Changeset 754
- Timestamp:
- 12/13/06 21:44:05 (2 years ago)
- Files:
-
- devel/units/rpc/lib/class_post.php (modified) (5 diffs)
- devel/units/rpc/xmlrpc/library_blogger_xmlrpc.php (modified) (4 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
devel/units/rpc/lib/class_post.php
r648 r754 240 240 } 241 241 242 function validate($action = null) 243 { 244 // $action parameter currently not used 245 246 // Get the weblog object 247 if (!isset($this->weblog)) 248 { 249 // Get the weblog context 250 $this->weblog = run('weblogs:instance', array('user_id' => $this->owner, 251 'blog_id' => $this->blog_id)); 252 } 253 254 // Always post to your own blog :) 255 if ($this->weblog->community == false && $this->owner == $this->blog_id) 256 { 257 return true; 258 } 259 260 // A community can't post to itself 261 if ($this->weblog->community == true && $this->owner == $this->blog_id) 262 { 263 return false; 264 } 265 266 // Only a member or community owner can post to a community 267 if ($this->weblog->community == true) 268 { 269 if ($this->weblog->owner != $this->owner) 270 { 271 // Not community owner, is it a member? 272 if ($result = get_records_sql('SELECT DISTINCT u.ident, 1 273 FROM elggfriends f JOIN elggusers u 274 ON u.ident = f.owner WHERE f.friend = ? 275 AND u.ident = ? ', 276 array($this->blog_id,$this->owner))) 277 { 278 // Memberships found 279 return true; 280 } 281 else 282 { 283 // Not a friend, nor owner, deny this save 284 return false; 285 } 286 } 287 else 288 { 289 return true; 290 } 291 } 292 } 293 242 294 /** 243 295 * … … 245 297 function delete() 246 298 { 299 if (!this->validate('delete')) 300 { 301 return false; 302 } 303 247 304 if ($this->exists) 248 305 { … … 275 332 function save() 276 333 { 334 if (!$this->validate('save')) 335 { 336 return false; 337 } 338 277 339 $wp = new StdClass; 278 340 $wp->title = $this->title; … … 280 342 $wp->access = $this->access; 281 343 $wp->ident = $this->ident; 344 282 345 if ($this->exists == true) 283 346 { 284 // Check ownership285 if ($this->weblog->isOwner() != true)286 {287 // Not weblog owner, check at post level288 if ($this->owner != $this->weblog->getOwner())289 {290 return false;291 }292 }293 294 347 if (update_record('weblog_posts',$wp)) { 295 348 $rssresult = run("weblogs:rss:publish", array($this->owner, false)); … … 301 354 else 302 355 { 356 // Post doesn't exist 357 303 358 $wp->weblog = $this->blog_id; 304 359 $wp->posted = time(); 305 360 $wp->owner = $this->owner; 361 306 362 if ($this->ident = insert_record('weblog_posts',$wp)) { 307 363 $this->exists = true; devel/units/rpc/xmlrpc/library_blogger_xmlrpc.php
r365 r754 8 8 { 9 9 // Number of parameters 10 $nr_params = null; 10 $nr_params = null; // Raise an XML-RPC error 11 11 12 12 if ($method == "blogger.newPost") … … 46 46 } 47 47 48 // Exit if no blogid provided 49 if ($blogid == "") 50 { 51 // Raise an XML-RPC error 52 return new IXR_Error(-32602, "No blog ID provided"); 53 } 54 48 55 // Check credentials 49 56 $auth = run('rpc:auth', array("username" => $username, 50 57 "password" => $password)); 51 52 58 if ($auth['status'] == true) 53 59 { … … 84 90 // (Boolean) mt_allow_comments (Elgg only handles this as a global and not per post option) 85 91 $post->setTitle($content['title']); 86 $post->setBody($content['description']); 92 $post->setBody($content['description']); 87 93 } 88 94 … … 90 96 $post->save(); 91 97 92 // We support mt_keywords 93 if ( array_key_exists('mt_keywords', $content) && $post->getIdent() != "")98 // We support mt_keywords if request is metaWeblog 99 if ($api != "blogger" && array_key_exists('mt_keywords', $content) && $post->getIdent() != "") 94 100 { 95 101 $keywords = $content['mt_keywords'];
