The developers at WordPress had a great idea, when they developed the XML-RPC api to update WordPress. The idea being, what if we wanted to create a open system, where old client server type applications can be created to update WordPress, and compete with the wonderful crowdsourced WordPress web admin. And it provides ways for other systems to interoperate (and cooperate) with WordPress integrate their systems. And XML-RPC API solves that niche.
What is an API? Application Program Interface. The application program is “WordPress”. The type of the interface is XML-RPC. Put together, it is a way for other computer programs to communicate with WordPress. An analogy is that WordPress knows a phrase book (published API), in a language called XML-RPC (the language is transported thru a media of a computer network interface called HTTP, and a list of words and grammar defined in XML-RPC specification).
So where the WordPress Admin web pages give you a visually rich tool which to update WordPress Settings and content, computers don’t have eyes. And complex requests are difficult for a computer to process, so the requests are kept simple in a API. Things such as getting a program to ask WordPress XMLRPC to create a new post, upload a picture, or ask for a post, is a straight-forward, simple request as long as you understand the phrasebook and words and grammar.
Yes, there’s some controversy over security risks, which seem to primarily revolve around opening additional vectors which to access the WordPress database. However, there has always been a tradeoff between usability and security. It’s like saying a mute, illiterate person can keep a secret real well, but it’s going to be hell trying to convey what you want from it. But you can, if you take their hand, and guide them to do exactly what you need. But teach him sign language, and now you have a security hole because he can tell anyone where you keep good China. Even if you tell him to only tell you, a signer can just tell him that you sent them to pick up the China. So that’s a simple idea. It’s just implemented in all these creative ways, so they can have the best of both worlds.
But I think, the truly difficult thing about XML-RPC for a programmer, isn’t getting the idea of XMLRPC. It’s often the stuff left out of the word and grammar specification. It’s like a language of cavemen. Really easy to grasp fast, but then you realize there are some ideas left out, like the idea of zero. Which all of us take for granted, but historians will tell you that the number zero was invented after 1,2,3,4,5. etc. So you start to see improvisations to implement that idea in the word and grammar used. So the phrase book can be implemented with a simple grammar and few words, but for certain ideas that aren’t explicitly stated, you’ll see different people using different ways of expressing it. When WordPress speaks XMLRPC, when it means to say null (or zero), you’ll notice it will use 2 different grammars, both unpublished in the original specification. This is bc no one wrote how to express this idea, so the programmers wrote their own implementation. And even in the same program, different programmers seem to have created 2 different ways of saying it. There actually is a de-facto published way of saying null now, but it presumably wasn’t accepted when the programmers wrote the original implementation of XMLRPC. And changing it now, means everyone else who got used to WordPress’s odd original dialect, will get confused with it’s suddenly formal grammar. (There are ways of working around this, which WordPress hasn’t implemented yet, probably no one needs it yet, which is to ask which version of the language it speaks?) I’ve seen the idea “No thumbnail for this post” expressed as:
<value><array><data></data></array></value>
Or “No image metadata was found in this picture” as
<value><string></string></value>
Neither the post_thumbnail are defined as an array, nor the image metadata defined as string. Both are a complex datatype called a struct. You might think it’s obviously best specified as
<value></value>
Some might say, this might mean the programmer left out a line of code, and null should be explicitly stated. But since grammar or word for absence of value was never actually stated, it seems that the WordPress programmers took a few liberties. And if you, a smart programmer who knows PHP, wanted to fix it in his own site’s WordPress to use the more complete but later grammar, every program that he buys or uses, the programmer who wrote that other program, when it sees a WordPress “clone”, expects to talk in it’s odd dialect, and not in the correct and specified grammar that you corrected. But in software engineering, when improving a product, this is often a feature called “backward compatible”. You want to know what that means for a programmer? Rewrite xmlrpc.php so it unambiguously accepts both versions of the XMLRPC grammar. (But if no one uses the new grammar, why did you rewrite it?)
The RPC part of XMLRPC is a generic term for making a communication to API’s available on different machines (or processes) called Remote Procedure Call. The XML part is a type of very simple but verbose grammar. But saying XML-RPC specification is the only way to combine XML and RPC technology, is like saying Taco-Bell is the only place that makes tacos. It’s just a tradename for a specific grammar combination building on top of the rules of XML. Another is a SOAP, which is much more complete way to express ideas, but chock full of more jargon you have to sort thru to fully understand. However, this more complete way of expressing ideas, allows for less miscommunication in what a phrase means, and therefore it is used much more. The phrase “Web Services” used to be almost all implemented in SOAP. Later in REST. Until Google started publishing Web Services, that is (which seems to be predicated on the idea of being immediately verifiable on a web browser).
XML is a known grammar. And almost every language software package has a parser to read it, and tell you if it’s valid, and to pick out data from it, from the structure. These are known either as XML Dom Documents or Xml Sax Parsers. If you were to use an analogy using English grammar, you could write a program take a list of words and answer “Is this a sentence with subject and predicate”, and then tell it to “give me the subject, give me predicate, separately”. That is the power of XML grammar.
However, almost no language software packages have a XMLRPC reader built in. That is bc it is not very widespread in use. But XML-RPC’s biggest advantage is that it is intuitively simple to understand once you see a message.
<?xml version="1.0"?>
<methodCall>
<methodName>wp.getPosts</methodName>
<params>
<param>
<value>
<i4>116793254</i4>
</value>
</param>
<param>
<value>
<string>hello</string>
</value>
</param>
<param>
<value>
<string>world</string>
</value>
</param>
<param>
<value>
<struct>
<member>
<name>post_type</name>
<value>
<string>post</string>
</value>
</member>
<member>
<name>post_status</name>
<value>
<string>publish</string>
</value>
</member>
<member>
<name>number</name>
<value>
<i4>25</i4>
</value>
</member>
<member>
<name>offset</name>
<value>
<i4>0</i4>
</value>
</member>
<member>
<name>orderby</name>
<value>
<string>date</string>
</value>
</member>
<member>
<name>order</name>
<value>
<string>desc</string>
</value>
</member>
</struct>
</value>
</param>
<param>
<value>
<array>
<data>
<value>
<string>post_id</string>
</value>
<value>
<string>post_title</string>
</value>
<value>
<string>post_date</string>
</value>
<value>
<string>post_date_gmt</string>
</value>
<value>
<string>post_modified</string>
</value>
<value>
<string>post_modified_gmt</string>
</value>
<value>
<string>post_status</string>
</value>
<value>
<string>post_type</string>
</value>
<value>
<string>post_format</string>
</value>
<value>
<string>post_name</string>
</value>
<value>
<string>post_author</string>
</value>
<value>
<string>post_password</string>
</value>
<value>
<string>post_excerpt</string>
</value>
<value>
<string>post_content</string>
</value>
<value>
<string>post_parent</string>
</value>
<value>
<string>post_mime_type</string>
</value>
<value>
<string>link</string>
</value>
<value>
<string>guid</string>
</value>
<value>
<string>menu_order</string>
</value>
<value>
<string>comment_status</string>
</value>
<value>
<string>ping_status</string>
</value>
<value>
<string>sticky</string>
</value>
<value>
<string>post_thumbnail</string>
</value>
<value>
<string>terms</string>
</value>
<value>
<string>custom_fields</string>
</value>
<value>
<string>enclosure</string>
</value>
</data>
</array>
</value>
</param>
</params>
</methodCall>
<?xml version="1.0" encoding="UTF-8"?>
<methodResponse>
<params>
<param>
<value>
<array><data>
<value><struct>
<member><name>post_id</name><value><string>20</string></value></member>
<member><name>post_title</name><value><string>Hi</string></value></member>
<member><name>post_date</name><value><dateTime.iso8601>20160916T18:59:55</dateTime.iso8601></value></member>
<member><name>post_date_gmt</name><value><dateTime.iso8601>20160916T18:59:55</dateTime.iso8601></value></member>
<member><name>post_modified</name><value><dateTime.iso8601>20160916T18:59:55</dateTime.iso8601></value></member>
<member><name>post_modified_gmt</name><value><dateTime.iso8601>20160916T18:59:55</dateTime.iso8601></value></member>
<member><name>post_status</name><value><string>publish</string></value></member>
<member><name>post_type</name><value><string>post</string></value></member>
<member><name>post_name</name><value><string>hi</string></value></member>
<member><name>post_author</name><value><string>91167288</string></value></member>
<member><name>post_password</name><value><string></string></value></member>
<member><name>post_excerpt</name><value><string></string></value></member>
<member><name>post_content</name><value><string>"helloworld"</string></value></member>
<member><name>post_parent</name><value><string>0</string></value></member>
<member><name>post_mime_type</name><value><string></string></value></member>
<member><name>link</name><value><string>https://notinkansassite.wordpress.com/2016/09/16/hi/</string></value></member>
<member><name>guid</name><value><string>https://notinkansassite.wordpress.com/?p=20</string></value></member>
<member><name>menu_order</name><value><int>0</int></value></member>
<member><name>comment_status</name><value><string>open</string></value></member>
<member><name>ping_status</name><value><string>open</string></value></member>
<member><name>sticky</name><value><boolean>0</boolean></value></member>
<member><name>post_thumbnail</name><value><array><data>
</data></array></value></member>
<member><name>post_format</name><value><string>standard</string></value></member>
<member><name>terms</name><value><array><data>
<value><struct>
<member><name>term_id</name><value><string>1</string></value></member>
<member><name>name</name><value><string>Uncategorized</string></value></member>
<member><name>slug</name><value><string>uncategorized</string></value></member>
<member><name>term_group</name><value><string>0</string></value></member>
<member><name>term_taxonomy_id</name><value><string>1</string></value></member>
<member><name>taxonomy</name><value><string>category</string></value></member>
<member><name>description</name><value><string></string></value></member>
<member><name>parent</name><value><string>0</string></value></member>
<member><name>count</name><value><int>2</int></value></member>
<member><name>filter</name><value><string>raw</string></value></member>
</struct></value>
</data></array></value></member>
<member><name>custom_fields</name><value><array><data>
<value><struct>
<member><name>id</name><value><string>94</string></value></member>
<member><name>key</name><value><string>jabber_published</string></value></member>
<member><name>value</name><value><string>1474052397</string></value></member>
</struct></value>
</data></array></value></member>
<member><name>enclosure</name><value><array><data>
</data></array></value></member>
<member><name>short_url</name><value><string>https://wp.me/s7U3ga-hi</string></value></member>
</struct></value>
<value><struct>
<member><name>post_id</name><value><string>6</string></value></member>
<member><name>post_title</name><value><string>First blog post</string></value></member>
<member><name>post_date</name><value><dateTime.iso8601>20160916T00:15:26</dateTime.iso8601></value></member>
<member><name>post_date_gmt</name><value><dateTime.iso8601>20160916T00:15:26</dateTime.iso8601></value></member>
<member><name>post_modified</name><value><dateTime.iso8601>20160916T00:20:31</dateTime.iso8601></value></member>
<member><name>post_modified_gmt</name><value><dateTime.iso8601>20160916T00:20:31</dateTime.iso8601></value></member>
<member><name>post_status</name><value><string>publish</string></value></member>
<member><name>post_type</name><value><string>post</string></value></member>
<member><name>post_name</name><value><string>first-blog-post</string></value></member>
<member><name>post_author</name><value><string>91167288</string></value></member>
<member><name>post_password</name><value><string></string></value></member>
<member><name>post_excerpt</name><value><string>This is the excerpt for your very first post.</string></value></member>
<member><name>post_content</name><value><string>This is your very first post. Click the Edit link to modify or delete it, or <a href="https://wordpress.com/post">start a new post</a>. If you like, use this post to tell readers why you started this blog and what you plan to do with it.</string></value></member>
<member><name>post_parent</name><value><string>0</string></value></member>
<member><name>post_mime_type</name><value><string></string></value></member>
<member><name>link</name><value><string>https://notinkansassite.wordpress.com/2016/09/16/first-blog-post/</string></value></member>
<member><name>guid</name><value><string>https://notinkansassite.wordpress.com/?p=6</string></value></member>
<member><name>menu_order</name><value><int>0</int></value></member>
<member><name>comment_status</name><value><string>open</string></value></member>
<member><name>ping_status</name><value><string>open</string></value></member>
<member><name>sticky</name><value><boolean>0</boolean></value></member>
<member><name>post_thumbnail</name><value><struct>
<member><name>attachment_id</name><value><string>19</string></value></member>
<member><name>date_created_gmt</name><value><dateTime.iso8601>20160916T00:20:33</dateTime.iso8601></value></member>
<member><name>parent</name><value><int>6</int></value></member>
<member><name>link</name><value><string>https://notinkansassite.files.wordpress.com/2016/09/downloa8d.jpg</string></value></member>
<member><name>title</name><value><string>Placeholder Image</string></value></member>
<member><name>caption</name><value><string></string></value></member>
<member><name>description</name><value><string></string></value></member>
<member><name>metadata</name><value><struct>
<member><name>width</name><value><int>1600</int></value></member>
<member><name>height</name><value><int>1067</int></value></member>
<member><name>file</name><value><string>/home/wpcom/public_html/wp-content/blogs.dir/896/116793254/files/2016/09/downloa8d.jpg</string></value></member>
<member><name>sizes</name><value><array><data>
</data></array></value></member>
<member><name>image_meta</name><value><struct>
<member><name>aperture</name><value><string>0</string></value></member>
<member><name>credit</name><value><string></string></value></member>
<member><name>camera</name><value><string></string></value></member>
<member><name>caption</name><value><string></string></value></member>
<member><name>created_timestamp</name><value><string>0</string></value></member>
<member><name>copyright</name><value><string></string></value></member>
<member><name>focal_length</name><value><string>0</string></value></member>
<member><name>iso</name><value><string>0</string></value></member>
<member><name>shutter_speed</name><value><string>0</string></value></member>
<member><name>title</name><value><string></string></value></member>
<member><name>orientation</name><value><string>0</string></value></member>
<member><name>keywords</name><value><array><data>
</data></array></value></member>
</struct></value></member>
<member><name>filesize</name><value><int>178063</int></value></member>
</struct></value></member>
<member><name>type</name><value><string>image/jpeg</string></value></member>
<member><name>thumbnail</name><value><string>https://notinkansassite.files.wordpress.com/2016/09/downloa8d.jpg?w=150</string></value></member>
</struct></value></member>
<member><name>post_format</name><value><string>standard</string></value></member>
<member><name>terms</name><value><array><data>
<value><struct>
<member><name>term_id</name><value><string>1</string></value></member>
<member><name>name</name><value><string>Uncategorized</string></value></member>
<member><name>slug</name><value><string>uncategorized</string></value></member>
<member><name>term_group</name><value><string>0</string></value></member>
<member><name>term_taxonomy_id</name><value><string>1</string></value></member>
<member><name>taxonomy</name><value><string>category</string></value></member>
<member><name>description</name><value><string></string></value></member>
<member><name>parent</name><value><string>0</string></value></member>
<member><name>count</name><value><int>2</int></value></member>
<member><name>filter</name><value><string>raw</string></value></member>
</struct></value>
</data></array></value></member>
<member><name>custom_fields</name><value><array><data>
<value><struct>
<member><name>id</name><value><string>29</string></value></member>
<member><name>key</name><value><string>jabber_published</string></value></member>
<member><name>value</name><value><string>1473985231</string></value></member>
</struct></value>
<value><struct>
<member><name>id</name><value><string>21</string></value></member>
<member><name>key</name><value><string>sharing_disabled</string></value></member>
<member><name>value</name><value><string>a:1:{i:0;i:1;}</string></value></member>
</struct></value>
<value><struct>
<member><name>id</name><value><string>22</string></value></member>
<member><name>key</name><value><string>switch_like_status</string></value></member>
<member><name>value</name><value><string>a:1:{i:0;i:0;}</string></value></member>
</struct></value>
</data></array></value></member>
<member><name>enclosure</name><value><array><data>
</data></array></value></member>
<member><name>short_url</name><value><string>https://wp.me/p7U3ga-6</string></value></member>
</struct></value>
</data></array>
</value>
</param>
</params>
</methodResponse>
And therefore serves as a excellent learning tool, or where debugging a communications conversation is a maintenance reality.
You can, however, write your own XMLRPC parser that understands the XMLRPC grammar. Then, if you want to communicate with WordPress, you just need to program the phrasebook, the API. This approach is called software layering.
You know there’s ambiguity in WordPress’s version of XMLRPC grammar. You can program that in.
But now you think you have all the parts of your design? Your computer doesn’t think in XMLRPC words and grammar. What does this mean? It means you’ve taught your computer to pick out values you want, from the communications, now you need to teach it how to use it. There’s ambiguity there too. Depending on your language software package, it probably supports a different set of variable types. If you are using Microsoft’s .NET technology, it supports 16-bit integers, 32-bit integers, 64-bit integers, 32-bit floating point, 64-bit floating point, 32-bit dates, decimal values, nullable non-reference types, byte arrays on heap, and unicode strings. You can add integers but not strings. That XMLRPC conversation’s grammar is entirely encoded in a string encoding, likely UTF-8, though this is so implicit in web servers, it is often never even asked for. Your software package’s Xml reader might be able to read UTF8 strings. If it’s a Windows software package, Windows programs likes its strings represented in 32-bit Unicode. So the Xml Reader on Windows might be able to read UTF8, or it translates it to 32bit Unicode first. Then it services your request to pick out the specific parts you are requesting. If it’s a string, it’s easy to copy the string. If it’s a date, you have to program to translate a string represented in a specific format, into a 32-bit date (easy in most language packages). If it’s a number that you need to add or compare eventually, there’s a bit of a judgement call. The XMLRPC specification says it’s integers are supposed to be 32-bit signed integers and there’s a widely accepted range associated with that. But since it’s a string, you can convert the text and plug that value into a 16-bit int field if truncation isn’t a concern. Or throw it into a 64-bit field. Or even a 64-bit floating point. But there are decisions to store that data in memory for ease of use and eventually re-transmitted. And those decisions often have to made ahead of time because the bits for integers and floating point are different and therefore the conversion functions need to be selected ahead of time.
Interoperatibility is often a strategy of dealing with those ambiguities. And the better a software is designed, the better flexibility it can give you to make your adjustments.
Or Fu-git-about-it, and you can tell programmers figure out their own hacks to update the WordPress database from scratch.