Page 1 of 1

What should I use? Help!

Posted: Tue Mar 28, 2006 1:06 pm
by daddyslipdisk
I have a client that has 2 pieces of software that he wants to make available for download. It's medical software, but he doesn't want it available to just anyone so he wants to regulate who gets it and has access to it. But he also wants it so that the person needs to login and then the software would be available for download. But he wants restrictions on the download meaning that the person can only download it once and it needs to generate some sort of key that is good only for that download so that it can't be distributed. I looked (and have used in the past) osCommerce and it has the download option built in as an e-commerce type of format, but a) there's no charge for the trial software so it would be easy to circumvent a product with a zero dollar amount and b) osCommerce is overkill since he only has 2 products. He's already purchased some key code generator for the full version of the software from some UK company called CodeKeepers. But that keycode regulates the full version and not the trial download.

So I guess my question is this. Is there some sort of php or MySQL code already built that can be used to regulate software downloads, but that also has built-in security features that keep the trial downloads from being abused? It doesn't have to be in any type of e-commerce setting, just maybe a login interface that a customer would go through and then be given access to the trial download. But something smart enough to know if it's not a legitimate person based on maybe zip codes, email addresses or something. Like the account activation process we had to go through to join here. help...anyone?

Posted: Tue Mar 28, 2006 1:11 pm
by JayBird
Ive deleted your other posts!!

Please only make ONE post regarding a single topic!

Thank you

Posted: Tue Mar 28, 2006 5:49 pm
by pickle
  1. Have the person log in with their credentials
  2. Upon login, generate the key necessary for that particular instance of the program
  3. Rather than giving the user a link to myprogram.exe (for example), give them a link to a download.php file
  4. That download.php file then
    1. Records the fact that the person is downloading the file
    2. Passes through the contents of the .exe file, so the person ends up downloading it
    If the person has already downloaded the file, dump an error message rather than giving them the program.

Posted: Tue Mar 28, 2006 8:31 pm
by daddyslipdisk
Ok, but how do I get it to generate that key? Is there no PHP script that does this?

Posted: Wed Mar 29, 2006 3:17 am
by jrd
You could try writing one yourself. Write a code of your own, with a type of time stamp in it and that the checking file reads from the stamp and extrapolates the date and if it's past your time limit from the server time it rejects the request.

Re: What should I use? Help!

Posted: Wed Mar 29, 2006 9:39 am
by pickle
daddyslipdisk wrote:But he wants restrictions on the download meaning that the person can only download it once and it needs to generate some sort of key that is good only for that download so that it can't be distributed.
I assumed that meant there would be a key the person would have to enter into the program when their installing it - like a serial. Regardless, that's still no way to stop distribution, as once I download it, I can send it to my buddy along with my key and *poof* he's got the program.

As for making the key, it could be as simple as:

Code: Select all

$legit_chars = 'abcdefghijklmnopqrstuvwxyz0123456789';
while(strlen($key) < 128))
{
   $key.= $legit_chars{rand(0,strlen($legit_chars)-1)};
}