jessnoonyes Posted June 7, 2007 Share Posted June 7, 2007 I have a website where I sell one downloadable product. Someone pays for it and then is redirected to the download page. Problem is they could just bookmark the url and go back and download it again all they want. Is there a way to prevent that from happening? Somehow set it up so the page only displays if they've been redirected from PayPal perhaps? Quote Link to comment Share on other sites More sharing options...
trq Posted June 7, 2007 Share Posted June 7, 2007 You'll need to set a $_SESSION variable prior to the redirect. then, on the page, check that this $_SESSION variable is set. Quote Link to comment Share on other sites More sharing options...
jessnoonyes Posted June 7, 2007 Author Share Posted June 7, 2007 I would set that variable on a different page from the download one? Quote Link to comment Share on other sites More sharing options...
trq Posted June 7, 2007 Share Posted June 7, 2007 Yes. Quote Link to comment Share on other sites More sharing options...
jessnoonyes Posted June 7, 2007 Author Share Posted June 7, 2007 I am such a novice when it comes to this. I'm sorry! Any help would really be appreciated. So after a lot of looking around online I understand that a session can be started when a particular page is visited with the start session code, and that session info can be saved and passed along to subsequent pages and would eventually expire and die (right?). Is this the code I use to start a session: <?php session_start(); // ?> And then what do I put on the page I want protected to verify that the visitor didn't just type in the url but came from the start session page? Quote Link to comment Share on other sites More sharing options...
chigley Posted June 7, 2007 Share Posted June 7, 2007 <?php session_start(); $_SESSION["redirected"] = true; header("Location: x.php"); ?> <?php session_start(); if(!$_SESSION["redirected"]) { die("You are viewing this page incorrectly"); } // Rest of page here ?> Quote Link to comment Share on other sites More sharing options...
jessnoonyes Posted June 7, 2007 Author Share Posted June 7, 2007 You rock. Thanks! So do I put the first bit of code on my starting page, and the second on the page I want protected? Quote Link to comment Share on other sites More sharing options...
chigley Posted June 7, 2007 Share Posted June 7, 2007 Yeah Quote Link to comment Share on other sites More sharing options...
jessnoonyes Posted June 7, 2007 Author Share Posted June 7, 2007 Do I need to change it at all with my page information or is it good to go? I really appreciate your help! Quote Link to comment Share on other sites More sharing options...
chocopi Posted June 7, 2007 Share Posted June 7, 2007 The only thing you need to change is the x.php bit to what ever page you redirect to and then you obvioulsy put your code where Chigley put //rest of page here ~ Chocopi Quote Link to comment Share on other sites More sharing options...
jessnoonyes Posted June 7, 2007 Author Share Posted June 7, 2007 It didn't do anything ??? I can still type in the url of the page and it opens up. Wonder what I did wrong. I put both those snippets of code above the html of the pages, and changed the x.php to the file.html page name I want protected. Was that right? Quote Link to comment Share on other sites More sharing options...
penguin0 Posted June 7, 2007 Share Posted June 7, 2007 You need to make sure you are not doing this on the page you want protected: <?php session_start(); $_SESSION["redirected"] = true; header("Location: x.php"); ?> If that code is on the page you want protected then it will always say that redirected = true. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.