function xmlrpc_message_parse in Drupal 7
Same name and namespace in other branches
- 4 includes/xmlrpc.inc \xmlrpc_message_parse()
- 5 includes/xmlrpc.inc \xmlrpc_message_parse()
- 6 includes/xmlrpc.inc \xmlrpc_message_parse()
Parses an XML-RPC message.
If parsing fails, the faultCode and faultString will be added to the message object.
Parameters
$xmlrpc_message: An object generated by xmlrpc_message().
Return value
TRUE if parsing succeeded; FALSE otherwise.
3 calls to xmlrpc_message_parse()
- XMLRPCBasicTestCase::testInvalidMessageParsing in modules/
simpletest/ tests/ xmlrpc.test - Ensure that XML-RPC correctly handles invalid messages when parsing.
- xmlrpc_server in includes/
xmlrpcs.inc - Invokes XML-RPC methods on this server.
- _xmlrpc in includes/
xmlrpc.inc - Performs one or more XML-RPC requests.
File
- includes/
xmlrpc.inc, line 173 - Drupal XML-RPC library.
Code
function xmlrpc_message_parse($xmlrpc_message) {
$xmlrpc_message->_parser = xml_parser_create();
// Set XML parser to take the case of tags into account.
xml_parser_set_option($xmlrpc_message->_parser, XML_OPTION_CASE_FOLDING, FALSE);
// Set XML parser callback functions
xml_set_element_handler($xmlrpc_message->_parser, 'xmlrpc_message_tag_open', 'xmlrpc_message_tag_close');
xml_set_character_data_handler($xmlrpc_message->_parser, 'xmlrpc_message_cdata');
xmlrpc_message_set($xmlrpc_message);
// Strip XML declaration.
$header = preg_replace('/<\\?xml.*?\\?' . '>/s', '', substr($xmlrpc_message->message, 0, 100), 1);
$xml = trim(substr_replace($xmlrpc_message->message, $header, 0, 100));
if ($xml == '') {
return FALSE;
}
// Strip DTD.
$header = preg_replace('/^<!DOCTYPE[^>]*+>/i', '', substr($xml, 0, 200), 1);
$xml = trim(substr_replace($xml, $header, 0, 200));
if ($xml == '') {
return FALSE;
}
// Confirm the XML now starts with a valid root tag. A root tag can end in [> \t\r\n]
$root_tag = substr($xml, 0, strcspn(substr($xml, 0, 20), "> \t\r\n"));
// Reject a second DTD.
if (strtoupper($root_tag) == '<!DOCTYPE') {
return FALSE;
}
if (!in_array($root_tag, array(
'<methodCall',
'<methodResponse',
'<fault',
))) {
return FALSE;
}
// Skip parsing if there is an unreasonably large number of tags.
try {
$dom = new DOMDocument();
@$dom
->loadXML($xml);
if ($dom
->getElementsByTagName('*')->length > variable_get('xmlrpc_message_maximum_tag_count', 30000)) {
return FALSE;
}
} catch (Exception $e) {
return FALSE;
}
if (!xml_parse($xmlrpc_message->_parser, $xml)) {
return FALSE;
}
xml_parser_free($xmlrpc_message->_parser);
// Grab the error messages, if any.
$xmlrpc_message = xmlrpc_message_get();
if (!isset($xmlrpc_message->messagetype)) {
return FALSE;
}
elseif ($xmlrpc_message->messagetype == 'fault') {
$xmlrpc_message->fault_code = $xmlrpc_message->params[0]['faultCode'];
$xmlrpc_message->fault_string = $xmlrpc_message->params[0]['faultString'];
}
return TRUE;
}