1 | <?php |
||
2 | /** |
||
3 | * @author Gaetano Giunta |
||
4 | * @copyright (C) 2005-2021 G. Giunta |
||
5 | * @license code licensed under the BSD License: see file license.txt |
||
6 | * |
||
7 | * Parses GET/POST variables |
||
8 | * |
||
9 | * @todo switch params for http compression from 0,1,2 to values to be used directly |
||
10 | * @todo do some more sanitization of received parameters |
||
11 | * @todo move parameters away from global namespace |
||
12 | */ |
||
13 | |||
14 | // handle class autoloading: |
||
15 | if (file_exists(__DIR__.'/../vendor/autoload.php')) { |
||
16 | // if the debugger is installed as top-level project with Composer, allow finding classes from dependencies |
||
17 | include_once(__DIR__.'/../vendor/autoload.php'); |
||
18 | } else { |
||
19 | // assume this is either a standalone install, or installed as Composer dependency |
||
20 | /// @todo if the latter is true, should we just not skip using the custom Autoloader, and let a top-level |
||
21 | /// debugger include this one, taking care of autoloading ? |
||
22 | include_once __DIR__ . "/../src/Autoloader.php"; |
||
23 | PhpXmlRpc\Autoloader::register(); |
||
24 | } |
||
25 | |||
26 | // work around register globals - @see https://www.php.net/manual/en/faq.misc.php#faq.misc.registerglobals |
||
27 | if (ini_get('register_globals')) { |
||
28 | function unregister_globals() |
||
29 | { |
||
30 | // Might want to change this perhaps to a nicer error |
||
31 | if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS'])) { |
||
32 | die('GLOBALS overwrite attempt detected'); |
||
33 | } |
||
34 | |||
35 | // Variables that shouldn't be unset |
||
36 | $noUnset = array('GLOBALS', '_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES'); |
||
37 | |||
38 | $input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES, |
||
39 | isset($_SESSION) && is_array($_SESSION) ? $_SESSION : array() |
||
40 | ); |
||
41 | |||
42 | foreach ($input as $k => $v) { |
||
43 | if (!in_array($k, $noUnset) && isset($GLOBALS[$k])) { |
||
44 | unset($GLOBALS[$k]); |
||
45 | } |
||
46 | } |
||
47 | } |
||
48 | unregister_globals(); |
||
49 | } |
||
50 | |||
51 | // work around magic quotes |
||
52 | if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) { |
||
53 | function stripslashes_deep($value) |
||
54 | { |
||
55 | $value = is_array($value) ? |
||
56 | array_map('stripslashes_deep', $value) : |
||
57 | stripslashes($value); |
||
58 | |||
59 | return $value; |
||
60 | } |
||
61 | |||
62 | $_GET = array_map('stripslashes_deep', $_GET); |
||
63 | } |
||
64 | |||
65 | $preferredEncodings = 'UTF-8, ASCII, ISO-8859-1, UTF-7, EUC-JP, SJIS, eucJP-win, SJIS-win, JIS, ISO-2022-JP'; |
||
66 | $inputcharset = mb_detect_encoding(urldecode($_SERVER['REQUEST_URI']), $preferredEncodings); |
||
67 | if (isset($_GET['usepost']) && $_GET['usepost'] === 'true') { |
||
68 | $_GET = $_POST; |
||
69 | $inputcharset = mb_detect_encoding(implode('', $_GET), $preferredEncodings); |
||
70 | } |
||
71 | |||
72 | /// @todo if $inputcharset is not UTF8, we should probably re-encode $_GET to make it UTF-8 |
||
73 | |||
74 | // recover input parameters |
||
75 | /// @todo instead of using globals, move them to an array. Also: use a class for this parsing... |
||
76 | $debug = false; |
||
77 | $protocol = 0; |
||
78 | $run = false; |
||
79 | $wstype = defined('DEFAULT_WSTYPE') ? DEFAULT_WSTYPE : 0; |
||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||
80 | $id = ''; |
||
81 | if (isset($_GET['action'])) { |
||
82 | if (isset($_GET['wstype']) && $_GET['wstype'] == '1') { |
||
83 | $wstype = 1; |
||
84 | if (isset($_GET['id'])) { |
||
85 | $id = $_GET['id']; |
||
86 | } |
||
87 | } |
||
88 | $host = isset($_GET['host']) ? $_GET['host'] : 'localhost'; // using '' will trigger an xmlrpc error... |
||
89 | if (isset($_GET['protocol']) && ($_GET['protocol'] == '1' || $_GET['protocol'] == '2' || $_GET['protocol'] == '3' |
||
90 | || $_GET['protocol'] == '4')) { |
||
91 | $protocol = $_GET['protocol']; |
||
92 | } |
||
93 | if (strpos($host, 'http://') === 0) { |
||
94 | // NB: if protocol is https or h2, it will override http:// |
||
95 | $host = substr($host, 7); |
||
96 | } elseif (strpos($host, 'https://') === 0) { |
||
97 | $host = substr($host, 8); |
||
98 | // NB: otoh if protocol is http1.0 or http1.1, it will be overridden by https:// |
||
99 | if ($protocol == 0 || $protocol = 1) { |
||
100 | $protocol = 2; |
||
101 | } |
||
102 | } |
||
103 | $port = isset($_GET['port']) ? $_GET['port'] : ''; |
||
104 | $path = isset($_GET['path']) ? $_GET['path'] : ''; |
||
105 | // in case user forgot initial '/' in xmlrpc server path, add it back |
||
106 | if ($path && ($path[0]) != '/') { |
||
107 | $path = '/' . $path; |
||
108 | } |
||
109 | |||
110 | if (isset($_GET['debug']) && ($_GET['debug'] == '1' || $_GET['debug'] == '2')) { |
||
111 | $debug = $_GET['debug']; |
||
112 | } |
||
113 | |||
114 | $verifyhost = (isset($_GET['verifyhost']) && ($_GET['verifyhost'] == '1' || $_GET['verifyhost'] == '2')) ? $_GET['verifyhost'] : 0; |
||
115 | if (isset($_GET['verifypeer']) && $_GET['verifypeer'] == '1') { |
||
116 | $verifypeer = true; |
||
117 | } else { |
||
118 | $verifypeer = false; |
||
119 | } |
||
120 | $cainfo = isset($_GET['cainfo']) ? $_GET['cainfo'] : ''; |
||
121 | $proxy = isset($_GET['proxy']) ? $_GET['proxy'] : 0; |
||
122 | if (strpos($proxy, 'http://') === 0) { |
||
123 | $proxy = substr($proxy, 7); |
||
124 | } |
||
125 | $proxyuser = isset($_GET['proxyuser']) ? $_GET['proxyuser'] : ''; |
||
126 | $proxypwd = isset($_GET['proxypwd']) ? $_GET['proxypwd'] : ''; |
||
127 | $timeout = isset($_GET['timeout']) ? $_GET['timeout'] : 0; |
||
128 | if (!is_numeric($timeout)) { |
||
129 | $timeout = 0; |
||
130 | } |
||
131 | $action = $_GET['action']; |
||
132 | |||
133 | $method = isset($_GET['method']) ? $_GET['method'] : ''; |
||
134 | $methodsig = isset($_GET['methodsig']) ? $_GET['methodsig'] : 0; |
||
135 | $payload = isset($_GET['methodpayload']) ? $_GET['methodpayload'] : ''; |
||
136 | $alt_payload = isset($_GET['altmethodpayload']) ? $_GET['altmethodpayload'] : ''; |
||
137 | |||
138 | if (isset($_GET['run']) && $_GET['run'] == 'now') { |
||
139 | $run = true; |
||
140 | } |
||
141 | |||
142 | $username = isset($_GET['username']) ? $_GET['username'] : ''; |
||
143 | $password = isset($_GET['password']) ? $_GET['password'] : ''; |
||
144 | |||
145 | $authtype = (isset($_GET['authtype']) && ($_GET['authtype'] == '2' || $_GET['authtype'] == '8')) ? $_GET['authtype'] : 1; |
||
146 | |||
147 | if (isset($_GET['requestcompression']) && ($_GET['requestcompression'] == '1' || $_GET['requestcompression'] == '2')) { |
||
148 | $requestcompression = $_GET['requestcompression']; |
||
149 | } else { |
||
150 | $requestcompression = 0; |
||
151 | } |
||
152 | if (isset($_GET['responsecompression']) && ($_GET['responsecompression'] == '1' || $_GET['responsecompression'] == '2' || $_GET['responsecompression'] == '3')) { |
||
153 | $responsecompression = $_GET['responsecompression']; |
||
154 | } else { |
||
155 | $responsecompression = 0; |
||
156 | } |
||
157 | |||
158 | $clientcookies = isset($_GET['clientcookies']) ? $_GET['clientcookies'] : ''; |
||
159 | } else { |
||
160 | $host = ''; |
||
161 | $port = ''; |
||
162 | $path = ''; |
||
163 | $action = ''; |
||
164 | $method = ''; |
||
165 | $methodsig = 0; |
||
166 | $payload = ''; |
||
167 | $alt_payload = ''; |
||
168 | $username = ''; |
||
169 | $password = ''; |
||
170 | $authtype = 1; |
||
171 | $verifyhost = 0; |
||
172 | $verifypeer = false; |
||
173 | $cainfo = ''; |
||
174 | $proxy = ''; |
||
175 | $proxyuser = ''; |
||
176 | $proxypwd = ''; |
||
177 | $timeout = 0; |
||
178 | $requestcompression = 0; |
||
179 | $responsecompression = 0; |
||
180 | $clientcookies = ''; |
||
181 | } |
||
182 | |||
183 | // check input for known XMLRPC attacks against this or other libs |
||
184 | function payload_is_safe($input) |
||
185 | { |
||
186 | return true; |
||
187 | } |
||
188 |