remove one more warning with php 7.2

[plcapi.git] / NEWS

XML-RPC for PHP version 3.1.2 - 2019/5/27

This release makes the library compatible with php 7.2 by removing one more deprecation warning.
*NB* moving to version 4 of the library is the recommended option unless you absolutely can not upgrade, as it comes
with many improvements and is fully API compatible with version 3.


XML-RPC for PHP version 3.1.1 - 2018/4/7

This release makes the library compatible with php 7.2 by removing some deprecation warnings.
*NB* moving to version 4 of the library is the recommended option unless you absolutely can not upgrade, as it comes
with many improvements and is fully API compatible with version 3.


XML-RPC for PHP version 3.1.0 - 2017/7/1

This release makes the library compatible with php 7 by removing the deprecation warnings.
*NB* moving to version 4 of the library is the recommended option unless you absolutely can not upgrade, as it comes
with many improvements and is fully API compatible with version 3.

The only other changes are:

* addition of a 'setSSLVersion' method to the client class
* updates to the test suite


XML-RPC for PHP version 3.0.1 - 2015/4/18
This release corrects all bugs that have been reported and successfully reproduced since
version 3.0.0:

* the library does not decode correctly LATIN-1 requests/responses if the character set is not set in the xml prolog
* the debugger sends incorrect requests when the payload includes LATIN-1 characters
* the client can not call remote methods which use LATIN-1 or UTF8 characters in their names

Taking baby steps to modern-world php, this release is now tested using Travis ( https://travis-ci.org/gggeek/phpxmlrpc ).

Improved: no need to call anymore $client->setSSLVerifyHost(2) to silence a curl warning when using https with recent curl builds


XML-RPC for PHP version 3.0.0 - 2014/6/15

This release corrects all bugs that have been reported and successfully reproduced since
version 3.0.0 beta.

The requirements have increased to php 5.1.0 - which is still way older than what you should be running for any serious purpose, really.

It also is the first release to be installable via composer.

See the Changelog file or the pdf docs for a complete list of changes.


XML-RPC for PHP version 3.0.0 beta - 2009/09/05

This is the first release of the library to only support PHP 5.
Some legacy code has been removed, and support for features such as exceptions
and dateTime objects introduced.

The "beta" tag is meant to indicate the fact that the refactoring has been more widespread
than in precedent releases and that more changes are likely to be introduced with time -
the library is still considered to be production quality.

* improved: removed all usage of php functions deprecated in php 5.3, usage of assign-by-ref when creating new objects etc...
* improved: add support for the <ex:nil/> tag used by the apache library, both in input and output
* improved: add support for dateTime objects in both in php_xmlrpc_encode and as parameter for constructor of xmlrpcval
* improved: add support for timestamps as parameter for constructor of xmlrpcval
* improved: add option 'dates_as_objects' to php_xmlrpc_decode to return dateTime objects for xmlrpc datetimes
* improved: add new method SetCurlOptions to xmrlpc_client to allow extra flexibility in tweaking http config, such as explicitly binding to an ip address
* improved: add new method SetUserAgent to xmrlpc_client to to allow having different user-agent http headers
* improved: add a new member variable in server class to allow fine-tuning of the encoding of returned values when the server is in 'phpvals' mode
* improved: allow servers in 'xmlrpcvals' mode to also register plain php functions by defining them in the dispatch map with an added option
* improved: catch exceptions thrown during execution of php functions exposed as methods by the server
* fixed: bad encoding if same object is encoded twice using php_xmlrpc_encode


XML-RPC for PHP version 2.2.2 - 2009/03/16

This release corrects all bugs that have been reported and successfully reproduced since
version 2.2.1.
Regardless of the intimidating message about dropping PHP 4 support, it still does
support that ancient, broken and insecure platform.


* fixed: php warning when receiving 'false' in a bool value
* fixed: improve robustness of the debugger when parsing weird results from non-compliant servers
* fixed: format floating point values using the correct decimal separator even when php locale is set to one that uses comma
* fixed: use feof() to test if socket connections are to be closed instead of the number of bytes read (rare bug when communicating with some servers)
* fixed: be more tolerant in detection of charset in http headers
* fixed: fix encoding of UTF8 chars outside of the BMP plane
* fixed: fix detection of zlib.output_compression
* improved: allow the add_to_map server method to add docs for single params too
* improved: added the possibility to wrap for exposure as xmlrpc methods plain php class methods, object methods and even whole classes


XML-RPC for PHP version 2.2.1 - 2008/03/06

This release corrects all bugs that have been reported and successfully reproduced.
It is the last release of the library that will support PHP 4.

* fixed: work around bug in php 5.2.2 which broke support of HTTP_RAW_POST_DATA
* fixed: is_dir parameter of setCaCertificate() method is reversed
* fixed: a php warning in xmlrpc_client creator method
* fixed: parsing of '1e+1' as valid float
* fixed: allow errorlevel 3 to work when prev. error handler was a static method
* fixed: usage of client::setcookie() for multiple cookies in non-ssl mode
* improved: support for CP1252 charset is not part or the library but almost possible
* improved: more info when curl is enabled and debug mode is on


XML-RPC for PHP version 2.2 - 2007/02/25

This release corrects a couple of bugs and adds a few minor features.

* fixed: debugger errors on php installs with magic_quotes_gpc on
* fixed: support for https connections via proxy
* fixed: wrap_xmlrpc_method() generated code failed to properly encode php objects
* improved: slightly faster encoding of data which is internally UTF-8
* improved: debugger always generates a 'null' id for jsonrpc if user omits it
* new: debugger can take advantage of a graphical value builder
  (it has to be downloaded separately, as part of jsxmlrpc package)
* new: support for the <NIL/> xmlrpc extension
* new: server support for the system.getCapabilities xmlrpc extension
* new: wrap_xmlrpc_method() accepts two new options: debug and return_on_fault


XML-RPC for PHP version 2.1 - 2006/08/28

This release corrects quite a few bugs and adds some interesting new features.
There is a minor security enhancement and overall speedup too.

It has been tested with PHP 4.0.5 up to 4.4.4 and 5.1.5.
Please note that 404pl1 is NOT supported, and has not been since 2.0.

*** PLEASE READ CAREFULLY BELOW ***

CHANGES THAT MIGHT AFFECT DEPLOYED APPLICATIONS:

The wrap_php_function and wrap_xmlrpc_method functions have been moved out of
the base library file xmlrpc.inc into a file of their own: xmlrpc_wrappers.inc.
You will have to include() / require() it in your scripts if you have been using
those functions.

For increased security, the automatic rebuilding of php object instances out of
received xmlrpc structs in wrap_xmlrpc_method() has been disabled (but it can be
optionally reenabled).

The constructor of xmlrpcval() values has seen major changes, and it will not
throw a php warning anymore when invoked using an unknown xmlrpc type: the
error will only be written to php error log. Also new xmlrpcval('true', 'boolean')
is not supported anymore.

MAJOR IMPROVEMENTS:

The new function php_xmlrpc_decode_xml() will take the xml representation of
either an xmlrpc request, response or single value and return the corresponding
php-xmlrpc object instance.

Both wrap_php_function() and wrap_xmlrpc_method() functions accept many more
options to fine tune their behaviour, including one to return the php code to
be saved and later used as standalone php script.

A new function wrap_xmlrpc_server() has been added, to wrap all (or some) of the
methods exposed by a remote xmlrpc server into a php class.

Lib internals have been modified to provide better support for grafting extra
functionality on top of it. Stay tuned for future releases of the EXTRAS package.

Last but not least a new file has been added: verify_compat.php, to help users
diagnose the level of compliance of the current php install with the library.

CHANGELOG IN DETAIL:

* fixed bug 1311927: client not playing nice with some proxy/firewall on ports != 80
* fixed bug 1334340: all ereg_ functions have been replaced with corresponding preg_
* fixed bug: wrong handling of 'deflate' http encoding, both server and client side
* fixed bug: sending compressed responses when php output compression is enabled was not working
* fixed bug: addarray() and addstruct() where not returning 1 when adding data to already initialized values
* fixed bug: non-ascii chars used in struct element names where not being encoded correctly
* restored compatibility with php 4.0.5 (for those poor souls still stuck on it)
* server->service() now returns either the payload or xmlrpcresp instance
* server->add_to_map() now accepts methods with no param definitions
* added new function: php_xmlrpc_decode_xml()
* added new function: wrap_xmlrpc_server()
* major improvements and security enhancements to wrap_php_function() and wrap_xmlrpc_method()
* documentation for single parameters of exposed methods can be added to the dispatch map
  (and turned into html docs in conjunction with a future release of the extras package)
* full response payload is saved into xmlrpcresp object for further debugging
* stricter parsing of incoming xmlrpc messages: two more invalid cases are now detected
  (double data element inside array and struct/array after scalar inside value element)
* debugger can now generate code that wraps a remote method into php function (works for jsonrpc, too)
* debugger has better support for being activated via a single GET call (for integration into other tools?)
* more logging of errors in a lot of situations
* javadoc documentation of lib files almost complete
* the usual amount of new testcases in the testsuite
* many performance tweaks and code cleanups
* added foundation for emulating the API of the xmlrpc extension (extras package needed)


XML-RPC for PHP version 2.0 - 2006/04/24

I'm pleased to announce XML-RPC for PHP version 2.0, final.

With respect to the last release candidate, this release corrects a few small
bugs and adds a couple of new features: more authentication options (digest and
ntlm for servers, ntlm for proxies, and some https custom certificates stuff);
all the examples have been reviewed and some demo files added,
including a ready-made xmlrpc proxy (useful e.g. for ajax calls, when the xmlrpc
client is a browser); the server logs more warning messages for incorrect situations;
both client and server are more tolerant of commonly-found mistakes.
The debugger has been upgraded to reflect the new client capabilities.

In greater detail:

* fixed bug: method xmlrpcval::structmemexists($value) would not work
* fixed bug: wrap_xmlrpc_method would fail if invoked with a client object that
  has return_type=phpvals
* fixed bug: in case of call to client::multicall without fallback and server error
* fixed bug: recursive serialization of xmlrpcvals loosing specified UTF8 charset
* fixed bug: serializing to ISO-8859-1 with php 5 would raise an error if non-ascii
  chars where found when decoding
* new: client can use NTLM and Digest authentication methods for https and http 1.1
  connections; authentication to proxy can be set to NTLM, too
* new: server tolerates user functions returning a single xmlrpcval object instead
  of an xmlrpcresp
* new: server does more checks for presence and correct return type of user
  coded method handling functions, and logs inconsistencies to php error log
* new: client method SetCaCertificate($cert, $is_dir) to validate server against
* new: both server and client tolerate receiving 'true' and 'false' for bool values
  (which btw are not valid according to the xmlrpc spec)


XML-RPC for PHP version 2.0RC3 - 2006/01/22

This release corrects a few bugs and adds some interesting new features.
It has been tested with PHP up to 4.4.2 and 5.1.2.

* fixed bug: server not recognizing clients that declare support for http compression
* fixed bug: serialization of new xmlrpcval (8, 'string') when internal encoding
  set to UTF-8
* fixed bug: serialization of new xmlrpcval ('hello', 'int') would produce
  invalid xml-rpc
* new: let the server accept 'class::method' syntax in the dispatch map
* new: php_xmlrpc_decode() can decode xmlrpcmessage objects
* new: both client and server can specify a charset to be used for serializing
  values instead of the default 'US-ASCII+xml-entities-for-other-characters'.
  Values allowed: ISO-8859-1 and UTF-8
* new: the server object can register 'plain' php functions instead of functions
  that accept a single parameter of type xmlrpcmsg. Faster, uses less memory
  (but comes with minor drawbacks as well, read the manual for more details)
* new: client::setDebug(2) can be used to have the request payload printed to
  screen before being sent
* new: server::service($data) lets user parse data other than POST body, for
  easier testing / subclassing
* changed: framework-generated debug messages are sent back by the server base64
  encoded, to avoid any charset/xml compatibility problem
* other minor fixes

The usual refactoring of a lot of (private) methods has taken place, with new
parameters added to some functions.
Javadoc documentation has been improved a lot.
The HTML documentation has been shuffled around a bit, hoping to give it a more
logical organization.

The experimental support for the JSON protocol has been removed, and will be
packaged as a separate download with some extra very interesting stuff (human
readable auto-generated documentation, anyone?).


XML-RPC for PHP version 2.0RC2 - 2005/11/22

This release corrects a few bugs and adds basically one new method for better
HTTPS support:

 * fixed two bugs that prevented xmlrpc calls to take place over https
 * fixed two bugs that prevented proper recognition of xml character set
   when it was declared inside the xml prologue
 * added xmlrpc_client::setKey($key, $keypass) method, to allow using client
   side certificates for https connections
 * fixed bug that prevented proper serialization of string xmlrpcvals when
   $xmlrpc_internalencoding was set to UTF-8
 * fixed bug in xmlrpc_server::echoInput() (and marked method as deprecated)
 * correctly set cookies/http headers into xmlrpcresp objects even when the
   send() method call fails for some reason
 * added a benchmark file in the testsuite directory

A couple of (private/protected) methods have been refactored, as well as a
couple of extra parameters added to some (private) functions - this has no
impact on the public API and should be of interest primarily to people extending
/ subclassing the lib.

There is also new, PARTIAL support for the JSON-RPC protocol, implemented in
two files in the extras dir (more info about json-rpc at http://json-rpc.org)


XML-RPC for PHP version 2.0RC1 - 2005/10/03

I'm pleased to announce XML-RPC for PHP version 2.0, release candidate 1.

This release introduces so many new features it is almost impossible to list them
here, making the library finally on pair with, if not more advanced than, any other
similar offer (e.g. the PEAR XMLRPC package or the Incutio IXR library).
No, really, trust me.

The minimum supported PHP version is now 4.2 - natively - or 4.0.4pl1 - by usage of
a couple of compatibility classes (code taken from PEAR php_compat package).

The placement of files and directories in the distribution has been deeply modified,
in the hope of making it more clear, now that the file count has increased.
I hope you find it easy.

Support for "advanced" HTTP features such as cookies, proxies and keep-alives has
been added at last.

It is now much easier to convert between xmlrpcval objects and php values, and
in fact php_xmlrpc_encode and php_xmlrpc_decode are now the recommended methods
for all cases, except when encoding base64 data.

Two new (experimental) functions have been added, allowing automagic conversion
of a php function into an xmlrpc method to be exposed and vice-versa.

PHP objects can be now automatically serialized as xmlrpc struct values and
correctly deserialized on the other end of the transmission, provided that the
same class definition is present on both sides and no object members are of
type resource.

A lot of the existing class methods have been overloaded with extra parameters
or new functionality, and a few added ex-novo, making usage easier than ever.

A complete debugger solution is included in the distribution. It needs a web server
to run (a freely available version of the same debugger is accessible online, it
can be found at http://phpxmlrpc.sourceforge.net).

For a more detailed list of changes, please read carefully chapter 2 of the
included documentation, or, even better, take a look at the source code, which
is commented in javadoc style quite a bit.


XML-RPC for PHP version 1.2 - 2005/08/14

This removes all use of eval(), which is a potential security problem.
All users are encouraged to upgrade as soon as possible.
As of this release we are no longer php3-compatible.


XML-RPC for PHP version 1.1.1 - 2005/06/30

This is a security vulnerability fix release.
All users are invited to upgrade as soon as possible.


XML-RPC for PHP version 1.1 - 2005/05/03

I'm pleased to announce XML-RPC for PHP version 1.1
It's taken two years to get to the this point, but here we are, finally.

This is a bugfix and maintenance release. No major new features have been added.
All known bugs have been ironed out, unless fixing would have meant breaking
the API.
The code has been tested with PHP 3, 4 and 5, even tough PHP 4 is the main
development platform (and some warnings will be emitted when runnning PHP5).

Notheworthy changes include:

 * do not clash any more with the EPI xmlrpc extension bundled with PHP 4 and 5
 * fixed the unicode/charset problems that have been plaguing the lib for years
 * proper parsing of int and float values prepended with zeroes or the '+' char
 * accept float values in exponential notation
 * configurable http user-agent string
 * use the same timeout on client socket reads as used for connecting
 * more explicative error messages in xmlrpcresponse in many cases
 * much more tolerant parsing of malformed http responses from xmlrpc servers
 * fixed memleak that prevented the client to be used in never-ending scripts
 * parse bigger xmlrpc messages without crashing (1MB in size or more)
 * be tolerant to xmlrpc responses generated on public servers that add
   javascript advertising at the end of hosted content
 * the lib generates quite a few less PHP warnings during standard operation

This is the last release that will support PHP 3.
The next release will include better support for PHP 5 and (possibly) a slew of
new features.

The changelog is available at:
http://cvs.sourceforge.net/viewcvs.py/phpxmlrpc/xmlrpc/ChangeLog?view=markup

Please report bugs to the XML-RPC PHP mailing list or to the sourceforge project
pages at http://sourceforge.net/projects/phpxmlrpc/