Hey there... I'm looking for a validation script or how to verify a users account if it's active or not. Essentially, were using amember for our membership management and we have a wordpress plugin that needs to be validated to work. We will be using the Transaction Key generated from the purchase that's also in amember as the license key to activate the plugin. What we need the script to do is once the user enters in their receipt number in the field and clicks save settings a curl script is to go out and check the database to see if this user is active or not. Is there something out already made? If not, what are the tables to search the find which users are active or not? Thanks in advance, C
I think he means that they have developed a wordpress plugin which they are selling and those that are sold need some sort of validation.
Erwinvdb: Right we need some sort of validation license to approve the plugin. What I've seen is to use the receipt # as the license number and then send a cUrl script to go into the Amember DB and see if it's the account with this license key (receipt #) is set to ACTIVE. If not, then it's a no go. Anybody know how to do this?
http://www.kenetix.net/Utilities-License_Generator.html http://www.phplicensescript.com/pages/products.html http://solidphp.com/products/phpaudit/index.php http://www.zend.com/en/products/guard/ http://www.phplicengine.com/
A route I've used in a couple of environments is to code the plugin check for a file from your server that is protected by aMember. This will allow you to control access to the plugin by who has access to the product that gives access to the folder the file is in. Depending on your plugin, you may want to limit this to the first time the plugin is accessed, only check from WP Dashboard access or even checking every 'x' days/weeks/months.
I think that would that mean you have to code a username/password in the config area for the plugin, right? And the username/password is used for the URL to access the protected page on the amember site?
I've done it a few ways, depends on a number of factors.. If it is a one time authentication (ie. just activate during first run in admin, but no further checks) you don't need to store the credentials since you check during the initial plugin initialization. In this case you can do 1 of 2 things: 1) Have them login to your site FIRST and then within the same browser go to their wordpress dashboard to retrieve/execute the protected activator content (whatever that is for your implementation). Since the cookie will already be present it will just work 2) Make a call (SSL of course) via the plugin config on the push of an "Activate" button. If your site cookie is not present you can either use rewrite and iFrame (or popup) a login or use basic auth and popup auth. If it is a check every 'x' days/weeks/months, then yes you will need to store (and encrypt I assume) the userid and password for your site as well as coding a call SSL I assume) from the dashboard. Not a big fan of checking on front end side of things.. heavy load on your server and bad user experience for the customer's customers.. although.. you could give the plugin away for free and get your payment from the analytic data you capture from their users behavior patterns