«
»

  • RSS Feeds and Wishlist Member

    Uncategorized
    24th June 2010 - By Charly Leetham

    RSS is a powerful way to deliver content to your community.  However, there is a lot of concern about the security of members only content when using RSS Feeds.

    One of the features of Wishlist Member is a Secure RSS Feed – but I really didn’t understand what that meant or how it protected my content…. so I thought I would test it.  Here’s what I found.

    There were three scenarios I tested…

    1. Member logged in - accessing the default feed of the site (i.e http://yourdomain.com/feed)

    2. Not logged in – accessing the default feed of this site (i.e http://yourdomain.com/feed)

    3. Not Logged In – accessing the secure feed of the site (i.e http://yourdomain.com/?wpmfeedkey=<somereallylongstring>

    What I found was very reassuring in terms of protecting content via the RSS Feed.

    Not Logged In, standard feed

    Access was provided to the public content only.  No protected content was displayed at all.
    So if someone subscribes to the standard feed, all they will get is the content you designate as public content.

    Logged In, standard feed

    Provides access to public and protected content (for that level) was provided.  No downloadable content was shown in the feed.

    This is a minor benefit – but some of your members may try this and it’s good to know what they will see.

    Logged In, protected feed

    Access to public and protected content (for that level). Downloadable content was shown in the feed.

    I recommend that you test this all for yourself before implementing it on your site and ensure that you are comfortable with what information ‘leaves your site’ ….

    Disabling The Feed Altogether

    Still not comfortable with any content leaving your site?  Using standard Wordpress Action api you can remove the feed completely or, better yet, send people to your sales or join page.

    Below is a function you can add to completely disable your feeds.  This function, will display the content of your chosen page in the ‘error message’ or (if the chosen page can’t be found) a simple message directing the visit the homepage.

    <?php
function twpw_disable_feed() {
$args=array(
‘post_type’=>’page’,
‘post__in’ => array(‘158′) //change the 158 to the id of the page or the post you want to display
);
$the_query = new WP_Query($args);
if ( !$the_query->have_posts() ) {
$message = ‘No feed available,please visit our <a href=”http://yourdomain.com”>Homepage</a>!’;
} else {
while ( $the_query->have_posts() ) {
$the_query->the_post();
$message = the_content();
}
}
wp_die( __($message),’Members Only’ );
}
add_action(‘do_feed’, ‘twpw_disable_feed’, 1);
add_action(‘do_feed_rdf’, ‘twpw_disable_feed’, 1);
add_action(‘do_feed_rss’, ‘twpw_disable_feed’, 1);
add_action(‘do_feed_rss2′, ‘twpw_disable_feed’, 1);
add_action(‘do_feed_atom’, ‘twpw_disable_feed’, 1);
?>

    Add this function to your themes function.php file and change this line:

    ‘post__in’ => array(‘158′) //change the 158 to the id of  the page or the post you want to display

    Modify the ‘158′ to be the id of the page or post you want to display in the message.

    I’m interested to see how you modify this function to work on your site.

    Charly Leetham is Wishlist Member Certified and an Online Business Implementation Expert and she helps small businesses take their business online. She provides services to solopreneurs and small business who wish to sell or promote their products and services online.
    Your Onine Business Implementation Expert and Virtual IT Support Team

  • Leave a Reply

    CommentLuv Enabled
     characters available