Find Sporting Goods on eBay
Video and Audio], Broadcasting and podcasting Broadcast On the Net

[description], Story, any other text you want to use.

Clickbank Security Using PHP

 by: Robert Plank

Here's a way to protect the products you sell with Clickbank, using their built-in protection and by implementing a 30-day expiration, all without having to worry about managing databases or customer lists.

THE FIRST STEP

First of all, Clickbank protection is decent as it is. If you want to keep your customers from passing the thank you page URL around to friends, there are a couple of things you can do.

Login to your Clickbank account: http://www.clickbank.com/login.html

At the top there's a link that says "Click HERE to modify your account". Click on the link.

On this page there are two links at the top, but one says "Click HERE to modify your account." Click on this one.

You should be at the page that allows you to edit the prices of all your Clickbank products. Scroll down to the bottom where it says:

Secret key (up to 16 letters & digits)

You should see a text box here. If it's empty, choose a secret key, type it in and remember it. It can be anything you want, but it should be different than your Clickbank password.

"COOKIE CUTTER" TOOLS

If you've looked around the Clickbank site you'd know that Clickbank offers some friendly pieces of code in a few different programming languages like Perl and PHP that can help you protect your downloads. Basically this is what happens:

* Your order link contains what's called a "seed". This is just a word or a piece of text, which can be anything you want.

* Your customer clicks on the order link and pays.

* Clickbank takes that seed, and uses your secret key on it -- basically mashes the two together and does a bunch of crazy stuff to come up with a garbled piece of junk. But this a garbled piece of junk that can ONLY come from this seed and secret key. You change the value of the seed or secret key even a little and this "hash" changes.

* The seed and the hash are passed back to the thank you page where your Clickbank script sits. (We have the secret key added to your script, and it never changes, so it doesn't need to be handed to us by Clickbank.) This Clickbank script takes the seed and the secret key and does the same crazy shit Clickbank did to us to compute your own hash.

Clickbank calls this their "cbpop" or Clickbank Proof of Purchase.

The hash was something we figured out on your own and the hash Clickbank are compared. If they match, we're in business because the customer here really did buy from us.. The customer can't figure this out on his or her own because they never actually saw the secret key. (And no, you can't "reverse" a hash to figure out the original secret key.)

If you get nothing out of what I just told you, remember this: it's almost impossible for anyone to figure out the right Proof of Purchase code without that secret key.

USING SOMEONE ELSE'S CODE

This is the PHP function they give us:

function cbValid($seed, $cbpop, $secret_key) {

// A bunch of stuff in here...

}

This function cbValid takes three parameters: $seed, $cbpop, and $secret_key. The script goes through that last step of ours I explained above, does the crazy shit and then compares the result to the one given to us by Clickbank.

Now we need to figure out what to do if your customer really didn't pay. The easiest thing to do, is just stop the script in its tracks, preventing the page under it from loading.

if (!cbValid($seed, $cbpop, $secret_key)) die();

The exclamation point means "not". We're saying, first try this...

cbValid($seed, $cbpop, $secret_key)

.. pass the seed, proof of purchase, and secret key into your black box. If the function tells us NO, do the rest. In this case, "die". Die stops everything immediately, so if you have HTML or PHP code below that line, it won't be looked at if the Clickbank validation fails.

The "proper" way to grab $seed from the query string is this way:

if (!cbValid($_GET["seed"], $_GET["cbpop"], $secret_key)) die();

You could also redirect the user to an error page of yours if you like:

if (!cbValid($_GET["seed"], $_GET["cbpop"], $secret_key)) {

header("Location:http://www.your.host/error.html");

die();

}

Instead of $seed and $cbpop we use $_GET["seed"] and $_GET["cbpop"]. This is because the variables don't appear magically out of thin air, they really appear in the URL as http://www.your.url/test.php?seed=SOMESEED&cbpop=SOMEPOP. We want these values to be taken out of the URL.

USE MINE

Here's a zip file containing your cb.php script: http://www.jumpx.com/tutorials/clickbank/cb.zip

Save it, unzip it, and open cb.php. Near the top should be a line such as:

$secret_key = "YOUR_SECRET_KEY";

Change YOUR_SECRET_KEY to that secret key you set in the Clickbank control panel.

Now, for usage... your thank you pages will have to end in .php here. Like, thankyou.php (and now it doesn't matter if they have obvious names or not -- because they'll be thoroughly inaccessible to thieves. Remember, you can simply rename your HTML pages so they end in .php and they'll still work just fine.

Put this line at the top of you thank you page script:

Be sure to upload cb.php to the same folder as your thank you page. Now, when someone goes to the thank you page, the first thing the thank you script will do is run everything in cb.php, and cb.php will take the data Clickbank has passed to see if it matches.

You're going to have to change your Clickbank order links a little. This is what they should look like now:

http://www.clickbank.net/sell.cgi?link=YOUR_CLICKBANK_ID/YOUR_PRODUCT_ID/YOUR_PRODUCT_NAME&seed=YOUR_SEED

Replace YOUR_CLICKBANK_ID with, of course, your Clickbank ID and YOUR_SEED with the seed you want to use. This can be anything, something simple that's short and one word like the product name. But NOT your secret key.

YOUR_PRODUCT_ID is the number Clickbank shows to the left of each thank you page as you add it. When you're testing, be sure to set the price at $0.00. Once everything's in place you can raise the price of the item to $19.95 or $29.95 or whatever it's priced at.

http://www.clickbankguide.com/merchant.htm#account will explain everything if you're a Clickbank newbie.

COULDN'T THE DOWNLOAD URL, HASH, AND RECEIPT BE SHARED?

You can't prevent sharing completely... after all, your customer can always download the file and share the file, not the download URL, to friends. We can do one thing to give these would-be freeloaders a bit of a headache, and that is expiration.

Here we can say, 30 days after someone buys your product, the thank you page will be inaccessible to them. If they buy on October 25th, they can bookmark and revisit that thank you page up until November 25th at the exact time they made their purchase. It's kind of a nice compromise because it gives honest people enough time to get what they need but at the same time it becomes impractical to share the URL.

In chapter 9 of my book, Simple PHP (http://www.simplephp.com), I explained how time works on computers, they use a big number which is just a count of how many seconds have passed since January 1st, 1970. I also explained that there was a function, called strtotime(), which we could use to determine this "number" or timestamp of a certain date. For exa


public access cable television

Brodcast On the Net - streaming video, streaming audio, video conferencing, audio
Broadcast On the Net. If you are running a search for video conferencing and are looking for audio streaming or video streaminng and web conferenceing then you have come to the proper place. You can find many of the finest sites with the best conferencing services. Even find video studios or maybe the video talent to produce your program, no matter what you are looking for you can see the best streaming media here.
Brodcast On the Net - streaming video, streaming audio, video conferencing, audio

One of the good things about Search Engines like Google is that they keep their indexes up to date. A search for public access cable television should at least produce a result that is timely. When you perform a search you'll actually see the indexing date in the results. We are also passionate about providing you with timely public access cable television information. There's little point in serving up info that is stale.

Keeping abreast of changes in information can be difficult. Many public access cable television suppliers offer a free newsletter so that you can be right up to date. We'd encourage you to subscribe. It's usually free of charge.

Main Menu
Broadcast On the Net
Site Map

Affiliate Ads, Links, news, etc.

News for 11-Jun-22

Source: BBC News - Home
Allan Little: The year the world changed

Source: BBC News - Home
Peter Frankopan: This year in history

Source: BBC News - Home
Man 'in love' drives through airport

Source: BBC News - Home
Adrenaline and exhaustion

Source: BBC News - Home
British passenger missing from Queen Mary 2 liner

Source: BBC News - Home
Trump official Paladino under fire over crude Obama remarks

Source: BBC News - Home
Sri Lankan court acquits five men in Tamil MP murder trial

Source: BBC News - Home
The longest kiss

Source: BBC News - Home
Syrian girl with severe burns gets life-changing surgery

Source: BBC News - Home
Your pictures: Best of 2016


Links
Links
Links
Google

Medical Newscast | Xbox online games | Take It Correctly | Kids Meet
Copyright © 2005. Name of Site here. Last Updated: Saturday, 11-Jun-2022 00:01:53 MDT.
Affordable Used Cars   Listen On The Net   Real Time Media On The Net