MTEntryAuthor considered harmful

If you are just merrily producing RSS 1.0 with the default MovableType template without ever having given it a close look, you might want to look now. Down amongst the <item> tags you’ll find <dc:creator><$MTEntryAuthor encode_xml=”1″$></dc:creator>. If you are the cautious sort who uses a secret login name for MT, so that people would have to guess both the name and the password to get in, you might want to change that to either <$MTEntryAuthorNickname encode_xml=”1″$> (and set a nickname in your author profile), or just put your actual name in in place of the tag. After all, I’m already building a stalker’s dream come true; I’d rather not have “SELECT ?x, ?y FROM * WHERE (?x, <dc:creator>, ?y) USING dc for <>” be a cracker’s dream come true as well.

1 Comment

Comment by Adam Kalsey #
2002-09-23 10:51:53

I’ve always thought the Author tag was kind of silly as well. In what situation would you want to display the author’s login name?

But if you wanted to use a link along with the author’s name, then you were out of luck. MTEntryAuthorLink uses the author’s login name.

I wrote a simple plugin that acts just like MTEntryAuthorLink but shows the nickname instead of the user name.

Name (required)
E-mail (required - never shown publicly)
Your Comment (smaller size | larger size)
You may use <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <del datetime="" cite=""> <dd> <dl> <dt> <em> <i> <ins datetime="" cite=""> <kbd> <li> <ol> <p> <pre> <q cite=""> <samp> <strong> <sub> <sup> <ul> in your comment.