How do I protect my digital files ?

If you are using an application like PHP-eSeller to sell digital files you need to make sure that your files are secure.

The best way to protect digital files (those files that you are going to sell) is to place them outside the root of your web site.

The root of the web site is normally the public_html folder or the www folder.

When placed ‘below’ these folders, it is not possible for anyone to get to those files using a web url address.

However, some hosts do not allow this, so instead you can protect your files by placing an .htaccess file in the folder.

An example .htaccess file which would do this is:

IndexIgnore *
AuthGroupFile /dev/null
AuthName Downloads
AuthType Basic

 deny from all

This will only work on a Linux type server and not on a Windows server. has quite a good set of examples and gives some good background information on htaccess / htpasswd files

Creating a database user with myPHPAdmin

PHP-eSeller, PHP-SecureArea and PHP-KeyCodes all require a mySQL database and hence require a database username and password. Normally you will interact with the mySQL database using a control panel which will incorporate tools to easily create database and users. These facilities are provided by your web host and will be the best way to create database users.

However, with some web hosts it may be necessary to to create a user using myPHPAdmin.

To creating a user using the myPHPAdmin interface, asuming that you are logged in to myPHPAdmin with full previleges :

In a sql text box enter :

GRANT SELECT, INSERT, UPDATE, DELETE ON eseller.* TO eselleruser@localhost IDENTIFIED BY 'piggy911';

This above assumes that ‘eseller’ is the name of the database, ‘eselleruser’ is the name of the database user and ‘piggy911’ is the password.

This will create a user with select, insert, update and delete previlages which is all that is required for a normal user.

NOTE that to create tables the user needs to have create table privileges which can be given by changing the the sql to

GRANT ALL PRIVILEGES ON eseller.* TO eselleruser@localhost IDENTIFIED BY 'piggy911';

Templates caching with PHP-eSeller

PHP-eSeller can display ‘buy now’ buttons and ‘add to cart’ buttons in a number of different ways.  Buttons can be created by hand and then added to existing web pages or they can be displayed dynamically through a template system.

PHP-eSeller uses the pat template system which includes a caching method to improve the speed of the pages.

When you install PHP-eSeller all you need to do is change the permissions of the template folder ‘tmplcache’ to be set to 777.

When the page is viewed, caching will be implemented and pages will display quicker.  The folder ‘tmplcache’ is part of the installation structure although it is an empty folder.

WordPress 2.6 update

WordPress 2.6 is out now and ready for install.  Here are only some of the improvements WordPress 2.5 has over WordPress 2.6:

  • Word count! Never guess how many words are in your post anymore.
  • Image captions, so you can add sweet captions like Political Ticker does under your images.
  • Bulk management of plugins.
  • A completely revamped image control to allow for easier inserting, floating, and resizing. It’s now fully integrated with the WYSIWYG.
  • Drag-and-drop reordering of Galleries.
  • Plugin update notification bubble.
  • Customizable default avatars.
  • You can now upload media when in full-screen mode.
  • Remote publishing via XML-RPC and APP is now secure (off) by default, but you can turn it on easily through the options screen.
  • Full SSL support in the core, and the ability to force SSL for security.
  • You can now have many thousands of pages or categories with no interface issues.
  • Ability to move your wp-config file and wp-content directories to a custom location, for “clean” SVN checkouts.
  • Select a range of checkboxes with “shift-click.”
  • You can toggle between the Flash uploader and the classic one.
  • A number of proactive security enhancements, including cookies and database interactions.
  • Stronger better faster versions of TinyMCE, jQuery, and jQuery UI.

Download from :

Modifying fckeditor for use in PHP-eSeller

Fckeditor is used in PHP-eSeller as an HTML text editor and provides a powerful easy to use web editor. It is fully described on the web site

The main area of customisation that you may want to implement is defining the toolbar that appears above the text box which is used to enter product descriptions. We have trimmed down the toolbar buttons to make it more manageable and to remove tools that are not required all that often. However, you may want to add back in some buttons which is very easy to do.

Open up the file /fckeditor/fckeditor.js with a suitable text editor.

The toolbar that we use is called FCKConfig.ToolbarSets[“pg_toolbar”].

The default toolbar is FCKConfig.ToolbarSets[“Default”].

If you want to add a button from the default toolbar, just copy it and place it into FCKConfig.ToolbarSets[“pg_toolbar”].

Or if you want all the buttons, rename FCKConfig.ToolbarSets[“Default”] to FCKConfig.ToolbarSets[“pg_toolbar”] and remove the old FCKConfig.ToolbarSets[“pg_toolbar”].

Note that the very last button on the toolbar is used to maximise the editor window which can help if you are doing more detailed work with the html.

Tracking downloads made from your site

If you wish to track downloads or individual clicks on files such as pdf, or word files you can do so using Google analytics.

Adding a small piece of JavaScript to any link will tell Google to track when someone clicks on that link. This works for pdfs, Word documents, email addresses and external links.

It also works if you want to see which two links on the same page are generating more clicks. Even though they go to the same URL, you can tag one link as ‘link one’ and the other as ‘link two’ and Google will track the clicks separately for you.

If you have a WordPress blog, you can instantly tag all links across your blog with the Ultimate Google Analytics plugin. (

A full description on adding the Javascript code to your web page can be found at when you are using the latest version of the tracking code.  If you are using the older of the tracking code version then refer to

Posted in SOE

Number of product items per page

How to change the number of items displayed in PHP-eSeller and in the admin area of PHP-SecureArea.

With PHP-eSeller, if you are using a template driven display and wish to change the number of product items displayed per page then it can be done very easily. If you open up the file /functionscart/content.php in a text editor, you should see near the top of the file some page configuration settings. Similarly, in cart/includes/content.php file you will find configuration page settings which you can change if you are using this as your display.

With PHP-SecureArea, you may wish to change the number of users that are displayed in the admin display. Again this is very easy to do by opening the file a_usersmanage.php in a text editor and looking for the page configuration settings which are a few lines down in the code.

Make sure that you use a text editor such as notepad or a web page editing application – don’t use MS Word. Also, take a backup of any pages before you make changes, just in case.

Title tags and keywords

The title tags of a web page appear to be very important for all search engines.  For each web page create a different title tag that reflects its content but also contains keywords applicable to that page.  Search engines use the title tag as the main link to the page and hence it should contain words that reflect the content.

First write you web page which will contain key phrases.  It is usually better to do this before you look at the critical title tag content.  Once completed, you can write a well defined title line.  However, don’t be tempted to just copy a line of text form the web page, try to create a unique title of up to 10 words.

Blog software like WordPress can make things difficult in that they create the title tag for you out of various combinations of text strings made from the site name, the cateogry or the item title.  To overcome this with WordPress you can use the free SOE Title Tag plug in by Stephan Spencer.  This enables you to create your own title tags and make the pages more search engine friendly.

This can be downloaded at and includes full description and installation.

PHP-eSeller is able to set the title tag of each dynamic shopping cart web page together with a meta description.

Posted in SOE

PayPal and eChecks

An eCheck is when the customer only has a bank account, and not a credit card or additional form of payment to back up their account should their account be overdrawn when PayPal tries to debit it, so PayPal doesn’t pay you for 3-5 days while they wait for the money to transfer.

All withinweb applications (PHP-SecureArea, PHP-eSeller, or PHP-Keycodes) are able to handle Checks and in addition, will automatically send an email to the purchaser informing them that they have paid by eCheck and that there will be a delay before purchase is complete. Once the eCheck has cleared the application (PHP-SecureArea, PHP-eSeller, or PHP-Keycodes) will complete the process in the normal way and send the appropriate emails to the customer all without intervention by yourself.

When we recieve an eCheck purchase we often send an additional email to the customer just to further explain the situation and maintain a relationship with the customer.

In fact there are many situations where there can be a delay in payment being completed. All these situations are automatically handled by applications.

There can be customer service nightmares when people use eChecks in PayPal. Most customers don’t know what it is, and PayPal appears not to warn them. Providing that you inform the customer, there should not be a problem and you can maintain your relationship with the customer.