Index: xmlrpc.php =================================================================== RCS file: /cvsroot/cafelog/wordpress/xmlrpc.php,v retrieving revision 1.68 diff -u -r1.68 xmlrpc.php --- xmlrpc.php 8 Jul 2004 03:50:49 -0000 1.68 +++ xmlrpc.php 4 Aug 2004 01:17:52 -0000 @@ -1296,13 +1296,96 @@ $mwnewmedia_sig = array(array($xmlrpcStruct,$xmlrpcString,$xmlrpcString,$xmlrpcString,$xmlrpcStruct)); $mwnewmedia_doc = 'Upload image or other binary data, MetaWeblog API-style (unimplemented)'; -function mwnewmedia($params) { // ($blogid, $user, $pass, $struct) - global $xmlrpcerruser; - - return new xmlrpcresp(0, $xmlrpcerruser+10, // user error 10 - 'metaWeblog.newMediaObject not implemented (yet)'); -} +/** + * MetaWeblog.newMediaObject(blogid, user, pass, {bits, name, type}) + * Added by Adam Keys (adam@trmk.org) + */ +function mwnewmedia($params) { + global $xmlrpcerruser; + + $xblogid = $params->getParam(0); + $xuser = $params->getParam(1); + $xpass = $params->getParam(2); + $struct = $params->getParam(3); + + $blogid = $xblogid->scalarval(); + $username = $xuser->scalarval(); + $password = $xpass->scalarval(); + + $upload = phpxmlrpc_decode($struct); + $name = $upload['name']; + $type = $upload['type']; + // Get bits if pre-conditions pass + + $error = false; $msg = ''; + + // Pre-conditions: the user is valid, file upload is enabled, the file's + // extension is allowed, the upload path is writable and the file is not a + // duplicate. If any of these fail, return an error + if (!user_pass_ok($username, $password)) { + $error = true; + $msg = 'Wrong username/password combination ' . + $username . ' /' . starify($password); + } + + if (!get_settings('use_fileupload')) { + $error = true; + $msg = 'File upload is not enabled'; + } + + $upload_path = get_settings('fileupload_realpath') . $name; + $path = pathinfo($upload_path); + $dir = $path['dirname']; + $filename = $path['basename']; + $extension = $path['extension']; + + $allowed_types = explode(' ', + trim(strtolower(get_settings('fileupload_allowedtypes')))); + if (!in_array(strtolower($extension), $allowed_types)) { + $error = true; + $msg = 'File of ' . $filename . ' of extension ' + . $extension . ' is not allowed'; + } + + if (!file_exists($dir)) { + $error = true; + $msg = 'Path ' . $dir . ' does not exist'; + } + if (!is_writable($dir)) { + $error = true; + $msg = 'Upload path ' . $upload_path . ' not writable'; + } + + if (file_exists($upload_path)) { + $error = true; + $msg = 'File ' . $upload_path . ' already exists. Delete this file or use the upload page to rename the old version.'; + } + + if (!$error) { + $bits = $upload['bits']; + if ($f = fopen($upload_path, 'w')) { + if (fwrite($f, $bits) === FALSE) { + $error = true; + $msg = 'Error writing file ' . $upload_path; + } else { + fclose($f); + $msg = 'Success'; + } + } else { + $error = true; + $msg = 'Error opening file ' . $upload_path; + } + } + + if (!$error) { + logIO('O', '(AKK) Wrote uploaded file ' . $upload_path); + return new xmlrpcresp(new xmlrpcval(get_settings('fileupload_url') . $name)); + } else { + logIO('O', '(AKK) ' . $msg); + return new xmlrpcresp(0, $xmlrpcerruser + 4, $msg); // user error 4 + } +} /**** /MetaWeblog API ****/