$categories
EOD;
$this->output($output, $this->CATEGORIES_CONTENT_TYPE);
}
/*
* Create Post (No arguments)
*/
function create_post() {
global $blog_id, $user_ID;
$this->get_accepted_content_type($this->atom_content_types);
$parser = new AtomParser();
if(!$parser->parse()) {
$this->client_error();
}
$entry = array_pop($parser->feed->entries);
log_app('Received entry:', print_r($entry,true));
$catnames = array();
foreach($entry->categories as $cat)
array_push($catnames, $cat["term"]);
$wp_cats = get_categories(array('hide_empty' => false));
$post_category = array();
foreach($wp_cats as $cat) {
if(in_array($cat->name, $catnames))
array_push($post_category, $cat->term_id);
}
$publish = (isset($entry->draft) && trim($entry->draft) == 'yes') ? false : true;
$cap = ($publish) ? 'publish_posts' : 'edit_posts';
if(!current_user_can($cap))
$this->auth_required(__('Sorry, you do not have the right to edit/publish new posts.'));
$blog_ID = (int ) $blog_id;
$post_status = ($publish) ? 'publish' : 'draft';
$post_author = (int) $user_ID;
$post_title = $entry->title[1];
$post_content = $entry->content[1];
$post_excerpt = $entry->summary[1];
$pubtimes = $this->get_publish_time($entry->published);
$post_date = $pubtimes[0];
$post_date_gmt = $pubtimes[1];
if ( isset( $_SERVER['HTTP_SLUG'] ) )
$post_name = $_SERVER['HTTP_SLUG'];
$post_data = compact('blog_ID', 'post_author', 'post_date', 'post_date_gmt', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'post_name');
$this->escape($post_data);
log_app('Inserting Post. Data:', print_r($post_data,true));
$postID = wp_insert_post($post_data);
if ( is_wp_error( $postID ) )
$this->internal_error($postID->get_error_message());
if (!$postID)
$this->internal_error(__('Sorry, your entry could not be posted. Something wrong happened.'));
// getting warning here about unable to set headers
// because something in the cache is printing to the buffer
// could we clean up wp_set_post_categories or cache to not print
// this could affect our ability to send back the right headers
@wp_set_post_categories($postID, $post_category);
$output = $this->get_entry($postID);
log_app('function',"create_post($postID)");
$this->created($postID, $output);
}
function get_post($postID) {
global $entry;
if( !current_user_can( 'edit_post', $postID ) )
$this->auth_required( __( 'Sorry, you do not have the right to access this post.' ) );
$this->set_current_entry($postID);
$output = $this->get_entry($postID);
log_app('function',"get_post($postID)");
$this->output($output);
}
function put_post($postID) {
// checked for valid content-types (atom+xml)
// quick check and exit
$this->get_accepted_content_type($this->atom_content_types);
$parser = new AtomParser();
if(!$parser->parse()) {
$this->bad_request();
}
$parsed = array_pop($parser->feed->entries);
log_app('Received UPDATED entry:', print_r($parsed,true));
// check for not found
global $entry;
$this->set_current_entry($postID);
if(!current_user_can('edit_post', $entry['ID']))
$this->auth_required(__('Sorry, you do not have the right to edit this post.'));
$publish = (isset($parsed->draft) && trim($parsed->draft) == 'yes') ? false : true;
extract($entry);
$post_title = $parsed->title[1];
$post_content = $parsed->content[1];
$post_excerpt = $parsed->summary[1];
$pubtimes = $this->get_publish_time($parsed->published);
$post_date = $pubtimes[0];
$post_date_gmt = $pubtimes[1];
// let's not go backwards and make something draft again.
if(!$publish && $post_status == 'draft') {
$post_status = ($publish) ? 'publish' : 'draft';
} elseif($publish) {
$post_status = 'publish';
}
$postdata = compact('ID', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt', 'post_date', 'post_date_gmt');
$this->escape($postdata);
$result = wp_update_post($postdata);
if (!$result) {
$this->internal_error(__('For some strange yet very annoying reason, this post could not be edited.'));
}
log_app('function',"put_post($postID)");
$this->ok();
}
function delete_post($postID) {
// check for not found
global $entry;
$this->set_current_entry($postID);
if(!current_user_can('edit_post', $postID)) {
$this->auth_required(__('Sorry, you do not have the right to delete this post.'));
}
if ($entry['post_type'] == 'attachment') {
$this->delete_attachment($postID);
} else {
$result = wp_delete_post($postID);
if (!$result) {
$this->internal_error(__('For some strange yet very annoying reason, this post could not be deleted.'));
}
log_app('function',"delete_post($postID)");
$this->ok();
}
}
function get_attachment($postID = NULL) {
if( !current_user_can( 'upload_files' ) )
$this->auth_required( __( 'Sorry, you do not have the right to file uploads on this blog.' ) );
if (!isset($postID)) {
$this->get_attachments();
} else {
$this->set_current_entry($postID);
$output = $this->get_entry($postID, 'attachment');
log_app('function',"get_attachment($postID)");
$this->output($output);
}
}
function create_attachment() {
$type = $this->get_accepted_content_type();
if(!current_user_can('upload_files'))
$this->auth_required(__('You do not have permission to upload files.'));
$fp = fopen("php://input", "rb");
$bits = NULL;
while(!feof($fp)) {
$bits .= fread($fp, 4096);
}
fclose($fp);
$slug = '';
if ( isset( $_SERVER['HTTP_SLUG'] ) )
$slug = sanitize_file_name( $_SERVER['HTTP_SLUG'] );
elseif ( isset( $_SERVER['HTTP_TITLE'] ) )
$slug = sanitize_file_name( $_SERVER['HTTP_TITLE'] );
elseif ( empty( $slug ) ) // just make a random name
$slug = substr( md5( uniqid( microtime() ) ), 0, 7);
$ext = preg_replace( '|.*/([a-z0-9]+)|', '$1', $_SERVER['CONTENT_TYPE'] );
$slug = "$slug.$ext";
$file = wp_upload_bits( $slug, NULL, $bits);
log_app('wp_upload_bits returns:',print_r($file,true));
$url = $file['url'];
$file = $file['file'];
do_action('wp_create_file_in_uploads', $file); // replicate
// Construct the attachment array
$attachment = array(
'post_title' => $slug,
'post_content' => $slug,
'post_status' => 'attachment',
'post_parent' => 0,
'post_mime_type' => $type,
'guid' => $url
);
// Save the data
$postID = wp_insert_attachment($attachment, $file);
if (!$postID)
$this->internal_error(__('Sorry, your entry could not be posted. Something wrong happened.'));
$output = $this->get_entry($postID, 'attachment');
$this->created($postID, $output, 'attachment');
log_app('function',"create_attachment($postID)");
}
function put_attachment($postID) {
// checked for valid content-types (atom+xml)
// quick check and exit
$this->get_accepted_content_type($this->atom_content_types);
$parser = new AtomParser();
if(!$parser->parse()) {
$this->bad_request();
}
$parsed = array_pop($parser->feed->entries);
// check for not found
global $entry;
$this->set_current_entry($postID);
if(!current_user_can('edit_post', $entry['ID']))
$this->auth_required(__('Sorry, you do not have the right to edit this post.'));
extract($entry);
$post_title = $parsed->title[1];
$post_content = $parsed->content[1];
$postdata = compact('ID', 'post_content', 'post_title', 'post_category', 'post_status', 'post_excerpt');
$this->escape($postdata);
$result = wp_update_post($postdata);
if (!$result) {
$this->internal_error(__('For some strange yet very annoying reason, this post could not be edited.'));
}
log_app('function',"put_attachment($postID)");
$this->ok();
}
function delete_attachment($postID) {
log_app('function',"delete_attachment($postID). File '$location' deleted.");
// check for not found
global $entry;
$this->set_current_entry($postID);
if(!current_user_can('edit_post', $postID)) {
$this->auth_required(__('Sorry, you do not have the right to delete this post.'));
}
$location = get_post_meta($entry['ID'], '_wp_attached_file', true);
$filetype = wp_check_filetype($location);
if(!isset($location) || 'attachment' != $entry['post_type'] || empty($filetype['ext']))
$this->internal_error(__('Error ocurred while accessing post metadata for file location.'));
// delete file
@unlink($location);
// delete attachment
$result = wp_delete_post($postID);
if (!$result) {
$this->internal_error(__('For some strange yet very annoying reason, this post could not be deleted.'));
}
log_app('function',"delete_attachment($postID). File '$location' deleted.");
$this->ok();
}
function get_file($postID) {
// check for not found
global $entry;
$this->set_current_entry($postID);
// then whether user can edit the specific post
if(!current_user_can('edit_post', $postID)) {
$this->auth_required(__('Sorry, you do not have the right to edit this post.'));
}
$location = get_post_meta($entry['ID'], '_wp_attached_file', true);
$filetype = wp_check_filetype($location);
if(!isset($location) || 'attachment' != $entry['post_type'] || empty($filetype['ext']))
$this->internal_error(__('Error ocurred while accessing post metadata for file location.'));
status_header('200');
header('Content-Type: ' . $entry['post_mime_type']);
header('Connection: close');
$fp = fopen($location, "rb");
while(!feof($fp)) {
echo fread($fp, 4096);
}
fclose($fp);
log_app('function',"get_file($postID)");
exit;
}
function put_file($postID) {
// first check if user can upload
if(!current_user_can('upload_files'))
$this->auth_required(__('You do not have permission to upload files.'));
// check for not found
global $entry;
$this->set_current_entry($postID);
// then whether user can edit the specific post
if(!current_user_can('edit_post', $postID)) {
$this->auth_required(__('Sorry, you do not have the right to edit this post.'));
}
$location = get_post_meta($entry['ID'], '_wp_attached_file', true);
$filetype = wp_check_filetype($location);
if(!isset($location) || 'attachment' != $entry['post_type'] || empty($filetype['ext']))
$this->internal_error(__('Error ocurred while accessing post metadata for file location.'));
$fp = fopen("php://input", "rb");
$localfp = fopen($location, "w+");
while(!feof($fp)) {
fwrite($localfp,fread($fp, 4096));
}
fclose($fp);
fclose($localfp);
$ID = $entry['ID'];
$pubtimes = $this->get_publish_time($entry->published);
$post_date = $pubtimes[0];
$post_date_gmt = $pubtimes[1];
$post_data = compact('ID', 'post_date', 'post_date_gmt');
$result = wp_update_post($post_data);
if (!$result) {
$this->internal_error(__('Sorry, your entry could not be posted. Something wrong happened.'));
}
log_app('function',"put_file($postID)");
$this->ok();
}
function get_entries_url($page = NULL) {
if($GLOBALS['post_type'] == 'attachment') {
$path = $this->MEDIA_PATH;
} else {
$path = $this->ENTRIES_PATH;
}
$url = $this->app_base . $path;
if(isset($page) && is_int($page)) {
$url .= "/$page";
}
return $url;
}
function the_entries_url($page = NULL) {
echo $this->get_entries_url($page);
}
function get_categories_url($deprecated = '') {
return $this->app_base . $this->CATEGORIES_PATH;
}
function the_categories_url() {
echo $this->get_categories_url();
}
function get_attachments_url($page = NULL) {
$url = $this->app_base . $this->MEDIA_PATH;
if(isset($page) && is_int($page)) {
$url .= "/$page";
}
return $url;
}
function the_attachments_url($page = NULL) {
echo $this->get_attachments_url($page);
}
function get_service_url() {
return $this->app_base . $this->SERVICE_PATH;
}
function get_entry_url($postID = NULL) {
if(!isset($postID)) {
global $post;
$postID = (int) $post->ID;
}
$url = $this->app_base . $this->ENTRY_PATH . "/$postID";
log_app('function',"get_entry_url() = $url");
return $url;
}
function the_entry_url($postID = NULL) {
echo $this->get_entry_url($postID);
}
function get_media_url($postID = NULL) {
if(!isset($postID)) {
global $post;
$postID = (int) $post->ID;
}
$url = $this->app_base . $this->MEDIA_SINGLE_PATH ."/file/$postID";
log_app('function',"get_media_url() = $url");
return $url;
}
function the_media_url($postID = NULL) {
echo $this->get_media_url($postID);
}
function set_current_entry($postID) {
global $entry;
log_app('function',"set_current_entry($postID)");
if(!isset($postID)) {
// $this->bad_request();
$this->not_found();
}
$entry = wp_get_single_post($postID,ARRAY_A);
if(!isset($entry) || !isset($entry['ID']))
$this->not_found();
return;
}
function get_posts($page = 1, $post_type = 'post') {
log_app('function',"get_posts($page, '$post_type')");
$feed = $this->get_feed($page, $post_type);
$this->output($feed);
}
function get_attachments($page = 1, $post_type = 'attachment') {
log_app('function',"get_attachments($page, '$post_type')");
$GLOBALS['post_type'] = $post_type;
$feed = $this->get_feed($page, $post_type);
$this->output($feed);
}
function get_feed($page = 1, $post_type = 'post') {
global $post, $wp, $wp_query, $posts, $wpdb, $blog_id;
log_app('function',"get_feed($page, '$post_type')");
ob_start();
if(!isset($page)) {
$page = 1;
}
$page = (int) $page;
$count = get_option('posts_per_rss');
wp('what_to_show=posts&posts_per_page=' . $count . '&offset=' . ($count * ($page-1) ));
$post = $GLOBALS['post'];
$posts = $GLOBALS['posts'];
$wp = $GLOBALS['wp'];
$wp_query = $GLOBALS['wp_query'];
$wpdb = $GLOBALS['wpdb'];
$blog_id = (int) $GLOBALS['blog_id'];
log_app('function',"query_posts(# " . print_r($wp_query, true) . "#)");
log_app('function',"total_count(# $wp_query->max_num_pages #)");
$last_page = $wp_query->max_num_pages;
$next_page = (($page + 1) > $last_page) ? NULL : $page + 1;
$prev_page = ($page - 1) < 1 ? NULL : $page - 1;
$last_page = ((int)$last_page == 1 || (int)$last_page == 0) ? NULL : (int) $last_page;
$self_page = $page > 1 ? $page : NULL;
?>
the_entries_url() ?>
Copyright
echo_entry();
}
}
?>
echo_entry();
log_app('$post',print_r($GLOBALS['post'],true));
$entry = ob_get_contents();
break;
}
}
ob_end_clean();
log_app('get_entry returning:',$entry);
return $entry;
}
function echo_entry() { ?>
ID); ?>
post_status == 'draft' ? 'yes' : 'no') ?>
post_type == 'attachment') { ?>
post_content ) ) :
list($content_type, $content) = prep_atom_text_construct(get_the_content()); ?>
302 Found
Found
The document has moved here.
EOD;
header('HTTP/1.1 302 Moved');
header('Content-Type: text/html');
header('Location: ' . $url);
echo $content;
exit;
}
function client_error($msg = 'Client Error') {
log_app('Status','400: Client Error');
header('Content-Type: text/plain');
status_header('400');
exit;
}
function created($post_ID, $content, $post_type = 'post') {
log_app('created()::$post_ID',"$post_ID, $post_type");
$edit = $this->get_entry_url($post_ID);
switch($post_type) {
case 'post':
$ctloc = $this->get_entry_url($post_ID);
break;
case 'attachment':
$edit = $this->app_base . "attachments/$post_ID";
break;
}
header("Content-Type: $this->ATOM_CONTENT_TYPE");
if(isset($ctloc))
header('Content-Location: ' . $ctloc);
header('Location: ' . $edit);
status_header('201');
echo $content;
exit;
}
function auth_required($msg) {
log_app('Status','401: Auth Required');
nocache_headers();
header('WWW-Authenticate: Basic realm="WordPress Atom Protocol"');
header("HTTP/1.1 401 $msg");
header('Status: ' . $msg);
header('Content-Type: text/html');
$content = <<
401 Unauthorized
401 Unauthorized
$msg
EOD;
echo $content;
exit;
}
function output($xml, $ctype = 'application/atom+xml') {
status_header('200');
$xml = ''."\n".$xml;
header('Connection: close');
header('Content-Length: '. strlen($xml));
header('Content-Type: ' . $ctype);
header('Content-Disposition: attachment; filename=atom.xml');
header('Date: '. date('r'));
if($this->do_output)
echo $xml;
log_app('function', "output:\n$xml");
exit;
}
function escape(&$array) {
global $wpdb;
foreach ($array as $k => $v) {
if (is_array($v)) {
$this->escape($array[$k]);
} else if (is_object($v)) {
//skip
} else {
$array[$k] = $wpdb->escape($v);
}
}
}
/*
* Access credential through various methods and perform login
*/
function authenticate() {
$login_data = array();
$already_md5 = false;
log_app("authenticate()",print_r($_ENV, true));
// if using mod_rewrite/ENV hack
// http://www.besthostratings.com/articles/http-auth-php-cgi.html
if(isset($_SERVER['HTTP_AUTHORIZATION'])) {
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) =
explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
}
// If Basic Auth is working...
if(isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
$login_data = array('login' => $_SERVER['PHP_AUTH_USER'], 'password' => $_SERVER['PHP_AUTH_PW']);
log_app("Basic Auth",$login_data['login']);
} else {
// else, do cookie-based authentication
if (function_exists('wp_get_cookie_login')) {
$login_data = wp_get_cookie_login();
$already_md5 = true;
}
}
// call wp_login and set current user
if (!empty($login_data) && wp_login($login_data['login'], $login_data['password'], $already_md5)) {
$current_user = new WP_User(0, $login_data['login']);
wp_set_current_user($current_user->ID);
log_app("authenticate()",$login_data['login']);
}
}
function get_accepted_content_type($types = NULL) {
if(!isset($types)) {
$types = $this->media_content_types;
}
if(!isset($_SERVER['CONTENT_LENGTH']) || !isset($_SERVER['CONTENT_TYPE'])) {
$this->length_required();
}
$type = $_SERVER['CONTENT_TYPE'];
list($type,$subtype) = explode('/',$type);
list($subtype) = explode(";",$subtype); // strip MIME parameters
log_app("get_accepted_content_type", "type=$type, subtype=$subtype");
foreach($types as $t) {
list($acceptedType,$acceptedSubtype) = explode('/',$t);
if($acceptedType == '*' || $acceptedType == $type) {
if($acceptedSubtype == '*' || $acceptedSubtype == $subtype)
return $type . "/" . $subtype;
}
}
$this->invalid_media();
}
function process_conditionals() {
if(empty($this->params)) return;
if($_SERVER['REQUEST_METHOD'] == 'DELETE') return;
switch($this->params[0]) {
case $this->ENTRY_PATH:
global $post;
$post = wp_get_single_post($this->params[1]);
$wp_last_modified = get_post_modified_time('D, d M Y H:i:s', true);
$post = NULL;
break;
case $this->ENTRIES_PATH:
$wp_last_modified = mysql2date('D, d M Y H:i:s', get_lastpostmodified('GMT'), 0).' GMT';
break;
default:
return;
}
$wp_etag = md5($wp_last_modified);
@header("Last-Modified: $wp_last_modified");
@header("ETag: $wp_etag");
// Support for Conditional GET
if (isset($_SERVER['HTTP_IF_NONE_MATCH']))
$client_etag = stripslashes($_SERVER['HTTP_IF_NONE_MATCH']);
else
$client_etag = false;
$client_last_modified = trim( $_SERVER['HTTP_IF_MODIFIED_SINCE']);
// If string is empty, return 0. If not, attempt to parse into a timestamp
$client_modified_timestamp = $client_last_modified ? strtotime($client_last_modified) : 0;
// Make a timestamp for our most recent modification...
$wp_modified_timestamp = strtotime($wp_last_modified);
if ( ($client_last_modified && $client_etag) ?
(($client_modified_timestamp >= $wp_modified_timestamp) && ($client_etag == $wp_etag)) :
(($client_modified_timestamp >= $wp_modified_timestamp) || ($client_etag == $wp_etag)) ) {
status_header( 304 );
exit;
}
}
function rfc3339_str2time($str) {
$match = false;
if(!preg_match("/(\d{4}-\d{2}-\d{2})T(\d{2}\:\d{2}\:\d{2})\.?\d{0,3}(Z|[+-]+\d{2}\:\d{2})/", $str, $match))
return false;
if($match[3] == 'Z')
$match[3] == '+0000';
return strtotime($match[1] . " " . $match[2] . " " . $match[3]);
}
function get_publish_time($published) {
$pubtime = $this->rfc3339_str2time($published);
if(!$pubtime) {
return array(current_time('mysql'),current_time('mysql',1));
} else {
return array(date("Y-m-d H:i:s", $pubtime), gmdate("Y-m-d H:i:s", $pubtime));
}
}
}
$server = new AtomServer();
$server->handle_request();
?>