Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Out of the box idea for downloadables


m3s_4ev3r

Recommended Posts

Hello, I want to build an OSC in which people could download different documents.

 

Here in Romania people look for really simple things.

 

I have thought a system of getting the downloadables of the osc but there are security risks involved there.

 

First of all, visitors don't like making accounts, they like to keep it ridiculously simple.

 

My idea:

 

A visitors comes on site, he sees a document he wants, he adds it to cart. he goes to checkout, there he has a bank account number on which he should send an amount of money or 2Checkout option.

 

If he selects the bank transfer option, he must input an email address and name or if he wants the document on a CD too. (all that without being logged, without creating an account).

 

He gets to the final step where a text is shown "bla blah, once you make the payment you will get the download link and/or the CD", when the payment is confirmed is set the order from the admin to Delivered, he gets a mail with a download link.

 

I know there's zero security here, no sessions, no logged people, if the link goes to anyone, anyone can download it, that implies the download folder to be unsecured, and so anyone can access it and guess files there(only if there are long names etc)

 

My question is, is this idea good?, does it needs improvements(absolutely) or a few advices on keeping an amount of security here without devianting form the visitors process of buying a document(document encryption, creating cookie sessions[session id link in mail etc], that are available for an amount of time).

 

And how could I implement it?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...