encypted a link so that it cannot be shared

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
wright0768
Forum Newbie
Posts: 6
Joined: Thu Jun 24, 2010 4:20 pm

encypted a link so that it cannot be shared

Post by wright0768 »

Basically I have a thank you page on my website that updates a database after making a payment on paypal. However, someone could manually type in the thank you page url and my database would think a payment has been made. Is there a function in php where if the actual webpage is http://www.site.com/thankyou.php it would show up in the browser as http://www.site.com/somerandomstring. Then if someone shared the link http://www.site.com/somerandomstring and it was entered into the browser, they would get an error saying the page doesn't exist.
Is this possible?
jraede
Forum Contributor
Posts: 254
Joined: Tue Feb 16, 2010 5:39 pm

Re: encypted a link so that it cannot be shared

Post by jraede »

Just have it check to verify if an actual payment has been made.

But if you want to do what you're talking about, you could generate a random alphanumeric "key" and have it only usable once. Store in the database, or in some other fashion. Once someone accesses the page by using that key, remove the key from the database, so it can't be used again.
User avatar
PHPHorizons
Forum Contributor
Posts: 175
Joined: Mon Sep 14, 2009 11:38 pm

Re: encypted a link so that it cannot be shared

Post by PHPHorizons »

Hello wright0768,

You might have a second problem. What happens if the user does not click the link to go back to your website? It sounds like your thankyou page would not be accessed and that database update would not be performed.

I would recommend using PayPal's IPN system to guarantee that your database is only updated when a purchase is made and that no purchases are missed.

Cheers
wright0768
Forum Newbie
Posts: 6
Joined: Thu Jun 24, 2010 4:20 pm

Re: encypted a link so that it cannot be shared

Post by wright0768 »

I have looked a little at PayPal's IPN system however, if i am updating the database based on their username at my site which most likely differs from their paypal account, can the IPN system still update the correct record?
User avatar
PHPHorizons
Forum Contributor
Posts: 175
Joined: Mon Sep 14, 2009 11:38 pm

Re: encypted a link so that it cannot be shared

Post by PHPHorizons »

Absolutely. There is a field named "custom" that you can use in your pay pal form to pass the username. If you are already using that field for something else, then you can squeeze both in by using a CSV.
wright0768
Forum Newbie
Posts: 6
Joined: Thu Jun 24, 2010 4:20 pm

Re: encypted a link so that it cannot be shared

Post by wright0768 »

O nice thanks a lot.
User avatar
PHPHorizons
Forum Contributor
Posts: 175
Joined: Mon Sep 14, 2009 11:38 pm

Re: encypted a link so that it cannot be shared

Post by PHPHorizons »

You're welcome ;)
Post Reply