nggXMLRPC

XML-RPC protocol support for NextGEN Gallery.

Defined (1)

The class is defined in the following location(s).

/lib/xmlrpc.php  
  1. class nggXMLRPC{ 
  2.  
  3. /** 
  4. * Init the methods for the XMLRPC hook 
  5. */ 
  6. function __construct() { 
  7.  
  8. add_filter('xmlrpc_methods', array(&$this, 'add_methods') ); 
  9.  
  10. function add_methods($methods) { 
  11.  
  12. $methods['ngg.installed'] = array(&$this, 'nggInstalled'); 
  13. // Image methods 
  14. $methods['ngg.getImage'] = array(&$this, 'getImage'); 
  15. $methods['ngg.getImages'] = array(&$this, 'getImages'); 
  16. $methods['ngg.uploadImage'] = array(&$this, 'uploadImage'); 
  17. $methods['ngg.editImage'] = array(&$this, 'editImage'); 
  18. $methods['ngg.deleteImage'] = array(&$this, 'deleteImage'); 
  19. // Gallery methods 
  20. $methods['ngg.getGallery'] = array(&$this, 'getGallery'); 
  21. $methods['ngg.getGalleries'] = array(&$this, 'getGalleries'); 
  22. $methods['ngg.newGallery'] = array(&$this, 'newGallery'); 
  23. $methods['ngg.editGallery'] = array(&$this, 'editGallery'); 
  24. $methods['ngg.deleteGallery'] = array(&$this, 'deleteGallery'); 
  25. // Album methods 
  26. $methods['ngg.getAlbum'] = array(&$this, 'getAlbum'); 
  27. $methods['ngg.getAlbums'] = array(&$this, 'getAlbums'); 
  28. $methods['ngg.newAlbum'] = array(&$this, 'newAlbum'); 
  29. $methods['ngg.editAlbum'] = array(&$this, 'editAlbum'); 
  30. $methods['ngg.deleteAlbum'] = array(&$this, 'deleteAlbum'); 
  31.  
  32. return $methods; 
  33.  
  34. /** 
  35. * Check if it's an csv string, then serialize it. 
  36. * @since 1.9.2 
  37. * @param string $data 
  38. * @return serialized string 
  39. */ 
  40. function is_serialized( $data ) { 
  41.  
  42. // if it isn't a string, we don't serialize it. 
  43. if ( ! is_string( $data ) ) 
  44. return false; 
  45.  
  46. if ($data && !strpos( $data , '{')) { 
  47. $items = explode(', ', $data); 
  48. return serialize($items); 
  49.  
  50. return $data; 
  51.  
  52. /** 
  53. * Check if NextGEN Gallery is installed 
  54. * @since 1.4 
  55. * @param none 
  56. * @return string version number 
  57. */ 
  58. function nggInstalled($args) { 
  59. global $ngg; 
  60. return array( 'version' => $ngg->version ); 
  61.  
  62. /** 
  63. * Log user in. 
  64. * @since 2.8 
  65. * @param string $username User's username. 
  66. * @param string $password User's password. 
  67. * @return mixed WP_User object if authentication passed, false otherwise 
  68. */ 
  69. function login($username, $password) { 
  70. global $wp_version; 
  71.  
  72. if (version_compare($wp_version, "3.5", "<")) { 
  73. if ( !get_option( 'enable_xmlrpc' ) ) { 
  74. $this->error = new IXR_Error( 405, sprintf( __('XML-RPC services are disabled on this blog. An admin user can enable them at %s'), admin_url('options-writing.php') ) ); 
  75. return false; 
  76.  
  77. $user = wp_authenticate($username, $password); 
  78.  
  79. if (is_wp_error($user)) { 
  80. $this->error = new IXR_Error(403, __('Bad login/pass combination.')); 
  81. return false; 
  82.  
  83. wp_set_current_user( $user->ID ); 
  84. return $user; 
  85.  
  86. /** 
  87. * Method "ngg.uploadImage" 
  88. * Uploads a image to a gallery 
  89. * @since 1.4 
  90. * @copyright addapted from WP Core 
  91. * @param array $args Method parameters. 
  92. * - int blog_id 
  93. * - string username 
  94. * - string password 
  95. * - struct data 
  96. * o string name 
  97. * o string type (optional) 
  98. * o base64 bits 
  99. * o bool overwrite (optional) 
  100. * o int gallery 
  101. * o int image_id (optional) 
  102. * @return array with image meta data 
  103. */ 
  104. function uploadImage($args) { 
  105. global $wpdb; 
  106.  
  107. require_once ( dirname ( dirname( __FILE__ ) ). '/admin/functions.php' ); // admin functions 
  108. require_once ( 'meta.php' ); // meta data import 
  109.  
  110. $blog_ID = (int) $args[0]; 
  111. $username = $wpdb->escape($args[1]); 
  112. $password = $wpdb->escape($args[2]); 
  113. $data = $args[3]; 
  114.  
  115. $name = $data['name']; 
  116. $type = $data['type']; 
  117. $bits = $data['bits']; 
  118.  
  119. // gallery & image id 
  120. $gid = (int) $data['gallery']; // required field 
  121. $pid = (int) $data['image_id']; // optional but more foolproof of overwrite 
  122. $image = false; // container for the image object 
  123.  
  124. error_log('O', '(NGG) Received '.strlen($bits).' bytes'); 
  125.  
  126. if ( !$user = $this->login($username, $password) ) 
  127. return $this->error; 
  128.  
  129. // Check if you have the correct capability for upload 
  130. if ( !current_user_can('NextGEN Upload images') ) { 
  131. error_log('O', '(NGG) User does not have upload_files capability'); 
  132. $this->error = new IXR_Error(401, __('You are not allowed to upload files to this site.')); 
  133. return $this->error; 
  134.  
  135. // Look for the gallery , could we find it ? 
  136. if ( !$gallery = nggdb::find_gallery($gid) ) 
  137. return new IXR_Error(404, __('Could not find gallery ' . $gid )); 
  138.  
  139. // Now check if you have the correct capability for this gallery 
  140. if ( !nggAdmin::can_manage_this_gallery($gallery->author) ) { 
  141. error_log('O', '(NGG) User does not have upload_files capability'); 
  142. $this->error = new IXR_Error(401, __('You are not allowed to upload files to this gallery.')); 
  143. return $this->error; 
  144.  
  145. //clean filename and extract extension 
  146. $filepart = nggGallery::fileinfo( $name ); 
  147. $name = $filepart['basename']; 
  148.  
  149. // check for allowed extension and if it's an image file 
  150. $ext = array('jpg', 'png', 'gif'); 
  151. if ( !in_array($filepart['extension'], $ext) ) { 
  152. error_log('O', '(NGG) Not allowed file type'); 
  153. $this->error = new IXR_Error(401, __('This is no valid image file.', 'nggallery')); 
  154. return $this->error; 
  155.  
  156. // in the case you would overwrite the image, let's delete the old one first 
  157. if(!empty($data["overwrite"]) && ($data["overwrite"] == true)) { 
  158.  
  159. // search for the image based on the filename, if it's not already provided 
  160. if ($pid == 0) 
  161. $pid = $wpdb->get_col(" SELECT pid FROM {$wpdb->nggpictures} WHERE filename = '{$name}' AND galleryid = '{$gid}' "); 
  162.  
  163. if ( !$image = nggdb::find_image( $pid ) ) 
  164. return new IXR_Error(404, __('Could not find image id ' . $pid )); 
  165.  
  166. // sync the gallery<->image parameter, otherwise we may copy it to the wrong gallery 
  167. $gallery = $image; 
  168.  
  169. // delete now the image 
  170. if ( !@unlink( $image->imagePath ) ) { 
  171. $errorString = sprintf(__('Failed to delete image %1$s ', 'nggallery'), $image->imagePath); 
  172. error_log('O', '(NGG) ' . $errorString); 
  173. return new IXR_Error(500, $errorString); 
  174.  
  175. // upload routine from wp core, load first the image to the upload folder, $upload['file'] contain the path 
  176. $upload = wp_upload_bits($name, $type, $bits); 
  177. if ( ! empty($upload['error']) ) { 
  178. $errorString = sprintf(__('Could not write file %1$s (%2$s)'), $name, $upload['error']); 
  179. error_log('O', '(NGG) ' . $errorString); 
  180. return new IXR_Error(500, $errorString); 
  181.  
  182. // this is the dir to the gallery 
  183. $path = WINABSPATH . $gallery->path; 
  184.  
  185. // check if the filename already exist, if not add a counter index 
  186. $filename = wp_unique_filename( $path, $name ); 
  187. $destination = $path . '/'. $filename; 
  188.  
  189. // Move files to gallery folder 
  190. if ( !@rename($upload['file'], $destination ) ) { 
  191. $errorString = sprintf(__('Failed to move image %1$s to %2$s', 'nggallery'), '<strong>' . $upload['file'] . '</strong>', $destination); 
  192. error_log('O', '(NGG) ' . $errorString); 
  193. return new IXR_Error(500, $errorString); 
  194.  
  195. //add to database if it's a new image 
  196. if(empty($data["overwrite"]) || ($data["overwrite"] == false)) { 
  197. $pid_array = nggAdmin::add_Images( $gallery->gid, array( $filename ) ); 
  198. // the first element is our new image id 
  199. if (count($pid_array) == 1) 
  200. $pid = $pid_array[0]; 
  201.  
  202. //get all information about the image, in the case it's a new one 
  203. if (!$image) 
  204. $image = nggdb::find_image( $pid ); 
  205.  
  206. // create again the thumbnail, should return a '1' 
  207. nggAdmin::create_thumbnail( $image ); 
  208.  
  209. return apply_filters( 'ngg_upload_image', $image ); 
  210.  
  211.  
  212. /** 
  213. * Method "ngg.deleteImage" 
  214. * Delete a Image from the database and gallery 
  215. * @since 1.7.3 
  216. * @param array $args Method parameters. 
  217. * - int blog_id 
  218. * - string username 
  219. * - string password 
  220. * - int image_id 
  221. * @return true 
  222. */ 
  223. function deleteImage($args) { 
  224.  
  225. global $nggdb, $ngg; 
  226.  
  227. require_once ( dirname ( dirname( __FILE__ ) ). '/admin/functions.php' ); // admin functions 
  228.  
  229. $this->escape($args); 
  230. $blog_ID = (int) $args[0]; 
  231. $username = $args[1]; 
  232. $password = $args[2]; 
  233. $id = (int) $args[3]; 
  234.  
  235. if ( !$user = $this->login($username, $password) ) 
  236. return $this->error; 
  237.  
  238. if ( !$image = nggdb::find_image($id) ) 
  239. return(new IXR_Error(404, __("Invalid image ID"))); 
  240.  
  241. if ( !current_user_can( 'NextGEN Manage gallery' ) && !nggAdmin::can_manage_this_gallery($image->author) ) 
  242. return new IXR_Error( 401, __( 'Sorry, you must be able to edit this image' ) ); 
  243.  
  244. if ($ngg->options['deleteImg']) { 
  245. @unlink($image->imagePath); 
  246. @unlink($image->thumbPath); 
  247. @unlink($image->imagePath . "_backup" ); 
  248.  
  249. nggdb::delete_image ( $id ); 
  250.  
  251. return true; 
  252.  
  253.  
  254. /** 
  255. * Method "ngg.editImage" 
  256. * Edit a existing Image 
  257. * @since 1.7.3 
  258. * @param array $args Method parameters. 
  259. * - int blog_id 
  260. * - string username 
  261. * - string password 
  262. * - int Image ID 
  263. * - string alt/title text 
  264. * - string description 
  265. * - int exclude from gallery (0 or 1) 
  266. * @return true if success 
  267. */ 
  268. function editImage($args) { 
  269.  
  270. global $ngg; 
  271.  
  272. require_once ( dirname ( dirname( __FILE__ ) ). '/admin/functions.php' ); // admin functions 
  273.  
  274. $this->escape($args); 
  275. $blog_ID = (int) $args[0]; 
  276. $username = $args[1]; 
  277. $password = $args[2]; 
  278. $id = (int) $args[3]; 
  279. $alttext = $args[4]; 
  280. $description= $args[5]; 
  281. $exclude = (int) $args[6]; 
  282.  
  283. if ( !$user = $this->login($username, $password) ) 
  284. return $this->error; 
  285.  
  286. if ( !$image = nggdb::find_image($id) ) 
  287. return(new IXR_Error(404, __( 'Invalid image ID' ))); 
  288.  
  289. if ( !current_user_can( 'NextGEN Manage gallery' ) && !nggAdmin::can_manage_this_gallery($image->author) ) 
  290. return new IXR_Error( 401, __( 'Sorry, you must be able to edit this image' ) ); 
  291.  
  292. if ( !empty( $id ) ) 
  293. $result = nggdb::update_image($id, false, false, $description, $alttext, $exclude); 
  294.  
  295. if ( !$result ) 
  296. return new IXR_Error(500, __('Sorry, could not update the image')); 
  297.  
  298. return true; 
  299.  
  300.  
  301. /** 
  302. * Method "ngg.newGallery" 
  303. * Create a new gallery 
  304. * @since 1.4 
  305. * @param array $args Method parameters. 
  306. * - int blog_id 
  307. * - string username 
  308. * - string password 
  309. * - string new gallery name 
  310. * @return int with new gallery ID 
  311. */ 
  312. function newGallery($args) { 
  313.  
  314. global $ngg; 
  315.  
  316. require_once ( dirname ( dirname( __FILE__ ) ). '/admin/functions.php' ); // admin functions 
  317.  
  318. $this->escape($args); 
  319. $blog_ID = (int) $args[0]; 
  320. $username = $args[1]; 
  321. $password = $args[2]; 
  322. $name = $args[3]; 
  323. $id = false; 
  324.  
  325. if ( !$user = $this->login($username, $password) ) 
  326. return $this->error; 
  327.  
  328. if( !current_user_can( 'NextGEN Manage gallery' ) ) 
  329. return new IXR_Error( 401, __( 'Sorry, you must be able to manage galleries' ) ); 
  330.  
  331. if ( !empty( $name ) ) 
  332. $id = nggAdmin::create_gallery($name, $ngg->options['gallerypath'], false); 
  333.  
  334. if ( !$id ) 
  335. return new IXR_Error(500, __('Sorry, could not create the gallery')); 
  336.  
  337. return($id); 
  338.  
  339.  
  340. /** 
  341. * Method "ngg.editGallery" 
  342. * Edit a existing gallery 
  343. * @since 1.7.0 
  344. * @param array $args Method parameters. 
  345. * - int blog_id 
  346. * - string username 
  347. * - string password 
  348. * - int gallery ID 
  349. * - string gallery name 
  350. * - string title 
  351. * - string description 
  352. * - int ID of the preview picture 
  353. * @return true if success 
  354. */ 
  355. function editGallery($args) { 
  356.  
  357. global $ngg; 
  358.  
  359. require_once ( dirname ( dirname( __FILE__ ) ). '/admin/functions.php' ); // admin functions 
  360.  
  361. $this->escape($args); 
  362. $blog_ID = (int) $args[0]; 
  363. $username = $args[1]; 
  364. $password = $args[2]; 
  365. $id = (int) $args[3]; 
  366. $name = $args[4]; 
  367. $title = $args[5]; 
  368. $description= $args[6]; 
  369. $previewpic = (int) $args[7]; 
  370.  
  371. if ( !$user = $this->login($username, $password) ) 
  372. return $this->error; 
  373.  
  374. if ( !$gallery = nggdb::find_gallery($id) ) 
  375. return(new IXR_Error(404, __("Invalid gallery ID"))); 
  376.  
  377. if ( !current_user_can( 'NextGEN Manage gallery' ) && !nggAdmin::can_manage_this_gallery($gallery->author) ) 
  378. return new IXR_Error( 401, __( 'Sorry, you must be able to manage this gallery' ) ); 
  379.  
  380. if ( !empty( $name ) ) 
  381. $result = nggdb::update_gallery($id, $name, false, $title, $description, false, $previewpic); 
  382.  
  383. if ( !$result ) 
  384. return new IXR_Error(500, __('Sorry, could not update the gallery')); 
  385.  
  386. return true; 
  387.  
  388.  
  389. /** 
  390. * Method "ngg.newAlbum" 
  391. * Create a new album 
  392. * @since 1.7.0 
  393. * @param array $args Method parameters. 
  394. * - int blog_id 
  395. * - string username 
  396. * - string password 
  397. * - string new album name 
  398. * - int id of preview image 
  399. * - string description 
  400. * - string serialized array of galleries or a comma-separated string of gallery IDs 
  401. * @return int with new album ID 
  402. */ 
  403. function newAlbum($args) { 
  404.  
  405. global $ngg; 
  406.  
  407. $this->escape($args); 
  408. $blog_ID = (int) $args[0]; 
  409. $username = $args[1]; 
  410. $password = $args[2]; 
  411. $name = $args[3]; 
  412. $preview = (int) $args[4]; 
  413. $description= $args[5]; 
  414. $galleries = $this->is_serialized($args[6]); 
  415. $id = false; 
  416.  
  417. if ( !$user = $this->login($username, $password) ) 
  418. return $this->error; 
  419.  
  420. if( !current_user_can( 'NextGEN Edit album' ) || !nggGallery::current_user_can( 'NextGEN Add/Delete album' ) ) 
  421. return new IXR_Error( 401, __( 'Sorry, you must be able to manage albums' ) ); 
  422.  
  423. if ( !empty( $name ) ) 
  424. $id = $result = nggdb::add_album( $name, $preview, $description, $galleries ); 
  425.  
  426. if ( !$id ) 
  427. return new IXR_Error(500, __('Sorry, could not create the album')); 
  428.  
  429. return($id); 
  430.  
  431.  
  432. /** 
  433. * Method "ngg.editAlbum" 
  434. * Edit a existing Album 
  435. * @since 1.7.0 
  436. * @param array $args Method parameters. 
  437. * - int blog_id 
  438. * - string username 
  439. * - string password 
  440. * - int album ID 
  441. * - string album name 
  442. * - int id of preview image 
  443. * - string description 
  444. * - string serialized array of galleries or a comma-separated string of gallery IDs 
  445. * @return true if success 
  446. */ 
  447. function editAlbum($args) { 
  448.  
  449. global $ngg; 
  450.  
  451. require_once ( dirname ( dirname( __FILE__ ) ). '/admin/functions.php' ); // admin functions 
  452.  
  453. $this->escape($args); 
  454. $blog_ID = (int) $args[0]; 
  455. $username = $args[1]; 
  456. $password = $args[2]; 
  457. $id = (int) $args[3]; 
  458. $name = $args[4]; 
  459. $preview = (int) $args[5]; 
  460. $description= $args[6]; 
  461. $galleries = $this->is_serialized($args[7]); 
  462.  
  463. if ( !$user = $this->login($username, $password) ) 
  464. return $this->error; 
  465.  
  466. if ( !$album = nggdb::find_album($id) ) 
  467. return(new IXR_Error(404, __("Invalid album ID"))); 
  468.  
  469. if( !current_user_can( 'NextGEN Edit album' ) ) 
  470. return new IXR_Error( 401, __( 'Sorry, you must be able to manage albums' ) ); 
  471.  
  472. if ( !empty( $name ) ) 
  473. $result = nggdb::update_album($id, $name, $preview, $description, $galleries); 
  474.  
  475. if ( !$result ) 
  476. return new IXR_Error(500, __('Sorry, could not update the album')); 
  477.  
  478. return true; 
  479.  
  480.  
  481. /** 
  482. * Method "ngg.deleteAlbum" 
  483. * Delete a album from the database 
  484. * @since 1.7.0 
  485. * @param array $args Method parameters. 
  486. * - int blog_id 
  487. * - string username 
  488. * - string password 
  489. * - int album id 
  490. * @return true 
  491. */ 
  492. function deleteAlbum($args) { 
  493.  
  494. global $nggdb; 
  495.  
  496. $this->escape($args); 
  497. $blog_ID = (int) $args[0]; 
  498. $username = $args[1]; 
  499. $password = $args[2]; 
  500. $id = (int) $args[3]; 
  501.  
  502. if ( !$user = $this->login($username, $password) ) 
  503. return $this->error; 
  504.  
  505. if ( !$album = nggdb::find_album($id) ) 
  506. return(new IXR_Error(404, __("Invalid album ID"))); 
  507.  
  508. if( !current_user_can( 'NextGEN Edit album' ) && !nggGallery::current_user_can( 'NextGEN Add/Delete album' ) ) 
  509. return new IXR_Error( 401, __( 'Sorry, you must be able to manage albums' ) ); 
  510.  
  511. $nggdb->delete_album($id); 
  512.  
  513. return true; 
  514.  
  515.  
  516. /** 
  517. * Method "ngg.deleteGallery" 
  518. * Delete a gallery from the database, including all images 
  519. * @since 1.7.0 
  520. * @param array $args Method parameters. 
  521. * - int blog_id 
  522. * - string username 
  523. * - string password 
  524. * - int gallery_id 
  525. * @return true 
  526. */ 
  527. function deleteGallery($args) { 
  528.  
  529. global $nggdb; 
  530.  
  531. require_once ( dirname ( dirname( __FILE__ ) ). '/admin/functions.php' ); // admin functions 
  532.  
  533. $this->escape($args); 
  534. $blog_ID = (int) $args[0]; 
  535. $username = $args[1]; 
  536. $password = $args[2]; 
  537. $id = (int) $args[3]; 
  538.  
  539. if ( !$user = $this->login($username, $password) ) 
  540. return $this->error; 
  541.  
  542. if ( !$gallery = nggdb::find_gallery($id) ) 
  543. return(new IXR_Error(404, __("Invalid gallery ID"))); 
  544.  
  545. if ( !current_user_can( 'NextGEN Manage gallery' ) && !nggAdmin::can_manage_this_gallery($gallery->author) ) 
  546. return new IXR_Error( 401, __( 'Sorry, you must be able to manage galleries' ) ); 
  547.  
  548. $nggdb->delete_gallery($id); 
  549.  
  550. return true; 
  551.  
  552.  
  553. /** 
  554. * Method "ngg.getAlbums" 
  555. * Return the list of all albums 
  556. * @since 1.7.0 
  557. * @param array $args Method parameters. 
  558. * - int blog_id 
  559. * - string username 
  560. * - string password 
  561. * @return array with all galleries 
  562. */ 
  563. function getAlbums($args) { 
  564.  
  565. global $nggdb; 
  566.  
  567. $this->escape($args); 
  568. $blog_ID = (int) $args[0]; 
  569. $username = $args[1]; 
  570. $password = $args[2]; 
  571.  
  572. if ( !$user = $this->login($username, $password) ) 
  573. return $this->error; 
  574.  
  575. if( !current_user_can( 'NextGEN Edit album' ) ) 
  576. return new IXR_Error( 401, __( 'Sorry, you must be able to manage albums' ) ); 
  577.  
  578. $album_list = $nggdb->find_all_album('id', 'ASC', 0, 0 ); 
  579.  
  580. return($album_list); 
  581.  
  582.  
  583. /** 
  584. * Method "ngg.getAlbum" 
  585. * Return the specified album 
  586. * @since 1.9.2 
  587. * @param array $args Method parameters. 
  588. * - int blog_id 
  589. * - string username 
  590. * - string password 
  591. * - int album_id 
  592. * @return array with the album object 
  593. */ 
  594. function getAlbum($args) { 
  595.  
  596.  
  597. $this->escape($args); 
  598. $blog_ID = (int) $args[0]; 
  599. $username = $args[1]; 
  600. $password = $args[2]; 
  601. $id = (int) $args[3]; 
  602.  
  603. if ( !$user = $this->login($username, $password) ) 
  604. return $this->error; 
  605.  
  606. if( !current_user_can( 'NextGEN Edit album' ) ) 
  607. return new IXR_Error( 401, __( 'Sorry, you must be able to manage albums' ) ); 
  608.  
  609. $album = nggdb::find_album( $id ); 
  610.  
  611. return($album); 
  612.  
  613.  
  614. /** 
  615. * Method "ngg.getGalleries" 
  616. * Return the list of all galleries 
  617. * @since 1.4 
  618. * @param array $args Method parameters. 
  619. * - int blog_id 
  620. * - string username 
  621. * - string password 
  622. * @return array with all galleries 
  623. */ 
  624. function getGalleries($args) { 
  625.  
  626. global $nggdb; 
  627.  
  628. $this->escape($args); 
  629. $blog_ID = (int) $args[0]; 
  630. $username = $args[1]; 
  631. $password = $args[2]; 
  632.  
  633. if ( !$user = $this->login($username, $password) ) 
  634. return $this->error; 
  635.  
  636. if( !current_user_can( 'NextGEN Manage gallery' ) ) 
  637. return new IXR_Error( 401, __( 'Sorry, you must be able to manage galleries' ) ); 
  638.  
  639. $gallery_list = $nggdb->find_all_galleries('gid', 'asc', true, 0, 0, false); 
  640.  
  641. return($gallery_list); 
  642.  
  643.  
  644. /** 
  645. * Method "ngg.getGallery" 
  646. * Return the specified gallery 
  647. * @since 1.9.2 
  648. * @param array $args Method parameters. 
  649. * - int blog_id 
  650. * - string username 
  651. * - string password 
  652. * - int gallery_id 
  653. * @return array with the gallery object 
  654. */ 
  655. function getGallery($args) { 
  656.  
  657. global $nggdb; 
  658.  
  659. $this->escape($args); 
  660. $blog_ID = (int) $args[0]; 
  661. $username = $args[1]; 
  662. $password = $args[2]; 
  663. $gid = (int) $args[3]; 
  664.  
  665. if ( !$user = $this->login($username, $password) ) 
  666. return $this->error; 
  667.  
  668. if( !current_user_can( 'NextGEN Manage gallery' ) ) 
  669. return new IXR_Error( 401, __( 'Sorry, you must be able to manage galleries' ) ); 
  670.  
  671. $gallery = $nggdb->find_gallery($gid); 
  672.  
  673. return($gallery); 
  674.  
  675.  
  676. /** 
  677. * Method "ngg.getImages" 
  678. * Return the list of all images inside a gallery 
  679. * @since 1.4 
  680. * @param array $args Method parameters. 
  681. * - int blog_id 
  682. * - string username 
  683. * - string password 
  684. * - int gallery_id 
  685. * @return array with all images 
  686. */ 
  687. function getImages($args) { 
  688.  
  689. global $nggdb; 
  690.  
  691. require_once ( dirname ( dirname( __FILE__ ) ). '/admin/functions.php' ); // admin functions 
  692.  
  693. $this->escape($args); 
  694. $blog_ID = (int) $args[0]; 
  695. $username = $args[1]; 
  696. $password = $args[2]; 
  697. $gid = (int) $args[3]; 
  698.  
  699. if ( !$user = $this->login($username, $password) ) 
  700. return $this->error; 
  701.  
  702. // Look for the gallery , could we find it ? 
  703. if ( !$gallery = nggdb::find_gallery( $gid ) ) 
  704. return new IXR_Error(404, __('Could not find gallery ' . $gid )); 
  705.  
  706. // Now check if you have the correct capability for this gallery 
  707. if ( !nggAdmin::can_manage_this_gallery($gallery->author) ) { 
  708. error_log('O', '(NGG) User does not have upload_files capability'); 
  709. $this->error = new IXR_Error(401, __('You are not allowed to upload files to this gallery.')); 
  710. return $this->error; 
  711.  
  712. // get picture values 
  713. $picture_list = $nggdb->get_gallery( $gid, 'pid', 'ASC', false ); 
  714.  
  715. return($picture_list); 
  716.  
  717.  
  718. /** 
  719. * Method "ngg.getImage" 
  720. * Return a single image inside a gallery 
  721. * @since 1.9.2 
  722. * @param array $args Method parameters. 
  723. * - int blog_id 
  724. * - string username 
  725. * - string password 
  726. * - int picture_id 
  727. * @return array with image properties 
  728. */ 
  729. function getImage($args) { 
  730.  
  731. global $nggdb; 
  732.  
  733. require_once ( dirname ( dirname( __FILE__ ) ). '/admin/functions.php' ); // admin functions 
  734.  
  735. $this->escape($args); 
  736. $blog_ID = (int) $args[0]; 
  737. $username = $args[1]; 
  738. $password = $args[2]; 
  739. $pid = (int) $args[3]; 
  740.  
  741. if ( !$user = $this->login($username, $password) ) 
  742. return $this->error; 
  743.  
  744. // get picture 
  745. $image = $nggdb->find_image( $pid ); 
  746.  
  747. if ($image) { 
  748. $gid = $image->galleryid; 
  749.  
  750. // Look for the gallery , could we find it ? 
  751. if ( !$gallery = nggdb::find_gallery( $gid ) ) 
  752. return new IXR_Error(404, __('Could not find gallery ' . $gid )); 
  753.  
  754. // Now check if you have the correct capability for this gallery 
  755. if ( !nggAdmin::can_manage_this_gallery($gallery->author) ) { 
  756. error_log('O', '(NGG) User does not have upload_files capability'); 
  757. $this->error = new IXR_Error(401, __('You are not allowed to upload files to this gallery.')); 
  758. return $this->error; 
  759.  
  760. return($image); 
  761.  
  762.  
  763. /** 
  764. * Sanitize string or array of strings for database. 
  765. * @since 1.7.0 
  766. * @author WordPress Core 
  767. * @filesource inludes/class-wp-xmlrpc-server.php 
  768. * @param string|array $array Sanitize single string or array of strings. 
  769. * @return string|array Type matches $array and sanitized for the database. 
  770. */ 
  771. function escape(&$array) { 
  772. global $wpdb; 
  773.  
  774. if (!is_array($array)) { 
  775. return($wpdb->escape($array)); 
  776. } else { 
  777. foreach ( (array) $array as $k => $v ) { 
  778. if ( is_array($v) ) { 
  779. $this->escape($array[$k]); 
  780. } else if ( is_object($v) ) { 
  781. //skip 
  782. } else { 
  783. $array[$k] = $wpdb->escape($v); 
  784.  
  785. /** 
  786. * PHP5 style destructor and will run when database object is destroyed. 
  787. * @return bool Always true 
  788. */ 
  789. function __destruct() { 
  790.