NYCPHP Meetup

[Jayesh Sheth]

Hello all,

I recently bought the Essential PHP Tools book by David Sklar, and I 
must say that I found it to be excellent.

This book has a chapeter on using XML-RPC - something that I was 
interested in understanding and using before, but whose corressponding 
PEAR class seemed too ... undecipherable and undocumented until I came 
across the relevant chapter in this book.

Now that I (sort of) understand how it works, here's the problem I would 
like to solve using XML-RPC:

I would like to have several sites, all at disparate domains or 
subdomains managed by the same content management system, and utilizing 
the same database.

For example, suppose I had three sites, each on the subject of different 
ethnic dishes: one about bagels, the other about pierogies, and the 
third about knishes. (Okay, I know this example is starting to sound a 
bit kooky now !)

One way of maintaining three CMS-driven sites would be to install the 
same CMS on three different domains (/ subdomains / hosting providers), 
and have those three CMS installations access the same database, and 
pull different articles from the same database and display different 
kinds of articles on different sites.

For example, on the bagels site, the CMS would retrieve all articles 
(from the master database) whose category matches the bagel category, i.e.:
SELECT FROM masterdb.articles WHERE cat=1 LIMIT 10

And on the pierogies site the CMS would retrieve all articles (again 
from the same master database) whose category matches the pierogies 
category, i.e.:
SELECT FROM masterdb.articles WHERE cat=2 LIMIT 10

But here is the problem with this approach:
in each domain's CMS installation, I have to have both the libraries and 
scripts for the administration panel, AND for the site display. So 
here's my idea:

Why not have a master database whose content is accessible over XML-RPC 
using a lean parser-and-displayer script. Thus, the parser-and-displayer 
would be small and extensible (using templates and plugins) and be able 
to retrieve just the data it needs from an external system and display 
it in a custom fashion.

Why not just have disparate scripts access the same database using the 
MySQL native protocol? Well ... what if the master MySQL database is 
behind a firewall, and the mutltiple sites on which I want to display 
the data are on other hosting providers, or on partners' sites? I do not 
want to give such "external" parties direct access to the database (via 
MySQL usernames and passwords).

Why not just syndicate content using an XML-based format such as RSS ?

Well, I want to control access to the data, and want the script 
requesting data to be able to retrieve data flexibly; for example, I 
would like for bagelsrlotsoffun.com to be able to retrieve all articles 
related to bagels from the time period January 2002 - December 2003.

So my question is (you NEVER thought I'd get to it, right?):
How can I use an authentication scheme over XML-RPC?

Is this doable or easy? Is SOAP better for this job?

I am currently using the PEAR Auth class, and it has a SOAP "container". 
I have not used web services that much, and so I am looking for good 
advice on where to start when it comes to setting up secure, permission 
based syndication systems using XML-RPC or other web service systems.

Thanks for reading all this (non-concise) $%^! - I look forward to your 
collective advice.

Best Regards,

- Jay


-- 
Cerulean Sky Creations, LLC
http://www.ceruleansky.com