NOTE: This page is intended for an audience with experience in WordPress and PHP code. Please consult your web developer or webmaster if you require assistance making changes to your WordPress website.Many of our users have requested a solution for protecting PDF documents purchased from their online WooCommerce store. They want to implement strong DRM security measures to prevent document sharing and other potential security risks.
To achieve this, you will need an All-About-PDF API key to make a REST API call to our DRM API service to protect the PDF document.
Please follow the steps below to apply custom security settings to a PDF document after the user has completed their purchase through WooCommerce.
Steps to Make an API Call from WooCommerce Checkout
Choose the Right Hook: Use a WooCommerce hook that is triggered during the checkout process, such as woocommerce_checkout_order_processed or woocommerce_thankyou.
woocommerce_checkout_order_processed: Triggered after the order is created but before the payment process.
woocommerce_thankyou: Triggered after a successful payment.
Add Custom Code You can add your custom code to the functions.php file of your theme (preferably a child theme) or create a custom plugin for better maintainability.
Make the API Call Use WordPress's HTTP API (wp_remote_post() or wp_remote_get()) to send a request to your custom URL.
Handle API Response Process the response from the API and take any necessary actions, such as updating the order meta or triggering an admin notification.
Here is an example code of how this looks
add_action('woocommerce_checkout_order_processed', 'custom_api_call_send_file', 10, 1);
function custom_api_call_send_file($order_id) {
// Get order details if needed
$order = wc_get_order($order_id);
// Path to the file you want to send
$file_path = get_template_directory() . '/path-to-your-file/example.pdf'; // Update the path to your file
if (!file_exists($file_path)) {
error_log('File not found: ' . $file_path);
return;
}
// Prepare file data for the API call
$file_data = array(
'file' => curl_file_create($file_path, mime_content_type($file_path), basename($file_path))
);
// Additional data to send with the file
$expiry_date = date('Y-m-d H:i:s', strtotime('+7 days')); //expires in 7 days
$expiry_time = '11:00';
$body = array(
'ExpiryDate' => $expiry_date,
'ExpiryTime' => $expiry_time,
'ExpiryMessage' => 'The document has expired',
);
// Combine file data and additional data
$post_data = array_merge($body, $file_data);
// Make the API call
$api_url = 'https://allaboutpdfapi.com/api/applydrm';
$response = wp_remote_post($api_url, array(
'method' => 'POST',
'body' => $post_data,
'headers' => array(
'Content-Type' => 'multipart/form-data',
'x-api-key' => 'YOUR API KEY'
),
));
$response_body = wp_remote_retrieve_body($response);
$response_data = json_decode($response_body, true);
if (isset($response_data['filename']) && isset($response_data['filedata'])) {
$decoded_file = base64_decode($response_data['filedata']);
if ($decoded_file === false) {
error_log('Failed to decode the Base64 file from the API response.');
return;
}
// Save the file to the server
$save_path = get_template_directory() . '/path-to-save/' . sanitize_file_name($response_data['filename']);
$file_written = file_put_contents($save_path, $decoded_file);
if ($file_written === false) {
error_log('Failed to save the file: ' . $save_path);
} else {
error_log('File saved successfully: ' . $save_path);
}
} else {
error_log('API response did not include expected file data.');
}
}
The parameters than can be passed with the POST body are shown below:
| Parameter Name | Data Type | Description |
|---|---|---|
| SetPDFToExpire | bool | Indicates whether the PDF should have an expiry restriction. |
| ExpireOnDate | bool | Specifies if the PDF should expire on a specific date. |
| ExpireAfterXdays | bool | Determines if the PDF should expire after a certain number of days. |
| ExpiryDate | string | The specific date on which the PDF should expire (retrieved from request parameters). |
| ExpiryTime | string | The specific time on the expiry date when the PDF should expire (retrieved from request parameters). |
| ExpiryMessage | string | The message to display when the PDF expires (retrieved from request parameters). |
| Xdays | int | The number of days after which the PDF should expire. |
| LockPDFToCountries | bool | Indicates if the PDF should be restricted to specific countries. |
| AllowedCountries | string | A comma delimited list of countries where the PDF is allowed (retrieved from request parameters). |
| LockToIPAddresses | bool | Specifies if the PDF should be restricted to specific IP addresses. |
| AllowedIPAddresses | string | A comma delimited list of IP addresses where the PDF is allowed (retrieved from request parameters). |
| AllowPrinting | bool | Determines if the PDF allows printing. |
| MaximumNumberOfPrints | int | The maximum number of prints allowed for the PDF. |
| PDFUserPassword | string | The user password for opening the PDF (retrieved from request parameters). |
| PDFOwnerPassword | string | The owner password for managing permissions on the PDF (retrieved from request parameters). |
| UseCloudValidation | bool | Indicates if cloud-based validation should be used for access control. |
| LockToXDevices | bool | Determines if the PDF should be restricted to a specific number of devices. |
| MaxDevices | int | The maximum number of devices allowed for accessing the PDF. |
| AllowedEmails | string | A comma delimited list of email addresses that can access the PDF |
| LockToEmails | bool | Determines if the PDF can only be viewed by certain email addresses. |