From: garvinhicking Date: Thu, 11 Aug 2005 09:28:54 +0000 (+0000) Subject: Unbundle XMLRPC X-Git-Tag: 0.9~220 X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=96dd50c6902014f68b893de4878dd8862fe80453;p=s9y.git Unbundle XMLRPC --- diff --git a/docs/NEWS b/docs/NEWS index e5c4af0..54a3d6f 100644 --- a/docs/NEWS +++ b/docs/NEWS @@ -3,6 +3,14 @@ Version 0.9 () ------------------------------------------------------------------------ + * Unbundle Serendipity XML-RPC functions from the bundled distribution. + You will now need to install the additional plugin "Post via XML-RPC" + (serendipity_event_xmlrpc) to make entry posts via this interface. + The ongoing security issues with this interface and the little usage + of this functionality by the broad public have forced this move. + After installing this plugin you can use the same URL and nothing + will change for XML-RPC users. (garvinhicking) + * New Plugin API Hook "frontend_calendar" which allows to hook into sidebar calendar creation. Needs to be enabled in the calendar plugin configuration and needs a patch to the plugin_calendar.tpl diff --git a/serendipity_xmlrpc.php b/serendipity_xmlrpc.php index cbb8b3e..f5e793e 100644 --- a/serendipity_xmlrpc.php +++ b/serendipity_xmlrpc.php @@ -2,576 +2,11 @@ # Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team) # All rights reserved. See LICENSE file for licensing details -$debug_xmlrpc = false; -if ($debug_xmlrpc) { - $fp = fopen('rpc.log', 'a'); - fwrite($fp, '[' . date('d.m.Y H:i') . ']' . print_r($HTTP_RAW_POST_DATA, true)); - fclose($fp); - ob_start(); -} - require_once 'serendipity_config.inc.php'; -require_once 'bundled-libs/XML/RPC/Server.php'; - -$dispatches = array( - /* BLOGGER API */ - 'blogger.getUsersBlogs' => - array('function' => 'blogger_getUsersBlogs'), - 'blogger.getUserInfo' => - array('function' => 'blogger_getUserInfo'), - 'blogger.newPost' => - array('function' => 'blogger_newPost'), - 'blogger.editPost' => - array('function' => 'blogger_editPost'), - 'blogger.deletePost' => - array('function' => 'blogger_deletePost'), - 'blogger.getRecentPosts' => - array('function' => 'blogger_getRecentPosts'), - 'blogger.getPost' => - array('function' => 'blogger_getPost'), - - /* MT/metaWeblog API */ - 'metaWeblog.newPost' => - array('function' => 'metaWeblog_newPost'), - 'metaWeblog.editPost' => - array('function' => 'metaWeblog_editPost'), - 'metaWeblog.getPost' => - array('function' => 'metaWeblog_getPost'), - 'metaWeblog.deletePost' => - array('function' => 'metaWeblog_deletePost'), - 'metaWeblog.setPostCategories' => - array('function' => 'metaWeblog_setPostCategories'), - 'metaWeblog.getPostCategories' => - array('function' => 'metaWeblog_getPostCategories'), - 'metaWeblog.newMediaObject' => - array('function' => 'metaWeblog_newMediaObject'), - 'metaWeblog.getRecentPosts' => - array('function' => 'metaWeblog_getRecentPosts'), - 'mt.getRecentPostTitles' => - array('function' => 'mt_getRecentPostTitles'), - 'mt.getCategoryList' => - array('function' => 'mt_getCategoryList'), - 'mt.getPostCategories' => - array('function' => 'metaWeblog_getPostCategories'), - 'mt.setPostCategories' => - array('function' => 'metaWeblog_setPostCategories'), - 'mt.supportedTextFilters' => - array('function' => 'mt_supportedTextFilters'), - 'mt.publishPost' => - array('function' => 'metaWeblog_publishPost')); - -function blogger_getUsersBlogs($message) { - global $serendipity; - - $val = $message->params[1]; - $username = $val->getval(); - $val = $message->params[2]; - $password = $val->getval(); - if (!serendipity_authenticate_author($username, $password)) { - return new XML_RPC_Response('', 4, 'Authentication Failed'); - } - $blog1 = new XML_RPC_Value( - array('url' => new XML_RPC_Value($serendipity['baseURL']), - 'blogid' => new XML_RPC_Value('1'), - 'blogName' => new XML_RPC_Value($serendipity['blogTitle'])), - 'struct'); - $blogs = new XML_RPC_Value( array($blog1), 'array'); - $r = new XML_RPC_Response($blogs); - return($r); -} - -function blogger_getUserInfo($message) { - global $serendipity; - $val = $message->params[1]; - $username = $val->getval(); - $val = $message->params[2]; - $password = $val->getval(); - if (!serendipity_authenticate_author($username, $password)) { - return new XML_RPC_Response('', 4, 'Authentication Failed'); - } - $userdata = new XML_RPC_Value( - array('nickname' => new XML_RPC_Value($serendipity['serendipityUser']), - 'userid' => new XML_RPC_Value($serendipity['authorid'], 'string'), - 'url' => new XML_RPC_Value($serendipity['baseURL']), - 'email' => new XML_RPC_Value($serendipity['serendipityEmail']), - 'lastname' => new XML_RPC_Value(''), - 'firstname' => new XML_RPC_Value('')), - 'struct'); - $r = new XML_RPC_Response($userdata); - return($r); -} - -function blogger_getRecentPosts($message) { - $val = $message->params[2]; - $username = $val->getval(); - $val = $message->params[3]; - $password = $val->getval(); - $val = $message->params[4]; - $numposts = $val->getval(); - if (!serendipity_authenticate_author($username, $password)) { - return new XML_RPC_Response('', 4, 'Authentication Failed'); - } - $entries = serendipity_fetchEntries('', false, $numposts); - $xml_entries_vals = array(); - foreach ((array) $entries as $entry ) { - $xml_entries_vals[] = new XML_RPC_Value( - array( - 'postid' => new XML_RPC_Value($entry['id'], 'string'), - 'title' => new XML_RPC_Value($entry['title'], 'string'), - 'content' => new XML_RPC_Value($entry['body'], 'string'), - 'userid' => new XML_RPC_Value($entry['authorid'], 'string'), - 'dateCreated' => new XML_RPC_Value(XML_RPC_iso8601_encode($entry['timestamp']), 'dateTime.iso8601') - ), 'struct'); - } - $xml_entries = new XML_RPC_Value($xml_entries_vals, 'array'); - return new XML_RPC_Response($xml_entries); -} - -function blogger_getPost($message) { - global $serendipity; - $val = $message->params[1]; - $postid = $val->getval(); - $val = $message->params[2]; - $username = $val->getval(); - $val = $message->params[3]; - $password = $val->getval(); - if (!serendipity_authenticate_author($username, $password)) { - return new XML_RPC_Response('', 4, 'Authentication Failed'); - } - - $entry = serendipity_fetchEntry('id', $postid); - $entry = new XML_RPC_Value(blogger_setEntry($entry), 'struct'); - return new XML_RPC_Response($entry); -} - -function mt_getCategoryList($message) { - global $serendipity; - - $val = $message->params[1]; - $username = $val->getval(); - $val = $message->params[2]; - $password = $val->getval(); - if (!serendipity_authenticate_author($username, $password)) { - return new XML_RPC_Response('', 4, 'Authentication Failed'); - } - $cats = serendipity_fetchCategories($serendipity['authorid']); - $xml_entries_vals = array(); - foreach ((array) $cats as $cat ) { - $xml_entries_vals[] = new XML_RPC_Value( - array( - 'categoryId' => new XML_RPC_Value($cat['categoryid'], 'string'), - 'categoryName' => new XML_RPC_Value($cat['category_name'], 'string') - ), - 'struct' - ); - } - $xml_entries = new XML_RPC_Value($xml_entries_vals, 'array'); - return new XML_RPC_Response($xml_entries); -} - -function metaWeblog_getRecentPosts($message) { - $val = $message->params[1]; - $username = $val->getval(); - $val = $message->params[2]; - $password = $val->getval(); - $val = $message->params[3]; - $numposts = $val->getval(); - if (!serendipity_authenticate_author($username, $password)) { - return new XML_RPC_Response('', 4, 'Authentication Failed'); - } - $entries = serendipity_fetchEntries('', false, $numposts); - $xml_entries_vals = array(); - - foreach ((array)$entries as $tentry) { - $entry = serendipity_fetchEntry('id', $tentry['id']); - $xml_entries_vals[] = new XML_RPC_Value( - array( - 'dateCreated' => new XML_RPC_Value(XML_RPC_iso8601_encode($entry['timestamp']), 'dateTime.iso8601'), - 'postid' => new XML_RPC_Value($entry['id'], 'string'), - 'userid' => new XML_RPC_Value($entry['authorid'], 'string'), - 'description' => new XML_RPC_Value($entry['body'], 'string'), - 'mt_excerpt' => new XML_RPC_Value('', 'string'), - 'mt_allow_comments' => new XML_RPC_Value(1, 'int'), - 'mt_text_more' => new XML_RPC_Value($entry['extended'], 'string' ), - 'mt_allow_pings' => new XML_RPC_Value(1, 'int'), - 'mt_convert_breaks' => new XML_RPC_Value('', 'string'), - 'mt_keywords' => new XML_RPC_Value('', 'string'), - 'title' => new XML_RPC_Value($entry['title'],'string'), - 'permalink' => new XML_RPC_Value(serendipity_archiveURL($entry['id'], $entry['title'], 'serendipityHTTPPath', true, array('timestamp' => $entry['timestamp'])), 'string'), - 'link' => new XML_RPC_Value(serendipity_archiveURL($entry['id'], $entry['title'], 'serendipityHTTPPath', true, array('timestamp' => $entry['timestamp'])), 'string') - ), - 'struct'); - - } - $xml_entries = new XML_RPC_Value($xml_entries_vals, 'array'); - return new XML_RPC_Response($xml_entries); - -} -function mt_getRecentPostTitles($message) { - $val = $message->params[1]; - $username = $val->getval(); - $val = $message->params[2]; - $password = $val->getval(); - $val = $message->params[3]; - $numposts = $val->getval(); - if (!serendipity_authenticate_author($username, $password)) { - return new XML_RPC_Response('', 4, 'Authentication Failed'); - } - $entries = serendipity_fetchEntries('', false, $numposts); - $xml_entries_vals = array(); - foreach ((array)$entries as $entry) { - $xml_entries_vals[] = new XML_RPC_Value( - array( - 'postid' => new XML_RPC_Value($entry['id'], 'string'), - 'title' => new XML_RPC_Value($entry['title'], 'string'), - 'userid' => new XML_RPC_Value($entry['authorid'], 'string'), - 'dateCreated' => new XML_RPC_Value(XML_RPC_iso8601_encode($entry['timestamp']), 'dateTime.iso8601') - ), - 'struct'); - } - $xml_entries = new XML_RPC_Value($xml_entries_vals, 'array'); - return new XML_RPC_Response($xml_entries); -} - -function mt_supportedTextFilters($message) { - # we support no text filters currently - return new XML_RPC_Response(new XML_RPC_Value(array(), 'array')); -} - -function blogger_newPost($message) { - global $serendipity; - $val = $message->params[2]; - $username = $val->getval(); - $val = $message->params[3]; - $password = $val->getval(); - if (!serendipity_authenticate_author($username, $password)) { - return new XML_RPC_Response('', 4, 'Authentication Failed'); - } - $val = $message->params[4]; - $entry['body'] = $val->getval(); - $val = $message->params[5]; - $topublish = $val->getval(); - if ($topublish == 1){ - $entry['isdraft'] = 'false'; - } else { $entry['isdraft'] = 'true'; } - - $entry['allow_comments'] = $serendipity['allowCommentsDefault']; - $entry['moderate_comments'] = $serendipity['moderateCommentsDefault']; - $id = serendipity_updertEntry($entry); - return new XML_RPC_Response(new XML_RPC_Value($id, 'string')); -} - -function blogger_editPost($message) { - $val = $message->params[1]; - $entry['id'] = $val->getval(); - $val = $message->params[2]; - $username = $val->getval(); - $val = $message->params[3]; - $password = $val->getval(); - if (!serendipity_authenticate_author($username, $password)) { - return new XML_RPC_Response('', 4, 'Authentication Failed'); - } - $val = $message->params[4]; - $entry['body'] = $val->getval(); - $entry['author'] = $username; - $id = serendipity_updertEntry($entry); - return new XML_RPC_Response(new XML_RPC_Value($id, 'string')); -} - -function blogger_deletePost($message) { - $val = $message->params[1]; - $entry['id'] = $val->getval(); - $val = $message->params[2]; - $username = $val->getval(); - $val = $message->params[3]; - $password = $val->getval(); - if (!serendipity_authenticate_author($username, $password)) { - return new XML_RPC_Response('', 4, 'Authentication Failed'); - } - - $id = serendipity_deleteEntry($entry['id']); - return new XML_RPC_Response(new XML_RPC_Value(1, 'boolean')); -} - -function universal_fetchCategories($post_categories) { - global $serendipity; - - $categories = array(); - if (is_array($post_categories)) { - foreach($post_categories AS $cat_id => $cat_obj) { - if (is_object($cat_obj)) { - $cat_name = $cat_obj->getval(); - $cat = serendipity_fetchCategories(null, $cat_name); - if (isset($cat[0]['categoryid'])) { - $categories[$cat[0]['categoryid']] = $cat[0]['categoryid']; - } - } elseif (is_array($cat_obj) && isset($cat_obj['categoryId'])) { - $cat_id = $cat_obj['categoryId']->getval(); - $categories[$cat_id] = $cat_id; - } - } - } - - return $categories; -} - -function metaWeblog_newPost($message) { - global $serendipity; - $val = $message->params[1]; - $username = $val->getval(); - $val = $message->params[2]; - $password = $val->getval(); - - if (!serendipity_authenticate_author($username, $password)) { - return new XML_RPC_Response('', 4, 'Authentication Failed'); - } - - $val = $message->params[3]; - $post_array = $val->getval(); - $val = $message->params[4]; - $publish = $val->getval(); - - - $entry['categories'] = universal_fetchCategories($post_array['categories']); - $entry['title'] = $post_array['title']; - $entry['body'] = $post_array['description']; - $entry['extended'] = $post_array['mt_text_more']; - $entry['isdraft'] = ($publish == 0) ? 'true' : 'false'; - if (isset($post_array['mt_allow_comments'])) { - $entry['allow_comments'] = $post_array['mt_allow_comments']; - } else { - $entry['allow_comments'] = $serendipity['allowCommentsDefault']; - } - - $entry['moderate_comments'] = $serendipity['moderateCommentsDefault']; - - $id = serendipity_updertEntry($entry); - - return new XML_RPC_Response(new XML_RPC_Value($id, 'string')); -} -function metaWeblog_publishPost($message) { - global $serendipity; - - $val = $message->params[0]; - $postid = $val->getval(); - $val = $message->params[1]; - $username = $val->getval(); - $val = $message->params[2]; - $password = $val->getval(); - - if (!serendipity_authenticate_author($username, $password)) { - return new XML_RPC_Response('', 4, 'Authentication Failed'); - } - - $entry['isdraft'] = 'false'; - $entry['id'] = $postid; - - $id = serendipity_updertEntry($entry); - return new XML_RPC_Response(new XML_RPC_Value($id ? true : false, 'boolean')); -} - -function metaWeblog_editPost($message) { - global $serendipity; - - $val = $message->params[0]; - $postid = $val->getval(); - $val = $message->params[1]; - $username = $val->getval(); - $val = $message->params[2]; - $password = $val->getval(); - - if (!serendipity_authenticate_author($username, $password)) { - return new XML_RPC_Response('', 4, 'Authentication Failed'); - } - - $val = $message->params[3]; - $post_array = $val->getval(); - $val = $message->params[4]; - $publish = $val->getval(); - - if (isset($post_array['categories'])) { - $entry['categories'] = universal_fetchCategories($post_array['categories']); - } - $entry['title'] = $post_array['title']; - $entry['body'] = $post_array['description']; - $entry['extended'] = $post_array['mt_text_more']; - $entry['isdraft'] = ($publish == 0) ? 'true' : 'false'; - $entry['author'] = $username; - $entry['authorid'] = $serendipity['authorid']; - $entry['id'] = $postid; - - $id = serendipity_updertEntry($entry); - return new XML_RPC_Response(new XML_RPC_Value($id ? true : false, 'boolean')); -} - - -function metaWeblog_getPost($message) { - global $serendipity; - $val = $message->params[0]; - $postid = $val->getval(); - $val = $message->params[1]; - $username = $val->getval(); - $val = $message->params[2]; - $password = $val->getval(); - if (!serendipity_authenticate_author($username, $password)) { - return new XML_RPC_Response('', 4, 'Authentication Failed'); - } - - $entry = serendipity_fetchEntry('id', $postid); - - $tmp = new XML_RPC_Value(array( - 'userid' => new XML_RPC_Value($entry['authorid'], 'string'), - 'dateCreated' => new XML_RPC_Value(XML_RPC_iso8601_encode($entry['timestamp']), 'dateTime.iso8601'), - 'postid' => new XML_RPC_Value($postid, 'string'), - 'description' => new XML_RPC_Value($entry['body'], 'string'), - 'title' => new XML_RPC_Value($entry['title'],'string'), - 'link' => new XML_RPC_Value(serendipity_archiveURL($entry['id'], $entry['title'], 'baseURL', true, array('timestamp' => $entry['timestamp'])), 'string'), - 'permalink' => new XML_RPC_Value(serendipity_archiveURL($entry['id'], $entry['title'], 'baseURL', true, array('timestamp' => $entry['timestamp'])), 'string'), - 'mt_excerpt' => new XML_RPC_Value($entry['excerpt'], 'string'), - 'mt_text_more' => new XML_RPC_Value($entry['extended'], 'string'), - 'mt_allow_comments' => new XML_RPC_Value(($entry['allow_comments'] == true ? 1 : 0), 'int'), - 'mt_allow_pings' => new XML_RPC_Value(($entry['mt_allow_pings'] == true ? 1 : 0), 'int'), - 'mt_convert_breaks' => new XML_RPC_Value($entry['mt_convert_breaks'], 'string'), - 'mt_keywords' => new XML_RPC_Value($entry['mt_keywords'], 'string')), 'struct'); - - return new XML_RPC_Response($tmp); -} - -function metaWeblog_deletePost($message) { - $val = $message->params[1]; - $entry['id'] = $val->getval(); - $val = $message->params[2]; - $username = $val->getval(); - $val = $message->params[3]; - $password = $val->getval(); - if (!serendipity_authenticate_author($username, $password)) { - return new XML_RPC_Response('', 4, 'Authentication Failed'); - } - $val = $message->params[4]; - $entry['body'] = $val->getval(); - $entry['author'] = $username; - $id = serendipity_deleteEntry($entry['id']); - return new XML_RPC_Response(new XML_RPC_Value(1, 'boolean')); -} - -function metaWeblog_setPostCategories($message) { - global $serendipity; - $val = $message->params[0]; - $postid = $val->getval(); - $val = $message->params[1]; - $username = $val->getval(); - $val = $message->params[2]; - $password = $val->getval(); - $categories = $message->params[3]; - - if (!serendipity_authenticate_author($username, $password)) { - return new XML_RPC_Response('', 4, 'Authentication Failed'); - } - - $category_ids = universal_fetchCategories($categories->getval(), true); - $entry = serendipity_fetchEntry ( 'id', $postid ); - $entry['categories'] = $category_ids; - $entry = serendipity_updertEntry ( $entry ); - //serendipity_updateEntryCategories($postid, $category_ids); - return new XML_RPC_Response(new XML_RPC_Value(1, 'boolean')); -} - -function metaWeblog_getPostCategories($message) { - $val = $message->params[0]; - $postid = $val->getval(); - $val = $message->params[1]; - $username = $val->getval(); - $val = $message->params[2]; - $password = $val->getval(); - if (!serendipity_authenticate_author($username, $password)) { - return new XML_RPC_Response('', 4, 'Authentication Failed'); - } - - $entry = serendipity_fetchEntry('id', (int)$postid); - - $categories = array(); - if (is_array($entry['categories'])) { - foreach($entry['categories'] AS $i => $cat) { - $categories[] = new XML_RPC_Value( - array( - 'categoryId' => new XML_RPC_Value($cat['categoryid'], 'string'), - 'categoryName' => new XML_RPC_Value($cat['category_name'], 'string') - ), - 'struct' - ); - } - } - - return new XML_RPC_Response(new XML_RPC_Value($categories, 'array')); -} - -function metaWeblog_newMediaObject($message) { - global $serendipity; - $val = $message->params[0]; - $postid = $val->getval(); - $val = $message->params[1]; - $username = $val->getval(); - $val = $message->params[2]; - $password = $val->getval(); - $val = $message->params[3]; - $struct = $val->getval(); - if (!serendipity_authenticate_author($username, $password)) { - return new XML_RPC_Response('', 4, 'Authentication Failed'); - } - - $full = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $struct['name']; - - if (!is_dir(dirname($full))) { - @mkdir(dirname($full)); - } - - $fp = fopen($full, 'w'); - fwrite($fp, $struct['bits']); - fclose($fp); - $path = $serendipity['baseURL'] . $serendipity['uploadPath'] . $struct['name']; - return new XML_RPC_Response(new XML_RPC_Value(array('url' => new XML_RPC_Value($path, 'string')), 'struct')); -} - -function blogger_setEntry(&$entry) { - $tmp = array( - 'content' => new XML_RPC_Value($entry['extended'], 'string'), - ); - return universal_setEntry($entry, $tmp); -} - -function metaWeblog_setEntry(&$entry) { - $tmp = array( - 'mt_text_more' => new XML_RPC_Value($entry['extended'], 'string'), - ); - return universal_setEntry($entry, $tmp); -} - -function universal_setEntry(&$entry, &$tmp) { - $tmp = array( - 'dateCreated' => new XML_RPC_Value(XML_RPC_iso8601_encode($entry['timestamp']), 'dateTime.iso8601'), - 'postid' => new XML_RPC_Value($entry['id'], 'string'), - 'userid' => new XML_RPC_Value($entry['authorid'], 'string'), - 'description' => new XML_RPC_Value($entry['body'], 'string'), - 'mt_excerpt' => new XML_RPC_Value('', 'string'), - 'mt_allow_comments' => new XML_RPC_Value(1, 'int'), - 'mt_allow_pings' => new XML_RPC_Value(1, 'int'), - 'mt_convert_breaks' => new XML_RPC_Value('', 'string'), - 'mt_keywords' => new XML_RPC_Value('', 'string'), - 'title' => new XML_RPC_Value($entry['title'],'string'), - 'permalink' => new XML_RPC_Value(serendipity_rewriteURL(PATH_ARCHIVES.'/' . $entry['id']. '_.html', 'baseURL'), 'string'), - 'link' => new XML_RPC_Value(serendipity_rewriteURL(PATH_ARCHIVES.'/' . $entry['id'] . '_.html', 'baseURL'), 'string'), - ); - - return array_merge($entry, $tmp); -} +$data = array(); +serendipity_plugin_api::hook_event('frontend_xmlrpc', $data); -$server = new XML_RPC_Server($dispatches,1); -if ($debug_xmlrpc) { - $fp = fopen('rpc.log', 'a'); - fwrite($fp, ob_get_contents() . "\n---------------------------------------\n"); - fclose($fp); - ob_end_flush(); +if (count($data) == 0) { + die(XMLRPC_NO_LONGER_BUNDLED); } -/* vim: set sts=4 ts=4 expandtab : */ -?>