[geeklog-devel] Webservices API in CVS

Blaine Lang devel at portalparts.com
Sat Aug 11 21:08:18 EDT 2007

Hi Dirk,

I like the generic API PLG_invokeService and agree that being generic it 
can be of use.

Although, I think the full power of webservices would be seen if we did 
implement security and this is how it could be implemented:

You send a "authenticate" verb with you username and  password and get 
back a secure oid (object id) that is like the MD5 password field now. 
This is not something a hacker would easily get. Now once we have the 
oid, it would be passed in as a parm for all secure calls.

RSS Feeds are great for public access data. But what if I wanted to have 
remote access to secure files or forum posts. Someone could post now to 
the forum as their userid. I think without security, all requests are 
anonymous and I'm trying to think of where this is better then the RSS 
feeds API.

get list_forums
get list_forum_topics
post reply
get new privatemessages
get file (secure category)


Dirk Haun wrote:
> If you're getting a note about an undefined function:
> service_getTopicList_staticpages() in plugins/staticpages/
> services.inc.php is calling a function COM_topicArray(). Not sure where
> that's coming from - I don't have the code for such a function.
> Just comment it out or update from CVS again.
> Also, I forgot to point out that the Webservices API requires PHP 5. We
> should probably add a check for that somewhere ...
> bye, Dirk

More information about the geeklog-devel mailing list