Hi Guys,
I got this code that works by protecting your 'Thank you page' on say ClickBank. It can redirect the person to a specified page if the person didn't come from CB and as such hasn't purchased the product/service. Nice! However, someone can still copy/bookmark the whole URL after purchasing the product from CB and later visit the same URL to fill the order page/download the doc again.
What i would like to find out is if this code could be manipulated in a way that the 'thank you' page could have a time that could expire upon the first visit. The session just times-out within like 30mins? Upon the first visit after purchasing and being forwarded to the 'Thank you' page, that URL/page expires like after 30mins or 1hr?
Here is the code:
Code:
<?php // yourdeliverypage.php
function cbValid()
{ $key='Your Secret Key';
$rcpt=$_REQUEST['cbreceipt'];
$time=$_REQUEST['time'];
$item=$_REQUEST['item'];
$cbpop=$_REQUEST['cbpop'];
$xxpop=sha1("$key|$rcpt|$time|$item");
$xxpop=strtoupper(substr($xxpop,0,8));
if ($cbpop==$xxpop) return 1;
else return 0;
}
if (!cbValid($rcpt, $time, $item, $cbpop)) {
// redirect
header ("Location: http://www.anyurlyouwant.com/");
exit;
}
?>
Thanks for your help.