I am building a shopping cart from the ground up for the software company I work for. Among other things that will be available in our store will be our software applications. Up to now we've shipped all of our apps. on CDs, however we want to implement a system where users will be able to download the software directly from our site upon purchasing. Does anyone have any experience with developing a system like this? I'm not looking for code, but rather a high-level discussion of the best practices for implementing such a system, in terms of security and pitfalls that may have been encountered by others during their development experience.
Any ideas/thoughts are greatly appreciated!
Downloadable Applications
Moderator: General Moderators
- Chris Corbyn
- Breakbeat Nuttzer
- Posts: 13098
- Joined: Wed Mar 24, 2004 7:57 am
- Location: Melbourne, Australia
Thanks for your thoughts, timvw. I've already given thought to the first and third questions you presented, and the "powers that be" here are leaning toward a download limit as opposed to a time limit. I wanted to use both, but it was decided that the customers should be able to download in their own timeframe. So, I lost that argument.
I hadn't considered downloads failing, though. Our applications are fairly small in size (< 10 MB), so in my mind the frequency of download failure likely isn't going to be high enough such that download resumption would need to be included. HOWEVER, I think it would be best to add it if it didn't add significantly to development time.
So, my more specific questions right now are:
1. Are there any popular methods for protecting/hiding the location of the file to be downloaded? Obviously, I don't want to simply redirect the user to the file upon validating that they should be allowed to download it (no link sharing, you naughty user, you!).
2. Are there any popular methods for file download resumption upon failure? (Thanks, timvw!)
I hadn't considered downloads failing, though. Our applications are fairly small in size (< 10 MB), so in my mind the frequency of download failure likely isn't going to be high enough such that download resumption would need to be included. HOWEVER, I think it would be best to add it if it didn't add significantly to development time.
So, my more specific questions right now are:
1. Are there any popular methods for protecting/hiding the location of the file to be downloaded? Obviously, I don't want to simply redirect the user to the file upon validating that they should be allowed to download it (no link sharing, you naughty user, you!).
2. Are there any popular methods for file download resumption upon failure? (Thanks, timvw!)