控制试用订阅的访问 [英] Controlling Access for Trial Subscription
问题描述
我的任务是建立一个系统,使我们公司中的某人可以发送一封电子邮件,其中包含指向pdf文件的链接,该链接将保存在我们的网络服务器上.收件人可以点击链接查看我们通常出售的新闻通讯.想法是我们进行三个月,然后看看他们是否愿意继续并支付全部订阅费用.
I've been tasked to build a system that allows someone in our company to send out an email with a link to a pdf file that will be kept on our webserver. The recipient can follow the link to view a newsletter we normally sell. The idea is we do this for three months, then see if they'd like to continue and pay for the full subscription.
我已经建立了注册部分,但是我试图找到发送电子邮件的最佳解决方案.这就是我的想法,但是如果有人有更好的东西,我会很感兴趣.
I've got the registration portion built, but I'm trying to find the best solution for sending the email. Here's what I've thought of, but am interested if anyone else has something better..
1)通过电子邮件发送时,生成通用代码并附加到URL.该用法将跟随该URL,并且将检查我们的数据库中是否存在确定"的条目,并通过/失败它们的访问权限.似乎可以,但是可以传递链接,甚至可以将链接加载到任何人都可以访问的公共站点.
1) When emailing, generate a generic code that gets appended to the URL. The use would follow the url, and it would check our DB for "ok" entries and pass/fail them access. This seems ok, but a link could be passed around or even loaded to a public site where anyone could access.
2)为了扩展上述内容,我想我可能会遇到一次性单击"之类的事情,一旦我知道该链接被单击,它可能会失效,因此以后的任何单击都会失败.不利的一面是,如果他们单击以查看并关闭其窗口,就完成了.同样,如果他们单击并在下载完成前计算机崩溃,它们也会被锁定.我不知道是否有一种方法(对我而言适用于PHP)确认文件下载已完成...
2) To extend the above, I thought maybe I'd have a "one time click" kind of thing where once I know the link was clicked, it could expire, so any subsequent clicks fail. The downside is if they click to view and close their window, they're done. Likewise, if they click and their computer crashes before download completes, they'd be locked out as well. I don't know if there's a way (in PHP for me) to confirm a file download has completed...
3)我可以将文件放在/trials/201009/r@nDomstr1n6.pdf这样的目录中,在该目录中文件已上传并且链接的名称是随机的,因此很难猜测.然后,我可以使用.htaccess使用不同的密码保护每个月的文件夹.这可能会很乏味,并且最有可能使用户烦恼.
3) I could put the files in a directory like /trials/201009/r@nDomstr1n6.pdf where the file is uploaded and the name for the link is random so it would be hard to guess. Then I could use .htaccess to protect each month's folder with a different password. This could get tedious and would be annoying for users most likely.
我们不想强迫他们管理自己的密码,因为b/c必须登录并记住另一个帐户可能会阻止参与.
We don't want to force them to manage their own passwords b/c having to login and remember yet another account may discourage participation.
感谢任何想法或建议. D.
Thanks for any ideas or pointers. D.
推荐答案
我想对每个电子邮件地址使用随机代码进行身份验证,并在5天后过期.如果您限制访问首先打入url哈希的ip,那么它也可以工作,但可以使合法的用户/客户受益匪浅.
I'd say do it with a random code for authentication per email address, and expire that after 5 days. If you limit access to the ip that first hit the url hash, that could work too but could iconvenience legitimate users/customers.
在任何情况下,如果需要,合法用户都可以轻松地请求新的身份验证代码.这样,即使您的任何限制给您的潜在客户之一带来了不便,他们也不会因此受到影响.
In any case make it easy for legitimate users to request a new authentication code if needed. That way even if any of your limitations inconvenience one of your potential customers, they will not be as ticked off about it.
最后,请考虑一下,如果他们喜欢pdf并希望共享它,那么他们很可能会立即共享pdf本身,而不会打扰链接.
Finally, consider that if they like the pdf and want to share it, they will probably just share the pdf itself right away and not bother with a link.
这篇关于控制试用订阅的访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
