autopdr Posted August 6, 2008 Share Posted August 6, 2008 Hi Guys I have only basic php skills and need some help with sessions (well I think I need sessions). I am building a simple site for a client from which we are streaming pay per view presentations. These will be purchased via Buy Now buttons with PayPal. PayPal will redirect the buyer to a page with the presentation stream once payment is completed. I therefore need to stop buyers from returning to this page or refreshing the page to view again. So my goals are: 1. Allow the page to be viewed only if redirected from PayPal 2. Do not allow the page to be refreshed 3. Do not allow the page to be revisted via cached URL, bookmark, favourite, copy and pasting full URL into new window etc 4. If possible hide or mask the URL I've had a search through the site but couldn't find anything close so any pointers, tutorials or snippets (with explanation for dummies) would be appreciated. Link to comment https://forums.phpfreaks.com/topic/118406-help-with-php-sessions/ Share on other sites More sharing options...
MasterACE14 Posted August 6, 2008 Share Posted August 6, 2008 google "PHP Paypal IPN script" IPN stands for instant payment notification. Thats what your after. Regards ACE Link to comment https://forums.phpfreaks.com/topic/118406-help-with-php-sessions/#findComment-609416 Share on other sites More sharing options...
JasonLewis Posted August 6, 2008 Share Posted August 6, 2008 I'd just recommend searching around the PayPal website as well. You can do your testing in the sandbox that PayPal offers. Can be quite handy. Link to comment https://forums.phpfreaks.com/topic/118406-help-with-php-sessions/#findComment-609418 Share on other sites More sharing options...
BioBob Posted August 6, 2008 Share Posted August 6, 2008 I have to make a very strong recommendation here because it sounds like you are using the referring page as part of a security check. This information is not reliable and will vary from browser to browser, and can be very easily forged. Dont try using the referring page as part of a security implementation. Your customers that use firefox will hate you for it. Link to comment https://forums.phpfreaks.com/topic/118406-help-with-php-sessions/#findComment-609423 Share on other sites More sharing options...
MasterACE14 Posted August 6, 2008 Share Posted August 6, 2008 for your security to only let people who have payed go to the php page after the purchase. in your paypal form you use the custom field. <input type="hidden" name="custom" value="whatever"> then do the security based on either that $_POST (which goes from your website > paypal > website) or any of the other paypal form $_POST's if(!isset($_POST['custom']) || empty($_POST['custom'])) { die("Access denied"); } and what ever other security measures you need. Link to comment https://forums.phpfreaks.com/topic/118406-help-with-php-sessions/#findComment-609437 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.