Solved

wsdl php error revealing

Posted on 2013-12-10
9
387 Views
Last Modified: 2016-02-26
I have a soap wsdl programs that are working fine, but when an error occurs, the dump reveals to the calling function private information, like what internal directory is being used.  How can I supress this information from showing up?  Do I need to post the wsdl and the script error to get an answer?
0
Comment
Question by:flowerbloom
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 110

Expert Comment

by:Ray Paseur
ID: 39708254
Yes, we probably need to see your test case.  Please minimize it to the SSCCE and show us how to cause the error.  You may be able to use PHP exception handling.  We will know more once we can test it out.
0
 
LVL 1

Author Comment

by:flowerbloom
ID: 39708275
Below are the files involved, my domain has been replaced with "my.domain.com".

To create an error just have a syntax error on the server.


--- hello_server.php
<?php
function doHello($yourName = "") {
  return "Hello, $yourName";
}

try {
  $server = new SoapServer("hello.wsdl");
} catch (SoapFault $exc) {
  echo "Very Bad.";
}

$server->AddFunction("doHello");
$server->handle();
?>


--- hello_client.php
<?php
try{
  $sClient = new SoapClient('http://my.domain.com/hello.wsdl');
 
  $params = "John";
  $response = $sClient->doHello($params);
  echo "$response <br>\n";
 
} catch(SoapFault $e){
  echo "Error\n";
}
?>


--- hello.wsdl
<?xml version="1.0"?>

<definitions
  name="HelloWorld"
  targetNamespace="urn:HelloWorld"
  xmlns:tns="urn:HelloWorld"  
  xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
  xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
  xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
  xmlns="http://schemas.xmlsoap.org/wsdl/">

  <types>
    <xsd:schema xmlns="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:Hello">
      <xsd:element name="getName" type="xsd:string" />
      <xsd:element name="HelloResponse" type="xsd:string" />        
    </xsd:schema>        
  </types>

  <message name="doHello">
    <part name="yourName" type="tns:getName" />
  </message>
 
  <message name="doHelloResponse">
    <part name="return" type="tns:HelloResponse" />
  </message>  

  <portType name="HelloPort">
    <operation name="doHello">
      <input message="tns:doHello" />
      <output message="tns:doHelloResponse" />
    </operation>
  </portType>

  <binding name="HelloBinding" type="tns:HelloPort">
    <soap:binding style="rpc" transport="http://schemas.xmlsoap.org/soap/http" />
      <operation name="doHello">
        <soap:operation soapAction="urn:HelloAction" />
        <input>
          <soap:body use="encoded" namespace="urn:Hello" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" />      
        </input>
        <output>
          <soap:body use="encoded" namespace="urn:Hello" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" />      
        </output>
      </operation>
  </binding>

  <service name="HelloService">
    <port name="HelloPort" binding="tns:HelloBinding">
      <soap:address location="http://my.domain.com/hello_server.php" />
    </port>
  </service>

</definitions>
0
 
LVL 110

Expert Comment

by:Ray Paseur
ID: 39708339
Which line of code produces the information you do not want to reveal?
0
Don't Cry: How Liquid Web is Ensuring Security

WannaCry is just the start. Read how Liquid Web is protecting itself and its customers against new threats.

 
LVL 1

Author Comment

by:flowerbloom
ID: 39708358
It's the exception dump if there is an error with the "server".  No particular error, any error.
0
 
LVL 110

Expert Comment

by:Ray Paseur
ID: 39708495
Why not just return a null string when an exception occurs?  On the server you might want to use error_log() so you could inspect the contents of the exception object.
0
 
LVL 1

Author Comment

by:flowerbloom
ID: 39722864
This is not when it works well, otherwise, you're right, just catch the error and send null.

This is when there is a bug and the program crashes.  Please don't saw "debug your program".
0
 
LVL 110

Expert Comment

by:Ray Paseur
ID: 39722908
when there is a bug and the program crashes
We might need a little more to go on.  What would be an example of a "bug?"  And "crashes" is not really a term of art in software development.  There are specific error conditions, such as loop, wait, incorrect output, etc.  What exactly is (are) the errors?
0
 
LVL 1

Accepted Solution

by:
flowerbloom earned 0 total points
ID: 39748741
I figured it out:

I use "try catch" and "fault catch".

Works great.  Thanks.
0
 
LVL 1

Author Closing Comment

by:flowerbloom
ID: 39757142
I figured it out.
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

JavaScript has plenty of pieces of code people often just copy/paste from somewhere but never quite fully understand. Self-Executing functions are just one good example that I'll try to demystify here.
In order to have all security and back ups taken care of, WordPress users can sign up for services with WP Engine.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question