kurt.santo Posted January 24, 2008 Share Posted January 24, 2008 Working on this new project, where I am going to integrate Paypal to enable the user to pay for a downloadable CD from the website. The Paypal bit seems straight forward, user gets directed to Paypal to pay and comes back to our website when he/she is done. Now, my question: how do I stop people to download the file who have not paid and enable the one who have paid to get the file?Kurt Link to comment Share on other sites More sharing options...
justsomeguy Posted January 24, 2008 Share Posted January 24, 2008 It's going to depend on what information Paypal sends back to your site, but you'll want to keep a record in the database for a certain user to have access to download a certain file. That seems the best. You can use the session, but if someone leaves the page or something before they download they won't have a way to download the file without paying again. Link to comment Share on other sites More sharing options...
kurt.santo Posted January 25, 2008 Author Share Posted January 25, 2008 It's going to depend on what information Paypal sends back to your site, but you'll want to keep a record in the database for a certain user to have access to download a certain file. That seems the best. You can use the session, but if someone leaves the page or something before they download they won't have a way to download the file without paying again.Yes, you are right. To use session would not make sense. If user pays, but then accidently closes the window it would only cause trouble.So, what I need to find out then:1. What kind of info can Paypal send back2. how to give the user a username/pw, store it and check if user is allowed to downloadIs this what you mean? If yes, do you know any good tutorial on this subject? Have not done anything with payments and registration before....Kurt Link to comment Share on other sites More sharing options...
clonetrooper9494 Posted January 25, 2008 Share Posted January 25, 2008 I don't know about PayPal, but read the SQL tutorial if you want people to make an account on your site. Link to comment Share on other sites More sharing options...
Hooch Posted January 25, 2008 Share Posted January 25, 2008 What about using the session, but when the user is back to your site have an email sent to the user. Have a random password generated and log in with their email. Email this info once they are back.Have a couple fields in your user database just for the paypal transaction. You will need one thatcan be updated once they are at the download page. Set that field to 1 so they cannot downloadagain. You would also need a field for the newly generated password too. This is just a thought..I have not tried it. Link to comment Share on other sites More sharing options...
Matpatnik Posted January 25, 2008 Share Posted January 25, 2008 why not create a specific table for the one that have paid. Insert the IP address in the table with the thing that is allowed to get and when he comeback you still have the information. Once he downloads it delete that row so he wont be able to get it again and if he don't buy it delete the row after 24hrs or what ever you want.------------------------------------------------------------| IP | array of information | timer | delete |------------------------------------------------------------| 234.45.5.577 | cd1,cd2,cd3 | now+24hrs | 0/1 |------------------------------------------------------------you should be able to get enough info from paypal to see if he paid or not. Link to comment Share on other sites More sharing options...
kurt.santo Posted January 28, 2008 Author Share Posted January 28, 2008 What about using the session, but when the user is back to your site have an email sent to the user. Have a random password generated and log in with their email. Email this info once they are back.Hooch, Can you explain the bit above? Not sure what you mean as session does not exist anymore when the user leaves the site. Did you mean a cookie? Or am I completely wrong here?Matpatnik,It sounds good to use IP addresses, but do not most internet access providers provide dynamic ips, so a user would not "keep" the same ip address?Kurt Link to comment Share on other sites More sharing options...
Hooch Posted January 29, 2008 Share Posted January 29, 2008 As long as the same browser is being used your session will be alive. Someone correct me if I'm wrong, but I do that all the time with my sites. No cookies need be set up at all. Link to comment Share on other sites More sharing options...
Hooch Posted January 29, 2008 Share Posted January 29, 2008 Matpatnik,It sounds good to use IP addresses, but do not most internet access providers provide dynamic ips, so a user would not "keep" the same ip address?Kurt That would not be an issue with Matpatnik's set up. Notice the 24hrs time frame to download the product. Now it's possible to have an IP change in that time I guess, but you could shorten that time and let the purchaser know that they have x amount of time to download. I would suggest combining his and my set up. You should send an email with the info any way. Link to comment Share on other sites More sharing options...
kurt.santo Posted January 29, 2008 Author Share Posted January 29, 2008 That would not be an issue with Matpatnik's set up. Notice the 24hrs time frame to download the product. Now it's possible to have an IP change in that time I guess, but you could shorten that time and let the purchaser know that they have x amount of time to download. I would suggest combining his and my set up. You should send an email with the info any way.I will see what I come up with. Thanks for your inputs. Might come back if I cannot make it work...KurtGrand aspirations, little brains;-) Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.