Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
Re: smd_access_keys: secure, limited access to content
jakob wrote: …access duration or number of accesses. After that the resource is no longer accessible.
…but not per user/viewer, right?
Offline
Re: smd_access_keys: secure, limited access to content
As far as I understand it (only used it once so far), you can issue many access keys for a single resource, so providing each user is given a unique coupon (access key), you can do that.
If you mean a single coupon code that is given to many people, each of whom can use that same coupon code once, I don’t think that’s possible (but I could be wrong).
TXP Builders – finely-crafted code, design and txp
Offline
Re: smd_access_keys: secure, limited access to content
sacripant wrote:
the translation of urls for categories.
Thanks for the detailed feedback: it really helped get straight to the problem.
This issue is actually the reason behind both your issues. I forgot to decode the URL from its percent-encoded state so it never matches the actual URL. If you try the new beta I’ve just uploaded, site.com/catégorie/fichier/private/client1/{token}/{timestamp} URLs should now work fine. Please let me know how you get on and if there are any more oddities.
btw, in doing this fix I also noticed two things:
- When creating a new key from the admin side you get a white screen. Fixed
- There is no way to generate section_mode URLs from the admin-side. Not fixed (yet).
mrdale
jakob is right: each generated URL token is unique. To implement gift cert(ish) behaviour you can either:
- Generate an “open” certificate, perhaps time-limited, and issue it to as many people as you like
- Do (1) but limit it to the first ‘N’ people who use it
- Generate a single-use certificate on-demand and send one to each person. Once used, game over
Once you smd_access_protect the destination page given in the URL you can validate the token and apply some transform like “price CF – 20%”. The thing to remember is that an access token protects a resource (Txp URL / file) so it’s not a true coupon code like “MRDALE-MEGACODE-10293847” that you can pass around and use in some other form.
FYI, option 3 can be generated in the Thanks Form of a zcr after you’ve nefariously ferreted away someone’s personal details, or after a successful PayPal transaction via the as-yet unreleased smd_ipn plugin.
Last edited by Bloke (2011-09-21 10:18:41)
The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.
Txp Builders – finely-crafted code, design and Txp
Offline
Re: smd_access_keys: secure, limited access to content
Hrm… very interesting… must cogitate.
Theoretically, all it would need to track per-user use is a field that would collect user IDs and a way of concatenating a user ID# to that field on access…
curiouser and curiouser.
This is a ingenious little plugin. You’re a right clever limey, encha?
Offline
Re: smd_access_keys: secure, limited access to content
mrdale wrote:
Theoretically, all it would need to track per-user use is a field that would collect user IDs and a way of concatenating a user ID# to that field on access…
Check out the extra attribute then, and see example 3 in the help. You can pack arbitrary content into the key itself and then extract it on access.
The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.
Txp Builders – finely-crafted code, design and Txp
Offline
Re: smd_access_keys: secure, limited access to content
Hey all, anybody made this work with zem_contact_reborn? I haven’t started playing with the plugin yet, but would like to know if any special set up is required.
I am aiming for the user to provide a name and an email address, before allowing access to a page, which will be available as a redirect after the form is submitted.
Many thanks!
Offline
Re: smd_access_keys: secure, limited access to content
husainhk wrote:
I am aiming for the user to provide a name and an email address, before allowing access to a page
No special setup required. Just:
- In your thanks_form put something like
<txp:smd_access_key url="/section/article" trigger="private" />. Configure to taste, e.g. add max attempts, or expiry (if using v0.11) - On the Page template or article in
/sectionwrap <txp:smd_access_protect trigger=“private”> around the parts you want to protect and specify an expiry time if required
Game over.
EDIT: you might want to put the <txp:smd_access_key> in an actual e-mail sent to the recipient to avoid them giving false info and also to combat the fact that people might stumble upon your thanks page without filling the form in.
Last edited by Bloke (2011-09-25 12:02:35)
The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.
Txp Builders – finely-crafted code, design and Txp
Offline
Re: smd_access_keys: secure, limited access to content
Thanks Stef … sounds like a breeze, will try it out and post the success here soon!
Cheers,
Husain
Offline
Re: smd_access_keys: secure, limited access to content
Hi Stef,
Seeking some advice to tie things together. Here’s my scenario:
1. User fills out a simple zem_contact form (name and email),
2a. Receives an email with the unique access key to the page,
2b. Use a custom PHP script to save the user’s details in a database table (that will also have a field called “page_accessed”, default value 0 and another called “access_key”),
3a. When page is accessed, display the access key on the page with some custom messaging,
3b. Once the page has been accessed, update the field “page_accessed” value to 1, and update the “access_key” field with the key the user used, and lastly,
4. If plugin available, use this database table to send timely emails, export to CSV etc.
I simply wish to know if these functions are possible within the Textpattern admin, so that a tech-unsavvy client can use the system :-)
Cheers,
Husain
Last edited by husainhk (2011-10-22 05:51:18)
Offline
Re: smd_access_keys: secure, limited access to content
Hi Stef!
Is possible to use custom_field inside smd_access like this? <txp:smd_access_key url="/file_download/<txp:custom_field name='doc' />" />
Thank you in advance.
Last edited by robhert (2012-01-19 23:58:26)
Offline
#35 2012-01-20 00:42:40
- uli
- Moderator
- From: Cologne
- Registered: 2006-08-15
- Posts: 4,243
Re: smd_access_keys: secure, limited access to content
I’m not a user of smd_access_keys but it looks like it’s probably a quoting problem, again. Try <txp:smd_access_key url='/file_download/<txp:custom_field name="doc" />' />
In bad weather I never leave home without wet_plugout, smd_where_used and adi_form_links
Offline
Re: smd_access_keys: secure, limited access to content
robhert wrote:
Is possible to use
custom_fieldinsidesmd_accesslike this?<txp:smd_access_key url="/file_download/<txp:custom_field name='doc' />" />
This should work if you use single quotes in the smd_access_key tag like this
<txp:smd_access_key url='/file_download/<txp:custom_field name='doc' />'/>Last edited by MattD (2012-01-20 00:45:34)
Piwik Dashboard, Google Analytics Dashboard, Minibar, Article Image Colorpicker, Admin Datepicker, Admin Google Map, Admin Colorpicker
Offline