*** wordpress/xmlrpc.php Fri Jul 2 07:54:06 2004 --- wordpress-local/xmlrpc.php Fri Jul 2 07:52:25 2004 *************** *** 1624,1636 **** $mwnewmedia_sig = array(array($xmlrpcStruct,$xmlrpcString,$xmlrpcString,$xmlrpcString,$xmlrpcStruct)); ! $mwnewmedia_doc = 'Upload image or other binary data, MetaWeblog API-style (unimplemented)'; function mwnewmedia($params) { // ($blogid, $user, $pass, $struct) global $xmlrpcerruser; return new xmlrpcresp(0, $xmlrpcerruser+10, // user error 10 'metaWeblog.newMediaObject not implemented (yet)'); } --- 1631,1748 ---- $mwnewmedia_sig = array(array($xmlrpcStruct,$xmlrpcString,$xmlrpcString,$xmlrpcString,$xmlrpcStruct)); ! $mwnewmedia_doc = 'Upload image or other binary data, MetaWeblog API-style'; ! ! /* File Upload in WordPress XML-RPC ! ! ! metaWeblog.newMediaObject (blogid, username, password, struct) ! ! The blogid, username and password params are as in the Blogger API. ! ! The struct must contain at least three elements, name, type and bits. ! ! name is a string, it may be used to determine the name of the file ! that stores the object, or to display it in a list of objects. ! It determines how the weblog refers to the object. If the name is ! the same as an existing object stored in the weblog, it may replace ! the existing object. ! ! type is a string, it indicates the type of the object, it's a standard ! MIME type, like audio/mpeg or image/jpeg or video/quicktime. ! ! bits is a base64-encoded binary value containing the content of the object. ! ! The struct may contain other elements, which may or may not be stored by ! the content management system. ! ! If newMediaObject fails, it throws an error. If it succeeds, it returns ! a struct, which must contain at least one element, url, which is the url ! through which the object can be accessed. It must be either an FTP or HTTP url. ! ! */ function mwnewmedia($params) { // ($blogid, $user, $pass, $struct) global $xmlrpcerruser; + + $xblogid = $params->getParam(0); + $xuser = $params->getParam(1); + $xpass = $params->getParam(2); + $xdata = $params->getParam(3); + + $blogid = $xblogid->scalarval(); + $username = $xuser->scalarval(); + $password = $xpass->scalarval(); + $datastruct = phpxmlrpc_decode($xdata); + + $name = $datastruct['name']; + $type = $datastruct['type']; + $bits = $datastruct['bits']; + + $file_realpath = get_settings('fileupload_realpath'); + $file_url = get_settings('fileupload_url'); + + $userdata = get_userdatabylogin($username); + $userlevel = $userdata->user_level; + + if (user_pass_ok($username,$password)) { + if( !get_settings('use_fileupload')) { + // Uploads not allowed + logIO("O","(MW) Uploads not allowed"); + return new xmlrpcresp(0, $xmlrpcerruser+3, // user error 3 + 'No uploads allowed for this site'); + } + + if( get_settings('fileupload_minlevel') > $userlevel) { + // User has not enough privileges + logIO("O","(MW) Not enough privilege"); + return new xmlrpcresp(0, $xmlrpcerruser+3, // user error 3 + $username.' is not allowed to upload files to this site'); + } + + if( $file_realpath == "" || $file_url == "" ) { + // WordPress is not correctly configured + logIO("O","(MW) Bad configuration. Real/URL path not defined"); + return new xmlrpcresp(0, $xmlrpcerruser+3, // user error 3 + 'Please configure WordPress with valid paths for file upload'); + } + + $prefix = "/"; + + if( !empty($name)) { + // Create the path + $localpath = $file_realpath.$prefix.$name; + $url = $file_url.$prefix.$name; + + /* encode & write data (binary) */ + $ifp = fopen( $localpath, "wb" ); + $success = fwrite( $ifp, $bits ); + fclose( $ifp ); + chmod( $localpath, 0666 ); + + if( $success ) { + $resp = array( + 'url' => new xmlrpcval( $url ), + ); + + $resp = new xmlrpcval($resp,'struct'); + return new xmlrpcresp($resp); + } else { + return new xmlrpcresp(0, $xmlrpcerruser+3, + 'Could not write file '.$name.' to '.$localpath ); + } + } + } else { + logIO("O","(MW) Wrong username/password combination $username / $password"); + return new xmlrpcresp(0, $xmlrpcerruser+3, // user error 3 + 'Wrong username/password combination '.$username.' / '.starify($password)); + } + + /* return new xmlrpcresp(0, $xmlrpcerruser+10, // user error 10 'metaWeblog.newMediaObject not implemented (yet)'); + */ }