Posts-Level plugin and RSS authentication…

I just tried to use a couple web browsers to login and view the rss feed. Even in Firefox, I just keep getting the login popup. Does anyone have any ides? I’d really appreciate some help.

Here’s the plugin’s page:
https://fortes.com/2005/12/27/post-levels-10/

OK, I have started pulling apart the plugin and found out that the problem stems from having to use authentication in general. My host has PHP installed as cgi and not a module. So the $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] are not set by the server.

I found a script that, along with an add-on to my .htaccess file, grabs the data and rebuilds the two variables.

But now, even though my credentials go through, I just get a 404 error. Is anyone else using this plugin, in a “module” environment, and can vouch that it functions correctly? I’d like to know that I’m on the right track but just need to tweak something else. Thanks!

Ahhh… well that was a problem with the htaccess… If I manually switch over to the actual feed url e.g., wp-rss2.php?http_auth=yes then I just get an empty feed. and switching over to “=no” works fine…

Guess I’ll be installing this at home to my linux box that doesn’t even currently have an internet connection just to see what’s supposed to be happening. This is starting to get annoying…

I’m still not any closer to solving this. The author never replied and the posts page has some more comments that are unrelated.

So far I’ve gone through the code some more, trying to follow along with what it is actually doing. It’s not helping much… I’m not seeing it fail anywhere…

OK, while I was writing this I contiuned to play I found some bizarre anomolies…

I was trying to fix the fact that my fix to pass the authentication variables adds to the htaccess file and seems to break the “clean urls” for the feeds.

While playing I randomly put in incorrect information. But since I was already logged in… the friggen hidden post showed up. So it didn’t prompt me, but it included the post. And then it disappeared a few refreshes later and then came back with some more fiddling…

So to summarize,

• Putting in “/wp-rss2.php?http_auth=yes” displays a blank feed, with just the basic information, no posts. But at least it prompts you for authentication”
• Changing that to the actual feed produces a 404 error. And when switched from “/feed/?http_auth=yes” to “/feed/?http_auth=no” the 404 goes away.
• Sometimes if I’m logged in already (only produced in Firefox so far) and just use “/feed/” or even “/wp-rss2.php” (remember, not all the time) I get back the correct feed with the hidden post.
• “/feed/?http_auth=yes” produces a 404 error, yet “/feed/?http_auth=yes/” does not. And again, sometimes produces a feed including the private post.

Maybe I should also make sure that my htaccess can’t be made better (I’m sure it can).

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [E=REMOTE_USER:%{HTTP:Authorization},L]
</IfModule>
# END WordPress


<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization},L]
</IfModule>


Is there anyone out there who can give me something positive? I can’t make heads or tails of all this wonky behavior… Thanks!