bleenzorb
01-02-2008, 09:01 PM
Greetings,
I want to use paypal to sell software license keys from my site. I have a PHP script to generate, display, and/or email a license key to the user. I think I can provide the right info to that script (user's email adr, etc.) as needed, and that isn't the problem. The problem is causing that license key script to execute for the buyer immediately after a successful PayPal purchase and no other time.
Here are my concerns:
1. There must be no way for anyone to get a license key without having paid.
2. I noticed that PayPal 'Buy Now' buttons can specify a return URL, which will direct the user back to my site. Could I use that to point to the script that generates license keys? I couldn't find out from the PayPal site--does PayPal display that link only if the customer paid, or could the customer find out the link without paying (making it possible to steal a license key)? I guess if the return URL only works when the user pays, then I'd still have to use an "encrypted" Buy Now button to prevent the return URL from showing up on the page that has the Buy Now button, right?
3. If I use this method, then if the user closes his browser immediately after paying (and doesn't return to my license key generator page), then he'll have to wait for me to see the transaction so I can manually send his license key, right?
4. If none of this is secure or reliable, is there some easy way (chron job?) to monitor incoming email for the confirmation email that comes from PayPal? If that's too difficult to do on the server, then maybe I could leave one of my home computers running an email client bot that monitors email.
Thanks for all help and ramblings,
-bleenzorb
I want to use paypal to sell software license keys from my site. I have a PHP script to generate, display, and/or email a license key to the user. I think I can provide the right info to that script (user's email adr, etc.) as needed, and that isn't the problem. The problem is causing that license key script to execute for the buyer immediately after a successful PayPal purchase and no other time.
Here are my concerns:
1. There must be no way for anyone to get a license key without having paid.
2. I noticed that PayPal 'Buy Now' buttons can specify a return URL, which will direct the user back to my site. Could I use that to point to the script that generates license keys? I couldn't find out from the PayPal site--does PayPal display that link only if the customer paid, or could the customer find out the link without paying (making it possible to steal a license key)? I guess if the return URL only works when the user pays, then I'd still have to use an "encrypted" Buy Now button to prevent the return URL from showing up on the page that has the Buy Now button, right?
3. If I use this method, then if the user closes his browser immediately after paying (and doesn't return to my license key generator page), then he'll have to wait for me to see the transaction so I can manually send his license key, right?
4. If none of this is secure or reliable, is there some easy way (chron job?) to monitor incoming email for the confirmation email that comes from PayPal? If that's too difficult to do on the server, then maybe I could leave one of my home computers running an email client bot that monitors email.
Thanks for all help and ramblings,
-bleenzorb