Okay, I’ve tried a few things but nothing seems to be working.
I’ve tried including the feed in a .php file at root and then parsing that, still the same error pops up.
I’ve tried accessing the full URL (including http) but that triggers a PHP error (I’d have to alter PHP’s security settings which isn’t worth it).
I’ve tried mucking about with .htaccess, such as creating a bogus URL at root which points to the actual feed.
I’ve tried all of the above using the non-friendly URL equivalents but that doesn’t work.
Has no-one else had this issue? Or can anyone think what the problem might be?
When you specify the feed address as “/blog/feed”, then it’s looking locally for it. As in, it’s trying to get a file on your server named /blog/feed. When you put the full http bit there, then it actually goes out to the web and tries to get the feed, but your security settings interfere.
Short version:
1. You MUST put the full address to the feed. Period.
2. If your PHP security is set too high to allow that, then you need to change it.
There is no alternative solution.
Surely then, using “/blog/wp-rss2.php” should work? It doesn’t, I get the following error:
Warning: MagpieRSS: Failed to fetch blog/wp-rss2.php (HTTP Error: Invalid protocol "") in /var/www/vhosts/[snip]/httpdocs/inc/magpierss/rss_fetch.inc on line 238
Although the PHP-include does work with wp-rss2.php.
No, it won’t work that way. It’s looking for a feed ON THE WEB. That’s what Magpie and Snoopy does. /blog/wp-rss2.php is not a web address. Magpie/Snoopy does not do a normal PHP include, it’s trying to get the file off the network. The fact that a normal include works means nothing.
You MUST use the full HTTP if you’re going to use the built in feed reading stuff.
Feeds are not local. That’s sorta what makes them feeds. A feed address is fully qualified or it’s nothing.
Thanks, that explains things nicely.
Supplying Magpie with http://[snip]/blog/wp-rss2.php didn’t work either. It is a web address, after all.
I created a file at root (/feed.php) that PHP-includes the feed (/blog/wp-rss2.php). The plan was to then give Magpie /feed.php.
However, for some reason, in /feed.php, the Items tag and contents were missing. The same include in /index.php contains the Items tag and all the Item tags as you’d expect. Any idea why that might be?
And before I carry on, is this the right way to go? I’m not going to mess with PHP security because I want my site nice and secure, so is there another way to display the contents of the WordPress feed on my site’s home page?
Allowing PHP programs to actually access the web is not a security breach. Security is not that simple.
I have to say, that’s not very helpful. allow_url_fopen (the setting concerned) is turned off to help prevent code injection vulnerabilities. There are countless examples on the web of sites being compromised because of such vulnerabilities.
Do you know of another way?
allow_url_fopen is not what you need to enable here. It’s also not a security risk (if they can inject code, then they don’t need allow_url_fopen to compromise you, because they already have done just that), but again, that is not really relevant to this particular discussion.
Snoopy in fact uses fsockopen() to make external connections to websites. This is not related to allow_url_fopen in any way.
