/**
* Create a new Item and return an XML-RPC response
*
* @param array Item properties
* @param object Blog where we are going to create a new Item
* @return xmlrpcmsg
*/
function xmlrpcs_new_item($params, &$Blog = NULL)
{
global $current_User, $Settings, $Messages, $DB, $posttypes_perms;
$params = array_merge(array('title' => '', 'content' => '', 'date' => '', 'main_cat_ID' => 0, 'extra_cat_IDs' => array(), 'cat_IDs' => array(), 'status' => 'published', 'tags' => '', 'excerpt' => '', 'item_typ_ID' => 1, 'comment_status' => 'open', 'urltitle' => '', 'featured' => 0, 'custom_fields' => array(), 'order' => '', 'parent_ID' => ''), $params);
if (empty($Blog) && !empty($params['main_cat_ID'])) {
// Get the blog by main category ID
// Check if category exists and can be used
$ChapterCache =& get_ChapterCache();
$main_Chapter =& $ChapterCache->get_by_ID($params['main_cat_ID'], false, false);
if (empty($main_Chapter)) {
// Cat does not exist:
return xmlrpcs_resperror(11);
// User error 11
}
$BlogCache =& get_BlogCache();
$Blog =& $BlogCache->get_by_ID($main_Chapter->blog_ID, false, false);
logIO('Requested Blog: ' . $Blog->ID . ' - ' . $Blog->name);
}
if (empty($Blog)) {
// Blog does not exist:
return xmlrpcs_resperror();
}
if (empty($params['main_cat_ID'])) {
if (is_array($params['cat_IDs']) && count($params['cat_IDs']) > 0) {
// Let's use first cat for MAIN and others for EXTRA
$params['main_cat_ID'] = array_shift($params['cat_IDs']);
$params['extra_cat_IDs'] = $params['cat_IDs'];
} else {
if (!($main_cat = $Blog->get_default_cat_ID())) {
// No default category found for requested blog
return xmlrpcs_resperror(12);
// User error 12
}
$params['main_cat_ID'] = $main_cat;
}
}
logIO('Main cat ID: ' . $params['main_cat_ID']);
logIO('Extra cat IDs: ' . implode(', ', $params['extra_cat_IDs']));
if (empty($params['main_cat_ID'])) {
// Main category does not exist:
return xmlrpcs_resperror(11);
// User error 11
}
// Check if category exists and can be used
if (!xmlrpcs_check_cats($params['main_cat_ID'], $Blog, $params['extra_cat_IDs'])) {
// Permission denied
return xmlrpcs_resperror(3);
// User error 3
}
/*
* CHECK PERMISSION: (we need perm on all categories, especially if they are in different blogs)
* NOTE: extra_cat_IDs array now includes main_cat_ID too, so we are actually checking ALL categories below
*/
if (!$current_User->check_perm('cats_post!' . $params['status'], 'edit', false, $params['extra_cat_IDs'])) {
// Permission denied
return xmlrpcs_resperror(3);
// User error 3
}
if (!empty($params['item_typ_ID'])) {
if (!preg_match('~^[0-9]+$~', $params['item_typ_ID'])) {
// Only accept numeric values, switch to default value
$params['item_typ_ID'] = 1;
}
foreach ($posttypes_perms as $l_permname => $l_posttypes) {
// "Reverse" the $posttypes_perms array:
foreach ($l_posttypes as $ll_posttype) {
$posttype2perm[$ll_posttype] = $l_permname;
}
}
if (isset($posttype2perm[$params['item_typ_ID']])) {
// Check permission for this post type
if (!$current_User->check_perm('cats_' . $posttype2perm[$params['item_typ_ID']], 'edit', false, $params['extra_cat_IDs'])) {
// Permission denied
return xmlrpcs_resperror(3);
// User error 3
}
}
}
logIO('Post type: ' . $params['item_typ_ID']);
logIO('Permission granted.');
// CHECK HTML SANITY:
if (($params['title'] = check_html_sanity($params['title'], 'xmlrpc_posting')) === false) {
return xmlrpcs_resperror(21, $Messages->get_string('Invalid post title, please correct these errors:', ''));
}
if (($params['content'] = check_html_sanity($params['content'], 'xmlrpc_posting')) === false) {
return xmlrpcs_resperror(22, $Messages->get_string('Invalid post contents, please correct these errors:' . "\n", '', " // \n", 'xmlrpc'));
}
if (empty($params['date'])) {
$params['date'] = date('Y-m-d H:i:s', time() + $Settings->get('time_difference'));
}
// INSERT NEW POST INTO DB:
load_class('items/model/_item.class.php', 'Item');
$edited_Item = new Item();
$edited_Item->set('title', $params['title']);
$edited_Item->set('content', $params['content']);
$edited_Item->set('issue_date', $params['date']);
$edited_Item->set('main_cat_ID', $params['main_cat_ID']);
$edited_Item->set('extra_cat_IDs', $params['extra_cat_IDs']);
$edited_Item->set('status', $params['status']);
$edited_Item->set('ptyp_ID', $params['item_typ_ID']);
$edited_Item->set('featured', $params['featured']);
$edited_Item->set_tags_from_string($params['tags']);
$edited_Item->set('locale', $current_User->locale);
$edited_Item->set_creator_User($current_User);
if ($params['excerpt'] != '') {
$edited_Item->set('excerpt', $params['excerpt']);
}
if ($params['urltitle'] != '') {
$edited_Item->set('urltitle', $params['urltitle']);
}
if ($params['parent_ID'] != '') {
$edited_Item->set('parent_ID', $params['parent_ID']);
}
if (!empty($params['order'])) {
$edited_Item->set('order', $params['order']);
}
// Do not set if order is 0
if ($Blog->get_setting('allow_comments') != 'never' && $Blog->get_setting('disable_comments_bypost')) {
// Comment status
$edited_Item->set('comment_status', $params['comment_status']);
}
$edited_Item->dbinsert('through_xmlrpc');
if (empty($edited_Item->ID)) {
return xmlrpcs_resperror(99, 'Error while inserting item: ' . $DB->last_error);
}
logIO('Posted with ID: ' . $edited_Item->ID);
if (!empty($params['custom_fields']) && is_array($params['custom_fields']) && count($params['custom_fields']) > 0) {
// TODO sam2kb> Add custom fields
foreach ($params['custom_fields'] as $field) {
// id, key, value
logIO('Custom field: ' . var_export($field, true));
}
}
// Execute or schedule notifications & pings:
logIO('Handling notifications...');
$edited_Item->handle_post_processing(true);
logIO('OK.');
return new xmlrpcresp(new xmlrpcval($edited_Item->ID));
}
