March | 2013 | s2Member Membership Plugin for WordPress

PayPal Pro, PayFlow, DPRP, Express Checkout

There has been some confusion with PayPal's services, so I'm writing this quick article to help understand them better.

PayFlow Pro is not supported by s2Member Pro.

s2Member Pro supports PayPal Pro, which may be using the PayPal Pro API or the PayFlow API. The latter version is called PayPal Pro PayFlow Edition. http://s2member.com/kb-article/supported-paypal-account-types/

If you want to take payments on your site, make sure that you have PayPal Pro, not PayFlow Pro. Then check if you have the PayFlow Edition and, if so, include the PayFlow credentials in your s2Member integration. WP admin -› s2Member -› PayPal Options -› PayFlow Account Details

If you're selling a subscription and receiving payments on your site, then you'll need to upgrade your PayPal Pro account with the DPRP service. I think DPRP stands for "direct payment recurring payment".

In the PayFlow Edition it's called Recurring Billing. If you give a trial/initial term, even if it's a single payment, it's a subscription; trials are not possible with buy-now transactions.

Express Checkout can't be disabled in the s2Member pro-forms, it'll always be an option and the button has to be that one, can't be customized. If you're selling buy-now with Express Checkout, the user will not be required to login to a PayPal account to pay, but he will if you're selling a subscription.

If you have PayPal Pro PayFlow Edition and will sell subscriptions, you'll need to have Reference Transactions enabled for your account so Express Checkout works correctly.

I hope that helps with some of the common misunderstandings.

Amazon S3 and CloudFront link expiration

s2Member tells Amazon to expire the link after 24 hours automatically.

In most cases, the download begins and ends after a single request, so 24 hours is more than enough time for a customer to connect to the file and begin downloading the file. It won't matter how long it takes them to download the file, as long as they connect within 24 hours.

This can become problematic if the person leaves the browser open to watch a video the following day, for example. 24 hours after the initial connection, the underlying link to the resource expires. So future attempts would require a new download link for the file, which can be done reloading the page.

Maybe you want to let the link live longer, or you feel 24 hours is too generous and you'd like it to expire sooner. s2Member has a filter that allows you to modify the default expiration time of 24 hours. So if you'd like to change the expiration time, you can certainly do that.

S3

Please create this directory and file:
/wp-content/mu-plugins/s2hacks.php
See: http://www.s2member.com/kb/hacking-s2member/

<?php 
add_filter('ws_plugin__s2member_amazon_s3_file_expires_time', 'my_s3_expiration_time');
function my_s3_expiration_time() {
  return '36 hours';
}

You can specify any length of time you like. Please use a string that is compatible with PHP's strtotime function. E.g.: 2 hours, 2 weeks, 10 days, are all valid periods of time.

CloudFront

The default expiration time on CloudFront integration is also 24 hours, and there is a filter for it as well.

<?php
add_filter('ws_plugin__s2member_amazon_cf_file_expires_time', 'my_cf_expiration_time');
function my_cf_expiration_time() {
  return '36 hours';
}

Offsite ClickBank buttons

There may be times when you need to have the ClickBank order button in a site other than the one where you have s2Member protecting the content. In those cases the button shortcode will not work, and using a regular ClickBank button won't integrate with s2Member to grant access to the content after checkout.

s2Member now uses digitally signed URLs to help prevent fraudulent transactions, and to prevent ClickBank URLs from being modified by an end-user (e.g. to prevent someone from changing the Membership Level # in the URL on their own, or from changing other important details, like term lengths).

Some have tried using the shortcode to create the button's code, and then copied this output code and pasted it elsewhere. This won't work either, because the variables need to be updated each time and that's done with the shortcode.

Current versions of s2Member absolutely require that each ClickBank button be generated each time by the shortcode on the site with s2Member. This way the URL leading to ClickBank is digitally signed by s2Member for future authentication after a completed purchase (e.g. the IPN handler will NOT process the IPN if the original link to ClickBank was missing it's digital signature).

I suggest that you link Site B to your sales page at Site A (i.e. your actual installation of s2Member), where your ClickBank button code will be generated by the s2Member shortcode at Site A.

Another possible alternative is to create a simple script at Site A, which generates a ClickBank button URL and redirects the person there. For instance, you might create a must-use plugin like this one:

Create this directory and file:
/wp-content/mu-plugins/s2hacks.php
See: http://www.s2member.com/kb/hacking-s2member/

<?php
add_action('wp_loaded', 'handle_custom_clickbank_redirections');
function handle_custom_clickbank_redirections() {
  if(isset($_GET['clickbank'])) {
    $clickbank_checkout = do_shortcode('http://0.clavaque.pay.clickbank.net/?cbskin&s2_invoice=1&s2_p1=0+D&s2_p3=1+M&s2_desc&s2_custom=s2member.net&s2_customer_ip=18.207.240.77&s2_subscr_id=s2-6475a9df2a81b&_s2member_sig=1685432799-9eeac09a76945e976845f4af37f45a0b');
    wp_redirect($clickbank_checkout);
    exit;
  }
}

The shortcode in the code above has been abbreviated here for clarity. You will need to generate your own full ClickBank Button Shortcode, and set output="url". WP Admin -> s2Member -> ClickBank Buttons

With this must-use plugin in place, now create a link on Site B pointing to Site A. Site A will silently redirect the customer to ClickBank checkout.

http://yoursite.com/?clickbank=redirect

User review/approval process

We’re often asked how new user registrations could be reviewed before they get access to the site’s content when the registrations are open to anyone. WordPress doesn’t have an account activation process, but it’s possible with s2Member to do something that may be just as useful.

Instead of having your content protected at Level 0 for registered users, which is the level free users are normally registered at, you can protect it at Level 1. The new user that registered, although having his account active, would not have access to any content.

The account approval would consist of upgrading it to Level 1 after you review it and decide to grant the user access to your content. This is easily done editing the user’s profile, changing his role to s2Member Level 1.