forward_request() - Code Metrics - gggeek/phpxmlrpc - Measure and Improve Code Quality continuously with Scrutinizer

forward_request() C
last analyzed 2025-06-13 00:01 UTC

↳ Parent: Project

Complexity

Conditions	17
Paths	4

Size

Total Lines	75
Code Lines	44

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	3
CRAP Score	219.9815

Importance

Changes	2
Bugs	0	Features	1

Metric	Value
cc	17
eloc	44
c	2
b	0
f	1
nc	4
nop	1
dl	0
loc	75
ccs	3
cts	27
cp	0.1111
crap	219.9815
rs	5.2166

How to fix Long Method Complexity

<?php
/**
 * XML-RPC server acting as proxy for requests to other servers
 * (useful e.g. for js-originated calls that can only connect back to the originating server because of the same-domain policy).
 * NB: this is an OPEN RELAY. It is meant as a demo, not to be used in production!
 *
 * For an example of a transparent reverse-proxy, see the ReverseProxy class in package phpxmlrpc/extras.
 *
 * The source code demonstrates:
 * - usage of the PhpXmlRpc\Encoder class to convert between php values and xml-rpc Value objects
 * - setting of options related to the http transport to a Client
 * - usage of multiple signatures for one xml-rpc method
 *
 * @author Gaetano Giunta
 * @copyright (C) 2006-2025 G. Giunta
 * @license code licensed under the BSD License: see file license.txt
 */

require_once __DIR__ . "/_prepend.php";

// *** NB: WE BLOCK THIS FROM RUNNING BY DEFAULT IN CASE ACCESS IS GRANTED TO IT IN PRODUCTION BY MISTAKE ***
// Comment out the following safeguard if you want to use it as is, but remember: this is an open relay !!!
// Open relays can easily be abused as trojan horses, allowing access to your private network.
if (!defined('TESTMODE')) {
    die("Server disabled by default for safety");
}

use PhpXmlRpc\Client;
use PhpXmlRpc\Encoder;
use PhpXmlRpc\Request;
use PhpXmlRpc\Server;

/**
 * Forward an xml-rpc request to another server, and return to client the response received.
 *
 * @param PhpXmlRpc\Request $req (see method docs below for a description of the expected parameters)
 * @return PhpXmlRpc\Response
 */
function forward_request($req)
{
    $encoder = new Encoder();

    // create client
    $timeout = 0;
    $url = $req->getParam(0)->scalarVal();
    // *** NB *** here we should validate the received url, using f.e. a whitelist of approved servers _and protocols_...
    //            fe. any url using the 'file://' protocol might be considered a hacking attempt
    $client = new Client($url);

    if ($req->getNumParams() > 3) {
        // We have to set some options onto the client.
        // Note that if we do not untaint the received values, warnings might be generated...
        $options = $encoder->decode($req->getParam(3));
        foreach ($options as $key => $val) {
            switch ($key) {
                case 'authType':
                    /// @todo add support for this if needed
                    break;
                case 'followRedirects':
                    // requires cURL to be enabled
                    if ($val) {
                        $client->setOption(Client::OPT_USE_CURL, Client::USE_CURL_ALWAYS);
                        $client->setOption(Client::OPT_EXTRA_CURL_OPTS, array(CURLOPT_FOLLOWLOCATION => true, CURLOPT_POSTREDIR => 3));
                    }
                case 'Cookies':
                    /// @todo add support for this if needed
                    break;
                case 'Credentials':
                    /// @todo add support for this as well if needed
                    break;
                case 'HTTPProxy':
                case 'HTTPProxyCredentials':
                    /// @todo add support for this as well if needed
                    break;
                case 'RequestCharsetEncoding':
                    // allow the server to work as charset transcoder.
                    // NB: works best with mbstring enabled
                    $client->setOption(Client::OPT_REQUEST_CHARSET_ENCODING, $val);
                    break;
                case 'RequestCompression':
                    $client->setOption(Client::OPT_REQUEST_COMPRESSION, $val);
                    break;
                case 'SSLVerifyHost':
                    $client->setOption(Client::OPT_VERIFY_HOST, $val);
                    break;
                case 'SSLVerifyPeer':
                    $client->setOption(Client::OPT_VERIFY_PEER, $val);
                    break;
                case 'Timeout':
                    $timeout = (integer)$val;
                    break;
            } // switch
        }
    }

    // build call for remote server
    /// @todo find a way to forward client info (such as IP) to the upstream server, either
    ///       - as xml comments in the payload, or
    ///       - using std http header conventions, such as X-forwarded-for (but public servers should strip
    ///         X-forwarded-for anyway, unless they consider this server as trusted...)
    $reqMethod = $req->getParam(1)->scalarVal();
    $req = new Request($reqMethod);
    if ($req->getNumParams() > 1) {
        $pars = $req->getParam(2);
        foreach ($pars as $par) {
            $req->addParam($par);
        }
    }

    // add debug info into response we give back to caller
    Server::xmlrpc_debugmsg("Sending to server $url the payload: " . $req->serialize());

    return $client->send($req, $timeout);
}

// Given that the target server is left to be picked by the caller, it might support the '<NIL/>' xml-rpc extension
PhpXmlRpc\PhpXmlRpc::$xmlrpc_null_extension = true;

// Run the server
// NB: take care not to output anything else after this call, as it will mess up the responses and it will be hard to
// debug. In case you have to do so, at least re-emit a correct Content-Length http header (requires output buffering)
$server = new Server(
    array(
        'xmlrpcproxy.call' => array(
            'function' => 'forward_request',
            'signature' => array(
                array('mixed', 'string', 'string'),
                array('mixed', 'string', 'string', 'array'),
                array('mixed', 'string', 'string', 'array', 'struct'),
            ),
            'docstring' => 'forwards xml-rpc calls to remote servers. Returns remote method\'s response. Accepts params: remote server url (might include basic auth credentials), method name, array of params (optional), and a struct containing call options (optional)',
        ),
    )
);


1		<?php
2		/**
3		* XML-RPC server acting as proxy for requests to other servers
4		* (useful e.g. for js-originated calls that can only connect back to the originating server because of the same-domain policy).
5		* NB: this is an OPEN RELAY. It is meant as a demo, not to be used in production!
6		*
7		* For an example of a transparent reverse-proxy, see the ReverseProxy class in package phpxmlrpc/extras.
8		*
9		* The source code demonstrates:
10		* - usage of the PhpXmlRpc\Encoder class to convert between php values and xml-rpc Value objects
11		* - setting of options related to the http transport to a Client
12		* - usage of multiple signatures for one xml-rpc method
13		*
14		* @author Gaetano Giunta
15		* @copyright (C) 2006-2025 G. Giunta
16		* @license code licensed under the BSD License: see file license.txt
17		*/
18
19		require_once __DIR__ . "/_prepend.php";
20
21		// * NB: WE BLOCK THIS FROM RUNNING BY DEFAULT IN CASE ACCESS IS GRANTED TO IT IN PRODUCTION BY MISTAKE *
22		// Comment out the following safeguard if you want to use it as is, but remember: this is an open relay !!!
23		// Open relays can easily be abused as trojan horses, allowing access to your private network.
24		if (!defined('TESTMODE')) {
25		die("Server disabled by default for safety");
26		}
27
28		use PhpXmlRpc\Client;
29		use PhpXmlRpc\Encoder;
30		use PhpXmlRpc\Request;
31		use PhpXmlRpc\Server;
32
33		/**
34		* Forward an xml-rpc request to another server, and return to client the response received.
35		*
36		* @param PhpXmlRpc\Request $req (see method docs below for a description of the expected parameters)
37		* @return PhpXmlRpc\Response
38		*/
39		function forward_request($req)
40		{
41		$encoder = new Encoder();
42
43		// create client
44		$timeout = 0;
45		$url = $req->getParam(0)->scalarVal();
46		// * NB * here we should validate the received url, using f.e. a whitelist of approved servers _and protocols_...
47		// fe. any url using the 'file://' protocol might be considered a hacking attempt
48		$client = new Client($url);
49
50		if ($req->getNumParams() > 3) {
51		// We have to set some options onto the client.
52		// Note that if we do not untaint the received values, warnings might be generated...
53		$options = $encoder->decode($req->getParam(3));
54		foreach ($options as $key => $val) {
55		switch ($key) {
56		case 'authType':
57		/// @todo add support for this if needed
58		break;
59		case 'followRedirects':
60		// requires cURL to be enabled
61		if ($val) {
62		$client->setOption(Client::OPT_USE_CURL, Client::USE_CURL_ALWAYS);
63		$client->setOption(Client::OPT_EXTRA_CURL_OPTS, array(CURLOPT_FOLLOWLOCATION => true, CURLOPT_POSTREDIR => 3));
64		}
65		case 'Cookies':
66		/// @todo add support for this if needed
67		break;
68		case 'Credentials':
69		/// @todo add support for this as well if needed
70		break;
71		case 'HTTPProxy':
72		case 'HTTPProxyCredentials':
73		/// @todo add support for this as well if needed
74		break;
75		case 'RequestCharsetEncoding':
76		// allow the server to work as charset transcoder.
77		// NB: works best with mbstring enabled
78		$client->setOption(Client::OPT_REQUEST_CHARSET_ENCODING, $val);
79		break;
80	1	case 'RequestCompression':
81		$client->setOption(Client::OPT_REQUEST_COMPRESSION, $val);
82		break;
83	1	case 'SSLVerifyHost':
84		$client->setOption(Client::OPT_VERIFY_HOST, $val);
85		break;
86		case 'SSLVerifyPeer':
87		$client->setOption(Client::OPT_VERIFY_PEER, $val);
88		break;
89		case 'Timeout':
90		$timeout = (integer)$val;
91		break;
92		} // switch
93	1	}
94		}
95
96		// build call for remote server
97		/// @todo find a way to forward client info (such as IP) to the upstream server, either
98		/// - as xml comments in the payload, or
99		/// - using std http header conventions, such as X-forwarded-for (but public servers should strip
100		/// X-forwarded-for anyway, unless they consider this server as trusted...)
101		$reqMethod = $req->getParam(1)->scalarVal();
102		$req = new Request($reqMethod);
103		if ($req->getNumParams() > 1) {
104		$pars = $req->getParam(2);
105		foreach ($pars as $par) {
106		$req->addParam($par);
107		}
108		}
109
110		// add debug info into response we give back to caller
111		Server::xmlrpc_debugmsg("Sending to server $url the payload: " . $req->serialize());
112
113		return $client->send($req, $timeout);
114		}
115
116		// Given that the target server is left to be picked by the caller, it might support the '<NIL/>' xml-rpc extension
117		PhpXmlRpc\PhpXmlRpc::$xmlrpc_null_extension = true;
118
119		// Run the server
120		// NB: take care not to output anything else after this call, as it will mess up the responses and it will be hard to
121		// debug. In case you have to do so, at least re-emit a correct Content-Length http header (requires output buffering)
122		$server = new Server(
123		array(
124		'xmlrpcproxy.call' => array(
125		'function' => 'forward_request',
126		'signature' => array(
127		array('mixed', 'string', 'string'),
128		array('mixed', 'string', 'string', 'array'),
129		array('mixed', 'string', 'string', 'array', 'struct'),
130		),
131		'docstring' => 'forwards xml-rpc calls to remote servers. Returns remote method\'s response. Accepts params: remote server url (might include basic auth credentials), method name, array of params (optional), and a struct containing call options (optional)',
132		),
133		)
134		);
135

gggeek / phpxmlrpc

forward_request() C last analyzed 2025-06-13 00:01 UTC

Complexity

Size

Duplication

Code Coverage

Importance

How to fix Long Method Complexity

Long Method

Duplication Side-by-Side

Filter issues like

forward_request() C
last analyzed 2025-06-13 00:01 UTC