Home General support

RSS feed with authentication

HannesE Member
in General support
Hi out there,

I couldn't find out how to use an rss feed on zenphoto with user authentication.
Can someone help out?

Thanks,
Hannes

Comments

  • acrylian Administrator, Developer
    The feeds do not support that. You need to modify the feed yourself.
  • HannesE Member
    acrylian,
    thanks for your answer!
    so there is no way to have an rss feed on a password protected gallery without hacking code?
    hannes
  • acrylian Administrator, Developer
    Correct, it is simply not implemented. The feed just does not show items from protected albums.
  • HannesE Member
    Does this made any progress? Is it implemented yet?
    How would I modify the feed? Is it possible to put the password in the URL directly?

    Thanks again for the great product. I really enjoy it.
  • acrylian Administrator, Developer
    No, it's not on our list as we didn't we get any other request than yours. Feel free to open a feature request ticket.

    How would I modify the feed? Is it possible to put the password in the URL directly?
    Sure, you have to implement a GET check.
  • xtonda Member
    Hi,

    any progress on this? If not, please can you provide a hint how to implement passing user and password as parameter in RSS url?

    Anyway, RSS on protected content behaves strange. I am logged as Master admin in Firefox. When I click on RSS on homepage, RSS contains all images, when I click RSS when browsing album I get empty stream.
  • xtonda Member
    Forgot to write I am using Zenphoto version 1.4.0.4 [7122]
  • acrylian Administrator, Developer
    Please try the night build (That soon becomes 1.4.1). We don't implement authentification in RSS feeds. You would have to pass the user id and password via URL which is clearly not a good idea.

    Normally RSS feeds are called outside the site environment itself so protected and unpublished items are not included.

    If you call it on a browser itself while being logged in you of course see all items you have the rights to see.
  • xtonda Member
    I added following code at the beggining of rss.php
    `

    $_zp_current_album = new Album(new Gallery(), $_GET['album']);

    $authType = "zp_album_auth_" . $_zp_current_album->get('id');

    $check_auth = $_zp_current_album->getPassword();

    $check_user = $_zp_current_album->getUser();

    if (isset($_GET['pass']) && isset($_GET['user'])) {

    $post_user = sanitize($_GET['user']);

    $post_pass = sanitize($_GET['pass']);

    $auth = $_zp_authority->passwordHash($post_user, $post_pass);

    $success = ($auth == $check_auth) && $post_user == $check_user;

    $success = zp_apply_filter('guest_login_attempt', $success, $post_user, $post_pass, $authType);

    if ($success) {

    zp_setcookie($authType, $auth);

    }

    }

    `

    URL in following form is working now for protected albums, which is enough for me:

    http://zp.andrs.net/index.php?rss&album=<album_folder>&user=<album_user>&pass=<album_password&gt;

  • acrylian Administrator, Developer
    You could submit a ticket if you like. Maybe we add that sometime. (of course this covers only one of the 3 rss feeds available).
Sign In or Register to comment.