Jump to content

How to generate Gift Codes


Recommended Posts

When someone buys a "platinum" members, they get several trial gift subscriptions to give to friends and family.

What would be the best way to generate unique, random codes that are maybe 8-12 digits long?

The workflow I came up with last night does this...

In MySQL, I have defined which gift subscriptions are linked to a given Product Versions.  (Hint: @gizmola😉

Then when someone subscribes, I go to my GIFT_CERTIFICATE_DETAILS table, determine the number of free gift subscriptions, and then my PHP will need to generate that many codes and insert them into my GIFT_SUBSCRIPTION table.

	- id
	- subscription_id
	- product_id
	- gift_code
	

 

I am thinking that it is better to give people a numeric code?

And maybe something 8-12 digits, so it is long enough to be unique across all time, but not so long or complicated that it's a pain in the ass to type into the web form to renew them.

Thoughts?

 

Link to post
Share on other sites

As these are not registration keys AND they still have to be validated, you can simply generate a string of random numbers and characters, perhaps with some dashes between them.

Here is a simple routine that will spit out strings in the format of xxxx-xxxx-xxxx, with 256^6 combinations (281 trillion+) combinations.  

function generateRandomCode() {
  return substr(chunk_split(bin2hex(random_bytes(6)), 4, '-'), 0, -1);
}

Very low chance you will generate duplicate codes, but you still want your DB to have a unique index on gift_code, and recover should you try and insert a duplicate.  

Anything like this would work, as again these are not registration codes, are unique, and would be linked to a particular user.  

  • Like 1
Link to post
Share on other sites
Posted (edited)

 

8 hours ago, gizmola said:

As these are not registration keys AND they still have to be validated, you can simply generate a string of random numbers and characters, perhaps with some dashes between them.

What do you mean by "registration keys"?

The goal is to generate random, non-guessable codes that a member can share with friends or family.  When the recipient enters the code into the form, I check that the code matches against available member gift codes, and if there is a match, I add a "redeemed_on" date, adjust the shopping_cart price, and then allow the recipient to check out.

 

 

Quote

Here is a simple routine that will spit out strings in the format of xxxx-xxxx-xxxx, with 256^6 combinations (281 trillion+) combinations.  


function generateRandomCode() {
  return substr(chunk_split(bin2hex(random_bytes(6)), 4, '-'), 0, -1);
}

Very low chance you will generate duplicate codes, but you still want your DB to have a unique index on gift_code, and recover should you try and insert a duplicate.  

Anything like this would work, as again these are not registration codes, are unique, and would be linked to a particular user.  

Now that is very cool!!

Thanks!!!

Edited by SaranacLake
Link to post
Share on other sites
17 hours ago, SaranacLake said:

What do you mean by "registration keys"?

These look a lot like registration keys for commercial software.  The problem with registration schemes for many commercial products is that the scheme gets reverse engineered and then people are able to generate their own "legitimate" keys that register and unlock software.  I was just pointing out that these might look like a registration key,  but they aren't. 

  • Like 1
Link to post
Share on other sites
18 hours ago, gizmola said:

These look a lot like registration keys for commercial software.  The problem with registration schemes for many commercial products is that the scheme gets reverse engineered and then people are able to generate their own "legitimate" keys that register and unlock software.  I was just pointing out that these might look like a registration key,  but they aren't. 

Yes, they do look like registration keys, and if anything, I think that makes things look more professional.

But to be clear, there is no risk of reverse engineering, right?

I mean I generate a code, store it in my database, and then when a gift receiver enters in the "gift code", IF it matches what is in my database, then i reduce the price to $0.

I suppose a person could guess a code and get lucky, but it seems to me that is mathematically impossible consdering the "gift code' length, right?

 

Link to post
Share on other sites
3 minutes ago, SaranacLake said:

Yes, they do look like registration keys, and if anything, I think that makes things look more professional.

But to be clear, there is no risk of reverse engineering, right?

I mean I generate a code, store it in my database, and then when a gift receiver enters in the "gift code", IF it matches what is in my database, then i reduce the price to $0.

I suppose a person could guess a code and get lucky, but it seems to me that is mathematically impossible consdering the "gift code' length, right?

 

Very unlikely, given the number of possible permutations.  Furthermore, I would assume your system would track redemptions and limit them to a single use.  

Link to post
Share on other sites
17 minutes ago, gizmola said:

Very unlikely, given the number of possible permutations.  Furthermore, I would assume your system would track redemptions and limit them to a single use.  

Yes, one code, one use, plus in my usual paranoid way, i will likely tie the code to some PII so that Suzy Q cannot buy a "Platinum" plan and give herself 12 gift code, nor can she give all 12 to one friend.

Probably tie the gift code to a name, email, etc to try and limit abuse...

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.