function _newMediaObject($blogid, $username, $password, $info) { global $CONF, $DIR_MEDIA, $DIR_LIBS; // - login $mem = new MEMBER(); if (!$mem->login($username, $password)) { return _error(1, 'Could not log in'); } // - check if team member if (!BLOG::existsID($blogid)) { return _error(2, "No such blog ({$blogid})"); } if (!$mem->teamRights($blogid)) { return _error(3, 'Not a team member'); } $b = new BLOG($blogid); // - decode data $data = $info['bits']; // decoding was done transparantly by xmlrpclib // - check filesize if (strlen($data) > $CONF['MaxUploadSize']) { return _error(9, 'filesize is too big'); } // - check if filetype is allowed (check filename) $filename = $info['name']; $ok = 0; $allowedtypes = explode(',', $CONF['AllowedTypes']); foreach ($allowedtypes as $type) { //if (eregi("\." .$type. "$",$filename)) $ok = 1; if (preg_match("#\\." . $type . "\$#i", $filename)) { $ok = 1; } } if (!$ok) { _error(8, 'Filetype is not allowed'); } // - add file to media library //include_once($DIR_LIBS . 'MEDIA.php'); // media classes include_libs('MEDIA.php', true, false); // always use private media library of member $collection = $mem->getID(); // prefix filename with current date (YYYY-MM-DD-) // this to avoid nameclashes if ($CONF['MediaPrefix']) { $filename = strftime("%Y%m%d-", time()) . $filename; } $res = MEDIA::addMediaObjectRaw($collection, $filename, $data); if ($res) { return _error(10, $res); } // - return URL $urlstruct = new xmlrpcval(array("url" => new xmlrpcval($CONF['MediaURL'] . $collection . '/' . $filename, 'string')), 'struct'); return new xmlrpcresp($urlstruct); }