How does authentication work with the server-side API?
Answer
Authentication is handled automatically using cookies, similar to regular website requests. If cookies are not feasible, the response parameters device_auth_member_id_cn/device_auth_pass_hashed_cn/device_auth_member_id_vl/device_auth_pass_hashed_vl from the login endpoint can be resent as POST parameters in subsequent requests.
How do I access the server-side API for my mobile app?
Answer
The server-side API can be accessed via HTTP calls to http://yourbaseurl/data/endpoint.php. Results are returned in JSON format. The API utilizes endpoints with a 'hook' name and a 'hook type' categorization. Both REST-style and GET-parameter style requests are supported, with the latter recommended for simplicity.
What is the purpose of the Composr Mobile SDK Toolkit?
Answer
The Toolkit, part of the composr_mobile_sdk addon, aids in mirroring Composr website resources into a mobile app. It includes tools for generating iOS/Android string resources from language files and exporting theme images in a directory structure suitable for iOS/Android app image assets.
To connect to a Composr site, you will need to install the composr_mobile_sdk addon, which is not bundled. This addon provides scripting to generate app assets from the Composr site.
Composr Mobile SDK (CMS SDK) is a toolkit designed for experienced iOS and Android developers to build mobile apps that integrate with a Composr-powered website. It offers both Composr-specific integrations and a collection of standalone utilities for building apps, providing a common base between iOS and Android akin to the PHP and Composr APIs, enabling easier code porting while maintaining a native experience.
Composr follows a rolling release model. This means:
New major/minor versions are released as they are ready.
Patch releases, primarily containing bug fixes, are only released for the latest supported major/minor version branch.
Users are responsible for staying updated to the latest release or applying necessary hotfixes.
This policy allows developers to focus resources on the latest versions and encourages users to leverage the ongoing improvements. You can find the release status on the Composr maintenance status page.
Constructive design feedback is valuable. To provide effective feedback:
Be specific and detailed. Identify particular issues and provide clear examples.
Offer solutions. Suggest improvements or provide mockups demonstrating your ideas.
Avoid vague statements. General comments like "it looks dated" are unhelpful.
Understand design constraints. Consider factors like modularity, generality, feature density, compatibility, performance, and the subjective nature of design.
Directly reporting specific design bugs to the tracker or redesigning Composr interfaces yourself are excellent ways to contribute.
Be comprehensive and self-contained. Provide all necessary information and context for the developers to understand your suggestion.
Focus on widely beneficial features. Esoteric suggestions are less likely to be implemented.
Understand developer constraints. Feature development depends on factors like developer availability, funding, and project strategy.
Consider sponsoring features. Financial contributions can prioritize the development of desired features as it affords developers the time to implement it.
Post history tracks changes made to forum posts, including edits and deletions. This feature helps monitor for inappropriate edits or attempts to cover up spam or rule violations. Staff can review the history, restore deleted content, or even permanently erase it.
Yes, Composr provides various moderation tools for managing forum content. Moderators can edit or delete posts and topics, move topics between forums, close or open discussions, and validate content submitted by users who require approval. These are done in an actions dropdown on a topic, or through buttons on individual posts.
What is the "black hole" technique and how does it work?
Answer
The "black hole" technique involves adding hidden fields to forms. While invisible to human users, bots often detect and fill these fields, revealing their nature. Composr uses this information to flag and block suspected spam submissions.
You can report spam using the "report this" link or "report" (forum post button) feature. This alerts staff to the issue, allowing them to investigate and take appropriate action, such as deleting the spam, warning the user, or banning them. It also creates a Support Ticket between the reporter and staff in case the staff need further information.
RBLs are third-party lists that track IP addresses associated with spamming activity. Composr can be configured to consult these lists and block or flag requests from suspicious IPs. However, relying solely on RBLs may lead to false positives, as some lists are overly broad.
CAPTCHAs are tests designed to differentiate between human users and bots. Composr's unique CAPTCHA method uses CSS and JavaScript to generate images or audio challenges that are difficult for bots to solve. While effective, some spammers use human workers to bypass CAPTCHAs, leading to the need for additional anti-spam measures.
Composr offers several tools and techniques to combat spam, including:
CAPTCHA: A visual or audio test that humans can easily pass but bots struggle with. This helps prevent automated spam submissions.
Heuristics: If Composr thinks an action is spam based off of configurable criteria, it can either flag the content for validation, block the attempt, or ban the IP address outright.
Public block lists: Composr can utilize the Stop Forum Spam system or other block list systems to identify and block known spammers based on IP addresses, usernames, and email addresses.
Link posting restrictions: Disallowing links in member profiles for users with no posts and adding "nofollow" attributes to links discourages spammers seeking backlinks.
Black hole fields: Hidden form fields that should remain empty. Bots often fill these in, allowing Composr to identify them.
Project Honey Pot integration: A system that places hidden links on pages, attracting and identifying spam bots.
Content/post reporting: Users can report spam, enabling staff to take action.
Guest posting limitations: Restricting guest permissions raises the bar for spammers.
Advanced techniques: Developer addons like "antispam_question" or probation systems provide additional layers of protection.
What is the "Sitemap" in Composr, and how is it used?
Answer
The Sitemap is a hierarchical representation of your website's content, including zones, pages, categories, and entries. Composr generates the Sitemap dynamically and uses it for various purposes:
Generating menus.
Creating the user-facing sitemap page.
Generating the XML Sitemap for search engines.
Providing a visual representation of your website structure in the Sitemap editor and Permissions tree editor.
You can edit the sitemap under Admin Zone > Structure > Sitemap editor.
Can I change the URL scheme after my website is already live?
Answer
Yes, you can enable or change a URL scheme on an existing website. Old URLs will redirect to the new format, ensuring that your SEO isn't negatively impacted. The canonical URL will also be specified in your website's HTML, further protecting your search rankings.
