FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Secure website
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Secure website [message #183558 is a reply to message #183555] Thu, 31 October 2013 14:27 Go to previous messageGo to previous message
Graham Hobbs is currently offline  Graham Hobbs
Messages: 42
Registered: September 2010
Karma:
Member
On Wed, 30 Oct 2013 23:03:42 -0400, Jerry Stuckle
<jstucklex(at)attglobal(dot)net> wrote:

> On 10/30/2013 7:15 PM, Graham Hobbs wrote:
>> On Wed, 30 Oct 2013 14:56:12 -0400, Jerry Stuckle
>> <jstucklex(at)attglobal(dot)net> wrote:
>>
>>> On 10/29/2013 11:02 PM, Graham Hobbs wrote:
>>>> Hellop,
>>>>
>>>> I have an ordinary website (all PHP), it has no 'conscious'
>>>> protections, just code that does a job. One page (not written yet
>>>> because I don't know how), will advertise a product for sale.
>>>>
>>>> My concept is that a buyer goes to a paypal screen, does the
>>>> necessary, when payment is verfified and paid, an email is
>>>> automatically sent to the buyer with a download key. At the buyers
>>>> dicretion, they go to the download page, enter the key and the
>>>> software gets downloaded. Is this sort of thing a novice PHP'er could
>>>> do.
>>>>
>>>> I'd like to be sort of semi-conversant before I contact paypal. Is the
>>>> above feasible, is my ordinary website secure, is there a specific set
>>>> of PHP'ish or other 'things to do'
>>>> e.g.
>>>> ... how to prevent more than one download, do I store the software
>>>> package on my ISP's server, is it safe, since it has several exe files
>>>> would they be in a zip file, how to assign a download key, let the
>>>> whole process be automated?
>>>>
>>>> .. starter clues appreciated, thanks,
>>>>
>>>> Graham Hobbs
>>>>
>>>
>>> A couple of questions:
>>>
>>> 1. What happens if that "one download" is unsuccessful? Are you going
>>> to make the buyer pay again?
>> - OF COURSE .. just a joke!
>> - I would guess a failed download would be rare but if so, an email
>> would ensue and |'d reply with an attachment - reasonable?
>
> Less rare than you would think. And how would you check to see if the
> download failed or not?
I wouldn't, I'd expect an email from the buyer. Is there a rule of
thumb way to check?
>
>>>
>>> 2. What is to stop one person from buying your program, then sending it
>>> off to all of his friends (or uploading it to another site)?
>> - doesn't all software face that problem? .. is there a solution?
Would be most interested in commentary on this.
>>>
>>> You can do it, but in addition to the other comments about PayPal - if
>>> they have a system outage, it can take several hours (even after they
>>> make it back up) for them to process the payment. It doesn't happen
>>> often, but it does occur.
>> - my software has a small audience, I would expect this not to be a
>> concern
>>
>
> Famous last words...
>
> If your audience is so small, why do you worry about it?
Well I hope 'not SO small':-). Am not worried. Given the small number
of buy operations and infrequency of Paypal downtime, concurrency of
these events would be remote.
But I do worry about some nasty intercepting and cocking up any part
of the process from 'the buy page' through to emailing a 'key' and the
subsequent download. Not infecting buyers is the point.
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: reading files with accents in the filename from PHP
Next Topic: No action desired until one button is clicked
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Wed Nov 27 01:00:06 GMT 2024

Total time taken to generate the page: 0.05356 seconds