- fix issue 2814470: Fix for signature-check mismatch in new-style servers

[plcapi.git] / ChangeLog

2009-07-02 - G. Giunta (giunta.gaetano@gmail.com) thanks Heiko Stuebner\r
\r
        * xmlrpc.inc: fix: when checking the parameters against the signatures xmlrpc\r
        checks for "array" but PHP returns "Array" resulting in a not matches signature\r
\r
2009-05-07 - G. Giunta (giunta.gaetano@gmail.com)\r
\r
        * replace all usage of '= & new' with '= new', as this is deprecated in php 5\r
        and has been shown to cause problems too\r
\r
2009-05-06 - G. Giunta (giunta.gaetano@gmail.com)\r
\r
        * create php4 branch, rename trunk to 3.0.0beta - it will be the php5-only version\r
\r
        * xmlrpc.inc: removed test fpr php version and inclusion of compat patches for really\r
        really old versions of php 4\r
\r
2009-03-16 - G. Giunta (giunta.gaetano@gmail.com) thanks Tommaso Trani\r
\r
        * move from CVS to SVN on sf.net; file layout now is the same as in packaged lib\r
\r
        * xmlrpc.inc: fix php warning when receiving 'false' in a bool value\r
\r
        * Makefile, doc/Makefile: alter to follow new file layout\r
\r
        * tagged and released as 2.2.2\r
\r
2009-02-03 - G. Giunta (giunta.gaetano@gmail.com)\r
\r
        * debugger/action.php: improve code robustness when parsing system.listmethods\r
        and system.describemethods call\r
\r
        * xmlrpc.inc: format floating point values using the correct decimal separator\r
        even when php locale is set to one that uses comma (bug #2517579);\r
        use feof() to test if socket connections are to be closed instead of the\r
        number of bytes read (bug #2556209)\r
\r
2008-10-29 - G. Giunta (giunta.gaetano@gmail.com)\r
\r
        * xmlrpcs.inc: allow add_to_map server method to add docs for single params, too\r
\r
2008-09-20 - G. Giunta (giunta.gaetano@gmail.com)\r
\r
        * xmlrpc_wrappers.inc: added the possibility to wrap for exposure as xmlrpc\r
        methods plain php class methods, object methods and even whole classes\r
\r
        * testsuite.php, server.php: added test cases for the new code\r
\r
2008-09-07 - G. Giunta (giunta.gaetano@gmail.com) thanks Bruno Zanetti Melotti\r
\r
        * xmlrpc.inc: be more tolerant in detection of charset in http headers (fix for bug #2058158)\r
\r
2008-04-05 - G. Giunta (giunta.gaetano@gmail.com)\r
\r
        * xmlrpc.inc: fix encoding of UTF8 chars outside of the BMP\r
\r
        * xmlrpcs.inc: fix detection of zlib.output_compression (thanks xbert)\r
\r
2008-03-06 - G. Giunta (giunta.gaetano@gmail.com)\r
\r
        * tagged and released as 2.2.1\r
\r
        * Makefile: improve usage on windows xp despite cmd's broken mkdir\r
\r
2007-10-26 - G. Giunta (giunta.gaetano@gmail.com) thanks sajo_raftman\r
\r
        * xmlrpc.inc: remove one warning in xmlrpc_client creator\r
\r
2007-10-26 - G. Giunta (giunta.gaetano@gmail.com)\r
\r
        * xmlrpc.inc: improve support for windows cp1252 character set (still\r
        commented in the code)\r
\r
2007-09-05 - G. Giunta (giunta.gaetano@gmail.com)\r
\r
        * xmlrpc.inc, xmlrps.inc: do not try to set invalid charsets as output for\r
        xml parser, even if user set them up for internal_encoding (helps encoding\r
        to exotic charsets, while decoding to UTF8)\r
\r
2007-09-05 - G. Giunta (giunta.gaetano@gmail.com)\r
\r
        * xmlrpc.inc: fix parsing of '1e+1' as valid float\r
\r
2007-09-01 - G. Giunta (giunta.gaetano@gmail.com), thanks Frederic Lecointre\r
\r
        * xmlrpcs.inc: allow errorlevel 3 to work when prev. error handler was a static method\r
\r
        * testsuite.php: fix test on setCookie()\r
\r
2007-08-31 - G. Giunta (giunta.gaetano@gmail.com)\r
\r
        * xmlrpc.inc: minor fix in cookie parsing\r
\r
2007-07-31 - G. Giunta (giunta.gaetano@gmail.com)\r
\r
        * xmlrpc.inc: Fix usage of client::setcookie() for multiple cookies in non-ssl mode\r
\r
2007-07-26 - G. Giunta (giunta.gaetano@gmail.com) thanks Mark Olive\r
\r
        * xmlrpc.inc: Fix for bug # 1756274 (usage of cookies in ssl mode)\r
\r
2007-04-28 - G. Giunta (giunta.gaetano@gmail.com)\r
\r
        * xmlrpc.inc: give more detailed curl information when DEBUG = 2; fix handling\r
        of case where curl w. keepalive is used and one connection of many fails\r
\r
        * testsuite improvements: add one testcase; give feedbcak while tests are\r
        running\r
\r
2007-04-01 - G. Giunta (giunta.gaetano@gmail.com)\r
\r
        * doc/makefile, doc/custom.fo.xsl: improve pdf rendering of php source code\r
\r
        * makefile: recover version number from source instead of having it hardcoded\r
\r
2007-03-10 - G. Giunta (giunta.gaetano@gmail.com)\r
\r
        * doc/makefile, doc/convert.php, doc/*.xsl: created customizations xslt to\r
        produce a documentation more in line with the php manual, esp. with regards\r
        to functions synopsis; added jellyfish book cover as local resource and a\r
        screenshot of the debugger too; various updates to the manual source; added\r
        a php script to highlight examples inside html docs\r
\r
2007-03-09 - G. Giunta (giunta.gaetano@gmail.com)\r
\r
        * debugger/action.php: css tweak for IE\r
\r
        * added phpunit license file in the phpunit directory\r
\r
        * added link to license (on sf.net site) to many files\r
\r
2007-03-04 - G. Giunta (giunta.gaetano@gmail.com)\r
\r
        * Makefile, doc/makefile: assorted improvements\r
\r
2007-03-03 - G. Giunta (giunta.gaetano@gmail.com)\r
\r
        * xmlrpc.inc: micro-optimization in declaration of global vars xmlrpcerr, xmlrpcstr\r
\r
2007-02-25 Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * removed a couple of warnings emitted in testsuite.php\r
\r
        * doc/makefile: added command for invocation of xxe to generate docs\r
\r
        * better rendering of docs in xml+css format for function prototypes\r
\r
        * updated documentation\r
\r
        * tagged and released as 2.2\r
\r
2007-02-22 Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * debugger: workaround for case of magic_quotes_gpc being set (properly\r
        unescape user input); fix case of user not setting msg id in jsonrpc case\r
        when executing a remote method; allow strings, false, true and null as msg id\r
\r
2007-02-13 Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * testsuite.php: added one test for automatic encoding/decoding case\r
\r
2007-02-05 Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: slightly faster encoding of UTF8 data to ascii\r
\r
2007-01-11 Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: when calling client::multicall() with an unspecified http version,\r
        use the client default rather than the fixed 'http 1.0'\r
\r
2006-09-17 Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc, xmlrpcs.inc, testsuite.php: added support for </NIL> and\r
        system.getCapabilities, and one more testcase to go with it\r
\r
2006-09-05 Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: fix support for https through proxies; client parses debug\r
        messages sent by client even for compressed responses;\r
\r
        * testsuite.php, parse_args.php: added 3 test cases for proxy connections\r
\r
2006-09-01 Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        xmlrpc_wrappers.inc: add two more options in wrap_xmlrpc_method and fix\r
        typo to allow obj encoding\r
\r
2006-08-28 Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc_wrappers.inc: more options added to wrap_php_function and\r
        wrap_xmlrpc_method\r
\r
        * xmlrpc.inc: pave the way to support for <nil/>\r
\r
        * doc/xmlrpc_php.xml documentation updated\r
\r
        * tagged and released as 2.1\r
\r
2006-08-25 Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: stricter parsing of incoming messages: detect two DATA elements\r
        inside an ARRAY, a STRUCT or SCALAR inside an already filled VALUE\r
\r
        * testsuite.php: added two testcases to check for the above cases\r
\r
2006-08-24 Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: more code optimization in xmlrpcval::serialize() and\r
        php_xmlrpc_encode(); fixed bug where struct elements with non-ascii chars\r
        in their name would not be properly encoded\r
\r
        * testsuite.php: added a testcase for the new bug\r
\r
2006-08-23 Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * remove old code left in comments across many files; many more javadoc\r
        comments added\r
\r
        * xmlrpc.inc: a bit of code optimization: reorder switch() statements of\r
        xml parsing element handlers; inline code for xmlrpcval() - this breaks\r
        new xmlrpcval('true') and changes error msgs on new xmlrpcval($x, 'invalid_type')\r
\r
        * testsuite.php: change according to above\r
\r
        * benchmark.php: basic support for xdebug 2 profiling\r
\r
2006-08-22 Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: addscalar() and addstruct() where not returning 1 when adding\r
        data to an already formed value\r
\r
2006-08-21 Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpcs.inc, xmlrpc.inc: added support for emulating the xmlrpc-extension\r
        API (the full emulation layer is part of the extras package);\r
        fix support for the HTTP 'deflate' encoding\r
\r
        * xmlrpc.inc: better support for http compression with and without CURL;\r
        a minor decoding speedup; added a new function: php_xmlrpc_decode_xml(),\r
        that will convert into the appropriate object the xml representation of\r
        either a request, response or a single value; log reception of invalid\r
        datetime values\r
\r
        * xmlrpcs.inc: add a new parameter and return type to server->service();\r
        let server->add_to_map() accept method definitions without parameter types\r
\r
        * xmlrpc_wrappers.inc: more logging of errors; wrap_php_functions now takes\r
        more options; better support for jsonrpc; escape quote chars when wrapping\r
        remothe servers / remote methods\r
\r
        * added cvs Id tag to files that missed it; speling fixes; updated NEWS files\r
\r
2006-08-07 Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * assorted fixes to make the suite more compatible with php 4.0.5 and 5.x\r
\r
2006-07-02 Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc_warppers.inc: added new function to wrap entire remote server into\r
        a local php class; changed default calling synopsis of wrap_remote_method,\r
        to ease passing multiple options at a time (but old syntax still works!)\r
\r
        * updated makefile, debugger/action.php in accord with the above\r
\r
2006-06-30 Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * added to debugger capability to generate json-rpc code stubs\r
\r
        * added to debugger capability to load and launch self correctly if\r
        controller.php is called directly from outside processes (single url access)\r
\r
2006-06-26 Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * moved wrap_php_functions and wrap_xmlrpc_method into a file of their own.\r
        This will let us add further stub functionality without the base lib growing too much.\r
        All of the files that reference this functionality have been modified accordingly.\r
\r
        * made wrap_xmlrpc_method generate better code (with php type juggling), and\r
        some phpdoc for the generated function, too\r
\r
        * added to debugger an option to produce for the user the generated php code\r
        for wrapping a call to a remote method into a php function\r
\r
2006-06-22 Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpcs.inc: added description of parameters for system.xxx methods (useful with\r
        html-self-documenting servers);\r
        server->service() now returns response object, in case user has need for it...\r
\r
        * xmlrpc.inc: save full response payload into xmlrpcresp obj for better debugging\r
\r
2006-06-15 Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * verify_compat.php: more tests\r
\r
2006-06-09 Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpcs.inc: fixed sending of compressed responses when output compression\r
        is already enabled in php.ini\r
\r
        * verify_compat.php: split tests between server and client cases\r
\r
2006-05-29  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * added new file: verify_compat.php, to help troubleshooting platform\r
        support for the library; added it to makefile, too\r
\r
2006-05-24  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: removed residual usage of regexp in favour of  pregexps; fixed\r
        a bug in specifying Host http header with non std ports\r
\r
2006-05-23  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: improvements to wrap_php_function: let it deal correctly\r
        with php functions returning xmlrpcresp objs; make it generate also\r
        docs for single parameters (useful for documenting_xmlrpc_server class)\r
\r
2006-05-22  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc, xmlrpcs.inc: minor performance tuning updates: replaced\r
        some explode vs. split, ereg vs. preg, single vs. double quotes\r
\r
        * xmlrpc.inc: fix wrap_xmlrpc_method to NOT rebuild php objects received\r
        from the server by default, as it might pose a security risk\r
\r
2006-04-24  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * minor fixes makefiles. Tagged and released as 2.0 final\r
\r
2006-04-22  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * debugger/*: added option to set cainfo; improve web layout\r
\r
        * xmlrpc.inc: set sslverifypeer to TRUE instaed of 1 by default\r
\r
        * doc/php_xmlrpc.xml: documentation updates\r
\r
2006-04-21  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: added option to set ca certs dir instead of single cert\r
        (used to validate server in https connetions)\r
\r
2006-04-18  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: fixed bug in xmlrpcval::structmemexists()\r
\r
        * testsuite.php: added test case for xmlrpcval::structmemexists()\r
\r
2006-04-03  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: add support for Digest and NTLM authentication, both to server\r
        and to proxies (note: must use CURL for this to work)\r
\r
        * debugger/*: add support for Digest/NTLM auth to remote servers\r
\r
2006-03-19  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: fix a bug parsing of 'true' bool values;\r
        added a new method to the client class: SetCaCertificate;\r
        add column number in xml parsing error messages;\r
        fix serialization of messages to ISO-8859-1 charset with php 5 (by adding\r
        encoding to the xml prologue of generated messages)\r
\r
        * xmlrpcs.inc: correct detection of charset in http headers;\r
        add column number in xml parsing error messages;\r
        fix serialization of responses to ISO-8859-1 charset with php 5 (by adding\r
        encoding to the xml prologue of generated responses)\r
\r
        * testsuite.php: added two more tests on charset encoding\r
\r
        * NEWS: update info for impending release\r
\r
2006-03-23  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * added a new demo file: simple_call.php\r
\r
2006-02-20  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpcs.inc: more error checking and logging with regard to user-coded\r
        method handler functions not being well behaved;\r
        fix a case where error handler would not be reset upon user function\r
        returning not valid xmlrpresp\r
\r
        * xmlrpc.inc: fix bug in detection of php 4.3.0\r
\r
        * Makefile: fix uppercase filenames\r
\r
2006-02-15\r
\r
        * xmlrpc.inc: parse 'true' and 'false' as valid booleans, even though the\r
        spec is quite clear on that; fix small bug w. internal_encoding = utf8; add\r
        definition of $GLOBALS['xmlrpcNull'] for extensibility, e.g. json or\r
        extensions to the xmlrpc spec\r
\r
2006-02-05  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: fix bug in wrap_xmlrpc_method if client passed to function has\r
        return_type=phpvals\r
\r
        * all demo files: review code, add more comments and information\r
\r
        * added 2 demo files: proxy.php (implementing an xmlrpc proxy server) and\r
        wrap.php (showing usage of wrap_method_call)\r
\r
2006-02-04  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: fix bug in multicall in case of no fallback and server error\r
\r
2006-01-30  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: fix recursive serialization of xmlrpcvals loosing UTF8 charset;\r
        correctly set type field of xmlrpcvals returned by send() calls\r
\r
        * xmlrpcs.inc: add to server checks for correct return type of user-coded\r
        method handling function; tolerate xmlrpcval instead of xmlrpcresp\r
\r
        * minor change in xmlrpcresp internals, to ease subclassing (store payload\r
        in an internal var on serialize(), same as xmlrpcclient does)\r
\r
2006-01-22  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * benchmark.php: do not run http 1.1 tests if CURL notfound\r
\r
        * Released as 2.0 Rc3\r
\r
2006-01-19  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: make xmlrpc_client::setDebug() accept int values instead of\r
        boolean. At level 2, the request payload is printed to screen before being\r
        sent; fix bug with repeated sending of the same msg object and using request\r
        compression w. php 5.1.2 (objects passed by ref by default!!!)\r
\r
        * xmlrpcs.inc: fix detection of clients accepting compressed responses\r
\r
        * comment.php: remove warnings due to liberal usage of $HTTP_POST/GET_VARS\r
\r
        * benchmark.php: add a test using http compression of both requests and\r
        responses\r
\r
        * testsuite.php: added test for fix in xmlrpc.inc\r
\r
2006-01-17  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpcs.php: minor fix: do not raise a PHP warning when std server is\r
        called via GET (global HTTP_RAW_POST_DATA undefined). Some might have called\r
        it a security breach (path disclosure)...\r
\r
2006-01-15  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * testsuite.php: minor fix to expected date format in http cookie hedaer\r
        to cope with PHP 5.1.2\r
\r
2006-01-05  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpcs.inc: merge code from the 'extras' subclass that allows server\r
        to register plain php functions in dispatch map instead of functions\r
        accepting a single xmlrpcmgs obj parameter.\r
        One step closer to the kitchen sink!!!\r
\r
2005-12-31  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpcs.inc: let the server accept 'class::method' syntax in the dispatch\r
        map\r
\r
        * testsuite.php, server.php: added new tests for the recent charset encoding\r
        capabilities\r
\r
2005-12-24  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: correctly serialize() string xmlrpcvals that have been\r
        created out of non-string php variables, when internal encoding is UTF8;\r
        serialize to '0' int and double values created out of non-string php\r
        variables, eg. 'hello', instead of creating invalid xmlrpc;\r
        extend the php_xmlrpc_encode function to allow serializing string values\r
        to charsets other tha US-ASCII;\r
        minor tweak to xml parsing to allow correct parsing of empty strings when\r
        in 'direct to php values' mode\r
\r
        * xmlrpcs.inc: advances in system.multicall with plain php values\r
\r
2005-12-17  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpcs.inc: let the functions implementing the system.* methods work\r
        fine when called with plain php values as parameters instead of xmlrpcmsg\r
        objects (multicall not quite finished yet...);\r
        encode level 3 debug info as base64 data, to avoid charset encoding hell\r
\r
        * xmlrpc.inc: added a new xmlrpc_2_php_type function, to get the name of\r
        php types corresponding to xmlrpc types;\r
        in debug mode, when detecting base64 server debug info, print it out fine\r
\r
        * server.php: cosmetic fixes\r
\r
2005-12-09  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: remove one warning emitted when received xml contains an\r
        unknown tag; remove warnings emitted when custom error handler is set\r
        and user calls php_xmlrpc_encode/decode without the 2nd parameter\r
\r
        * xmlrpcs.inc: added a param to service(), to allow the server to parse\r
        data other than the POST body (useful for subclassing and debugging);\r
        reworked the implementation of server debug messages at debug level 2:\r
        since the debug info generated has no known charset, and putting it back\r
        into the response's xml would most likely break it, send it back to the\r
        client as a base64 encoded comment. Clients can decode it if they need it...\r
        Add some more javadocs\r
\r
        * testsuite.php: modified the string test, to see if the server can echo\r
        back to the client the received data without breaking the response's xml\r
\r
2005-12-05  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc, xmlrpcs.inc: let server and client objects decide if they\r
        want to use some charset encoding other than US-ASCII for serialized data:\r
        add a new var to both objects, and lots of parameters to function calls\r
        that took none up to now;\r
        refactored server method service() and parseRequest(), implementing a\r
        new parserequestHeaders() method to explicitly deal with HTTP\r
\r
2005-12-01  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * moved the jsonrpc implementation and the new wsdl stuff to a separate\r
        CVS module; updated the makefile to reflect it\r
\r
2005-11-24  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * modified php_xmlrpc_decode() to work on xmlrpcmessages too, besides\r
        xmlrpcvals. To achieve this, added a new method: xmlrpcmsg::kindOf()\r
\r
2005-11-22  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * released as 2.0 RC2\r
\r
2005-11-21  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: fix warnings about references for PHP 4.1.X\r
\r
        * Whitespace cleanup on all the lib\r
\r
2005-11-16  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: rewritten xmlrpc_encode_entitites adding two extra parameters\r
        that specify input and output charset encodings. This corrects the bug that\r
        prevented native UTF-8 strings to be correctly serialized (to have them\r
        encoded the user must set $xmlrpc_internalencoing appropriately).\r
\r
        * xmlrpc.inc: added new method xmlrpcmsg::parseResponseHeaders(), refactoring\r
        parseResponse(). This makes the code more modular and eases subclassing.\r
\r
        * xmlrpc.inc: set cookies and http headers to xmlrpcresp objs even when calls\r
        to send() do not complete correctly\r
\r
        * added new file: jsonrpcs.inc, to accomodate server jsonrpc objects in the future\r
\r
        * jsonrpc.inc: slow progress...\r
\r
2005-11-10  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: fixed the xmlrpc_client send and sendpayloadhttps methods\r
        to fix errors in calling https servers;\r
        added a new xmlrpc_client->setkey method to allow usage of client-side ssl\r
        certs in recent php builds;\r
        added to xmlrpcresp objects a content_type var, to be used in HTTP headers\r
\r
        * xmlrpcs.inc: separate generation of content-type http header and xml prologue\r
        from the service() method, to ease subclassing\r
\r
2005-11-03  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: moved the 'text/xml' mimetype string as class var of the xmlrpcmsg\r
        object instead of having it cabled into xmlrpc_client->send(): this allows to\r
        create subclasses of xmlrpcmsg that use a different mimetype\r
\r
        * jsonrpc.inc: added a new file, with an extremely experimental set of classes,\r
         designed to implement a json-rpc client and server, taking advantage of the\r
         existing xml-rpc infrastructure\r
\r
2005-10-28  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: changed constructor method for xmlrpcresp, making it smarter in\r
        case user does not declare the type of value it is passing to it;\r
        minor changes in serialization of xmlrpcresp with error codes, so that it\r
        utputs LF instead of CRLF on windows boxes after an FTP transfer of the code, too\r
\r
2005-10-26  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: added a new var of class xmlrpc_client, indicating what kind of\r
        object will be stored in the value() of xmlrpcresp's gotten from the send()\r
        method: xmlrpxc objects, plain php variables or raw xml. This allow the coder\r
        to make use of xmlrpc_decode for better performances if he wishes so.\r
        Modified creator of xmlrpcresp class to allow it to distinguish between being\r
        created out of raw xml or a plain php string (in the former case, serialization\r
        is still possible, opening a new world of opportunity for server-side programming:\r
        the php function implementing a web service has to provide the xml for the\r
        return value on its own).\r
        Modified xmlrpc_client::multicall() to suit; also added a new parameter which\r
        allows calls to multicall without automatic fallback to many-calls in case of\r
        error (speeding up the process of doing a failed multicall() call quite a bit)\r
        Fixed two bugs in guess_encoding.\r
        Audited all regexps and fixed some.\r
        xmlrpc_client::send() does not call xmlrpcmsg::parseresponsefile() anymore.\r
        Shuffled parseresponse() a little bit\r
\r
        * testsuite.php: added a new testcase for the modifications to multicall():\r
        now we test the case where xmlrpc_client returns php values, too\r
\r
2005-10-24  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: fixed guess_encoding() to always return uppercase chars\r
\r
        * added new file: benchmark.php. It contains a few tests used to evaluate\r
        speed of the lib in common use cases\r
\r
        * added file parse_args.php, containing common code for benchmark and\r
        testsuite, and modified testsuite.php accordingly\r
\r
        * modified makefile adding new files\r
\r
        * testsuite.php: added a couple of new test cases; fixed one warning\r
        emitted in php 5 E_STRICT mode\r
\r
2005-10-20  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: modify 3d param of ParseResponse(), allowing the function to\r
        return the raw xml received as value of the xmlrpcresponse object.\r
        This allows eg. to have epi-xmlrpc decode the xml for faster execution.\r
\r
2005-10-09  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: fixed error that prevented usage of HTTPS (the client\r
        always determined that ssl support was not present)\r
\r
2005-10-03  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc, xmlrpcs.inc: revert direction of stack growth during xml\r
        parsing for faster execution time; add support for detecting charset\r
        encoding of received xml; add support for cookies; better parsing of\r
        javadoc when building stub code in wrap_php_function; add a lot of\r
        javadoc comments everywhere; rewrite most error messages\r
\r
        * testsuite.php: add many tests for newly introduced features\r
\r
        * server.php: add a couple of new functions to support debugging new\r
        features\r
\r
        * debugger: add switches to enable all the latest lib features; minor\r
        improvements to layout\r
\r
        * synch included phpunit with latest PEAR release\r
\r
        * reorganize files included in the distribution in a new hierarchy of folders\r
\r
        * bump revision number to 2.0RC1 and release\r
\r
2005-8-14  Miles Lott <milos@groupwhere.org>\r
\r
        * xmlrpc.inc, xmlrpcs.inc: Remove all use of eval() to avoid potential\r
        security hole.\r
\r
        * As of this release we are no longer php3-compatible.\r
\r
2005-8-10 Miles Lott <milos@groupwhere.org>\r
\r
        * xmlrpc.inc, xmlrpcs.inc: Switched to using $GLOBALS instead of calling\r
        global $varname\r
\r
2005-07-22  Miles Lott <milos@groupwhere.org>\r
\r
        * Removed: bug_* files\r
\r
2005-07-14  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * debugger: added a workaround to disable using the debugger for attacking\r
        older versions of the lib\r
\r
        * testsuite.php: added code to test wrap_xmlrpc_method;\r
        use different wording for failed tests\r
\r
        * xmlrpcs.inc: change for() with foreach() in system.* methods implementations;\r
        remove a possible cause of php warning;\r
\r
        * xmlrpc.inc: let wrap_php_function and wrap_xmlrpc_method find suitable\r
        function names if default function names are already in use;\r
        correct wrap_xmlrpc_method to not set http protocol to 1.0 when not asked to;\r
        detect curl compiles without SSL\r
\r
2005-07-14  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: more auto-fix of xmlrpc_client path: '' -> '/';\r
        change to the method used for detecting failed evals (php 4.0.x compatibility);\r
        complete rework of return-by-ref functions to comply with php 4.4.0\r
\r
        * xmlrpcs.inc: change to the method used for detecting failed evals (php 4.0.x\r
        compatibility)\r
\r
        * testsuite.php: major rewrite of the multi- tests, to give better feedback on\r
        number of failed tests;\r
        flush html page title to screen before starting tests;\r
\r
2005-07-13  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: let xmlrpcmsg creator be forgiving of target paths that miss the\r
        starting '/' char;\r
        completely reworked assign-by-ref to be compliant with php 4.4.0 stricter\r
        warnings\r
\r
        * testsuite.php: added ability to be run from cli: (really dumb) separation of\r
        html and plain text outputs + parsing of argv parameters\r
\r
2005-07-12  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: compatibility fixes with PHP versions 4.0.x (and remove some for\r
        PHP 3)\r
\r
        * xmlrpcs.inc: compatibility fixes for PHP 4.0.x versions\r
\r
        * testsuite.php: better support for running with php versions 4.0.x;\r
        do not generate runtime errors but finish tests anyway if some calls to\r
        localhost fail;\r
        correctly detect a localhost port different from 80 for running tests against\r
\r
2005-07-11  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: preliminary building of method signature and docs in\r
        wrap_php_function;\r
        fix a bug in extracting function description from javadoc block in\r
        wrap_php_function;\r
        small fix for better compatibility with php < 4.2.0\r
\r
        * added compat subdir with extra code, taken form PEAR package Compat, to let\r
        the lib run fine with php 4 versions < 4.1\r
\r
2005-07-10  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: some nazi whitespace corrections;\r
        declared global $xmlrpcBoolean too (was the only one missing);\r
        used @eval inside getval() to have less path disclosure security reports filed\r
        in the future;\r
        added new global var: $xmlrpcValue, to be used in server dispatch maps as\r
        placeholder for a param which can be of any kind;\r
        big chunks (but still incomplete) of javadoc parsing in wrap_php_function\r
        + changed type of return val - now it is the complete array to be put in the\r
        dispatch map\r
\r
        * xmlrpcs.inc: let previous error handler be called by server to handle errors\r
        even if in debug level 3;\r
        default to compress responses if zlib installed;\r
        added a new val useful for only checking number (not type) of params in method\r
        calls;\r
        let user use object methods in dispatch map using the\r
        array($obj, 'fmethodname') format\r
\r
        * server.php: Added code called by testsuite.php to exercise registration of\r
        object methods as xmlrpc methods and auto-registration of php functions as xmlrpc\r
        methods\r
\r
        * testsuite.php: added tests to exercice server registering object methods as\r
        xmlrpc methods and automatic registration of php functions as server methods;\r
        added a hint to enable debug if some test goes wrong;\r
        renamed https test for better clarity\r
\r
2005-07-07  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: added function to be used for 'guestimating' charset encoding of\r
        received xml (not activated yet)\r
\r
        * server.php: Let server compress content by default if user asks so: it allows\r
        testsuite to check for compressed responses\r
\r
        * testsuite.php: added suite of tests for compressed responses; test CURL\r
        (http1.1) with all possible compression combinations too\r
\r
2005-07-06  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: Enable setting usage of keepalives on/off (for CURL cases);\r
        implement compression of xmlrpc requests; enable new syntax of xmlrpclient\r
        constructor: 1 - allow preferred http method to be set at creation time,\r
        2 - allow user to insert a single complete URL as only parameter and parse it;\r
        try to detect if curl is present whether it has been compiled w. zlib to enable\r
        automatically the reception of compressed responses\r
\r
        * xmlrpcs.inc: do not add into logs the content of the request, if it was\r
        received gzipped/deflated, to avoid breaking the xml sent back as response\r
        (NB: might be investigated further: is the problem caused by windows chars in\r
        the range 128-160 ?)\r
\r
        * testsuite.php: run all localhost tests 2 more times, to stress request\r
        compression;\r
        run all localhost tests in a row using keepalives, to test keepalive\r
        functionality\r
\r
2005-07-05  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: let CURL pass back to caller function the complete PHP headers\r
        as it did before: it enables better logging / debugging of communication;\r
        small change to the way CURL declares its ability to receive compressed\r
        messages (fix for the case where zlib is compiled in PHP but not in curl);\r
        added Keep-alive (ON BY DEFAULT) for http 1.1 and https messages (had to modify\r
        a lot of functions for that);\r
        always make sure a 'Connection: close' header is sent with curl connections if\r
        keep-alive is not wanted\r
\r
        * phpunit.php: switched to PEAR PHPUnit (rel 1.2.3), since it is maintained a\r
        lot more than the old version we were using\r
\r
        * added new folder with code of phpunit classes\r
\r
        * testsuite.php: added a new run of tests to check for compliance of client\r
        when using http 1.1;\r
        switched to PEAR PHPUnit classes;\r
        divided test for client ability to do multicall() into 2 separate tests\r
\r
2005-06-30  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        tagged and released version 1.1.1, backporting security fixes from HEAD\r
\r
2005-06-28  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpcs.inc: fix changes introuced yesterday in a rush;\r
        do not list system.* methods for a server that has them explicitly disabled\r
\r
        * bug_inject.xml: new test case used to check for code injection vulnerability\r
\r
        * testsuite.php: added a test case for zero parameters method calls;\r
        added two test cases for recently found code injection vulnerabilities\r
\r
2005-06-27  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: (tentative) fix for security problem reported by\r
        security@gulftech.org: we were not properly php-escaping xml received for\r
        BASE64 and NAME tags;\r
        some more patching related to junk received in xml messages/responses: if the\r
        PHP code built from the parsed xml is broken, catch any generated errors\r
        without echoing it to screen but take note of the error and propagate to user\r
        code\r
\r
        * xmlrpcs.inc: some more patching related to junk received in xml messages/\r
        responses: if the PHP code built from the parsed xml is broken, catch any\r
        generated errors without echoing it to screen but take note of the error and\r
        propagate to user code\r
\r
2005-06-24  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: fixed php_xmlrpc_encode detection of php arrays (again!);\r
        removed from wrap_php_function the part about setting a custom error handler\r
        (it can be activated using the more general $server->setdebug(3) anyway)\r
\r
        * xmlrpcs.inc: added to server the capability to trap all processing errors\r
        during execution of user functions and add them to debug info inside responses;\r
        return a (new) xmlrpcerr response instead of raising some obscure php execution\r
        error if there is an undefined function in the dispatch map\r
\r
        * testsuite.php: Added new testcases for recently implemented stuff\r
\r
2005-06-23  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: added new method: xmlrpcval->structmemexists, to check for\r
        presence of a wanted struct member without having to loop through all members;\r
        fix wrap_php_functions: correctly return false for php internal functions,\r
        whose param list is unknown;\r
        let addscalar fail as it should if called on struct vals;\r
        fix addstruct: do not fail when called for adding stuff to initialized structs;\r
        removed a warning generated when calling addscalar with inexistent type;\r
        massive code review for speed: replaced each() loops with foreach(), removed\r
        lots of useless assignments and duplications of data;\r
        added 'http11' as valid method param for xmlrpclient->send: makes use of curl\r
        for sending http 1.1 requests;\r
        changed a couple '=' into '=&' where objects are returned;\r
        fixed wrap_php_function() to better detect php errors while processing wrapped\r
        function\r
\r
        * xmlrpcs.inc: Fix php warnings generated when clients requested method\r
        signature / description for a method that had none in its dispatch map;\r
        turned server->debug into an integer value that will change the amount of\r
        logging going as comments into xmlrpc responses\r
\r
        * server.php: set default server debug level to 2\r
\r
        * testsuite.php: removed calls to deleted functions (xmlrpc_encode,\r
        xmlrpc_decode);\r
        added html page title describing target servers used for tests;\r
        added an assign-by-ref\r
\r
        * phpunit.php: Do not consider as failures PHP 5 E_STRICT errors (arbitrary\r
        choice, but lib is targeted at PHP 4)\r
\r
2005-06-22  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: removed lottsa old code that had been left in commented\r
\r
        * xmlrpc.inc: fixed setting of proxy port\r
\r
        * xmlrpc.inc: removed one warning when trying to decompress junk sent as\r
        deflated response\r
\r
        * xmlrpc.inc: changed the error messages (but not the code) that will be found\r
        in xmlrpcresponses when there are socket errors, to differentiate from HTTP\r
        errors\r
\r
        * xmlrpc.inc: refactored xmlrpcclient->sendpayloadHTTPS: now it calls a new\r
        method (sendpayloadCURL) that could be used also for generating HTTP 1.1\r
        requests\r
\r
        * xmlrpc.inc: added two new methods: wrap_php_function and wrap_xmlrpc_method:\r
        designed to let the lazy programmer automagically convert php functions to\r
        xmlrpc methods and vice versa. Details are in the code\r
\r
        * debugger/*: added initial revision of a 'universal xmlrpc debugger'\r
\r
2005-06-20  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: replace usage of 'echo' with error_log when errors arise\r
        in manipulation of xmlrpcval objects\r
\r
        * xmlrpc.inc: replaced <br> with <br /> in dump function\r
\r
        * xmlrpc.inc: added method structsize to xmlrpcval class (alias for arraysize)\r
\r
        * xmlrpc.inc: addarray() now will add extra members to an xmlrpcval object\r
        of array type; addstruct() can be used to add members to an xmlrpcval object\r
        of struct type\r
\r
        * xmlrpcs.inc: Added member allow_system_funcs to server: controls whether the\r
        server accepts or not calls to system.* functions\r
\r
2005-05-10  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: fix regression in php_xmlrpc_encode when encoding php hashes;\r
        fix decompression of gzip/deflated xmlrpc responses;\r
        set user agent string correctly in SSL mode (was forgetting lib name);\r
        add allowed encoding http headers in requests;\r
        do not pass http headers back from curl to parseresponse, to avoid re-decoding\r
        compressed xml or http 100 headers\r
\r
        * xmlrpcs.inc: added method setDebug;\r
        renamed compress_output to compress_response;\r
        do not try to set http headers if they have already been sent, because trying\r
        to do so will raise a PHP error, and if headers have been sent something has\r
        gone wrong already (shall we send a meaningful error response instead?)\r
\r
2005-05-08  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpcs.inc, xmlrpcs.inc: reverted to usage of '=& new' for better\r
        performance on (some) php4 installs.\r
        NB: PHP 3 compatibility is deprecated from now on!\r
\r
        * xmlrpc.inc: decode xmlrpc boolean type to native php boolean\r
\r
        * xmlrpcs.inc, xmlrpcs.inc: switched $_xh[$parser] to $_xh, since indexing\r
        an array by object will give a warning in php 5 (and we were resetting the\r
        array of _xh elements on every call anyway)\r
\r
        * xmlrpc.inc: commented unused code used originally for escaping content\r
\r
        * xmlrpc.inc: commented deprecated methods xmlrpc_encode and xmlrpc_decode\r
\r
        * xmlrpc.inc: php_xmlrpc_encode: encode integer-indexed php arrays as xmlrpc\r
        arrays instead of structs; if object given to encode is an xmlrpcval return it\r
        instead of reencoding (makes easier calling encode on an array of xmlrpcvals)\r
\r
        * xmlrpcs.inc: added $debug field to server class; if false will prevent\r
        the server from echoing debug info back to the client as xml comment\r
\r
        * xmlrpcs.inc: let the server add to the debug messages the complete request\r
        payload received and (if php installed as apache module) http headers, so that\r
        the client in debug mode can echo a complete fingerprint of the communication\r
\r
        * xmlrpcs.inc: changed API of ParseRequest method: now it cannot be called\r
        without a 'data' parameter; added 2nd parameter (http encoding); changed the\r
        call to this method from inside service() method\r
\r
        * xmlrpc.inc, xmlrpcs.inc: enable both server and client to parse compressed xml\r
        (if php is compiled with zlib); client should also be able to decode chunked\r
        http encoding\r
\r
        * xmlrpc.inc: add support for proxies (only basic auth supported); default port\r
        is 8080 (if left unspecified)\r
\r
        * xmlrpc.inc: use lowercase for names of http headers received (makes using\r
        them much simpler, since servers can use any upper/lowercase combination)\r
\r
        * xmlrpc.inc: bumped version number to '2.0 beta'\r
\r
2005-05-08  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * release of version 1.1\r
\r
2005-04-24  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpcs.inc: removed charset declaration from xml prologue of responses,\r
        since we are now escaping all non-ascii chars in an encoding-independent way\r
\r
        * bug_http.xml: modified to exercise some extra functonality of the lib\r
        (it should now be failed by the current PEAR implementation of the lib)\r
\r
        * xmlrpc.inc: bumped up rev. number to 1.1\r
\r
        * doc/xmlrpc_php.xml, doc/announce1_1.txt: documentation updates\r
\r
        * Makefile: updated to reflect new xml doc source, modified filelist\r
\r
2005-04-17  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * client.php, agesort.php, introspect.php, introspect_demo.php,\r
        which.php, test.pl, test.py: use as default target the server.php page hosted\r
        on phpxmlrpc.sf.net\r
\r
        * server.php: fix for register_globals off; refer to docs on phpxmlrpc.sf.net\r
\r
2005-04-15 Miles Lott <milos@groupwhere.org>\r
\r
        code formatting and comments\r
\r
2005-04-03  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: make use of global var $xmlrpcName in building User_Agent HTTP\r
        header (in conjunction with $xmlrpcVersion)\r
\r
        * agesort.php, client.php, comment.php, dicuss.php, mail.php, server.php,\r
        which.php: various janitorial fixes\r
        + always html escape content received from xmlrpc server or from user input\r
        + make the scripts run fine with register_globals off an register_long_arrays off\r
        + always use the functions php_xmlrpc_en(de)code, even if the EPI extension\r
        is not installed\r
        + in mail.php, allow user to see script source even if support for .phps files\r
        is not configured in the local web server\r
\r
        * testsuite.php: better detection of local webserver hostname for running tests\r
        against (if the user did not supply a webserver name)\r
\r
2005-03-21  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpcs.inc: revert to a PHP3 compatible script (change '=& new' to '= new')\r
\r
        * xmlrpc.inc: revert to a PHP3 compatible script (lottsa fixes)\r
\r
        * testsuite.php: default to using local server as test target if no user\r
        provided values are available instead of heddley.com server\r
\r
        * testsuite.php: play nice to PHP3 in retrieving user-passed values\r
\r
        * testsuite.php: fix constructor method name for a type of tests\r
\r
        * phpunit.php: fix all cases of call-time-pass-by-ref\r
\r
        * phpunit.php: rename Exception class to _Exception if the script is run with\r
        PHP 5 (exception is a reserverd word)\r
\r
2005-03-19  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: fixed bug in new http header parsing code in case there is\r
        no correct separator between response headers and body\r
\r
        * xmlrpc.inc: added recognizing and stripping of HTTP/1.1 100 response headers\r
\r
        * xmlrpc.inc: strip extra whitespace from response body, as well as any junk\r
        that comes after the last </MethodResponse> tag. It allows the server code to\r
        be put on public providers that add e.g. javascript advertising to served pages\r
\r
        * xmlrpc.inc: removed unused parts of code, trailing whitespace\r
\r
        * xmlrpc.inc: fix possible bug (?) in xmlrpc_ee for BOOLEAN values: true was\r
        being handled differently than false\r
\r
        * testsuite.php: added a new file-based test to stress the response parsing\r
        modifications recently introduced; enabled debugging for file based tests\r
\r
2005-03-15  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: fixed missing declaration of global vars in xmlrpc_dh,\r
        sendpayloadhttps and sendpayloadhttp10\r
\r
        * xmlrpc.inc: changed error message for invalid responses: 'enable debugging'\r
        is more clear that 'enabling debugging' (the user is being encouraged to do it)\r
\r
        * xmlrpc.inc: rewrote HTTP response header parsing. It should be more tolerant\r
        of invalid headers, give more accurate error messages and be marginally faster,\r
        too.\r
\r
        * xmlrpc.inc: cosmetic whitespace fixes and remove useless one-liners\r
\r
        * xmlrpc.inc: build a shorter PHP command line to be evaluated for rebuilding\r
        values from parsed xml: use '$val =& nex xmlrpcval("value")' for string values\r
        instead of '$val =& nex xmlrpcval("value", $xmlrpcString)'\r
\r
        * xmlrpc.inc: fix change introduced 2005/01/30 moving call to curl_close()\r
        too early: it did not work on error situations\r
\r
        * testsuite.php: fix name of testAddingTest method, renamed testErrosString\r
        into testErrorString and removed useless warning for register_globals=off case\r
\r
2005-02-27  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: do not echo XML parsing error to screen (it is already dumped\r
        into error log)\r
\r
        * xmlrpc.inc: set hdrs field into response object in case of XML parsing error\r
        (uniform behaviour with other responses)\r
\r
2005-02-26  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: use global var $xmlrpcVersion as number for user agent string\r
\r
        * xmlrpcs.inc: eliminate server side PHP warning and give back to caller\r
        a better error msg in case the called method exists but no signature matches\r
        the number of parameters\r
\r
2005-02-20  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: accept a + sign in front of floats / integers, since the spec\r
        clearly mentions it\r
\r
        * xmlrpc.inc, xmlrpcs.inc: renamed function XmlEntities to xmlrpc_encode_entitites,\r
        to avoid using the same name as an array already defined\r
\r
        * xmlrpc.inc: fix bug introduced with escaping of UTF8 chars in xmlrpc error\r
        responses: correct behaviour is to escape chars inside serialize(), not when\r
        calling the xmlrpcresp creator\r
\r
        * testsuite.php: made test suite more friendly to modern PHP configs, allowing\r
        register_globals to be off and to set in the URL all testing parameters;\r
        added tests for newly introduced fixes; renamed existing tests acording to the\r
        docs inside phpunit.php (e.g. no subclass of TestCase should have a name\r
        starting with test...)\r
\r
2005-02-19  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: accept patch 683153 by mah0: if timeout is set, allow all socket\r
        operations to timeout at the given time, not only the socket connection\r
\r
2005-02-13  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: be tolerant to double values received in exponential notation:\r
        even though the spec forbids their usage PHP is fine with them\r
\r
        * xmlrpc.inc: fix bug: new xmlrpcval('-1') was creating an empty value instead\r
        of a string value!\r
\r
        * xmlrpc.inc, xmlrpcs.inc: fix the payload encoding changes introduced by\r
        Andres Salomon on 2004-03-17: sending named html entities inside an xml chunk\r
        makes it invalid, and thus renders the lib absolutely non-interoperable with\r
        any other xmlrpc implementation; moreover the current implementation only ever\r
        worked for non-ascii requests, while breaking client-parsing of responses\r
        containing non-ascii chars.\r
        The principle of using entities is preserved though, because it allows the\r
        client to send correct xml regardless of php internal charset encoding vs.\r
        xml request charset encoding, but using 'character references' instead.\r
\r
        * xmlrpc.inc: encode (non-ascii) chars into charset entities also for error\r
        strings\r
\r
        * xmlrpcs.inc: encode (non-ascii) chars into charset entities also for debug\r
        messages\r
\r
        * xmlrpcs.inc: added 'Accept-Charset' header in http request to let the server\r
        know what kind of charset encoding we do expect to be used for responses\r
\r
        * xmlrpc.inc, xmlrpcs.inc: explicitly tell the xml parser what charset the\r
        application expects to receive content in (notably strings). A new variable,\r
        $xmlrpc_internalencoding, (defaulting to ISO-8859-1) defines what charset the\r
        parser will use for passing back string xmlrpcvals to the PHP application\r
        (both server-side and client-side).\r
        This allows transparent usage of e.g. UTF-8 for encoding xml messages between\r
        server and client and ISO-8859-1 for internal string handling.\r
        ISO-8859-1 is, AFAIK, PHP internal encoding for all installs except\r
        mbstring-enabled ones.\r
\r
2005-02-12  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpcs.inc: use '$var =& new(' construct to assign objects: on older versions\r
        of PHP objects are first built then copied over if the ampersand is omitted.\r
        Using it should make the code a little bit faster...\r
\r
        * doc/xmlrpc.php: update lib version number, release date in preparation for\r
        next release\r
\r
        * makefile: update lib version number in preparation for next release\r
\r
        * xmlrpc.inc: split up parsing of xmlrpc INT and DOUBLE values. This allows\r
        finer-grained control over valid values: now the '.' char is not allowed\r
        any more inside int values.\r
\r
        * xmlrpc.inc: fix for bug #560303: ints and doubles starting with '0' chars are\r
        no more parsed as octal values\r
\r
2005-01-30  Gaetano Giunta <giunta.gaetano@gmail.com>\r
\r
        * xmlrpc.inc: Modifed last change by Miles: the functions php_xmlrpc_encode\r
        and php_xmlrpc_decode are now always defined, regardless of the existence of\r
        XMLRPC-EPI.  This allows users to start using these functions as the 'default'\r
        functions, and pave the way for future deprecation of xmlrpc_encode/encode\r
        while maintaining a stable API.\r
\r
        * xmlrpc.inc: use '$var =& new(' construct to assign objects: on older versions\r
        of PHP objects are first built then copied over if the ampersand is omitted.\r
        Using it should make the code a little bit faster...\r
\r
        * xmlrpc.inc: close curl connection as soon as possible for https requests:\r
        it could save some memory / resources.\r
\r
        * xmlrpc.inc: added some extra info in the PHP error log message generated\r
        when an invalid xmlrpc integer/float value is encountered and we try to\r
        deserialize it.\r
\r
        * xmlrpc.inc: added @ char before fsockopen to avoid echoing useless warnings\r
        when connection to server fails; added the same to avoid echoing warnings when\r
        deserializing data of an unknown type\r
\r
        * xmlrpc.inc: reset the _xh array on each xmlrpc call: otherwise a new array\r
        member is created for each consecutive call and never destroyed, thus making it\r
        impossible to build an xmlrpc-client daemon beacuse of memory leaking.\r
\r
        * xmlrpc.inc: declare global the variables that are used as 'constants',\r
        so that xmlrpc.inc will work even if it is included from within a function\r
\r
2004-12-27  Miles Lott <milos@groupwhere.org>\r
        * xmlrpc.inc: A new constant, XMLRPC_EPI_ENABLED, is defined depending on\r
        the existence of the function, xmlrpc_decode.  This function will exist in\r
        PHP if the      extension, XMLRPC-EPI (http://xmlrpc-epi.sourceforge.net), is\r
        loaded.  It defines the functions xmlrpc_encode and xmlrpc_decode, which\r
        will conflict with functions of the same name in xmlrpc.inc.  If this\r
        extension is loaded, we instead use the names php_xmlrpc_encode and\r
        php_xmlrpc_decode.  Please look at server.php, testsuite.php, etc., for\r
        how this should be handled if using these functions.\r
\r
2003-04-17  Andres Salomon  <dilinger@voxel.net>\r
        * xmlrpc.inc: encode strings using htmlentities() instead of\r
        htmlspecialchars(), and add xmlrpc_html_entity_xlate().  This\r
        should fix longstanding issues with sending weird chars (from\r
        non-USASCII codesets like UTF-8, ISO-8859-1, etc) that caused\r
        the xml parser to choke.  Multi-byte chars are now changed to\r
        entities before sending, so that the xmlrpc server doesn't need\r
        to know the encoding type of the POST data.\r
        * xmlrpcs.inc: call xmlrpc_html_entity_xlate before parsing\r
        request packet.  The parser chokes on unknown entities (the\r
        entities created by htmlentities() are exactly that; html\r
        entities, not xml entities), so they must be converted from\r
        name form (&eacute;) to numerical form (&#233;).\r
\r
2003-01-12  Andres Salomon  <dilinger@voxel.net>\r
\r
        * released 1.0.99.2.\r
        * Makefile: separate doc/Makefile a bit more from Makefile,\r
        and add clean rules.\r
\r
2003-01-10  Andres Salomon  <dilinger@voxel.net>\r
\r
        * xmlrpc.inc: xmlrpcresp and parseResponse cleanups; variable\r
        name renames ('xv' to 'val', for example), type checking, and\r
        stricter default values.\r
        * xmlrpc.inc: fix xmlrpcresp's faultcode; return -1 for FAULT\r
        responses from the server whose faultcodes don't reflect any\r
        errors.\r
\r
2003-01-08  Andres Salomon  <dilinger@voxel.net>\r
\r
        * xmlrpc.inc: rename $_xh[$parser]['ha'] to\r
        $_xh[$parser]['headers'].\r
        * xmlrpc.inc: fix bugs related to $_xh[$parser]['headers];\r
        some places treated this as an array, others as a scalar.\r
        Treat unconditionally as an array.  Also wrap header debugging\r
        output in PRE tags.\r
\r
2002-12-17  Andres Salomon  <dilinger@voxel.net>\r
\r
        * released 1.0.99.\r
        * Makefile: changed the tarball format/dist rule to a more\r
        conventional form, as well as normal release updates.\r
        * xmlrpc.inc: added setSSLVerifyPeer and setSSLVerifyHost; as\r
        of curl 7.10, various certificate checks are done (by default).\r
        The default for CURLOPT_SSL_VERIFYHOST is to ensure the common\r
        name on the cert matches the provided hostname.  This breaks a\r
        lot of stuff, so allow users to override it.\r
        * doc/xmlrpc_php.sgml: updated documentation accordingly.\r
\r
2002-09-06  Geoffrey T. Dairiki  <dairiki@dairiki.org>\r
\r
        Add support for system.multicall() to both the client\r
        and the server.\r
\r
        * testsuite.php: Add new tests 'testServerMulticall',\r
        and 'testClientMulticall'.\r
\r
        * xmlrpc.inc: Added new error messages for system.multicall().\r
        * xmlrpcs.inc: Added new procedure call system.multicall().\r
        See http://www.xmlrpc.com/discuss/msgReader$1208 for details.\r
\r
        * xmlrpc.inc: Added system.multicall functionality to\r
        xmlrpc_client.  xmlrpc_client::send can now take an array of\r
        xmlrpcmsg's as an argument.  In that case it will attempt\r
        to execute the whole array of procure calls in a single\r
        HTTP request using system.multicall().  (If that attempt fails,\r
        then the calls will be excuted one at a time.)  The return\r
        value will be an array of xmlrpcresp's (or 0 upon transport\r
        failure.)\r
\r
2001-11-29  Edd Dumbill  <edd@usefulinc.com>\r
\r
        * xmlrpc.inc: fixed problem with processing HTTP headers that\r
        broke any payload with more than one consecutive newline in it.\r
        also initialise the 'ac' array member to empty string at start.\r
        * testsuite.php: added unit test to exercise above bug\r
        * xmlrpcs.inc: fixed uninitialized variable $plist\r
\r
2001-09-25  Edd Dumbill  <edd@usefulinc.com>\r
\r
        * xmlrpc.inc: applied urgent security fixes as identified by Dan\r
        Libby\r
\r
2001-08-27  Edd Dumbill  <edd@usefulinc.com>\r
\r
        * xmlrpc.inc: Merged in HTTPS support from Justin Miller, with a\r
        few additions for better traceability of failure conditions. Added\r
        small fix from Giancarlo Pinerolo. Bumped rev to 1.0. Changed\r
        license to BSD license.\r
\r
2001-06-15  Edd Dumbill  <edd@usefulinc.com>\r
\r
        * xmlrpcs.inc: Added \r into return MIME headers for server class\r
\r
2001-04-25  Edd Dumbill  <edd@usefulinc.com>\r
\r
        * server.php: Added interop suite of methods.\r
\r
2001-04-24  Edd Dumbill  <edd@usefulinc.com>\r
\r
        * testsuite.php: added in test case for string handling bug.\r
\r
        * xmlrpc.inc: merged in minor fixes from G Giunta to fix\r
        noninitialization. Created new method, getval(), which includes\r
        experimental support for recreating nested arrays, from Giunta and\r
        Sofer. Fixed string handling bug where characters after </string>\r
        but before </value> weren't ignored. Added in support for native\r
        boolean type into xmlrpc_encode (Giunta).\r
\r
        * xmlrpcs.inc: updated copyright notice\r
\r
2001-01-15  Edd Dumbill  <edd@usefulinc.com>\r
\r
        * xmlrpc.inc: fixed bug with creation of booleans. Put checks in\r
        to ensure that numbers were really numeric. Fixed bug with\r
        non-escaping of dollar signs in strings.\r
\r
        * testsuite.php: created test suite.\r
\r
2000-08-26  Edd Dumbill  <edd@usefulinc.com>\r
\r
        * xmlrpcs.inc: added xmlrpc_debugmsg() function which outputs\r
        debug information in comments inside the return payload XML\r
\r
        * xmlrpc.inc: merged in some changes from Dan Libby which fix up\r
        whitespace handling.\r
\r
        * xmlrpcs.inc: added Content-length header on response (bug from\r
        Jan Varga <varga@utcru.sk>. This means you can no longer print\r
        during processing\r
\r
        * xmlrpc.inc: changed ereg_replace to str_replace in several\r
        places (thanks to Dan Libby <dan@libby.com> for this).\r
\r
        * xmlrpc.inc: added xmlrpc_encode() and xmlrpc_decode() from Dan\r
        Libby--these helper routines make it easier to work in native PHP\r
        data structures.\r
\r
2000-07-21  Edd Dumbill  <edd@usefulinc.com>\r
\r
        * xmlrpc.inc: added xmlrpc_client::setCredentials method to pass\r
        in authorization information, and modified sendPayload* methods to\r
        send this OK. Thanks to Grant Rauscher for the impetus to do this.\r
        Also, made the client send empty <params></params> if there are no\r
        parameters set by the user.\r
\r
        * doc/xmlrpc_php.sgml: updated documentation to reflect recent\r
        changes\r
\r
\r
2000-07-18  Edd Dumbill  <edd@usefulinc.com>\r
\r
        * server.php: added examples.invertBooleans method to server as a\r
        useful test method for boolean values.\r
\r
        * xmlrpc.inc: rearranged the way booleans are handled to fix\r
        outstanding problems. Fixed calling addScalar() on arrays so it\r
        works. Finally fixed backslashification issues to remove the\r
        problem will dollar signs disappearing.\r
\r
        * booltest.php: really fixed booleans this time.\r
\r
2000-06-03  Edd Dumbill  <edd@usefulinc.com>\r
\r
        * xmlrpcs.inc: made signature verification more useful - now\r
        returns what it found was wrong\r
\r
        * xmlrpc.inc: fixed bug with decoding dateTimes. Also fixed a bug\r
        which meant a PHP syntax error happened when attempting to receive\r
        empty arrays or structs. Also fixed bug with booleans always being\r
        interpreted as 'true'.\r
\r
        * server.php: Added validator1 suite of tests to test against\r
        validator.xmlrpc.com\r
\r
\r
2000-05-06  Edd Dumbill  <edd@usefulinc.com>\r
\r
        * released 1.0b6\r
\r
        * added test.pl and test.py, Perl and Python scripts that exercise\r
        server.php somewhat (but not a lot)\r
\r
        * added extra fault condition for a non 200 OK response from the\r
        remote server.\r
\r
        * added iso8601_encode() and iso8601_decode() to give some support\r
        for passing dates around. They translate to and from UNIX\r
        timestamps. Updated documentation accordingly.\r
\r
        * fixed string backslashification -- was previously a little\r
        overzealous! new behavior is '\' --> '\\' and '"' -->\r
        '\"'. Everything else gets left alone.\r
\r
2000-04-12  Edd Dumbill  <edd@usefulinc.com>\r
\r
        * updated and bugfixed the documentation\r
\r
        * fixed base 64 encoding to only happen at serialize() time,\r
        rather than when a base64 value is created. This fixes the double\r
        encoding bug reported by Nicolay Mausz\r
        <castor@flying-dog.com>. The same approach ought to be taken with\r
        encoding XML entities in the data - this is a TODO.\r
\r
        * integrated further code from Peter Kocks: used his new code for\r
        send(), adding a second, optional, parameter which is a timeout\r
        parameter to fsockopen()\r
\r
1999-10-11  Edd Dumbill  <edd@usefulinc.com>\r
\r
        * added bug fixes from Peter Kocks <peter.kocks@baygate.com>\r
\r
1999-10-10  Edd Dumbill  <edd@usefulinc.com>\r
\r
        * updated the documentation\r
\r
1999-10-08  Edd Dumbill  <edd@usefulinc.com>\r
\r
        * added system.* methods and dispatcher, plus documentation\r
\r
        * fixed bug which meant request::getNumParams was returning an\r
        incorrect value\r
\r
        * added signatures into the dispatch map. This BREAKS\r
        COMPATIBILITY with previous releases of this code\r
\r
1999-08-18  Edd Dumbill  <edd@usefulinc.com>\r
\r
        * made entity encoding and decoding transparent now on string\r
        passing.\r
\r
        * de-globalised the globals in the parse routines, using an\r
        associative array to hold all parser state $_xh\r
\r
        * changed default input encoding to be UTF-8 to match expectation\r
\r
        * separated out parseResponse into parseResponse and\r
        parseResponseFile so that you can call parseResponse on a string\r
        if you have one handy\r
\r
1999-07-20  Edd Dumbill  <edd@usefulinc.com>\r
\r
        * Moved documentation into Docbook format\r
\r
1999-07-19  Edd Dumbill  <edd@usefulinc.com>\r
\r
        * Added an echo server into server.php and echotest.php, a client\r
        which will exercise the new echo routine.\r
\r
        * Added test for no valid value returned: in this case will now\r
        throw the error "invalid payload"\r
\r
        * Added serialize() method to xmlrpcresp to return a string with\r
        the response serialized as XML\r
\r
        * Added automatic encoding and decoding for base64 types\r
\r
        * Added setDebug() method to client to enable HTML output\r
        debugging in the client\r
\r
1999-07-08  Edd Dumbill  <edd@usefulinc.com>\r
\r
        * Improved XML parse error reporting on the server side to send it\r
        back in a faultCode packet. expat errors now begin at 100\r
\r
1999-07-07  Edd Dumbill  <edd@usefulinc.com>\r
\r
        * Changed the structmem and arraymem methods of xmlrpcval to always\r
        return xmlrpc vals whether they referred to scalars or complex\r
        types.\r
\r
        * Added the server class and demonstrations\r
\r
        * Fixed bugs in the XML parsing and reworked it\r
\r
\r
$Id: ChangeLog,v 1.96 2009/03/16 19:39:11 ggiunta Exp $\r