Ah. There is another annoying bug in profile.module which gives wrong data in /profile. Data in fields was not cleared so the data will show in next record if fields in the next record are empty. Below is the patch for this problem.

--- profile.module.orig 2006-01-26 20:43:04.000000000 +0700
+++ profile.module      2006-01-27 20:34:54.000000000 +0700
@@ -393,6 +393,8 @@
   foreach ($fields as $key => $field) {
     if ($value = profile_view_field($account, $field)) {
       $fields[$key]->value = $value;
+    } else {
+      $fields[$key]->value = $value;
     }
   }
   return $fields;

According to patch of blogapi.module, the second problem is to save category properly. Since the taxonomy.module now support load operation in nodeapi hook, $node->taxonomy is not just a plain array of string anymore. Instead it is a standard class so taxonomy.module must handle the object correct.

--- taxonomy.module.orig  2006-01-26 15:33:20.000000000 +0700
+++ taxonomy.module        2006-01-27 20:55:11.000000000 +0700
@@ -644,6 +644,9 @@
           }
         }
       }
+      else if (is_object($term)) {
+        db_query("INSERT INTO {term_node} (nid, tid) VALUES (%d, %d)", $nid, $term->tid);
+      }
       else if ($term) {
         db_query("INSERT INTO {term_node} (nid, tid) VALUES (%d, %d)", $nid, $term);
       }

You might notice that you are unable to delete url aliases in Drupal. I don"t know the exact version that this problem exists. Anyway, I have patched it right now.

diff -u path.module.orig path.module
--- path.module.orig      2005-12-19 21:51:38.000000000 +0700
+++ path.module    2006-01-27 11:56:01.000000000 +0700
@@ -100,7 +100,7 @@
  **/
 function path_admin_delete_confirm($pid) {
   $path = path_load($pid);
-  if (user_access("administer path aliases")) {
+  if (user_access("administer url aliases")) {
     $form["pid"] = array("#type" => "value", "#value" => $pid);
     $output = confirm_form("path_admin_delete_confirm", $form,
   t("Are you sure you want to delete path alias %title?", array("%title" => theme("placeholder", $path["dst"]))),

In Drupal 4.7.0 beta 4, blogapi.module mostly works fine with Post2Blog unless 2 points. The first one occurs when trying to edit post. Categories will not return via XML-RPC. Below is my patch.

diff -u blogapi.module.orig blogapi.module
--- blogapi.module.orig   2006-01-12 17:02:45.000000000 +0700
+++ blogapi.module 2006-01-27 16:02:51.000000000 +0700
@@ -710,6 +710,17 @@
     $xmlrpcval["mt_convert_breaks"] = $node->format;
   }
 
+  $terms = module_invoke("taxonomy", "node_get_terms", $node->nid, "tid");
+  $categories = array();
+  foreach ($terms as $term) {
+    $term_name = $term->name;
+    foreach (module_invoke("taxonomy", "get_parents", $term->tid, "tid") as $parent) {
+      $term_name = $parent->name . "/" . $term_name;
+    }
+    $categories[] = $term_name;
+  }
+  $xmlrpcval["categories"] = $categories;
+
   return $xmlrpcval;
 }

One of my machine was installed AWStats 5.9 since 2003 and never upgraded or patched. Today I heard that that machine has been transmitting syn flood to 3com. After short investigating, we found that there has been a strange process namely cback running as apache. Then I simply googled by keyword . The first result is Slapper v2.0 - XML-RPC/Awstats Worm. Oh, my god! I have just got hacked by XML-RPC 2 weeks ago. It seems XML-RPC implementation in PHP is being widely cracked down by many hackers around the world.

According to my previous experience of W32:Trojan-gen, many people seem to encounter this problem so far. If you don"t want to switch antivirus software to NOD32 like I recommended and you really love Avast, a free antivirus software, you might want to remove it from the warning list. By the way, it is not as simple as you thought. Avast may not remove it (just warn) or removed it but actually didn"t. Don"t worry too much. It is actually just a false alarm. You cannot remove it permanently because most of this false alarm appear with System Restore"s files of Win XP. That is the problem. The Win XP will try to recover the files to last known state everytime you reboot. If you really want to remove this alarm, simply turn off System Restore in System Properties. After cleaned and rebooted the machine, you can turn it on again.