Archive

Category Archives for "Access Control"
15

Creating Member-specific Content

If you have a coaching program, or have clients for whom you’re doing custom work (like if you were a teacher, CPA, web designer, personal trainer or coach) and wish to publish content that is available to and downloadable by only that specific client/student/customer, then there are THREE ways in which you can do Member-Specific Content in DAP.

1) BEST SOLUTION: Using a combination of a special page for each member PLUS DAP’s “For Your Eyes Only” Shortcode

2) Creating Separate Products for each Member

3) Using DAP’s “For Your Eyes Only” Shortcode

Let’s take a look at each one in detail.

SOLUTION #1: BEST OPTION: Special page for each member PLUS DAP’s “For Your Eyes Only” Shortcode

This is partly manual, partly automated, but is the absolute best solution for multiple reasons, as explained below.

1) For each new member, you would create a separate page. So, for Joe Customer, you would create a new page in WP – http://YourSite.com/joe-customer/

This page would be created after someone has become a member, of course. But creating a WP page for every member will probably take you about what, 30 seconds? So it’s not going to be a big deal (unless you wish to make it one 😉

2) Then, assuming Joe Customer’s “userid” in DAP is 144 (you can find this out on the Users > Manage page). So within the above new page, you would add the following shortcode…

[DAP userId=”144″]protected content[/DAP]

(See DAP’s “Member-Specific Content” Shortcodes )

3) You can start adding any amount of private content between the shortcode start and end tags (where you see protected content above).

4) You can use a simple, free plugin like Exclude Pages to make sure the customer’s page http://YourSite.com/joe-customer/ does not show up in any of your menu’s. Even if it did, it’s not like anyone else can see the contents of the page – only Joe Customer – after he’s logged in to DAP – can see the contents of the page. So it’s secure from everyone else.

Solution #2: Separate Products for each Member

Here, you would create separate products, one per member – and only give that member access to that product. The advantage here, is that you can protect the entire page (not just the content section) and make it available just to that one client, so you can be a lot more creative with this page, use special templates, add sidebar widgets that show content just for that client, use the commenting system to communicate back and forth with the client.

So if you had a client named John Customer, then you would create a DAP Product by name “John Customer”, then take John’s email id and give John access to his product.

And within this DAP Product, you would’ve protected files, pages and posts that only John should get access to. So since only John has access to the product, only he can get access to the content protected as part of this product.

Obviously, it takes a few minutes of additional setup per customer to create a DAP Product specifically for him, but then the few extra minutes of creating a DAP Product would be nothing compared to the few hours (or tens of hours) that you’re actually going to be taking to create the actual custom content for John. So it’s a very small overhead compared to the whole process, where you are actually creating custom content for each member.

Solution #3: No special pages, just DAP’s “Member-Specific Content” Shortcode

If you wish to automated this a bit more than Option #2, then one way is to implement this is using DAP’s “Member-Specific Content” Shortcodes, which look like this:

Using the “userId” parameter in the DAP shortcode, you can now protect a piece of content so that only John Customer (who has the user id “144” in your membership site) user can see it.

[DAP userId=”144″]protected content[/DAP]

So on a single page, you may publish a number of these shortcodes, with content meant only for specific members protected within those shortcodes.

And doesn’t matter which one of your members visits the above page, they will all only see content intended only for them, and will be unable to see content intended for others.

So those are the three ways in which you can create Member-Specific Content.

Member-specific Chat Room

Using our WPChatR Chatroom plugin for WordPress, you can also create a separate page per user, then put a chat room on that page specific to that user, so you can have unlimited back-and-forth real-time or off-line chats with one specific member.

2

Merging User Accounts

User ID 111 has been created with email id ABC123@somewhere.com

Same user buys a different product using a completely new (Paypal) email id. and DAP creates User ID 999 with PayPal email XYZ789@anothersite.com

User now has 2 accounts and wants only ABC123@somewhere.com (user ID 111) to be active.

So here’s what you should do:

  1. Place XYZ789@anothersite.com in the PayPal email field of User ID 111 and save.
  2. Give User ID 111 access to all products that User ID 999 currently has active, with matching start and end dates.
  3. Delete User ID 999 fully from the system.

If User ID 111 purchases additional products through Paypal, and her primary Paypal email id is still XYZ789@anothersite.com, then that Paypal email id will be recognized by DAP, and all purchased products will be activated under User ID 111 and no additional User IDs will be created.

However, if User ID 111 has changed their primary Paypal email id to be something else like XYZ123@yetanother.com, then the next time they make a purchase, DAP will not know it’s the same person, and will end up creating a completely new user id for the buyer. Which means, you will have to do the merge again, and replace the old Paypal email id in DAP with the new Paypal email id of the buyer.

5

Optimizing Your WordPress Blog For Speed

If you want to speed up your web site, you must address the core issue, which is — your web site is getting more traffic than your web server (web hosting account) can handle.

So here are a few ways in which you can speed up your web site:

  • The easiest thing you can do is to revisit all of your plugins that you have enabled and see if you still need all of them. Remember that every single additional plugin running on your site, adds some overhead to (basically, “slows down”) your web site or blog. So use only as few plugins as you absolutely must. With so many cool plugins freely available for WordPress, it is very easy to get carried away, and install tens of plugins, most of them adding very little value, but sometimes causing the most overhead in terms of server resources. So keep only a bare minimum of other plugins (some social plugins are a real pain – making calls to third-party web sites to get their information from).
  • Using a “cache” plugin for speeding up your site is like putting band-aid on a gaping wound. It’s only a temporary fix, and not a real long-term solution, but every bit helps. We recommend WP Super Cache, and be sure to whitelist all of your member pages from getting cached.
  • Make sure you are always using the latest version of WordPress, or at worst, one version behind the very latest and greatest (you definitely want to be sure first that there are no conflicts with other critical plugins that you’re using on your site).
  • Make sure you update all of the plugins and themes you’re using to their individual latest versions (get rid of every single plugin and theme that you’re not using).
  • If you are hosting on a shared (a.k.a “cheap”) web host paying just a few dollars a month for hosting, then your web site is basically competing for server resources (like memory and bandwidth and database access) with possibly tens (or even hundreds) of other web sites on that same server (many may not belong to you, but to others with whom you are sharing the server – and hence the name “shared hosting”). Search for the keywords “digg effect” or “slashdot effect” on Google, and you’ll see how many WordPress sites crash when a link to the site appears among the top results in popular social sites like Digg.com, Reddit.com or Slashdot.com.If your traffic levels have outgrown your server, then the best thing you can do is to upgrade to a bigger server, or get a Virtual Private Server, or even get a dedicated host, depending on your budget. See our recommended web hosts list.
4

The “Smart Login” Process

DAP has a very powerful, flexible and easy-to-use log in flow for your users and members.

  • Log in from a dedicated log in page, or
  • Log in from the login form on the side-bar (login/logout widget), or
  • Log in through the log in form shown on “Sorry, you don’t have access to this content. Please log in first…” kind of error messages.

And we call it the Smart Login, because the login process will work differently under different conditions, all designed to make the user-experience for your member more smooth and consistent with general login standards around the web.

So let’s see the various possible login locations in DAP.

But first, it is important to note that DAP has two main types of logins.

Primary Login

This is where it is considered a “generic” login by your member. For eg., a member came to your web site, and then just generally wants to log in to the member’s area – so they have no “context” – it’s NOT as if they were trying to view a specific page or post, got challenged with a login form, and then logged-in from there. That makes this a “Primary Login“.

Examples of this are…

a) Dedicated Login Page: You have a dedicated login page, like http://YourSite.com/login/ – which is what you’ve entered in to “Setup > Config > Login URL“. The body of this page has the DAP merge tag for the login form, which is %%LOGIN_FORM%%

b) Login/Logout Widget on any page of your web site. This is also considered a primary login. The reasoning here is that if they’re logging in through a sidebar widget, it means that they just want to log in to the member’s area, so it is considered primary login.

Secondary Login

This is a login action that HAS “context”. Say, a member landed deep into your site (not the home page, not the dedicated login page) and were challenged by the “In Page Error Message” that says something like “Sorry, you must log in before you can view this content” and are presented with a login form right on that very same page. They were trying to read something before they were asked to log in first – which means, they must be returned to the same page they were trying to view BEFORE they were asked to login. So that makes this a “Secondary Login“.

Examples of this are…

a) Any custom “Error Page”, where you have inserted the DAP merge tag for the login form, %%LOGIN_FORM%%.

b) DAP’s “In-Page Error Message” which says “Sorry, this is private content – you must log in first before you can view this”.

c) Log in form showing up on a page when “Sneak-Peek” is enabled.

 

Redirection Rules

Based on whether it’s a Primary Login or a Secondary Login, your member will be redirected to a different location.

1) If it is a Primary Login action, then…

a) They’re taken to the “Post-Login URL” if set at a Product-level AND they have access to just one Product.
b) They’re taken to the GLOBAL “Post Login URL” (under Setup > Config) if you have NOT set anything at a Product-level, OR if they have access to more than one Product.

This scenario is the only one where the Post-Login URL is ever used (whether it’s the Product-level or Global-level).

1) If it is a Secondary Login action, then…

They’re always redirected back to the same page they were on (or were trying to access) before they were challenged to log in first to view the content.

Bottom-line:

Primary Login is predictable, and you (the DAP Admin) control where they go right after they login.

Secondary Login depends on “context”, and they’re taken back to whatever page they were on, before they logged in.

5

Secure RSS Feeds

Once you protect a post in DAP, you can …

a) Make it completely disappear from your feed except for authorized users who have valid access to the post and are using a member-specific RSS feed URL

-OR-

b) You can show a “Summary” of every post, by turning on sneak-peek and making sure you have inserted the “<!–more–>” tag entered into each of your posts.

Troubleshooting RSS Feeds

If your blog post is showing in its entirety in your feed, then….

1) You may not have protected the post in DAP at all, so it’s an unprotected post, which will (and should) show up in your feed

-OR-

2) You have turned on Sneak-Peek and haven’t inserted the WordPress “more” tag (<!–more–>) into each of your posts. If you turn on Sneak-peek, then you must insert more tags into all posts. Also, if you have turned on Sneak-Peek, then you must also do this…

Go to “Settings > Reading” in WP admin, then set “For each article in a feed, show” to “Summary“.

If it is set to “Full text”, then it will show the full text in the feed, which is not what you want.

 

Custom RSS Feed Links For Members

Starting DAP v4.2, each of your members can now get their own unique RSS feed link that they can use with a feed reader (like Google Reader, FeedBlitz, iTunes, etc) to get a custom RSS feed with content that they’re eligible to view.

To give each of your members their own unique RSS Feed URL, just insert the following line of code into the top of the “Member Links” or “My Content” type page, or wherever you want your users to see their personalized RSS feed link…

If your blog is in the root…

http://YourSite.com/feed/?key=%%ACTIVATION_KEY%%

If your blog is in a sub-folder (say “/blog”)…

http://YourSite.com/blog/feed/?key=%%ACTIVATION_KEY%%

 

The text %%ACTIVATION_KEY%% in the above URL will be replaced with their own custom key, like…

http://YourSite.comcom/feed/?key=123456789

They can then copy that link, enter that into any feed reader, and it will show content specific to their account.

Custom Feed Link Security

Another useful feature we’ve added, is that the custom feed link also does IP count validation. So if they share  the feed link with others, then after “X” unique IP login attempts (where “X” is configurable by you, the DAP Admin, in Setup > Config), their account will automatically get locked out.

7

Hiding Protected Links On Member Home Page

When you have hundreds of posts or pages protected as part of a DAP Product, the list of links on the DAP Member Home Page (that is the result of using the merge tag %%USERLINKS%%) can get quite long and unwieldy.

So you can choose to hide some of those links from being displayed on the member’s home page.

Here’s how you hide a link from being shown on the member’s home page…

1) Go to the DAP Product in question, scroll down to the ContentResponder section

2) Click on the edit link next to the content in question on the right. The “Edit Files” popup will then show up on the left.

3) Set “Display On User’s Home Page” to “N”.

That’s it.

The content is still part of that product, it is still being protected, but the link simply won’t be displayed on the member home page.

4

DAP’s “Pause Membership” Feature

How It Works

Joe Member joins your site on 01/01/2011.

He stays a member for about 3 months. Let’s say it’s now mid March. He wants to take a couple of months break. So he goes on a 2 month break. Comes back end of May and wants to resume his membership.

DAP allows him to pick up right where he left off – which is continuing to receive content as of April (04/01/2011), even though today’s date is May 25th, 2011.

So while he took a break, other members who did not take a break in membership, continued to pay for those 2 months, and continued to receive content dripped through those months. So it is only fair that when he does come back end of May and resumes his subscription, he does not resume from June’s content, but from April’s content (when he last put his membership on “Pause”).

It’s ok if you’re not dripping content on a monthly-basis, but rather on a “day” basis. So to put it in terms of “days”, when Joe resumes his subscription, since he was already 90 days old in the system when he put his subscription “On Hold”, and comes back another 60 days later (roughly about 2 months), then DAP will start dripping Day #91 content onwards for him, and NOT Day #151 onwards (he didn’t pay for 2 months in between).

This is how DAP works right out of the box. Nothing special to configure. And DAP automatically takes care of pausing the dripping when he is not paying.

WARNING: Just remember that in order for you to put his actual payments on hold, you will need to have a payment gateway like Authorize.net or Paypal Website Payments Pro. Or you must be using a shopping cart like http://1SiteAutomation.com . Using something like Paypal Standard or ClickBank will not allow you to put the actual charging of his credit card on hold.

NOTE: If you actually did want him to start receiving current content even though he left for 2 months, then all you have to do is, once he comes back and starts paying again, just extend his access end date on his account (which will initially be showing 03/31/2011 – end of March, when he left) and modify it and make it 05/31/2011. So when his next payment comes in after he resumes, DAP will extend his access end date to 06/30/2011 – which means, he can now access all of the current content.

22

Conflict With “Cache” Related Plugins

DAP Now Works With WP Super Cache

If you’re having weird issues – like members logging in and seeing other people’s profile information, or logging in as a valid user and being told “Sorry, you don’t have access to this content” – then it’s probably because of a “cache” plugin.

Do not use cache plugins on your membership site

DAP now fully works with WP Super Cache (and possibly other cache plugins too).

You just need to make sure that you exclude your member content (including the login page) from being cached.

Cleaning Up After Your Cache Plugin

Follow the steps below to clean up some the junk left behind by cache plugins (regardless of whether you see them in your plugins section, and regardless of whether they are currently active).

1) You wish to disable your cache plugin that is currently enabled

2) You previously had one enabled at some point in the past

3) You don’t believe you ever had a cache plugin enabled in the past

4) You were redirected to this page by the DAP support team because of potential caching-related issues

  1. De-activate the plugin if it is still active
  2. Open your wp-config.php file.
  3. If there are lines in there that look like this…
    define(‘WP_CACHE’, true); //Added by WP-Cache Manager
    define( ‘WPCACHEHOME’, ‘/home/wp-content/plugins/wp-super-cache/’ ); //Added by WP-Cache Manager
  4. Then comment out both lines, by adding a “//” at the beginning of each line, like this.
  5. //define(‘WP_CACHE’, true); //Added by WP-Cache Manager
    //define( ‘WPCACHEHOME’, ‘/home/wp-content/plugins/wp-super-cache/’ ); //Added by WP-Cache Manager
  6. Go to your /wp-content/plugins/ folder. See if there’s a folder in there called “cache”. If yes, then rename it to “_cache”.

Now re-test whatever the issue was before, and it would have probably been resolved now.

That should do it.

If the issue still persists, let us know via a support ticket.

13

DAP Login Xpress

What Is “Login Xpress”?

“Login Xpress” is a DAP feature that enables your members to be logged right into your membership site immediately upon completion of their purchase.

This is roughly how it works:

  • Visitor arrives at your web site
  • On your sales page, they click on any “Buy” button to purchase a Product (or Membership Level)
  • They’re taken to the checkout page (depending on Payment processor being used) and they enter their payment information and hit “Submit”
  • When they hit “Submit” to complete their payment, their payment is processed right away, and the buyer is immediately transferred back to your web site, in real time, and automatically logged in to your membership site, and they are taken to the “Welcome” page or “Members” page (you may choose what this page is going to be at a per-Product level)

Payment Processors That Work With Login Xpress

DAP supports this feature with the following payment processors:

  • Paypal Standard (DAP-generated buttons only – will not work with Paypal-hosted buy buttons that you generate from within your Paypal account)
  • 1Shoppingcart / 1SiteAutomation.com
  • Authorize.net

If you use any of the payment options above, then you can set up your sales funnel in such a way that buyers are logged in right away immediately after purchase.

Payment Processors That DO NOT Work With Login Xpress (Yet)

  • Paypal Website Payments Pro
  • ClickBank
  • e-Junkie
  • WorldPay

DAP integrates with the above processors via some kind of “back-end payment notification” – similar to Paypal’s “IPN” (Instant Payment Notification). Which means the notification between the payment processor and DAP on your site only happens on the “back-end”. Which is why DAP can only deliver the login details to the buyer via an email, and cannot log them in right away (like it can do with “Login Xpress”), because the buyer’s information is available to DAP only when the payment processor sends out the IPN notification behind-the-scenes, so to speak.

So if you’re using the above processors to accept online payments, then what you need to do, is to redirect your buyers to a static “Thank You” page that has a message similar to the one below…

“Thank you for your purchase. In a few minutes, please check your email address used during purchase for your log in details to log in to the members’ area and access the product you just purchased.”

And behind the scenes, DAP would’ve already received the payment notification from the payment processor, and it would’ve created an account for your buyer, given them access to the purchased product, and sent them the “Thank-you Email” for the product(s).

4

Give Existing Users Access To A Product

This flow is only for giving access to an existing User to a Product. If you wish to add a new user manually to the system, then see this post.

  1. Go to the Users > Manage screen.
  2. Search for the user by email id (or last name, user id, etc)
  3. Once you have found their information, check the check box in the first column next to their user id
  4. Then using the drop-downs in the top-right section, give them access to the new Product
  5. They’re initially added as a “Free” user by default. You may mark them as “PAID” if you want to have access to the product just like an actual paying member would.

1 2 3 4 5 7