Noticed something today, when someone asked me how to use the API to login... The docs at http://en.wikipedia.org/w/api.php (just for instance, I know it generally run the latest) say:
* action=login (lg) * This module is used to login and get the authentication tokens. In the event of a successful log-in, a cookie will be attached to your session. In the event of a failed log-in, you will not be able to attempt another log-in through this method for 5 seconds. This is to prevent password guessing by automated password crackers. Parameters: lgname - User Name lgpassword - Password lgdomain - Domain (optional) Example: api.php?action=login&lgname=user&lgpassword=password
Probably should remove the "example" link and specify that it only works via HTTP POST now :) As:
<?xml version="1.0" encoding="utf-8"?> <api> <error code="mustbeposted" info="The login module requires a POST request">
Thanks!
SQL