我试图在API上运行搜索,该API要求我的查询数据被设置为嵌套在XML请求中的XML.我将发布我的整个课程和方法调用(我发送给iress技术支持),以便可以对其进行全面审核,并且在任何人都无法访问相同API的情况下,他们可以立即为自己重现问题.
class XMLCurler
{
private $username = '[redacted]';
private $password = '[redacted]';
private $url = 'https://[redacted].xplan.iress.com.au/RPC2/';
public $ch; // the curl handle
public $token;
public $results;
public function __construct() {
if ($this->connect()) {
if ($this->login()) {
echo "<div class=\"success\">Successful Connection & Login. Token: {$this->token}</div>";
}
}
}
public function __destruct() {
if ($this->ch) {
$this->disconnect();
}
}
public function connect() {
if (!$this->ch = curl_init($this->url)) { // generate curl handle
echo "<div class=\"error\">CURL Error While Connecting (check url)";
return false;
}
return true;
}
public function disconnect() {
curl_close($this->ch);
}
public function processResponse($response) {
if (!$response) {
echo "<div class=\"error\">CURL Error While Attempting to Login - No XML token string<br><b>" , curl_error($this->ch) , "</b></div>";
return false;
}
$decoded = xmlrpc_decode($response);
if (is_array($decoded) && xmlrpc_is_fault($decoded)) {
echo "<div class=\"error\">Error Response: {$decoded['faultString']} ({$decoded['faultCode']})</div>";
return false;
}
return $decoded;
}
public function login() {
$postfields = xmlrpc_encode_request('edai.Login', array($this->username, $this->password)); // package as xml
curl_setopt($this->ch, CURLOPT_HTTPHEADER, array('Content-Type: text/xml'));
curl_setopt($this->ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($this->ch, CURLOPT_POSTFIELDS, $postfields);
curl_setopt($this->ch, CURLOPT_SSL_VERIFYHOST, 0); // not advised, I need to find out how to avoid this
curl_setopt($this->ch, CURLOPT_SSL_VERIFYPEER, 0); // not advised, I need to find out how to avoid this
if (!$token = $this->processResponse(curl_exec($this->ch))) {
return false;
}
if (!preg_match("~^[\w+]{20}$~", $token)) {
echo "<div class=\"error\">Invalid/Unexpected Token Generated<br><b>$token</b>";
return false;
}
$this->token = $token; // cache the valid token
return true;
}
public function listChildren($path) {
$method = "edai.ListChildren";
$request = xmlrpc_encode_request($method, array($this->token, $path));
echo "<div class=\"notice\">XMLRPC Encoded Request (for $method): <pre>" , htmlentities($request) , "</pre></div>";
curl_setopt($this->ch, CURLOPT_POSTFIELDS, $request);
if (!$results = $this->processResponse(curl_exec($this->ch))) {
return false;
}
$this->results = $results; // cache the valid results
return true;
}
public function search($basepath, $queryxml) {
$method = "edai.Search";
/** Desperate/Manual xml construction ...
* $xml = new DOMDocument("1.0", "utf-8");
* $xml->appendChild($methodCall = $xml->createElement("methodCall"));
* $methodCall->appendChild($methodName = $xml->createElement("methodName"));
* $methodCall->appendChild($params = $xml->createElement("params"));
* $params->appendChild($param1 = $xml->createElement("param"));
* $param1->appendChild($value1 = $xml->createElement("value"));
* $value1->appendChild($string1 = $xml->createElement("string"));
* $params->appendChild($param2 = $xml->createElement("param"));
* $param2->appendChild($value2 = $xml->createElement("value"));
* $value2->appendChild($string2 = $xml->createElement("string"));
* $params->appendChild($param3 = $xml->createElement("param"));
* $param3->appendChild($value3 = $xml->createElement("value"));
* $value3->appendChild($string3 = $xml->createElement("string"));
* $string3->appendChild($EntitySearch = $xml->createElement("EntitySearch"));
* $EntitySearch->appendChild($SearchResult1 = $xml->createElement("SearchResult"));
* $SearchResult1->setAttribute("field", "first_name");
* $EntitySearch->appendChild($SearchResult2 = $xml->createElement("SearchResult"));
* $SearchResult2->setAttribute('field', "last_name");
* $EntitySearch->appendChild($SearchQuick = $xml->createElement("SearchQuick"));
* $SearchQuick->appendChild($s = $xml->createElement("s"));
* $xpath = new DOMXPath($xml);
* $result1 = $xpath->query("//methodName");
* $result1->item(0)->nodeValue = $method;
* $result2 = $xpath->query("//params/param[1]/value/string");
* $result2->item(0)->nodeValue = $this->token;
* $result3 = $xpath->query("//params/param[2]/value/string");
* $result3->item(0)->nodeValue = "entitymgr/client";
* $result4 = $xpath->query("//SearchQuick/s");
* $result4->item(0)->nodeValue = "last_name:Smith";
* $xml->formatOutput = true;
* $request = $xml->saveXML();
*/
/** Desperately attempted passing array ...
* $queryarray = array(
* "EntitySearch" => array(
* array(
* "SearchResult" => array(
* "@attr" => array(
* "field" => "first_name"
* )
* )
* ),
* array(
* "SearchResult" => array(
* "@attr" => array(
* "field" => "last_name"
* )
* )
* ),
* array(
* "SearchQuick" => array(
* "s" => "last_name:Smith"
* )
* )
* )
* );
*/
$request = xmlrpc_encode_request($method, array($this->token, $basepath, $queryxml)); // this mutates the nested $queryxml string
// Causes:
//Error Response: UNKNOWN(CORBA.UNKNOWN(omniORB.UNKNOWN_PythonException, CORBA.COMPLETED_MAYBE)) (-32505)
//$request = html_entity_decode($request); // repair encoded entities
//$request = preg_replace('~(?:>\K\s+)|(?:\s+(?=<))~', '', $request); // strip every whitespace character between tags (hack)
// Causes:
// Error Response: ExpatError(syntax error: line 1, column 0 (byte 0)) (-32505)
echo "<div class=\"notice\">XMLRPC Encoded Request (for $method): <pre>" , htmlentities($request) , "</pre></div>";
curl_setopt($this->ch, CURLOPT_POSTFIELDS, $request);
if (!$results = $this->processResponse(curl_exec($this->ch))) {
return false;
}
$this->results = $results; // cache the valid results
return true;
}
}
以下是我打电话的方式. edai.ListChildren因为我不必发送任何XML数据. edai.Search不起作用,因为我无法在XML请求中正确准备XML查询.
$XC = new XMLCurler();
/* edai.ListChildren works as desired/expected */
$path = "/entitymgr/client";
if ($XC->listChildren($path)) {
echo "<div>List of Children Successful.<pre>";
var_export($XC->results);
echo "</pre></div>";
}
/* edai.Search does not work */
$basepath = "entitymgr/client";
$queryxml = <<<XML
<EntitySearch>
<SearchResult field="first_name"/>
<SearchResult field="last_name"/>
<SearchQuick><s>last_name:Smith</s></SearchQuick>
</EntitySearch>
XML;
if ($XC->search($basepath, $queryxml)) {
echo "<div>Search Successful.<pre>";
var_export($XC->results);
echo "</pre></div>";
}
这是尝试的请求和错误消息.
这是我提供的手册的相关部分(XPLAN XML-RPC EXTERNAL DATA ACCESS INTERFACE 2013年5月7日):
我几周前联系了iress.com,他们叫我松散地确认我有权访问API,并告诉我他们会联系 - 跟进电话没有发生我会喜欢回到这个项目的工作.
我确实知道有一个Smith匹配我的查询的姓氏.
我没有Python经验,所以错误响应对我没有帮助.我做了比我发布的更多的冰雹尝试,但我厌倦了浪费我的时间.我不知道,如果第三个参数,就是要嵌套的内部<value>,<param>,<struct>,<string>,<array>,<xml>,或别的东西完全.
如果有人对如何为请求准备XML查询有任何建议,我将运行它们并提供反馈.
我也很高兴收到关于类设计,安全性问题以及完全不同的php方法的建议,以获得edai.Search返回一些有用的数据.
根据@ThW的要求,以下是xml尝试的集合及其各自的错误响应:https://pastebin.com/dYtwXWxz
| 归档时间: |
|
| 查看次数: |
233 次 |
| 最近记录: |
