Preventing Users from Accesing a Web Page Until Paid by PayPal

I am building a website with ASP,CSS, & HTML. I am about half way done with it but ran into a problem i cant figure out. I am using paypal to charge 1 dollar to access the website. So the process i thought of using is after they pay on paypal they will be redirected to the Registration Page to. My question is how can i prevent anybody from accessing this Registration page until they paid. I was thinking what if somebody pays the dollar and then gets the link to the registration page and then gives that link out to everyone which would by pass the paypal. This is what i am trying to figure out. Is my process wrong? Any suggestions would be great. Thanks
unitedlinenAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

thirdCommented:
If it's just one dollar, why not give it for free and put a donate option instead.  :-)

Well, that is a common problem. My suggestion is
1) use email as username for your site. not everybody will like typing other email's address on the username box.
2) monitor the login status of each username. After they login, mark on the database their login status and prevent further login. This way you will maintain that even though they have given out usernames and passwords, this account is only used once at a certain point in time. Don't forget to unlock the status after they sign out or the session expires. You have to handle those things.

These are all I can think of as of now.
0
the_crazedCommented:
you'll have to make them create a username and password, and link that to the paypal payment. then
this is your flow:
1) give user registration form on your site, to create username/password
2) write username/pass and paid=false to database, write cookie with unique user id on user's machine.
3) redirect to paypal, pass the user id in the hidden "custom" from element
4) set yourself up for "instant payment notification" - on your notification page, you will get back the "custom" value. use this to update paid to true

extra code:
 - check on every "secure" page for userid in cookie. use this to look up user in database:
     if cookie does not exist, redicet user to new reg form (above) give link to "login" page also (below)
     if user account does not exist, ditto
     if user account exists but not paid, give message then redirect to paypal.
     otherwise, show page as normal
 - create a login page, so user who has lost cookie can get in:
     when valid username/pwd is entered, write cookie of user id

other considerations:
as users are paying for your service, you may want to consider using ssl on the registration form and login page
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
unitedlinenAuthor Commented:
We want to charge a dollar just incase it takes off. A lot of people signing up would = big money :)

Thanks for the suggestions. How do i make the email as the username?

Thanks "the crazed" do you have a webpage i can go to learn how to do all of that? I am just learning all of this so i am not sure how to do all that code.

Thanks again for the help
0
Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

the_crazedCommented:
as for making thier email thier username, just do as I suggested above, but ask for email to be input instead of username

as for learning - are you in ASP? or ASP.net? do you have a SQL backend?
0
unitedlinenAuthor Commented:
Shows you how much i know. I thought ASP and ASP.net was the same. I am not into making programs just using asp in my websites.

I am using SQL 2005 with GoDaddy.

I made all the ASP pages with Visual Web Deloper 2005 Express and the other half Expression Web.

Thanks
0
the_crazedCommented:
ok, not sure of your level, but check these out:

inserting data into database:
http://www.stardeveloper.com/articles/display.html?article=2000032601&page=1

updating database
http://www.stardeveloper.com/articles/display.html?article=2000032801&page=1

setting cookies:
http://www.tizag.com/aspTutorial/aspCookie.php

redirecting:
http://www.powerasp.com/content/code-snippets/redirects.asp

and check paypal themselves for samples on instant payment notification, and documentation on the "custom"  form element
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
.NET Programming

From novice to tech pro — start learning today.