Now that the products table has been created, you will need to insert test products into it. In this tutorial series, I'm using two sample ebooks. These products are the ones that appear on the shopping page created in the second part of this tutorial: http://www.devshed.com/c/a/PHP/Creating-a-Paypal-IPN-System-in-PHP-Part-Two/
It is important that the product name and the product price exactly match what you are using in your PayPal buttons created in the second part of this tutorial. Below are the products that need to be inserted:
First test product
ProductName: Codex Ebook
Second test product
ProductName: How to behave like a child
Below is the MySQL insert command for the first product (you can also use phpMyAdmin to insert these products):
mysql> INSERT INTO productstable (ProductName,ProductPrice,Filename) VALUES ('Codex Ebook','30','codexebook.pdf');
And for the second product:
mysql> INSERT INTO productstable (ProductName,ProductPrice,Filename) VALUES ('How to behave like a child','15','howtobehavelikeachild.pdf');
This is what the products look like after being inserted:
Upload Your Products into Your Test Server
Now that all of the database tables have been created, you are ready to upload your digital products (ebooks for example) to your hosting server. Follow the detailed steps below.
1. Suppose you will place your digital products inside a folder named "ebookdownloads." Also, suppose we will place the "ebookdownloads" folder inside the "paypal_ipn_demo" folder, which was created in the second part of this tutorial series. We will be doing this for testing purposes.
You will need to create the foldername "ebookdownloads" inside the "paypal_ipn_demo" folder using an SSH client, and then assign a folder permission of 755.
2. Now that the folder has been created, upload the two test products, codexebook.pdf and howtobehavelikeachild.pdf, to the "ebookdownloads" folder.
You can download the sample ebook used in this tutorial (unzip and extract the ebooks first): http://www.php-developer.org/wp-content/uploads/tutorials/sample_ebook.zip
The recommended file permission for the ebook is 644.
3. You also need to protect the ebook from direct downloading (using a browser and any other methods). You will be using the .htaccess method to deny public access to these ebooks.
If you are not going to protect this, then malicious users might be able to figure out the URL path of your ebook and download it without paying in PayPal.
To create an .htaccess file:
First, open a text editor (notepad or gedit in Linux), and add the following lines:
Save this file as .htaccess (do not forget to include a dot before the filename), and then upload the .htaccess file inside the ebookdownloads folder.
This is what it looks like inside an SSH client (Filezilla):
4. Try to directly download the ebook using a browser. For example, this is the actual path to download the codex ebook: http://www.php-developer.org/paypal_ipn_demo/ebookdownloads/codexebook.pdf
Downloading should be denied, and you should see the 403 forbidden error shown in the browser.
5. Reconfirm the server header status using a checker: http://gsitecrawler.com/tools/Server-Status.aspx
The result should be a 403 forbidden status:
Results of the GSiteCrawler Server-Test
Now that direct downloading permission is denied, how would the user be able to download the ebook? The secure strategy is to let PHP read the file from the ebookdownloads folder (using the readfile PHP function) and let it force downloading the purchased ebook to the user.
Using this method, no one will be able to download the ebook, except for authenticated and valid customers in your website. The details of this PHP script and other IPN related scripts will be discussed in upcoming PayPal IPN PHP script tutorials.
blog comments powered by Disqus