documentation/moodle/mnet_2xmlrpc_2server_8php_source.html

00001 <?php
00011 // Make certain that config.php doesn't display any errors, and that it doesn't
00012 // override our do-not-display-errors setting:
00013 // disable moodle specific debug messages and any errors in output
00014 define('NO_DEBUG_DISPLAY', true);
00015 // cookies are not used, makes sure there is empty global $USER
00016 define('NO_MOODLE_COOKIES', true);
00017
00018 define('MNET_SERVER', true);
00019
00020 require_once(dirname(dirname(dirname(__FILE__))) . '/config.php');
00021
00022 $mnet = get_mnet_environment();
00023 // Include MNET stuff:
00024 require_once $CFG->dirroot.'/mnet/lib.php';
00025 require_once $CFG->dirroot.'/mnet/remote_client.php';
00026 require_once $CFG->dirroot.'/mnet/xmlrpc/serverlib.php';
00027
00028
00029 if ($CFG->mnet_dispatcher_mode === 'off') {
00030     print_error('mnetdisabled', 'mnet');
00031 }
00032
00033 // Content type for output is not html:
00034 header('Content-type: text/xml; charset=utf-8');
00035
00036 // PHP 5.2.2: $HTTP_RAW_POST_DATA not populated bug:
00037 // http://bugs.php.net/bug.php?id=41293
00038 if (empty($HTTP_RAW_POST_DATA)) {
00039     $HTTP_RAW_POST_DATA = file_get_contents('php://input');
00040 }
00041
00042 mnet_debug("HTTP_RAW_POST_DATA", 2);
00043 mnet_debug($HTTP_RAW_POST_DATA, 2);
00044
00045 if (!isset($_SERVER)) {
00046     exit(mnet_server_fault(712, get_string('phperror', 'mnet')));
00047 }
00048
00049
00050 // New global variable which ONLY gets set in this server page, so you know that
00051 // if you've been called by a remote Moodle, this should be set:
00052 $remoteclient = new mnet_remote_client();
00053 set_mnet_remote_client($remoteclient);
00054
00055 try {
00056     $plaintextmessage = mnet_server_strip_encryption($HTTP_RAW_POST_DATA);
00057     $xmlrpcrequest = mnet_server_strip_signature($plaintextmessage);
00058 } catch (Exception $e) {
00059     mnet_debug('encryption strip exception thrown: ' . $e->getMessage());
00060     exit(mnet_server_fault($e->getCode(), $e->getMessage(), $e->a));
00061 }
00062
00063 mnet_debug('XMLRPC Payload', 2);
00064 mnet_debug($xmlrpcrequest, 2);
00065
00066 if($remoteclient->pushkey == true) {
00067     // The peer used one of our older public keys, we will return a
00068     // signed/encrypted error message containing our new public key
00069     // Sign message with our old key, and encrypt to the peer's private key.
00070     mnet_debug('sending back new key');
00071     exit(mnet_server_fault_xml(7025, $mnet->public_key, $remoteclient->useprivatekey));
00072 }
00073 // Have a peek at what the request would be if we were to process it
00074 $params = xmlrpc_decode_request($xmlrpcrequest, $method);
00075 mnet_debug("incoming mnet request $method");
00076
00077 // One of three conditions need to be met before we continue processing this request:
00078 // 1. Request is properly encrypted and signed
00079 // 2. Request is for a keyswap (we don't mind enencrypted or unsigned requests for a public key)
00080 // 3. Request is properly signed and we're happy with it being unencrypted
00081 if ((($remoteclient->request_was_encrypted == true) && ($remoteclient->signatureok == true))
00082     || (($method == 'system.keyswap') || ($method == 'system/keyswap'))
00083     || (($remoteclient->signatureok == true) && ($remoteclient->plaintext_is_ok() == true))) {
00084     try {
00085         // main dispatch call.  will echo the response directly
00086         mnet_server_dispatch($xmlrpcrequest);
00087         mnet_debug('exiting cleanly');
00088         exit;
00089     } catch (Exception $e) {
00090         mnet_debug('dispatch exception thrown: ' . $e->getMessage());
00091         exit(mnet_server_fault($e->getCode(), $e->getMessage(), $e->a));
00092     }
00093 }
00094 // if we get to here, something is wrong
00095 // so detect a few common cases and send appropriate errors
00096 if (($remoteclient->request_was_encrypted == false) && ($remoteclient->plaintext_is_ok() == false)) {
00097     mnet_debug('non encrypted request');
00098     exit(mnet_server_fault(7021, get_string('forbidden-transport', 'mnet')));
00099 }
00100
00101 if ($remoteclient->request_was_signed == false) {
00102     // Request was not signed
00103     mnet_debug('non signed request');
00104     exit(mnet_server_fault(711, get_string('verifysignature-error', 'mnet')));
00105 }
00106
00107 if ($remoteclient->signatureok == false) {
00108     // We were unable to verify the signature
00109     mnet_debug('non verified signature');
00110     exit(mnet_server_fault(710, get_string('verifysignature-invalid', 'mnet')));
00111 }
00112 mnet_debug('unknown error');
00113 exit(mnet_server_fault(7000, get_string('unknownerror', 'mnet')));