You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There's a hardware device I wanted to control via HTTP requests. The machine expects the authentication data to be passed as an XML string in the CURLOPT_POSTFIELDS parameter.
After several failed attempts I discovered a bug in the post() method call:
public function post($url, $data, $headers = array())
{
(...)
if (!is_array($data)) $headers[] = 'Content-Length: ' . strlen($data);
$curl_opts[CURLOPT_HTTPHEADER] = $this->prepHeaders($headers);
(...)
}
On line 384, when the code inspects the $data variable, it inserts the Content-Length value incorrectly into the header array if $data is not array.
As you can see, an array index has been inserted in the last string element.
The main problem that the code doesn't examine the header array's format before adding the new Content-Length element (is it numerically indexed, or associative). The code just places a numerically indexed indice, so if your $headers array is associative, the new array's indexing becomes mixed.
And this produces another error, since prepHeaders() method calls _isNumericallyIndexedArray() (line 203), which fails to properly determine how the array was indexed, because it will instantly return true on the first numeric index it encounters.
Because of the false result, the prepHeaders() method returns the array as it was... incorrectly formatted.
I would advise to handle the header array format consistently througout the code, so actions with the header data would be less error prone... but that's just my two cents on the topic.
Thanks,
Gergely Lukacsy
The text was updated successfully, but these errors were encountered:
There's a hardware device I wanted to control via HTTP requests. The machine expects the authentication data to be passed as an XML string in the
CURLOPT_POSTFIELDSparameter.After several failed attempts I discovered a bug in the
post()method call:On line 384, when the code inspects the
$datavariable, it inserts theContent-Lengthvalue incorrectly into the header array if$datais not array.My expected array was:
but I've got the following data:
As you can see, an array index has been inserted in the last string element.
The main problem that the code doesn't examine the header array's format before adding the new
Content-Lengthelement (is it numerically indexed, or associative). The code just places a numerically indexed indice, so if your$headersarray is associative, the new array's indexing becomes mixed.And this produces another error, since
prepHeaders()method calls_isNumericallyIndexedArray()(line 203), which fails to properly determine how the array was indexed, because it will instantly returntrueon the first numeric index it encounters.Because of the false result, the
prepHeaders()method returns the array as it was... incorrectly formatted.I would advise to handle the header array format consistently througout the code, so actions with the header data would be less error prone... but that's just my two cents on the topic.
Thanks,
Gergely Lukacsy
The text was updated successfully, but these errors were encountered: