06-23-2009 10:13 AM - edited 06-23-2009 10:14 AM
Well, since no one is responding and I find that strange because I know most people are moving to PHP and most hosting companies offer free PHP over J2EE, why don't you post on a PHP forum.
I'm assuming that you don't know PHP at all? Because you shouldn't need help generating a key -- it's just code -- you need help with the PHP language itself.
I'm sure there are loads of examples on how to use PHP on Google--it just wont be specific to generating keys for App World.
06-23-2009 10:18 AM
I just wrote my own PHP code generator,
so no problem on doing it,
the only problem I have is how to:
- listen the BB store post
- what variable the store post to my server
- what variable I need to reply to the store
- is there some security code between my server and BB store to be sure that this post is generated from the store
and not from another server?
06-23-2009 10:37 AM
There's a document that explains the process:
The parameters it passes are:
You need to return one string back and that is:
Also, set the content-type to:
AND....set the content-length to the length of the entire string you send back, "key=myPHPgeneratedKEY"
This should get you going if you are already familar with PHP.
By the way, there is no security in place to verify the POST came from the server. You could check for the IP address as a small security measure. This can be spoofed, however. Also, don't publish your URL that generates keys.
I hope this helps
06-23-2009 10:57 AM - edited 06-23-2009 11:11 AM
in this way I create a security hole on my server.
can't understand how this is possible.
If someone will find the name of my PHP script it can full fill my database by
simply POSTing new data.
I don't like that way.
A pre-established code between app store and php server should be really useful for security.
PS: What is the URL where I need to reply with "key=somecode" ???
"POST /WHAT_FILE_WILL_LISTEN_MY_POST.php HTTP/1.1\n" .
"Host: www.WHATS_THE_DOMAIN_NAME_OF_BB_STORE.com\n" .
"Content-Type: application/x-www-form-urlencoded\n" .
"Content-Length: " . strlen($data) . "\n\n" .
$data . "\n";
06-23-2009 12:33 PM
As I mentioned. You could also check the IP address. Looking at my database, I'm only getting request from one IP address from AppWorld. If you get anything other than that, then I would reject the request.
You don't POST back to a URL, you just reply to the current request.
Have you created a PHP script to respond with a string before? It would be the same way, but just send the key instead. I wish I knew more about PHP to give you a better answer but you need to start and existing Request/Response example in PHP.
06-23-2009 01:39 PM
you are very kind, I'll look into this...
can you tell me what ip uses BB store please?
do you think that BB store is a good store on where to sell our software?
is there a lot of person who use this store or is only a small store with few people in it?
06-23-2009 01:52 PM
I don't want to put the IP address in the forum but you can send an email to firstname.lastname@example.org and explain what you are trying to do and I'm sure they'll let you know.
Yes. I think the BB store is a good store to sell software. There are other websites selling blackberry software but from my experience, my sales from them have reduced since AppWorld was released. Why would you need to go anywhere else?
There are many customers using this store. Right now if you put a few good apps out there, it can make you not want to work at your day job!!