Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 10 of 10
  1. #1
    New Coder
    Join Date
    Dec 2008
    Posts
    18
    Thanks
    3
    Thanked 0 Times in 0 Posts

    Generate PIN codes for shopping cart solution

    Hello,

    I have a project that I am looking to start soon.

    I need to be able to generate unique PIN codes (lots of em) which will be distributed via flyers / "credit cards" to potential clients. The client then logs on to my site and puts the code in, which directs them to a purchase page for a downloadable product.

    I've looked around at some shopping cart providers, and none seem to have this functionality out of the box, but some come close with an add on - instead of being able to provide serials to users, these shopping cart scripts send the code to the user once the downloadable product is bought, rendering the marketing idea useless.

    So, I am contemplating writing up my own PHP script that accesses a SQL db full of PINs and relevant redirect addresses to the product page via a search query.

    Can anyone offer me guidance to this solution? I just got O'Riely's php book that I am reading (have been working with php for years now but don't know how to code it myself yet), and I would greatly appreciate any suggestions!
    Last edited by nockemout; 03-16-2010 at 09:15 PM.

  • #2
    Master Coder
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    9,549
    Thanks
    8
    Thanked 1,095 Times in 1,086 Posts
    What are the filetypes and sizes of the downloadable files?

  • #3
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,994
    Thanks
    4
    Thanked 2,662 Times in 2,631 Posts
    Generation of unique data is not the most difficult of tasks. Its a matter of ensuring that the length is proper; even using something like a UUID version 4 is randomized, but the number of potential combinations really minimizes the effects of collisions. That's a 128bit representation, so that provides what, 3 x 10^38 combinations? Thats huge.
    I think the pear has a UUID generation class within it. If not, just wiki up uuid generation and code you're own V4 generator in PHP with pack. Thats the absolute easiest way I can think of to create non-incremental low collision identifiers.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 
    Been gone for a few months, and haven't programmed in that long of a time. Meh, I'll wing it ;)

  • Users who have thanked Fou-Lu for this post:

    nockemout (03-16-2010)

  • #4
    New Coder
    Join Date
    Dec 2008
    Posts
    18
    Thanks
    3
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by mlseim View Post
    What are the filetypes and sizes of the downloadable files?


    For now it's .mp3, 3-6mb
    Last edited by nockemout; 03-16-2010 at 09:25 PM.

  • #5
    New Coder
    Join Date
    Dec 2008
    Posts
    18
    Thanks
    3
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Fou-Lu View Post
    Generation of unique data is not the most difficult of tasks. Its a matter of ensuring that the length is proper; even using something like a UUID version 4 is randomized, but the number of potential combinations really minimizes the effects of collisions. That's a 128bit representation, so that provides what, 3 x 10^38 combinations? Thats huge.
    I think the pear has a UUID generation class within it. If not, just wiki up uuid generation and code you're own V4 generator in PHP with pack. Thats the absolute easiest way I can think of to create non-incremental low collision identifiers.
    Thank you! That is very helpful information.

  • #6
    Senior Coder
    Join Date
    Jul 2009
    Location
    South Yorkshire, England
    Posts
    2,318
    Thanks
    6
    Thanked 304 Times in 303 Posts
    UUID generator function.

    Code:
    function generate_uuid()
    {
            $chars = array('a', '8', 'b', '9');
    
            $base = '%04x%04x-%04x-4%s-%s%s-%04x%04x%04x';
    
            return sprintf($base,
                    mt_rand(0, 65535),
                    mt_rand(0, 65535),
                    mt_rand(0, 65535),
                    substr(sha1(mt_rand(2000, 65535)), mt_rand(0, 15), 3),
                    $chars[rand(0, 3)],
                    substr(sha1(mt_rand(3000, 65535)), mt_rand(20, 35), 3),
                    mt_rand(0, 65535),
                    mt_rand(0, 65535),
                    mt_rand(0, 65535));
    }

  • #7
    Master Coder
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    9,549
    Thanks
    8
    Thanked 1,095 Times in 1,086 Posts
    You store all of your MP3 files in one directory ... tucked away.

    When someone buys a file, you assign a random code ...
    where the code AND the real filename is added to a row in your database,
    associated with the user's email, or account (however you do your database).

    You email them with a link to a PHP script and the code as a PHP variable.
    Your PHP script will serve them the file without giving away the location.
    You can then choose to delete that row in your database, or use some sort
    of date/time thing that allows them a certain amount of time to do it again.

    Here's an example of serving a PDF file to a user with a code:
    http://www.catpin.com/pf.php?file=8uj321

    I can choose to remove that code from my database once you click the link,
    or after a certain number of clicks, or after a certain amount of time.
    Each user that purchases that file would be given a unique random code,
    but it's really the SAME file, no matter what code is used. And all of my
    PDF files are in the same directory, using their original filenames.
    The random code is only used to "connect" between the user and the file.

    It can be any filetype, PDF, MP3, JPEG, etc.

    The only thing you can't control is the user giving copies of it to other people.


    Here is the script for serving the PDF files I have ... sort of a summary of the script:
    PHP Code:
    <?php

    // get the random number from the URL
    $number=$_GET['file'];

    if(
    $number){

    // here I open my database and match the number to the filename.
    // $file = the name of the PDF file.

    $file=rtrim($file);

    // Your $path would be your own website's path to your files ...

    $path "/home/users/web/b75/ipw.yoursite/public_web/myvideos/".$file// the file made available for download via this PHP file
    $mm_type="application/octet-stream"// modify accordingly to the file type of $path, but in most cases no need to do so

    header("Pragma: public");
    header("Expires: 0");
    header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
    header("Cache-Control: public");
    header("Content-Description: File Transfer");
    header("Content-Type: " $mm_type);
    header("Content-Length: " .(string)(filesize($path)) );
    header('Content-Disposition: attachment; filename="'.basename($path).'"');
    header("Content-Transfer-Encoding: binary\n");

    readfile($path); // outputs the content of the file

    exit();
    }
    else{
    header ("location: http://www.yoursite.com");
    }
    ?>



    .
    Last edited by mlseim; 03-16-2010 at 11:39 PM.

  • Users who have thanked mlseim for this post:

    nockemout (03-17-2010)

  • #8
    New Coder
    Join Date
    Dec 2008
    Posts
    18
    Thanks
    3
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by mlseim View Post
    You store all of your MP3 files in one directory ... tucked away.

    When someone buys a file, you assign a random code ...
    where the code AND the real filename is added to a row in your database,
    associated with the user's email, or account (however you do your database).

    You email them with a link to a PHP script and the code as a PHP variable.
    Your PHP script will serve them the file without giving away the location.
    You can then choose to delete that row in your database, or use some sort
    of date/time thing that allows them a certain amount of time to do it again.

    Here's an example of serving a PDF file to a user with a code:
    http://www.catpin.com/pf.php?file=8uj321

    I can choose to remove that code from my database once you click the link,
    or after a certain number of clicks, or after a certain amount of time.
    Each user that purchases that file would be given a unique random code,
    but it's really the SAME file, no matter what code is used. And all of my
    PDF files are in the same directory, using their original filenames.
    The random code is only used to "connect" between the user and the file.

    It can be any filetype, PDF, MP3, JPEG, etc.

    The only thing you can't control is the user giving copies of it to other people.


    Here is the script for serving the PDF files I have ... sort of a summary of the script:
    PHP Code:
    <?php

    // get the random number from the URL
    $number=$_GET['file'];

    if(
    $number){

    // here I open my database and match the number to the filename.
    // $file = the name of the PDF file.

    $file=rtrim($file);

    // Your $path would be your own website's path to your files ...

    $path "/home/users/web/b75/ipw.yoursite/public_web/myvideos/".$file// the file made available for download via this PHP file
    $mm_type="application/octet-stream"// modify accordingly to the file type of $path, but in most cases no need to do so

    header("Pragma: public");
    header("Expires: 0");
    header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
    header("Cache-Control: public");
    header("Content-Description: File Transfer");
    header("Content-Type: " $mm_type);
    header("Content-Length: " .(string)(filesize($path)) );
    header('Content-Disposition: attachment; filename="'.basename($path).'"');
    header("Content-Transfer-Encoding: binary\n");

    readfile($path); // outputs the content of the file

    exit();
    }
    else{
    header ("location: http://www.yoursite.com");
    }
    ?>



    .

    Wow, THANK YOU!

    One thing though.. I see how you are able to assign a random code to connect the user to the file. This is a different from the code I use to connect the user to the purchase page, correct?

  • #9
    Master Coder
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    9,549
    Thanks
    8
    Thanked 1,095 Times in 1,086 Posts
    The code can be anything you want it to be ...
    It's just a way for the PHP script to match it to the "real filename".

    You just want to make sure nobody else can figure out what it is by using brute force.

    You may want to make it so the user's email AND the code must both match.
    Using MySQL queries pretty much gives you endless possibilities.
    Don't forget you can JOIN two MySQL tables together ... shopping cart and download script?

  • #10
    New Coder
    Join Date
    Dec 2008
    Posts
    18
    Thanks
    3
    Thanked 0 Times in 0 Posts
    That means I have some reading to do

    Thanks!


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •