Mercurial > defr > drupal > core
comparison modules/blogapi/blogapi.module @ 11:589fb7c02327 6.5
Drupal 6.5
| author | Franck Deroche <webmaster@defr.org> |
|---|---|
| date | Tue, 23 Dec 2008 14:32:19 +0100 |
| parents | acef7ccb09b5 |
| children |
comparison
equal
deleted
inserted
replaced
| 10:6f15c9d74937 | 11:589fb7c02327 |
|---|---|
| 1 <?php | 1 <?php |
| 2 // $Id: blogapi.module,v 1.115.2.3 2008/08/13 23:59:13 drumm Exp $ | 2 // $Id: blogapi.module,v 1.115.2.5 2008/10/08 20:12:17 goba Exp $ |
| 3 | 3 |
| 4 /** | 4 /** |
| 5 * @file | 5 * @file |
| 6 * Enable users to post using applications that support XML-RPC blog APIs. | 6 * Enable users to post using applications that support XML-RPC blog APIs. |
| 7 */ | 7 */ |
| 220 $edit['date'] = format_date(time(), 'custom', 'Y-m-d H:i:s O'); | 220 $edit['date'] = format_date(time(), 'custom', 'Y-m-d H:i:s O'); |
| 221 } | 221 } |
| 222 | 222 |
| 223 node_invoke_nodeapi($edit, 'blogapi new'); | 223 node_invoke_nodeapi($edit, 'blogapi new'); |
| 224 | 224 |
| 225 $valid = blogapi_status_error_check($edit, $publish); | |
| 226 if ($valid !== TRUE) { | |
| 227 return $valid; | |
| 228 } | |
| 229 | |
| 225 node_validate($edit); | 230 node_validate($edit); |
| 226 if ($errors = form_get_errors()) { | 231 if ($errors = form_get_errors()) { |
| 227 return blogapi_error(implode("\n", $errors)); | 232 return blogapi_error(implode("\n", $errors)); |
| 228 } | 233 } |
| 229 | 234 |
| 257 unset($node->teaser); | 262 unset($node->teaser); |
| 258 | 263 |
| 259 if (!node_access('update', $node)) { | 264 if (!node_access('update', $node)) { |
| 260 return blogapi_error(t('You do not have permission to update this post.')); | 265 return blogapi_error(t('You do not have permission to update this post.')); |
| 261 } | 266 } |
| 262 | 267 // Save the original status for validation of permissions. |
| 268 $original_status = $node->status; | |
| 263 $node->status = $publish; | 269 $node->status = $publish; |
| 264 | 270 |
| 265 // check for bloggerAPI vs. metaWeblogAPI | 271 // check for bloggerAPI vs. metaWeblogAPI |
| 266 if (is_array($content)) { | 272 if (is_array($content)) { |
| 267 $node->title = $content['title']; | 273 $node->title = $content['title']; |
| 273 $node->body = $content; | 279 $node->body = $content; |
| 274 } | 280 } |
| 275 | 281 |
| 276 node_invoke_nodeapi($node, 'blogapi edit'); | 282 node_invoke_nodeapi($node, 'blogapi edit'); |
| 277 | 283 |
| 284 $valid = blogapi_status_error_check($node, $original_status); | |
| 285 if ($valid !== TRUE) { | |
| 286 return $valid; | |
| 287 } | |
| 288 | |
| 278 node_validate($node); | 289 node_validate($node); |
| 279 if ($errors = form_get_errors()) { | 290 if ($errors = form_get_errors()) { |
| 280 return blogapi_error(implode("\n", $errors)); | 291 return blogapi_error(implode("\n", $errors)); |
| 281 } | 292 } |
| 282 | 293 |
| 306 | 317 |
| 307 return _blogapi_get_post($node, TRUE); | 318 return _blogapi_get_post($node, TRUE); |
| 308 } | 319 } |
| 309 | 320 |
| 310 /** | 321 /** |
| 322 * Check that the user has permission to save the node with the chosen status. | |
| 323 * | |
| 324 * @return | |
| 325 * TRUE if no error, or the blogapi_error(). | |
| 326 */ | |
| 327 function blogapi_status_error_check($node, $original_status) { | |
| 328 | |
| 329 $node = (object) $node; | |
| 330 | |
| 331 $node_type_default = variable_get('node_options_'. $node->type, array('status', 'promote')); | |
| 332 | |
| 333 // If we don't have the 'administer nodes' permission and the status is | |
| 334 // changing or for a new node the status is not the content type's default, | |
| 335 // then return an error. | |
| 336 if (!user_access('administer nodes') && (($node->status != $original_status) || (empty($node->nid) && $node->status != in_array('status', $node_type_default)))) { | |
| 337 if ($node->status) { | |
| 338 return blogapi_error(t('You do not have permission to publish this type of post. Please save it as a draft instead.')); | |
| 339 } | |
| 340 else { | |
| 341 return blogapi_error(t('You do not have permission to save this post as a draft. Please publish it instead.')); | |
| 342 } | |
| 343 } | |
| 344 return TRUE; | |
| 345 } | |
| 346 | |
| 347 | |
| 348 /** | |
| 311 * Blogging API callback. Removes the specified blog node. | 349 * Blogging API callback. Removes the specified blog node. |
| 312 */ | 350 */ |
| 313 function blogapi_blogger_delete_post($appkey, $postid, $username, $password, $publish) { | 351 function blogapi_blogger_delete_post($appkey, $postid, $username, $password, $publish) { |
| 314 $user = blogapi_validate_user($username, $password); | 352 $user = blogapi_validate_user($username, $password); |
| 315 if (!$user->uid) { | 353 if (!$user->uid) { |
| 435 /** | 473 /** |
| 436 * Blogging API callback. Returns a list of the taxonomy terms that can be | 474 * Blogging API callback. Returns a list of the taxonomy terms that can be |
| 437 * associated with a blog node. | 475 * associated with a blog node. |
| 438 */ | 476 */ |
| 439 function blogapi_metaweblog_get_category_list($blogid, $username, $password) { | 477 function blogapi_metaweblog_get_category_list($blogid, $username, $password) { |
| 478 $user = blogapi_validate_user($username, $password); | |
| 479 if (!$user->uid) { | |
| 480 return blogapi_error($user); | |
| 481 } | |
| 482 | |
| 440 if (($error = _blogapi_validate_blogid($blogid)) !== TRUE) { | 483 if (($error = _blogapi_validate_blogid($blogid)) !== TRUE) { |
| 441 // Return an error if not configured type. | 484 // Return an error if not configured type. |
| 442 return $error; | 485 return $error; |
| 443 } | 486 } |
| 444 | 487 |
| 507 $node = node_load($postid); | 550 $node = node_load($postid); |
| 508 $node->taxonomy = array(); | 551 $node->taxonomy = array(); |
| 509 foreach ($categories as $category) { | 552 foreach ($categories as $category) { |
| 510 $node->taxonomy[] = $category['categoryId']; | 553 $node->taxonomy[] = $category['categoryId']; |
| 511 } | 554 } |
| 555 $validated = blogapi_mt_validate_terms($node); | |
| 556 if ($validated !== TRUE) { | |
| 557 return $validated; | |
| 558 } | |
| 512 node_save($node); | 559 node_save($node); |
| 560 return TRUE; | |
| 561 } | |
| 562 | |
| 563 /** | |
| 564 * Blogging API helper - find allowed taxonomy terms for a node type. | |
| 565 */ | |
| 566 function blogapi_mt_validate_terms($node) { | |
| 567 // We do a lot of heavy lifting here since taxonomy module doesn't have a | |
| 568 // stand-alone validation function. | |
| 569 if (module_exists('taxonomy')) { | |
| 570 $found_terms = array(); | |
| 571 if (!empty($node->taxonomy)) { | |
| 572 $term_list = array_unique($node->taxonomy); | |
| 573 $params = $term_list; | |
| 574 $params[] = $node->type; | |
| 575 $result = db_query(db_rewrite_sql("SELECT t.tid, t.vid FROM {term_data} t INNER JOIN {vocabulary_node_types} n ON t.vid = n.vid WHERE t.tid IN (". db_placeholders($term_list) .") AND n.type = '%s'", 't', 'tid'), $params); | |
| 576 $found_terms = array(); | |
| 577 $found_count = 0; | |
| 578 while ($term = db_fetch_object($result)) { | |
| 579 $found_terms[$term->vid][$term->tid] = $term->tid; | |
| 580 $found_count++; | |
| 581 } | |
| 582 // If the counts don't match, some terms are invalid or not accessible to this user. | |
| 583 if (count($term_list) != $found_count) { | |
| 584 return blogapi_error(t('Invalid categories submitted.')); | |
| 585 } | |
| 586 } | |
| 587 // Look up all the vocabularies for this node type. | |
| 588 $result2 = db_query(db_rewrite_sql("SELECT v.vid, v.name, v.required, v.multiple FROM {vocabulary} v INNER JOIN {vocabulary_node_types} n ON v.vid = n.vid WHERE n.type = '%s'", 'v', 'vid'), $node->type); | |
| 589 // Check each vocabulary associated with this node type. | |
| 590 while ($vocabulary = db_fetch_object($result2)) { | |
| 591 // Required vocabularies must have at least one term. | |
| 592 if ($vocabulary->required && empty($found_terms[$vocabulary->vid])) { | |
| 593 return blogapi_error(t('A category from the @vocabulary_name vocabulary is required.', array('@vocabulary_name' => $vocabulary->name))); | |
| 594 } | |
| 595 // Vocabularies that don't allow multiple terms may have at most one. | |
| 596 if (!($vocabulary->multiple) && (isset($found_terms[$vocabulary->vid]) && count($found_terms[$vocabulary->vid]) > 1)) { | |
| 597 return blogapi_error(t('You may only choose one category from the @vocabulary_name vocabulary.'), array('@vocabulary_name' => $vocabulary->name)); | |
| 598 } | |
| 599 } | |
| 600 } | |
| 601 elseif (!empty($node->taxonomy)) { | |
| 602 return blogapi_error(t('Error saving categories. This feature is not available.')); | |
| 603 } | |
| 513 return TRUE; | 604 return TRUE; |
| 514 } | 605 } |
| 515 | 606 |
| 516 /** | 607 /** |
| 517 * Blogging API callback. Sends a list of available input formats. | 608 * Blogging API callback. Sends a list of available input formats. |
| 542 $node = node_load($postid); | 633 $node = node_load($postid); |
| 543 if (!$node) { | 634 if (!$node) { |
| 544 return blogapi_error(t('Invalid post.')); | 635 return blogapi_error(t('Invalid post.')); |
| 545 } | 636 } |
| 546 | 637 |
| 638 // Nothing needs to be done if already published. | |
| 639 if ($node->status) { | |
| 640 return; | |
| 641 } | |
| 642 | |
| 643 if (!node_access('update', $node) || !user_access('administer nodes')) { | |
| 644 return blogapi_error(t('You do not have permission to update this post.')); | |
| 645 } | |
| 646 | |
| 547 $node->status = 1; | 647 $node->status = 1; |
| 548 if (!node_access('update', $node)) { | |
| 549 return blogapi_error(t('You do not have permission to update this post.')); | |
| 550 } | |
| 551 | |
| 552 node_save($node); | 648 node_save($node); |
| 553 | 649 |
| 554 return TRUE; | 650 return TRUE; |
| 555 } | 651 } |
| 556 | 652 |