Berkeley CSUA MOTD:Entry 52961
Berkeley CSUA MOTD
2021/10/17 [General] UID:1000 Activity:popular

2009/5/6-14 [Computer/SW/Languages/Perl, Computer/SW/Languages/Web] UID:52961 Activity:kinda low
5/6     I'm sure you've seen web sites that distribute software by making
        a user fill out a form and then e-mailing the user a randomly
        generate link to the software that works just once. What software
        is used to do this? I'd like to distribute software in such a way.
        \_ "Software"?  What web server/web application environment
           are you using?
           \_ Yes, software. Like let's say I have a software package I am
              distributing and it's a tar.gz. Right now people just
              download it, but I'd like to use one of these more
              sophisticated systems to track who downloads it and give
              them a link that works just once. I can use whatever web
              server or environment will do the job.
        \_ Uck.  Those types of links suck.  Please don't.
           \_ What sucks about it? I never had any issues with these. It is
              not acceptable to publish a publically accessible link, so
              what do you suggest instead?
        \_ I've never downloaded softward this way, but I have downloaded
           a secured copy of my tax return from my CPA this way.  They use
           something from LeapFILE.   -- yuen
           \_ I'll look into it, thanks. Any other suggestions? I am surprised
              most of you have never dealt with this. It's really common
              when downloading commercial software like compilers and such.
              \_ It's something I could build in an afternoon, and by
                 doing it myself it would be a lot easier to integrate with
                 all my existing deployments.  Sometimes it's just easier to
                 write it yourself.
                 \_ It's usually a lot more trouble to write it yourself.
                    Then you get to maintain it, too. These hacks are
                    always simple upfront and evolve into headaches later.
                    Seems a lot of people use PHP + MySQL for this and
                    continually reinvent the wheel, which I think is silly. A
                    perl module sounds like a good idea. It's also a lot of
                    baggage for something so simple. I need to install a
                    *database* and a scripting language just for this? Just
                    installing PHP will probably get me hacked.
                    \_ Gee, you already have a scripting language, it's
                       called perl.  You are going to need a database of some
                       sort no matter what.  (It doesn't need to be mysql
                       or a relational database, but you are going to need
                       some sort of data store.)  A perl module doesn't make
                       sense.  If (token in store) then (remove token and
                       serve application).  How hard is that to write?
                       \_ perl module makes a lot more sense than PHP to me.
                          You also don't really need a database of any kind.
                          Why for? You can do fancier things with a DB,
                          but it's not really needed. All you need is to
                          be able to do is generate a random URL and keep some
                          counters. It's not a matter of "how hard is that
                          to write" as it is that I'd rather spend $50 for
                          an app to do this than spend $100/hour for a
                          developer to write and maintain this, even if he
                          spends just 10 hours/year on it.
                          \_ Because you are forgetting the time to
                             install/set up the damn app in the first place.
                             That takes time too.
                             \_ Yes and it will have to be setup and installed
                                no matter if I write it or buy it. So that's a
              \_ curious, why go to the trouble?  What's to stop someone from
                 replublishing the software on their torrent site of choice,
                 unless you're also watermarking the software image, ni effect
                 customizing the copy for the downloader ?
                 \_ CYA. If someone else publishes it then they are the ones
                    that will go to jail. Whereas, if I publish it to the
                    world then it will be me in jail.
                 \_ There's a legal aspect to it. If I have a one-time link,
                    I can make sure you only get the software after you've
                    agreed to my license agreement. If you can download the
                    software without clicking through the license, you can
                    argue that you're not bound by the license.
                 \_ You might also want to avoid people being able to
                    "deep link" to the software, thereby depriving you of
                    ad revenue. The place I work for is in this situation.
                 \_ He wants to collect email addresses.