Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-07-02 17:55:07 +02:00
Code Issues Projects Releases Wiki Activity
e569358678
WordPress/wp-includes/IXR/class-IXR-server.php
desrosj c591d94cc5 General: Remove or add inline comments to $HTTP_RAW_POST_DATA occurrences. 
The `$HTTP_RAW_POST_DATA` global was deprecated in PHP 5.6 and removed completely in PHP 7.0. In general, `php://input` should be used instead of `$HTTP_RAW_POST_DATA`.

Because WordPress Core still supports PHP 5.6, some plugins or sites may still rely on this variable being present and populated with the expected data. For that reason, occurrences of the variable will remain with updated inline documentation until support for PHP 5.6 is officially dropped in WordPress.

Props skoskie, jrf, desrosj, TimothyBlynJacobs.
See #49922.
Fixes #49810.
Built from https://develop.svn.wordpress.org/trunk@47926


git-svn-id: http://core.svn.wordpress.org/trunk@47700 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-08 19:55:10 +00:00

220 lines
6.5 KiB
PHP
Raw Blame History

<?php
/**
* IXR_Server
*
* @package IXR
* @since 1.5.0
*/
class IXR_Server
{
var $data;
var $callbacks = array();
var $message;
var $capabilities;
/**
* PHP5 constructor.
*/
function __construct( $callbacks = false, $data = false, $wait = false )
{
$this->setCapabilities();
if ($callbacks) {
$this->callbacks = $callbacks;
}
$this->setCallbacks();
if (!$wait) {
$this->serve($data);
}
}
/**
* PHP4 constructor.
*/
public function IXR_Server( $callbacks = false, $data = false, $wait = false ) {
self::__construct( $callbacks, $data, $wait );
}
function serve($data = false)
{
if (!$data) {
if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] !== 'POST') {
if ( function_exists( 'status_header' ) ) {
status_header( 405 ); // WP #20986
header( 'Allow: POST' );
}
header('Content-Type: text/plain'); // merged from WP #9093
die('XML-RPC server accepts POST requests only.');
}
$data = file_get_contents('php://input');
}
$this->message = new IXR_Message($data);
if (!$this->message->parse()) {
$this->error(-32700, 'parse error. not well formed');
}
if ($this->message->messageType != 'methodCall') {
$this->error(-32600, 'server error. invalid xml-rpc. not conforming to spec. Request must be a methodCall');
}
$result = $this->call($this->message->methodName, $this->message->params);
// Is the result an error?
if (is_a($result, 'IXR_Error')) {
$this->error($result);
}
// Encode the result
$r = new IXR_Value($result);
$resultxml = $r->getXml();
// Create the XML
$xml = <<<EOD
<methodResponse>
<params>
<param>
<value>
$resultxml
</value>
</param>
</params>
</methodResponse>
EOD;
// Send it
$this->output($xml);
}
function call($methodname, $args)
{
if (!$this->hasMethod($methodname)) {
return new IXR_Error(-32601, 'server error. requested method '.$methodname.' does not exist.');
}
$method = $this->callbacks[$methodname];
// Perform the callback and send the response
if (count($args) == 1) {
// If only one parameter just send that instead of the whole array
$args = $args[0];
}
// Are we dealing with a function or a method?
if (is_string($method) && substr($method, 0, 5) == 'this:') {
// It's a class method - check it exists
$method = substr($method, 5);
if (!method_exists($this, $method)) {
return new IXR_Error(-32601, 'server error. requested class method "'.$method.'" does not exist.');
}
//Call the method
$result = $this->$method($args);
} else {
// It's a function - does it exist?
if (is_array($method)) {
if (!is_callable(array($method[0], $method[1]))) {
return new IXR_Error(-32601, 'server error. requested object method "'.$method[1].'" does not exist.');
}
} else if (!function_exists($method)) {
return new IXR_Error(-32601, 'server error. requested function "'.$method.'" does not exist.');
}
// Call the function
$result = call_user_func($method, $args);
}
return $result;
}
function error($error, $message = false)
{
// Accepts either an error object or an error code and message
if ($message && !is_object($error)) {
$error = new IXR_Error($error, $message);
}
$this->output($error->getXml());
}
function output($xml)
{
$charset = function_exists('get_option') ? get_option('blog_charset') : '';
if ($charset)
$xml = '<?xml version="1.0" encoding="'.$charset.'"?>'."\n".$xml;
else
$xml = '<?xml version="1.0"?>'."\n".$xml;
$length = strlen($xml);
header('Connection: close');
if ($charset)
header('Content-Type: text/xml; charset='.$charset);
else
header('Content-Type: text/xml');
header('Date: '.gmdate('r'));
echo $xml;
exit;
}
function hasMethod($method)
{
return in_array($method, array_keys($this->callbacks));
}
function setCapabilities()
{
// Initialises capabilities array
$this->capabilities = array(
'xmlrpc' => array(
'specUrl' => 'http://www.xmlrpc.com/spec',
'specVersion' => 1
),
'faults_interop' => array(
'specUrl' => 'http://xmlrpc-epi.sourceforge.net/specs/rfc.fault_codes.php',
'specVersion' => 20010516
),
'system.multicall' => array(
'specUrl' => 'http://www.xmlrpc.com/discuss/msgReader$1208',
'specVersion' => 1
),
);
}
function getCapabilities($args)
{
return $this->capabilities;
}
function setCallbacks()
{
$this->callbacks['system.getCapabilities'] = 'this:getCapabilities';
$this->callbacks['system.listMethods'] = 'this:listMethods';
$this->callbacks['system.multicall'] = 'this:multiCall';
}
function listMethods($args)
{
// Returns a list of methods - uses array_reverse to ensure user defined
// methods are listed before server defined methods
return array_reverse(array_keys($this->callbacks));
}
function multiCall($methodcalls)
{
// See http://www.xmlrpc.com/discuss/msgReader$1208
$return = array();
foreach ($methodcalls as $call) {
$method = $call['methodName'];
$params = $call['params'];
if ($method == 'system.multicall') {
$result = new IXR_Error(-32600, 'Recursive calls to system.multicall are forbidden');
} else {
$result = $this->call($method, $params);
}
if (is_a($result, 'IXR_Error')) {
$return[] = array(
'faultCode' => $result->code,
'faultString' => $result->message
);
} else {
$return[] = array($result);
}
}
return $return;
}
}
Reference in New Issue View Git Blame Copy Permalink