I have written a framework that facilitates RPC calls between AS3 and PHP 5 called FlashMOG. I recently got a forum request that has introduced a pretty bizarre question regarding access control.

This will be a lot easier to discuss if you have access to the FlashMOG 0.3.1 client source which is here:
http://flashmog.net/download

The basic idea is that I have a FlashMOGService class which has an RPCSocket member that it may share with other FlashMOGService objects. The idea is that you can create two distinct FlashMOGService objects and have them both connect to the same host/port via socket. I use my special RPCSocket class for two reasons:
1) Let developers use one port but separate functionality into two distinct services...a form of multiplexing i guess
2) RPCSocket adds functionality to the standard Socket class that works to serialize and unserialize data and get it where it needs to go.


The essence of the problem here is that this guy has created a class with a FlashMOGService object as a member and has tried to assign a private method of his class as an event handler to the FlashMOGService object:

code:

/ Launch after GUI creation
// ******************************
protected function init():void {
_service=new FlashMOGService("127.0.0.1",1740,"myService1");
_service.connect();
_service.client.firstClientMethod = fromServer;
}
// Launch after button clicked
// ********************************
private function clicked():void {
_service.server.serverMethod1("me",7);
}

// Freeze the browser hosting the swf (in run or debug mode)
// Supposed to store server responses within a TextArea
// ************************************************** **************
private function fromServer (serverMessage:String):void {
textArea.appendText(serverMessage+"\n");
}



My initial thought is that this should be fine because it's all done within the class. However, when I consider the monkey chain that results in this function being called, it seems almost logical that it wouldn't work. The problem is that the browser freezes when a socket message arrives that tries to call the service's client method, _service.client.firstClientMethod.

This client firstClientMethod is attempted when data arrives from the server on the Socket (an RPCSocket, actually). The RPCSocket class deserializes the socket data and extracts an array with a service name, a method name, and an array of arguments. It looks into its own private class variable (an array of services using the RPCSocket) and tries to invoke whatever function was assigned thusly:

code:
var methodFunc:Function = services[serviceName].client[eventName];
if (methodFunc is Function) {
methodFunc.apply(null, args);
}



I'm guessing there's some kind of infinite loop going on to check access control for the various intertwined classes. Can anyone help me sort this out? I'm hoping to understand why it shouldn't work or what I'm doing -- and ideally see if I can maybe fix the problem.