Paypal IPN Help Needed - PHP Server Side Scripting forum at WebmasterWorld - WebmasterWorld

Forum Moderators: coopster

Message Too Old, No Replies

Paypal IPN Help Needed

aritrim

4:54 am on May 22, 2005 (gmt 0)

10+ Year Member

Hello Friends,
I have integrated Paypal IPN and now that users are getting an instant download prompt after the payment.

The way i have done it is after getting IPN verified script calls -
$id = md5(uniqid(rand(), true));
$fh = fopen($scodes_file, 'a');
fwrite($fh, "$id\n");
fclose($fh);
header( "Location: $http_root/ipn_download.php?id=$id" );

and following is the content of download.php
<?php
include_once("ipn_config.php");
$fd = fopen("$scodes_file", "rb");
$content = fread($fd, filesize($scodes_file));
fclose($fd);
$scodes_arr = preg_split('/\n/', $content, -1, PREG_SPLIT_NO_EMPTY);

if ( in_array($_REQUEST[id], $scodes_arr) ) {
$product_fname = basename($product_file);
header("Content-Type: application/octet-stream\n");
header("Content-Disposition: attachment; filename=\"$product_fname\"\n\n");
$fp = fopen($product_file,"r");
fpassthru($fp);
fclose($fp);
exit();
} else {
require($denial_wpage);
exit;
}
?>

All I want to do us email the user the same download link with an expiry time for example 24 hrs and so on. How do I do that. Any help will be appreciated.
Thanks in advance :-)

ergophobe

4:45 pm on May 25, 2005 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

Send the email before you send the header (in either file), save the current time in the DB keyed to the download id, and then have the download.php script check your database to see if the difference between the time saved in the DB and now() is more than 24 hours.

How does that sound?

aritrim

5:33 pm on May 25, 2005 (gmt 0)

10+ Year Member

sounds good :) but how can I avoid a database? Can I use a flat file rather? I am confused because there are a lot of ready made scripts available who use "expiring of links" but without a db. :(

ergophobe

7:20 pm on May 25, 2005 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

You could avoid the DB by using a flat file, but if you had lots of traffic thousands per day) it would slow things down a lot and take more memory.

If you'll only have a couple hundred transactions a day, you could do it from a CSV file or some such thing. I just think it would be harder to manage.

You could perhaps avoid the DB, server based or flat-file altogether with this simple idea. No guarantees on how well it would work.

When you create the download link, create a personal copy of the file. So if your file is file.exe, you would create a copy called file2340.exe. Other possibilities would be things like
filenameMemberName.exe
md5($filename . $id)

Now, when someone requests that file, you check the file timestamp. Older than 24 hours or the file doesn't exist, and you give them an error message saying their download window is over.

use filemtime() to get the file creation time. Don't forget to use clearstatcache when checking file timestamps or whether or not files exist.

Then you run a chron job every night at 2am or whenever your traffic is lowest, that just goes through and deletes any files more than 48 hours old (don't do 24 hours b/c you might have concurrency problems).

aritrim

3:21 am on May 26, 2005 (gmt 0)

10+ Year Member

Thanks for the valuable suggestions. I have now two options to test and see. But the db is more robust and authentic...no doubt on that. Let me give them a try :-) Thanks again.