Advertising Network Reviews for Publishers |
| DL PayCart | Bandwdith Manager | websitelogin |
Review date: May 6, 2008
I can tell you that DL PayCart is a superficially amazing PHP script for its price. It's only $15.95. It's not a normal shopping cart script. It's specifically designed for those who sell digital products online. Also, it's designed only for those who sell goods through PayPal. When you sell digital products online, your immediate concern is that your customers might reveal file locations to others. DL PayCart works in such a way that the true location of a file is disguised. And you can even set an expiration time to it. My initial question to this PHP software was where to store digital goods. More specifically, can we install this software under one subdomain and hide downloadable goods under another subdomain? And the answer is yes. When you install DL PayCart, go to General > Setting (See Screenshot 01.) Under Internal Store settings, find Exact path to items directory. You can store files anywhere as long as it's located at the same domain where DL Paycart is installed. All you have to do is to create a folder titled 'items.' Then just upload downloadable products to it.
For example, as shown in Screenshot 02, our digital download store is installed at store.mhvt.net. Screenshot 03 shows that we have 'items' under the subdomain of sub-mhvt, not the subdomain of store. Then let's go to Items and choose Add Item. After creating a category, select that category or another and then choose an appropriate folder under items. Screenshot 05 implies that we have a folder titled 'test' under items. And DL PayCart will give you a list of files to choose under a drop-down menu. In our case, we have test.zip uploaded under sub-mhvt > ... > items > test. Now, let's take a look at Screenshot 06. Comparing it with Screenshot 02, do you notice something interesting? 'pay now' is replaced by 'download' because the price is set to 0. So if the price of a download product is set to 0, it will be a free file that any visitor can download. That's quite interesting, isn't it?
All right. That's it for cool things about DL PayCart. We have several problems to talk about. If you have installed DL PayCart and are ready to open your eStore, you probably want to purchase a product by setting a price to 5 cents or whatever to see if you receive a download link. So if your online customer doesn't receive a download link, then what's your Plan B going to be? Create a download link manually? We asked the software developer more than 48 hours ago. And we haven't heard from him. We wouldn't have asked him this question if we had received a download link after purchasing DL PayCart. Ironically, the script failed to function properly at the very website where it's sold. When you purchase DL PayCart at their website, you will be reminded that you need to return to merchant's website. (See Screenshot 07.) I saw that notice before paying. But after making a payment, I realized that something wasn't right. Where is my download link? The thanks page indicated that I should receive a receipt, which I did from PayPal. But we never received anything else. So we contacted the software developer. 11 hours after making a payment, we heard from him. There was no apolgoy, and he wrote
You should have received an email with the download link (See Screenshot 09.)
Nope. Show me your proof that your mail server sent out an e-mail message with a download link to us. In fact, again, there was something odd about the thanks page. Screenshot 10 shows the default thanks page used by DL PayCart. By the way, implied by Screenshot 08 & 10, you will end up correcting a lot of grammatical mistakes and typos. So be prepared. Again, it is possible that DL PayCart fails to send e-mail messages with download links. So you should be prepared to create download links otherwise. We asked DinkumSoft if it's possible for users to create download links manually. But I doubt that we will receive a reply as it's been 60 hours. Also, be careful when you change administrative username and password. We ended up trashing data 4 or 5 times after changing login information because we couldn't login. The login problem appears to be caused by the default maximum number of characters. If you have a chance, access your database with phpMyAdmin. Locate a table labeled pc_settings and check its structure. (See Screenshot 11.) The field called AdminID may be set to 15. (See Screenshot 12.) If you change your administrative login with more than 15 characters, DL PayCart won't reject the change. So you won't notice that something has gone wrong, and you can keep customizing your shop software. But note that all the characters won't be recorded. You will only notice that something is wrong when you try to login. Whether good or bad, unlike passwords, usernames are not encrypted in the database. (See Screenshot 13.) So you can actually find out what your administrative username is even after entering a username with more than 15 characters. Unfortunately, software README file doesn't mention that one shouldn't enter more than 15 characters.
Another minor problem may occur when a visitor advances to the 'pay now' page. This is when data are inserted, and one can observe your PayPal e-mail address. See Screenshot 14, which shows a PayPal e-mail address used at DinkumSoft.net. Cyber scum groups collect PayPal e-mail addresses and sell them to other criminals for phishing and spam. For example, Screenshot 15 shows a phishing message sent particularly to PayPal users.
We asked the software developer about this risk before buying DL PayCart. The following is his response.
The address is only visible when a person is at the checkout page which is literally only seconds until that customer completes the oreder so it is not an issue.
Literally only seconds? Really? What, after a few seconds, people will be redirected somewhere else? Finally, let me mention that DL PayCart has a potential for mass exploitation. Why are there so many websites using TinyMCE and Moodle are exploited? That's partly because the websites using those scripts can easily be found by search engines. How about DL PayCart? Ask Google about 'dl_paycart.' And you can find hundreds of websites using DL PayCart. (See Screenshot 16.)
The software developer requires that one creates a folder called 'dl_paycart' in which DL PayCart should be installed. What happens if you don't install it without 'dl_paycart'? Everything seems to work fine except that customers will not be sent back to your website to see the thanks page.
Nice:
Bad:
|
Review date: May 6, 2008
We initially wanted a PHP script package that enabled us to allocate a certain amount of bandwith to each visitor. Back in November, 2007, we decided to open more than 5 dozen video tutorials to guests. But we soon found out that Bandwidth Manager wasn't quite suitable for this purpose. However, we've found a different purpose for Bandwidth Manager. There are potential cheaters once in a while who want to cancel their accounts a day or two after payment. Using Bandwith Manager, we can find out if they have downloaded any movies, which is way better than to check the log file to find particular IP addresses. If you log in with an administrative account, you wil lfind 5 tabs at the top. (See Screenshot 01.) The first one from the left says 'current.' It monitors immediate use of bandwith. So if somebody finishes downloading a file, the record will disppear. 'history' shows accumulation of bandwidth use. If you click on 'today,' you can see who (in terms of IP address and/or username) downloaded which file at what time and how many times. (See Screenshot 02.)
Anyway, the problem with this PHP script software is installation. If you decompress the zip file, you will get files and folders. Open a file titled 'INSTALL.' There aren't many instructions to read. (See Screenshot 04.) Basically, it just says that you need to FTP-upload files to your web server, and that's it. In fact, if you read the description of Bandwidth Manager at 12scripts.com, it says "easy script installation." (See Screenshot 05.) So why did I end up spending 4 or 5 days just to install this software?
I installed a few dozen PHP software packages on our websites in the past one year alone. And I can tell you that Bandwith Manager is the first script package in which I couldn't even get to the script installer after spending hours. If you see Screenshot 06, you may not notice that there is something wrong about this picture. Well, we don't use PHP4. This error message went out quickly. But then... We encountered another error message. (See Screenshot 07.)
When a guy named AJ said that htaccess access files that I uploaded might be corrupted, I finally had it and wanted to shouted at him. Then he goes
Probably you don't have a lot of experience with Apache and .htaccess files. (See Screenshot 08.)
Umm... Am I supposed to? I have never claimed that I'm familiar with Apache and htaccess. After paying more than $100, why do I even have to hear this crap? Does the software description mentione Apache or htaccess, by the way? 'INSTALL' doesn't mention Apache or htaccess, either. Then he wrote again subsequently and sugguested that we pay a custom installation fee. (See Screenshot 09.) I didn't even get to software installer and we pay a cutom installation fee? This guy is truly an extortionist. In summary, we strongly suggest that you stay away from this PHP software developer. Nobody should pay for a custom installation fee when in fact he or she cannot even reach software installer. And no PHP software package had caused so much trouble and wasted our time.
Nice:
Bad:
|
Review date: May 7, 2008
Let's see. Why would you need a login system at your website? One good reason for installing a login system is that casual webmasters and Internet users steal digital products through hot links. The following is what happened to us several months ago. We were giving away free web themes for a Mac-only website design application called RapidWeaver. Anyone could download any web theme file with no restrictions. We then found one website (run by a Japanese guy) where they posted links to not our web theme pages but direct link to files themselves so that their visitors wouldn't have to come to our website. We were totally shocked. So we had no choice but to restrict access to the files to members. Another scenario... We have close to 200 videos at YouTube. We found out more than a year ago that some people were posting our YouTube videos at other websites under their names. Actually, using a login system, there are limitations to what you can do to stop people from downloading files at your website. You can force visitors to login before they access a download page. But you can't stop them from directly accessing files if they already know their locations because you cannot embed a PHP code in the files. Anyway, let's see what you can do with websitelogin. If you want to force visitors to log in before accessing a particular webpage, such file must be saved as a PHP file because you insert a PHP code. In other words, you cannot use websitelogin to force visitors to log in when they arrive at HTML or SHTML pages. After installing websiitelogin, all you need to do is to embed a simple PHP code in any PHP file. What code? Just click on the tab that says File Protection. (See Screenshot 01.) Then insert this code at the top of HTML or PHP webpages. (See Screenshot 02.) If you embed this code in .html pages, you need to change the file extension to php.
If you take a close look at the PHP code, you can tell that what's shown there is the absolute location, not a relative location of websitelogin's particular file. That means you can insert the exactly same code in any .HTML or .PHP file to enforce login as long as they are hosted under the same web hosting account. If you finish embedding the code in web pages, then try accessing one of them. And a login page like the one shown in Screenshot 03 should open. If one successfully logs in, then he or she should be redirected to the protected page.
Besides protecting webpages, the software developer claims that you can also protect files as opposed to (PHP) webpages. (See Screenshot 05.) However, we have never been able to get it to work. That doesn't mean it doesn't work. One unique feature of websitelogin is IP Limit. (See Screenshot 07.) Assuming that one paid you to access your website, he or she could still share their account. By confining account access to a particular IP address, you can prevent this user from sharing his or her account. Nontheless, you have to make sure that your users understand they have static IP addresses.
If you are interested in buying this software, don't act yet. You should know that getting support from the software developer will be very difficult. I asked several questions before buying it. (See Screenshot 09.) And they never replied. But I pushed a purchase and received a login account to download software. But I could never log in. They passed me an account that doesn't work. After I e-mailed and told them that I couldn't log in, they finally replied. (See Screenshot 10.)
By the way, where is A Website Login, LLC located? Nobody knows. Check its WhoIs information. And you will find out that their registration profile has privacy protection (annonymous domain). (See Screenshot 11.) Why do they need to hide their domain registration? We should have never trusted anyone using an annonymous domain. And we won't from now on.
Nice:
Bad:
|
