Hey guys, I'm trying to sync 2 sites on drupal, ideally the route to go would be to use feeds, however the content I'm trying to sync is restricted to users with a role they pay to have.
That means the other site can't see the feed because it gets denied the content. How would I go about exposing this feed so feeds can crawl it on the other site?
I ended up writing a module that outputs as rss, I used an access callback to validate the host and a key I appended in the url of the feed. works pretty well.
Related
I want to call Facebook's Graph API from the client to READ public posts on a page using a permanent Page Access Token. I'm curious if this is safe (or how to make it safe). From everything I've read and tried, an access token is required to perform this operation and none of Facebook's other functionality will suit my needs (see background below).
https://developers.facebook.com/docs/javascript/reference/FB.api/ suggests that it is safe to expose Page Access Tokens to the client, but I'm suspicious they're lying to me.
Background:
I'm working with a group that wants to display some posts from their Facebook feed on their WordPress website. They don't want to display all posts, but rather filter them based on a hashtag. I don't know a ton about WordPress, but I'm guessing I can't implement custom back-end API calls on a WordPress site. Please suggest any alternative solutions that you might have!
Access Token are like house keys, you NEVER leave them in front of the door. Which means, you should NEVER hardcode any Access Token. No matter if it is an App, Page or User Token. The docs do not state anywhere that it is ok to expose tokens, they just state how you can use a Page Token on that page in your question - but you cannot just hardcode it on the client.
Vulnerabilities: Without extra permissions, this would be more like a privacy issue, because you can get a lot more info with a Page Token (as the Page owner) than with a simple App Token.
Of course it is possible to do that kind of backend-calls with wordpress. And it would be the far better way, i think.
First you can use the WP-Cron to time your Facebook-Calls. You could create a Cron-Job every hour or so.
WP Developer Scheduling WP Cron Events
Wordpress Codex wp_cron Function Reference
Kinsta Knowledgebase Wordpress Cron Job Tutorial
If you work first time with the WP-Cron have one thing in mind: WP-Cron depends on Site-Activity to be run. So if there is no Traffic on the Wordpress-Site, no Cron-Jobs are run. Here is a link how to add WP-Cron to your systems cron, so your API-Call will be called every time you intend to:
WP Developer Hooking WPCron into System Task Scheduler
The Cron-Job than can use the Wordpress HTTP API to do the call. You should check the Docs on the HTTP API and the wp_remote_request function in special.
Wordpress Codex HTTP API
WP Developer wp_remote_request Reference
Or you could install the Facebook SDK with your Theme/Plugin.
I'm not sure about the security impacts when using a Page Access Token on the Client, but it seems to me, that it would be a better way to do that kind of job.
I am trying to build a spiritual website for one company and they are planning to embed some videos in their website.
And they are requesting me to make their videos private as they don't want the users to download them as they are collecting some amount for the classes and they would like to give those videos at a particular time on the website for the registered users.
If we go for live streaming it's costing much so we are planning to host it on the same website and remove them after a period of time.
So I would like to know what is the best way to do this?
Consider using a combination of PayPal Subscriptions and Forms Authentication. Use the PayPal IPN to get the users status (if they're paid up or not) and associate this with the transaction ID and user ID.
They will only get access to the video class page if they are authenticated. At that point, you can retrieve their subscription status from the DB and grant them access if they are paid up. If not, provide a friendly message and link to PayPal.
ASP.NET PayPal Subscriptions IPN [caveat: own blog]
How to set up a Paypal Subscription
You may have to use profiles to store extra information per user. If this is the case and you are using ASP.NET WAP (2.0+), then use the following info to set that up:
ASP.NET Profiles in Web Application Projects
Serving videos in a website can be done using either streaming or progressive download. The latter is technically similar to any other download, i.e. if users find the video's URL, they can download it.
You can write client-side code for hashing a one-time token to try and obfuscate the URL of the video file, but essentially committed users can hack their way into the download URL.
Your other option is to use DRM, which will allow you to restrict playing the file even if downloaded. But that might actually cost you more than streaming. (It will also provide better protection of your video, as streamed videos can also be saved on users' computers if they know how to).
We have a private google site on google apps but want to be able to generate an rss feed so people within our domain can add the feed to different readers (including google reader) how can we generate this feed?
Write a web service that will have the credentials to fetch data from the private Google Site.
Have it fetch the feed you need and republish it.
Check the Google Sites API documentation for details.
You can put the URL of the web service on the site where your users can find it.
Note that you will need access to a web server and some server programming skills to do this.
I have a Drupal website, and I am currently using Feedburner, mainly to get statistics about the number of subscribers and methods of subscriptions.
However "burning" my feed is complicated, it's hard to restrict people from accessing the original feed, and it only does one feed, as opposed to various tag feeds, user feeds, etc.
How would you have Drupal collect and present feed access and subscription satistics?
Are you using the Feedburner module? It will do redirection from the original feed URL to the FeedBurner feed URL (FeedBurner itself will still have access to the original). You can do it for multiple feeds, though I think you still have to add those manually, which will be cumbersome for all the various tag feeds.
What's the best way to track how many times items in your RSS have been accessed?
Assuming your RSS is served from a webserver, the server logs would be the obvious place to gather statistics from. There are numerous packages for parsing and interpreting webserver logs.
AWStats is a popular (free) package, and Wikipedia keeps a fairly comprehensive list.
If you serve your feeds through something like FeedBurner then you can also get stats from there including clicks
You could use Google Analytics, but you would need a service to make the correct requests to the Google Analytics API or redirect to it. There are two APIs you can use:
the __utm.gif "API"
the Measurement Protocol API
To use the later (you need Universal Analytics), which is way better in my opinion, you would need to make a request or redirect to something like:
http://www.google-analytics.com/collect?z=<randomnumber>&t=pageview&dh=<domainname>&cid=<unique-client-uuid>&tid=<propertyid>&v=1dp=<path>
Where:
<randomnumber> is a random number to avoid caches (especially if you do redirects)
<domainname> is the domain name you see in your tracking code
<propertyid> is the property id you see in your tracking code (eg: UA-123456)
<path> is the path to the page you want to register the pageview for. Note that it must be quoted. Eg, for /path/to/page you would need to send %2Fpath%2Fto%2Fpage
I've implemented a simple redirector service that does exactly that here (explained at length here)
If you're stuck with the Classic Analytics then you would need to use nojsstats or the older implementation