Solved

wsdl php error revealing

Posted on 2013-12-10
9
379 Views
Last Modified: 2016-02-26
I have a soap wsdl programs that are working fine, but when an error occurs, the dump reveals to the calling function private information, like what internal directory is being used.  How can I supress this information from showing up?  Do I need to post the wsdl and the script error to get an answer?
0
Comment
Question by:flowerbloom
  • 5
  • 4
9 Comments
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 39708254
Yes, we probably need to see your test case.  Please minimize it to the SSCCE and show us how to cause the error.  You may be able to use PHP exception handling.  We will know more once we can test it out.
0
 
LVL 1

Author Comment

by:flowerbloom
ID: 39708275
Below are the files involved, my domain has been replaced with "my.domain.com".

To create an error just have a syntax error on the server.


--- hello_server.php
<?php
function doHello($yourName = "") {
  return "Hello, $yourName";
}

try {
  $server = new SoapServer("hello.wsdl");
} catch (SoapFault $exc) {
  echo "Very Bad.";
}

$server->AddFunction("doHello");
$server->handle();
?>


--- hello_client.php
<?php
try{
  $sClient = new SoapClient('http://my.domain.com/hello.wsdl');
 
  $params = "John";
  $response = $sClient->doHello($params);
  echo "$response <br>\n";
 
} catch(SoapFault $e){
  echo "Error\n";
}
?>


--- hello.wsdl
<?xml version="1.0"?>

<definitions
  name="HelloWorld"
  targetNamespace="urn:HelloWorld"
  xmlns:tns="urn:HelloWorld"  
  xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
  xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
  xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
  xmlns="http://schemas.xmlsoap.org/wsdl/">

  <types>
    <xsd:schema xmlns="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:Hello">
      <xsd:element name="getName" type="xsd:string" />
      <xsd:element name="HelloResponse" type="xsd:string" />        
    </xsd:schema>        
  </types>

  <message name="doHello">
    <part name="yourName" type="tns:getName" />
  </message>
 
  <message name="doHelloResponse">
    <part name="return" type="tns:HelloResponse" />
  </message>  

  <portType name="HelloPort">
    <operation name="doHello">
      <input message="tns:doHello" />
      <output message="tns:doHelloResponse" />
    </operation>
  </portType>

  <binding name="HelloBinding" type="tns:HelloPort">
    <soap:binding style="rpc" transport="http://schemas.xmlsoap.org/soap/http" />
      <operation name="doHello">
        <soap:operation soapAction="urn:HelloAction" />
        <input>
          <soap:body use="encoded" namespace="urn:Hello" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" />      
        </input>
        <output>
          <soap:body use="encoded" namespace="urn:Hello" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" />      
        </output>
      </operation>
  </binding>

  <service name="HelloService">
    <port name="HelloPort" binding="tns:HelloBinding">
      <soap:address location="http://my.domain.com/hello_server.php" />
    </port>
  </service>

</definitions>
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 39708339
Which line of code produces the information you do not want to reveal?
0
 
LVL 1

Author Comment

by:flowerbloom
ID: 39708358
It's the exception dump if there is an error with the "server".  No particular error, any error.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 108

Expert Comment

by:Ray Paseur
ID: 39708495
Why not just return a null string when an exception occurs?  On the server you might want to use error_log() so you could inspect the contents of the exception object.
0
 
LVL 1

Author Comment

by:flowerbloom
ID: 39722864
This is not when it works well, otherwise, you're right, just catch the error and send null.

This is when there is a bug and the program crashes.  Please don't saw "debug your program".
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 39722908
when there is a bug and the program crashes
We might need a little more to go on.  What would be an example of a "bug?"  And "crashes" is not really a term of art in software development.  There are specific error conditions, such as loop, wait, incorrect output, etc.  What exactly is (are) the errors?
0
 
LVL 1

Accepted Solution

by:
flowerbloom earned 0 total points
ID: 39748741
I figured it out:

I use "try catch" and "fault catch".

Works great.  Thanks.
0
 
LVL 1

Author Closing Comment

by:flowerbloom
ID: 39757142
I figured it out.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface This is the third article about the EE Collaborative Login Project. A Better Website Login System (http://www.experts-exchange.com/A_2902.html) introduces the Login System and shows how to implement a login page. The EE Collaborative Logi…
The task of choosing a web design company to build a website for your business should never be taken in a light manner. Provided the fact that your website will act as a representative to your business and will be responsible for imposing an online …
Viewers will learn about arithmetic and Boolean expressions in Java and the logical operators used to create Boolean expressions. We will cover the symbols used for arithmetic expressions and define each logical operator and how to use them in Boole…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

896 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now