function bloggernewpost($m)
{
global $xmlrpcerruser;
// import user errcode value
global $blog_ID, $cache_userdata, $tableposts, $use_rss, $use_weblogsping, $post_autobr;
global $post_default_title, $post_default_category;
global $cafelogID, $sleep_after_edit;
$err = "";
dbconnect();
$username = $m->getParam(2);
$password = $m->getParam(3);
$content = $m->getParam(4);
$username = $username->scalarval();
$password = $password->scalarval();
$content = $content->scalarval();
if (user_pass_ok($username, $password)) {
$userdata = get_userdatabylogin($username);
$user_ID = $userdata["ID"];
$user_level = $userdata["user_level"];
if ($user_level < 1) {
return new xmlrpcresp(0, $xmlrpcerruser + 1, "Sorry, level 0 users can not post");
}
$post_title = addslashes(xmlrpc_getposttitle($content));
$post_category = xmlrpc_getpostcategory($content);
$content = xmlrpc_removepostdata($content);
$content = format_to_post($content);
$time_difference = get_settings("time_difference");
$now = date("Y-m-d H:i:s", time() + $time_difference * 3600);
$sql = "INSERT INTO {$tableposts} (post_author, post_date, post_content, post_title, post_category) VALUES ('{$user_ID}','{$now}','{$content}','{$post_title}','{$post_category}')";
$result = mysql_query($sql);
if (!$result) {
return new xmlrpcresp(0, $xmlrpcerruser + 2, "For some strange yet very annoying reason, your entry couldn't be posted.");
}
$post_ID = mysql_insert_id();
if (!isset($blog_ID)) {
$blog_ID = 1;
}
if (isset($sleep_after_edit) && $sleep_after_edit > 0) {
sleep($sleep_after_edit);
}
rss_update($blog_ID);
pingWeblogs($blog_ID);
pingCafelog($cafelogID, $post_title, $post_ID);
pingBlogs($blog_ID);
pingback($content, $post_ID);
logIO("O", "Posted ! ID: {$post_ID}");
return new xmlrpcresp(new xmlrpcval("{$post_ID}"));
} else {
logIO("O", "Wrong username/password combination <b>{$username} / {$password}</b>");
return new xmlrpcresp(0, $xmlrpcerruser + 3, 'Wrong username/password combination ' . $username . ' / ' . starify($password));
}
}
function mweditpost($params)
{
// ($postid, $user, $pass, $content, $publish)
global $xmlrpcerruser;
$xpostid = $params->getParam(0);
$xuser = $params->getParam(1);
$xpass = $params->getParam(2);
$xcontent = $params->getParam(3);
$xpublish = $params->getParam(4);
$ID = $xpostid->scalarval();
$username = $xuser->scalarval();
$password = $xpass->scalarval();
$contentstruct = xmlrpc_decode1($xcontent);
$postdata = wp_get_single_post($ID);
if (!$postdata) {
return new xmlrpcresp(0, $xmlrpcerruser + 2, "No such post {$ID}.");
}
$userdata = get_userdatabylogin($username);
$user_ID = $userdata->ID;
$user_level = $userdata->user_level;
$post_author_ID = $postdata->post_author;
$post_authordata = get_userdata($post_author_ID);
if ($user_ID != $post_author_ID && $user_level <= $post_authordata->user_level) {
return new xmlrpcresp(0, $xmlrpcerruser + 1, "Sorry, you do not have the right to edit this post.");
}
// Check login
if (user_pass_ok($username, $password)) {
if ($user_level < 1) {
return new xmlrpcresp(0, $xmlrpcerruser + 1, "Sorry, level 0 users cannot edit posts");
}
extract($postdata);
$post_title = $contentstruct['title'];
$post_content = format_to_post($contentstruct['description']);
$catnames = $contentstruct['categories'];
logIO("O", "Cat Count" . count($catnames));
foreach ($catnames as $cat) {
$post_category[] = get_cat_ID($cat);
}
$post_excerpt = $contentstruct['mt_excerpt'];
$post_more = $contentstruct['mt_text_more'];
$post_status = $xpublish->scalarval() ? 'publish' : 'draft';
if ($post_more) {
$post_content = $post_content . "\n<!--more-->\n" . $post_more;
}
$comment_status = 1 == $contentstruct['mt_allow_comments'] ? 'open' : 'closed';
$ping_status = $contentstruct['mt_allow_pings'] ? 'open' : 'closed';
$time_difference = get_settings("time_difference");
$dateCreated = $contentstruct['dateCreated'];
$dateCreated = $dateCreated ? iso8601_decode($contentstruct['dateCreated']) : time() + $time_difference * 3600;
$post_date = date("Y-m-d H:i:s", $dateCreated);
// We've got all the data -- post it:
$newpost = compact('ID', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'comment_status', 'ping_status', 'post_date');
$newpost_ID = wp_update_post($newpost);
if (!$newpost_ID) {
return new xmlrpcresp(0, $xmlrpcerruser + 2, "For some strange yet very annoying reason, your entry could not be posted.");
}
if (!isset($blog_ID)) {
$blog_ID = 1;
}
if (isset($sleep_after_edit) && $sleep_after_edit > 0) {
sleep($sleep_after_edit);
}
pingWeblogs($blog_ID);
pingCafelog($cafelogID, $post_title, $post_ID);
pingBlogs($blog_ID);
pingback($content, $post_ID);
trackback_url_list($content_struct['mt_tb_ping_urls'], $post_ID);
logIO("O", "(MW) Edited ! ID: {$post_ID}");
$myResp = new xmlrpcval($ID, "string");
return new xmlrpcresp($myResp);
} else {
logIO("O", "(MW) Wrong username/password combination <b>{$username} / {$password}</b>");
return new xmlrpcresp(0, $xmlrpcerruser + 3, 'Wrong username/password combination ' . $username . ' / ' . starify($password));
}
}
if ($autobr) {
$content = autobrize($content);
}
if (!$thisisforfunonly) {
$post_title = addslashes(trim($post_title));
$content = addslashes(trim($content));
$sql = "INSERT INTO {$tableposts} (post_author, post_date, post_content, post_title, post_category) VALUES ({$post_author}, '{$post_date}', '{$content}', '{$post_title}', {$post_category})";
$result = mysql_query($sql) or die('Couldn\'t add post: ' . mysql_error());
$post_ID = mysql_insert_id();
if (isset($sleep_after_edit) && $sleep_after_edit > 0) {
sleep($sleep_after_edit);
}
$blog_ID = 1;
rss_update($blog_ID);
pingWeblogs($blog_ID);
pingCafelog($cafelogID, $post_title, $post_ID);
pingBlogs($blog_ID);
pingback($content, $post_ID);
}
echo "\n<p><b>Posted title:</b> {$post_title}<br />";
echo "\n<b>Posted content:</b><br /><xmp>" . $content . '</xmp></p>';
if (!$pop3->delete($iCount)) {
echo '<p>oops ' . $pop3->ERROR . '</p></div>';
$pop3->reset();
exit;
} else {
echo "<p>Mission complete, message <b>{$iCount}</b> deleted </p>";
}
} else {
echo '<p><b>Level 0 users can\'t post.</b></p>';
}
