From 78e568e3db12b2db0bb7587f171366cc29f5fa95 Mon Sep 17 00:00:00 2001
From: Daniel Spors <daniels@scavix.com>
Date: Mon, 9 Mar 2015 11:35:49 +0100
Subject: [PATCH 1/3] Fixed Invalid SOAP header error Added ContinueSession to
 avoid multiple login calls

---
 soapclient/SforceBaseClient.php | 76 +++++++++++++++++++++++++++++++--
 1 file changed, 72 insertions(+), 4 deletions(-)

diff --git a/soapclient/SforceBaseClient.php b/soapclient/SforceBaseClient.php
index 3b494c7..e088fa0 100644
--- a/soapclient/SforceBaseClient.php
+++ b/soapclient/SforceBaseClient.php
@@ -171,6 +171,75 @@ public function login($username, $password) {
 		
 		return $result;
 	}
+	
+	/**
+	 * // SCAVIX
+	 * Use existing session id for this API connection
+	 *
+	 * @param string $sessionid   Session ID
+	 * @param string $serverurl   SFDC Server Url
+	 *
+	 * @return LoginResult
+	 */
+	public function ContinueSession($sessionid, $serverurl) 
+	{
+		$this->sforce->__setSoapHeaders(NULL);
+		if ($this->callOptions != NULL) {
+			$this->sforce->__setSoapHeaders(array($this->callOptions));
+		}
+		if ($this->loginScopeHeader != NULL) {
+			$this->sforce->__setSoapHeaders(array($this->loginScopeHeader));
+		}
+		/*
+		$result = (object) array(
+			'sessionId' => '00D24000000J9Sn!ARYAQB3P0gUnmUymxhM.am70IjhG816sdg5zHkJEb.szVbVq6SLkwdPk_M4F_Jj.BcWXOqJYE8Qkn4MLsM8Mf7YJrc1AbjZs',
+			'serverUrl' => 'https://eu5.salesforce.com/services/Soap/u/32.0'
+		);
+		*/
+		$result = (object) array(
+			'sessionId' => $sessionid,
+			'serverUrl' => $serverurl
+		);		
+		$this->_setLoginHeader($result);
+		
+		return $result;
+	}
+	
+	public function RefreshToken($client_id, $secret, $refresh_token)
+	{
+		try{
+			$url = 'https://login.salesforce.com/services/oauth2/token';
+			$fields = array(
+				'grant_type'	=> "refresh_token",
+				'client_id'		=> $client_id,
+				'client_secret' => $secret,
+				'refresh_token' => $refresh_token
+			);
+
+//			$fields_string = '';
+//			foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
+
+			$ch = curl_init($url);
+
+			//set the url, number of POST vars, POST data
+			curl_setopt($ch,CURLOPT_POST, true);
+			curl_setopt($ch,CURLOPT_POSTFIELDS, http_build_query($fields));
+			curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
+			//curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+
+			//execute post
+			$result = curl_exec($ch);
+
+			//close connection
+			curl_close($ch);
+
+			$json_a = json_decode($result,true);
+			return $json_a;
+			
+		}catch(Exception $e){
+			return false;
+		}
+	}	
 
 	/**
 	 * log outs from the salseforce system`
@@ -219,9 +288,9 @@ public function setEndpoint($location) {
 	private function setHeaders($call=NULL) {
 		$this->sforce->__setSoapHeaders(NULL);
 		
-		$header_array = array (
-			$this->sessionHeader
-		);
+		$header_array = array ();
+		if( $this->sessionHeader )
+			array_push($header_array, $this->sessionHeader);
 
 		$header = $this->callOptions;
 		if ($header != NULL) {
@@ -322,7 +391,6 @@ private function setHeaders($call=NULL) {
 			}
 		}
 		
-		
 		$this->sforce->__setSoapHeaders($header_array);
 	}
 

From 49b0cc0e62de0d7e882dc9680e60e2cfe830ca31 Mon Sep 17 00:00:00 2001
From: Daniel Spors <daniels@scavix.com>
Date: Mon, 9 Mar 2015 11:37:00 +0100
Subject: [PATCH 2/3] Cleanup

---
 soapclient/SforceBaseClient.php | 1 -
 1 file changed, 1 deletion(-)

diff --git a/soapclient/SforceBaseClient.php b/soapclient/SforceBaseClient.php
index e088fa0..1f33c8b 100644
--- a/soapclient/SforceBaseClient.php
+++ b/soapclient/SforceBaseClient.php
@@ -173,7 +173,6 @@ public function login($username, $password) {
 	}
 	
 	/**
-	 * // SCAVIX
 	 * Use existing session id for this API connection
 	 *
 	 * @param string $sessionid   Session ID

From df0b3a2e28dd1c8083a668cad28000f5f2024a9e Mon Sep 17 00:00:00 2001
From: Daniel Spors <daniels@scavix.com>
Date: Tue, 13 Oct 2015 09:45:22 +0200
Subject: [PATCH 3/3] Added XML value sanitation

---
 soapclient/SforceBaseClient.php | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/soapclient/SforceBaseClient.php b/soapclient/SforceBaseClient.php
index 1f33c8b..31aae52 100644
--- a/soapclient/SforceBaseClient.php
+++ b/soapclient/SforceBaseClient.php
@@ -556,10 +556,19 @@ public function getLastResponseHeaders() {
 	protected function _convertToAny($fields) {
 		$anyString = '';
 		foreach ($fields as $key => $value) {
-			$anyString = $anyString . '<' . $key . '>' . $value . '</' . $key . '>';
+			$anyString = $anyString . '<' . $key . '>' . $this->_sanitizeValue($value) . '</' . $key . '>';		// scavix
 		}
 		return $anyString;
 	}
+	
+	/**
+	 * Added by Scavix Software 4/2015
+	 */
+	protected function _sanitizeValue($value) {
+		if((strpos($value, '&') !== false) || (strpos($value, '<') !== false) || (strpos($value, '>') !== false))
+			return '<![CDATA['.$value.']]>';
+		return $value;
+	}
 
 	protected function _create($arg) {
 		$this->setHeaders("create");