PureBasic Forums - English

http://www.purebasic.com
https://www.purebasic.fr/english/

PHP vs multiserial

https://www.purebasic.fr/english/viewtopic.php?t=81330

Page 1 of 1

PHP vs multiserial

Posted: Wed Apr 12, 2023 11:08 pm
by SPH
Hi,

when selling my game online, it happens after the payment stage where the PHP generates the serial for the game. But on this page, the user can, alas, refresh the page and generate other serails (as many he wants).
How to block this?

THANKS :!:

Re: PHP vs multiserial

Posted: Thu Apr 13, 2023 12:50 am
by normeus
It's usually done with $_SESSION, create a session check if a code already exist otherwise save a code. A little more complex than that but there are scripts that do this, check in https://stackoverflow.com

Code: Select all

<?php
session_start();
if (isset($_SESSION['randomcode']){
header('location:/index.php');
	exit;
}
 $_SESSION['randomcode']=rand(10000,99999);
// rest of your code

?>
More or less an example ( a lot less than more)
Norm.

Re: PHP vs multiserial

Posted: Thu Apr 13, 2023 8:07 am
by SPH
Ok thx. i see that today :!:

Re: PHP vs multiserial

Posted: Thu Apr 13, 2023 9:01 am
by NicTheQuick
Don't you write the serial into a database?

Re: PHP vs multiserial

Posted: Thu Apr 13, 2023 10:19 am
by Caronte3D
The best is to use a database where the user must register and keep her generated serials.
That way you can control how many serials an user have

Re: PHP vs multiserial

Posted: Thu Apr 13, 2023 10:23 am
by BarryG
Make the page email them the serial instead? And then auto-close the page after emailing?

Re: PHP vs multiserial

Posted: Thu Apr 13, 2023 11:38 am
by SPH
NicTheQuick wrote: Thu Apr 13, 2023 9:01 am Don't you write the serial into a database?
I write the serials in a file.
---

Yesterday, I asked chatGPT how to prevent the refresh of the PHP page and it told me 2 "headers" that I put in the PHP page but, alas, we can still refresh..
PHP:

Code: Select all

<?php
header("Cache-Control: no-cache, must-revalidate");
header("Expires: Sat, 1 Jan 2000 00:00:00 GMT");

$serial = substr(str_shuffle(str_repeat("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz", 6)), 0, 6);

$data = $serial.PHP_EOL;
$fp = fopen('php/page_scrab.php', 'a');
fwrite($fp, $data);


$clecd = $serial;


echo '<center> <br><br><br>
Thank you for your purchase. Here is your key : <br><font size="14">'; echo $clecd; echo' </font><br> Thank you kindly note it. You will be asked to activate the game.	</td>
'; 

echo "<br><br><br></center>"; 

?>

<?php 
$_VARS_BACK = '';
$_VARS_PAGE = <<<EOT

EOT;

?>
An email ? Why not...

Re: PHP vs multiserial

Posted: Thu Apr 13, 2023 11:40 am
by BarryG
SPH wrote: Thu Apr 13, 2023 11:38 amAn email ? Why not...
Yep, PHP supports that. That way they get a copy of their serial, too.
All times are UTC+01:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited