function xmlrpc_server_multicall in Drupal 6
Same name and namespace in other branches
- 4 includes/xmlrpcs.inc \xmlrpc_server_multicall()
- 5 includes/xmlrpcs.inc \xmlrpc_server_multicall()
- 7 includes/xmlrpcs.inc \xmlrpc_server_multicall()
1 string reference to 'xmlrpc_server_multicall'
- xmlrpc_server in includes/
xmlrpcs.inc - The main entry point for XML-RPC requests.
File
- includes/
xmlrpcs.inc, line 214
Code
function xmlrpc_server_multicall($methodcalls) {
// See http://www.xmlrpc.com/discuss/msgReader$1208
// To avoid multicall expansion attacks, limit the number of duplicate method
// calls allowed with a default of 1. Set to -1 for unlimited.
$duplicate_method_limit = variable_get('xmlrpc_multicall_duplicate_method_limit', 1);
$method_count = array();
$return = array();
$xmlrpc_server = xmlrpc_server_get();
foreach ($methodcalls as $call) {
$ok = TRUE;
if (!isset($call['methodName']) || !isset($call['params'])) {
$result = xmlrpc_error(3, t('Invalid syntax for system.multicall.'));
$ok = FALSE;
}
$method = $call['methodName'];
$method_count[$method] = isset($method_count[$method]) ? $method_count[$method] + 1 : 1;
$params = $call['params'];
if ($method == 'system.multicall') {
$result = xmlrpc_error(-32600, t('Recursive calls to system.multicall are forbidden.'));
}
elseif ($duplicate_method_limit > 0 && $method_count[$method] > $duplicate_method_limit) {
$result = xmlrpc_error(-156579, t('Too many duplicate method calls in system.multicall.'));
}
elseif ($ok) {
$result = xmlrpc_server_call($xmlrpc_server, $method, $params);
}
if (is_object($result) && !empty($result->is_error)) {
$return[] = array(
'faultCode' => $result->code,
'faultString' => $result->message,
);
}
else {
$return[] = $result;
}
}
return $return;
}