  * @todo document this
 function action_itemupdate()
     global $member, $manager, $CONF;
     $itemid = intRequestVar('itemid');
     $catid = postVar('catid');
     // only allow if user is allowed to alter item
     $member->canUpdateItem($itemid, $catid) or $this->disallow();
     $actiontype = postVar('actiontype');
     // delete actions are handled by itemdelete (which has confirmation)
     if ($actiontype == 'delete') {
     $body = postVar('body');
     $title = postVar('title');
     $more = postVar('more');
     $closed = intPostVar('closed');
     $draftid = intPostVar('draftid');
     // default action = add now
     if (!$actiontype) {
         $actiontype = 'addnow';
     // create new category if needed
     if (strstr($catid, 'newcat')) {
         // get blogid
         list($blogid) = sscanf($catid, "newcat-%d");
         // create
         $blog =& $manager->getBlog($blogid);
         $catid = $blog->createNewCategory();
         // show error when sth goes wrong
         if (!$catid) {
     	set some variables based on actiontype
     		draft items -> addnow, addfuture, adddraft, delete
     		non-draft items -> edit, changedate, delete
     	variables set:
     		$timestamp: set to a nonzero value for future dates or date changes
     		$wasdraft: set to 1 when the item used to be a draft item
     		$publish: set to 1 when the edited item is not a draft
     $blogid = getBlogIDFromItemID($itemid);
     $blog =& $manager->getBlog($blogid);
     $wasdrafts = array('adddraft', 'addfuture', 'addnow');
     $wasdraft = in_array($actiontype, $wasdrafts) ? 1 : 0;
     $publish = $actiontype != 'adddraft' && $actiontype != 'backtodrafts' ? 1 : 0;
     if ($actiontype == 'addfuture' || $actiontype == 'changedate') {
         $timestamp = mktime(intPostVar('hour'), intPostVar('minutes'), 0, intPostVar('month'), intPostVar('day'), intPostVar('year'));
     } else {
         $timestamp = 0;
     // edit the item for real
     ITEM::update($itemid, $catid, $title, $body, $more, $closed, $wasdraft, $publish, $timestamp);
     if ($draftid > 0) {
         // delete permission is checked inside ITEM::delete()
     // show category edit window when we created a new category
     // ($catid will then be a new category ID, while postVar('catid') will be 'newcat-x')
     if ($catid != intPostVar('catid')) {
         $this->action_categoryedit($catid, $blog->getID(), $CONF['AdminURL'] . 'index.php?action=itemlist&blogid=' . getBlogIDFromItemID($itemid));
     } else {
         // TODO: set start item correctly for itemlist
  * Tries to create an draft from the data in the current request (comes from
  * bookmarklet or admin area
  * Returns an array with status info:
  * status = 'added', 'error', 'newcategory'
  * @static
  * Used by xmlHTTPRequest AutoDraft
 function createDraftFromRequest()
     global $member, $manager;
     $i_author = $member->getID();
     $i_body = postVar('body');
     $i_title = postVar('title');
     $i_more = postVar('more');
     if (strtoupper(_CHARSET) != 'UTF-8') {
         $i_body = mb_convert_encoding($i_body, _CHARSET, "UTF-8");
         $i_title = mb_convert_encoding($i_title, _CHARSET, "UTF-8");
         $i_more = mb_convert_encoding($i_more, _CHARSET, "UTF-8");
     //$i_actiontype = postVar('actiontype');
     $i_closed = intPostVar('closed');
     //$i_hour = intPostVar('hour');
     //$i_minutes = intPostVar('minutes');
     //$i_month = intPostVar('month');
     //$i_day = intPostVar('day');
     //$i_year = intPostVar('year');
     $i_catid = postVar('catid');
     $i_draft = 1;
     $type = postVar('type');
     if ($type == 'edit') {
         $i_blogid = getBlogIDFromItemID(intPostVar('itemid'));
     } else {
         $i_blogid = intPostVar('blogid');
     $i_draftid = intPostVar('draftid');
     if (!$member->canAddItem($i_catid)) {
         return array('status' => 'error', 'message' => _ERROR_DISALLOWED);
     if (!trim($i_body)) {
         return array('status' => 'error', 'message' => _ERROR_NOEMPTYITEMS);
     // create new category if needed
     if (strstr($i_catid, 'newcat')) {
         // Set in default category
         $blog =& $manager->getBlog($i_blogid);
         $i_catid = $blog->getDefaultCategory();
     } else {
         // force blogid (must be same as category id)
         $i_blogid = getBlogIDFromCatID($i_catid);
         $blog =& $manager->getBlog($i_blogid);
     $posttime = 0;
     if ($i_draftid > 0) {
         ITEM::update($i_draftid, $i_catid, $i_title, $i_body, $i_more, $i_closed, 1, 0, 0);
         $itemid = $i_draftid;
     } else {
         $itemid = $blog->additem($i_catid, $i_title, $i_body, $i_more, $i_blogid, $i_author, $posttime, $i_closed, $i_draft);
     // No plugin support in AutoSaveDraft yet
     //Setting the itemOptions
     //$aOptions = requestArray('plugoption');
     //NucleusPlugin::_applyPluginOptions($aOptions, $itemid);
     //$manager->notify('PostPluginOptionsUpdate',array('context' => 'item', 'itemid' => $itemid, 'item' => array('title' => $i_title, 'body' => $i_body, 'more' => $i_more, 'closed' => $i_closed, 'catid' => $i_catid)));
     // success
     return array('status' => 'added', 'draftid' => $itemid);
 * Updates an item. Username and password are required to login
function _edititem($itemid, $username, $password, $catid, $title, $body, $more, $wasdraft, $publish, $closed)
    global $manager;
    // 1. login
    $mem = new MEMBER();
    if (!$mem->login($username, $password)) {
        return _error(1, "Could not log in");
    // 2. check if allowed to add to blog
    if (!$manager->existsItem($itemid, 1, 1)) {
        return _error(6, "No such item ({$itemid})");
    if (!$mem->canAlterItem($itemid)) {
        return _error(7, "Not allowed to alter item");
    if (strtolower(_CHARSET) != 'utf-8') {
        $title = mb_convert_encoding($title, _CHARSET, _CHARSET . ",UTF-8");
        $body = mb_convert_encoding($body, _CHARSET, _CHARSET . ",UTF-8");
        $more = mb_convert_encoding($more, _CHARSET, _CHARSET . ",UTF-8");
    // 3. update item
    ITEM::update($itemid, $catid, $title, $body, $more, $closed, $wasdraft, $publish, 0);
    return new xmlrpcresp(new xmlrpcval(1, "boolean"));
function bm_doEditItem()
    global $member, $manager, $CONF;
    $itemid = intRequestVar('itemid');
    $catid = postVar('catid');
    // only allow if user is allowed to alter item
    if (!$member->canUpdateItem($itemid, $catid)) {
    $body = postVar('body');
    $title = postVar('title');
    $more = postVar('more');
    $closed = intPostVar('closed');
    $actiontype = postVar('actiontype');
    $draftid = intPostVar('draftid');
    // redirect to admin area on delete (has delete confirmation)
    if ($actiontype == 'delete') {
        redirect('index.php?action=itemdelete&itemid=' . $itemid);
    // create new category if needed (only on edit/changedate)
    if (strstr($catid, 'newcat')) {
        // get blogid
        list($blogid) = sscanf($catid, "newcat-%d");
        // create
        $blog =& $manager->getBlog($blogid);
        $catid = $blog->createNewCategory();
        // show error when sth goes wrong
        if (!$catid) {
    // only edit action is allowed for bookmarklet edit
    switch ($actiontype) {
        case 'changedate':
            $publish = 1;
            $wasdraft = 0;
            $timestamp = mktime(intPostVar('hour'), intPostVar('minutes'), 0, intPostVar('month'), intPostVar('day'), intPostVar('year'));
        case 'edit':
            $publish = 1;
            $wasdraft = 0;
            $timestamp = 0;
        case 'backtodrafts':
            $publish = 0;
            $wasdraft = 0;
            $timestamp = 0;
    // update item for real
    ITEM::update($itemid, $catid, $title, $body, $more, $closed, $wasdraft, $publish, $timestamp);
    if ($draftid > 0) {
    // show success message
    if ($catid != intPostVar('catid')) {
        $href = 'index.php?action=categoryedit&blogid=' . $blog->getID() . '&catid=' . $catid;
        $onclick = 'if (event && event.preventDefault) event.preventDefault(); window.open(this.href); return false;';
        $title = _BOOKMARKLET_NEW_WINDOW;
        $aTag = ' <a href="' . $href . '" onclick="' . $onclick . '" title="' . $title . '">';
    } else {
        bm_message(_ITEM_UPDATED, _ITEM_UPDATED, _ITEM_UPDATED, '');