I've been assigned to add some features to an existing newspaper. This newspaper is based on Wordpress. They want to add a subscription feature for subscribed users to receive email with the latest news and some other stuff.
They also want a coupon system, which I'm planning to implement using CouponPress (http://www.couponpress.com/) which is a separate Wordpress installation for coupons.
They want to keep the subscribers functionality completely separated from the main blog to avoid opening security holes for attackers to gain admin or editor roles and mess with the newspaper.
What do you recommend for this?
If I keep the subscription feature attached to the second blog, is there a plugin or something to automatically email the subscriptors of the second blog with latest entries, a daily or weekly? I want the second blog to look as part of the first one for users. Maybe replicating the user list somehow in the main blog, but avoiding sign in on it.
What do you think?
Thanks for your help
just throwing an idea for the subscription feature, if you do go the path of subscription to the other blog you can write some quick and dirty function to query the new or even an sql trigger to copy new user recordds to the other db (I don't know if mysql allows for inter db copy triggers)
but - I don't really know what'll you'll achieve that way. if the data isn't secure and sanitized someone could try to run an sql injection. and then copying the record to the other db would contaminate it either.
better use on of wordpress good security plugins, harden server access etc
Related
I’m building a WP plugin to enhance a website, and come to an interrogation with the workflow.
Basically, I have to create a custom post type, assorted with several custom taxonomies, which will be used/displayed on the frontend and backend, and create a backend section in order to interact with our CRM, and Supabase via their respective APIs (service centralisation).
All of the second part is only intended to be used/displayed on the admin section, to logged users.
However, when creating/saving a custom post type, or when viewing it from the frontend, I have to make a GET request to the CRM to fetch some data and store it in JSON somewhere (24h cache).
That I can do.
At the moment, I worked on the CPT part, and made a class to interact with the CRM, with credentials stored in wp_options. I now have to work on the backend part.
My question is: what are the best practices here? Keep it in a single plugin or divide into several plugins?
And if I divide, how should I turn it? 2 plugins, one for the CPT and one for the backend? Or go even deeper, and get the CRM and Supabase their own simple plugin, and call their methods to make my requests?
I am short of ideas here, so if you encountered this situation, could you enlighten me?
I am trying to evaluate the possibility of creating a plugin for Parent/Child functionality in Wordpress user creation.
What we need to achieve is to allow a Parent to create a sub-user account for his children. This accounts will have limited access but that can be done later with other Wordpress plugins.
What does not exist right now or what I was unable to find, is a plugin which gives the possibility to an existent standard user, to create sub-accounts related to him.
I do not want anything particular except the association between the accounts. The main user should have the possibility of adding or removing his child accounts.
Do you think this is something that is ok to do? Does it open us to any hacking possibility or vulnerability or create problems in the future?
If not, what would be in your opinion the best way to proceed and do this? What would be the best, fastest and most secure flow of operations?
Looking forward to your opinions.
Thanks in advance.
Regards
I know this is an old post but here's an option for anyone searching for this in the future.
First, you need to register a new user role. When you register the role, you are free to assign any capability you want. In this case, give the new role the capability to add users.
Then you can create a one-to-many relationship between the new user role and the standard subscriber role. So the new user role can have many subscribers but a subscriber can only belong to one new user role.
This will do what you want. There are several plugins that can do this if you are not comfortable with coding which seems the case per the OP's question. You can try PODS which is free and available in the Wordpress Plugin Directory - https://wordpress.org/plugins/pods/.
You may have seen WP plugins that allow guests to submit posts. Those submissions proceed to the WP posts area where the admin can edit/publish them.
I want to create a form like this that I can install on my (and other people's) computers, so they can fill out the form fields for a WP post, save offline, then send to my WP site when ready.
Can anyone tell me the steps involved, and, if there is a description for what type of thing this is, please let me know to aid my search.
I am learning code at present and want to learn while building tools.
Thanks
Hi hope I can give you some hints with this answer.
I don't know what programming language you would like to use, but for the communication with your Wordpress blog you could use the WP API to create a post over REST API. It offers a API to create and edit your Wordpress Posts over HTTP.
Your programm just have to check if an connection is possible and then execute the API calls.
You could use an database to store all created post and then call the Create Post Task with the POST Method over HTTP for each post saved offline.
When the creation was successful you could update your offline database, so that the post is marked as already created.
i am newbie to wordpress.I just created a free blog in Wordpress.I want to know how to create Database in it and use it. Any links to good tutorial will be great.Thanks in advance.
WordPress itself uses a MySQL database to store (among other things) post content and meta, users, info about plugins, etc.
In terms of creating a separate database from the one that's in WordPress itself, the question you're asking itself makes me very hesitant to think that you should. You'd be dealing with passwords, permissions, and a whole range of very easy to screw up settings that probably aren't worth playing with if you're new to WordPress.
If you wanted to use the database in WordPress itself and have the ability to write queries or create tables, you could look at any number of SQL plugins (eg http://wordpress.org/plugins/sql-executioner/ or https://wordpress.org/plugins/elisqlreports/) that would allow you to query tables in the WordPress database.... I don't recall if the existing plugins would allow you to create/modify tables, but phpMyAdmin or terminal would be just fine for that if not.
Since you're new, let me ***strongly*** encourage you not to modify/delete the default tables in WordPress, especially not on a live site.
Best of luck
I have two instances of Drupal on same server instance 1 and instance 2 with different databases. I want to do following functionality so I will go ahead for my work.
Unique login for both instances. When I login to instance 1 then if I open url of instance 2 on same browser then it should not ask for me login.
While any add/update operation perform on instance 1 or instance 2 then user table should be updated in both databases.
Please let me know so I will go ahead.
Thanks in advance.
If there you I would utilize Drupal`s openid (oAuth) technologies. That could be done with some minor coding or even a couple of modules.
That would allow you to create linked accounts but different profiles for each site. You would have a setup like it is here at stackexchange network and some additional functionality.
EDIT: There is a module called OpenID URL.It will give your users ability to use their profile pages as OpenID URLs. You could do it with a just a tad of coding.
Then you could simply copy "Loin with OpenID" URL form your other site and name it "Create joined account..." or something like that.
You could use oAuth technology if you want more advanced connections.
There is also a possibility to create a multisite website.
I have not tried this module yet, but it sounds promising, to solving your first part of the problem: project bakery.
Bakery provides a "single sign on" feature for Drupal based sites that
are on the same second-level domain (i.e. example.com,
subsite.example.com, subsite2.example.com). It could also provide
support for any other website that implements the same web cookie,
xmlrpc, and POST methods.
For the second part I'm very interested in a solution. The only thing I can come up with at the moment, is some kind of RSS feeds. I know you can create nodes based on that.