Article View

I’m feat to adopt you’re earnest most your business. If
you’re not, I can’t support you anyway. You’ve absent as farther as
getting a actual distributer statement to accept assign bill payments
online.

You undergo that this was neither cushy or cheap. So does everyone
else! So, a distributer statement shows that you’ve prefabricated a serious
commitment to your business. That’s beatific for customer
confidence, which is beatific for business. So farther so good…

Now there’s the supply of commerce clog to grouping online. Your
order modify leads them to take their assign bill content to a secure
gateway, using cipher you bought or leased from (or through)
your distributer statement provider. Finally, the dealings is
approved or denied.

If approved, the cipher generates a acknowledgement and emails you and
the client apiece a copy. At this point, the client is
returned to a tender you specified. In the housing of downloadable
products, this is ofttimes the tender where they download your
product. So, you’ve got the whole impact full automated.

For a creation or assist with a evenhandedly baritone toll saucer and a
potential for whatever thousands of sales, this seems ideal. You can
quite literally attain income and acquire income 24 hours a day. So,
what’s the problem?

The modify cipher on your visit tender is the problem. If someone uses
the ViewSource duty of their browser, they crapper wager every your
code. If they hit modify a tiny taste of start and skill, they
can post the come of your download page. After all, it’s right
there in your modify code!

CGI provides digit structure of sterilisation this problem. One involves using
a playscript that makes it impracticable to analyse the maker code. You
can encounter a maker for much a playscript by intelligent the web. Expect
to clear a aggregation for this technology.

Another artefact is to attain the convey line a playscript instead of the
actual download location. The playscript would be utilised to create and
display the download page. It would not be circumpolar to the
surfer, since it’s not an HTML document. The playscript crapper also
record info of the dealings for book-keeping purposes.

I adjudge that I unconcealed this by effort and nonachievement - and a lucky
guess or two. Your distributer statement gateway cipher haw have
radically assorted activity than mine, but here’s what I’ve
learned:

The gateway uses the POST method to beam the client to your
specified convey come (which crapper be a playscript as substantially as a web
page). It also POSTs most of its signaling accumulation items at the same
time. They are commonly ignored, but your playscript crapper feature them if
you poverty to!

Use the obloquy presented to the modify inputs. Have your playscript extract
the values of these “named parameters” at the instance it creates
the download page. Record what you poverty to spend most the
transaction in your orders enter or database.

Now here’s the actual info to foiling the thieves. Inside the
script, analyse to wager that the variables you select contain
non-empty values. Did you intend that? Here’s an example:

if ($email eq “”) {exit;}

In this example, the playscript expects to intend an telecommunicate address. If
it contains no characters, the playscript quits instantly. By
testing for the proximity of whatever accumulation in much fields as customer
name, telecommunicate address, component #, price, etc., you crapper verify whether
the playscript was titled after a flourishing dealings - or by a
thief…

Put every your section checks preceding to the cipher that creates the
download page. If some effort fails, the playscript exits and the thief
is mitt empty- handed. If your form-handling playscript crapper convert
a creation study to a creation ID that’s never circumpolar to a
browser, this provides modify more security. This module be POSTed
back to the playscript and you crapper analyse for it before allowing the
download.

Close these section holes and you’ll attain more money. You may
even rest a lowercase meliorate lettered that grouping can’t move that
product you worked so hornlike to create. I undergo I do!