1) Technically, this is really a discussion to take up with the RSS authors. The spec at
http://cyber.law.harvard.edu/rss/rss.html lists the item tag as being under the optional tags required in a channel. It also states that any number of them can be included... 0 is a number.
That said, you could try upping the number of articles searched for pubilc content. This is currently limited by the number of posts per page config setting. You might double that in the class.
Alternatively, either the RSS.getItens (yes, it's spelled that way), could be modified to return a "no articles found" RSSItem if the list is null. Or you can modify the rss_template.htm file to handle no items.
2) This is because RSS feeds do not have any standardized security mechanisms. It works with a browser because the browser will send the JForum related cookies along with the request. Third party RSS readers don't know about any HTML cookies and don't send any.
The closest thing to a "standard" is the use of basic authentication. But there are still not many RSS readers that support this.
For private forums, jForum will send a 401 error back with a request for basic auth. One thing I'm not sure if is if jForum's code will honor the response or not. Can't remember seeing this code anywhere.
However, if you have a mix of private and public forums and are using the Recent Topics RSS feed, there is no easy way to decide if you need to challenge for credentials or not. So the Recent Topics option is designed for anonymous access only.
[originally posted on jforum.net by monroe]