[wp-hackers] PhoneBlogz - blogging by phone, testers needed!

Matthew Butt matt at preinvent.com
Fri Jan 6 19:23:45 GMT 2006

Thanks for the input.  What I was hoping to do is use the already-present
methods of posting, ie XMLRPC (why reinvent the wheel?).  This makes it easy
for many reasons, but from a security point of view there are obvious


I'll probably end up providing modules for various pieces of software
(Wordpress, Drupal etc) but allow users to also use direct posting if
they're OK with the security issues.  Hopefully that'll keep the majority of
people happy.


Thanks again,





Has Flickr solved this problem with the way they allow 3rd parties to
authenticate against their system? 

Yes, they now use a secret, token/fob system for users to grant access to
programs on a program by program basis. So, if you decided that you didn't
want a specific application to use your credentials anymore, you can deny it
access. More information can be found:

However, keep in mind that since flickr is a controlled service (e.g. it is
only ever in "one" location), they can afford to use the model that they
have in place. With distributed installations of wordpress (with the
exception being wordpress.com) other logistical alternatives might need to
be looked at since keeping all authentication on many different servers
provides just as many challenges, if not more, than just having it on only

Hope that helps,

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://comox.textdrive.com/pipermail/wp-hackers/attachments/20060106/4cc1cfb6/attachment-0001.htm

More information about the wp-hackers mailing list