Solved

wsdl php error revealing

Posted on 2013-12-10
9
375 Views
Last Modified: 2016-02-26
I have a soap wsdl programs that are working fine, but when an error occurs, the dump reveals to the calling function private information, like what internal directory is being used.  How can I supress this information from showing up?  Do I need to post the wsdl and the script error to get an answer?
0
Comment
Question by:flowerbloom
  • 5
  • 4
9 Comments
 
LVL 108

Expert Comment

by:Ray Paseur
Comment Utility
Yes, we probably need to see your test case.  Please minimize it to the SSCCE and show us how to cause the error.  You may be able to use PHP exception handling.  We will know more once we can test it out.
0
 
LVL 1

Author Comment

by:flowerbloom
Comment Utility
Below are the files involved, my domain has been replaced with "my.domain.com".

To create an error just have a syntax error on the server.


--- hello_server.php
<?php
function doHello($yourName = "") {
  return "Hello, $yourName";
}

try {
  $server = new SoapServer("hello.wsdl");
} catch (SoapFault $exc) {
  echo "Very Bad.";
}

$server->AddFunction("doHello");
$server->handle();
?>


--- hello_client.php
<?php
try{
  $sClient = new SoapClient('http://my.domain.com/hello.wsdl');
 
  $params = "John";
  $response = $sClient->doHello($params);
  echo "$response <br>\n";
 
} catch(SoapFault $e){
  echo "Error\n";
}
?>


--- hello.wsdl
<?xml version="1.0"?>

<definitions
  name="HelloWorld"
  targetNamespace="urn:HelloWorld"
  xmlns:tns="urn:HelloWorld"  
  xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
  xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
  xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
  xmlns="http://schemas.xmlsoap.org/wsdl/">

  <types>
    <xsd:schema xmlns="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:Hello">
      <xsd:element name="getName" type="xsd:string" />
      <xsd:element name="HelloResponse" type="xsd:string" />        
    </xsd:schema>        
  </types>

  <message name="doHello">
    <part name="yourName" type="tns:getName" />
  </message>
 
  <message name="doHelloResponse">
    <part name="return" type="tns:HelloResponse" />
  </message>  

  <portType name="HelloPort">
    <operation name="doHello">
      <input message="tns:doHello" />
      <output message="tns:doHelloResponse" />
    </operation>
  </portType>

  <binding name="HelloBinding" type="tns:HelloPort">
    <soap:binding style="rpc" transport="http://schemas.xmlsoap.org/soap/http" />
      <operation name="doHello">
        <soap:operation soapAction="urn:HelloAction" />
        <input>
          <soap:body use="encoded" namespace="urn:Hello" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" />      
        </input>
        <output>
          <soap:body use="encoded" namespace="urn:Hello" encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" />      
        </output>
      </operation>
  </binding>

  <service name="HelloService">
    <port name="HelloPort" binding="tns:HelloBinding">
      <soap:address location="http://my.domain.com/hello_server.php" />
    </port>
  </service>

</definitions>
0
 
LVL 108

Expert Comment

by:Ray Paseur
Comment Utility
Which line of code produces the information you do not want to reveal?
0
 
LVL 1

Author Comment

by:flowerbloom
Comment Utility
It's the exception dump if there is an error with the "server".  No particular error, any error.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 108

Expert Comment

by:Ray Paseur
Comment Utility
Why not just return a null string when an exception occurs?  On the server you might want to use error_log() so you could inspect the contents of the exception object.
0
 
LVL 1

Author Comment

by:flowerbloom
Comment Utility
This is not when it works well, otherwise, you're right, just catch the error and send null.

This is when there is a bug and the program crashes.  Please don't saw "debug your program".
0
 
LVL 108

Expert Comment

by:Ray Paseur
Comment Utility
when there is a bug and the program crashes
We might need a little more to go on.  What would be an example of a "bug?"  And "crashes" is not really a term of art in software development.  There are specific error conditions, such as loop, wait, incorrect output, etc.  What exactly is (are) the errors?
0
 
LVL 1

Accepted Solution

by:
flowerbloom earned 0 total points
Comment Utility
I figured it out:

I use "try catch" and "fault catch".

Works great.  Thanks.
0
 
LVL 1

Author Closing Comment

by:flowerbloom
Comment Utility
I figured it out.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

These days socially coordinated efforts have turned into a critical requirement for enterprises.
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Viewers will learn one way to get user input in Java. Introduce the Scanner object: Declare the variable that stores the user input: An example prompting the user for input: Methods you need to invoke in order to properly get  user input:
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now