set key password (shall we catch errors in case CURLOPT_SSLKEY undefined ?)
if ($keypass) {
curl_setopt($curl, CURLOPT_SSLKEYPASSWD, $keypass);
}
// whether to verify cert's common name (CN); 0 for no, 1 to verify that it exists, and 2 to verify that it matches the hostname used
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, $this->verifyhost);
}
// proxy info
if ($proxyhost) {
if ($proxyport == 0) {
$proxyport = 8080;
// NB: even for HTTPS, local connection is on port 8080
}
curl_setopt($curl, CURLOPT_PROXY, $proxyhost . ':' . $proxyport);
//curl_setopt($curl, CURLOPT_PROXYPORT,$proxyport);
if ($proxyusername) {
curl_setopt($curl, CURLOPT_PROXYUSERPWD, $proxyusername . ':' . $proxypassword);
if (defined('CURLOPT_PROXYAUTH')) {
curl_setopt($curl, CURLOPT_PROXYAUTH, $proxyauthtype);
} else {
if ($proxyauthtype != 1) {
error_log('XML-RPC: ' . __METHOD__ . ': warning. Only Basic auth to proxy is supported by the current PHP/curl install');
}
}
}
}
// NB: should we build cookie http headers by hand rather than let CURL do it?
// the following code does not honour 'expires', 'path' and 'domain' cookie attributes
// set to client obj the the user...
if (count($this->cookies)) {
$cookieheader = '';
foreach ($this->cookies as $name => $cookie) {
$cookieheader .= $name . '=' . $cookie['value'] . '; ';
}
curl_setopt($curl, CURLOPT_COOKIE, substr($cookieheader, 0, -2));
}
foreach ($this->extracurlopts as $opt => $val) {
curl_setopt($curl, $opt, $val);
}
$result = curl_exec($curl);
if ($this->debug > 1) {
print "<PRE>\n---CURL INFO---\n";
foreach (curl_getinfo($curl) as $name => $val) {
if (is_array($val)) {
$val = implode("\n", $val);
}
print $name . ': ' . htmlentities($val) . "\n";
}
print "---END---\n</PRE>";
}
if (!$result) {
$this->errstr = 'no response';
$resp = new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['curl_fail'], $GLOBALS['xmlrpcstr']['curl_fail'] . ': ' . curl_error($curl));
curl_close($curl);
if ($keepalive) {
$this->xmlrpc_curl_handle = null;
}
} else {
if (!$keepalive) {
curl_close($curl);
}
$resp =& $msg->parseResponse($result, true, $this->return_type);
// if we got back a 302, we can not reuse the curl handle for later calls
if ($resp->faultCode() == $GLOBALS['xmlrpcerr']['http_error'] && $keepalive) {
curl_close($curl);
$this->xmlrpc_curl_handle = null;
}
}
return $resp;
}
/**
* Handles RPC request methods
* @param {xmlrpcmsg} $request XML-RPC Request Object
*/
public function handleRPCMethod(xmlrpcmsg $request)
{
$username = $request->getParam(1)->getval();
$password = $request->getParam(2)->getval();
if ($this->authenticate($username, $password)) {
$method = str_replace(array('blogger.', 'metaWeblog.', 'kapost.'), '', $request->methodname);
if (!in_array($request->methodname, $this->exposed_methods) || !method_exists($this, $method)) {
return $this->httpError(403, _t('KapostService.METHOD_NOT_ALLOWED', '_Action "{method}" is not allowed on class Kapost Service.', array('method' => $request->methodname)));
}
//Pack params into call to method if they are not the authentication parameters
$params = array();
for ($i = 0; $i < $request->getNumParams(); $i++) {
if ($i != 1 && $i != 2) {
$params[] = php_xmlrpc_decode($request->getParam($i));
}
}
//Convert the custom fields to an associtive array
if (array_key_exists(1, $params) && is_array($params[1]) && array_key_exists('custom_fields', $params[1])) {
$params[1]['custom_fields'] = $this->struct_to_assoc($params[1]['custom_fields']);
}
//If transactions are supported start one for newPost and editPost
if (($method == 'newPost' || $method == 'editPost') && DB::getConn()->supportsTransactions()) {
DB::getConn()->transactionStart();
}
//Call the method
$response = call_user_func_array(array($this, $method), $params);
if ($response instanceof xmlrpcresp) {
//If transactions are supported check the response and rollback in the case of a fault
if (($method == 'newPost' || $method == 'editPost' || $method == 'newMediaObject') && DB::getConn()->supportsTransactions()) {
if ($response->faultCode() != 0) {
DB::getConn()->transactionRollback();
} else {
DB::getConn()->transactionEnd();
}
}
return $response;
//Response is already encoded so return
}
//Encode the response
$response = php_xmlrpc_encode($response);
if (is_object($response) && $response instanceof xmlrpcval) {
$response = new xmlrpcresp($response);
if (($method == 'newPost' || $method == 'editPost' || $method == 'newMediaObject') && DB::getConn()->supportsTransactions()) {
if ($response->faultCode() != 0) {
DB::getConn()->transactionRollback();
} else {
DB::getConn()->transactionEnd();
}
}
return $response;
}
return $this->httpError(500, _t('KapostService.INVALID_RESPONSE', '_Invalid response returned from {method}, response was: {response}', array('method' => $method, 'response' => print_r($response, true))));
}
return $this->httpError(401, _t('KapostService.AUTH_FAIL', '_Authentication Failed, please check the App Center credentials for the SilverStripe end point.'));
}
