From c957fe0aab54531d5ceb13718ecff078f3c9f5cb Mon Sep 17 00:00:00 2001 From: Kjartan Mannes Date: Fri, 4 Jun 2004 18:00:48 +0000 Subject: [PATCH] - Commited patch #4878: Support file uploads via blogapi. --- includes/file.inc | 31 +++++++++++++++++++++++++++++++ modules/blogapi.module | 24 +++++++++++++++++++++--- modules/blogapi/blogapi.module | 24 +++++++++++++++++++++--- 3 files changed, 73 insertions(+), 6 deletions(-) diff --git a/includes/file.inc b/includes/file.inc index 8994ea9d286..79f1b3f22c0 100644 --- a/includes/file.inc +++ b/includes/file.inc @@ -288,6 +288,37 @@ function file_save_upload($source, $dest = 0, $replace = 0) { return 0; } +/** + * Save a string to the specified destination + * + * @param $data A string containing the contents of the file + * @param $dest A string containing the destination location + * + * @return A string containing the resulting filename or 0 on error + */ +function file_save_data($data, $dest, $replace = 0) { + if (!valid_input_data($data)) { + watchdog('error', t('Possible exploit abuse: invalid data.')); + drupal_set_message(t("file upload failed: invalid data."), 'error'); + return 0; + } + + $temp = variable_get('file_directory_temp', (PHP_OS == 'WINNT' ? 'c:\\windows\\temp' : '/tmp')); + $file = tempnam($temp, 'file'); + if (!$fp = fopen($file, 'w')) { + drupal_set_message(t('unable to create file.'), 'error'); + return 0; + } + fwrite($fp, $data); + fclose($fp); + + if (!file_move($file, $dest)) { + return 0; + } + + return $file; +} + /** * Transfer file using http to client. Pipes a file through Drupal to the * client. diff --git a/modules/blogapi.module b/modules/blogapi.module index 8d5fa3089b9..15c68c01c85 100644 --- a/modules/blogapi.module +++ b/modules/blogapi.module @@ -247,11 +247,29 @@ function blogapi_delete_post($req_params) { /** * Blogging API callback. Inserts a file into Drupal. - * - * This has yet to be implemented. */ function blogapi_new_media_object($req_params) { - return blogapi_error('not implemented'); + $params = blogapi_convert($req_params); + + $user = blogapi_validate_user($params[1], $params[2]); + if (!$user->uid) { + return blogapi_error($user); + } + + $name = basename($params[3]['name']); + $data = $params[3]['bits']; + + if (!$data) { + return blogapi_error(t('No file sent')); + } + + if (!$file = file_save_data($data, $name)) { + return blogapi_error(t('Error storing file')); + } + + // Return the successful result. + $result = new xmlrpcval(array('url' => new xmlrpcval(file_create_url($file), 'string')), 'struct'); + return new xmlrpcresp($result); } /** diff --git a/modules/blogapi/blogapi.module b/modules/blogapi/blogapi.module index 8d5fa3089b9..15c68c01c85 100644 --- a/modules/blogapi/blogapi.module +++ b/modules/blogapi/blogapi.module @@ -247,11 +247,29 @@ function blogapi_delete_post($req_params) { /** * Blogging API callback. Inserts a file into Drupal. - * - * This has yet to be implemented. */ function blogapi_new_media_object($req_params) { - return blogapi_error('not implemented'); + $params = blogapi_convert($req_params); + + $user = blogapi_validate_user($params[1], $params[2]); + if (!$user->uid) { + return blogapi_error($user); + } + + $name = basename($params[3]['name']); + $data = $params[3]['bits']; + + if (!$data) { + return blogapi_error(t('No file sent')); + } + + if (!$file = file_save_data($data, $name)) { + return blogapi_error(t('Error storing file')); + } + + // Return the successful result. + $result = new xmlrpcval(array('url' => new xmlrpcval(file_create_url($file), 'string')), 'struct'); + return new xmlrpcresp($result); } /**