We're going to be selling downloads of digital files soon. We have a customized shopping cart and e-commerce engine running in a PHP/MySQL environment. We have it set up now so that when a user succesfully purchases an item they are given a "My Downloads" link. When they click on that they are taken to a library listing all of the files they have purchased. So far, so good. Now what we want to prevent is any unauthorized access of our files. For instance, we don't want someone is downloading a file to be able to guess at other file names and download them as well. We also don't want anyone who is not logged on to the site to be able to download the files. I'm guessing that we'll need to do some sort of authentication on the username and password which would somehow match it to the order information. We don't want to prompt the user for a username and password though. We've done a fair amount of research online and even though it seems that there are a number of companies doing this we haven't dug up much in terms of ways to implement it. Any suggestions woudl be greatly appreciated.
That looks like it could work but I'm not sure how well it will play with our existing e-commerce platform. For instance, we take major credit cards but we don't have any of the payment systems (e.g., Clickbank) that are listed there.
Try to contact author whit your questions. He is having WSO for this on warrior forum http://www.warriorforum.com/forum/topic.asp?TOPIC_ID=58842 I don't use this myself and I don't promote it, I just heard about it, there is probably more similar solutions like this.