MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.2 Series > MyBB 1.2 General Support > syndication of protected posts
Full Version: syndication of protected posts
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

martinschwertle

2008-06-11, 02:32 PM
I am running a forum which is not viewable for public. only registered users can view and post in this forum.

I now would like to get an RSS feed of my protected content. but when I am not logged in (which is regular and good) it does not give me a RSS feed via the usual way. I would have to login to get it. is there any way to get a RSS feed of it? e.g. by

http://domain.tld/forum/syndication.php?fid=16&limit=15&username=foo&password=bar

instead of just

http://domain.tld/forum/syndication.php?fid=16&limit=15

this method actually does not work, as I am posing this question in here. would be glad if anyone could help me.

Yumi

2008-06-12, 02:58 AM
My suggestion would be to stay logged in (if you're using something like Firefox's RSS, it should carry the cookies over and authenticate you).
Sticking the password in the URL is somewhat a security risk.

martinschwertle

2008-06-12, 09:26 AM
thing is, that I automatically want to readout the RSS via a feedreader robot. it's not that I want to use the feed for my direct usage. I know that it is a security issue with username and password in the URL (which will be the reason why it has not been implemented that way or implemented at all). I just thought someone has come across the same problem and made some experiences.

but thanks anyway, krgds.

Yumi

2008-06-12, 01:18 PM
Hmm, does the custom feed aggregator have the ability to send cookies?

Dennis Tsang

2008-06-13, 03:37 AM
I think more RSS aggregators have support for HTTP authentication than cookies

Yumi

2008-06-14, 05:51 AM
Never used an RSS aggregator (other than the Firefox one), so wouldn't know.
Just thought that it would be possible to chuck the loginkey into the URL with a simple plugin if it didn't support cookies.

martinschwertle

2008-06-15, 05:05 PM
no: unfortunately the aggregator neither supports cookies, nor does it grant a http authentication request.

Yumi

2008-06-18, 09:30 AM
I haven't tested this, but, if you don't mind explaining to your users how to stick cookies in the URL, try this code edit:

In inc/class_session.php, find:
		$logon = explode("_", $_COOKIE['mybbuser'], 2);
		if($_COOKIE['mybbuser'])
		{
			$this->load_user($logon[0], $logon[1]);
		}
Add before:
if($mybb->input['mybbuser']) $_COOKIE['mybbuser'] = $mybb->input['mybbuser'];

I'm not sure if this could introduce any security issues, but I can't think of anything significant.

To use this, grab your mybbuser cookie, and append it to the URL, eg:
http://domain.tld/forum/syndication.php?fid=16&limit=15&mybbuser=1_ab38df...

martinschwertle

2008-06-18, 12:54 PM
wow this looks like a very powerful solution, I will try this out. thanks a lot, I will let you know if it worked.

martinschwertle

2008-06-20, 12:15 PM
amazing! this really works. great! support team: please consider upgrading zinga burga, imho absolutely no "weak member" status necessary.

thanks a lot!
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.2 Series > MyBB 1.2 General Support > syndication of protected posts