| 5:57 am on Mar 30, 2010 (gmt 0)|
This looks familiar... might try the direct paypal or google check out services. Works a charm!
| 6:10 am on Mar 30, 2010 (gmt 0)|
If you won't be doing it too often, you can just have a PayPal account with a payment button on the site. Then just email it to them when they pay. Maybe just put a note on there that it has to be sent manually, so they won't freak out and start asking where their file is two seconds after they pay. That's the most basic way to do it.
| 6:23 am on Mar 30, 2010 (gmt 0)|
Don't make things to simple with paypal. I remember in the "good old days" merchants used to place the return address within the button code and this basically pointed users to the destination of the download.
If where you I would look into using a simple Paypal IPN script, there are loads of code samples available on the paypal site or script resource sites such as hotscripts.com
What I would do is request the user fills out their email address and click a purchase link/button. Inform the user their download will be emailed to the email address they specify.
Once they click purchase they are passed to paypal to pay for the goods. They are then returned to a page on your site. If the IPN service returns a "paid" notice it informs the user that the product has been emailed to their email address. Have a simple script to email the file. If not it informs them there has been a problem and provides an email address for support.
It's not really overkill for a single product, the entire process could be done using only a few php files.
| 6:42 am on Mar 30, 2010 (gmt 0)|
Thanks for the quick reply!
I would prefer a system that is "hands free" meaning I didn't have to manually send the file.
Can it be done (well I am sure it can, just- how is more the question) so that once the buy link is selected they procceed to the payment page and once the funds are cleared, they can download the file then and there?
I am sure that may be more advanced, or expensive but what would be required if that is what I desire?
Paypal seams to have all bases covered, I will likely call or request some info.
Considering that a automated system is what i have in mind - Would using Paypal be a good choice?
Also I have seen a company called payloadz.com - Any reivew on the service they offer?
| 6:50 am on Mar 30, 2010 (gmt 0)|
If desire is automated, then install the scripts on your server and do it from there. That's the best way. There are few short cuts. Question is, how many sales do you think you will get? If more than 100 a month then you might want to look for a merchant account and shopping cart. If less than that do it manually via the paypal or google check out button options.
| 7:58 am on Mar 30, 2010 (gmt 0)|
I do this and I use a system called Softseller (google it) in conjunction with Paypal. This automates the process for you. I have been using it for about six months and it works a treat for me.
| 3:31 pm on Mar 30, 2010 (gmt 0)|
When you create a button at PayPal these days, the return page is no longer coded into the button code, so it's not revealed.
On your web page, put a PayPal button that goes to your PayPal payment page (PayPal has a PDF Help file about, I think, "Website Payments Standard" that goes through the details.)
When you're creating the button, the return page "if payment is canceled" can be the same web page the visitor came from on your site.
The return page "after payment is successful" can be to another, secret, page on your site that has the download link on it. The way to make this page secret is a) there must be NO incoming links to it from any other page on your site, b) use a meta tag to make it noindex,nofollow, c) it must have no outgoing links from it to any other page on your site, except, if needed, to another page that is also noindex,nofollow. d) do not use Google Analytics or any other tracking service on the secret page. Do not refer to the hidden page in robots.txt, either.
The goal is that your secret page (and also the name of the download file itself) must not be findable by Google or anyone else (so it doesn't get indexed). It must not appear anywhere (other than your website's raw access logs) as a URL or as a referring page.
That's still not foolproof. The URLs of the secret page or the download file can become known by a couple of other methods that I won't describe, or be intentionally revealed to others by someone who has visited it, but presumably you will notice that fairly quickly (seeing unauthorized unpaid downloads in your access logs) and can change the download file's name, or the name of the download page, etc.
That's a reasonably trouble-free hands-off method if the file is unlikely to be hugely popular. If it does get popular, you might have a lot of trouble with unauthorized downloads and have to switch to a method that actually has some real security.
Just thought of an idea that I've never tried. At PayPal, what if the "return page after payment is successful" were the URL of the actual .pdf or .zip file itself?
Ok, having suggested it, now I'll kill off the idea for anyone else who comes along later wondering about it... It's not a good idea: a) if the download fails, they have no way to try again unless they are more sophisticated about URLs and browser history than many people are, and b) PayPal requires that the return page provide the user with certain text, things like "Your payment was successful and PayPal has sent you an email..." You could put that in the zip, too, but I doubt that would satisfy the PayPal requirement.
| 6:17 pm on Mar 30, 2010 (gmt 0)|
The problem with the secret page idea idea is that once anyone has been to it its no longer a secret. nothing to stopped them passing the link about. I would always look for an automated authorization solution.
| 6:17 pm on Mar 30, 2010 (gmt 0)|
The problem with the secret page idea is that once anyone has been to it, its no longer a secret. nothing to stop them passing the link about. I would always look for an automated authorization solution.
| 6:21 pm on Mar 30, 2010 (gmt 0)|
This will sound stupid but I have had it happen.
Make sure that you have a clearly defined "return policy". You won't believe how many people think that they can return a digital product.
I have seen people email back a PDF and ask for a refund.
| 6:34 am on Apr 1, 2010 (gmt 0)|
Thanks for all the info!, & I can't believe that people would try to return it after they download it.
| 5:47 pm on Apr 1, 2010 (gmt 0)|
|The problem with the secret page idea is that once anyone has been to it, its no longer a secret. nothing to stop them passing the link about. I would always look for an automated authorization solution. |
Yes, but the PDF itself is no longer a secret once anyone has downloaded it. They can republish it or pass it around, whatever. That risk always exists no matter how you do it, so the secret page combined with hotlink protection at least protects from robot indexing and abuse of your bandwidth, while it doesn't add much risk that doesn't already exist. The only way you can completely protect something is by not publishing it.