onlyican Posted August 2, 2006 Share Posted August 2, 2006 HeyBuilding a script, simular to payloadzI have it set up really sweet.They pay on paypal.Information is sent back, saying if they paid, how much, and what for. and off course, Success or not.I also have a script which ReWrites the links (Thanks to someone on this forum)which is sweet, They can download the file, but only works if they are within the script page.NowWith the Paypal, they parse the data using GET method, and you connect to the paypal site to confirm everythingWhat is the best method to stop people copying the address and sending it to a friend to download the files?I can buy everything, go to a forum, and post the link, now 100 people can download the same thing for free.shall I make them log in using the email used on paypal. and only show the links to one IP addressShall I make the Get Links into a Form using POST method, and divert the page to download the links.(This means that the information used to contact paypal is now in POST method, and only works once)or another better option from another brain? Quote Link to comment Share on other sites More sharing options...
HeyRay2 Posted August 2, 2006 Share Posted August 2, 2006 The best method would be to create a membership system that will keep track of what user has access to what files.There are some good "membership system" tutorials on this site [url=http://www.phpfreaks.com/tutorial_cat/7/Membership-Systems.php]HERE[/url] Quote Link to comment Share on other sites More sharing options...
onlyican Posted August 2, 2006 Author Share Posted August 2, 2006 I dont need tutorials, I can build membership sites blind foldedI would do that for my site, but my client dont want / aint paying enough for that Quote Link to comment Share on other sites More sharing options...
HeyRay2 Posted August 2, 2006 Share Posted August 2, 2006 Sounds like you already have the ability to do what you want to do. I don't understand how developing a new method for protecting certain parts of site is would be less expensive to a client than something you already have the skill to do "blind folded", but I digress...Perhaps you could have a database table that will track the PayPal transaction ID or email address, the associated file, and whether or not the user has downloaded the file. Once they've downloaded the file it will mark the database entry and "disable" the download link for further use. ;) Quote Link to comment Share on other sites More sharing options...
onlyican Posted August 2, 2006 Author Share Posted August 2, 2006 This question came up before?How would I check if the file has completly download on the users machine. Its not possible is it.I was thinkin to check the refer host address,[code=php:0]$refer=parse_url($_SERVER['HTTP_REFERER']); echo $refer[host];if($refer[host] == "www.paypal.com" || $refer = "www.sandbox.paypal.com"){//Show other 300 lines of code}else{echo "On your bike";}[/code] Quote Link to comment Share on other sites More sharing options...
bltesar Posted August 2, 2006 Share Posted August 2, 2006 store paypal confirmation information in a databasewhen received via GET, check the database to make sure the confirmation has not already been usedfor first time requests, set a SESSION variablle to indicate that downloading is authorized and require the buyer to get their download on that session onlyif you want customers to be able to return and re-download whatever it is they're buying, or their purchase allows access to multiple downloads over a period of time, you will need to set up user accounts with password access. If they are required to submit sensitive information that can be accessed by logging in, only then will they not give out their login information and allow others to get the downloads. of course, what's to stop people from emailing whatever they download?Now if my suggestions are not helpful, please do not be offended! More information might be needed. Quote Link to comment Share on other sites More sharing options...
HeyRay2 Posted August 2, 2006 Share Posted August 2, 2006 Short answer: It's not possible.Checking the referrer may work, but you can't be 100% sure why or how they came from a certain site to yours.In the case of my suggestion, to ensure a user can fully download a file, you could:[list][*]Give the user the ability to send a form or click a link to "request" another chance to download the file. You could then reenable their download link manually or with a "link request" script[*]Give the user a certain time period in which they can download the file, giving them plenty of chances to download it correctly, and disable the link after that time period. This, however, gives the user a certain window of time to share out the link.[/list] Quote Link to comment Share on other sites More sharing options...
onlyican Posted August 2, 2006 Author Share Posted August 2, 2006 I know its impossible to stop.Whats to stop someone creating a website with all the files on there. NothingWhats to stop emailing the files, NothingBut if I can stop people cheating the links, it helps more.If someone wants to do something bad enough, they can. (steal files ect) Quote Link to comment Share on other sites More sharing options...
HeyRay2 Posted August 2, 2006 Share Posted August 2, 2006 Impossible to stop completely, because once the user has the file, it's future travels are up to that user.However, using some of the methods mentioned in this thread, you can at least ensure that when people are getting the file from you, you are getting your due compensation.Good luck... :) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.