--- /dev/null
+= XML-RPC for PHP
+:revision: 4.0.0
+:keywords: xmlrpc, xml, rpc, webservices, http
+:toc: left
+:imagesdir: images
+:source-highlighter: highlightjs
+
+
+[preface]
+== Introduction
+
+WARNING: THIS MANUAL HAS NOT YET BEEN UPDATED TO REFLECT ALL THE CHANGES WHICH HAVE MADE IN VERSION 4. *DO NOT USE* FOR NOW. You can find the API documentation at link:$$http://gggeek.github.io/phpxmlrpc/doc-4/api/index.html$$[http://gggeek.github.io/phpxmlrpc/doc-4/api/index.html]
+
+This collection of PHP classes provides a framework for writing XML-RPC clients and servers in PHP.
+
+Main goals of the project are ease of use, flexibility and completeness.
+
+The original author is Edd Dumbill of link:$$http://usefulinc.com/$$[Useful Information Company]. As of the 1.0 stable
+ release, the project was opened to wider involvement and moved to
+ link:$$http://phpxmlrpc.sourceforge.net/$$[SourceForge]; later, to link:$$https://github.com/gggeek/phpxmlrpc$$[Github]
+
+XML-RPC is a format devised by link:$$http://www.userland.com/$$[Userland Software] for achieving remote procedure call
+ via XML using HTTP as the transport. XML-RPC has its own web site, link:$$http://www.xmlrpc.com/$$[www.xmlrpc.com]
+
+A list of XML-RPC implementations for other languages such as Perl and Python can be found on the
+ link:$$http://www.xmlrpc.com/$$[www.xmlrpc.com] site.
+
+=== Acknowledgements
+
+Daniel E. Baumann
+
+James Bercegay
+
+Leon Blackwell
+
+Stephane Bortzmeyer
+
+Daniel Convissor
+
+Geoffrey T. Dairiki
+
+Stefan Esser
+
+James Flemer
+
+Ernst de Haan
+
+Tom Knight
+
+Axel Kollmorgen
+
+Peter Kocks
+
+Daniel Krippner
+
+{empty}S. Kuip
+
+{empty}A. Lambert
+
+Frederic Lecointre
+
+Dan Libby
+
+Arnaud Limbourg
+
+Ernest MacDougal Campbell III
+
+Lukasz Mach
+
+Kjartan Mannes
+
+Ben Margolin
+
+Nicolay Mausz
+
+Justin Miller
+
+Jan Pfeifer
+
+Giancarlo Pinerolo
+
+Peter Russel
+
+Jean-Jacques Sarton
+
+Viliam Simko
+
+Idan Sofer
+
+Douglas Squirrel
+
+Heiko Stübner
+
+Anatoly Techtonik
+
+Tommaso Trani
+
+Eric van der Vlist
+
+Christian Wenz
+
+Jim Winstead
+
+Przemyslaw Wroblewski
+
+Bruno Zanetti Melotti
+
+
+[[requirements]]
+== System Requirements
+
+The library has been designed with goals of flexibility and backward compatibility. As such, it supports a wide range of
+ PHP installs. Note that not all features of the lib are available in every configuration.
+
+The __minimum supported__ PHP version is 5.3.
+
+If you wish to use HTTPS or HTTP 1.1 to communicate with remote servers, or to use NTLM authentication, you need the
+ *curl* extension compiled into your PHP installation.
+
+If you wish to receive XML-RPC requests or responses in any other character set than US-ASCII, ISO-8859-1 or UTF-8, you
+ will need the *mbstring* extension compiled into your PHP installation.
+
+The *xmlrpc* native extension is not required to be compiled into your PHP installation, but if it is, there will be no
+ interference with the operation of this library.
+
+
+[[manifest]]
+== Files in the distribution
+
+debugger/*:: a graphical debugger which can be used to test calls to xmlrpc servers
+
+demo/*:: example code for implementing both xmlrpc client and server functionality
+
+doc/*:: the documentation/ this manual, and the list of API changes between versions 3 and 4
+
+extras/rsakey.pem:: A test certificate key for the SSL support, which can be used to generate dummy certificates. It has
+ the passphrase "test."
+
+extras/test.pl, extras/test.py:: Perl and Python programs to exercise server.php to test that some of the methods work.
+
+extras/workspace.testPhpServer.fttb:: Frontier scripts to exercise the demo server. Thanks to Dave Winer for permission
+ to include these. See link:$$http://www.xmlrpc.com/discuss/msgReader$853$$[Dave's announcement of these.]
+
+lib/*:: a compatibility layer for applications which still rely on version 3 of the API
+
+src/*:: the XML-RPC library classes. You can autoload these via Composer, or via a dedicated Autoloader class
+
+tests/*:: the test suite for the library, written using PhpUnit, and the configuration to run it on Travis
+
+
+[[bugs]]
+
+== Known Bugs
+
+Known bugs are tracked using the link:$$https://github.com/gggeek/phpxmlrpc/issues$$[GitHub issue tracker]
+
+== Known limitations
+
+This started out as a bare framework. Many "nice" bits have been put in over time, but backwards compatibility has
+ always taken precedence over API cleanups. As such, you might find some API choices questionable.
+
+Specifically, very little type validation or coercion has been put in. PHP being a loosely-typed language, this is
+ going to have to be done explicitly (in other words: you can call a lot of library functions passing them arguments
+ of the wrong type and receive an error message only much further down the code, where it will be difficult to
+ understand).
+
+dateTime.iso8601 is supported opaquely. It can't be done natively as the XML-RPC specification explicitly forbids
+ passing of timezone specifiers in ISO8601 format dates. You can, however, use the PhpXmlRpc\Helper\Date class to do
+ the encoding and decoding for you.
+
+Very little HTTP response checking is performed (e.g. HTTP redirects are not followed and the Content-Length HTTP
+ header, mandated by the xml-rpc spec, is not validated); cookie support still involves quite a bit of coding on the
+ part of the user.
+
+Support for receiving from servers version 1 cookies (i.e. conforming to RFC 2965) is quite incomplete, and might cause
+ unforeseen errors.
+
+
+[[support]]
+
+== Support
+
+
+=== Online Support
+
+XML-RPC for PHP is offered "as-is" without any warranty or commitment to support. However, informal advice and help is
+ available via the XML-RPC for PHP website and mailing list.
+
+* The __XML-RPC for PHP__ development is hosted on
+ link:$$https://github.com/gggeek/phpxmlrpc$$[github.com/gggeek/phpxmlrpc]. Bugs, feature requests and patches can be
+ posted to the link:$$https://github.com/gggeek/phpxmlrpc/issues$$[project's website].
+
+* The __PHP XML-RPC interest mailing list__ is run by the original author. More details
+ link:$$http://lists.gnomehack.com/mailman/listinfo/phpxmlrpc$$[can be found here].
+
+
+[[jellyfish]]
+
+=== The Jellyfish Book
+
+image::progxmlrpc.s.gif[The Jellyfish Book]
+Together with Simon St.Laurent and Joe Johnston, Edd Dumbill wrote a book on XML-RPC for O'Reilly and Associates on
+ XML-RPC. It features a rather fetching jellyfish on the cover.
+
+Complete details of the book are link:$$http://www.oreilly.com/catalog/progxmlrpc/$$[available from O'Reilly's web site.]
+
+Edd is responsible for the chapter on PHP, which includes a worked example of creating a forum server, and hooking it up
+ the O'Reilly's link:$$http://meerkat.oreillynet.com/$$[Meerkat] service in order to allow commenting on news stories
+ from around the Web.
+
+If you've benefited from the effort that has been put into writing this software, then please consider buying the book!
+
+
+[[apidocs]]
+
+== Class documentation
+
+
+==== Notes on types
+
+===== int
+
+The type i4 is accepted as a synonym
+ for int when creating xmlrpcval objects. The
+ xml parsing code will always convert i4 to
+ int: int is regarded
+ by this implementation as the canonical name for this type.
+
+The type i8 on the other hand is considered as a separate type.
+ Note that the library will never output integers as 'i8' on its own,
+ even when php is compiled in 64-bit mode.
+
+===== base64
+
+Base 64 encoding is performed transparently to the caller when
+ using this type. Decoding is also transparent. Therefore you ought
+ to consider it as a "binary" data type, for use when you want to
+ pass data that is not 7-bit clean.
+
+===== boolean
+
+The php values ++true++ and
+ ++1++ map to ++true++. All other
+ values (including the empty string) are converted to
+ ++false++.
+
+===== string
+
+Characters <, >;, ', ", &, are encoded using their
+ entity reference as < > ' " and
+ & All other characters outside of the ASCII range are
+ encoded using their character reference representation (e.g.
+ È for é). The XML-RPC spec recommends only encoding
+ ++< >++ but this implementation goes further,
+ for reasons explained by link:$$http://www.w3.org/TR/REC-xml#syntax$$[the XML 1.0 recommendation]. In particular, using character reference
+ representation has the advantage of producing XML that is valid
+ independently of the charset encoding assumed.
+
+===== null
+
+There is no support for encoding ++null++
+ values in the XML-RPC spec, but at least a couple of extensions (and
+ many toolkits) do support it. Before using ++null++
+ values in your messages, make sure that the responding party accepts
+ them, and uses the same encoding convention (see ...).
+
+[[xmlrpcval-creation]]
+
+==== Xmlrpcval creation
+
+The constructor is the normal way to create an
+ xmlrpcval. The constructor can take these
+ forms:
+
+xmlrpcvalnew
+ xmlrpcval xmlrpcvalnew
+ xmlrpcval string $stringVal xmlrpcvalnew
+ xmlrpcval mixed $scalarVal string$scalartyp xmlrpcvalnew
+ xmlrpcval array $arrayVal string $arraytyp The first constructor creates an empty value, which must be
+ altered using the methods addScalar,
+ addArray or addStruct before
+ it can be used.
+
+The second constructor creates a simple string value.
+
+The third constructor is used to create a scalar value. The
+ second parameter must be a name of an XML-RPC type. Valid types are:
+ "++int++", "++boolean++",
+ "++string++", "++double++",
+ "++dateTime.iso8601++", "++base64++" or
+ "null".
+
+Examples:
+
+[source, php]
+----
+
+$myInt = new xmlrpcval(1267, "int");
+$myString = new xmlrpcval("Hello, World!", "string");
+$myBool = new xmlrpcval(1, "boolean");
+$myString2 = new xmlrpcval(1.24, "string"); // note: this will serialize a php float value as xmlrpc string
+
+----
+
+The fourth constructor form can be used to compose complex
+ XML-RPC values. The first argument is either a simple array in the
+ case of an XML-RPC array or an associative
+ array in the case of a struct. The elements of
+ the array __must be xmlrpcval objects themselves__.
+
+The second parameter must be either "++array++"
+ or "++struct++".
+
+Examples:
+
+[source, php]
+----
+
+$myArray = new xmlrpcval(
+ array(
+ new xmlrpcval("Tom"),
+ new xmlrpcval("Dick"),
+ new xmlrpcval("Harry")
+ ),
+ "array");
+
+// recursive struct
+$myStruct = new xmlrpcval(
+ array(
+ "name" => new xmlrpcval("Tom", "string"),
+ "age" => new xmlrpcval(34, "int"),
+ "address" => new xmlrpcval(
+ array(
+ "street" => new xmlrpcval("Fifht Ave", "string"),
+ "city" => new xmlrpcval("NY", "string")
+ ),
+ "struct")
+ ),
+ "struct");
+
+----
+
+See the file ++vardemo.php++ in this distribution
+ for more examples.
+
+[[xmlrpc-client]]
+
+==== Xmlrpc-client creation
+
+The constructor accepts one of two possible syntaxes:
+
+xmlrpc_clientnew
+ xmlrpc_clientstring$server_urlxmlrpc_clientnew
+ xmlrpc_clientstring$server_pathstring$server_hostnameint$server_port80string$transport'http'Here are a couple of usage examples of the first form:
+
+
+[source, php]
+----
+
+$client = new xmlrpc_client("http://phpxmlrpc.sourceforge.net/server.php");
+$another_client = new xmlrpc_client("https://james:bond@secret.service.com:443/xmlrpcserver?agent=007");
+
+----
+
+The second syntax does not allow to express a username and
+ password to be used for basic HTTP authorization as in the second
+ example above, but instead it allows to choose whether xmlrpc calls
+ will be made using the HTTP 1.0 or 1.1 protocol.
+
+Here's another example client set up to query Userland's XML-RPC
+ server at __betty.userland.com__:
+
+[source, php]
+----
+
+$client = new xmlrpc_client("/RPC2", "betty.userland.com", 80);
+
+----
+
+The server_port parameter is optional,
+ and if omitted will default to 80 when using HTTP and 443 when using
+ HTTPS (see the <<xmlrpc-client-send>> method
+ below).
+
+The transport parameter is optional, and
+ if omitted will default to 'http'. Allowed values are either
+ 'http', 'https' or
+ 'http11'. Its value can be overridden with every call
+ to the send method. See the
+ send method below for more details about the
+ meaning of the different values.
+
+
+[[xmlrpc-server]]
+
+=== xmlrpc_server
+
+The implementation of this class has been kept as simple to use as
+ possible. The constructor for the server basically does all the work.
+ Here's a minimal example:
+
+
+[source, php]
+----
+
+ function foo ($xmlrpcmsg) {
+ ...
+ return new xmlrpcresp($some_xmlrpc_val);
+ }
+
+ class bar {
+ function foobar($xmlrpcmsg) {
+ ...
+ return new xmlrpcresp($some_xmlrpc_val);
+ }
+ }
+
+ $s = new xmlrpc_server(
+ array(
+ "examples.myFunc1" => array("function" => "foo"),
+ "examples.myFunc2" => array("function" => "bar::foobar"),
+ ));
+
+----
+
+This performs everything you need to do with a server. The single
+ constructor argument is an associative array from xmlrpc method names to
+ php function names. The incoming request is parsed and dispatched to the
+ relevant php function, which is responsible for returning a
+ xmlrpcresp object, that will be serialized back
+ to the caller.
+
+
+==== Method handler functions
+
+Both php functions and class methods can be registered as xmlrpc
+ method handlers.
+
+The synopsis of a method handler function is:
+
+xmlrpcresp $resp = function (xmlrpcmsg $msg)
+
+No text should be echoed 'to screen' by the handler function, or
+ it will break the xml response sent back to the client. This applies
+ also to error and warning messages that PHP prints to screen unless
+ the appropriate parameters have been set in the php.in file. Another
+ way to prevent echoing of errors inside the response and facilitate
+ debugging is to use the server SetDebug method with debug level 3 (see
+ ...). Exceptions thrown duting execution of handler functions are
+ caught by default and a XML-RPC error reponse is generated instead.
+ This behaviour can be finetuned by usage of the
+ exception_handling member variable (see
+ ...).
+
+Note that if you implement a method with a name prefixed by
+ ++system.++ the handler function will be invoked by the
+ server with two parameters, the first being the server itself and the
+ second being the xmlrpcmsg object.
+
+The same php function can be registered as handler of multiple
+ xmlrpc methods.
+
+Here is a more detailed example of what the handler function
+ foo may do:
+
+
+[source, php]
+----
+
+ function foo ($xmlrpcmsg) {
+ global $xmlrpcerruser; // import user errcode base value
+
+ $meth = $xmlrpcmsg->method(); // retrieve method name
+ $par = $xmlrpcmsg->getParam(0); // retrieve value of first parameter - assumes at least one param received
+ $val = $par->scalarval(); // decode value of first parameter - assumes it is a scalar value
+
+ ...
+
+ if ($err) {
+ // this is an error condition
+ return new xmlrpcresp(0, $xmlrpcerruser+1, // user error 1
+ "There's a problem, Captain");
+ } else {
+ // this is a successful value being returned
+ return new xmlrpcresp(new xmlrpcval("All's fine!", "string"));
+ }
+ }
+
+----
+
+See __server.php__ in this distribution for
+ more examples of how to do this.
+
+Since release 2.0RC3 there is a new, even simpler way of
+ registering php functions with the server. See section 5.7
+ below
+
+
+==== The dispatch map
+
+The first argument to the xmlrpc_server
+ constructor is an array, called the __dispatch map__.
+ In this array is the information the server needs to service the
+ XML-RPC methods you define.
+
+The dispatch map takes the form of an associative array of
+ associative arrays: the outer array has one entry for each method, the
+ key being the method name. The corresponding value is another
+ associative array, which can have the following members:
+
+
+* ++function++ - this
+ entry is mandatory. It must be either a name of a function in the
+ global scope which services the XML-RPC method, or an array
+ containing an instance of an object and a static method name (for
+ static class methods the 'class::method' syntax is also
+ supported).
+
+
+* ++signature++ - this
+ entry is an array containing the possible signatures (see <<signatures>>) for the method. If this entry is present
+ then the server will check that the correct number and type of
+ parameters have been sent for this method before dispatching
+ it.
+
+
+* ++docstring++ - this
+ entry is a string containing documentation for the method. The
+ documentation may contain HTML markup.
+
+
+* ++$$signature_docs$$++ - this entry can be used
+ to provide documentation for the single parameters. It must match
+ in structure the 'signature' member. By default, only the
+ documenting_xmlrpc_server class in the
+ extras package will take advantage of this, since the
+ "system.methodHelp" protocol does not support documenting method
+ parameters individually.
+
+
+* ++$$parameters_type$$++ - this entry can be used
+ when the server is working in 'xmlrpcvals' mode (see ...) to
+ define one or more entries in the dispatch map as being functions
+ that follow the 'phpvals' calling convention. The only useful
+ value is currently the string ++phpvals++.
+
+Look at the __server.php__ example in the
+ distribution to see what a dispatch map looks like.
+
+[[signatures]]
+
+==== Method signatures
+
+A signature is a description of a method's return type and its
+ parameter types. A method may have more than one signature.
+
+Within a server's dispatch map, each method has an array of
+ possible signatures. Each signature is an array of types. The first
+ entry is the return type. For instance, the method
+[source, php]
+----
+string examples.getStateName(int)
+
+----
+
+ has the signature
+[source, php]
+----
+array($xmlrpcString, $xmlrpcInt)
+
+----
+
+ and, assuming that it is the only possible signature for the
+ method, it might be used like this in server creation:
+[source, php]
+----
+
+$findstate_sig = array(array($xmlrpcString, $xmlrpcInt));
+
+$findstate_doc = 'When passed an integer between 1 and 51 returns the
+name of a US state, where the integer is the index of that state name
+in an alphabetic order.';
+
+$s = new xmlrpc_server( array(
+ "examples.getStateName" => array(
+ "function" => "findstate",
+ "signature" => $findstate_sig,
+ "docstring" => $findstate_doc
+ )));
+
+----
+
+
+
+Note that method signatures do not allow to check nested
+ parameters, e.g. the number, names and types of the members of a
+ struct param cannot be validated.
+
+If a method that you want to expose has a definite number of
+ parameters, but each of those parameters could reasonably be of
+ multiple types, the array of acceptable signatures will easily grow
+ into a combinatorial explosion. To avoid such a situation, the lib
+ defines the global var $xmlrpcValue, which can be
+ used in method signatures as a placeholder for 'any xmlrpc
+ type':
+
+
+[source, php]
+----
+
+$echoback_sig = array(array($xmlrpcValue, $xmlrpcValue));
+
+$findstate_doc = 'Echoes back to the client the received value, regardless of its type';
+
+$s = new xmlrpc_server( array(
+ "echoBack" => array(
+ "function" => "echoback",
+ "signature" => $echoback_sig, // this sig guarantees that the method handler will be called with one and only one parameter
+ "docstring" => $echoback_doc
+ )));
+
+----
+
+Methods system.listMethods,
+ system.methodHelp,
+ system.methodSignature and
+ system.multicall are already defined by the
+ server, and should not be reimplemented (see Reserved Methods
+ below).
+
+
+==== Delaying the server response
+
+You may want to construct the server, but for some reason not
+ fulfill the request immediately (security verification, for instance).
+ If you omit to pass to the constructor the dispatch map or pass it a
+ second argument of ++0++ this will have the desired
+ effect. You can then use the service() method of
+ the server class to service the request. For example:
+
+
+[source, php]
+----
+
+$s = new xmlrpc_server($myDispMap, 0); // second parameter = 0 prevents automatic servicing of request
+
+// ... some code that does other stuff here
+
+$s->service();
+
+----
+
+Note that the service method will print
+ the complete result payload to screen and send appropriate HTTP
+ headers back to the client, but also return the response object. This
+ permits further manipulation of the response, possibly in combination
+ with output buffering.
+
+To prevent the server from sending HTTP headers back to the
+ client, you can pass a second parameter with a value of
+ ++TRUE++ to the service
+ method. In this case, the response payload will be returned instead of
+ the response object.
+
+Xmlrpc requests retrieved by other means than HTTP POST bodies
+ can also be processed. For example:
+
+
+[source, php]
+----
+
+$s = new xmlrpc_server(); // not passing a dispatch map prevents automatic servicing of request
+
+// ... some code that does other stuff here, including setting dispatch map into server object
+
+$resp = $s->service($xmlrpc_request_body, true); // parse a variable instead of POST body, retrieve response payload
+
+// ... some code that does other stuff with xml response $resp here
+
+----
+
+
+==== Modifying the server behaviour
+
+A couple of methods / class variables are available to modify
+ the behaviour of the server. The only way to take advantage of their
+ existence is by usage of a delayed server response (see above)
+
+
+===== setDebug()
+
+This function controls weather the server is going to echo
+ debugging messages back to the client as comments in response body.
+ Valid values: 0,1,2,3, with 1 being the default. At level 0, no
+ debug info is returned to the client. At level 2, the complete
+ client request is added to the response, as part of the xml
+ comments. At level 3, a new PHP error handler is set when executing
+ user functions exposed as server methods, and all non-fatal errors
+ are trapped and added as comments into the response.
+
+
+===== allow_system_funcs
+
+Default_value: TRUE. When set to FALSE, disables support for
+ System.xxx functions in the server. It
+ might be useful e.g. if you do not wish the server to respond to
+ requests to System.ListMethods.
+
+
+===== compress_response
+
+When set to TRUE, enables the server to take advantage of HTTP
+ compression, otherwise disables it. Responses will be transparently
+ compressed, but only when an xmlrpc-client declares its support for
+ compression in the HTTP headers of the request.
+
+Note that the ZLIB php extension must be installed for this to
+ work. If it is, compress_response will default to
+ TRUE.
+
+
+===== exception_handling
+
+This variable controls the behaviour of the server when an
+ exception is thrown by a method handler php function. Valid values:
+ 0,1,2, with 0 being the default. At level 0, the server catches the
+ exception and return an 'internal error' xmlrpc response; at 1 it
+ catches the exceptions and return an xmlrpc response with the error
+ code and error message corresponding to the exception that was
+ thron; at 2 = the exception is floated to the upper layers in the
+ code
+
+
+===== response_charset_encoding
+
+Charset encoding to be used for response (only affects string
+ values).
+
+If it can, the server will convert the generated response from
+ internal_encoding to the intended one.
+
+Valid values are: a supported xml encoding (only UTF-8 and
+ ISO-8859-1 at present, unless mbstring is enabled), null (leave
+ charset unspecified in response and convert output stream to
+ US_ASCII), 'default' (use xmlrpc library default as specified in
+ xmlrpc.inc, convert output stream if needed), or 'auto' (use
+ client-specified charset encoding or same as request if request
+ headers do not specify it (unless request is US-ASCII: then use
+ library default anyway).
+
+
+==== Fault reporting
+
+Fault codes for your servers should start at the value indicated
+ by the global ++$xmlrpcerruser++ + 1.
+
+Standard errors returned by the server include:
+
+++1++ Unknown method:: Returned if the server was asked to dispatch a method it
+ didn't know about
+
+++2++ Invalid return payload:: This error is actually generated by the client, not
+ server, code, but signifies that a server returned something it
+ couldn't understand. A more detailed error report is sometimes
+ added onto the end of the phrase above.
+
+++3++ Incorrect parameters:: This error is generated when the server has signature(s)
+ defined for a method, and the parameters passed by the client do
+ not match any of signatures.
+
+++4++ Can't introspect: method unknown:: This error is generated by the builtin
+ system.* methods when any kind of
+ introspection is attempted on a method undefined by the
+ server.
+
+++5++ Didn't receive 200 OK from remote server:: This error is generated by the client when a remote server
+ doesn't return HTTP/1.1 200 OK in response to a request. A more
+ detailed error report is added onto the end of the phrase
+ above.
+
+++6++ No data received from server:: This error is generated by the client when a remote server
+ returns HTTP/1.1 200 OK in response to a request, but no
+ response body follows the HTTP headers.
+
+++7++ No SSL support compiled in:: This error is generated by the client when trying to send
+ a request with HTTPS and the CURL extension is not available to
+ PHP.
+
+++8++ CURL error:: This error is generated by the client when trying to send
+ a request with HTTPS and the HTTPS communication fails.
+
+++9-14++ multicall errors:: These errors are generated by the server when something
+ fails inside a system.multicall request.
+
+++100-++ XML parse errors:: Returns 100 plus the XML parser error code for the fault
+ that occurred. The faultString returned
+ explains where the parse error was in the incoming XML
+ stream.
+
+
+==== 'New style' servers
+
+In the same spirit of simplification that inspired the
+ xmlrpc_client::return_type class variable, a new
+ class variable has been added to the server class:
+ functions_parameters_type. When set to 'phpvals',
+ the functions registered in the server dispatch map will be called
+ with plain php values as parameters, instead of a single xmlrpcmsg
+ instance parameter. The return value of those functions is expected to
+ be a plain php value, too. An example is worth a thousand
+ words:
+[source, php]
+----
+
+ function foo($usr_id, $out_lang='en') {
+ global $xmlrpcerruser;
+
+ ...
+
+ if ($someErrorCondition)
+ return new xmlrpcresp(0, $xmlrpcerruser+1, 'DOH!');
+ else
+ return array(
+ 'name' => 'Joe',
+ 'age' => 27,
+ 'picture' => new xmlrpcval(file_get_contents($picOfTheGuy), 'base64')
+ );
+ }
+
+ $s = new xmlrpc_server(
+ array(
+ "examples.myFunc" => array(
+ "function" => "bar::foobar",
+ "signature" => array(
+ array($xmlrpcString, $xmlrpcInt),
+ array($xmlrpcString, $xmlrpcInt, $xmlrpcString)
+ )
+ )
+ ), false);
+ $s->functions_parameters_type = 'phpvals';
+ $s->service();
+
+----
+
+There are a few things to keep in mind when using this
+ simplified syntax:
+
+to return an xmlrpc error, the method handler function must
+ return an instance of xmlrpcresp. The only
+ other way for the server to know when an error response should be
+ served to the client is to throw an exception and set the server's
+ exception_handling memeber var to 1;
+
+to return a base64 value, the method handler function must
+ encode it on its own, creating an instance of an xmlrpcval
+ object;
+
+the method handler function cannot determine the name of the
+ xmlrpc method it is serving, unlike standard handler functions that
+ can retrieve it from the message object;
+
+when receiving nested parameters, the method handler function
+ has no way to distinguish a php string that was sent as base64 value
+ from one that was sent as a string value;
+
+this has a direct consequence on the support of
+ system.multicall: a method whose signature contains datetime or base64
+ values will not be available to multicall calls;
+
+last but not least, the direct parsing of xml to php values is
+ much faster than using xmlrpcvals, and allows the library to handle
+ much bigger messages without allocating all available server memory or
+ smashing PHP recursive call stack.
+
+
+[[globalvars]]
+
+== Global variables
+
+Many global variables are defined in the xmlrpc.inc file. Some of
+ those are meant to be used as constants (and modifying their value might
+ cause unpredictable behaviour), while some others can be modified in your
+ php scripts to alter the behaviour of the xml-rpc client and
+ server.
+
+
+=== "Constant" variables
+
+
+==== $xmlrpcerruser
+
+$xmlrpcerruser800The minimum value for errors reported by user
+ implemented XML-RPC servers. Error numbers lower than that are
+ reserved for library usage.
+
+
+==== $xmlrpcI4, $xmlrpcI8 $xmlrpcInt, $xmlrpcBoolean, $xmlrpcDouble, $xmlrpcString, $xmlrpcDateTime, $xmlrpcBase64, $xmlrpcArray, $xmlrpcStruct, $xmlrpcValue, $xmlrpcNull
+
+For convenience the strings representing the XML-RPC types have
+ been encoded as global variables:
+[source, php]
+----
+
+$xmlrpcI4="i4";
+$xmlrpcI8="i8";
+$xmlrpcInt="int";
+$xmlrpcBoolean="boolean";
+$xmlrpcDouble="double";
+$xmlrpcString="string";
+$xmlrpcDateTime="dateTime.iso8601";
+$xmlrpcBase64="base64";
+$xmlrpcArray="array";
+$xmlrpcStruct="struct";
+$xmlrpcValue="undefined";
+$xmlrpcNull="null";
+
+----
+
+==== $xmlrpcTypes, $xmlrpc_valid_parents, $xmlrpcerr, $xmlrpcstr, $xmlrpcerrxml, $xmlrpc_backslash, $_xh, $xml_iso88591_Entities, $xmlEntities, $xmlrpcs_capabilities
+
+Reserved for internal usage.
+
+
+=== Variables whose value can be modified
+
+[[xmlrpc-defencoding]]
+
+==== xmlrpc_defencoding
+
+$xmlrpc_defencoding"UTF8"This variable defines the character set encoding that will be
+ used by the xml-rpc client and server to decode the received messages,
+ when a specific charset declaration is not found (in the messages sent
+ non-ascii chars are always encoded using character references, so that
+ the produced xml is valid regardless of the charset encoding
+ assumed).
+
+Allowed values: ++"UTF8"++,
+ ++"ISO-8859-1"++, ++"ASCII".++
+
+Note that the appropriate RFC actually mandates that XML
+ received over HTTP without indication of charset encoding be treated
+ as US-ASCII, but many servers and clients 'in the wild' violate the
+ standard, and assume the default encoding is UTF-8.
+
+
+==== xmlrpc_internalencoding
+
+$xmlrpc_internalencoding"ISO-8859-1"This variable defines the character set encoding
+ that the library uses to transparently encode into valid XML the
+ xml-rpc values created by the user and to re-encode the received
+ xml-rpc values when it passes them to the PHP application. It only
+ affects xml-rpc values of string type. It is a separate value from
+ xmlrpc_defencoding, allowing e.g. to send/receive xml messages encoded
+ on-the-wire in US-ASCII and process them as UTF-8. It defaults to the
+ character set used internally by PHP (unless you are running an
+ MBString-enabled installation), so you should change it only in
+ special situations, if e.g. the string values exchanged in the xml-rpc
+ messages are directly inserted into / fetched from a database
+ configured to return UTF8 encoded strings to PHP. Example
+ usage:
+
+[source, php]
+----
+
+<?php
+
+include('xmlrpc.inc');
+$xmlrpc_internalencoding = 'UTF-8'; // this has to be set after the inclusion above
+$v = new xmlrpcval('κόÏ\83με'); // This xmlrpc value will be correctly serialized as the greek word 'kosme'
+
+----
+
+==== xmlrpcName
+
+$xmlrpcName"XML-RPC for PHP"The string representation of the name of the XML-RPC
+ for PHP library. It is used by the client for building the User-Agent
+ HTTP header that is sent with every request to the server. You can
+ change its value if you need to customize the User-Agent
+ string.
+
+
+==== xmlrpcVersion
+
+$xmlrpcVersion"2.2"The string representation of the version number of
+ the XML-RPC for PHP library in use. It is used by the client for
+ building the User-Agent HTTP header that is sent with every request to
+ the server. You can change its value if you need to customize the
+ User-Agent string.
+
+
+==== xmlrpc_null_extension
+
+When set to TRUE, the lib will enable
+ support for the <NIL/> (and <EX:NIL/>) xmlrpc value, as
+ per the extension to the standard proposed here. This means that
+ <NIL> and <EX:NIL/> tags received will be parsed as valid
+ xmlrpc, and the corresponding xmlrpcvals will return "null" for
+ scalarTyp().
+
+
+==== xmlrpc_null_apache_encoding
+
+When set to ++TRUE++, php NULL values encoded
+ into xmlrpcval objects get serialized using the
+ ++<EX:NIL/>++ tag instead of
+ ++<NIL/>++. Please note that both forms are
+ always accepted as input regardless of the value of this
+ variable.
+
+
+[[helpers]]
+
+== Helper functions
+
+XML-RPC for PHP contains some helper functions which you can use to
+ make processing of XML-RPC requests easier.
+
+
+=== Date functions
+
+The XML-RPC specification has this to say on dates:
+
+[quote]
+____
+[[wrap_xmlrpc_method]]
+Don't assume a timezone. It should be
+ specified by the server in its documentation what assumptions it makes
+ about timezones.
+____
+
+
+Unfortunately, this means that date processing isn't
+ straightforward. Although XML-RPC uses ISO 8601 format dates, it doesn't
+ use the timezone specifier.
+
+We strongly recommend that in every case where you pass dates in
+ XML-RPC calls, you use UTC (GMT) as your timezone. Most computer
+ languages include routines for handling GMT times natively, and you
+ won't have to translate between timezones.
+
+For more information about dates, see link:$$http://www.uic.edu/year2000/datefmt.html$$[ISO 8601: The Right Format for Dates], which has a handy link to a PDF of the ISO
+ 8601 specification. Note that XML-RPC uses exactly one of the available
+ representations: CCYYMMDDTHH:MM:SS.
+
+[[iso8601encode]]
+
+==== iso8601_encode
+
+stringiso8601_encodestring$time_tint$utc0Returns an ISO 8601 formatted date generated from the UNIX
+ timestamp $time_t, as returned by the PHP
+ function time().
+
+The argument $utc can be omitted, in
+ which case it defaults to ++0++. If it is set to
+ ++1++, then the function corrects the time passed in
+ for UTC. Example: if you're in the GMT-6:00 timezone and set
+ $utc, you will receive a date representation
+ six hours ahead of your local time.
+
+The included demo program __vardemo.php__
+ includes a demonstration of this function.
+
+[[iso8601decode]]
+
+==== iso8601_decode
+
+intiso8601_decodestring$isoStringint$utc0Returns a UNIX timestamp from an ISO 8601 encoded time and date
+ string passed in. If $utc is
+ ++1++ then $isoString is assumed
+ to be in the UTC timezone, and thus the result is also UTC: otherwise,
+ the timezone is assumed to be your local timezone and you receive a
+ local timestamp.
+
+[[arrayuse]]
+
+=== Easy use with nested PHP values
+
+Dan Libby was kind enough to contribute two helper functions that
+ make it easier to translate to and from PHP values. This makes it easier
+ to deal with complex structures. At the moment support is limited to
+ int, double, string,
+ array, datetime and struct
+ datatypes; note also that all PHP arrays are encoded as structs, except
+ arrays whose keys are integer numbers starting with 0 and incremented by
+ 1.
+
+These functions reside in __xmlrpc.inc__.
+
+[[phpxmlrpcdecode]]
+
+==== php_xmlrpc_decode
+
+mixedphp_xmlrpc_decodexmlrpcval$xmlrpc_valarray$optionsarrayphp_xmlrpc_decodexmlrpcmsg$xmlrpcmsg_valstring$optionsReturns a native PHP value corresponding to the values found in
+ the xmlrpcval $xmlrpc_val,
+ translated into PHP types. Base-64 and datetime values are
+ automatically decoded to strings.
+
+In the second form, returns an array containing the parameters
+ of the given
+ xmlrpcmsg_val, decoded
+ to php types.
+
+The options parameter is optional. If
+ specified, it must consist of an array of options to be enabled in the
+ decoding process. At the moment the only valid option are
+ decode_php_objs and
+ ++$$dates_as_objects$$++. When the first is set, php
+ objects that have been converted to xml-rpc structs using the
+ php_xmlrpc_encode function and a corresponding
+ encoding option will be converted back into object values instead of
+ arrays (provided that the class definition is available at
+ reconstruction time). When the second is set, XML-RPC datetime values
+ will be converted into native dateTime objects
+ instead of strings.
+
+____WARNING__:__ please take
+ extreme care before enabling the decode_php_objs
+ option: when php objects are rebuilt from the received xml, their
+ constructor function will be silently invoked. This means that you are
+ allowing the remote end to trigger execution of uncontrolled PHP code
+ on your server, opening the door to code injection exploits. Only
+ enable this option when you have complete trust of the remote
+ server/client.
+
+Example:
+[source, php]
+----
+
+// wrapper to expose an existing php function as xmlrpc method handler
+function foo_wrapper($m)
+{
+ $params = php_xmlrpc_decode($m);
+ $retval = call_user_func_array('foo', $params);
+ return new xmlrpcresp(new xmlrpcval($retval)); // foo return value will be serialized as string
+}
+
+$s = new xmlrpc_server(array(
+ "examples.myFunc1" => array(
+ "function" => "foo_wrapper",
+ "signatures" => ...
+ )));
+
+----
+
+[[phpxmlrpcencode]]
+
+==== php_xmlrpc_encode
+
+xmlrpcvalphp_xmlrpc_encodemixed$phpvalarray$optionsReturns an xmlrpcval object populated with the PHP
+ values in $phpval. Works recursively on arrays
+ and objects, encoding numerically indexed php arrays into array-type
+ xmlrpcval objects and non numerically indexed php arrays into
+ struct-type xmlrpcval objects. Php objects are encoded into
+ struct-type xmlrpcvals, excepted for php values that are already
+ instances of the xmlrpcval class or descendants thereof, which will
+ not be further encoded. Note that there's no support for encoding php
+ values into base-64 values. Encoding of date-times is optionally
+ carried on on php strings with the correct format.
+
+The options parameter is optional. If
+ specified, it must consist of an array of options to be enabled in the
+ encoding process. At the moment the only valid options are
+ encode_php_objs, ++$$null_extension$$++
+ and auto_dates.
+
+The first will enable the creation of 'particular' xmlrpcval
+ objects out of php objects, that add a "php_class" xml attribute to
+ their serialized representation. This attribute allows the function
+ php_xmlrpc_decode to rebuild the native php objects (provided that the
+ same class definition exists on both sides of the communication). The
+ second allows to encode php ++NULL++ values to the
+ ++<NIL/>++ (or
+ ++<EX:NIL>++, see ...) tag. The last encodes any
+ string that matches the ISO8601 format into an XML-RPC
+ datetime.
+
+Example:
+[source, php]
+----
+
+// the easy way to build a complex xml-rpc struct, showing nested base64 value and datetime values
+$val = php_xmlrpc_encode(array(
+ 'first struct_element: an int' => 666,
+ 'second: an array' => array ('apple', 'orange', 'banana'),
+ 'third: a base64 element' => new xmlrpcval('hello world', 'base64'),
+ 'fourth: a datetime' => '20060107T01:53:00'
+ ), array('auto_dates'));
+
+----
+
+==== php_xmlrpc_decode_xml
+
+xmlrpcval | xmlrpcresp |
+ xmlrpcmsgphp_xmlrpc_decode_xmlstring$xmlarray$optionsDecodes the xml representation of either an xmlrpc request,
+ response or single value, returning the corresponding php-xmlrpc
+ object, or ++FALSE++ in case of an error.
+
+The options parameter is optional. If
+ specified, it must consist of an array of options to be enabled in the
+ decoding process. At the moment, no option is supported.
+
+Example:
+[source, php]
+----
+
+$text = '<value><array><data><value>Hello world</value></data></array></value>';
+$val = php_xmlrpc_decode_xml($text);
+if ($val) echo 'Found a value of type '.$val->kindOf(); else echo 'Found invalid xml';
+
+----
+
+=== Automatic conversion of php functions into xmlrpc methods (and vice versa)
+
+For the extremely lazy coder, helper functions have been added
+ that allow to convert a php function into an xmlrpc method, and a
+ remotely exposed xmlrpc method into a local php function - or a set of
+ methods into a php class. Note that these comes with many caveat.
+
+
+==== wrap_xmlrpc_method
+
+stringwrap_xmlrpc_method$client$methodname$extra_optionsstringwrap_xmlrpc_method$client$methodname$signum$timeout$protocol$funcnameGiven an xmlrpc server and a method name, creates a php wrapper
+ function that will call the remote method and return results using
+ native php types for both params and results. The generated php
+ function will return an xmlrpcresp object for failed xmlrpc
+ calls.
+
+The second syntax is deprecated, and is listed here only for
+ backward compatibility.
+
+The server must support the
+ system.methodSignature xmlrpc method call for
+ this function to work.
+
+The client param must be a valid
+ xmlrpc_client object, previously created with the address of the
+ target xmlrpc server, and to which the preferred communication options
+ have been set.
+
+The optional parameters can be passed as array key,value pairs
+ in the extra_options param.
+
+The signum optional param has the purpose
+ of indicating which method signature to use, if the given server
+ method has multiple signatures (defaults to 0).
+
+The timeout and
+ protocol optional params are the same as in the
+ xmlrpc_client::send() method.
+
+If set, the optional new_function_name
+ parameter indicates which name should be used for the generated
+ function. In case it is not set the function name will be
+ auto-generated.
+
+If the ++$$return_source$$++ optional parameter is
+ set, the function will return the php source code to build the wrapper
+ function, instead of evaluating it (useful to save the code and use it
+ later as stand-alone xmlrpc client).
+
+If the ++$$encode_php_objs$$++ optional parameter is
+ set, instances of php objects later passed as parameters to the newly
+ created function will receive a 'special' treatment that allows the
+ server to rebuild them as php objects instead of simple arrays. Note
+ that this entails using a "slightly augmented" version of the xmlrpc
+ protocol (ie. using element attributes), which might not be understood
+ by xmlrpc servers implemented using other libraries.
+
+If the ++$$decode_php_objs$$++ optional parameter is
+ set, instances of php objects that have been appropriately encoded by
+ the server using a coordinate option will be deserialized as php
+ objects instead of simple arrays (the same class definition should be
+ present server side and client side).
+
+__Note that this might pose a security risk__,
+ since in order to rebuild the object instances their constructor
+ method has to be invoked, and this means that the remote server can
+ trigger execution of unforeseen php code on the client: not really a
+ code injection, but almost. Please enable this option only when you
+ trust the remote server.
+
+In case of an error during generation of the wrapper function,
+ FALSE is returned, otherwise the name (or source code) of the new
+ function.
+
+Known limitations: server must support
+ system.methodsignature for the wanted xmlrpc
+ method; for methods that expose multiple signatures, only one can be
+ picked; for remote calls with nested xmlrpc params, the caller of the
+ generated php function has to encode on its own the params passed to
+ the php function if these are structs or arrays whose (sub)members
+ include values of type base64.
+
+Note: calling the generated php function 'might' be slow: a new
+ xmlrpc client is created on every invocation and an xmlrpc-connection
+ opened+closed. An extra 'debug' param is appended to the parameter
+ list of the generated php function, useful for debugging
+ purposes.
+
+Example usage:
+
+
+[source, php]
+----
+
+$c = new xmlrpc_client('http://phpxmlrpc.sourceforge.net/server.php');
+
+$function = wrap_xmlrpc_method($client, 'examples.getStateName');
+
+if (!$function)
+ die('Cannot introspect remote method');
+else {
+ $stateno = 15;
+ $statename = $function($a);
+ if (is_a($statename, 'xmlrpcresp')) // call failed
+ {
+ echo 'Call failed: '.$statename->faultCode().'. Calling again with debug on';
+ $function($a, true);
+ }
+ else
+ echo "OK, state nr. $stateno is $statename";
+}
+
+----
+
+[[wrap_php_function]]
+
+==== wrap_php_function
+
+arraywrap_php_functionstring$funcnamestring$wrapper_function_namearray$extra_optionsGiven a user-defined PHP function, create a PHP 'wrapper'
+ function that can be exposed as xmlrpc method from an xmlrpc_server
+ object and called from remote clients, and return the appropriate
+ definition to be added to a server's dispatch map.
+
+The optional $wrapper_function_name
+ specifies the name that will be used for the auto-generated
+ function.
+
+Since php is a typeless language, to infer types of input and
+ output parameters, it relies on parsing the javadoc-style comment
+ block associated with the given function. Usage of xmlrpc native types
+ (such as datetime.dateTime.iso8601 and base64) in the docblock @param
+ tag is also allowed, if you need the php function to receive/send data
+ in that particular format (note that base64 encoding/decoding is
+ transparently carried out by the lib, while datetime vals are passed
+ around as strings).
+
+Known limitations: only works for
+ user-defined functions, not for PHP internal functions (reflection
+ does not support retrieving number/type of params for those); the
+ wrapped php function will not be able to programmatically return an
+ xmlrpc error response.
+
+If the ++$$return_source$$++ optional parameter is
+ set, the function will return the php source code to build the wrapper
+ function, instead of evaluating it (useful to save the code and use it
+ later in a stand-alone xmlrpc server). It will be in the stored in the
+ ++source++ member of the returned array.
+
+If the ++$$suppress_warnings$$++ optional parameter
+ is set, any runtime warning generated while processing the
+ user-defined php function will be catched and not be printed in the
+ generated xml response.
+
+If the extra_options array contains the
+ ++$$encode_php_objs$$++ value, wrapped functions returning
+ php objects will generate "special" xmlrpc responses: when the xmlrpc
+ decoding of those responses is carried out by this same lib, using the
+ appropriate param in php_xmlrpc_decode(), the objects will be
+ rebuilt.
+
+In short: php objects can be serialized, too (except for their
+ resource members), using this function. Other libs might choke on the
+ very same xml that will be generated in this case (i.e. it has a
+ nonstandard attribute on struct element tags)
+
+If the ++$$decode_php_objs$$++ optional parameter is
+ set, instances of php objects that have been appropriately encoded by
+ the client using a coordinate option will be deserialized and passed
+ to the user function as php objects instead of simple arrays (the same
+ class definition should be present server side and client
+ side).
+
+__Note that this might pose a security risk__,
+ since in order to rebuild the object instances their constructor
+ method has to be invoked, and this means that the remote client can
+ trigger execution of unforeseen php code on the server: not really a
+ code injection, but almost. Please enable this option only when you
+ trust the remote clients.
+
+Example usage:
+
+
+[source, php]
+----
+/**
+* State name from state number decoder. NB: do NOT remove this comment block.
+* @param integer $stateno the state number
+* @return string the name of the state (or error description)
+*/
+function findstate($stateno)
+{
+ global $stateNames;
+ if (isset($stateNames[$stateno-1]))
+ {
+ return $stateNames[$stateno-1];
+ }
+ else
+ {
+ return "I don't have a state for the index '" . $stateno . "'";
+ }
+}
+
+// wrap php function, build xmlrpc server
+$methods = array();
+$findstate_sig = wrap_php_function('findstate');
+if ($findstate_sig)
+ $methods['examples.getStateName'] = $findstate_sig;
+$srv = new xmlrpc_server($methods);
+
+----
+
+[[deprecated]]
+
+=== Functions removed from the library
+
+The following two functions have been deprecated in version 1.1 of
+ the library, and removed in version 2, in order to avoid conflicts with
+ the EPI xml-rpc library, which also defines two functions with the same
+ names.
+
+To ease the transition to the new naming scheme and avoid breaking
+ existing implementations, the following scheme has been adopted:
+
+* If EPI-XMLRPC is not active in the current PHP installation,
+ the constant `XMLRPC_EPI_ENABLED` will be set to
+ '0'
+
+
+* If EPI-XMLRPC is active in the current PHP installation, the
+ constant `XMLRPC_EPI_ENABLED` will be set to
+ '1'
+
+
+
+The following documentation is kept for historical
+ reference:
+
+[[xmlrpcdecode]]
+
+==== xmlrpc_decode
+
+mixedx mlrpc_decode xmlrpcval $xmlrpc_val Alias for php_xmlrpc_decode.
+
+[[xmlrpcencode]]
+
+==== xmlrpc_encode
+
+xmlrpcval xmlrpc_encode mixed $phpvalAlias for php_xmlrpc_encode.
+
+[[debugging]]
+
+=== Debugging aids
+
+==== xmlrpc_debugmsg
+
+void xmlrpc_debugmsgstring$debugstringSends the contents of $debugstring in XML
+ comments in the server return payload. If a PHP client has debugging
+ turned on, the user will be able to see server debug
+ information.
+
+Use this function in your methods so you can pass back
+ diagnostic information. It is only available from
+ __xmlrpcs.inc__.
+
+
+[[reserved]]
+
+== Reserved methods
+
+In order to extend the functionality offered by XML-RPC servers
+ without impacting on the protocol, reserved methods are supported in this
+ release.
+
+All methods starting with system. are
+ considered reserved by the server. PHP for XML-RPC itself provides four
+ special methods, detailed in this chapter.
+
+Note that all server objects will automatically respond to clients
+ querying these methods, unless the property
+ allow_system_funcs has been set to
+ false before calling the
+ service() method. This might pose a security risk
+ if the server is exposed to public access, e.g. on the internet.
+
+
+=== system.getCapabilities
+
+
+=== system.listMethods
+
+This method may be used to enumerate the methods implemented by
+ the XML-RPC server.
+
+The system.listMethods method requires no
+ parameters. It returns an array of strings, each of which is the name of
+ a method implemented by the server.
+
+[[sysmethodsig]]
+
+=== system.methodSignature
+
+This method takes one parameter, the name of a method implemented
+ by the XML-RPC server.
+
+It returns an array of possible signatures for this method. A
+ signature is an array of types. The first of these types is the return
+ type of the method, the rest are parameters.
+
+Multiple signatures (i.e. overloading) are permitted: this is the
+ reason that an array of signatures are returned by this method.
+
+Signatures themselves are restricted to the top level parameters
+ expected by a method. For instance if a method expects one array of
+ structs as a parameter, and it returns a string, its signature is simply
+ "string, array". If it expects three integers, its signature is "string,
+ int, int, int".
+
+For parameters that can be of more than one type, the "undefined"
+ string is supported.
+
+If no signature is defined for the method, a not-array value is
+ returned. Therefore this is the way to test for a non-signature, if
+ $resp below is the response object from a method
+ call to system.methodSignature:
+
+[source, php]
+----
+
+$v = $resp->value();
+if ($v->kindOf() != "array") {
+ // then the method did not have a signature defined
+}
+
+----
+
+See the __introspect.php__ demo included in this
+ distribution for an example of using this method.
+
+[[sysmethhelp]]
+
+=== system.methodHelp
+
+This method takes one parameter, the name of a method implemented
+ by the XML-RPC server.
+
+It returns a documentation string describing the use of that
+ method. If no such string is available, an empty string is
+ returned.
+
+The documentation string may contain HTML markup.
+
+=== system.multicall
+
+This method takes one parameter, an array of 'request' struct
+ types. Each request struct must contain a
+ methodName member of type string and a
+ params member of type array, and corresponds to
+ the invocation of the corresponding method.
+
+It returns a response of type array, with each value of the array
+ being either an error struct (containing the faultCode and faultString
+ members) or the successful response value of the corresponding single
+ method call.
+
+
+[[examples]]
+
+== Examples
+
+The best examples are to be found in the sample files included with
+ the distribution. Some are included here.
+
+[[statename]]
+
+=== XML-RPC client: state name query
+
+Code to get the corresponding state name from a number (1-50) from
+ the demo server available on SourceForge
+
+[source, php]
+----
+
+ $m = new xmlrpcmsg('examples.getStateName',
+ array(new xmlrpcval($HTTP_POST_VARS["stateno"], "int")));
+ $c = new xmlrpc_client("/server.php", "phpxmlrpc.sourceforge.net", 80);
+ $r = $c->send($m);
+ if (!$r->faultCode()) {
+ $v = $r->value();
+ print "State number " . htmlentities($HTTP_POST_VARS["stateno"]) . " is " .
+ htmlentities($v->scalarval()) . "<BR>";
+ print "<HR>I got this value back<BR><PRE>" .
+ htmlentities($r->serialize()) . "</PRE><HR>\n";
+ } else {
+ print "Fault <BR>";
+ print "Code: " . htmlentities($r->faultCode()) . "<BR>" .
+ "Reason: '" . htmlentities($r->faultString()) . "'<BR>";
+ }
+
+----
+
+=== Executing a multicall call
+
+To be documented...
+
+
+[[faq]]
+
+[qanda]
+== Frequently Asked Questions
+
+==== How to send custom XML as payload of a method call::
+
+Unfortunately, at the time the XML-RPC spec was designed, support
+ for namespaces in XML was not as ubiquitous as it is now. As a
+ consequence, no support was provided in the protocol for embedding XML
+ elements from other namespaces into an xmlrpc request.
+
+To send an XML "chunk" as payload of a method call or response,
+ two options are available: either send the complete XML block as a
+ string xmlrpc value, or as a base64 value. Since the '<' character in
+ string values is encoded as '<' in the xml payload of the method
+ call, the XML string will not break the surrounding xmlrpc, unless
+ characters outside of the assumed character set are used. The second
+ method has the added benefits of working independently of the charset
+ encoding used for the xml to be transmitted, and preserving exactly
+ whitespace, whilst incurring in some extra message length and cpu load
+ (for carrying out the base64 encoding/decoding).
+
+
+==== Is there any limitation on the size of the requests / responses that can be successfully sent?::
+
+Yes. But I have no hard figure to give; it most likely will depend
+ on the version of PHP in usage and its configuration.
+
+Keep in mind that this library is not optimized for speed nor for
+ memory usage. Better alternatives exist when there are strict
+ requirements on throughput or resource usage, such as the php native
+ xmlrpc extension (see the PHP manual for more information).
+
+Keep in mind also that HTTP is probably not the best choice in
+ such a situation, and XML is a deadly enemy. CSV formatted data over
+ socket would be much more efficient.
+
+If you really need to move a massive amount of data around, and
+ you are crazy enough to do it using phpxmlrpc, your best bet is to
+ bypass usage of the xmlrpcval objects, at least in the decoding phase,
+ and have the server (or client) object return to the calling function
+ directly php values (see xmlrpc_client::return_type
+ and xmlrpc_server::functions_parameters_type for more
+ details).
+
+
+==== My server (client) returns an error whenever the client (server) returns accented characters
+
+To be documented...
+
+
+==== How to enable long-lasting method calls
+
+To be documented...
+
+
+==== My client returns "XML-RPC Fault #2: Invalid return payload: enable debugging to examine incoming payload": what should I do?
+
+The response you are seeing is a default error response that the
+ client object returns to the php application when the server did not
+ respond to the call with a valid xmlrpc response.
+
+The most likely cause is that you are not using the correct URL
+ when creating the client object, or you do not have appropriate access
+ rights to the web page you are requesting, or some other common http
+ misconfiguration.
+
+To find out what the server is really returning to your client,
+ you have to enable the debug mode of the client, using
+ $client->setdebug(1);
+
+
+==== How can I save to a file the xml of the xmlrpc responses received from servers?
+
+If what you need is to save the responses received from the server
+ as xml, you have two options:
+
+1- use the serialize() method on the response object.
+
+
+[source, php]
+----
+
+$resp = $client->send($msg);
+if (!$resp->faultCode())
+ $data_to_be_saved = $resp->serialize();
+
+----
+
+Note that this will not be 100% accurate, since the xml generated
+ by the response object can be different from the xml received,
+ especially if there is some character set conversion involved, or such
+ (eg. if you receive an empty string tag as <string/>, serialize()
+ will output <string></string>), or if the server sent back
+ as response something invalid (in which case the xml generated client
+ side using serialize() will correspond to the error response generated
+ internally by the lib).
+
+2 - set the client object to return the raw xml received instead
+ of the decoded objects:
+
+
+[source, php]
+----
+
+$client = new xmlrpc_client($url);
+$client->return_type = 'xml';
+$resp = $client->send($msg);
+if (!$resp->faultCode())
+ $data_to_be_saved = $resp->value();
+
+----
+
+Note that using this method the xml response response will not be
+ parsed at all by the library, only the http communication protocol will
+ be checked. This means that xmlrpc responses sent by the server that
+ would have generated an error response on the client (eg. malformed xml,
+ responses that have faultcode set, etc...) now will not be flagged as
+ invalid, and you might end up saving not valid xml but random
+ junk...
+
+
+==== Can I use the ms windows character set?
+
+If the data your application is using comes from a Microsoft
+ application, there are some chances that the character set used to
+ encode it is CP1252 (the same might apply to data received from an
+ external xmlrpc server/client, but it is quite rare to find xmlrpc
+ toolkits that encode to CP1252 instead of UTF8). It is a character set
+ which is "almost" compatible with ISO 8859-1, but for a few extra
+ characters.
+
+PHP-XMLRPC only supports the ISO 8859-1 and UTF8 character sets.
+ The net result of this situation is that those extra characters will not
+ be properly encoded, and will be received at the other end of the
+ XML-RPC transmission as "garbled data". Unfortunately the library cannot
+ provide real support for CP1252 because of limitations in the PHP 4 xml
+ parser. Luckily, we tried our best to support this character set anyway,
+ and, since version 2.2.1, there is some form of support, left commented
+ in the code.
+
+To properly encode outgoing data that is natively in CP1252, you
+ will have to uncomment all relative code in the file
+ __xmlrpc.inc__ (you can search for the string "1252"),
+ then set ++$$$GLOBALS['xmlrpc_internalencoding']='CP1252';$$++
+ Please note that all incoming data will then be fed to your application
+ as UTF-8 to avoid any potential data loss.
+
+
+==== Does the library support using cookies / http sessions?
+
+In short: yes, but a little coding is needed to make it
+ happen.
+
+The code below uses sessions to e.g. let the client store a value
+ on the server and retrieve it later.
+
+[source, php]
+----
+
+$resp = $client->send(new xmlrpcmsg('registervalue', array(new xmlrpcval('foo'), new xmlrpcval('bar'))));
+if (!$resp->faultCode())
+{
+ $cookies = $resp->cookies();
+ if (array_key_exists('PHPSESSID', $cookies)) // nb: make sure to use the correct session cookie name
+ {
+ $session_id = $cookies['PHPSESSID']['value'];
+
+ // do some other stuff here...
+
+ $client->setcookie('PHPSESSID', $session_id);
+ $val = $client->send(new xmlrpcmsg('getvalue', array(new xmlrpcval('foo')));
+ }
+}
+
+----
+
+Server-side sessions are handled normally like in any other
+ php application. Please see the php manual for more information about
+ sessions.
+
+NB: unlike web browsers, not all xmlrpc clients support usage of
+ http cookies. If you have troubles with sessions and control only the
+ server side of the communication, please check with the makers of the
+ xmlrpc client in use.
+
+
+[[integration]]
+
+[appendix]
+== Integration with the PHP xmlrpc extension
+
+To be documented more...
+
+In short: for the fastest execution possible, you can enable the php
+ native xmlrpc extension, and use it in conjunction with phpxmlrpc. The
+ following code snippet gives an example of such integration
+
+
+[source, php]
+----
+
+/*** client side ***/
+$c = new xmlrpc_client('http://phpxmlrpc.sourceforge.net/server.php');
+
+// tell the client to return raw xml as response value
+$c->return_type = 'xml';
+
+// let the native xmlrpc extension take care of encoding request parameters
+$r = $c->send(xmlrpc_encode_request('examples.getStateName', $_POST['stateno']));
+
+if ($r->faultCode())
+ // HTTP transport error
+ echo 'Got error '.$r->faultCode();
+else
+{
+ // HTTP request OK, but XML returned from server not parsed yet
+ $v = xmlrpc_decode($r->value());
+ // check if we got a valid xmlrpc response from server
+ if ($v === NULL)
+ echo 'Got invalid response';
+ else
+ // check if server sent a fault response
+ if (xmlrpc_is_fault($v))
+ echo 'Got xmlrpc fault '.$v['faultCode'];
+ else
+ echo'Got response: '.htmlentities($v);
+}
+
+----
+
+
+[[substitution]]
+
+[appendix]
+== Substitution of the PHP xmlrpc extension
+
+Yet another interesting situation is when you are using a ready-made
+ php application, that provides support for the XMLRPC protocol via the
+ native php xmlrpc extension, but the extension is not available on your
+ php install (e.g. because of shared hosting constraints).
+
+Since version 2.1, the PHP-XMLRPC library provides a compatibility
+ layer that aims to be 100% compliant with the xmlrpc extension API. This
+ means that any code written to run on the extension should obtain the
+ exact same results, albeit using more resources and a longer processing
+ time, using the PHP-XMLRPC library and the extension compatibility module.
+ The module is part of the EXTRAS package, available as a separate download
+ from the sourceforge.net website, since version 0.2
+
+
+[[enough]]
+
+[appendix]
+== 'Enough of xmlrpcvals!': new style library usage
+
+To be documented...
+
+In the meantime, see docs about xmlrpc_client::return_type and
+ xmlrpc_server::functions_parameters_types, as well as php_xmlrpc_encode,
+ php_xmlrpc_decode and php_xmlrpc_decode_xml
+
+
+[[debugger]]
+
+[appendix]
+== Usage of the debugger
+
+A webservice debugger is included in the library to help during
+ development and testing.
+
+The interface should be self-explicative enough to need little
+ documentation.
+
+image::debugger.gif[,,,,align="center"]
+
+The most useful feature of the debugger is without doubt the "Show
+ debug info" option. It allows to have a screen dump of the complete http
+ communication between client and server, including the http headers as
+ well as the request and response payloads, and is invaluable when
+ troubleshooting problems with charset encoding, authentication or http
+ compression.
+
+The debugger can take advantage of the JSONRPC library extension, to
+ allow debugging of JSON-RPC webservices, and of the JS-XMLRPC library
+ visual editor to allow easy mouse-driven construction of the payload for
+ remote methods. Both components have to be downloaded separately from the
+ sourceforge.net web pages and copied to the debugger directory to enable
+ the extra functionality:
+
+
+* to enable jsonrpc functionality, download the PHP-XMLRPC
+ EXTRAS package, and copy the file __jsonrpc.inc__
+ either to the same directory as the debugger or somewhere in your
+ php include path
+
+
+* to enable the visual value editing dialog, download the
+ JS-XMLRPC library, and copy somewhere in the web root files
+ __visualeditor.php__,
+ __visualeditor.css__ and the folders
+ __yui__ and __img__. Then edit the
+ debugger file __controller.php__ and set
+ appropriately the variable $editorpath.
+
+
+[[news]]
+
+[appendix]
+
+== Whats's new
+
+CAUTION: not all items the following list have (yet) been fully documented, and some might not be present in any other
+ chapter in the manual. To find a more detailed description of new functions and methods please take a look at the
+ source code of the library, which is quite thoroughly commented in phpdoc form.
+
+=== 4.0.0
+
+* new: introduction of namespaces and full OOP.
++
+All php classes have been renamed and moved to separate files.
++
+Class autoloading can now be done in accord with the PSR-4 standard.
++
+All global variables and global functions have been removed.
++
+Iterating over xmlrpc value objects is now easier thank to support for ArrayAccess and Traversable interfaces.
++
+Backward compatibility is maintained via _lib/xmlrpc.inc_, _lib/xmlrpcs.inc_ and _lib/xmlrpc_wrappers.inc_.
+ For more details, head on to doc/api_changes_v4.md
+
+* changed: the default character encoding delivered from the library to your code is now utf8.
+ It can be changed at any time setting a value to `PhpXmlRpc\PhpXmlRpc::$xmlrpc_internalencoding`
+
+* improved: the library now accepts requests/responses sent using other character sets than UTF-8/ISO-8859-1/ASCII.
+ This only works when the mbstring php extension is enabled.
+
+* improved: no need to call anymore `$client->setSSLVerifyHost(2)` to silence a curl warning when using https
+ with recent curl builds
+
+* improved: the xmlrpcval class now supports the interfaces `Countable` and `IteratorAggregate`
+
+* improved: a specific option allows users to decide the version of SSL to use for https calls.
+ This is useful f.e. for the testing suite, when the server target of calls has no proper ssl certificate,
+ and the cURL extension has been compiled with GnuTLS (such as on Travis VMs)
+
+* improved: the function `wrap_php_function()` now can be used to wrap closures (it is now a method btw)
+
+* improved: all _wrap_something()_ functions now return a closure by default instead of a function name
+
+* improved: debug messages are not html-escaped any more when executing from the command line
+
+* improved: the library is now tested using Travis ( https://travis-ci.org/ ).
+ Tests are executed using all php versions from 5.3 to 7.0 nightly, plus HHVM; code-coverage information
+ is generated using php 5.6 and uploaded to both Code Coverage and Scrutinizer online services
+
+* improved: phpunit is now installed via composer, not bundled anymore
+
+* improved: when phpunit is used to generate code-coverage data, the code executed server-side is accounted for
+
+* improved: the test suite has basic checks for the debugger and demo files
+
+* improved: more tests in the test suite
+
+* fixed: the server would not reset the user-set debug messages between subsequent `service()` calls
+
+* fixed: the server would not reset previous php error handlers when an exception was thrown by user code and
+ exception_handling set to 2
+
+* fixed: the server would fail to decode a request with ISO-8859-1 payload and character set declaration in the xml
+ prolog only
+
+* fixed: the client would fail to decode a response with ISO-8859-1 payload and character set declaration in the xml
+ prolog only
+
+* fixed: the function `decode_xml()` would not decode an xml with character set declaration in the xml prolog
+
+* fixed: the client can now successfully call methods using ISO-8859-1 or UTF-8 characters in their name
+
+* fixed: the debugger would fail sending a request with ISO-8859-1 payload (it missed the character set declaration).
+ It would have a hard time coping with ISO-8859-1 in other fields, such as e.g. the remote method name
+
+* fixed: the debugger would generate a bad payload via the 'load method synopsis' button for signatures containing NULL
+ or undefined parameters
+
+* fixed: the debugger would generate a bad payload via the 'load method synopsis' button for methods with multiple
+ signatures
+
+* improved: the debugger is displayed using UTF-8, making it more useful to debug any kind of service
+
+* improved: echo all debug messages even when there are characters in them which php deems to be in a wrong encoding;
+ previously those messages would just disappear (this is visible e.g. in the debugger)
+
+* changed: debug info handling
+ - at debug level 1, the rebuilt php objects are not dumped to screen (server-side already did that)
+ - at debug level 1, curl communication info are not dumped to screen
+ - at debug level 1, the tests echo payloads of failures; at debug level 2 all payloads
+
+* improved: makefiles have been replaced with a php_based pakefile
+
+* improved: the source for the manual is stored in asciidoc format, which can be displayed natively by GitHub
+ with nice html formatting. Also the HTML version generated by hand and bundled in tarballs is much nicer
+ to look at than previous versions
+
+* improved: all php code is now formatted according to the PSR-2 standard
+
+=== 3.0.0
+
+__Note:__ this is the last release of the library that will support PHP 5.1 and up. Future releases will target php 5.3
+ as minimum supported version.
+
+* when using curl and keepalive, reset curl handle if we did not get back an http 200 response (eg a 302)
+
+* omit port on http 'Host' header if it is 80
+
+* test suite allows interrogating https servers ignoring their certs
+
+* method `setAcceptedCompression` was failing to disable reception of compressed responses if the client supported them
+
+=== 3.0.0 beta
+
+This is the first release of the library to only support PHP 5. Some legacy code has been removed, and support for
+ features such as exceptions and dateTime objects introduced.
+
+The "beta" tag is meant to indicate the fact that the refactoring has been more widespread than in precedent releases
+ and that more changes are likely to be introduced with time - the library is still considered to be production
+ quality.
+
+* improved: removed all usage of php functions deprecated in php 5.3, usage of assign-by-ref when creating new objects
+ etc...
+
+* improved: add support for the `<ex:nil>` tag used by the apache library, both in input and output
+
+* improved: add support for dateTime objects in both in php_xmlrpc_encode and as parameter for constructor of xmlrpcval
+
+* improved: add support for timestamps as parameter for constructor of xmlrpcval
+
+* improved: add option `dates_as_objects` to `php_xmlrpc_decode` to return dateTime objects for xmlrpc datetimes
+
+* improved: add new method `SetCurlOptions` to xmrlpc_client to allow extra flexibility in tweaking http config, such as
+ explicitly binding to an ip address
+
+* improved: add new method `SetUserAgent` to xmrlpc_client to to allow having different user-agent http headers
+
+* improved: add a new member variable in server class to allow fine-tuning of the encoding of returned values when the
+ server is in 'phpvals' mode
+
+* improved: allow servers in 'xmlrpcvals' mode to also register plain php functions by defining them in the dispatch map
+ with an added option
+
+* improved: catch exceptions thrown during execution of php functions exposed as methods by the server
+
+* fixed: bad encoding if same object is encoded twice using `php_xmlrpc_encode`
+
+=== 2.2.2
+
+__Note:__ this is the last release of the library that will support PHP 4. Future releases (if any) should target
+ php 5.0 as minimum supported version.
+
+* fixed: encoding of utf-8 characters outside of the BMP plane
+
+* fixed: character set declarations surrounded by double quotes were not recognized in http headers
+
+* fixed: be more tolerant in detection of charset in http headers
+
+* fixed: fix detection of zlib.output_compression
+
+* fixed: use `feof()` to test if socket connections are to be closed instead of the number of bytes read (rare bug when
+ communicating with some servers)
+
+* fixed: format floating point values using the correct decimal separator even when php locale is set to one that uses
+ comma
+
+* fixed: improve robustness of the debugger when parsing weird results from non-compliant servers
+
+* php warning when receiving `false` in a bool value
+
+* improved: allow the add_to_map server method to add docs for single params too
+
+* improved: added the possibility to wrap for exposure as xmlrpc methods plain php class methods, object methods and even
+ whole classes
+
+=== 2.2.1
+
+* fixed: work aroung bug in php 5.2.2 which broke support of `HTTP_RAW_POST_DATA`
+
+* fixed: is_dir parameter of `setCaCertificate()` method is reversed
+
+* fixed: a php warning in xmlrpc_client creator method
+
+* fixed: parsing of `1e+1` as valid float
+
+* fixed: allow errorlevel 3 to work when prev. error handler was a static method
+
+* fixed: usage of `client::setcookie()` for multiple cookies in non-ssl mode
+
+* improved: support for CP1252 charset is not part or the library but almost possible
+
+* improved: more info when curl is enabled and debug mode is on
+
+=== 2.2
+
+* fixed: debugger errors on php installs with `magic_quotes_gpc` on
+
+* fixed: support for https connections via proxy
+
+* fixed: `wrap_xmlrpc_method()` generated code failed to properly encode php objects
+
+* improved: slightly faster encoding of data which is internally UTF-8
+
+* improved: debugger always generates a `null` id for jsonrpc if user omits it
+
+* new: debugger can take advantage of a graphical value builder (it has to be downloaded separately, as part of jsxmlrpc
+ package. See Appendix D for more details)
+
+* new: support for the `<NIL/>` xmlrpc extension. see below for more details
+
+* new: server support for the `system.getCapabilities` xmlrpc extension
+
+* new: `wrap_xmlrpc_method`, `wrap_xmlrpc_method()` accepts two new options: debug and return_on_fault
+
+=== 2.1
+
+* The wrap_php_function and wrap_xmlrpc_method functions have been moved out of the base library file _xmlrpc.inc_
+ into a file of their own: _xmlrpc_wrappers.php_. You will have to include() / require() it in your scripts if
+ you have been using those functions.
+ For increased security, the automatic rebuilding of php object instances out ofreceived xmlrpc structs in
+ `wrap_xmlrpc_method()` has been disabled (but it can be optionally re-enabled).
+ Both `wrap_php_function()` and `wrap_xmlrpc_method()` functions accept many more options to fine tune their behaviour,
+ including one to return the php code to be saved and later used as standalone php script
+
+* The constructor of xmlrpcval() values has seen some internal changes, and it will not throw a php warning anymore when
+ invoked using an unknown xmlrpc type: the error will only be written to php error log. Also
+ `new xmlrpcval('true', 'boolean')` is not supported anymore
+
+* The new function `php_xmlrpc_decode_xml()` will take the xml representation of either an xmlrpc request, response or
+ single value and return the corresponding php-xmlrpc object instance
+
+* A new function `wrap_xmlrpc_server()` has been added, to wrap all (or some) of the methods exposed by a remote xmlrpc
+ server into a php class
+
+* A new file has been added: _verify_compat.php_, to help users diagnose the level of compliance of their php
+ installation with the library
+
+* Restored compatibility with php 4.0.5 (for those poor souls still stuck on it)
+
+* Method `xmlrpc_server->service()` now returns a value: either the response payload or xmlrpcresp object instance
+
+* Method `xmlrpc_server->add_to_map()` now accepts xmlrpc methods with no param definitions
+
+* Documentation for single parameters of exposed methods can be added to the dispatch map (and turned into html docs in
+ conjunction with a future release of the 'extras' package)
+
+* Full response payload is saved into xmlrpcresp object for further debugging
+
+* The debugger can now generate code that wraps a remote method into a php function (works for jsonrpc, too); it also
+ has better support for being activated via a single GET call (e.g. for integration into other tools)
+
+* Stricter parsing of incoming xmlrpc messages: two more invalid cases are now detected (double `data` element inside
+ `array` and `struct`/`array` after scalar inside `value` element)
+
+* More logging of errors in a lot of situations
+
+* Javadoc documentation of lib files (almost) complete
+
+* Many performance tweaks and code cleanups, plus the usual crop of bugs fixed (see NEWS file for complete list of bugs)
+
+* Lib internals have been modified to provide better support for grafting extra functionality on top of it. Stay tuned
+ for future releases of the EXTRAS package (or go read Appendix B)...
+
+=== 2.0 final
+
+* Added to the client class the possibility to use Digest and NTLM authentication methods (when using the CURL library)
+ for connecting to servers and NTLM for connecting to proxies
+
+* Added to the client class the possibility to specify alternate certificate files/directories for authenticating the
+ peer with when using HTTPS communication
+
+* Reviewed all examples and added a new demo file, containing a proxy to forward xmlrpc requests to other servers
+ (useful e.g. for ajax coding)
+
+* The debugger has been upgraded to reflect the new client capabilities
+
+* All known bugs have been squashed, and the lib is more tolerant than ever of commonly-found mistakes
+
+=== 2.0 Release candidate 3
+
+* Added to server class the property functions_parameters_type, that allows the server to register plain php functions
+ as xmlrpc methods (i.e. functions that do not take an xmlrpcmsg object as unique param)
+
+* let server and client objects serialize calls using a specified character set encoding for the produced xml instead of
+ US-ASCII (ISO-8859-1 and UTF-8 supported)
+
+* let `php_xmlrpc_decode` accept xmlrpcmsg objects as valid input
+
+* 'class::method' syntax is now accepted in the server dispatch map
+
+* `xmlrpc_clent::SetDebug()` accepts integer values instead of a boolean value, with debugging level 2 adding to the
+ information printed to screen the complete client request
+
+=== 2.0 Release candidate 2
+
+* Added a new property of the client object: `xmlrpc_client->return_type`, indicating whether calls to the
+ send() method will return xmlrpcresp objects whose value() is an xmlrpcval object, a php value (automatically
+ decoded) or the raw xml received from the server.
+
+* Added in the extras dir. two new library files: _jsonrpc.inc_ and _jsonrpcs.inc_ containing new classes that
+ implement support for the json-rpc protocol (alpha quality code)
+
+* Added a new client method: `setKey($key, $keypass)` to be used in HTTPS connections
+
+* Added a new file containing some benchmarks in the testsuite directory
+
+=== 2.0 Release candidate 1
+
+* Support for HTTP proxies (new method: `xmlrpc_client::setProxy()`)
+
+* Support HTTP compression of both requests and responses.
+ Clients can specify what kind of compression they accept for responses between deflate/gzip/any, and whether to
+ compress the requests.
+ Servers by default compress responses to clients that explicitly declare support for compression (new methods:
+ `xmlrpc_client::setAcceptedCompression()`, `xmlrpc_client::setRequestCompression()`).
+ Note that the ZLIB php extension needs to be enabled in PHP to support compression.
+
+* Implement HTTP 1.1 connections, but only if CURL is enabled (added an extra parameter to
+ `xmlrpc_client::xmlrpc_client` to set the desired HTTP protocol at creation time and a new supported value for
+ the last parameter of `xmlrpc_client::send`, which now can be safely omitted if it has been specified at
+ creation time).
++
+With PHP versions greater than 4.3.8 keep-alives are enabled by default for HTTP 1.1 connections. This should yield
+ faster execution times when making multiple calls in sequence to the same xml-rpc server from a single client.
+
+* Introduce support for cookies.
+ Cookies to be sent to the server with a request can be set using `xmlrpc_client::setCookie()`, while cookies
+ received from the server are found in ++xmlrpcresp::cookies()++. It is left to the user to check for validity of
+ received cookies and decide whether they apply to successive calls or not.
+
+* Better support for detecting different character set encodings of xml-rpc requests and responses: both client and
+ server objects will correctly detect the charset encoding of received xml, and use an appropriate xml parser.
++
+Supported encodings are US-ASCII, UTF-8 and ISO-8859-1.
+
+* Added one new xmlrpcmsg constructor syntax, allowing usage of a single string with the complete URL of the target
+ server
+
+* Convert xml-rpc boolean values into native php values instead of 0 and 1
+
+* Force the `php_xmlrpc_encode` function to properly encode numerically indexed php arrays into xml-rpc arrays
+ (numerically indexed php arrays always start with a key of 0 and increment keys by values of 1)
+
+* Prevent the `php_xmlrpc_encode` function from further re-encoding any objects of class ++xmlrpcval++ that
+ are passed to it. This allows to call the function with arguments consisting of mixed php values / xmlrpcval objects
+
+* Allow a server to NOT respond to system.* method calls (setting the `$server->allow_system_funcs` property).
+
+* Implement a new xmlrpcval method to determine if a value of type struct has a member of a given name without having to
+ loop trough all members: `xmlrpcval::structMemExists()`
+
+* Expand methods `xmlrpcval::addArray`, `addScalar` and `addStruct` allowing extra php values to be added to
+ xmlrpcval objects already formed.
+
+* Let the `xmlrpc_client::send` method accept an XML string for sending instead of an xmlrpcmsg object, to
+ facilitate debugging and integration with the php native xmlrpc extension
+
+* Extend the `php_xmlrpc_encode` and `php_xmlrpc_decode` functions to allow serialization and rebuilding of
+ PHP objects. To successfully rebuild a serialized object, the object class must be defined in the deserializing end
+ of the transfer. Note that object members of type resource will be deserialized as NULL values.
++
+Note that his has been implemented adding a "php_class" attribute to xml representation of xmlrpcval of STRUCT type,
+ which, strictly speaking, breaks the xml-rpc spec. Other xmlrpc implementations are supposed to ignore such an
+ attribute (unless they implement a brain-dead custom xml parser...), so it should be safe enabling it in
+ heterogeneous environments. The activation of this feature is done by usage of an option passed as second parameter
+ to both `php_xmlrpc_encode` and `php_xmlrpc_decode`.
+
+* Extend the `php_xmlrpc_encode` function to allow automatic serialization of iso8601-conforming php strings as
+ datetime.iso8601 xmlrpcvals, by usage of an optional parameter
+
+* Added an automatic stub code generator for converting xmlrpc methods to php functions and vice-versa.
++
+This is done via two new functions: `wrap_php_function` and `wrap_xmlrpc_method`, and has many caveats,
+ with php being a typeless language and all...
+
+* Allow object methods to be used in server dispatch map
+
+* Added a complete debugger solution, in the __debugger__ folder
+
+* Added configurable server-side debug messages, controlled by the new method `xmlrpc_server::SetDebug()`.
+ At level 0, no debug messages are sent to the client; level 1 is the same as the old behaviour; at level 2 a lot
+ more info is echoed back to the client, regarding the received call; at level 3 all warnings raised during server
+ processing are trapped (this prevents breaking the xml to be echoed back to the client) and added to the debug info
+ sent back to the client
+
+* New XML parsing code, yields smaller memory footprint and faster execution times, not to mention complete elimination
+ of the dreaded __eval()__ construct, so prone to code injection exploits
+
+* Rewritten most of the error messages, making text more explicative
+
+++++++++++++++++++++++++++++++++++++++
+<!-- Keep this comment at the end of the file
+Local variables:
+mode: sgml
+sgml-omittag:nil
+sgml-shorttag:t
+sgml-minimize-attributes:nil
+sgml-always-quote-attributes:t
+sgml-indent-step:2
+sgml-indent-data:t
+sgml-parent-document:nil
+sgml-exposed-tags:nil
+sgml-local-catalogs:nil
+sgml-local-ecat-files:nil
+sgml-namecase-general:t
+sgml-general-insert-case:lower
+End:
+-->
+++++++++++++++++++++++++++++++++++++++