Free Paypal IPN script for digital products - for everyone!

by kidino
38 replies
Okay, this may sound like a shameless plug. But I am giving away my Paypal IPN PHP script if you are selling ebooks, files, etc... anything downloadable.

I spent about the last week tweaking the script, writing docs, etc... and now you can get it for free. Just download it from my website:

Simple IPN: Free Paypal IPN PHP Script for Digital Download Products -- MiniSiteGallery.com

Feedbacks, comments, help... we can discuss it here or you can add comments to my blog.
#digital #free #ipn #paypal #products #script
  • Profile picture of the author Steve Diamond
    Great gift! Thanks very much!

    A couple of questions:

    1) On your site you say
    If you want to remove the little ad credit from the script, all I ask is just a small $10 fee. With this, you will also get the full raw source code to the script. You may use the script in any way you want.
    Does that include rewriting, rebranding and reselling it?

    2) I see in settings.php where it says:
    // does not need to be the same filename
    // location can elsewhere too like:
    // 'source' => '../../store/sample.mp3'
    I interpret that to mean that the actual files for download can reside outside of (above) the public_html folder, meaning that they don't have URLs and can't be accessed except through a verified download link. Is that correct? (If so, great! That's way more secure than 90% of so-called download protection schemes.)

    Thanks.

    Steve
    Signature
    Mindfulness training & coaching online
    Reduce stress | Stay focused | Keep positive and balanced
    {{ DiscussionBoard.errors[1091696].message }}
    • Profile picture of the author kidino
      Originally Posted by Steve Diamond View Post

      1) On your site you say

      If you want to remove the little ad credit from the script, all I ask is just a small $10 fee. With this, you will also get the full raw source code to the script. You may use the script in any way you want.
      Does that include rewriting, rebranding and reselling it?
      Hmm... the lazy part of me says, "Just don't care - do what you want"

      The greedy part of me, "Send me something back -- how about a royalty"

      Hmm ... how about this? If you get the $10 version - do what you want. If you feel generous, send some back when you make a substantial amount.

      Originally Posted by Steve Diamond View Post

      2) I see in settings.php where it says:

      // does not need to be the same filename
      // location can elsewhere too like:
      // 'source' => '../../store/sample.mp3'
      I interpret that to mean that the actual files for download can reside outside of (above) the public_html folder, meaning that they don't have URLs and can't be accessed except through a verified download link. Is that correct? (If so, great! That's way more secure than 90% of so-called download protection schemes.)
      Yep, that is right. As long as the script can find the source file from its location, you can put it there.
      Signature

      DIPPEC - PHP Script for Selling Digital Products with Paypal. No more monthly SaaS fees. No more commission fees. Keep it all for yourself (except for Paypal fees).

      Free Pricing Table Builder

      {{ DiscussionBoard.errors[1096386].message }}
      • Profile picture of the author Steve Diamond
        Originally Posted by kidino View Post

        Hmm... the lazy part of me says, "Just don't care - do what you want"

        The greedy part of me, "Send me something back -- how about a royalty"

        Hmm ... how about this? If you get the $10 version - do what you want. If you feel generous, send some back when you make a substantial amount.
        Kidino, here's what I think. If I do get to that point I'll set you up as an affiliate with a JV-level commission. I'm not contemplating a high price tag, so don't get too excited about the possibilities. But I certainly think you deserve a cut.

        Thanks!

        Steve
        Signature
        Mindfulness training & coaching online
        Reduce stress | Stay focused | Keep positive and balanced
        {{ DiscussionBoard.errors[1097485].message }}
  • Profile picture of the author HomeBizNizz
    Thanks....
    {{ DiscussionBoard.errors[1091698].message }}
  • Profile picture of the author James Blair
    Awesome script, it's pretty cool that you're giving it away. I just downloaded it and will try it out soon!
    Signature

    2017... Will it be YOUR year??

    {{ DiscussionBoard.errors[1094063].message }}
    • Profile picture of the author kidino
      Originally Posted by James Blair View Post

      Awesome script, it's pretty cool that you're giving it away. I just downloaded it and will try it out soon!
      Looking forward to your experience. Please do share. Need some testimonials at this point to get more people using it.
      Signature

      DIPPEC - PHP Script for Selling Digital Products with Paypal. No more monthly SaaS fees. No more commission fees. Keep it all for yourself (except for Paypal fees).

      Free Pricing Table Builder

      {{ DiscussionBoard.errors[1096393].message }}
  • Profile picture of the author bhackett
    Wow...thanks for the great script. I'll let you know how it works.
    {{ DiscussionBoard.errors[1094727].message }}
  • Profile picture of the author cheapdeals
    Banned
    [DELETED]
    {{ DiscussionBoard.errors[1095653].message }}
  • Profile picture of the author Damien Roche
    This is very kind of you Kidino. If it's quality stuff, I'll definitely purchase the raw source code.
    Signature
    >> Seasoned Web Developer (CSS, JavaScript, PHP, Ruby) <<
    Available for Fixed Fee Projects and Hourly ($40/hr)
    {{ DiscussionBoard.errors[1097946].message }}
  • Profile picture of the author Damien Roche
    What was I thinking! This is very good quality scripting. I'll be in touch
    Signature
    >> Seasoned Web Developer (CSS, JavaScript, PHP, Ruby) <<
    Available for Fixed Fee Projects and Hourly ($40/hr)
    {{ DiscussionBoard.errors[1097965].message }}
  • Profile picture of the author ASUService
    Thanks Much!!!! I sent the $10 even tho' I'm not sure I'll remove the branding. The script is worth so much more than that!!!!

    Good luck getting it out there.
    Signature

    Best Regards,
    Mike Allton
    ASU Service, Inc.
    The LAST SMS Platform You'll Ever Need! Easy Money!

    {{ DiscussionBoard.errors[1098054].message }}
    • Profile picture of the author kidino
      Thanks for the support guys. Anybody got a working example yet??
      Signature

      DIPPEC - PHP Script for Selling Digital Products with Paypal. No more monthly SaaS fees. No more commission fees. Keep it all for yourself (except for Paypal fees).

      Free Pricing Table Builder

      {{ DiscussionBoard.errors[1098126].message }}
    • Profile picture of the author kidino
      Originally Posted by ASUService View Post

      Thanks Much!!!! I sent the $10 even tho' I'm not sure I'll remove the branding. The script is worth so much more than that!!!!

      Good luck getting it out there.
      The zero-branding version has no ad credit in there... I am thinking of a re-coding it with an on-off variable option.

      $show_ad_credit = 0; // turn off/on ad credit - 1 = on, 0 = off

      Yeah, I think that's better ...


      KIDINO
      Signature

      DIPPEC - PHP Script for Selling Digital Products with Paypal. No more monthly SaaS fees. No more commission fees. Keep it all for yourself (except for Paypal fees).

      Free Pricing Table Builder

      {{ DiscussionBoard.errors[1098133].message }}
  • Profile picture of the author Tim Franklin
    Nice product, just sent you a paypal, thanks
    Signature
    Bitcoin | Crypto | Blockchain Secrets |
    {{ DiscussionBoard.errors[1333230].message }}
    • Profile picture of the author dwaser
      Great script, thanks a lot. Just sent you the $10.
      {{ DiscussionBoard.errors[1333767].message }}
  • Profile picture of the author kidino
    thanks for the paypal money guys...
    Signature

    DIPPEC - PHP Script for Selling Digital Products with Paypal. No more monthly SaaS fees. No more commission fees. Keep it all for yourself (except for Paypal fees).

    Free Pricing Table Builder

    {{ DiscussionBoard.errors[1771025].message }}
    • Profile picture of the author saschakimmel
      Thanks for sharing, I'll check it more thoroughly later.
      I just stumbled upon this:

      in functions.php:
      $download_list .= '<script type="text/javascript" src="http://790530055279.com/simpleipn.php"></script>';

      Is there any reason in downloading this JavaScript file from *your server* on every display of the product list?

      And this looks like a security problem to me:

      in dl.php:
      $txn_id = $_GET['id'];
      if (file_exists($txn_id.'.php'))
      { include($txn_id.'.php'); }

      This means that I could execute every PHP file I like on your server by giving a simple relative path like dl.php?id=../../admin/deleteusers (if that would exist).
      Using basename() would help.
      Signature

      ** Get my ViralListMachine software now for free and build your own list virally by giving away free stuff @ http://www.virallistmachinegiveaway.com **

      {{ DiscussionBoard.errors[1784271].message }}
      • Profile picture of the author Steve Wells
        Tweak the code and make it more secure then make comments in the code where you changed things and send me a copy........please.
        Signature
        Need Custom Graphics Work? - Message Me For A Design Quote!
        {{ DiscussionBoard.errors[1784439].message }}
  • Profile picture of the author Tim Franklin
    sounds interesting, I would be interested in hearing the end of the story on that last as well.
    Signature
    Bitcoin | Crypto | Blockchain Secrets |
    {{ DiscussionBoard.errors[1784617].message }}
  • Profile picture of the author kidino
    in functions.php:
    $download_list .= '<script type="text/javascript" src="http://790530055279.com/simpleipn.php"></script>';


    Owh, that's the floating credit for the script.

    Is there any reason in downloading this JavaScript file from *your server* on every display of the product list?

    in dl.php:
    $txn_id = $_GET['id'];
    if (file_exists($txn_id.'.php'))
    { include($txn_id.'.php'); }


    Meant to change that. You could be right. But my test, can't get it to find in other folders. You can give it a try if it's different on your folder. Getting just basename is a lot safer...
    Signature

    DIPPEC - PHP Script for Selling Digital Products with Paypal. No more monthly SaaS fees. No more commission fees. Keep it all for yourself (except for Paypal fees).

    Free Pricing Table Builder

    {{ DiscussionBoard.errors[1784780].message }}
    • Profile picture of the author CMartin
      Originally Posted by kidino View Post


      in dl.php:
      $ txn_id = $ _GET['id'];
      if (file_exists($ txn_id.'.php'))
      { include($ txn_id.'.php'); }

      Meant to change that.
      I alerted you via PM for this same problem in "08-23-2009" and the response I got was: "Thanks CMartin. Will update this."

      I'm not using this script, and if I were, I would know what to change to make it safer. But you must realize there are other users using this script without the knowledge to detect and fix this security problem.

      Carlos
      {{ DiscussionBoard.errors[1785184].message }}
    • Profile picture of the author Steve Wells
      Kidino, when you make the security changes that have been requested to make this script secure let me know, I would love to try it out.....
      Signature
      Need Custom Graphics Work? - Message Me For A Design Quote!
      {{ DiscussionBoard.errors[1785747].message }}
  • Profile picture of the author saschakimmel
    Just as a proof of concept that the inclusion still works on your own server:
    http://www.minisitegallery.com/simpleipn/dl.php?id=ipn
    -> includes http://www.minisitegallery.com/simpleipn/ipn.php (well, throws an error but I now know your username on your server, see for yourself)

    http://www.minisitegallery.com/simpl...hp?id=../index
    -> includes MiniSiteGallery.com Free Mini-Site Templates & Design (an error because something's included)

    If inclusion via HTTP and fopen-wrappers would be active on your site (which luckily they are not in this case) I could execute my own PHP code on your server:
    http://www.minisitegallery.com/simpl...w.tricos.com/t
    -> would execute http://www.tricos.com/t.php (could be everything, currently just phpinfo()
    This is called remote file inclusion.

    Here is the fix:
    in dl.php:
    $ txn_id = basename($ _GET['id']);
    or if the id only contains letters and numbers this is even safer:$ txn_id = preg_replace("/[^0-9a-zA-Z]/", "", $ _GET['id']);

    Please remove the script from your website immediately or fix the code!
    This can be used to "hack" a server very easily
    (if remote file inclusion is supported). So if somebody is currently using your script it's very easy to execute remote PHP files on your server however malicious they might be.
    And no, I'm not a hacker and never was - ever.

    Just look here for more about this security problem:
    http://en.wikipedia.org/wiki/Code_in...file_injection
    Signature

    ** Get my ViralListMachine software now for free and build your own list virally by giving away free stuff @ http://www.virallistmachinegiveaway.com **

    {{ DiscussionBoard.errors[1787720].message }}
  • Profile picture of the author seoelite27
    Banned
    [DELETED]
    {{ DiscussionBoard.errors[1789831].message }}
    • Profile picture of the author kidino
      Thanks for highlighting this. The script has been fixed.

      To those who uses the script, please download the current version.
      Signature

      DIPPEC - PHP Script for Selling Digital Products with Paypal. No more monthly SaaS fees. No more commission fees. Keep it all for yourself (except for Paypal fees).

      Free Pricing Table Builder

      {{ DiscussionBoard.errors[1790221].message }}
      • Profile picture of the author Steve Wells
        Originally Posted by kidino View Post

        Thanks for highlighting this. The script has been fixed.

        To those who uses the script, please download the current version.

        Where is the link to download the corrected version?
        On your site?

        If so is it the original link we downloaded from that says [ DOWNLOAD SIMPLE IPN ]

        Which files have been corrected or do we need to uplaod them all?
        Signature
        Need Custom Graphics Work? - Message Me For A Design Quote!
        {{ DiscussionBoard.errors[1793308].message }}
  • Profile picture of the author kidino
    Yes, the source for the link has been replaced. So the old link would work. And the files that has been fixed are dl.php and page.php.
    Signature

    DIPPEC - PHP Script for Selling Digital Products with Paypal. No more monthly SaaS fees. No more commission fees. Keep it all for yourself (except for Paypal fees).

    Free Pricing Table Builder

    {{ DiscussionBoard.errors[1793490].message }}
  • Profile picture of the author FranklinF
    sorry i have a newb question

    i purchased the simpleipn script without the branding

    if i wanted to update the script so it is secure
    could i just upload and rewrite the new dl.php and page.php

    and the script will be secure?

    or is there more involved?

    thanks
    franklin
    Signature
    Create Proper SEO Silo for your Wordpress Site in Minutes
    New WSO WP EZ Silo Plugin
    -- Dimesale- Price Going Up!
    Launch Sites or Optimize Established Sites!

    WSO - WP Optin Express Plugin - Create Great Looking Squeeze Pages FAST and EASY!

    {{ DiscussionBoard.errors[1943544].message }}
    • Profile picture of the author kidino
      I am not really sure what you mean by secure. If you are referring to previous issues and you just downloaded recently, it's already been fixed. And you if you are still referring to previous issue, yes can upload and replace page.php and dl.php
      Signature

      DIPPEC - PHP Script for Selling Digital Products with Paypal. No more monthly SaaS fees. No more commission fees. Keep it all for yourself (except for Paypal fees).

      Free Pricing Table Builder

      {{ DiscussionBoard.errors[1943749].message }}
      • Profile picture of the author FranklinF
        my question was:

        I had downloaded the script without branding ($10) some time ago.
        From reading this thread there was a security issue with the script that has since been fixed.
        To update the version of the script I am running I would just need to upload and overwrite only these two files:
        page.php
        dl.php

        which I think you just answered as yes.

        I have updated these too files

        thanks for the great script
        it is working well for me so far

        Franklin
        Signature
        Create Proper SEO Silo for your Wordpress Site in Minutes
        New WSO WP EZ Silo Plugin
        -- Dimesale- Price Going Up!
        Launch Sites or Optimize Established Sites!

        WSO - WP Optin Express Plugin - Create Great Looking Squeeze Pages FAST and EASY!

        {{ DiscussionBoard.errors[1946005].message }}
  • Profile picture of the author Tim Franklin
    Just a quick question, I have the simple IPN open, script, and I was looking at how I could serve a download from above public_html I would think using a path, like
    home/user/downloads/file.zip

    I was trying to figure out how I could make that work with the script, thanks for any suggestions, Tim
    Signature
    Bitcoin | Crypto | Blockchain Secrets |
    {{ DiscussionBoard.errors[2311502].message }}
    • Profile picture of the author kidino
      Tim,

      In settings.php, you need to specify where the source of the file is. You could put the path from the location of the script. Let's say that your web hosting structure is like this:

      web root folder - /home/user/public_html
      simple ipn folder - /home/user/public_html/ipn
      your file folder - /home/user/my_files

      You can specify the path to the file like this

      source => "/home/user/my_files/download.zip",

      or like this

      source => "../../my_files/download.zip",
      Signature

      DIPPEC - PHP Script for Selling Digital Products with Paypal. No more monthly SaaS fees. No more commission fees. Keep it all for yourself (except for Paypal fees).

      Free Pricing Table Builder

      {{ DiscussionBoard.errors[2311606].message }}
  • Profile picture of the author Tim Franklin
    Hi, thanks, yes, that is how I thought it might work, thanks for saving me some time, I am working on creating multiple product support, but it is a challenge, so far, but I love a good challenge, thanks for the reply,

    Tim
    Signature
    Bitcoin | Crypto | Blockchain Secrets |
    {{ DiscussionBoard.errors[2311658].message }}
  • Profile picture of the author kidino
    I have been thinking about the multiple product support. Definitely can be done. But it will make things a bit complicated to set up, which could result in "not-so" Simple IPN.

    Was thinking of implementing it by creating a separate products.php just for products. The the link would be "ipn.php?buy-x" where x is the product number. Would definitely have to modify ipn.php and other files.

    Not really sure I will do this. But sure is a fun challenge. If I do this I will definitely update my page at minisitegallery.com
    Signature

    DIPPEC - PHP Script for Selling Digital Products with Paypal. No more monthly SaaS fees. No more commission fees. Keep it all for yourself (except for Paypal fees).

    Free Pricing Table Builder

    {{ DiscussionBoard.errors[2311762].message }}
    • Profile picture of the author AlanCarr
      I wasted an entire afternoon and much of my evening, trying to find a wordpress plugin that was worth using.

      Did find one, at $40... but lately I'm sick of forking out for stuff, so kept sniffing. And ended up back on the WF lol

      Just wanted something really short, sweet and simple, for a silly little ebook at $7.

      This does the trick nicely, thanks

      I do have one question though... which page/file do I tell PP to use for their IPN thingy?




      AC
      Signature

      This man is living his dream. Are you...?
      www.copywriter-ac.com

      {{ DiscussionBoard.errors[3488572].message }}
      • Profile picture of the author kidino
        Originally Posted by AlanCarr View Post

        I do have one question though... which page/file do I tell PP to use for their IPN thingy?
        With SimpleIPN, you don't have to worry about where your IPN URL is, etc ... just edit the settings and link to ipn.php?buy -- that will create the Paypal Buy Button and automatically clicks on it so that users are redirected to Paypal.

        The ipn.php?buy will take care of where your IPN URL should be and tells it to Paypal for you.
        Signature

        DIPPEC - PHP Script for Selling Digital Products with Paypal. No more monthly SaaS fees. No more commission fees. Keep it all for yourself (except for Paypal fees).

        Free Pricing Table Builder

        {{ DiscussionBoard.errors[3573637].message }}
  • Profile picture of the author liancloud
    Pretty cool... thanks
    {{ DiscussionBoard.errors[3586730].message }}

Trending Topics