外掛說明
Erdo Draft Links lets you generate a secure, token-based URL for any draft, private, or published post or page. Share it with clients, reviewers, or collaborators — they can read the content without needing a WordPress account.
Think of it like Google Docs’ “Anyone with the link can view” — but for WordPress.
How it works
- Open any post or page in the editor (Block Editor or Classic Editor).
- Click “Generate Draft Link” in the sidebar panel or meta box.
- Choose an expiry: 24 hours, 48 hours, 7 days, or never.
- Share the link. Recipients can view the content — no login needed.
Features
- Works with both the Block Editor (Gutenberg) and the Classic Editor
- Supports posts, pages, and any custom post type via a filter
- Secure 32-character cryptographic tokens — brute-force resistant
- Configurable expiry: 24 hours, 48 hours, 7 days, or no expiry
- View count tracking per link
- Revoke or regenerate any link at any time
- Tokens are stored hashed in the database — raw tokens are never stored after the redirect
- Two-step flow: token URL cookie clean permalink (token never appears in browser history)
- No external API calls, no phone-home, no subscriptions
- Translation-ready (English default, Turkish included)
Developer Notes
Developers can add support for custom post types using the erdo_draft_links_supported_post_types filter:
add_filter( 'erdo_draft_links_supported_post_types', function( $types ) {
$types[] = 'product';
return $types;
} );
Source Code
The full source code including build tools is included in the plugin’s assets/js/src/ directory.
安裝方式
- Upload the
erdo-draft-linksfolder to the/wp-content/plugins/directory. - Activate the plugin through the Plugins menu in WordPress.
- Open any post or page and find the Erdo Draft Links panel in the editor sidebar or meta box.
常見問題集
-
Does this work with custom post types?
-
Yes. By default Erdo Draft Links supports posts and pages. Add more post types using the
erdo_draft_links_supported_post_typesfilter. -
Yes. Tokens are 32 characters of cryptographic randomness generated by WordPress’s built-in
wp_generate_password. The raw token appears in the URL only once — subsequent visits use a signed HttpOnly cookie. Tokens are stored as SHA-256 HMAC hashes in the database. -
What happens when a link expires?
-
The recipient sees a clear message: “This draft link has expired and is no longer accessible.” The post remains a draft — nothing is published.
-
Can I have multiple active links for the same post?
-
Currently one active link per post. Regenerating creates a new token and resets the view count.
-
Does this work with password-protected posts?
-
No. Erdo Draft Links is designed for draft and private posts. Password-protected posts use WordPress’s own mechanism.
-
Does this plugin affect site performance?
-
Erdo Draft Links only runs on requests that include a
?erdo_token=parameter or a valid session cookie. Normal site traffic is not affected.
使用者評論
這個外掛目前沒有任何使用者評論。
參與者及開發者
變更記錄
1.0.1
- Fix: Replace deprecated
current_time('timestamp')withtime()for correct UTC handling.
1.0.0
- Initial release.