FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Secure website
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Secure website [message #183542 is a reply to message #183537] Wed, 30 October 2013 14:47 Go to previous messageGo to previous message
Graham Hobbs is currently offline  Graham Hobbs
Messages: 42
Registered: September 2010
Karma:
Member
On Wed, 30 Oct 2013 06:52:01 +0100, "J.O. Aho" <user(at)example(dot)net>
wrote:

> On 30/10/13 04:02, Graham Hobbs wrote:
>> Hellop,
>>
>> I have an ordinary website (all PHP), it has no 'conscious'
>> protections, just code that does a job. One page (not written yet
>> because I don't know how), will advertise a product for sale.
>>
>> My concept is that a buyer goes to a paypal screen, does the
>> necessary, when payment is verfified and paid, an email is
>> automatically sent to the buyer with a download key. At the buyers
>> dicretion, they go to the download page, enter the key and the
>> software gets downloaded. Is this sort of thing a novice PHP'er could
>> do.
>
> Sure a novice coder could do it, but the question is if it's a good
> solution they do or not.
>
>> ... how to prevent more than one download, do I store the software
>> package on my ISP's server, is it safe, since it has several exe files
>> would they be in a zip file, how to assign a download key, let the
>> whole process be automated?
>
> You store the key in a database, together which package, who and a
> download time.
> When the user request for the file, you check against the database to
> see if the row has a download time, if not allow the start of the
> download (keep in mind that the user do not get a direct download link,
> but it's the php which serves the content to the user) and when the
> whole file been sent, then update the row with a download time.
>
> See to that the zip files ain't located in the DocumentRoot directory,
> for it they do, then you can download them without the need of the key
> you want to send.
>
> And yes, it can be made completely automated, take advantige of the
> PayPal IPN system and do not forget that PayPal transactions has a highe
> chargeback fee and customers do more disbutes than with other payment
> alternatives, so somone could pay and download your product and then
> disbute the payment and in worst case you will have to pay for it, so
> you need to log everything on your site, so you can proof that the
> customer did download the product they paied for.
---
Gentlemen,
Thanks for that info. It seems I need to learn the comcepts behind
post/get/database etc .. is this how one codes for a dialogue with my
site? Besides the PHP manual, might there be such things as 'template'
examples?
Graham Hobbs
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: reading files with accents in the filename from PHP
Next Topic: No action desired until one button is clicked
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sun Nov 24 20:24:03 GMT 2024

Total time taken to generate the page: 0.05127 seconds