3rd-party account additional allow buyer buyers code configured custom data difference download ejunkie email feature happens help http integration link listed number offer order page parameter post product products receive script server settings single type url view working

Dear EJunkie,

I am a new EJunkie user. I have several "single download" products and one "redirection".
They all seem to be configured and working properly (thanks to your easy to read documentation).

However, the Java servlet I wrote to process the redirection URL seems to receive NULL
for the 'handshake' parameter value. The other parameter values I can extract fine,
with this code:

String handshake = request.getParameter("handshake");
String txn_id = request.getParameter("txn_id");
String username = request.getParameter("custom");
String email = request.getParameter("payer_email");

Only the handshake returns null. Is there something I need to configure in
my account settings in order to get EJunkie to pass me the handshake?

Thanks,
QuoteMan

On further troubleshooting, I find that 'txn_type' also returns null.

I'm speculating that none of the 'Additional Variables' shown on the
Help: Integration page are being passed:
http://www.e-junkie.com/ej/help.integration.htm

Ah, that page documents our custom/3rd-party Integration feature, which is unrelated to our Redirection feature. Integration submits the order data from our server to your script URL via HTTP POST; this happens invisibly to the buyer and regardless of any redirection.

This is the help page you'd want which documents the variables we append to your Redirection URL as an HTTP GET query string:
http://www.e-junkie.com/ej/help.redirection.htm

Thanks for explaining the difference. I understand now - there isn't a handshake for redirection.

Should I be worried about someone trying to invoke my page by pretending to be EJunkie?

More to the point, Redirection necessarily exposes your landing-page URL in the buyer's browser, so they could conceivably share that URL with others who could then visit the URL directly without going through E-junkie first. You might want to set up some custom scripting at your end to verify users are authorized to view the page where you're redirecting buyers.

I'm not a programmer so can't offer specifics, but theoretically I think you could verify that users are arriving at your URL from e-junkie.com, maybe set a cookie in their browser if so, which would allow them to bookmark and in the future revisit your URL directly using that browser if the cookie is still present or, if not, require them to use their E-junkie-issued redirection link, which itself expires after the number of Attempts and (optional) Hours you set for that product.

If you'd require some assistance with that sort of thing, we can recommend the competent, E-junkie-experienced developers listed in our directory here:
http://www.e-junkie.com/ej/developer-directory.htm