I've had a lot of questions about how BitBuffet works, and I thought I'd address some of the scripting curiosities I've received. We integrate with PayPal through IPN notifications. While PayPal offers pretty thorough documentation on the IPN process, they neglect to detail the practical application of IPN notifications. Before we go on to much further, let's cover what IPN is...
In short, Instant Payment Notifications (or IPNs) are PayPal's way of alerting you of a payment. Basically, you give them a notification URL that they ping with some post data about the recent payment containing the amount, emails, names and fees involved. You can take the data from the URL and use it to trigger all kinds of things, including dispatching an email containing a file, or sending a link to that file.
Gathering an IPN is as simple as making a script that checks the request for any variety of POST data. Some of the more useful ones are "payer_email", "mc_gross", "invoice" and "custom". The variable "payer_email" naturally contains the email of the payer. "mc_gross" contains the amount of money sent including PayPal fees and everything. Both "invoice" and "custom" are pass through variables that are set by the button (the form submitted to PayPal detailing the payment).
I often use "custom" to identify the specific product being purchased and "invoice" as a variable that contains the date and other information. Once you gather this information, its just a matter of tossing it off to another script or triggering an action. For example, maybe we want to save the sale in a database and dispatch an email with a link to a protected download. We'll discuss techniques for that in the next section.
After you store the sale in a database of some sort, you'll want to create a download link that expires after a certain amount of time or after a certain number of downloads. The trick here is to not use a direct link like http://example.com/protected-file.zip but something like http://example.com/download.php?code=sale_specific_code_here so you have a protected download link.
With the sale specific code you can look up the sale and see if the link is still valid and if so, you can send the file either by reading the file into memory and streaming it or sending the file link with the header mod_xsendfile for Apache or x-sendfile with nginx. Otherwise, if the code isn't valid or is expired, you can simply say so.
Once you have the sale stored in the database, its as simple as dispatching an email to the payer email variable with the protected download link in the message!
A lot of times you'll have a user lose his download link, or delete the file on accident which requires you to resend or reset a download link. This can be a pain, especially if you have to dig into the database to reset the code and manually send the link. Yuck. An alternative is to build your own download link manager or just use ours.
Now that you have the know-how on how to make a protected pay per download link, you might consider using us instead! We have affordable monthly based plans with no bandwidth limits or commissions. In fact, your customers pay directly into your PayPal account and we never touch the money! We just deliver the files through protected links!
So, check us out and sign up for a free trial!