blogapi.module

You are here

  1. 4.6 modules/blogapi.module
  2. 4.7 modules/blogapi.module
  3. 5 modules/blogapi/blogapi.module
  4. 6 modules/blogapi/blogapi.module

Enable users to post using applications that support XML-RPC blog APIs.

Functions

Namesort descending Description
blogapi_admin_settings
blogapi_blogger_delete_post Blogging API callback. Removes the specified blog node.
blogapi_blogger_edit_post Blogging API callback. Modifies the specified blog node.
blogapi_blogger_get_post Blogging API callback. Returns a specified blog node.
blogapi_blogger_get_recent_posts Blogging API callback. Returns the latest few postings in a user's blog. $bodies TRUE <a href="http://movabletype.org/docs/mtmanual_programmatic.html#item_mt%2EgetRece... returns a bandwidth-friendly list</a>.
blogapi_blogger_get_users_blogs
blogapi_blogger_get_user_info Blogging API callback. Returns profile information about a user.
blogapi_blogger_new_post Blogging API callback. Inserts a new blog post as a node.
blogapi_blogger_title For the blogger API, extract the node title from the contents field.
blogapi_error Prepare an error message for returning to the XMLRPC caller.
blogapi_help Implementation of hook_help().
blogapi_init
blogapi_menu
blogapi_metaweblog_edit_post
blogapi_metaweblog_get_category_list Blogging API callback. Returns a list of the taxonomy terms that can be associated with a blog node.
blogapi_metaweblog_get_post
blogapi_metaweblog_get_recent_posts
blogapi_metaweblog_new_media_object Blogging API callback. Inserts a file into Drupal.
blogapi_metaweblog_new_post
blogapi_mt_get_category_list
blogapi_mt_get_post_categories Blogging API callback. Returns a list of the taxonomy terms that are assigned to a particular node.
blogapi_mt_get_recent_post_titles
blogapi_mt_publish_post Blogging API callback. Publishes the given node
blogapi_mt_set_post_categories Blogging API callback. Assigns taxonomy terms to a particular node.
blogapi_mt_supported_text_filters Blogging API callback. Sends a list of available input formats.
blogapi_mt_validate_terms Blogging API helper - find allowed taxonomy terms for a node type.
blogapi_perm Implementation of hook_perm().
blogapi_rsd
blogapi_status_error_check Check that the user has permission to save the node with the chosen status.
blogapi_validate_user Ensure that the given user has permission to edit a blog.
blogapi_xmlrpc Implementation of hook_xmlrpc().
_blogapi_get_node_types
_blogapi_get_post
_blogapi_mt_extra Handles extra information sent by clients according to MovableType's spec.
_blogapi_space_used
_blogapi_validate_blogid Validate blog ID, which maps to a content type in Drupal.

File

modules/blogapi/blogapi.module
View source
  1. <?php
  2. /**
  3. * @file
  4. * Enable users to post using applications that support XML-RPC blog APIs.
  5. */
  6. /**
  7. * Implementation of hook_help().
  8. */
  9. function blogapi_help($path, $arg) {
  10. switch ($path) {
  11. case 'admin/help#blogapi':
  12. $output = '<p>'. t("The Blog API module allows your site's users to access and post to their blogs from external blogging clients. External blogging clients are available for a wide range of desktop operating systems, and generally provide a feature-rich graphical environment for creating and editing posts.") .'</p>';
  13. $output .= '<p>'. t('<a href="@ecto-link">Ecto</a>, a blogging client available for both Mac OS X and Microsoft Windows, can be used with Blog API. Blog API also supports <a href="@blogger-api">Blogger API</a>, <a href="@metaweblog-api">MetaWeblog API</a>, and most of the <a href="@movabletype-api">Movable Type API</a>. Blogging clients and other services (e.g. <a href="@flickr">Flickr\'s</a> "post to blog") that support these APIs may also be compatible.', array('@ecto-link' => url('http://infinite-sushi.com/software/ecto/'), '@blogger-api' => url('http://www.blogger.com/developers/api/1_docs/'), '@metaweblog-api' => url('http://www.xmlrpc.com/metaWeblogApi'), '@movabletype-api' => url('http://www.movabletype.org/docs/mtmanual_programmatic.html'), '@flickr' => url('http://www.flickr.com'))) .'</p>';
  14. $output .= '<p>'. t('Select the content types available to external clients on the <a href="@blogapi-settings">Blog API settings page</a>. If supported and available, each content type will be displayed as a separate "blog" by the external client.', array('@blogapi-settings' => url('admin/settings/blogapi'))) .'</p>';
  15. $output .= '<p>'. t('For more information, see the online handbook entry for <a href="@blogapi">Blog API module</a>.', array('@blogapi' => url('http://drupal.org/handbook/modules/blogapi/'))) .'</p>';
  16. return $output;
  17. }
  18. }
  19. /**
  20. * Implementation of hook_perm().
  21. */
  22. function blogapi_perm() {
  23. return array('administer content with blog api');
  24. }
  25. /**
  26. * Implementation of hook_xmlrpc().
  27. */
  28. function blogapi_xmlrpc() {
  29. return array(
  30. array(
  31. 'blogger.getUsersBlogs',
  32. 'blogapi_blogger_get_users_blogs',
  33. array('array', 'string', 'string', 'string'),
  34. t('Returns a list of blogs to which an author has posting privileges.')),
  35. array(
  36. 'blogger.getUserInfo',
  37. 'blogapi_blogger_get_user_info',
  38. array('struct', 'string', 'string', 'string'),
  39. t('Returns information about an author in the system.')),
  40. array(
  41. 'blogger.newPost',
  42. 'blogapi_blogger_new_post',
  43. array('string', 'string', 'string', 'string', 'string', 'string', 'boolean'),
  44. t('Creates a new post, and optionally publishes it.')),
  45. array(
  46. 'blogger.editPost',
  47. 'blogapi_blogger_edit_post',
  48. array('boolean', 'string', 'string', 'string', 'string', 'string', 'boolean'),
  49. t('Updates the information about an existing post.')),
  50. array(
  51. 'blogger.getPost',
  52. 'blogapi_blogger_get_post',
  53. array('struct', 'string', 'string', 'string', 'string'),
  54. t('Returns information about a specific post.')),
  55. array(
  56. 'blogger.deletePost',
  57. 'blogapi_blogger_delete_post',
  58. array('boolean', 'string', 'string', 'string', 'string', 'boolean'),
  59. t('Deletes a post.')),
  60. array(
  61. 'blogger.getRecentPosts',
  62. 'blogapi_blogger_get_recent_posts',
  63. array('array', 'string', 'string', 'string', 'string', 'int'),
  64. t('Returns a list of the most recent posts in the system.')),
  65. array(
  66. 'metaWeblog.newPost',
  67. 'blogapi_metaweblog_new_post',
  68. array('string', 'string', 'string', 'string', 'struct', 'boolean'),
  69. t('Creates a new post, and optionally publishes it.')),
  70. array(
  71. 'metaWeblog.editPost',
  72. 'blogapi_metaweblog_edit_post',
  73. array('boolean', 'string', 'string', 'string', 'struct', 'boolean'),
  74. t('Updates information about an existing post.')),
  75. array(
  76. 'metaWeblog.getPost',
  77. 'blogapi_metaweblog_get_post',
  78. array('struct', 'string', 'string', 'string'),
  79. t('Returns information about a specific post.')),
  80. array(
  81. 'metaWeblog.newMediaObject',
  82. 'blogapi_metaweblog_new_media_object',
  83. array('string', 'string', 'string', 'string', 'struct'),
  84. t('Uploads a file to your webserver.')),
  85. array(
  86. 'metaWeblog.getCategories',
  87. 'blogapi_metaweblog_get_category_list',
  88. array('struct', 'string', 'string', 'string'),
  89. t('Returns a list of all categories to which the post is assigned.')),
  90. array(
  91. 'metaWeblog.getRecentPosts',
  92. 'blogapi_metaweblog_get_recent_posts',
  93. array('array', 'string', 'string', 'string', 'int'),
  94. t('Returns a list of the most recent posts in the system.')),
  95. array(
  96. 'mt.getRecentPostTitles',
  97. 'blogapi_mt_get_recent_post_titles',
  98. array('array', 'string', 'string', 'string', 'int'),
  99. t('Returns a bandwidth-friendly list of the most recent posts in the system.')),
  100. array(
  101. 'mt.getCategoryList',
  102. 'blogapi_mt_get_category_list',
  103. array('array', 'string', 'string', 'string'),
  104. t('Returns a list of all categories defined in the blog.')),
  105. array(
  106. 'mt.getPostCategories',
  107. 'blogapi_mt_get_post_categories',
  108. array('array', 'string', 'string', 'string'),
  109. t('Returns a list of all categories to which the post is assigned.')),
  110. array(
  111. 'mt.setPostCategories',
  112. 'blogapi_mt_set_post_categories',
  113. array('boolean', 'string', 'string', 'string', 'array'),
  114. t('Sets the categories for a post.')),
  115. array(
  116. 'mt.supportedMethods',
  117. 'xmlrpc_server_list_methods',
  118. array('array'),
  119. t('Retrieve information about the XML-RPC methods supported by the server.')),
  120. array(
  121. 'mt.supportedTextFilters',
  122. 'blogapi_mt_supported_text_filters',
  123. array('array'),
  124. t('Retrieve information about the text formatting plugins supported by the server.')),
  125. array(
  126. 'mt.publishPost',
  127. 'blogapi_mt_publish_post',
  128. array('boolean', 'string', 'string', 'string'),
  129. t('Publish (rebuild) all of the static files related to an entry from your blog. Equivalent to saving an entry in the system (but without the ping).')));
  130. }
  131. /**
  132. * Blogging API callback. Finds the URL of a user's blog.
  133. */
  134. function blogapi_blogger_get_users_blogs($appid, $username, $password) {
  135. $user = blogapi_validate_user($username, $password);
  136. if ($user->uid) {
  137. $types = _blogapi_get_node_types();
  138. $structs = array();
  139. foreach ($types as $type) {
  140. $structs[] = array('url' => url('blog/'. $user->uid, array('absolute' => TRUE)), 'blogid' => $type, 'blogName' => $user->name .": ". $type);
  141. }
  142. return $structs;
  143. }
  144. else {
  145. return blogapi_error($user);
  146. }
  147. }
  148. /**
  149. * Blogging API callback. Returns profile information about a user.
  150. */
  151. function blogapi_blogger_get_user_info($appkey, $username, $password) {
  152. $user = blogapi_validate_user($username, $password);
  153. if ($user->uid) {
  154. $name = explode(' ', $user->realname ? $user->realname : $user->name, 2);
  155. return array(
  156. 'userid' => $user->uid,
  157. 'lastname' => $name[1],
  158. 'firstname' => $name[0],
  159. 'nickname' => $user->name,
  160. 'email' => $user->mail,
  161. 'url' => url('blog/'. $user->uid, array('absolute' => TRUE)));
  162. }
  163. else {
  164. return blogapi_error($user);
  165. }
  166. }
  167. /**
  168. * Blogging API callback. Inserts a new blog post as a node.
  169. */
  170. function blogapi_blogger_new_post($appkey, $blogid, $username, $password, $content, $publish) {
  171. $user = blogapi_validate_user($username, $password);
  172. if (!$user->uid) {
  173. return blogapi_error($user);
  174. }
  175. if (($error = _blogapi_validate_blogid($blogid)) !== TRUE) {
  176. // Return an error if not configured type.
  177. return $error;
  178. }
  179. $edit = array();
  180. $edit['type'] = $blogid;
  181. // get the node type defaults
  182. $node_type_default = variable_get('node_options_'. $edit['type'], array('status', 'promote'));
  183. $edit['uid'] = $user->uid;
  184. $edit['name'] = $user->name;
  185. $edit['promote'] = in_array('promote', $node_type_default);
  186. $edit['comment'] = variable_get('comment_'. $edit['type'], 2);
  187. $edit['revision'] = in_array('revision', $node_type_default);
  188. $edit['format'] = FILTER_FORMAT_DEFAULT;
  189. $edit['status'] = $publish;
  190. // check for bloggerAPI vs. metaWeblogAPI
  191. if (is_array($content)) {
  192. $edit['title'] = $content['title'];
  193. $edit['body'] = $content['description'];
  194. _blogapi_mt_extra($edit, $content);
  195. }
  196. else {
  197. $edit['title'] = blogapi_blogger_title($content);
  198. $edit['body'] = $content;
  199. }
  200. if (!node_access('create', $edit['type'])) {
  201. return blogapi_error(t('You do not have permission to create this type of post.'));
  202. }
  203. if (user_access('administer nodes') && !isset($edit['date'])) {
  204. $edit['date'] = format_date(time(), 'custom', 'Y-m-d H:i:s O');
  205. }
  206. node_invoke_nodeapi($edit, 'blogapi new');
  207. $valid = blogapi_status_error_check($edit, $publish);
  208. if ($valid !== TRUE) {
  209. return $valid;
  210. }
  211. node_validate($edit);
  212. if ($errors = form_get_errors()) {
  213. return blogapi_error(implode("\n", $errors));
  214. }
  215. $node = node_submit($edit);
  216. node_save($node);
  217. if ($node->nid) {
  218. watchdog('content', '@type: added %title using blog API.', array('@type' => $node->type, '%title' => $node->title), WATCHDOG_NOTICE, l(t('view'), "node/$node->nid"));
  219. // blogger.newPost returns a string so we cast the nid to a string by putting it in double quotes:
  220. return "$node->nid";
  221. }
  222. return blogapi_error(t('Error storing post.'));
  223. }
  224. /**
  225. * Blogging API callback. Modifies the specified blog node.
  226. */
  227. function blogapi_blogger_edit_post($appkey, $postid, $username, $password, $content, $publish) {
  228. $user = blogapi_validate_user($username, $password);
  229. if (!$user->uid) {
  230. return blogapi_error($user);
  231. }
  232. $node = node_load($postid);
  233. if (!$node) {
  234. return blogapi_error(t('n/a'));
  235. }
  236. // Let the teaser be re-generated.
  237. unset($node->teaser);
  238. if (!node_access('update', $node)) {
  239. return blogapi_error(t('You do not have permission to update this post.'));
  240. }
  241. // Save the original status for validation of permissions.
  242. $original_status = $node->status;
  243. $node->status = $publish;
  244. // check for bloggerAPI vs. metaWeblogAPI
  245. if (is_array($content)) {
  246. $node->title = $content['title'];
  247. $node->body = $content['description'];
  248. _blogapi_mt_extra($node, $content);
  249. }
  250. else {
  251. $node->title = blogapi_blogger_title($content);
  252. $node->body = $content;
  253. }
  254. node_invoke_nodeapi($node, 'blogapi edit');
  255. $valid = blogapi_status_error_check($node, $original_status);
  256. if ($valid !== TRUE) {
  257. return $valid;
  258. }
  259. node_validate($node);
  260. if ($errors = form_get_errors()) {
  261. return blogapi_error(implode("\n", $errors));
  262. }
  263. if (user_access('administer nodes') && !isset($edit['date'])) {
  264. $node->date = format_date($node->created, 'custom', 'Y-m-d H:i:s O');
  265. }
  266. $node = node_submit($node);
  267. node_save($node);
  268. if ($node->nid) {
  269. watchdog('content', '@type: updated %title using Blog API.', array('@type' => $node->type, '%title' => $node->title), WATCHDOG_NOTICE, l(t('view'), "node/$node->nid"));
  270. return TRUE;
  271. }
  272. return blogapi_error(t('Error storing post.'));
  273. }
  274. /**
  275. * Blogging API callback. Returns a specified blog node.
  276. */
  277. function blogapi_blogger_get_post($appkey, $postid, $username, $password) {
  278. $user = blogapi_validate_user($username, $password);
  279. if (!$user->uid) {
  280. return blogapi_error($user);
  281. }
  282. $node = node_load($postid);
  283. return _blogapi_get_post($node, TRUE);
  284. }
  285. /**
  286. * Check that the user has permission to save the node with the chosen status.
  287. *
  288. * @return
  289. * TRUE if no error, or the blogapi_error().
  290. */
  291. function blogapi_status_error_check($node, $original_status) {
  292. $node = (object) $node;
  293. $node_type_default = variable_get('node_options_'. $node->type, array('status', 'promote'));
  294. // If we don't have the 'administer nodes' permission and the status is
  295. // changing or for a new node the status is not the content type's default,
  296. // then return an error.
  297. if (!user_access('administer nodes') && (($node->status != $original_status) || (empty($node->nid) && $node->status != in_array('status', $node_type_default)))) {
  298. if ($node->status) {
  299. return blogapi_error(t('You do not have permission to publish this type of post. Please save it as a draft instead.'));
  300. }
  301. else {
  302. return blogapi_error(t('You do not have permission to save this post as a draft. Please publish it instead.'));
  303. }
  304. }
  305. return TRUE;
  306. }
  307. /**
  308. * Blogging API callback. Removes the specified blog node.
  309. */
  310. function blogapi_blogger_delete_post($appkey, $postid, $username, $password, $publish) {
  311. $user = blogapi_validate_user($username, $password);
  312. if (!$user->uid) {
  313. return blogapi_error($user);
  314. }
  315. node_delete($postid);
  316. return TRUE;
  317. }
  318. /**
  319. * Blogging API callback. Returns the latest few postings in a user's blog. $bodies TRUE
  320. * <a href="http://movabletype.org/docs/mtmanual_programmatic.html#item_mt%2EgetRecentPostTitles">
  321. * returns a bandwidth-friendly list</a>.
  322. */
  323. function blogapi_blogger_get_recent_posts($appkey, $blogid, $username, $password, $number_of_posts, $bodies = TRUE) {
  324. // Remove unused appkey (from bloggerAPI).
  325. $user = blogapi_validate_user($username, $password);
  326. if (!$user->uid) {
  327. return blogapi_error($user);
  328. }
  329. if (($error = _blogapi_validate_blogid($blogid)) !== TRUE) {
  330. // Return an error if not configured type.
  331. return $error;
  332. }
  333. if ($bodies) {
  334. $result = db_query_range("SELECT n.nid, n.title, r.body, r.format, n.comment, n.created, u.name FROM {node} n, {node_revisions} r, {users} u WHERE n.uid = u.uid AND n.vid = r.vid AND n.type = '%s' AND n.uid = %d ORDER BY n.created DESC", $blogid, $user->uid, 0, $number_of_posts);
  335. }
  336. else {
  337. $result = db_query_range("SELECT n.nid, n.title, n.created, u.name FROM {node} n, {users} u WHERE n.uid = u.uid AND n.type = '%s' AND n.uid = %d ORDER BY n.created DESC", $blogid, $user->uid, 0, $number_of_posts);
  338. }
  339. $blogs = array();
  340. while ($blog = db_fetch_object($result)) {
  341. $blogs[] = _blogapi_get_post($blog, $bodies);
  342. }
  343. return $blogs;
  344. }
  345. function blogapi_metaweblog_new_post($blogid, $username, $password, $content, $publish) {
  346. return blogapi_blogger_new_post('0123456789ABCDEF', $blogid, $username, $password, $content, $publish);
  347. }
  348. function blogapi_metaweblog_edit_post($postid, $username, $password, $content, $publish) {
  349. return blogapi_blogger_edit_post('0123456789ABCDEF', $postid, $username, $password, $content, $publish);
  350. }
  351. function blogapi_metaweblog_get_post($postid, $username, $password) {
  352. return blogapi_blogger_get_post('01234567890ABCDEF', $postid, $username, $password);
  353. }
  354. /**
  355. * Blogging API callback. Inserts a file into Drupal.
  356. */
  357. function blogapi_metaweblog_new_media_object($blogid, $username, $password, $file) {
  358. $user = blogapi_validate_user($username, $password);
  359. if (!$user->uid) {
  360. return blogapi_error($user);
  361. }
  362. $usersize = 0;
  363. $uploadsize = 0;
  364. $roles = array_intersect(user_roles(FALSE, 'administer content with blog api'), $user->roles);
  365. foreach ($roles as $rid => $name) {
  366. $extensions .= ' '. strtolower(variable_get("blogapi_extensions_$rid", variable_get('blogapi_extensions_default', 'jpg jpeg gif png txt doc xls pdf ppt pps odt ods odp')));
  367. $usersize= max($usersize, variable_get("blogapi_usersize_$rid", variable_get('blogapi_usersize_default', 1)) * 1024 * 1024);
  368. $uploadsize = max($uploadsize, variable_get("blogapi_uploadsize_$rid", variable_get('blogapi_uploadsize_default', 1)) * 1024 * 1024);
  369. }
  370. $filesize = strlen($file['bits']);
  371. if ($filesize > $uploadsize) {
  372. return blogapi_error(t('It is not possible to upload the file, because it exceeded the maximum filesize of @maxsize.', array('@maxsize' => format_size($uploadsize))));
  373. }
  374. if (_blogapi_space_used($user->uid) + $filesize > $usersize) {
  375. return blogapi_error(t('The file can not be attached to this post, because the disk quota of @quota has been reached.', array('@quota' => format_size($usersize))));
  376. }
  377. // Only allow files with whitelisted extensions and convert remaining dots to
  378. // underscores to prevent attacks via non-terminal executable extensions with
  379. // files such as exploit.php.jpg.
  380. $whitelist = array_unique(explode(' ', trim($extensions)));
  381. $name = basename($file['name']);
  382. if ($extension_position = strrpos($name, '.')) {
  383. $filename = drupal_substr($name, 0, $extension_position);
  384. $final_extension = drupal_substr($name, $extension_position + 1);
  385. if (!in_array(strtolower($final_extension), $whitelist)) {
  386. return blogapi_error(t('It is not possible to upload the file, because it is only possible to upload files with the following extensions: @extensions', array('@extensions' => implode(' ', $whitelist))));
  387. }
  388. $filename = str_replace('.', '_', $filename);
  389. $filename .= '.'. $final_extension;
  390. }
  391. $data = $file['bits'];
  392. if (!$data) {
  393. return blogapi_error(t('No file sent.'));
  394. }
  395. if (!$file = file_save_data($data, $filename)) {
  396. return blogapi_error(t('Error storing file.'));
  397. }
  398. $row = new stdClass();
  399. $row->uid = $user->uid;
  400. $row->filepath = $file;
  401. $row->filesize = $filesize;
  402. drupal_write_record('blogapi_files', $row);
  403. // Return the successful result.
  404. return array('url' => file_create_url($file), 'struct');
  405. }
  406. /**
  407. * Blogging API callback. Returns a list of the taxonomy terms that can be
  408. * associated with a blog node.
  409. */
  410. function blogapi_metaweblog_get_category_list($blogid, $username, $password) {
  411. $user = blogapi_validate_user($username, $password);
  412. if (!$user->uid) {
  413. return blogapi_error($user);
  414. }
  415. if (($error = _blogapi_validate_blogid($blogid)) !== TRUE) {
  416. // Return an error if not configured type.
  417. return $error;
  418. }
  419. $vocabularies = module_invoke('taxonomy', 'get_vocabularies', $blogid, 'vid');
  420. $categories = array();
  421. if ($vocabularies) {
  422. foreach ($vocabularies as $vocabulary) {
  423. $terms = module_invoke('taxonomy', 'get_tree', $vocabulary->vid, 0, -1);
  424. foreach ($terms as $term) {
  425. $term_name = $term->name;
  426. foreach (module_invoke('taxonomy', 'get_parents', $term->tid, 'tid') as $parent) {
  427. $term_name = $parent->name .'/'. $term_name;
  428. }
  429. $categories[] = array('categoryName' => $term_name, 'categoryId' => $term->tid);
  430. }
  431. }
  432. }
  433. return $categories;
  434. }
  435. function blogapi_metaweblog_get_recent_posts($blogid, $username, $password, $number_of_posts) {
  436. return blogapi_blogger_get_recent_posts('0123456789ABCDEF', $blogid, $username, $password, $number_of_posts, TRUE);
  437. }
  438. function blogapi_mt_get_recent_post_titles($blogid, $username, $password, $number_of_posts) {
  439. return blogapi_blogger_get_recent_posts('0123456789ABCDEF', $blogid, $username, $password, $number_of_posts, FALSE);
  440. }
  441. function blogapi_mt_get_category_list($blogid, $username, $password) {
  442. return blogapi_metaweblog_get_category_list($blogid, $username, $password);
  443. }
  444. /**
  445. * Blogging API callback. Returns a list of the taxonomy terms that are
  446. * assigned to a particular node.
  447. */
  448. function blogapi_mt_get_post_categories($postid, $username, $password) {
  449. $user = blogapi_validate_user($username, $password);
  450. if (!$user->uid) {
  451. return blogapi_error($user);
  452. }
  453. $node = node_load($postid);
  454. $terms = module_invoke('taxonomy', 'node_get_terms', $node, 'tid');
  455. $categories = array();
  456. foreach ($terms as $term) {
  457. $term_name = $term->name;
  458. foreach (module_invoke('taxonomy', 'get_parents', $term->tid, 'tid') as $parent) {
  459. $term_name = $parent->name .'/'. $term_name;
  460. }
  461. $categories[] = array('categoryName' => $term_name, 'categoryId' => $term->tid, 'isPrimary' => TRUE);
  462. }
  463. return $categories;
  464. }
  465. /**
  466. * Blogging API callback. Assigns taxonomy terms to a particular node.
  467. */
  468. function blogapi_mt_set_post_categories($postid, $username, $password, $categories) {
  469. $user = blogapi_validate_user($username, $password);
  470. if (!$user->uid) {
  471. return blogapi_error($user);
  472. }
  473. $node = node_load($postid);
  474. $node->taxonomy = array();
  475. foreach ($categories as $category) {
  476. $node->taxonomy[] = $category['categoryId'];
  477. }
  478. $validated = blogapi_mt_validate_terms($node);
  479. if ($validated !== TRUE) {
  480. return $validated;
  481. }
  482. node_save($node);
  483. return TRUE;
  484. }
  485. /**
  486. * Blogging API helper - find allowed taxonomy terms for a node type.
  487. */
  488. function blogapi_mt_validate_terms($node) {
  489. // We do a lot of heavy lifting here since taxonomy module doesn't have a
  490. // stand-alone validation function.
  491. if (module_exists('taxonomy')) {
  492. $found_terms = array();
  493. if (!empty($node->taxonomy)) {
  494. $term_list = array_unique($node->taxonomy);
  495. $params = $term_list;
  496. $params[] = $node->type;
  497. $result = db_query(db_rewrite_sql("SELECT t.tid, t.vid FROM {term_data} t INNER JOIN {vocabulary_node_types} n ON t.vid = n.vid WHERE t.tid IN (". db_placeholders($term_list) .") AND n.type = '%s'", 't', 'tid'), $params);
  498. $found_terms = array();
  499. $found_count = 0;
  500. while ($term = db_fetch_object($result)) {
  501. $found_terms[$term->vid][$term->tid] = $term->tid;
  502. $found_count++;
  503. }
  504. // If the counts don't match, some terms are invalid or not accessible to this user.
  505. if (count($term_list) != $found_count) {
  506. return blogapi_error(t('Invalid categories submitted.'));
  507. }
  508. }
  509. // Look up all the vocabularies for this node type.
  510. $result2 = db_query(db_rewrite_sql("SELECT v.vid, v.name, v.required, v.multiple FROM {vocabulary} v INNER JOIN {vocabulary_node_types} n ON v.vid = n.vid WHERE n.type = '%s'", 'v', 'vid'), $node->type);
  511. // Check each vocabulary associated with this node type.
  512. while ($vocabulary = db_fetch_object($result2)) {
  513. // Required vocabularies must have at least one term.
  514. if ($vocabulary->required && empty($found_terms[$vocabulary->vid])) {
  515. return blogapi_error(t('A category from the @vocabulary_name vocabulary is required.', array('@vocabulary_name' => $vocabulary->name)));
  516. }
  517. // Vocabularies that don't allow multiple terms may have at most one.
  518. if (!($vocabulary->multiple) && (isset($found_terms[$vocabulary->vid]) && count($found_terms[$vocabulary->vid]) > 1)) {
  519. return blogapi_error(t('You may only choose one category from the @vocabulary_name vocabulary.'), array('@vocabulary_name' => $vocabulary->name));
  520. }
  521. }
  522. }
  523. elseif (!empty($node->taxonomy)) {
  524. return blogapi_error(t('Error saving categories. This feature is not available.'));
  525. }
  526. return TRUE;
  527. }
  528. /**
  529. * Blogging API callback. Sends a list of available input formats.
  530. */
  531. function blogapi_mt_supported_text_filters() {
  532. // NOTE: we're only using anonymous' formats because the MT spec
  533. // does not allow for per-user formats.
  534. $formats = filter_formats();
  535. $filters = array();
  536. foreach ($formats as $format) {
  537. $filter['key'] = $format->format;
  538. $filter['label'] = $format->name;
  539. $filters[] = $filter;
  540. }
  541. return $filters;
  542. }
  543. /**
  544. * Blogging API callback. Publishes the given node
  545. */
  546. function blogapi_mt_publish_post($postid, $username, $password) {
  547. $user = blogapi_validate_user($username, $password);
  548. if (!$user->uid) {
  549. return blogapi_error($user);
  550. }
  551. $node = node_load($postid);
  552. if (!$node) {
  553. return blogapi_error(t('Invalid post.'));
  554. }
  555. // Nothing needs to be done if already published.
  556. if ($node->status) {
  557. return;
  558. }
  559. if (!node_access('update', $node) || !user_access('administer nodes')) {
  560. return blogapi_error(t('You do not have permission to update this post.'));
  561. }
  562. $node->status = 1;
  563. node_save($node);
  564. return TRUE;
  565. }
  566. /**
  567. * Prepare an error message for returning to the XMLRPC caller.
  568. */
  569. function blogapi_error($message) {
  570. static $xmlrpcusererr;
  571. if (!is_array($message)) {
  572. $message = array($message);
  573. }
  574. $message = implode(' ', $message);
  575. return xmlrpc_error($xmlrpcusererr + 1, strip_tags($message));
  576. }
  577. /**
  578. * Ensure that the given user has permission to edit a blog.
  579. */
  580. function blogapi_validate_user($username, $password) {
  581. global $user;
  582. $user = user_authenticate(array('name' => $username, 'pass' => $password));
  583. if ($user->uid) {
  584. if (user_access('administer content with blog api', $user)) {
  585. return $user;
  586. }
  587. else {
  588. return t('You do not have permission to edit this blog.');
  589. }
  590. }
  591. else {
  592. return t('Wrong username or password.');
  593. }
  594. }
  595. /**
  596. * For the blogger API, extract the node title from the contents field.
  597. */
  598. function blogapi_blogger_title(&$contents) {
  599. if (eregi('<title>([^<]*)</title>', $contents, $title)) {
  600. $title = strip_tags($title[0]);
  601. $contents = ereg_replace('<title>[^<]*</title>', '', $contents);
  602. }
  603. else {
  604. list($title, $contents) = explode("\n", $contents, 2);
  605. }
  606. return $title;
  607. }
  608. function blogapi_admin_settings() {
  609. $node_types = array_map('check_plain', node_get_types('names'));
  610. $defaults = isset($node_types['blog']) ? array('blog' => 1) : array();
  611. $form['blogapi_node_types'] = array(
  612. '#type' => 'checkboxes',
  613. '#title' => t('Enable for external blogging clients'),
  614. '#required' => TRUE,
  615. '#default_value' => variable_get('blogapi_node_types', $defaults),
  616. '#options' => $node_types,
  617. '#description' => t('Select the content types available to external blogging clients via Blog API. If supported, each enabled content type will be displayed as a separate "blog" by the external client.')
  618. );
  619. $blogapi_extensions_default = variable_get('blogapi_extensions_default', 'jpg jpeg gif png txt doc xls pdf ppt pps odt ods odp');
  620. $blogapi_uploadsize_default = variable_get('blogapi_uploadsize_default', 1);
  621. $blogapi_usersize_default = variable_get('blogapi_usersize_default', 1);
  622. $form['settings_general'] = array(
  623. '#type' => 'fieldset',
  624. '#title' => t('File settings'),
  625. '#collapsible' => TRUE,
  626. );
  627. $form['settings_general']['blogapi_extensions_default'] = array(
  628. '#type' => 'textfield',
  629. '#title' => t('Default permitted file extensions'),
  630. '#default_value' => $blogapi_extensions_default,
  631. '#maxlength' => 255,
  632. '#description' => t('Default extensions that users can upload. Separate extensions with a space and do not include the leading dot.'),
  633. );
  634. $form['settings_general']['blogapi_uploadsize_default'] = array(
  635. '#type' => 'textfield',
  636. '#title' => t('Default maximum file size per upload'),
  637. '#default_value' => $blogapi_uploadsize_default,
  638. '#size' => 5,
  639. '#maxlength' => 5,
  640. '#description' => t('The default maximum file size a user can upload.'),
  641. '#field_suffix' => t('MB')
  642. );
  643. $form['settings_general']['blogapi_usersize_default'] = array(
  644. '#type' => 'textfield',
  645. '#title' => t('Default total file size per user'),
  646. '#default_value' => $blogapi_usersize_default,
  647. '#size' => 5,
  648. '#maxlength' => 5,
  649. '#description' => t('The default maximum size of all files a user can have on the site.'),
  650. '#field_suffix' => t('MB')
  651. );
  652. $form['settings_general']['upload_max_size'] = array('#value' => '<p>'. t('Your PHP settings limit the maximum file size per upload to %size.', array('%size' => format_size(file_upload_max_size()))).'</p>');
  653. $roles = user_roles(0, 'administer content with blog api');
  654. $form['roles'] = array('#type' => 'value', '#value' => $roles);
  655. foreach ($roles as $rid => $role) {
  656. $form['settings_role_'. $rid] = array(
  657. '#type' => 'fieldset',
  658. '#title' => t('Settings for @role', array('@role' => $role)),
  659. '#collapsible' => TRUE,
  660. '#collapsed' => TRUE,
  661. );
  662. $form['settings_role_'. $rid]['blogapi_extensions_'. $rid] = array(
  663. '#type' => 'textfield',
  664. '#title' => t('Permitted file extensions'),
  665. '#default_value' => variable_get('blogapi_extensions_'. $rid, $blogapi_extensions_default),
  666. '#maxlength' => 255,
  667. '#description' => t('Extensions that users in this role can upload. Separate extensions with a space and do not include the leading dot.'),
  668. );
  669. $form['settings_role_'. $rid]['blogapi_uploadsize_'. $rid] = array(
  670. '#type' => 'textfield',
  671. '#title' => t('Maximum file size per upload'),
  672. '#default_value' => variable_get('blogapi_uploadsize_'. $rid, $blogapi_uploadsize_default),
  673. '#size' => 5,
  674. '#maxlength' => 5,
  675. '#description' => t('The maximum size of a file a user can upload (in megabytes).'),
  676. );
  677. $form['settings_role_'. $rid]['blogapi_usersize_'. $rid] = array(
  678. '#type' => 'textfield',
  679. '#title' => t('Total file size per user'),
  680. '#default_value' => variable_get('blogapi_usersize_'. $rid, $blogapi_usersize_default),
  681. '#size' => 5,
  682. '#maxlength' => 5,
  683. '#description' => t('The maximum size of all files a user can have on the site (in megabytes).'),
  684. );
  685. }
  686. return system_settings_form($form);
  687. }
  688. function blogapi_menu() {
  689. $items['blogapi/rsd'] = array(
  690. 'title' => 'RSD',
  691. 'page callback' => 'blogapi_rsd',
  692. 'access arguments' => array('access content'),
  693. 'type' => MENU_CALLBACK,
  694. );
  695. $items['admin/settings/blogapi'] = array(
  696. 'title' => 'Blog API',
  697. 'description' => 'Configure the content types available to external blogging clients.',
  698. 'page callback' => 'drupal_get_form',
  699. 'page arguments' => array('blogapi_admin_settings'),
  700. 'access arguments' => array('administer site configuration'),
  701. 'type' => MENU_NORMAL_ITEM,
  702. );
  703. return $items;
  704. }
  705. function blogapi_init() {
  706. if (drupal_is_front_page()) {
  707. drupal_add_link(array('rel' => 'EditURI',
  708. 'type' => 'application/rsd+xml',
  709. 'title' => t('RSD'),
  710. 'href' => url('blogapi/rsd', array('absolute' => TRUE))));
  711. }
  712. }
  713. function blogapi_rsd() {
  714. global $base_url;
  715. $xmlrpc = $base_url .'/xmlrpc.php';
  716. $base = url('', array('absolute' => TRUE));
  717. $blogid = 1; # until we figure out how to handle multiple bloggers
  718. drupal_set_header('Content-Type: application/rsd+xml; charset=utf-8');
  719. print <<<__RSD__
  720. <?xml version="1.0"?>
  721. <rsd version="1.0" xmlns="http://archipelago.phrasewise.com/rsd">
  722. <service>
  723. <engineName>Drupal</engineName>
  724. <engineLink>http://drupal.org/</engineLink>
  725. <homePageLink>$base</homePageLink>
  726. <apis>
  727. <api name="MetaWeblog" preferred="false" apiLink="$xmlrpc" blogID="$blogid" />
  728. <api name="Blogger" preferred="false" apiLink="$xmlrpc" blogID="$blogid" />
  729. <api name="MovableType" preferred="true" apiLink="$xmlrpc" blogID="$blogid" />
  730. </apis>
  731. </service>
  732. </rsd>
  733. __RSD__;
  734. }
  735. /**
  736. * Handles extra information sent by clients according to MovableType's spec.
  737. */
  738. function _blogapi_mt_extra(&$node, $struct) {
  739. if (is_array($node)) {
  740. $was_array = TRUE;
  741. $node = (object)$node;
  742. }
  743. // mt_allow_comments
  744. if (array_key_exists('mt_allow_comments', $struct)) {
  745. switch ($struct['mt_allow_comments']) {
  746. case 0:
  747. $node->comment = COMMENT_NODE_DISABLED;
  748. break;
  749. case 1:
  750. $node->comment = COMMENT_NODE_READ_WRITE;
  751. break;
  752. case 2:
  753. $node->comment = COMMENT_NODE_READ_ONLY;
  754. break;
  755. }
  756. }
  757. // merge the 3 body sections (description, mt_excerpt, mt_text_more) into
  758. // one body
  759. if ($struct['mt_excerpt']) {
  760. $node->body = $struct['mt_excerpt'] .'<!--break-->'. $node->body;
  761. }
  762. if ($struct['mt_text_more']) {
  763. $node->body = $node->body .'<!--extended-->'. $struct['mt_text_more'];
  764. }
  765. // mt_convert_breaks
  766. if ($struct['mt_convert_breaks']) {
  767. $node->format = $struct['mt_convert_breaks'];
  768. }
  769. // dateCreated
  770. if ($struct['dateCreated']) {
  771. $node->date = format_date(mktime($struct['dateCreated']->hour, $struct['dateCreated']->minute, $struct['dateCreated']->second, $struct['dateCreated']->month, $struct['dateCreated']->day, $struct['dateCreated']->year), 'custom', 'Y-m-d H:i:s O');
  772. }
  773. if ($was_array) {
  774. $node = (array)$node;
  775. }
  776. }
  777. function _blogapi_get_post($node, $bodies = TRUE) {
  778. $xmlrpcval = array(
  779. 'userid' => $node->name,
  780. 'dateCreated' => xmlrpc_date($node->created),
  781. 'title' => $node->title,
  782. 'postid' => $node->nid,
  783. 'link' => url('node/'. $node->nid, array('absolute' => TRUE)),
  784. 'permaLink' => url('node/'. $node->nid, array('absolute' => TRUE)),
  785. );
  786. if ($bodies) {
  787. if ($node->comment == 1) {
  788. $comment = 2;
  789. }
  790. else if ($node->comment == 2) {
  791. $comment = 1;
  792. }
  793. $xmlrpcval['content'] = "<title>$node->title</title>$node->body";
  794. $xmlrpcval['description'] = $node->body;
  795. // Add MT specific fields
  796. $xmlrpcval['mt_allow_comments'] = (int) $comment;
  797. $xmlrpcval['mt_convert_breaks'] = $node->format;
  798. }
  799. return $xmlrpcval;
  800. }
  801. /**
  802. * Validate blog ID, which maps to a content type in Drupal.
  803. *
  804. * Only content types configured to work with Blog API are supported.
  805. *
  806. * @return
  807. * TRUE if the content type is supported and the user has permission
  808. * to post, or a blogapi_error() XML construct otherwise.
  809. */
  810. function _blogapi_validate_blogid($blogid) {
  811. $types = _blogapi_get_node_types();
  812. if (in_array($blogid, $types, TRUE)) {
  813. return TRUE;
  814. }
  815. return blogapi_error(t("Blog API module is not configured to support the %type content type, or you don't have sufficient permissions to post this type of content.", array('%type' => $blogid)));
  816. }
  817. function _blogapi_get_node_types() {
  818. $available_types = array_keys(array_filter(variable_get('blogapi_node_types', array('blog' => 1))));
  819. $types = array();
  820. foreach (node_get_types() as $type => $name) {
  821. if (node_access('create', $type) && in_array($type, $available_types)) {
  822. $types[] = $type;
  823. }
  824. }
  825. return $types;
  826. }
  827. function _blogapi_space_used($uid) {
  828. return db_result(db_query('SELECT SUM(filesize) FROM {blogapi_files} f WHERE f.uid = %d', $uid));
  829. }