vend-bot?

OK, I want to send someone back from paypal to a thank you page;
this reloads to the actual file they will purchase. BUT, I want to
include a magic cookie that will prevent someone else from going to
that url at a later time and getting the payload without paying for
it. Any thoughts on how to build a secure vendobot? Let's discuss
this in this thread.

--
end

Very Truly yours,
- Kirk Bailey,
Largo Florida

kniht
+-----+
| BOX |
+-----+
think


--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: vend-bot?

On Jul 3, 2011, at 10:58 AM, Kirk Bailey wrote:

> OK, I want to send someone back from paypal to a thank you page;
> this reloads to the actual file they will purchase. BUT, I want to
> include a magic cookie that will prevent someone else from going to
> that url at a later time and getting the payload without paying for
> it. Any thoughts on how to build a secure vendobot? Let's discuss
> this in this thread.

I'm not at all familiar with the paypal API, but i'm thinking if you
could send along a unique signature generated by the application
making the call to paypal, such as generating an md5 checksum with
timestamp, squirreling it away, then have the return page from paypal
invoke the same signature you could check against that?


--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php