Go to main content

Textpattern CMS support forum

You are not logged in. Register | Login | Help

#25 2011-09-21 01:28:51

mrdale
Member
From: Walla Walla
Registered: 2004-11-19
Posts: 2,215
Website

Re: smd_access_keys: secure, limited access to content

jakob wrote: …access duration or number of accesses. After that the resource is no longer accessible.

…but not per user/viewer, right?

Offline

#26 2011-09-21 07:40:57

jakob
Admin
From: Germany
Registered: 2005-01-20
Posts: 4,743
Website

Re: smd_access_keys: secure, limited access to content

As far as I understand it (only used it once so far), you can issue many access keys for a single resource, so providing each user is given a unique coupon (access key), you can do that.

If you mean a single coupon code that is given to many people, each of whom can use that same coupon code once, I don’t think that’s possible (but I could be wrong).


TXP Builders – finely-crafted code, design and txp

Offline

#27 2011-09-21 10:16:50

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 11,468
Website GitHub

Re: smd_access_keys: secure, limited access to content

sacripant wrote:

the translation of urls for categories.

Thanks for the detailed feedback: it really helped get straight to the problem.

This issue is actually the reason behind both your issues. I forgot to decode the URL from its percent-encoded state so it never matches the actual URL. If you try the new beta I’ve just uploaded, site.com/catégorie/fichier/private/client1/{token}/{timestamp} URLs should now work fine. Please let me know how you get on and if there are any more oddities.

btw, in doing this fix I also noticed two things:

  1. When creating a new key from the admin side you get a white screen. Fixed
  2. There is no way to generate section_mode URLs from the admin-side. Not fixed (yet).

mrdale

jakob is right: each generated URL token is unique. To implement gift cert(ish) behaviour you can either:

  1. Generate an “open” certificate, perhaps time-limited, and issue it to as many people as you like
  2. Do (1) but limit it to the first ‘N’ people who use it
  3. Generate a single-use certificate on-demand and send one to each person. Once used, game over

Once you smd_access_protect the destination page given in the URL you can validate the token and apply some transform like “price CF – 20%”. The thing to remember is that an access token protects a resource (Txp URL / file) so it’s not a true coupon code like “MRDALE-MEGACODE-10293847” that you can pass around and use in some other form.

FYI, option 3 can be generated in the Thanks Form of a zcr after you’ve nefariously ferreted away someone’s personal details, or after a successful PayPal transaction via the as-yet unreleased smd_ipn plugin.

Last edited by Bloke (2011-09-21 10:18:41)


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#28 2011-09-21 14:44:04

mrdale
Member
From: Walla Walla
Registered: 2004-11-19
Posts: 2,215
Website

Re: smd_access_keys: secure, limited access to content

Hrm… very interesting… must cogitate.

Theoretically, all it would need to track per-user use is a field that would collect user IDs and a way of concatenating a user ID# to that field on access…

curiouser and curiouser.

This is a ingenious little plugin. You’re a right clever limey, encha?

Offline

#29 2011-09-21 15:01:04

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 11,468
Website GitHub

Re: smd_access_keys: secure, limited access to content

mrdale wrote:

Theoretically, all it would need to track per-user use is a field that would collect user IDs and a way of concatenating a user ID# to that field on access…

Check out the extra attribute then, and see example 3 in the help. You can pack arbitrary content into the key itself and then extract it on access.


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#30 2011-09-25 11:29:44

husainhk
Member
From: Dubai, UAE
Registered: 2007-08-12
Posts: 105
Website

Re: smd_access_keys: secure, limited access to content

Hey all, anybody made this work with zem_contact_reborn? I haven’t started playing with the plugin yet, but would like to know if any special set up is required.

I am aiming for the user to provide a name and an email address, before allowing access to a page, which will be available as a redirect after the form is submitted.

Many thanks!

Offline

#31 2011-09-25 11:55:43

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 11,468
Website GitHub

Re: smd_access_keys: secure, limited access to content

husainhk wrote:

I am aiming for the user to provide a name and an email address, before allowing access to a page

No special setup required. Just:

  1. In your thanks_form put something like <txp:smd_access_key url="/section/article" trigger="private" />. Configure to taste, e.g. add max attempts, or expiry (if using v0.11)
  2. On the Page template or article in /section wrap <txp:smd_access_protect trigger=“private”> around the parts you want to protect and specify an expiry time if required

Game on.

EDIT: you might want to put the <txp:smd_access_key> in an actual e-mail sent to the recipient to avoid them giving false info and also to combat the fact that people might stumble upon your thanks page without filling the form in.

Last edited by Bloke (2011-09-25 12:02:35)


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#32 2011-09-25 13:40:12

husainhk
Member
From: Dubai, UAE
Registered: 2007-08-12
Posts: 105
Website

Re: smd_access_keys: secure, limited access to content

Thanks Stef … sounds like a breeze, will try it out and post the success here soon!

Cheers,
Husain

Offline

#33 2011-10-22 05:39:52

husainhk
Member
From: Dubai, UAE
Registered: 2007-08-12
Posts: 105
Website

Re: smd_access_keys: secure, limited access to content

Hi Stef,

Seeking some advice to tie things together. Here’s my scenario:

1. User fills out a simple zem_contact form (name and email),
2a. Receives an email with the unique access key to the page,
2b. Use a custom PHP script to save the user’s details in a database table (that will also have a field called “page_accessed”, default value 0 and another called “access_key”),
3a. When page is accessed, display the access key on the page with some custom messaging,
3b. Once the page has been accessed, update the field “page_accessed” value to 1, and update the “access_key” field with the key the user used, and lastly,
4. If plugin available, use this database table to send timely emails, export to CSV etc.

I simply wish to know if these functions are possible within the Textpattern admin, so that a tech-unsavvy client can use the system :-)

Cheers,
Husain

Last edited by husainhk (2011-10-22 05:51:18)

Offline

#34 2012-01-19 23:57:43

robhert
Member
From: Perú
Registered: 2007-04-27
Posts: 206
Website

Re: smd_access_keys: secure, limited access to content

Hi Stef!

Is possible to use custom_field inside smd_access like this? <txp:smd_access_key url="/file_download/<txp:custom_field name='doc' />" />

Thank you in advance.

Last edited by robhert (2012-01-19 23:58:26)

Offline

#35 2012-01-20 00:42:40

uli
Moderator
From: Cologne
Registered: 2006-08-15
Posts: 4,310

Re: smd_access_keys: secure, limited access to content

I’m not a user of smd_access_keys but it looks like it’s probably a quoting problem, again. Try <txp:smd_access_key url='/file_download/<txp:custom_field name="doc" />' />


In bad weather I never leave home without wet_plugout, smd_where_used and adi_form_links

Offline

#36 2012-01-20 00:45:20

MattD
Plugin Author
From: Monterey, California
Registered: 2008-03-21
Posts: 1,254
Website

Re: smd_access_keys: secure, limited access to content

robhert wrote:

Is possible to use custom_field inside smd_access like this? <txp:smd_access_key url="/file_download/<txp:custom_field name='doc' />" />

This should work if you use single quotes in the smd_access_key tag like this

<txp:smd_access_key url='/file_download/<txp:custom_field name='doc' />'/>

Last edited by MattD (2012-01-20 00:45:34)


My Plugins

Piwik Dashboard, Google Analytics Dashboard, Minibar, Article Image Colorpicker, Admin Datepicker, Admin Google Map, Admin Colorpicker

Offline

Board footer

Powered by FluxBB