This post is most appropriate for a developer-level audience. Please proceed with caution.
My Use Case: A Simple Front-End Demo
I created a demo site for my PageLines DMS Tips site, which is a WordPress multisite network. I created a new site (let’s call it “site4”) and wanted a few things from it:
- Automatically login site visitors (no creating multiple user accounts — everyone’s logged in as the same user)
- Lock down the /wp-admin area
- Enable this single user account to be able to use the DMS Editor (front-end)
- Have some starter content on the site (e.g. posts, pages, menus, images, etc.)
- Reset the database every so often (e.g. 30 minutes)
- Be able to logout the Demo user and temporarily disable it from logging back in
Since I’m demoing a WordPress front-end, drag-and-drop editor, this is a different use case than most, but many of the principles may come in handy for whatever you’re trying to accomplish.
Automatically Login WordPress Visitors
While an old article, the WordPress Auto-Login code from Leon Bukhman (see “Update 6/4/08”) worked like a charm on WordPress 3.9.1 except for one WP_DEBUG message about using the deprecated get_userdatabylogin function, which I’ve fixed in my code.
Based on Bukhman’s code, I decided to only automatically login a visitor if they visit a certain page (e.g. www.site.com/auto-login/) and to prevent viewing of the login page even if logged in. I chose this method to avoid spammers and bots from just finding that the domain exists and then being logged in. It’s not secure or anything, but I figured I only wanted them to login if they got there from my direct link. Here’s my code:
I added it to the child theme’s functions.php and assigned the child theme to this site (and only this site) on the multisite network. Technically, it wouldn’t work on another site anyway because the ‘demo’ user account isn’t assigned to any other site on the network.
It could be turned into a plugin, which would make it easier to activate and deactivate.
Lock Down WordPress Backend Administration
There are actually quite a few wp-admin “controller” plugins available for free or pay. However, most just hide display of the items. Well, that’s not good enough because savvy users with malicious intent could still arrive at these pages if they type it in directly.
The Remove Dashboard Access plugin was just what I was looking for. If you are logged in as Demo User and visit a wp-admin page (e.g. /wp-admin/post-new.php), your access won’t be allowed. I chose to also disable the User Profile access because they don’t need to change anything there.
Note: You might also want to check the box to discourage search engines ( Settings -> Reading -> Search Engine Visibility ).
Assign Proper Capabilities to Demo User
The User Role Editor plugin came in handy once again.
I created a new Role (called ‘demo’) and assigned it the capabilities/permissions required for the PageLines DMS Editor (read, edit_theme_options, and edit_themes).
Then I assigned the ‘demo’ role to the Demo User.
Import Starter Content
WordPress provides a Theme Test Data .xml file for you to use. I’d recommend assigning some menus to theme locations, and clicking around yourself to make sure it’ll work for your use case.
For example, the “Home” menu link went to a hard-coded URL instead of the site’s home. Maybe it’s a bug, maybe it’s not, but you’ll want to click around first.
You may also want to add some of your own content. For example, maybe you want to showcase your own images, audio, writing, etc. Or you may want to setup more widget areas with different widgets in them.
Note: There is no “logout” link because that would logout all the visitors logged in as Demo User. If you want the same, make sure to remove the “Meta” widget from your Primary Sidebar because it includes a login/logout link and a link to /wp-admin.
Reset Database Every So Often
Restoring database tables to a certain point in time might seem complex, but it’s actually very easy. However, I didn’t find this method mentioned in all of my Googling.
Most solutions required a .php file, which might be necessary for restoring files, and those scripts seemed to overwrite the entire database instead of just my chosen tables (the ones for “site4” in this case). However, I only wanted to restore the database, not also files.
1. Export selected tables via PHPMyAdmin
In my case, I selected all tables that started with wp_4_ (the db prefix, an underscore, the site’s number, and another underscore).
After selecting the tables to export, make sure to check the box to add the DROP command. Then generate your .sql export file.
Note: If you’re wanting to replace the entire db (e.g. non-multisite installation), you can skip the step of selecting the tables. However, you’ll want to make sure you account for the possibility that additional db tables get created by your users (e.g. extra tables added by plugins). You may want to drop and re-create the entire database instead of just the dozen or so tables you want to reset.
2. Store the file on your server
You’ll need to store the .sql file somewhere. I’d recommend somewhere outside of public_html. Let’s create a new directory like ‘dbcronfiles’.
3. Setup the cronjob
Open your wp-config.php file to get the database username, database password, and database name.
In cPanel, go to “Cron jobs” and add a new cronjob. For example, every 30 minutes, do this:
mysql -u’username‘ -p’P@ssWord‘ db_name < /home/username/dbcronfiles/only-site4-w-drop-2014-06-23.sql
4. Test it
That’s it. Just make some changes to the database as your admin user or as Demo User and see if it gets reset every 30 minutes.
Note: your 30 minute cPanel cronjob will run at :00 and :30 every hour. If you set it up at 5:42 PM, it’ll run at 6:00 PM.
Changing What Resets
You may want to change the demo content or settings from time to time. To do so:
- Change the cronjob to point to a non-existent file (purposefully add a typo) or change to run once per year
- Disable the Demo User’s access from the site (i.e. change from ‘demo’ to ‘subscriber’ role)
- Optional: use the Force ReAuthentication plugin to logout the Demo user (requires them to re-visit the www.site.com/auto-login/ page to login again)
- Optional: comment out the auto-login code in your child theme’s functions.php file
- Make the changes you want to make
- Enable the Demo User’s access to the site (i.e. change from ‘subscriber’ role to ‘demo’ role)
- Export a new .sql file via PHPMyAdmin, upload it to your server, and edit the cronjob to point to the new filename and back to the interval you want (e.g. every 30 minutes)
If you chose to comment it out, uncomment the auto-login code in functions.php so visitors can login again.
Warning: Depending on what tables you’re restoring via cronjob, you may need to create a new .sql file after each WordPress, plugin, or theme update.
Promote Your Demo
Now that it’s all setup, link to your demo (if you want the public to use it).
For example, you can try my PageLines DMS theme demo at http://www.pagelinestheme.com/demo/
Everyone logged in as a single user may have its own drawbacks, but not requiring user account setup gets ’em playing with the demo right away. They’re not presented with an initial hurdle, wondering if it’s worth it to give up their email address.
Resetting every 30 minutes may affect someone who changes something at 7:29 AM and they think the theme doesn’t work because their update didn’t go through (due to the cronjob reset).
My hope is that it’s easy enough for anyone to try it quickly and figure out fairly quickly if it’s worth a purchase.
Please share your feedback via comment or tweet.