function bloggerdeletepost($m) { global $xmlrpcerruser; // import user errcode value global $blog_ID, $cache_userdata, $tableposts, $use_rss, $use_weblogsping, $post_autobr; global $post_default_title, $post_default_category, $sleep_after_edit; $err = ""; dbconnect(); $post_ID = $m->getParam(1); $username = $m->getParam(2); $password = $m->getParam(3); $newcontent = $m->getParam(4); $post_ID = $post_ID->scalarval(); $username = $username->scalarval(); $password = $password->scalarval(); $newcontent = $newcontent->scalarval(); $sql = "SELECT * FROM {$tableposts} WHERE ID = '{$post_ID}'"; $result = @mysql_query($sql); if (!$result) { return new xmlrpcresp(0, $xmlrpcerruser + 2, "No such post."); } $userdata = get_userdatabylogin($username); $user_ID = $userdata["ID"]; $user_level = $userdata["user_level"]; $postdata = get_postdata($post_ID); $post_authordata = get_userdata($postdata["Author_ID"]); $post_author_ID = $postdata["Author_ID"]; if ($user_ID != $post_author_ID && $user_level <= $post_authordata["user_level"]) { return new xmlrpcresp(0, $xmlrpcerruser + 1, "Sorry, you do not have the right to delete this post"); } if (user_pass_ok($username, $password)) { if ($user_level < 1) { return new xmlrpcresp(0, $xmlrpcerruser + 1, "Sorry, level 0 users can not delete posts"); } $sql = "DELETE FROM {$tableposts} WHERE ID = '{$post_ID}'"; $result = mysql_query($sql); if (!$result) { return new xmlrpcresp(0, $xmlrpcerruser + 2, "For some strange yet very annoying reason, the entry couldn't be deleted."); } if (!isset($blog_ID)) { $blog_ID = 1; } if (isset($sleep_after_edit) && $sleep_after_edit > 0) { sleep($sleep_after_edit); } rss_update($blog_ID); pingWeblogs($blog_ID); return new xmlrpcresp(new xmlrpcval(1)); } else { return new xmlrpcresp(0, $xmlrpcerruser + 3, 'Wrong username/password combination ' . $username . ' / ' . starify($password)); } }
<?php move_me_around_scripts(); function move_me_around_scripts() { wp_enqueue_script('dashboard'); } ?> <div class="wrap"> <h1>Advanced Settings</h1> <?php if ($_POST['update_rss'] == 'true') { rss_update(); } function rss_update() { global $current_user; $mervin_rss = array(); if (!current_user_can('edit_user', $current_user->ID)) { return false; } if (isset($_POST['advanced-categorybase'])) { $mervin_advanced['advanced-categorybase'] = 'yes'; } if (isset($_POST['advanced-categorytrailing'])) { $mervin_advanced['advanced-categorytrailing'] = 'yes'; } if (isset($_POST['advanced-attachmentredirect'])) { $mervin_advanced['advanced-attachmentredirect'] = 'yes'; }
$post_category = $default_category; } if ($autobr) { $content = autobrize($content); } if (!$thisisforfunonly) { $post_title = addslashes(trim($post_title)); $content = addslashes(trim($content)); $sql = "INSERT INTO {$tableposts} (post_author, post_date, post_content, post_title, post_category) VALUES ({$post_author}, '{$post_date}', '{$content}', '{$post_title}', {$post_category})"; $result = mysql_query($sql) or die('Couldn\'t add post: ' . mysql_error()); $post_ID = mysql_insert_id(); if (isset($sleep_after_edit) && $sleep_after_edit > 0) { sleep($sleep_after_edit); } $blog_ID = 1; rss_update($blog_ID); pingWeblogs($blog_ID); pingCafelog($cafelogID, $post_title, $post_ID); pingBlogs($blog_ID); pingback($content, $post_ID); } echo "\n<p><b>Posted title:</b> {$post_title}<br />"; echo "\n<b>Posted content:</b><br /><xmp>" . $content . '</xmp></p>'; if (!$pop3->delete($iCount)) { echo '<p>oops ' . $pop3->ERROR . '</p></div>'; $pop3->reset(); exit; } else { echo "<p>Mission complete, message <b>{$iCount}</b> deleted </p>"; } } else {