129
129
t('Retrieve information about the text formatting plugins supported by the server.')),
131
131
'mt.publishPost',
132
'blogap_mti_publish_post',
132
'blogapi_mt_publish_post',
133
133
array('boolean', 'string', 'string', 'string'),
134
134
t('Publish (rebuild) all of the static files related to an entry from your weblog. Equivalent to saving an entry in the system (but without the ping).')));
362
362
return blogapi_error($user);
368
$roles = array_intersect(user_roles(0, 'administer content with blog api'), $user->roles);
370
foreach ($roles as $rid => $name) {
371
$extensions .= ' '. strtolower(variable_get("blogapi_extensions_$rid", variable_get('blogapi_extensions_default', 'jpg jpeg gif png txt doc xls pdf ppt pps odt ods odp')));
372
$usersize= max($usersize, variable_get("blogapi_usersize_$rid", variable_get('blogapi_usersize_default', 1)) * 1024 * 1024);
373
$uploadsize = max($uploadsize, variable_get("blogapi_uploadsize_$rid", variable_get('blogapi_uploadsize_default', 1)) * 1024 * 1024);
376
$filesize = strlen($file['bits']);
378
if ($filesize > $uploadsize) {
379
return blogapi_error(t('It is not possible to upload the file, because it exceeded the maximum filesize of @maxsize.', array('@maxsize' => format_size($uploadsize))));
382
if (_blogapi_space_used($user->uid) + $filesize > $usersize) {
383
return blogapi_error(t('The file can not be attached to this post, because the disk quota of @quota has been reached.', array('@quota' => format_size($usersize))));
386
// Only allow files with whitelisted extensions and convert remaining dots to
387
// underscores to prevent attacks via non-terminal executable extensions with
388
// files such as exploit.php.jpg.
390
$whitelist = array_unique(explode(' ', trim($extensions)));
365
392
$name = basename($file['name']);
394
if ($extension_position = strrpos($name, '.')) {
395
$filename = drupal_substr($name, 0, $extension_position);
396
$final_extension = drupal_substr($name, $extension_position + 1);
398
if (!in_array(strtolower($final_extension), $whitelist)) {
399
return blogapi_error(t('It is not possible to upload the file, because it is only possible to upload files with the following extensions: @extensions', array('@extensions' => implode(' ', $whitelist))));
402
$filename = str_replace('.', '_', $filename);
403
$filename .= '.'. $final_extension;
366
406
$data = $file['bits'];
369
409
return blogapi_error(t('No file sent.'));
372
if (!$file = file_save_data($data, $name)) {
412
if (!$file = file_save_data($data, $filename)) {
373
413
return blogapi_error(t('Error storing file.'));
416
db_query("INSERT INTO {blogapi_files} (uid, filepath, filesize) VALUES (%d, '%s', %d)", $user->uid, $file, $filesize);
376
418
// Return the successful result.
377
419
return array('url' => file_create_url($file), 'struct');
380
423
* Blogging API callback. Returns a list of the taxonomy terms that can be
381
424
* associated with a blog node.
555
598
'#description' => t('Select the content types for which you wish to enable posting via blogapi. Each type will appear as a different "blog" in the client application (if supported).')
602
$blogapi_extensions_default = variable_get('blogapi_extensions_default', 'jpg jpeg gif png txt doc xls pdf ppt pps odt ods odp');
603
$blogapi_uploadsize_default = variable_get('blogapi_uploadsize_default', 1);
604
$blogapi_usersize_default = variable_get('blogapi_usersize_default', 1);
606
$form['settings_general'] = array(
607
'#type' => 'fieldset',
608
'#title' => t('File settings'),
609
'#collapsible' => TRUE,
612
$form['settings_general']['blogapi_extensions_default'] = array(
613
'#type' => 'textfield',
614
'#title' => t('Default permitted file extensions'),
615
'#default_value' => $blogapi_extensions_default,
617
'#description' => t('Default extensions that users can upload. Separate extensions with a space and do not include the leading dot.'),
620
$form['settings_general']['blogapi_uploadsize_default'] = array(
621
'#type' => 'textfield',
622
'#title' => t('Default maximum file size per upload'),
623
'#default_value' => $blogapi_uploadsize_default,
626
'#description' => t('The default maximum file size a user can upload.'),
627
'#field_suffix' => t('MB')
630
$form['settings_general']['blogapi_usersize_default'] = array(
631
'#type' => 'textfield',
632
'#title' => t('Default total file size per user'),
633
'#default_value' => $blogapi_usersize_default,
636
'#description' => t('The default maximum size of all files a user can have on the site.'),
637
'#field_suffix' => t('MB')
640
$form['settings_general']['upload_max_size'] = array('#value' => '<p>'. t('Your PHP settings limit the maximum file size per upload to %size.', array('%size' => format_size(file_upload_max_size()))).'</p>');
642
$roles = user_roles(0, 'administer content with blog api');
643
$form['roles'] = array('#type' => 'value', '#value' => $roles);
645
foreach ($roles as $rid => $role) {
646
$form['settings_role_'. $rid] = array(
647
'#type' => 'fieldset',
648
'#title' => t('Settings for @role', array('@role' => $role)),
649
'#collapsible' => TRUE,
650
'#collapsed' => TRUE,
652
$form['settings_role_'. $rid]['blogapi_extensions_'. $rid] = array(
653
'#type' => 'textfield',
654
'#title' => t('Permitted file extensions'),
655
'#default_value' => variable_get('blogapi_extensions_'. $rid, $blogapi_extensions_default),
657
'#description' => t('Extensions that users in this role can upload. Separate extensions with a space and do not include the leading dot.'),
659
$form['settings_role_'. $rid]['blogapi_uploadsize_'. $rid] = array(
660
'#type' => 'textfield',
661
'#title' => t('Maximum file size per upload'),
662
'#default_value' => variable_get('blogapi_uploadsize_'. $rid, $blogapi_uploadsize_default),
665
'#description' => t('The maximum size of a file a user can upload (in megabytes).'),
667
$form['settings_role_'. $rid]['blogapi_usersize_'. $rid] = array(
668
'#type' => 'textfield',
669
'#title' => t('Total file size per user'),
670
'#default_value' => variable_get('blogapi_usersize_'. $rid, $blogapi_usersize_default),
673
'#description' => t('The maximum size of all files a user can have on the site (in megabytes).'),
558
677
return system_settings_form($form);