Order Attachments and Downloads
At the end of an order VPASP can handle electronic delivery of goods in three ways. It can generate an immediate download hyperlink to the file being purchased, it can send the file as an attachment or it can generate a secure download link to the product.
Download hyperlinks and attachments are a standard feature of VPASP.
End of order Valid Payments:
VPASP checks the type of payment being made against a list that is supplied in the Shop Configuration. If the payment does not match then no hyperlink or attachment is added. This helps against hackers trying to steal the goods.
xendofordervalidpayments Visa,Mastercard for example are possible payment tyes that allow either hyperlinks or attachments to be generated. If you use WorldPay as your gateway you would insert Worldpay here.
Download Links:
For download links to work the download field in the product table must be filled in and the following Shop Configuration set.
The following download links are generated as plain, unprotected hyperlinks.
xendoforderhyperlinks: Yes tells VPASP to generate hyperlinks for products at the end of an order
xendoforderhyperlinkfield: orderdownload – the field in the database to look for hyperlink information. This field is in the products table. Insert the path as: /downloadfolder/myfile.exe. Change the previous as required to point to your file.
Attachments:
Attachments are added to the order confirmation that goes to the customer. The attachment is set in the attachment field of the product record and must be their physical address of the file.
xendoforderattachments: Yes tells VPASP to add attachments to the customer e-mail at the end of the order
endoforderattachmentfield: orderattachment is the field in the products record to look for attachment. Attachments must be real disk address such as c:\mydirectory\data\abc.zip
Secure Downloads:
VPASP Secure Download provides a way of delivering downloadable products and protects against hackers or unauthorized customers from downloading these products.
VPASP Secure Download has the following facilities:
Restrictions:
The download facility uses a facility that is browser dependent to write a binary file to the browser.
The browser should automatically bring up a dialog box asking the customer where to place the file on the customers local PC.
This facility has been tested with Netscape and Internet Explorer but may not work on all versions of these browsers or other browsers. We therefore cannot guarantee that this facility will work with every type of binary file and every browser
How it works:
At the end of an order, any download product generates hyperlink, not to the specific product but the VPASP secure download program. The program verifies that the customer is entitled to download the product and automatically sends the product to the browser.
There are no hyperlinks to bookmark and therefore unauthorized customers cannot share the product.
If the customer needs to reload the product at a future time, they login and can download the product again. Limits can be placed on the number of downloads, the last date a download is valid for. Downloads can also be totally blocked if you are under some type of hacker attack.
Secure Download Configuration Options:
| Xendofordervalidpayments | Visa,Paypal. This is a list of payments which allow downloads |
| Xdownloads | Yes turns on the secure download facility |
| Xdownloadlimitcount | Number of times a specific product can be downloaded |
| Xdownloadlimitdays | Number of days from the original purchase date a product can be downloaded |
| Xdownloadblock | Yes blocks all downloads until changed to No |
| Xdownloadfeature | Yes tells VP-ASP that a different download should be used when that feature is selected. In the featureother1 field you place a field name in the products table where the alternate file is located. You do NOT place the file name itself. So featureother1 may have pother4 for example. In the actual product record, you place the real file name in the pother4 field |
Setting up Secure Downloads:
In the products record, the location of the real product is placed in the download field. The customer will never see this location and it can be in a folder not directly viewable on the web but be in a folder that can be read by VPASP. The actual file is copied from the secure location to a temporary staging location but using a randomly generated file name.
When a person buys the product, VPASP checks the list of valid payment types in the Shop Configuration xendofordervalidpayments. If using PayPal you would insert PayPal, if Authorizenet enter Authorizenet, if taking cards manually then you could enter Visa, Mastercard and so on. If the product had a zero cost, $0.00 you would need to enter No payment Required into the xendofordervalidpayments field.
If the payment is made by one of the approved methods, a download link is generated at the end of the order. If no valid payment is made, no download links are generated. A merchant can at a later time change the payment type to a valid payment method.
In order to obtain the product, the customer would use the VPASP customer service facility. They would login, view the order and the download links would then appear.
To set up the product insert the full drive path to the orderdownload field.
For example:
C:\Inetpub\wwwroot\mydownload.zip
Then in your shop configuration settings ensure that you have xendoforderhyperlinkfield=orderdownload
To remove the insecure download links set the following to No
xendoforderhyperlinks: