Hello All, I have posted Perl source for access control using shopping cart interface, here are usage guidelines and file formats descriptions.
1. You should comment out one debug line -- # print "HASH:", $keyaccess, "\n"; 2. Configuration. $md5name = '/sbin/md5'; # the location of md5 checking software, # in FreeBSD operating system. $mailname = '/usr/sbin/sendmail -U -t'; # location and options for sendmail software, # in FreeBSD operating system. $notifyname = '[EMAIL PROTECTED]'; # this is electronic mail address of script administrator. $fromname = $notifyname; # this is electronic mail address # from which you want script messages to buyers # appear to originate. $pathname = '/usr/home/salnikov/'; # base path for your hosting account, # you should have the ability to use space # outside of Web root location. # test/acks directory # should have list/read/write permissions. $memoname = $pathname . 'test/acks/memo'; # the file where all attempts to buy something are logged, # read/write permissions. # # A:B:C:D:E:F:G:H:I:J:K:L:M:N<newline> # # A = PAYMENT_ID # B = PAYEE_ACCOUNT # C = PAYMENT_AMOUNT # D = PAYMENT_UNITS # E = PAYMENT_METAL_ID # F = PAYMENT_BATCH_NUM # G = PAYER_ACCOUNT # H = md5 hash of alternate passphrase. # I = ACTUAL_PAYMENT_OUNCES # J = USD_PER_OUNCE # K = FEEWEIGHT # L = TIMESTAMPGMT # M = V2_HASH # N = MAIL $accessname = $pathname . 'test/acks/access'; # the file with list of products identificators # with merchant account numbers and payment details, # read permissions. # # A^B^C^D^E^F<newline> # # A = PAYMENT_ID # B = PAYEE_ACCOUNT # C = PAYMENT_UNITS # D = PAYMENT_AMOUNT # E = PAYMENT_METAL_ID, may be 0 if do not care. # F = data for sale like file URL address etc. # # V1000^777777^1^1.0^0^http://dmitry-salnikov.com/zero.zip # V1001^777777^1^1.0^0^http://dmitry-salnikov.com/one.zip # MONTH^777777^1^2.0^0^http://dmitry-salnikov.com/month.zip # WEEK^777777^1^1.0^0^http://dmitry-salnikov.com/week.zip $checkname = $pathname . 'test/acks/check'; # temporary file used as input for md5 checking software, # read/write permissions. # # A:B:C:D:E:F:G:H:I:J:K:L # # A = PAYMENT_ID # B = PAYEE_ACCOUNT # C = PAYMENT_AMOUNT # D = PAYMENT_UNITS # E = PAYMENT_METAL_ID # F = PAYMENT_BATCH_NUM # G = PAYER_ACCOUNT # H = md5 hash of alternate passphrase. # I = ACTUAL_PAYMENT_OUNCES # J = USD_PER_OUNCE # K = FEEWEIGHT # L = TIMESTAMPGMT $lockname = $pathname . 'test/acks/lock'; # lock file for md5 checking, # read permissions. # test/pass directory # should have list/read/write permissions. $locktimers = $pathname . 'test/pass/lock'; # lock file for password access updates, # read permissions. $hidetimers = $pathname . 'test/pass/.htpasswd'; # Apache file with user:hash pairs, # user names are Unix style decimal seconds # for the time when subscription expires, # read/write permissions. # # 1008607737:gpN/5mwH9CjfY # 1010684646:jDwK7oU0nZUG6 # public_html/test/pass protected directory # should have list/read/write permissions. $showtimers = $pathname . 'public_html/test/pass/.htaccess'; # Apache file with list of users # who have access to protected directory, # user names are Unix style decimal seconds # for the time when subscription expires, # read/write permissions. # # AuthUserFile /usr/home/salnikov/test/pass/.htpasswd # AuthGroupFile /dev/null # AuthName Nomina # AuthType Basic # # <LIMIT GET POST HEAD> # require user 1008607737 # require user 1010684646 # </LIMIT> $HASHVALUES{'999999'} = 'SECUREXHASHXOFXSECONDXPASSPHRASE'; $HASHVALUES{'777777'} = 'MD5XHASHXOFXALTERNATEXPASSPHRASE'; # merchant account numbers with md5 hashes of alternate passphrases, # they correspond to account numbers in 'access' file. 3. There are MONTH and WEEK preconfigured subscription options, they are PAYMENT_ID's in 'access' file and are hard coded as flags to generate user names and corresponding passwords in the script. 4. Login name and random generated password are sent to user supplied electronic mail address, you may want to add address checks here. 5. Expired subscriptions are deleted when new subscriptions are purchased thus if you have sold one subscription then this happy user will have access to your protected directory forever. 6. Sample payment form is below, you should place your account number there. Respectfully yours, Dmitry Salnikov, http://dmitry-salnikov.com/index.htm International business catalogue for e-gold users, http://dmitry-salnikov.com/veda.htm Gold Web Ring traffic maker for e-gold sites, http://o.webring.com/hub?ring=gold FreeBSD, Linux, C/C++, Perl, ... Web software development services, English / Russian translations. o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o <FORM METHOD=POST ACTION="https://www.e-gold.com/sci_asp/payments.asp"; TARGET="_top"> You have decided to pay<BR> <INPUT TYPE=TEXT NAME="PAYMENT_AMOUNT" VALUE="1.0" SIZE=9> <SELECT NAME="PAYMENT_UNITS"> <OPTION VALUE=8888>grams</OPTION> <OPTION VALUE=9999>ounces</OPTION> <OPTION VALUE=1 SELECTED>USD</OPTION> <OPTION VALUE=2>CAD</OPTION> <OPTION VALUE=61>AUD</OPTION> <OPTION VALUE=33>FRF</OPTION> <OPTION VALUE=41>SFR</OPTION> <OPTION VALUE=44>GBP</OPTION> <OPTION VALUE=49>DEM</OPTION> <OPTION VALUE=81>JPY</OPTION> </SELECT> of <SELECT NAME="PAYMENT_METAL_ID"> <OPTION VALUE=1 SELECTED>gold</OPTION> <OPTION VALUE=2>silver</OPTION> <OPTION VALUE=3>platinum</OPTION> <OPTION VALUE=4>palladium</OPTION> </SELECT> for one week subscription.<BR> <INPUT TYPE=HIDDEN NAME="PAYEE_ACCOUNT" VALUE="777777"> <INPUT TYPE=HIDDEN NAME="PAYEE_NAME" VALUE="Merchant"> <INPUT TYPE=HIDDEN NAME="STATUS_URL" VALUE="http://dmitry-salnikov.com/cgi-bin/check.pl";> <INPUT TYPE=HIDDEN NAME="PAYMENT_ID" VALUE="WEEK"> <INPUT TYPE=HIDDEN NAME="PAYMENT_URL" VALUE="http://dmitry-salnikov.com/index.htm";> <INPUT TYPE=HIDDEN NAME="PAYMENT_URL_METHOD" VALUE=LINK> <INPUT TYPE=HIDDEN NAME="NOPAYMENT_URL" VALUE="http://dmitry-salnikov.com/index.htm";> <INPUT TYPE=HIDDEN NAME="NOPAYMENT_URL_METHOD" VALUE=LINK> <INPUT TYPE=HIDDEN NAME="SUGGESTED_MEMO" VALUE="Subscription"> <INPUT TYPE=HIDDEN NAME="BAGGAGE_FIELDS" VALUE="MAIL"> <INPUT TYPE=TEXT NAME=MAIL SIZE=60 VALUE="[EMAIL PROTECTED]"><BR> enter your electronic mail address above please.<BR> <INPUT TYPE=SUBMIT VALUE=" Click this button please. "><BR> </FORM> --- You are currently subscribed to e-gold-list as: archive@jab.org To unsubscribe send a blank email to [EMAIL PROTECTED] http://www.e-gold.com/stats.html lets you observe the e-gold system's activity now!
