This might be off topic as well...but I have a PHP app that submits to Paypal and then on the "thank you" page, I provide a link to a PDF that they bought.
The server is Unix based, and before submitting the sale, I collect various information about the user, and then when the transaction is complete, I get a unique transaction ID from Paypal. What's the easiest, quickest way to provide some level of complexity to the downloads so that people can't just go back into the directory and download every PDF without paying? It doesn't have to be 100% secure but should be secure enough to keep out "most" people. I've been looking into .htaccess but wondering if that's overkill and there isn't some way to authenticate against my DB information before allowing the download? -- Kristina _______________________________________________ New York PHP Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php
