Posted 16 years ago #
Hi,
I recently installed FeedWordPress and it appears to be working just fine. But I noticed each user's FeedWordPress admin area allows them to select various authors for the different rss feeds they pull. The drop down list shows every user on the entire WPMU system. This may not be a security risk but worried me. Just wondering if anyone else is using this plugin, and if so are there any problems?
Thanks
Take a look at the code for this plugin and see what function is being used to grab that list of users. Using the function get_users_of_blog() may work better. I don't use this plugin so I can't help with the coding.
I use FeedWordPress as a portal for blogs hosted on my WPMU install, and it's my understanding that that dropdown specifies the author of syndicated version of the post -- and will not affect the original post.
In my own install, it seems like it's getting that list from authors that have been previously syndicated and the authors of the syndicating blog -- nor pulling them from the WPMU database. (ie authors who have not posted or whose blogs are not syndicated do not show up on this list)
