function _newMediaObject($blogid, $username, $password, $info)
{
global $CONF, $DIR_MEDIA, $DIR_LIBS;
// - login
$mem = new MEMBER();
if (!$mem->login($username, $password)) {
return _error(1, 'Could not log in');
}
// - check if team member
if (!BLOG::existsID($blogid)) {
return _error(2, "No such blog ({$blogid})");
}
if (!$mem->teamRights($blogid)) {
return _error(3, 'Not a team member');
}
$b = new BLOG($blogid);
// - decode data
$data = $info['bits'];
// decoding was done transparantly by xmlrpclib
// - check filesize
if (strlen($data) > $CONF['MaxUploadSize']) {
return _error(9, 'filesize is too big');
}
// - check if filetype is allowed (check filename)
$filename = $info['name'];
$ok = 0;
$allowedtypes = explode(',', $CONF['AllowedTypes']);
foreach ($allowedtypes as $type) {
//if (eregi("\." .$type. "$",$filename)) $ok = 1;
if (preg_match("#\\." . $type . "\$#i", $filename)) {
$ok = 1;
}
}
if (!$ok) {
_error(8, 'Filetype is not allowed');
}
// - add file to media library
//include_once($DIR_LIBS . 'MEDIA.php'); // media classes
include_libs('MEDIA.php', true, false);
// always use private media library of member
$collection = $mem->getID();
// prefix filename with current date (YYYY-MM-DD-)
// this to avoid nameclashes
if ($CONF['MediaPrefix']) {
$filename = strftime("%Y%m%d-", time()) . $filename;
}
$res = MEDIA::addMediaObjectRaw($collection, $filename, $data);
if ($res) {
return _error(10, $res);
}
// - return URL
$urlstruct = new xmlrpcval(array("url" => new xmlrpcval($CONF['MediaURL'] . $collection . '/' . $filename, 'string')), 'struct');
return new xmlrpcresp($urlstruct);
}
