Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5

Thread: Securing a page

  1. #1
    New Coder
    Join Date
    Sep 2009
    Posts
    48
    Thanks
    1
    Thanked 1 Time in 1 Post

    Securing a page

    Ok how can I secure my registration page so that only people who have paid get access to it?


    for example :

    http://www.xxxxxxxx.com/register.php is where you can register - but that is where the paypal success redirects to - so after they pay they register...but is there a way I can block people from that page so its only accessible if they paid?

    It needs to be automated and secure.

    Angelous

  • #2
    Codeasaurus Rex
    Join Date
    Jun 2008
    Location
    Redmond, WA
    Posts
    659
    Thanks
    31
    Thanked 100 Times in 94 Posts
    Well what I would do if I were you is have them register to pay. That way you can track their account and then when they pay you can flip a variable in your database signifying they can pay and then give them access to "members" areas.

    Using that method it also gives you the ability to perhaps send periodic automatic e-mails to users whom have registered but not paid saying something to the tune of "Hey, thanks for registering! Don't forget we've got all these wonderful things if you pay! You can pay <here>."

    Just some unsolicited advice there.

    If you would rather try to have them register after payment the only way I can think of off hand is if you somehow were able to confirm they were coming from a specific website (in this case PayPal). I know PayPal allows you to specify a completion page that they are sent to after the user pays money - you could always make that page your registration page with a security variable (ie: http://mywebsite.com/register.php?security=XYZ123) then run a check: if( $_REQUEST['security'] != "XYZ123" ){ die( "Access Denied" ); }.

    The downside to the method I listed above is that anyone who has the security variable could then register on your website without trouble.

    I hope this provides you some insight into the situation. Someone else may well have a more secure alternative than the one I presented.
    Unless otherwise stated, any code posted is most likely untested and may contain syntax errors.
    My posts, comments, code, and suggestions reflect only my personal views.
    Web Portfolio and Code Snippets: http://shanechism.com

  • #3
    New Coder
    Join Date
    Sep 2009
    Posts
    48
    Thanks
    1
    Thanked 1 Time in 1 Post
    Thats exactly what I needed. How do I implement that?


    I have it so that when they complete their payment - Paypal directs them to complete.php

    Do I just put in the link on my paypal - instead of www.xxxxxx.com/complete.php

    make it

    www.xxxxxxx.com/complete.php?security=xyz1234


    and then add the request['security'] bit into the php code of complete.php?

  • #4
    New Coder
    Join Date
    Oct 2009
    Posts
    78
    Thanks
    1
    Thanked 2 Times in 2 Posts
    Yeah Angelous you could do that, i would however i'd take a look in IPN(Instant Payment Notification) from paypal, in this way you can let complete.php automatically store all payment info in the mysql database, it can also send out an email.

  • #5
    New Coder
    Join Date
    Sep 2009
    Posts
    48
    Thanks
    1
    Thanked 1 Time in 1 Post
    I tried that - I don't have sufficient programming skills to implement it. However the prevous irdea is good - just I can't seem to get it to work :S

    Angelous


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •