691 lines
20 KiB
PHP
691 lines
20 KiB
PHP
<?php
|
|
// +-----------------------------------------------------------------------+
|
|
// | Piwigo - a PHP based photo gallery |
|
|
// +-----------------------------------------------------------------------+
|
|
// | Copyright(C) 2008-2016 Piwigo Team http://piwigo.org |
|
|
// | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net |
|
|
// | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick |
|
|
// +-----------------------------------------------------------------------+
|
|
// | This program is free software; you can redistribute it and/or modify |
|
|
// | it under the terms of the GNU General Public License as published by |
|
|
// | the Free Software Foundation |
|
|
// | |
|
|
// | This program is distributed in the hope that it will be useful, but |
|
|
// | WITHOUT ANY WARRANTY; without even the implied warranty of |
|
|
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
|
|
// | General Public License for more details. |
|
|
// | |
|
|
// | You should have received a copy of the GNU General Public License |
|
|
// | along with this program; if not, write to the Free Software |
|
|
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
|
|
// | USA. |
|
|
// +-----------------------------------------------------------------------+
|
|
|
|
/**** WEB SERVICE CORE CLASSES************************************************
|
|
* PwgServer - main object - the link between web service methods, request
|
|
* handler and response encoder
|
|
* PwgRequestHandler - base class for handlers
|
|
* PwgResponseEncoder - base class for response encoders
|
|
* PwgError, PwgNamedArray, PwgNamedStruct - can be used by web service functions
|
|
* as return values
|
|
*/
|
|
|
|
|
|
define( 'WS_PARAM_ACCEPT_ARRAY', 0x010000 );
|
|
define( 'WS_PARAM_FORCE_ARRAY', 0x030000 );
|
|
define( 'WS_PARAM_OPTIONAL', 0x040000 );
|
|
|
|
define( 'WS_TYPE_BOOL', 0x01 );
|
|
define( 'WS_TYPE_INT', 0x02 );
|
|
define( 'WS_TYPE_FLOAT', 0x04 );
|
|
define( 'WS_TYPE_POSITIVE', 0x10 );
|
|
define( 'WS_TYPE_NOTNULL', 0x20 );
|
|
define( 'WS_TYPE_ID', WS_TYPE_INT | WS_TYPE_POSITIVE | WS_TYPE_NOTNULL);
|
|
|
|
define( 'WS_ERR_INVALID_METHOD', 501 );
|
|
define( 'WS_ERR_MISSING_PARAM', 1002 );
|
|
define( 'WS_ERR_INVALID_PARAM', 1003 );
|
|
|
|
define( 'WS_XML_ATTRIBUTES', 'attributes_xml_');
|
|
|
|
/**
|
|
* PwgError object can be returned from any web service function implementation.
|
|
*/
|
|
class PwgError
|
|
{
|
|
private $_code;
|
|
private $_codeText;
|
|
|
|
function __construct($code, $codeText)
|
|
{
|
|
if ($code>=400 and $code<600)
|
|
{
|
|
set_status_header($code, $codeText);
|
|
}
|
|
|
|
$this->_code = $code;
|
|
$this->_codeText = $codeText;
|
|
}
|
|
|
|
function code() { return $this->_code; }
|
|
function message() { return $this->_codeText; }
|
|
}
|
|
|
|
/**
|
|
* Simple wrapper around an array (keys are consecutive integers starting at 0).
|
|
* Provides naming clues for xml output (xml attributes vs. xml child elements?)
|
|
* Usually returned by web service function implementation.
|
|
*/
|
|
class PwgNamedArray
|
|
{
|
|
/*private*/ var $_content;
|
|
/*private*/ var $_itemName;
|
|
/*private*/ var $_xmlAttributes;
|
|
|
|
/**
|
|
* Constructs a named array
|
|
* @param arr array (keys must be consecutive integers starting at 0)
|
|
* @param itemName string xml element name for values of arr (e.g. image)
|
|
* @param xmlAttributes array of sub-item attributes that will be encoded as
|
|
* xml attributes instead of xml child elements
|
|
*/
|
|
function __construct($arr, $itemName, $xmlAttributes=array() )
|
|
{
|
|
$this->_content = $arr;
|
|
$this->_itemName = $itemName;
|
|
$this->_xmlAttributes = array_flip($xmlAttributes);
|
|
}
|
|
}
|
|
/**
|
|
* Simple wrapper around a "struct" (php array whose keys are not consecutive
|
|
* integers starting at 0). Provides naming clues for xml output (what is xml
|
|
* attributes and what is element)
|
|
*/
|
|
class PwgNamedStruct
|
|
{
|
|
/*private*/ var $_content;
|
|
/*private*/ var $_xmlAttributes;
|
|
|
|
/**
|
|
* Constructs a named struct (usually returned by web service function
|
|
* implementation)
|
|
* @param name string - containing xml element name
|
|
* @param content array - the actual content (php array)
|
|
* @param xmlAttributes array - name of the keys in $content that will be
|
|
* encoded as xml attributes (if null - automatically prefer xml attributes
|
|
* whenever possible)
|
|
*/
|
|
function __construct($content, $xmlAttributes=null, $xmlElements=null )
|
|
{
|
|
$this->_content = $content;
|
|
if ( isset($xmlAttributes) )
|
|
{
|
|
$this->_xmlAttributes = array_flip($xmlAttributes);
|
|
}
|
|
else
|
|
{
|
|
$this->_xmlAttributes = array();
|
|
foreach ($this->_content as $key=>$value)
|
|
{
|
|
if (!empty($key) and (is_scalar($value) or is_null($value)) )
|
|
{
|
|
if ( empty($xmlElements) or !in_array($key,$xmlElements) )
|
|
{
|
|
$this->_xmlAttributes[$key]=1;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
/**
|
|
* Abstract base class for request handlers.
|
|
*/
|
|
abstract class PwgRequestHandler
|
|
{
|
|
/** Virtual abstract method. Decodes the request (GET or POST) handles the
|
|
* method invocation as well as response sending.
|
|
*/
|
|
abstract function handleRequest(&$service);
|
|
}
|
|
|
|
/**
|
|
*
|
|
* Base class for web service response encoder.
|
|
*/
|
|
abstract class PwgResponseEncoder
|
|
{
|
|
/** encodes the web service response to the appropriate output format
|
|
* @param response mixed the unencoded result of a service method call
|
|
*/
|
|
abstract function encodeResponse($response);
|
|
|
|
/** default "Content-Type" http header for this kind of response format
|
|
*/
|
|
abstract function getContentType();
|
|
|
|
/**
|
|
* returns true if the parameter is a 'struct' (php array type whose keys are
|
|
* NOT consecutive integers starting with 0)
|
|
*/
|
|
static function is_struct(&$data)
|
|
{
|
|
if (is_array($data) )
|
|
{
|
|
if (range(0, count($data) - 1) !== array_keys($data) )
|
|
{ # string keys, unordered, non-incremental keys, .. - whatever, make object
|
|
return true;
|
|
}
|
|
}
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* removes all XML formatting from $response (named array, named structs, etc)
|
|
* usually called by every response encoder, except rest xml.
|
|
*/
|
|
static function flattenResponse(&$value)
|
|
{
|
|
self::flatten($value);
|
|
}
|
|
|
|
private static function flatten(&$value)
|
|
{
|
|
if (is_object($value))
|
|
{
|
|
$class = strtolower( @get_class($value) );
|
|
if ($class == 'pwgnamedarray')
|
|
{
|
|
$value = $value->_content;
|
|
}
|
|
if ($class == 'pwgnamedstruct')
|
|
{
|
|
$value = $value->_content;
|
|
}
|
|
}
|
|
|
|
if (!is_array($value))
|
|
return;
|
|
|
|
if (self::is_struct($value))
|
|
{
|
|
if ( isset($value[WS_XML_ATTRIBUTES]) )
|
|
{
|
|
$value = array_merge( $value, $value[WS_XML_ATTRIBUTES] );
|
|
unset( $value[WS_XML_ATTRIBUTES] );
|
|
}
|
|
}
|
|
|
|
foreach ($value as $key=>&$v)
|
|
{
|
|
self::flatten($v);
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
|
|
class PwgServer
|
|
{
|
|
var $_requestHandler;
|
|
var $_requestFormat;
|
|
var $_responseEncoder;
|
|
var $_responseFormat;
|
|
|
|
var $_methods = array();
|
|
|
|
function __construct()
|
|
{
|
|
}
|
|
|
|
/**
|
|
* Initializes the request handler.
|
|
*/
|
|
function setHandler($requestFormat, &$requestHandler)
|
|
{
|
|
$this->_requestHandler = &$requestHandler;
|
|
$this->_requestFormat = $requestFormat;
|
|
}
|
|
|
|
/**
|
|
* Initializes the request handler.
|
|
*/
|
|
function setEncoder($responseFormat, &$encoder)
|
|
{
|
|
$this->_responseEncoder = &$encoder;
|
|
$this->_responseFormat = $responseFormat;
|
|
}
|
|
|
|
/**
|
|
* Runs the web service call (handler and response encoder should have been
|
|
* created)
|
|
*/
|
|
function run()
|
|
{
|
|
if ( is_null($this->_responseEncoder) )
|
|
{
|
|
set_status_header(400);
|
|
@header("Content-Type: text/plain");
|
|
echo ("Cannot process your request. Unknown response format.
|
|
Request format: ".@$this->_requestFormat." Response format: ".@$this->_responseFormat."\n");
|
|
var_export($this);
|
|
die(0);
|
|
}
|
|
|
|
if ( is_null($this->_requestHandler) )
|
|
{
|
|
$this->sendResponse( new PwgError(400, 'Unknown request format') );
|
|
return;
|
|
}
|
|
|
|
// add reflection methods
|
|
$this->addMethod(
|
|
'reflection.getMethodList',
|
|
array('PwgServer', 'ws_getMethodList')
|
|
);
|
|
$this->addMethod(
|
|
'reflection.getMethodDetails',
|
|
array('PwgServer', 'ws_getMethodDetails'),
|
|
array('methodName')
|
|
);
|
|
|
|
trigger_notify('ws_add_methods', array(&$this) );
|
|
uksort( $this->_methods, 'strnatcmp' );
|
|
$this->_requestHandler->handleRequest($this);
|
|
}
|
|
|
|
/**
|
|
* Encodes a response and sends it back to the browser.
|
|
*/
|
|
function sendResponse($response)
|
|
{
|
|
$encodedResponse = $this->_responseEncoder->encodeResponse($response);
|
|
$contentType = $this->_responseEncoder->getContentType();
|
|
|
|
@header('Content-Type: '.$contentType.'; charset='.get_pwg_charset());
|
|
print_r($encodedResponse);
|
|
trigger_notify('sendResponse', $encodedResponse );
|
|
}
|
|
|
|
/**
|
|
* Registers a web service method.
|
|
* @param methodName string - the name of the method as seen externally
|
|
* @param callback mixed - php method to be invoked internally
|
|
* @param params array - map of allowed parameter names with options
|
|
* @option mixed default (optional)
|
|
* @option int flags (optional)
|
|
* possible values: WS_PARAM_ALLOW_ARRAY, WS_PARAM_FORCE_ARRAY, WS_PARAM_OPTIONAL
|
|
* @option int type (optional)
|
|
* possible values: WS_TYPE_BOOL, WS_TYPE_INT, WS_TYPE_FLOAT, WS_TYPE_ID
|
|
* WS_TYPE_POSITIVE, WS_TYPE_NOTNULL
|
|
* @option int|float maxValue (optional)
|
|
* @param description string - a description of the method.
|
|
* @param include_file string - a file to be included befaore the callback is executed
|
|
* @param options array
|
|
* @option bool hidden (optional) - if true, this method won't be visible by reflection.getMethodList
|
|
* @option bool admin_only (optional)
|
|
* @option bool post_only (optional)
|
|
*/
|
|
function addMethod($methodName, $callback, $params=array(), $description='', $include_file='', $options=array())
|
|
{
|
|
if (!is_array($params))
|
|
{
|
|
$params = array();
|
|
}
|
|
|
|
if ( range(0, count($params) - 1) === array_keys($params) )
|
|
{
|
|
$params = array_flip($params);
|
|
}
|
|
|
|
foreach( $params as $param=>$data)
|
|
{
|
|
if ( !is_array($data) )
|
|
{
|
|
$params[$param] = array('flags'=>0,'type'=>0);
|
|
}
|
|
else
|
|
{
|
|
if ( !isset($data['flags']) )
|
|
{
|
|
$data['flags'] = 0;
|
|
}
|
|
if ( array_key_exists('default', $data) )
|
|
{
|
|
$data['flags'] |= WS_PARAM_OPTIONAL;
|
|
}
|
|
if ( !isset($data['type']) )
|
|
{
|
|
$data['type'] = 0;
|
|
}
|
|
$params[$param] = $data;
|
|
}
|
|
}
|
|
|
|
$this->_methods[$methodName] = array(
|
|
'callback' => $callback,
|
|
'description' => $description,
|
|
'signature' => $params,
|
|
'include' => $include_file,
|
|
'options' => $options,
|
|
);
|
|
}
|
|
|
|
function hasMethod($methodName)
|
|
{
|
|
return isset($this->_methods[$methodName]);
|
|
}
|
|
|
|
function getMethodDescription($methodName)
|
|
{
|
|
$desc = @$this->_methods[$methodName]['description'];
|
|
return isset($desc) ? $desc : '';
|
|
}
|
|
|
|
function getMethodSignature($methodName)
|
|
{
|
|
$signature = @$this->_methods[$methodName]['signature'];
|
|
return isset($signature) ? $signature : array();
|
|
}
|
|
|
|
/**
|
|
* @since 2.6
|
|
*/
|
|
function getMethodOptions($methodName)
|
|
{
|
|
$options = @$this->_methods[$methodName]['options'];
|
|
return isset($options) ? $options : array();
|
|
}
|
|
|
|
static function isPost()
|
|
{
|
|
return isset($HTTP_RAW_POST_DATA) or !empty($_POST);
|
|
}
|
|
|
|
static function makeArrayParam(&$param)
|
|
{
|
|
if ( $param==null )
|
|
{
|
|
$param = array();
|
|
}
|
|
else
|
|
{
|
|
if ( !is_array($param) )
|
|
{
|
|
$param = array($param);
|
|
}
|
|
}
|
|
}
|
|
|
|
static function checkType(&$param, $type, $name)
|
|
{
|
|
$opts = array();
|
|
$msg = '';
|
|
if ( self::hasFlag($type, WS_TYPE_POSITIVE | WS_TYPE_NOTNULL) )
|
|
{
|
|
$opts['options']['min_range'] = 1;
|
|
$msg = ' positive and not null';
|
|
}
|
|
else if ( self::hasFlag($type, WS_TYPE_POSITIVE) )
|
|
{
|
|
$opts['options']['min_range'] = 0;
|
|
$msg = ' positive';
|
|
}
|
|
|
|
if ( is_array($param) )
|
|
{
|
|
if ( self::hasFlag($type, WS_TYPE_BOOL) )
|
|
{
|
|
foreach ($param as &$value)
|
|
{
|
|
if ( ($value = filter_var($value, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE)) === null )
|
|
{
|
|
return new PwgError(WS_ERR_INVALID_PARAM, $name.' must only contain booleans' );
|
|
}
|
|
}
|
|
unset($value);
|
|
}
|
|
else if ( self::hasFlag($type, WS_TYPE_INT) )
|
|
{
|
|
foreach ($param as &$value)
|
|
{
|
|
if ( ($value = filter_var($value, FILTER_VALIDATE_INT, $opts)) === false )
|
|
{
|
|
return new PwgError(WS_ERR_INVALID_PARAM, $name.' must only contain'.$msg.' integers' );
|
|
}
|
|
}
|
|
unset($value);
|
|
}
|
|
else if ( self::hasFlag($type, WS_TYPE_FLOAT) )
|
|
{
|
|
foreach ($param as &$value)
|
|
{
|
|
if (
|
|
($value = filter_var($value, FILTER_VALIDATE_FLOAT)) === false
|
|
or ( isset($opts['options']['min_range']) and $value < $opts['options']['min_range'] )
|
|
) {
|
|
return new PwgError(WS_ERR_INVALID_PARAM, $name.' must only contain'.$msg.' floats' );
|
|
}
|
|
}
|
|
unset($value);
|
|
}
|
|
}
|
|
else if ( $param !== '' )
|
|
{
|
|
if ( self::hasFlag($type, WS_TYPE_BOOL) )
|
|
{
|
|
if ( ($param = filter_var($param, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE)) === null )
|
|
{
|
|
return new PwgError(WS_ERR_INVALID_PARAM, $name.' must be a boolean' );
|
|
}
|
|
}
|
|
else if ( self::hasFlag($type, WS_TYPE_INT) )
|
|
{
|
|
if ( ($param = filter_var($param, FILTER_VALIDATE_INT, $opts)) === false )
|
|
{
|
|
return new PwgError(WS_ERR_INVALID_PARAM, $name.' must be an'.$msg.' integer' );
|
|
}
|
|
}
|
|
else if ( self::hasFlag($type, WS_TYPE_FLOAT) )
|
|
{
|
|
if (
|
|
($param = filter_var($param, FILTER_VALIDATE_FLOAT)) === false
|
|
or ( isset($opts['options']['min_range']) and $param < $opts['options']['min_range'] )
|
|
) {
|
|
return new PwgError(WS_ERR_INVALID_PARAM, $name.' must be a'.$msg.' float' );
|
|
}
|
|
}
|
|
}
|
|
|
|
return null;
|
|
}
|
|
|
|
static function hasFlag($val, $flag)
|
|
{
|
|
return ($val & $flag) == $flag;
|
|
}
|
|
|
|
/**
|
|
* Invokes a registered method. Returns the return of the method (or
|
|
* a PwgError object if the method is not found)
|
|
* @param methodName string the name of the method to invoke
|
|
* @param params array array of parameters to pass to the invoked method
|
|
*/
|
|
function invoke($methodName, $params)
|
|
{
|
|
$method = @$this->_methods[$methodName];
|
|
|
|
if ( $method == null )
|
|
{
|
|
return new PwgError(WS_ERR_INVALID_METHOD, 'Method name is not valid');
|
|
}
|
|
|
|
if ( isset($method['options']['post_only']) and $method['options']['post_only'] and !self::isPost() )
|
|
{
|
|
return new PwgError(405, 'This method requires HTTP POST');
|
|
}
|
|
|
|
if ( isset($method['options']['admin_only']) and $method['options']['admin_only'] and !is_admin() )
|
|
{
|
|
return new PwgError(401, 'Access denied');
|
|
}
|
|
|
|
// parameter check and data correction
|
|
$signature = $method['signature'];
|
|
$missing_params = array();
|
|
|
|
foreach ($signature as $name => $options)
|
|
{
|
|
$flags = $options['flags'];
|
|
|
|
// parameter not provided in the request
|
|
if ( !array_key_exists($name, $params) )
|
|
{
|
|
if ( !self::hasFlag($flags, WS_PARAM_OPTIONAL) )
|
|
{
|
|
$missing_params[] = $name;
|
|
}
|
|
else if ( array_key_exists('default', $options) )
|
|
{
|
|
$params[$name] = $options['default'];
|
|
if ( self::hasFlag($flags, WS_PARAM_FORCE_ARRAY) )
|
|
{
|
|
self::makeArrayParam($params[$name]);
|
|
}
|
|
}
|
|
}
|
|
// parameter provided but empty
|
|
else if ( $params[$name]==='' and !self::hasFlag($flags, WS_PARAM_OPTIONAL) )
|
|
{
|
|
$missing_params[] = $name;
|
|
}
|
|
// parameter provided - do some basic checks
|
|
else
|
|
{
|
|
$the_param = $params[$name];
|
|
|
|
if ( is_array($the_param) and !self::hasFlag($flags, WS_PARAM_ACCEPT_ARRAY) )
|
|
{
|
|
return new PwgError(WS_ERR_INVALID_PARAM, $name.' must be scalar' );
|
|
}
|
|
|
|
if ( self::hasFlag($flags, WS_PARAM_FORCE_ARRAY) )
|
|
{
|
|
self::makeArrayParam($the_param);
|
|
}
|
|
|
|
if ( $options['type'] > 0 )
|
|
{
|
|
if ( ($ret = self::checkType($the_param, $options['type'], $name)) !== null )
|
|
{
|
|
return $ret;
|
|
}
|
|
}
|
|
|
|
if ( isset($options['maxValue']) and $the_param>$options['maxValue'])
|
|
{
|
|
$the_param = $options['maxValue'];
|
|
}
|
|
|
|
$params[$name] = $the_param;
|
|
}
|
|
}
|
|
|
|
if (count($missing_params))
|
|
{
|
|
return new PwgError(WS_ERR_MISSING_PARAM, 'Missing parameters: '.implode(',',$missing_params));
|
|
}
|
|
|
|
$result = trigger_change('ws_invoke_allowed', true, $methodName, $params);
|
|
if ( strtolower( @get_class($result) )!='pwgerror')
|
|
{
|
|
if ( !empty($method['include']) )
|
|
{
|
|
include_once( $method['include'] );
|
|
}
|
|
$result = call_user_func_array($method['callback'], array($params, &$this) );
|
|
}
|
|
|
|
return $result;
|
|
}
|
|
|
|
/**
|
|
* WS reflection method implementation: lists all available methods
|
|
*/
|
|
static function ws_getMethodList($params, &$service)
|
|
{
|
|
$methods = array_filter($service->_methods,
|
|
create_function('$m', 'return empty($m["options"]["hidden"]) || !$m["options"]["hidden"];'));
|
|
return array('methods' => new PwgNamedArray( array_keys($methods),'method' ) );
|
|
}
|
|
|
|
/**
|
|
* WS reflection method implementation: gets information about a given method
|
|
*/
|
|
static function ws_getMethodDetails($params, &$service)
|
|
{
|
|
$methodName = $params['methodName'];
|
|
|
|
if (!$service->hasMethod($methodName))
|
|
{
|
|
return new PwgError(WS_ERR_INVALID_PARAM, 'Requested method does not exist');
|
|
}
|
|
|
|
$res = array(
|
|
'name' => $methodName,
|
|
'description' => $service->getMethodDescription($methodName),
|
|
'params' => array(),
|
|
'options' => $service->getMethodOptions($methodName),
|
|
);
|
|
|
|
foreach ($service->getMethodSignature($methodName) as $name => $options)
|
|
{
|
|
$param_data = array(
|
|
'name' => $name,
|
|
'optional' => self::hasFlag($options['flags'], WS_PARAM_OPTIONAL),
|
|
'acceptArray' => self::hasFlag($options['flags'], WS_PARAM_ACCEPT_ARRAY),
|
|
'type' => 'mixed',
|
|
);
|
|
|
|
if (isset($options['default']))
|
|
{
|
|
$param_data['defaultValue'] = $options['default'];
|
|
}
|
|
if (isset($options['maxValue']))
|
|
{
|
|
$param_data['maxValue'] = $options['maxValue'];
|
|
}
|
|
if (isset($options['info']))
|
|
{
|
|
$param_data['info'] = $options['info'];
|
|
}
|
|
|
|
if ( self::hasFlag($options['type'], WS_TYPE_BOOL) )
|
|
{
|
|
$param_data['type'] = 'bool';
|
|
}
|
|
else if ( self::hasFlag($options['type'], WS_TYPE_INT) )
|
|
{
|
|
$param_data['type'] = 'int';
|
|
}
|
|
else if ( self::hasFlag($options['type'], WS_TYPE_FLOAT) )
|
|
{
|
|
$param_data['type'] = 'float';
|
|
}
|
|
if ( self::hasFlag($options['type'], WS_TYPE_POSITIVE) )
|
|
{
|
|
$param_data['type'].= ' positive';
|
|
}
|
|
if ( self::hasFlag($options['type'], WS_TYPE_NOTNULL) )
|
|
{
|
|
$param_data['type'].= ' notnull';
|
|
}
|
|
|
|
$res['params'][] = $param_data;
|
|
}
|
|
return $res;
|
|
}
|
|
}
|
|
?>
|