modules/wlw_blogapi/wlw_blogapi.module

<?php
// $Id: wlw_blogapi.module,v 1.15 2008/12/10 02:22:40 jrglasgow Exp $

/**
 * @file
 * Enable users to post using applications that support XML-RPC blog APIs.
 */

/**
 * Implementation of hook_help().
 */
function wlw_blogapi_help($path, $arg) {
  switch ($path) {
    case 'admin/help#blogapi':
      $output = '<p>'. t('The blog API module enables a post to be posted to a site via external GUI applications. Many users prefer to use external tools to improve their ability to read and post responses in a customized way. The blog api provides users the freedom to use the blogging tools they want but still have the blogging server of choice.') .'</p>';
      $output .= '<p>'. t('When this module is enabled and configured you can use programs like <a href="@external-http-ecto-kung-foo-tv">Ecto</a> to create and publish posts from your desktop. Blog API module supports several XML-RPC based blogging APIs such as the <a href="@-">Blogger API</a>, <a href="@external-http-www-xmlrpc-com-metaWeblogApi">MetaWeblog API</a>, and most of the <a href="@external-http-www-movabletype-org-docs-mtmanual_programmatic-html">Movable Type API</a>. Any desktop blogging tools or other services (e.g. <a href="@external-http-www-flickr-com">Flickr\'s</a> "post to blog") that support these APIs should work with this site.', array('@external-http-ecto-kung-foo-tv' => 'http://ecto.kung-foo.tv/', '@-' => url('http://www.blogger.com/developers/api/1_docs/'), '@external-http-www-xmlrpc-com-metaWeblogApi' => 'http://www.xmlrpc.com/metaWeblogApi', '@external-http-www-movabletype-org-docs-mtmanual_programmatic-html' => 'http://www.movabletype.org/docs/mtmanual_programmatic.html', '@external-http-www-flickr-com' => 'http://www.flickr.com')) .'</p>';
      $output .= '<p>'. t('This module also allows site administrators to configure which content types can be posted via the external applications. So, for instance, users can post forum topics as well as blog posts. Where supported, the external applications will display each content type as a separate "blog".') .'</p>';
      $output .= '<p>'. t('For more information please read the configuration and customization handbook <a href="@blogapi">BlogApi page</a>.', array('@blogapi' => 'http://drupal.org/handbook/modules/blogapi/')) .'</p>';
      return $output;
  }
}

/**
 * Implementation of hook_perm().
 */
function wlw_blogapi_perm() {
  return array('administer content with blog api');
}

/**
 * Implementation of hook_xmlrpc().
 */
function wlw_blogapi_xmlrpc() {
  return array(
    array(
      'blogger.getUsersBlogs',
      'wlw_blogapi_blogger_get_users_blogs',
      array('array', 'string', 'string', 'string'),
      t('Returns a list of weblogs to which an author has posting privileges.')),
    array(
      'blogger.getUserInfo',
      'wlw_blogapi_blogger_get_user_info',
      array('struct', 'string', 'string', 'string'),
      t('Returns information about an author in the system.')),
    array(
      'blogger.newPost',
      'wlw_blogapi_blogger_new_post',
      array('string', 'string', 'string', 'string', 'string', 'string', 'boolean'),
      t('Creates a new post, and optionally publishes it.')),
    array(
      'blogger.editPost',
      'wlw_blogapi_blogger_edit_post',
      array('boolean', 'string', 'string', 'string', 'string', 'string', 'boolean'),
      t('Updates the information about an existing post.')),
    array(
      'blogger.getPost',
      'wlw_blogapi_blogger_get_post',
      array('struct', 'string', 'string', 'string', 'string'),
      t('Returns information about a specific post.')),
    array(
      'blogger.deletePost',
      'wlw_blogapi_blogger_delete_post',
      array('boolean', 'string', 'string', 'string', 'string', 'boolean'),
      t('Deletes a post.')),
    array(
      'blogger.getRecentPosts',
      'wlw_blogapi_blogger_get_recent_posts',
      array('array', 'string', 'string', 'string', 'string', 'int'),
      t('Returns a list of the most recent posts in the system.')),
    array(
      'metaWeblog.newPost',
      'wlw_blogapi_metaweblog_new_post',
      array('string', 'string', 'string', 'string', 'struct', 'boolean'),
      t('Creates a new post, and optionally publishes it.')),
    array(
      'metaWeblog.editPost',
      'wlw_blogapi_metaweblog_edit_post',
      array('boolean', 'string', 'string', 'string', 'struct', 'boolean'),
      t('Updates information about an existing post.')),
    array(
      'metaWeblog.getPost',
      'wlw_blogapi_metaweblog_get_post',
      array('struct', 'string', 'string', 'string'),
      t('Returns information about a specific post.')),
    array(
      'metaWeblog.newMediaObject',
      'wlw_blogapi_metaweblog_new_media_object',
      array('string', 'string', 'string', 'string', 'struct'),
      t('Uploads a file to your webserver.')),
    array(
      'metaWeblog.getCategories',
      'wlw_blogapi_metaweblog_get_category_list',
      array('struct', 'string', 'string', 'string'),
      t('Returns a list of all categories to which the post is assigned.')),
    array(
      'metaWeblog.getRecentPosts',
      'wlw_blogapi_metaweblog_get_recent_posts',
      array('array', 'string', 'string', 'string', 'int'),
      t('Returns a list of the most recent posts in the system.')),
    array(
      'mt.getRecentPostTitles',
      'wlw_blogapi_mt_get_recent_post_titles',
      array('array', 'string', 'string', 'string', 'int'),
      t('Returns a bandwidth-friendly list of the most recent posts in the system.')),
    array(
      'mt.getCategoryList',
      'wlw_blogapi_mt_get_category_list',
      array('array', 'string', 'string', 'string'),
      t('Returns a list of all categories defined in the weblog.')),
    array(
      'mt.getPostCategories',
      'wlw_blogapi_mt_get_post_categories',
      array('array', 'string', 'string', 'string'),
      t('Returns a list of all categories to which the post is assigned.')),
    array(
      'mt.setPostCategories',
      'wlw_blogapi_mt_set_post_categories',
      array('boolean', 'string', 'string', 'string', 'array'),
      t('Sets the categories for a post.')),
    array(
      'mt.supportedMethods',
      'xmlrpc_server_list_methods',
      array('array'),
      t('Retrieve information about the XML-RPC methods supported by the server.')),
    array(
      'mt.supportedTextFilters',
      'wlw_blogapi_mt_supported_text_filters',
      array('array'),
      t('Retrieve information about the text formatting plugins supported by the server.')),
    array(
      'mt.publishPost',
      'wlw_blogapi_mt_publish_post',
      array('boolean', 'string', 'string', 'string'),
      t('Publish (rebuild) all of the static files related to an entry from your weblog. Equivalent to saving an entry in the system (but without the ping).')));
}

/**
 * Blogging API callback. Finds the URL of a user's blog.
 */

function wlw_blogapi_blogger_get_users_blogs($appid, $username, $password) {

  $user = wlw_blogapi_validate_user($username, $password);
  if ($user->uid) {
    $types = _wlw_blogapi_get_node_types();
    $structs = array();
    foreach ($types as $type) {
      if (strcmp($type, 'blog') == 0) {
          $url = 'blog/'. $user->uid;
          $blogName =  $user->name .': '. $type;
      }
      else {
          $url = 'node';
          $blogName = $user->name .': '. $type;
      }
      $structs[] = array('url' => url($url, array('absolute' => TRUE)), 'blogid' => $type, 'blogName' => $blogName);
    }
    return $structs;
  }
  else {
    return wlw_blogapi_error($user);
  }
}

/**
 * Blogging API callback. Returns profile information about a user.
 */
function wlw_blogapi_blogger_get_user_info($appkey, $username, $password) {
  $user = wlw_blogapi_validate_user($username, $password);

  if ($user->uid) {
    $name = explode(' ', $user->realname ? $user->realname : $user->name, 2);
    return array(
      'userid' => $user->uid,
      'lastname' => $name[1],
      'firstname' => $name[0],
      'nickname' => $user->name,
      'email' => $user->mail,
      'url' => url('blog/'. $user->uid, array('absolute', TRUE)));
  }
  else {
    return wlw_blogapi_error($user);
  }
}

/**
 * Blogging API callback. Inserts a new blog post as a node.
 */
function wlw_blogapi_blogger_new_post($appkey, $blogid, $username, $password, $content, $publish) {
  $args = func_get_args();
  // since some modules assume that the user is logged in in their hook_nodeapi()
  // wlw_blogapi has to set the global variable
  global $user;
  if (!$user->uid) {
    $user = wlw_blogapi_validate_user($username, $password);
  }
  if (!$user->uid) {
    return wlw_blogapi_error($user);
  }

  $edit = array();
  $edit['type'] = _wlw_blogapi_blogid($blogid);
  // get the node type defaults
  $node_type_default = variable_get('node_options_'. $edit['type'], array('status', 'promote'));
  $edit['uid'] = $user->uid;
  $edit['name'] = $user->name;
  $edit['promote'] = in_array('promote', $node_type_default);
  $edit['comment'] = variable_get('comment_'. $edit['type'], 2);
  $edit['revision'] = in_array('revision', $node_type_default);
  $edit['format'] = FILTER_FORMAT_DEFAULT;
  $edit['status'] = $publish;
  //watchdog('wlw_blogapi', 'content = <pre>$content</pre>', array('$content' => print_r($content, true)), WATCHDOG_DEBUG);
  // check for bloggerAPI vs. metaWeblogAPI
  if (is_array($content)) {
    $edit['title'] = $content['title'];
    $edit['body'] = $content['description'];
    _wlw_blogapi_mt_extra($edit, $content);
  }
  else {
    $edit['title'] = wlw_blogapi_blogger_title($content);
    $edit['body'] = $content;
  }
  
  if (!node_access('create', $edit['type'])) {
    return wlw_blogapi_error(t('You do not have permission to create the type of post you wanted to create.'));
  }

  if (user_access('administer nodes') && !isset($edit['date'])) {
    $edit['date'] = format_date(time(), 'custom', 'Y-m-d H:i:s O');
  }
  $edit['body'] = _wlw_blogapi_filter_extra_code($edit['body']);
  $edit['title'] = _wlw_blogapi_filter_extra_code($edit['title']);
  node_invoke_nodeapi($edit, 'blogapi new');

  node_validate($edit);
  if ($errors = form_get_errors()) {
    return wlw_blogapi_error(implode("\n", $errors));
  }

  $node = node_submit($edit);
  node_save($node);
  if ($node->nid) {
    watchdog('content', '@type: added %title using WLW Blog API.', array('@type' => t($node->type), '%title' => $node->title), WATCHDOG_NOTICE, l(t('view'), "node/$node->nid"));
    // blogger.newPost returns a string so we cast the nid to a string by putting it in double quotes:
    return "$node->nid";
  }

  return wlw_blogapi_error(t('Error storing post.'));
}

/**
 * Blogging API callback. Modifies the specified blog node.
 */
function wlw_blogapi_blogger_edit_post($appkey, $postid, $username, $password, $content, $publish) {
  // since some modules assume that the user is logged in in their hook_nodeapi()
  // wlw_blogapi has to set the global variable
  global $user;
  if (!$user->uid) {
    $user = wlw_blogapi_validate_user($username, $password);
  }
  if (!$user->uid) {
    return wlw_blogapi_error($user);
  }

  $node = node_load($postid);
  if (!$node) {
    return wlw_blogapi_error(t('n/a'));
  }
  // Let the teaser be re-generated.
  unset($node->teaser);

  if (!node_access('update', $node)) {
    return wlw_blogapi_error(t('You do not have permission to update this post.'));
  }

  $node->status = $publish;

  // check for bloggerAPI vs. metaWeblogAPI
  if (is_array($content)) {
    $node->title = $content['title'];
    $node->body = $content['description'];
    _wlw_blogapi_mt_extra($node, $content);
  }
  else {
    $node->title = blogapi_blogger_title($content);
    $node->body = $content;
  }

  node_invoke_nodeapi($node, 'blogapi edit');

  node_validate($node);
  if ($errors = form_get_errors()) {
    return wlw_blogapi_error(implode("\n", $errors));
  }

  if (user_access('administer nodes') && !isset($edit['date'])) {
    $node->date = format_date($node->created, 'custom', 'Y-m-d H:i:s O');
  }
  $node->body = _wlw_blogapi_filter_extra_code($node->body);
  $node->title = _wlw_blogapi_filter_extra_code($node->title);
  $node = node_submit($node);
  node_save($node);
  if ($node->nid) {
    watchdog('content', '@type: updated %title using WLW Blog API.', array('@type' => t($node->type), '%title' => $node->title), WATCHDOG_NOTICE, l(t('view'), "node/$node->nid"));
    return TRUE;
  }

  return wlw_blogapi_error(t('Error storing post.'));
}

/**
 * Blogging API callback. Returns a specified blog node.
 */
function wlw_blogapi_blogger_get_post($appkey, $postid, $username, $password) {
  $user = wlw_blogapi_validate_user($username, $password);
  if (!$user->uid) {
    return wlw_blogapi_error($user);
  }

  $node = node_load($postid);

  return _wlw_blogapi_get_post($node, TRUE);
}

/**
 * Blogging API callback. Removes the specified blog node.
 */
function wlw_blogapi_blogger_delete_post($appkey, $postid, $username, $password, $publish) {
  $user = wlw_blogapi_validate_user($username, $password);
  if (!$user->uid) {
    return wlw_blogapi_error($user);
  }

  node_delete($postid);
  return TRUE;
}

/**
 * Blogging API callback. Returns the latest few postings in a user's blog. $bodies TRUE
 * <a href="http://movabletype.org/docs/mtmanual_programmatic.html#item_mt%2EgetRecentPostTitles">
 * returns a bandwidth-friendly list</a>.
 */
function wlw_blogapi_blogger_get_recent_posts($appkey, $blogid, $username, $password, $number_of_posts, $bodies = TRUE) {
  // Remove unused appkey (from bloggerAPI).
  $user = wlw_blogapi_validate_user($username, $password);
  if (!$user->uid) {
    return wlw_blogapi_error($user);
  }

  $type = _wlw_blogapi_blogid($blogid);
  if ($bodies) {
    $result = db_query_range("SELECT n.nid, n.title, r.body, r.format, n.comment, n.created, u.name FROM {node} n, {node_revisions} r, {users} u WHERE n.uid = u.uid AND n.vid = r.vid AND n.type = '%s' AND n.uid = %d ORDER BY n.created DESC",  $type, $user->uid, 0, $number_of_posts);
  }
  else {
    $result = db_query_range("SELECT n.nid, n.title, n.created, u.name FROM {node} n, {users} u WHERE n.uid = u.uid AND n.type = '%s' AND n.uid = %d ORDER BY n.created DESC", $type, $user->uid, 0, $number_of_posts);
  }
  $blogs = array();
  while ($blog = db_fetch_object($result)) {
    $blogs[] = _wlw_blogapi_get_post($blog, $bodies);
  }
  return $blogs;
}

function wlw_blogapi_metaweblog_new_post($blogid, $username, $password, $content, $publish) {
  $args = func_get_args();
  return wlw_blogapi_blogger_new_post('0123456789ABCDEF', $blogid, $username, $password, $content, $publish);
}

function wlw_blogapi_metaweblog_edit_post($postid, $username, $password, $content, $publish) {
  return wlw_blogapi_blogger_edit_post('0123456789ABCDEF', $postid, $username, $password, $content, $publish);
}

function wlw_blogapi_metaweblog_get_post($postid, $username, $password) {
  return wlw_blogapi_blogger_get_post('01234567890ABCDEF', $postid, $username, $password);
}

/**
 * Blogging API callback. Inserts a file into Drupal.
 */
function wlw_blogapi_metaweblog_new_media_object($blogid, $username, $password, $file) {
  $user = wlw_blogapi_validate_user($username, $password);
  if (!$user->uid) {
    return wlw_blogapi_error($user);
  }

  $usersize = 0;
  $uploadsize = 0;

  $roles = array_intersect(user_roles(0, 'administer content with blog api'), $user->roles);

  foreach ($roles as $rid => $name) {
    $extensions .= ' '. strtolower(variable_get("blogapi_extensions_$rid", variable_get('blogapi_extensions_default', 'jpg jpeg gif png txt doc xls pdf ppt pps odt ods odp')));
    $usersize= max($usersize, variable_get("blogapi_usersize_$rid", variable_get('blogapi_usersize_default', 1)) * 1024 * 1024);
    $uploadsize = max($uploadsize, variable_get("blogapi_uploadsize_$rid", variable_get('blogapi_uploadsize_default', 1)) * 1024 * 1024);
  }

  $filesize = strlen($file['bits']);

  if ($filesize > $uploadsize) {
    return wlw_blogapi_error(t('It is not possible to upload the file, because it exceeded the maximum filesize of @maxsize.', array('@maxsize' => format_size($uploadsize))));
  }

  if (_wlw_blogapi_space_used($user->uid) + $filesize > $usersize) {
    return wlw_blogapi_error(t('The file can not be attached to this post, because the disk quota of @quota has been reached.', array('@quota' => format_size($usersize))));
  }

  // Only allow files with whitelisted extensions and convert remaining dots to
  // underscores to prevent attacks via non-terminal executable extensions with
  // files such as exploit.php.jpg.

  $whitelist = array_unique(explode(' ', trim($extensions)));

  $name = basename($file['name']);

  if ($extension_position = strrpos($name, '.')) {
    $filename = drupal_substr($name, 0, $extension_position);
    $final_extension = drupal_substr($name, $extension_position + 1);

    if (!in_array(strtolower($final_extension), $whitelist)) {
      return wlw_blogapi_error(t('It is not possible to upload the file, because it is only possible to upload files with the following extensions: @extensions', array('@extensions' => implode(' ', $whitelist))));
    }

    $filename = str_replace('.', '_', $filename);
    $filename .= '.'. $final_extension;
  }

  $data = $file['bits'];

  if (!$data) {
    return wlw_blogapi_error(t('No file sent.'));
  }

  if (!$file = file_save_data($data, $filename)) {
    return wlw_blogapi_error(t('Error storing file.'));
  }

  db_query("INSERT INTO {blogapi_files} (uid, filepath, filesize) VALUES (%d, '%s', %d)", $user->uid, $file, $filesize);

  // Return the successful result.
  return array('url' => file_create_url($file), 'struct');
}

/**
 * Blogging API callback. Returns a list of the taxonomy terms that can be
 * associated with a blog node.
 */
function wlw_blogapi_metaweblog_get_category_list($blogid, $username, $password) {
  $type = _wlw_blogapi_blogid($blogid);
  $vocabularies = module_invoke('taxonomy', 'get_vocabularies', $type, 'vid');
  $categories = array();
  if ($vocabularies) {
    foreach ($vocabularies as $vocabulary) {
      $terms = module_invoke('taxonomy', 'get_tree', $vocabulary->vid, 0, -1);
      foreach ($terms as $term) {
        $term_name = $term->name;
        foreach (module_invoke('taxonomy', 'get_parents', $term->tid, 'tid') as $parent) {
          $term_name = $parent->name .'/'. $term_name;
        }
        $categories[] = array('categoryName' => $term_name, 'categoryId' => $term->tid);
      }
    }
  }
  return $categories;
}

function wlw_blogapi_metaweblog_get_recent_posts($blogid, $username, $password, $number_of_posts) {
  return wlw_blogapi_blogger_get_recent_posts('0123456789ABCDEF', $blogid, $username, $password, $number_of_posts, TRUE);
}

// see above
function wlw_blogapi_mt_get_recent_post_titles($blogid, $username, $password, $number_of_posts) {
  return wlw_blogapi_blogger_get_recent_posts('0123456789ABCDEF', $blogid, $username, $password, $number_of_posts, FALSE);
}

/* **** */
function wlw_blogapi_mt_get_category_list($blogid, $username, $password) {
  return wlw_blogapi_metaweblog_get_category_list($blogid, $username, $password);
}

/**
 * Blogging API callback. Returns a list of the taxonomy terms that are
 * assigned to a particular node.
 */
function wlw_blogapi_mt_get_post_categories($postid, $username, $password) {
  $user = wlw_blogapi_validate_user($username, $password);
  if (!$user->uid) {
    return wlw_blogapi_error($user);
  }

  $terms = module_invoke('taxonomy', 'node_get_terms', $postid, 'tid');
  $categories = array();
  foreach ($terms as $term) {
    $term_name = $term->name;
    foreach (module_invoke('taxonomy', 'get_parents', $term->tid, 'tid') as $parent) {
      $term_name = $parent->name .'/'. $term_name;
    }
    $categories[] = array('categoryName' => $term_name, 'categoryId' => $term->tid, 'isPrimary' => TRUE);
  }
  return $categories;
}

/**
 * Blogging API callback. Assigns taxonomy terms to a particular node.
 */
function wlw_blogapi_mt_set_post_categories($postid, $username, $password, $categories) {
  global $user;
  if (!$user->uid) {
    $user = wlw_blogapi_validate_user($username, $password);
  }
  if (!$user->uid) {
    return wlw_blogapi_error($user);
  }

  $node = node_load($postid);
  $node->taxonomy = array();
  foreach ($categories as $category) {
    $node->taxonomy[] = $category['categoryId'];
  }
  node_save($node);
  return TRUE;
}

/**
 * Blogging API callback. Sends a list of available input formats.
 */
function wlw_blogapi_mt_supported_text_filters() {
  // NOTE: we're only using anonymous' formats because the MT spec
  // does not allow for per-user formats.
  $formats = filter_formats();

  $filters = array();
  foreach ($formats as $format) {
    $filter['key'] = $format->format;
    $filter['label'] = $format->name;
    $filters[] = $filter;
  }

  return $filters;
}

/**
 * Blogging API callback. Publishes the given node
 */
function wlw_blogapi_mt_publish_post($postid, $username, $password) {
  $user = wlw_blogapi_validate_user($username, $password);
  if (!$user->uid) {
    return wlw_blogapi_error($user);
  }
  $node = node_load($postid);
  if (!$node) {
    return wlw_blogapi_error(t('Invalid post.'));
  }

  $node->status = 1;
  if (!node_access('update', $node)) {
    return wlw_blogapi_error(t('You do not have permission to update this post.'));
  }

  node_save($node);

  return TRUE;
}

/**
 * Prepare an error message for returning to the XMLRPC caller.
 */
function wlw_blogapi_error($message) {
  static $xmlrpcusererr;
  if (!is_array($message)) {
    $message = array($message);
  }

  $message = implode(' ', $message);

  return xmlrpc_error($xmlrpcusererr + 1, strip_tags($message));
}

/**
 * Ensure that the given user has permission to edit a blog.
 */
function wlw_blogapi_validate_user($username, $password) {
  global $user;

  $user = user_authenticate(array('name' => $username, 'pass' => $password));
  if ($user->uid) {
    if (user_access('administer content with blog api', $user)) {
      return $user;
    }
    else {
      return t("You either tried to edit somebody else's blog or you don't have permission to edit your own blog.");
    }
  }
  else {
    return t('Wrong username or password.');
  }
}

/**
 * For the blogger API, extract the node title from the contents field.
 */
function wlw_blogapi_blogger_title(&$contents) {
  if (eregi('<title>([^<]*)</title>', $contents, $title)) {
    $title = strip_tags($title[0]);
    $contents = ereg_replace('<title>[^<]*</title>', '', $contents);
  }
  else {
    list($title, $contents) = explode("\n", $contents, 2);
  }
  return $title;
}

function wlw_blogapi_admin_settings_form() {
  $node_types = array_map('check_plain', node_get_types('names'));
  $defaults = isset($node_types['blog']) ? array('blog' => 1) : array();
  $form['blogapi_node_types'] = array(
    '#type' => 'checkboxes',
    '#title' => t('Blog types'),
    '#required' => TRUE,
    '#default_value' => variable_get('blogapi_node_types', $defaults),
    '#options' => $node_types,
    '#description' => t('Select the content types for which you wish to enable posting via blogapi. Each type will appear as a different "blog" in the client application (if supported).')
  );
  $menus = array('none' => 'None');
  $menus += menu_get_menus(TRUE);
  $form['menu_settings'] = array(
    '#type' => 'fieldset',
    '#title' => 'Menu Settings',
    '#description' => 'When a node is added it can be automatically added to a menu. Choose which menu nodes of each type wil be added to.',
    '#collapsible' => TRUE,
    '#collapsed' => FALSE,
  );
  foreach ($node_types as $key => $value) {
    $form['menu_settings']['wlw_blogapi_menu_'. $key] = array(
      '#type' => 'select',
      '#options' => $menus,
      '#default_value' => variable_get('wlw_blogapi_menu_'. $key, 'none'),
      '#title' => $value,
    );
  }
  $form['blogapi_excerpt'] = array(
    '#type' => 'checkbox',
    '#title' => t('Use Excerpt'),
    '#description' => t('Will you use the excerpt field to input your teaser?'),
    '#default_value' => variable_get('blogapi_excerpt', 0),
  );

  $blogapi_extensions_default = variable_get('blogapi_extensions_default', 'jpg jpeg gif png txt doc xls pdf ppt pps odt ods odp');
  $blogapi_uploadsize_default = variable_get('blogapi_uploadsize_default', 1);
  $blogapi_usersize_default = variable_get('blogapi_usersize_default', 1);

  $form['settings_general'] = array(
    '#type' => 'fieldset',
    '#title' => t('File settings'),
    '#collapsible' => TRUE,
  );

  $form['settings_general']['blogapi_extensions_default'] = array(
    '#type' => 'textfield',
    '#title' => t('Default permitted file extensions'),
    '#default_value' => $blogapi_extensions_default,
    '#maxlength' => 255,
    '#description' => t('Default extensions that users can upload. Separate extensions with a space and do not include the leading dot.'),
  );

  $form['settings_general']['blogapi_uploadsize_default'] = array(
    '#type' => 'textfield',
    '#title' => t('Default maximum file size per upload'),
    '#default_value' => $blogapi_uploadsize_default,
    '#size' => 5,
    '#maxlength' => 5,
    '#description' => t('The default maximum file size a user can upload.'),
    '#field_suffix' => t('MB')
  );

  $form['settings_general']['blogapi_usersize_default'] = array(
    '#type' => 'textfield',
    '#title' => t('Default total file size per user'),
    '#default_value' => $blogapi_usersize_default,
    '#size' => 5,
    '#maxlength' => 5,
    '#description' => t('The default maximum size of all files a user can have on the site.'),
    '#field_suffix' => t('MB')
  );

  $form['settings_general']['upload_max_size'] = array('#value' => '<p>'. t('Your PHP settings limit the maximum file size per upload to %size.', array('%size' => format_size(file_upload_max_size()))) .'</p>');

  $roles = user_roles(0, 'administer content with blog api');
  $form['roles'] = array('#type' => 'value', '#value' => $roles);
  
  
  foreach ($roles as $rid => $role) {
    $form['settings_role_'. $rid] = array(
      '#type' => 'fieldset',
      '#title' => t('Settings for @role', array('@role' => $role)),
      '#collapsible' => TRUE,
      '#collapsed' => TRUE,
    );
    $form['settings_role_'. $rid]['blogapi_extensions_'. $rid] = array(
      '#type' => 'textfield',
      '#title' => t('Permitted file extensions'),
      '#default_value' => variable_get('blogapi_extensions_'. $rid, $blogapi_extensions_default),
      '#maxlength' => 255,
      '#description' => t('Extensions that users in this role can upload. Separate extensions with a space and do not include the leading dot.'),
    );
    $form['settings_role_'. $rid]['blogapi_uploadsize_'. $rid] = array(
      '#type' => 'textfield',
      '#title' => t('Maximum file size per upload'),
      '#default_value' => variable_get('blogapi_uploadsize_'. $rid, $blogapi_uploadsize_default),
      '#size' => 5,
      '#maxlength' => 5,
      '#description' => t('The maximum size of a file a user can upload (in megabytes).'),
    );
    $form['settings_role_'. $rid]['blogapi_usersize_'. $rid] = array(
      '#type' => 'textfield',
      '#title' => t('Total file size per user'),
      '#default_value' => variable_get('blogapi_usersize_'. $rid, $blogapi_usersize_default),
      '#size' => 5,
      '#maxlength' => 5,
      '#description' => t('The maximum size of all files a user can have on the site (in megabytes).'),
    );
  }/**
  $form['submit'] = array(
    '#type' => 'submit',
    '#value' => 'Submit',
  );
  $form['submit'] = array(
    '#type' => 'submit',
    '#value' => 'Reset',
  );/**/
  $form = system_settings_form($form);
  //$form['#theme'] = 'wlw_blogapi_admin_settings_form';
  //drupal_set_message('$form = <pre>'. print_r($form, TRUE) .'</pre>');
  //drupal_rebuild_theme_registry();
  //$hooks = theme_get_registry();
  //drupal_set_message('$hooks = <pre>'. print_r($hooks, TRUE) .'</pre>');
  
  return $form;
}
function theme_wlw_blogapi_admin_settings_form(&$form, &$form_state) {
  $args = func_get_args();
  drupal_set_message('$args = <pre>'. print_r($args, TRUE) .'</pre>');
}
/**
 *  implementation os hook_init()
 */
function wlw_blogapi_init() {
  drupal_add_link(array(
    'rel' => 'wlwmanifest',
    'type' => 'application/wlwmanifest+xml',
    'href' => url('blogapi/wlwmanifest.xml', array('absolute' => TRUE))
  ));
  drupal_add_link(array(
    'rel' => 'EditURI',
    'type' => 'application/rsd+xml',
    'title' => t('RSD'),
    'href' => url('blogapi/rsd', array('absolute' => TRUE))
  ));
}


function wlw_blogapi_menu() {
  $items = array();

  $items['blogapi'] = array(
    'title' => 'RSD',
    'page callback' => 'wlw_blogapi_blogapi',
    'access arguments' => array('access content'),
    'type' => MENU_CALLBACK
  );
  $items['admin/settings/wlw_blogapi'] = array(
    'title' => 'WLW Blog API',
    'description' => 'Configure which content types blog clients can use, as well as WLW settings.',
    'page callback' => 'drupal_get_form',
    'page arguments' => array('wlw_blogapi_admin_settings_form'),
    'access arguments' => array('administer site configuration'),
    'type' => MENU_NORMAL_ITEM
  );
  $items['blogapi/wlwmanifest.xml'] = array(
    'title' => 'WLW Manifest',
    'description' => 'This provides the wlwmanifest.xml file for WLW configuration',
    'page callback' => '_wlw_blogapi_wlwmanifest',
    'type' => MENU_CALLBACK,
    'access callback' => TRUE,
  );
  return $items;
}

function wlw_blogapi_blogapi() {
  switch (arg(1)) {
    case 'rsd':
      wlw_blogapi_rsd();
      break;
    default:
      drupal_not_found();
      break;
  }
}

function wlw_blogapi_rsd() {
  global $base_url;

  $xmlrpc = $base_url .'/'.'xmlrpc.php';
  $base = url('', array('absolute' => TRUE));
  $blogid = 1; # until we figure out how to handle multiple bloggers

  drupal_set_header('Content-Type: application/rsd+xml; charset=utf-8');
  print <<<__RSD__
<?xml version="1.0"?>
<rsd version="1.0" xmlns="http://archipelago.phrasewise.com/rsd">
  <service>
    <engineName>Drupal</engineName>
    <engineLink>http://drupal.org/</engineLink>
    <homePageLink>$base</homePageLink>
    <apis>
      <api name="MetaWeblog" preferred="false" apiLink="$xmlrpc" blogID="$blogid" />
      <api name="Blogger" preferred="false" apiLink="$xmlrpc" blogID="$blogid" />
      <api name="MovableType" preferred="true" apiLink="$xmlrpc" blogID="$blogid" />
    </apis>
  </service>
</rsd>
__RSD__;
}

/**
 * Handles extra information sent by clients according to MovableType's spec.
 */
function _wlw_blogapi_mt_extra(&$node, $struct) {
  //watchdog('wlw_blogapi', 'struct = <pre>@struct</pre>', array('@struct' => print_r($struct, true)), WATCHDOG_DEBUG);
  
  if (is_array($node)) {
    $was_array = TRUE;
    $node = (object)$node;
  }
  
  // take the categories from the struct and add them to the first vocabulary
  // that allows free tagging that is assigned to the node type
  $vocabs = taxonomy_get_vocabularies($node->type);
  $vocab_to_use_for_tags = 0;
  foreach ($vocabs as $vocab) {
    if ($vocab_to_use_for_tags) {
      continue;
    }
    else if ($vocab->tags) {
      $vocab_to_use_for_tags = $vocab->vid;
    }
  }
  if ($vocab_to_use_for_tags) {
    $tags = array();
    foreach ($struct['categories'] as $tag) {
      // if there is a heirarchy we will only submit the last branch
      $tag = explode('/', $tag);
      $tag = array_reverse($tag);
      $tag = $tag[0];
      $tags[$vocab_to_use_for_tags] .= $tag .', ';
    }
  }
  $node->taxonomy = array('tags' => $tags);
  
  
  // set the nodewords variable, if the nodewords (Meta Tags) module
  // is installed this will take the keywords submitted and set those
  // as the meta tags
  if (isset($struct['mt_keywords'])) {
    $node->nodewords = array(
      'description' => '',
      'keywords' => $struct['mt_keywords'],
    );
  }
  // mt_allow_comments
  if (array_key_exists('mt_allow_comments', $struct)) {
    switch ($struct['mt_allow_comments']) {
      case 0:
        $node->comment = COMMENT_NODE_DISABLED;
        break;
      case 1:
        $node->comment = COMMENT_NODE_READ_WRITE;
        break;
      case 2:
        $node->comment = COMMENT_NODE_READ_ONLY;
        break;
    }
  }
  // add the new node to the menu
  $menu = variable_get('wlw_blogapi_menu_'. $node->type, 'none');
  if (($menu !== 'none') && (!isset($node->nid))) {
    //watchdog('wlw_blogapi', 'wlw_blogapi_mt_extra node = <pre>@node</pre>', array('@node' => print_r($node, true)), WATCHDOG_DEBUG);
    $node->menu = array(
      'module' => 'menu',
      'menu_name' => $menu,
      'link_title' => $struct['title'],
    );
  }
  // do the slug or url_alias
  if ($struct['wp_slug']) {
    $node->path = $struct['wp_slug'];
  }
  
  // merge the 3 body sections (description, mt_excerpt, mt_text_more) into one body
  if ($struct['mt_excerpt']) {
    $node->body = $struct['mt_excerpt'] .'<!--break-->'. $node->body;
  }
  if ($struct['mt_text_more']) {
    $node->body = $node->body .'<!--break-->'. $struct['mt_text_more'];
  }

  // mt_convert_breaks
  if ($struct['mt_convert_breaks']) {
    $node->format = $struct['mt_convert_breaks'];
  }

  // dateCreated
  if ($struct['dateCreated']) {
    //$formatted_date = format_date(mktime($struct['dateCreated']->hour, $struct['dateCreated']->minute, $struct['dateCreated']->second, $struct['dateCreated']->month, $struct['dateCreated']->day, $struct['dateCreated']->year), 'custom', 'Y-m-d H:i:s O');
    //So WLW claims to give the date in ISO8601 format, they don't quite,
    // they give the time in UTC but don't declare it, also this function
    // didn't even worry about the time zone except to format for it.
    $formatted_date = format_date(strtotime($struct['dateCreated']->iso8601 .'+00:00'), 'custom', 'Y-m-d H:i:s O');
    //watchdog('wlw_blogapi', 'dateCreated = <pre>$dateCreated</pre><br/>date = $date<br/>formatted_date = $formatted_date', array('$dateCreated' => print_r($struct['dateCreated'], true), '$date' => date('r', strtotime($struct['dateCreated']->iso8601 .'+00:00')),'$formatted_date' => $formatted_date ), WATCHDOG_DEBUG);
    $node->date = $formatted_date;
  }
  // take care of special chars in title
  //watchdog('wlw_blogapi', 'func: _wlw_blogapi_mt_extra, node = <pre>$node</pre>', array('$node' => print_r($node, true)));
  $node->title = str_replace('&amp;', '&', $node->title);
  //watchdog('wlw_blogapi', 'func: _wlw_blogapi_mt_extra 2, node = <pre>$node</pre>', array('$node' => print_r($node, true)));
  $title = $node->title;
  //watchdog('wlw_blogapi', 'func: _wlw_blogapi_mt_extra 1, title = $title', array('$title' => print_r($title, true)));
  $temp = array();
  $title2 = '';
  for ($i = 0; $i <= 20; $i++) {
    $temp[] = $title2[$i];
  }
  if ($was_array) {
    $node = (array)$node;
  }
}

/**
 *  Some times with WYSIWYG editors you have the problem
 *  where they like to add extra code, usually without your
 *  knowledge, until you go to look at the final result and
 *  you see the result.
 *
 *  _wlw_blogapi_filter_extra_code() Filter out some extra code that is
 *  usually unwanted. Code that usually adds undesired
 *  whitespace
 */
function _wlw_blogapi_filter_extra_code($text) {  
  $text = str_replace('<p>&#160;</p>', '', $text);
  $text = str_replace('<p>&nbsp</p>', '', $text);
  $text = str_replace('<p></p>', '', $text);
  //$text = str_Replace('&eacute;', '', $text);
  //$text = str_Replace('&#233;', '', $text);
  //watchdog('wlw_blogapi', 'func: _wlw_blogapi_filter_extra_code, text = <pre>$text</pre>', array('$text' => print_r($text, true)));
  return $text;
}
function wlw_blogapi_nodeapi(&$node, $op, $a3 = NULL, $a4 = NULL) {
  switch ($op) {
    case 'insert':
    case 'update':
    case 'presave':
      //$text = str_Replace('', '&#233;', $text);
      //watchdog('wlw_blogapi', 'func: wlw_blogapi_nodeapi, node = <pre>'. print_r($node, true) .'</pre>');
      break;
  }
}
function _wlw_blogapi_get_post($node, $bodies = TRUE) {
  $xmlrpcval = array(
    'userid' => $node->name,
    'dateCreated' => xmlrpc_date($node->created),
    'title' => $node->title,
    'postid' => $node->nid,
    'link' => url('node/'. $node->nid, array('absolute', TRUE)),
    'permaLink' => url('node/'. $node->nid, array('absolute', TRUE)),
  );
  if ($bodies) {
    if ($node->comment == 1) {
      $comment = 2;
    }
    else if ($node->comment == 2) {
      $comment = 1;
    }
    $xmlrpcval['content'] = "<title>$node->title</title>$node->body";
    $xmlrpcval['description'] = $node->body;
    // Add MT specific fields
    $xmlrpcval['mt_allow_comments'] = (int) $comment;
    $xmlrpcval['mt_convert_breaks'] = $node->format;
  }

  return $xmlrpcval;
}

function _wlw_blogapi_blogid($id) {
  if (is_numeric($id)) {
    return 'blog';
  }
  else {
    return $id;
  }
}

function _wlw_blogapi_get_node_types() {
  $available_types = array_keys(array_filter(variable_get('blogapi_node_types', array('blog' => 1))));
  $types = array();
  foreach (node_get_types() as $type => $name) {
    if (node_access('create', $type) && in_array($type, $available_types)) {
      $types[] = $type;
    }
  }

  return $types;
}


function _wlw_blogapi_space_used($uid) {
  return db_result(db_query('SELECT SUM(filesize) FROM {blogapi_files} f WHERE f.uid = %d', $uid));
}

function _wlw_blogapi_wlwmanifest() {
  
  $slug = (module_exists('path') ? 'Yes' : 'No');
  $keywords = (module_exists('nodewords') ? 'Yes' : 'No');
  $excerpt = (variable_get('blogapi_excerpt', 0) ? 'Yes' : 'No');
  
  $output = <<<__manifest__
<?xml version="1.0" encoding="utf-8" ?>
<manifest xmlns="http://schemas.microsoft.com/wlw/manifest/weblog">
  <options>
  <clientType>MovableType</clientType>
    <supportsKeywords>$keywords</supportsKeywords>
    <supportsTrackbacks>Yes</supportsTrackbacks>
    <supportsCategoriesInline>Yes</supportsCategoriesInline>
    <supportsMultipleCategories>Yes</supportsMultipleCategories>
    <supportsNewCategories>Yes</supportsNewCategories>
    <supportsNewCategoriesInline>Yes</supportsNewCategoriesInline>
    <supportsSlug>$slug</supportsSlug>
    <supportsAutoUpdate>Yes</supportsAutoUpdate>
    <requiresHtmlTitles>No</requiresHtmlTitles>
    <supportsExcerpt>$excerpt</supportsExcerpt>
  </options>
</manifest>
__manifest__;
  print $output;
}