- This topic has 8 replies, 3 voices, and was last updated 13 years, 4 months ago by
.
-
Posts
-
Beginning with eStore 5.6.6 and higher, a new feature called Authenticated Page Redirect (APR) is supported.
Authenticated Page Redirect (APR) allows you to offer secure one-off access to WordPress pages and posts, without requiring the services of a membership plugin. You might find this capability useful for selling access to something like an event or time specific page or post, which may in turn provide access to live streaming video.
The security mechanism used by APR is an encrypted session cookie; the APR Cookie. Each APR cookie is specific to a particular permalink, and contains encrypted timing information. On the pages being protected by APR, called APR Targets, an APR shortcode encloses the content being protected. Content enclosed by an APR shortcode will only be displayed if one of the following specified conditions are met:
1. An APR cookie EXISTS in the current browser session.
2. An APR cookie exists and is LESS THAN an a specified number of minutes old.
3. An APR cookes DOES NOT EXIST in the current browser session.
4. An APR cookie either does not exist or an existing cookie is OLDER THAN a specified number of minutes old.
To setup a permalink as a digital product, create the page or post that will become the APR target. Enclose content you want protected using the following shortcodes:
[wp_eStore_APR expiry=0 status=unexpired] the_content [/wp_eStore_APR]
Use this shortcode to display the_content only if an APR cookie, keyed to this page or post, EXISTS in the current browser session.
[wp_eStore_APR expiry=N status=unexpired] the_content [/wp_eStore_APR]
Use this shortcode to display the_content only if the existing APR cookie is LESS THAN ‘N’ minutes old. If an expiry is not specified, then the default of zero is used.
[wp_eStore_APR expiry=0 status=expired] the_content [/wp_eStore_APR]
Use this shortcode to display the_content only if an APR cookie, keyed to this page or post, DOES NOT EXIST in the current browser session.
[wp_eStore_APR expiry=N status=expired] the_content [/wp_eStore_APR]
Use this shortcode to display the_content only if an APR cookie does not exist or if an existing cookie is OLDER THAN ‘N’ minutes old. If an expiry is not specified, then the default of zero is used.
[wp_eStore_APR] the_content [/wp_eStore_APR]
Uses default values of zero for the expiry and ‘unexpired’ for the status. This is functionally equivalent to the shortcode:
[wp_eStore_APR expiry=0 status=unexpired] the_content [/wp_eStore_APR]
[wp_eStore_APR status=help]
Will be replaced with a Unix-style man page..
Next, make sure that the permalink you will be using works. Copy and paste it into the address bar of your browser. Specifically, ensure that the permalink you think you are going to use does not get modified by WordPress. If the permalink changes, then either fix the problem or use the resulting URL as the link you will use for the APR target URI.
Setup your digital product, using the URI of the APR target in the Digital Product URL field. CHANGE the URI scheme from ‘http’ to ‘aprtp’ or from ‘https’ to ‘aprtps’ in the Digital Product URL field.
Now, whenever an encrypted link, pointing to an APR target is processed by eStore; an APR cookie will be issued, before the browser is redirected to the APR target, by the download manager script.
Limitations: If an APR target contains the ‘nextpage’ tag, only content on the first page will be protected by the APR shortcodes.
wzp/amin007,
Thanks for the info. Which APR short code do you recommend me to use?
My site will be an online streaming video pay per view. So I am placing an embedded video playlist in the static page which is going to be protected by APR.
Note that I will limit the viewing to 3 times within 72 hours or something like that.
Now, should I put this embed code between the short code Option 1 or Option 2 as indicated on the APR short-code page?
Thanks
Also note that the static page that I’ve created is based on the theme I have installed. So after I have created the page in the edit page panel there is a specific field to paste the URL or Embed code so the video player will be place according to the theme settings. It that case how can I protect the embed code containing the video source from being exposed to viewers if they right click and see the source code of the page.
This particular information is what I am trying to protect. Thanks
APR will only protect pages that are served up by WordPress, because the APR short code requires WordPress and WP eStore, to work. You can however, create your page within WordPress if you can embedded the player in a WordPress page inside the APR short code.
You would set the Encrypted link expiration to 72 hours with the link limit at 3. You would then use the [WP_eStore_APR expiry=0 status=unexpired] version of the APR short code.
If you use Lightbox Ultimate, you could have the videos hosted on Amazon S3, so that the actual video sources can be protected.
Thanks wzp,
I think I haven’t been clear on this. my website is on wordpress and using a wordpress theme which I bought from press75.com
In wordpress, Page edit, in the body of the page I put the code below. Upon directing to this page which contains the video embed code and after clicking on the encrypted code, the page only shows the embed code and not the actual video. I put the digital URL that start with aprtp://…, in the manage digital product field. However, if i put this embed code in the field which is designated by the theme for entering the video embed or URL, the video shows up perfectly.
Is there anyway I can send you screen shots to make a better clarification?
here is the code I have inserted in the body of the page, but on the browser it shows the embed code.
[wp_eStore_APR expiry=0 status=unexpired]
<!– VZAAR START –>
<div>
<object id=”video” width=”462″ height=”278″ type=”application/x-shockwave-flash” data=”http://view.vzaar.com/808701.flashplayer”>
<param name=”movie” value=”http://view.vzaar.com/808701.flashplayer”>
<param name=”allowScriptAccess” value=”always”>
<param name=”allowFullScreen” value=”true”>
<param name=”wmode” value=”transparent”>
<param name=”flashvars” value=”brandText=Parastoo+Film&brandLink=www.parastoofilm.com&endText=Thank+you+for+watching+this+film.+We+hope+you+have+enjoyed+it.+Click+on+me+if+you+would+like+to+see+more+films&endLink=www.parastoofilm.com&colourSet=blue”>
<embed src=”http://view.vzaar.com/808701.flashplayer” type=”application/x-shockwave-flash” wmode=”transparent” width=”462″ height=”278″ allowScriptAccess=”always” allowFullScreen=”true” flashvars=”brandText=Parastoo+Film&brandLink=www.parastoofilm.com&endText=Thank+you+for+watching+this+film.+We+hope+you+have+enjoyed+it.+Click+on+me+if+you+would+like+to+see+more+films&endLink=www.parastoofilm.com&colourSet=blue”></embed>
<video width=”462″ height=”278″ src=”http://view.vzaar.com/808701.mobile” poster=”http://view.vzaar.com/808701.image” controls onclick=”this.play();”></video>
</object></div>
<!– VZAAR END –>
[/wp_eStore_APR]
I maybe wrong here but I am guessing you don’t want your paid customers to even be able to see the video embed code? The APR feature does not know what content you are embedding inside the APR shortcodes (it has no idea if you are embedding a video or an audio or images or some text content). The APR feature is only concerned about not letting anyone see this content unless they pay for it.
If you want to protect the actual source video even from the people who have the permission to view it (customers who have paid for it) then you need to embed the content in such a way that does not reveal the source. What method you use to embed your content that gives you this security is upto you. For video content the best option I know of is to use the Amazon S3 private/protected video embed option to embed the video on a page. There are a few products that can allow you to do this. One such product is the WP Lightbox Ultimate plguin:
Please see the video tutorial titled “How to embed protected videos from Amazon S3” from that page to get an understanding of this method.
- You must be logged in to reply to this topic.