Skip to content

4.10.0
Compare
Choose a tag to compare
@github-actions github-actions released this 11 Feb 17:17
· 55 commits to master since this release
4.10.0
7103864

  • changed: the minimum php version required has been increased to 5.4

  • changed: dropped support for parsing cookie headers which follow the obsolete Cookie2 specification

  • new: it is now possible to make the library generate warning messages whenever a deprecated feature is used, such as
    calling deprecated methods, using deprecated method parameters, or reading/writing deprecated object properties.
    This is disabled by default, and can be enabled by setting PhpXmlRpc\PhpXmlRpc::xmlrpc_silence_deprecations = false.
    Note that the deprecation warnings will be by default added to the php error log, and not be displayed on screen.
    If you prefer them to be handled in some other way, you should take over the Logger, as described below here

  • new: allow to specify other charsets than the canonical three (UTF-8, ISO-8859-1, ASCII), when mbstring is
    available, both for outgoing and incoming data (issue #42).

    For outgoing data, this can be set in $client->request_charset_encoding and $server->response_charset_encoding.
    The library will then transcode the data fed to it by the application into the desired charset when serializing
    it for transmission.

    For incoming data, this can be set using PhpXmlRpc::$internal_encoding. The library will then transcode the data
    received from 3rd parties into the desired charset when handling it back to the application.

    An example of using this feature has been added to demo file windowscharset.php

  • new: allow the library to pass to the application DateTime objects instead of string for all received dateTime.iso8601
    xml-rpc values. This includes both client-side, for data within the $response->value(), and server-side, for data
    passed to xml-rpc method handlers, and works for both 'xmlrpcvals' and 'phpvals' modes.
    In order to enable this, you should set PhpXmlRpc\PhpXmlRpc::$xmlrpc_return_datetimes = true.

    NB: since the xml-rpc spec mandates that no Timezone is used on the wire for dateTime values, the DateTime objects
    created by the library will be set to the default php timezone, set using the 'date.timezone' ini setting.

    NB: if the received strings are not parseable as dates, NULL will be returned instead of an object, but that can
    be avoided by setting PhpXmlRpc\PhpXmlRpc::$xmlrpc_reject_invalid_values = true, see below.

  • improved: be more strict in the Response constructor and in Request::addParam: both of those will now generate
    an error message in the log if passed unexpected values

  • improved: be more strict in the data accepted as valid for dateTime xml-rpc values. Clearly invalid dates such as a
    month '13', day '32' or hour '25' will cause an error message to be logged or the value to be rejected, depending
    on configuration

  • improved: be more strict in the data accepted as valid for 'float' and 'int' xml-rpc values. If you need to allow
    different formats for numbers, you can set a custom value to PhpXmlRpc\PhpXmlRpc::$xmlrpc_double_format and
    PhpXmlRpc\PhpXmlRpc::$xmlrpc_int_format

  • new: allow the library to be stricter in parsing the received xml: by setting
    PhpXmlRpc\PhpXmlRpc::$xmlrpc_reject_invalid_values = true, incoming xml which has data not conforming to the expected
    format for value elements of type date, int, float, double, base64 and methodname will be rejected instead of passed
    on to the application. The same will apply for elements of type struct-member which miss either the name or the value

  • new: it is now possible to tell the library to allow non-standard formats for received datetime value, such as f.e.
    datetimes with a timezone specifier, by setting a custom value to PhpXmlRpc\PhpXmlRpc::$xmlrpc_datetime_format
    (issue #46).

  • new: it is now possible to tell the library to allow non-standard formats for received int and float values, as well
    as for methdoname elements. See the api docs for PhpXmlRpc\PhpXmlRpc static variables.

  • fixed: when a server is configured with its default value of 'xmlrpcvals' for $functions_parameters_type, and
    a method handler in the dispatch was defined with 'parameters_type' = 'phpvals', the handler would be passed a
    Request object instead of plain php values.

  • fixed: made sure all debug output goes through the logger at response parsing time (there was one printf call left)

  • fixed: Client::send will now return an error Response when it is requested to use an auth method that it does not
    support, instead of logging an error message and continuing with another auth schema. The returned error code is 20

  • fixed: when calling Client::multicall() with $client->return_type = 'xml', the code would be always falling back to
    non-multicall requests

  • fixed: support calling Client::setSSLVersion() for the case of not using curl transport

  • fixed: receiving integers which use the 'EX:I8' xml tag

  • fixed: setting/retrieving the php value from a Value object using array notation would fail if the object was created
    using i4 then accessed using int, eg: $v = new Value(1, 'i4'); $v[$v->scalrtyp()] = 2;

  • fixed: setting values to deprecated Response property cookies would trigger a PHP notice, ex:
    $response->_cookies['name'] = ['value' => 'something']; (introduced in 4.6.0)

  • fixed: made deprecated method Value::structEach work again with php 8.0 and later

  • new: method PhpXmlRpc::useInteropFaults() can be used to make the library change the error codes it generates to
    match the spec described at https://xmlrpc-epi.sourceforge.net/specs/rfc.fault_codes.php

  • new: both Request and Response acquired methods getPayload and getContentType

  • new: method Response::valueType()

  • new: method Client::getUrl()

  • new: method Server::setDispatchMap()

  • new: added methods getOption, setOption, setOptions and getOptions to both Client and Server, meant to replace
    direct access to all public properties as well as the $timeout argument in calls to Client::send and Client::multicall

  • new: by using Client::setOption('extracurlopts'), it is possible to pass in protocol=specific options for when
    using the Socket http transport. The value has to be an array with key being 'socket' or 'ssl', and the value an array
    (see https://www.php.net/manual/en/context.socket.php and https://www.php.net/manual/en/context.ssl.php)

  • new: it is now possible to inject a custom logger into helper classes Charset, Http, XMLParser, inching a step
    closer to supporting DIC patterns (issue #78)

  • new: method PhpXmlRpc::setLogger(), to simplify injecting a custom logger into all classes of the library in one step

  • improved: the Client will automatically try to use cURL for requests using Digest/NTLM auth, unless told explicitly
    told not to do so via option 'use_curl'

  • improved: the Client is more verbose in logging issues when trying to compress a Request for sending

  • improved: the Logger class now sports methods adhering to Psr\Log\LoggerInterface

  • improved: limit the size of incoming data which will be used in error responses and logged error messages, making
    it slightly harder to carry out DOS attacks against the library

  • new: passing value -1 to $client->setDebug will avoid storing the full http response data in the returned Response
    object when executing call. This could be useful in reducing memory usage for big responses

  • new: when calling Wrapper::wrapXmlrpcMethod and wrapXmlrpcServer, it is possible to pass 'throw_on_fault' as option
    to argument $extraOptions. This will make the generated function throw on http errors and xml-rpc faults instead of
    returning a Response object

  • new: when calling Wrapper::wrapXmlrpcMethod, wrapXmlrpcServer, wrapPhpFunction and wrapPhpClass it is possible
    to pass 'encode_nulls' as option to argument $extraOptions. This will make the generated code emit a ''
    xml-rpc element for php null values, instead of emitting an empty-string xml-rpc element

  • new: methods Wrapper::holdObject() and Wrapper::getheldObject(), allowing flexibility in storing object instances
    for code-generation scenarios involving Wrapper::wrapPhpClass and Wrapper::wrapPhpFunction

  • improved: all Value methods now follow snakeCase convention

  • improved: all the Exceptions thrown by the library are now \PhpXmlRpc\Exception or subclasses thereof

  • improved: all the Client's setSomething() methods now return the client object, allowing for usage of fluent style
    calling. The same applies to Request::setDebug

  • improved: when calling Client::multicall(), the returned Response objects did not have any data in their httpResponse

  • new: method Helper\Date::iso8601Encode now accepts a DateTime input beside a timestamp

  • new: in the dispatch map, it is now possible to set different exception handling modes for each exposed xml-rpc method

  • new: method Server::add_to_map is deprecated in favour of addToMap. It has also acquired new parameters:
    $parametersType = false, $exceptionHandling = false

  • improved: the XMLParser accepts more options in its constructor (see phpdocs for details)

  • improved: removed usage of extension_loaded in favour of function_exists when checking for mbstring. This allows
    for mbstring functions to be polyfilled

  • improved: the code generated by the various code-generating methods of Wrapper are formatted better, and include
    more phpdoc blocks too

  • improved: made the Wrapper and Client classes easy to subclass for use by the PhpJsonRpc library

  • improved: added the library version number to the debugger title line

  • improved: the debugger will now sport the "load method synopsis" button when interacting with json-rpc servers

  • improved: added an example Symfony Client and Server to the demo files (using Symfony 6 / PHP 8 syntax)

  • improved: added to the taskfile command an option to automatically set up the git hooks for development

  • improved: made sure the test container and gha test runners have at least one locale with comma as decimal separator

  • BC notes:

    NB Given the considerable amount of API changes in this release, a set of tables listing every change has been
    added in doc/api_changes_v4.10.md; a textual description follows.

    Besides what can be inferred from the changes listed above, for library users:

    • the data passed to the application is not encoded anymore in UTF-8 when setting PhpXmlRpc::$internal_encoding
      to a custom character set and the mbstring extension is enabled. It will be encoded instead in the specified character
      set. We expect this to affect few users, as setting PhpXmlRpc::$internal_encoding to a custom character set did
      not make a lot of sense beforehand
    • the regular expression used to check if incoming int and double values are valid has been tightened. That can be
      tweaked via use of PhpXmlRpc\PhpXmlRpc::$xmlrpc_double_format and PhpXmlRpc\PhpXmlRpc::$xmlrpc_int_format
    • the regular expression used to check if incoming datetime values are valid has been tightened to reject clearly
      invalid dates. It has been widened as well, to allow leap seconds. That can be tweaked via use of
      PhpXmlRpc\PhpXmlRpc::$xmlrpc_datetime_format
    • a regular expression has been introduced to check incoming 'methodname' elements. In the default configuration it
      will trigger error messages in the logs, but not reject the calls. It can be tweaked via use of
      PhpXmlRpc\PhpXmlRpc::$xmlrpc_methodname_format
    • an error message will now be generated if, in incoming data, a STRUCT element has no NAME
    • parameters $timeout and $method are now considered deprecated in Client::send() and Client::multicall()
    • Client properties $errno and $errstring are now deprecated
    • direct access to all properties of Client and Server is now deprecated and should be replaced by calls to
      setOption / getOption. The same applies to the following "setter" methods of the Client: setSSLVerifyPeer,
      setSSLVerifyHost, setSSLVersion, setRequestCompression, setCurlOptions, setUseCurl, setUserAgent
    • direct access to Wrapper::$objHolder is now deprecated
    • the code generated by the debugger when using "Generate stub for method call" will throw on errors instead of
      returning a Response object

    For library extenders:

    • the $options argument passed to XMLParser::parse will now contain both options intended to be passed down to
      the php xml parser, and further options used to tweak the parsing results. If you have subclassed XMLParser
      and reimplemented the parse methods, or wholesale replaced it, you will have to adapt your code: both for that,
      and for making sure that it sets $this->current_parsing_options['xmlrpc_null_extension'] from
      PhpXmlRpc::$xmlrpc_null_extension
    • also, if you had reimplemented XMLParser::parse, be warned that:
      • you should return $this->_xh instead of void
      • the callers now treat differently results when _xh['isf'] > 3
    • Client protected methods sendPayloadSocket, sendPayloadCURL and prepareCurlHandle are now deprecated. They
      have been replaced by sendViaSocket, sendViaCURL and createCurlHandle respectively
    • if you subclassed the Client class, take care of new static variables $requestClass and $responseClass,
      which should be used to instantiate requests and responses
    • if you had been somehow interacting with private method Client::_try_multicall, be warned its returned data has
      changed: it now returns a Response for the cases in which it previously returned false, and an array of Response
      objects for the cases in which it previously returned a string
    • if you replaced the Logger class, take care that you will have to implement methods error, warning and debug
      (all is ok if you subclassed it)
    • calling method Value::serializeData is now deprecated
    • traits have been introduced for all classes dealing with Logger, XMLParser and CharsetEncoder; method setCharsetEncoder
      is now static
    • new methods in helper classes: Charset::knownCharsets, Http::parseAcceptHeader, XMLParser::truncateValueForLog
    • new method Response::xml_header has replaced Server::xml_header
    • protected property Server::$accepted_charset_encodings is now deprecated
    • exception \PhpXmlRpc\Exception\PhpXmlRpcException is deprecated. Use \PhpXmlRpc\Exception instead
Assets 4
Loading