How does authentication work with the server-side API?
Answer
Authentication is handled automatically using cookies, similar to regular website requests. If cookies are not feasible, the response parameters device_auth_member_id_cn/device_auth_pass_hashed_cn/device_auth_member_id_vl/device_auth_pass_hashed_vl from the login endpoint can be resent as POST parameters in subsequent requests.
How do I access the server-side API for my mobile app?
Answer
The server-side API can be accessed via HTTP calls to http://yourbaseurl/data/endpoint.php. Results are returned in JSON format. The API utilizes endpoints with a 'hook' name and a 'hook type' categorization. Both REST-style and GET-parameter style requests are supported, with the latter recommended for simplicity.
What is the purpose of the Composr Mobile SDK Toolkit?
Answer
The Toolkit, part of the composr_mobile_sdk addon, aids in mirroring Composr website resources into a mobile app. It includes tools for generating iOS/Android string resources from language files and exporting theme images in a directory structure suitable for iOS/Android app image assets.
To connect to a Composr site, you will need to install the composr_mobile_sdk addon, which is not bundled. This addon provides scripting to generate app assets from the Composr site.
Composr Mobile SDK (CMS SDK) is a toolkit designed for experienced iOS and Android developers to build mobile apps that integrate with a Composr-powered website. It offers both Composr-specific integrations and a collection of standalone utilities for building apps, providing a common base between iOS and Android akin to the PHP and Composr APIs, enabling easier code porting while maintaining a native experience.
Composr follows a rolling release model. This means:
New major/minor versions are released as they are ready.
Patch releases, primarily containing bug fixes, are only released for the latest supported major/minor version branch.
Users are responsible for staying updated to the latest release or applying necessary hotfixes.
This policy allows developers to focus resources on the latest versions and encourages users to leverage the ongoing improvements. You can find the release status on the Composr maintenance status page.
Constructive design feedback is valuable. To provide effective feedback:
Be specific and detailed. Identify particular issues and provide clear examples.
Offer solutions. Suggest improvements or provide mockups demonstrating your ideas.
Avoid vague statements. General comments like "it looks dated" are unhelpful.
Understand design constraints. Consider factors like modularity, generality, feature density, compatibility, performance, and the subjective nature of design.
Directly reporting specific design bugs to the tracker or redesigning Composr interfaces yourself are excellent ways to contribute.
Be comprehensive and self-contained. Provide all necessary information and context for the developers to understand your suggestion.
Focus on widely beneficial features. Esoteric suggestions are less likely to be implemented.
Understand developer constraints. Feature development depends on factors like developer availability, funding, and project strategy.
Consider sponsoring features. Financial contributions can prioritize the development of desired features as it affords developers the time to implement it.
Monetary payments: Issue refunds through your payment gateway.
Point payments: Manually refund points through the points system.
Cancellations: Cancel purchases in the Admin Zone to allow repurchasing. Remember to manually undo any associated actions (e.g., removing name highlighting).
Composr supports PayPal, CCBill, and Authorize.Net for processing payments. While Composr could be extended to support other gateways, doing so may require professional development and customization.
Yes, the unified Composr search system allows users to find downloads based on keywords. This includes searching within download titles and descriptions, as well as within the content of certain file types like PDFs, text files, and even some binary formats (providing they are not too large in size).
Yes, Composr automatically creates a gallery for each download (if the galleries addon is enabled). You can easily add images directly after creating the download or through the download-view screen. The download gallery is displayed within the download-view screen itself.
Are there security features to protect downloaded files?
Answer
Yes, Composr includes security measures to protect downloads.
Protection from hackers: Uploaded files are stored with obscured filenames, preventing direct access and bypassing of the download system. Additionally, an anti-leech feature (when enabled) prevents direct download links from being shared on other websites (this is done by requiring a session ID which is validated against the person / device accessing it and only provided when Composr presents the download links to you on the site).
Basic security: Composr will not let anyone upload dangerous scripts (such as PHP files) which can be executed.
Rootkit detection: The rootkit detection tool under yourbaseurl/rootkit_detection.php can help scan files for shell scripts and backdoors. Composr's Health Check can also do this regularly. Note this only offers very basic detection and will not work for obfuscated backdoors (you should use antivirus to scan for those).
It is the responsibility of webmasters to run antivirus on their site to regularly scan files uploaded to it. Composr does not include antivirus software or virus scanning.
