Hello. A lot of users may use this one on their support forums registrations.
I decided to make a function that checks a purchase using the Envato API, your username, your api key, and the customers “Item Purchase Code” ( they can get this from the license file ) .
I wanted to check it and make sure that it works 100%, but i got banned from the API (“You have been locked out of the API for 1 hour because of too many requests. Please complain to the author of your widget/application.” )
Here is the function. Please test it and tell me if it works well, and also use it as you like in your support forums.
<?php
function envato_verify_purchase($purchase_code)
{
//SETUP THE API DATA
$username = '';
$api_key = '';
//CHECK IF THE CALL FOR THE FUNCTION WAS EMPTY
if ( $purchase_code != '' ):
/*
STEPS IN THE CODE BELOW:
- QUERY ENVATO API FOR JSON RESULT
- DECODE THE RESULT AND TRANSFORM IT FROM OBJECTS TO AN ARRAY
- CHECK IF THERE IS A ITEM TITLE == THE PURCHASE WAS MADE OR NOT
*/
$result_from_json = file_get_contents('http://marketplace.envato.com/api/edge/'.$username.'/'.$api_key.'/verify-purchase:'.$purchase_code.'.json');
$result = json_decode($result_from_json, true);
if ( $result['verify-purchase']['item_name'] ) :
return 1;
else:
return 0;
endif;
endif;
}
?>
This code may fail if they have purchased more than 1 license of the item.
It may also fail because it doesn’t check exactly which item the user has purchased from you. Only that the user has made a purchase from you.
Also file_get_contents on a url may not work on a lot of hosting accounts. Suggest using curl. Possibly try something like this:
$result = false; // have we got a valid purchase code?
$our_item_id = 149180; // check if they've bought this item id.
$username = 'dtbaker'; // authors username
$api_key = 'gphyrdsomething'; // api key from my account area
$url = "http://marketplace.envato.com/api/edge/$username/$api_key/verify-purchase:$code.json";
$ch = curl_init($url);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
$json_res = curl_exec($ch);
$data = json_decode($json_res,true);
$purchases = $data['verify-purchase'];
if(isset($purchases['buyer'])){
// format single purchases same as multi purchases
$purchases=array($purchases);
}
$purchase_details = array();
foreach($purchases as $purchase){
$purchase=(array)$purchase; // json issues
if((int)$purchase['item_id']==(int)$our_item_id){
// we have a winner!
$result = true;
$purchase_details = $purchase;
}
}
// do something with the users purchase details,
// eg: check which license they've bought, save their username something
if($result){
echo 'user has bought our item';
print_r($purchase_details);
}else{
echo 'invalid purchase code';
}
{"verify-purchase":{"buyer":"buyer_id_here","created_at":"Wed Dec 01 05:00:47 +1100 2010","licence":"Regular Licence","item_name":"Your Item Name Here","item_id":"116430"}}
Hi! thanks to @duotive and @dtbaker for the explanation.
My WP theme still in progress and I have a plan to make the Purchase Code as option to enable the updater (Product Serial Number likes).
Some of Themeforest authors give a notification about their purchased theme/plugin(s) have an update from WP dashboard than the buyer have to go to the theme/plugin themeforest page to get the new file(s). Cause of that, I got an idea to make a “setup installation” after theme/plugin activated, than the user must input their Purchase Code > click the Finish button and after that buyer can get the updated files directly on their WP dashbord or Theme option as well.
My question is.
can I use the Purchase Code as Product Serial Number likes?
I wonder what I can do with this function, may be integrating the supports directly from WP dashboard and much more
You’re welcome. I tried to think about that too, but did not do that because of bad ratings that will come with it, because customers will not know how to use it.
The timing for something like this couldn’t be better. I was just wondering how to do this very thing. I am looking into using another tutorial on tuts plus to make a custom logon to my site
I wanted to grab the purchase code and or the persons username for themeforest and have the system check to see if they are a buyer. This would make a fantastic plugin for one of you guys smart enough to code it. I would buy that.
Hi! thanks to @duotive and @dtbaker for the explanation.
My WP theme still in progress and I have a plan to make the Purchase Code as option to enable the updater (Product Serial Number likes).
Some of Themeforest authors give a notification about their purchased theme/plugin(s) have an update from WP dashboard than the buyer have to go to the theme/plugin themeforest page to get the new file(s). Cause of that, I got an idea to make a “setup installation” after theme/plugin activated, than the user must input their Purchase Code > click the Finish button and after that buyer can get the updated files directly on their WP dashbord or Theme option as well.
My question is.
can I use the Purchase Code as Product Serial Number likes?
I wonder what I can do with this function, may be integrating the supports directly from WP dashboard and much more
I’ve started a thread at CC about this topic. The main problem in my opinion is that buyers see the purchase code and their API key
I like the idea with the setup installation but in case your server goes down it will bring you a bad reputation though
Hi! thanks to @duotive and @dtbaker for the explanation.
My WP theme still in progress and I have a plan to make the Purchase Code as option to enable the updater (Product Serial Number likes).
Some of Themeforest authors give a notification about their purchased theme/plugin(s) have an update from WP dashboard than the buyer have to go to the theme/plugin themeforest page to get the new file(s). Cause of that, I got an idea to make a “setup installation” after theme/plugin activated, than the user must input their Purchase Code > click the Finish button and after that buyer can get the updated files directly on their WP dashbord or Theme option as well.
My question is.
can I use the Purchase Code as Product Serial Number likes?
I wonder what I can do with this function, may be integrating the supports directly from WP dashboard and much more
I’ve started a thread at CC about this topic. The main problem in my opinion is that buyers see the purchase code and their API key
I like the idea with the setup installation but in case your server goes down it will bring you a bad reputation though
I agree with you, it makes sense that the username and API should be the buyers, but it would have been nicer if the username and API is ours and only the purchase code to be required from the buyer. Some buyers might not even know where to find the API KEY or what is that
Perhaps Envato will come up with a new API which will allow us to do what we need, especially the updates part
the username and the api-key is ours, and only the purchase code is the clients ? Because that would be great when it comes to having a download link to your items for the buyers ( if they provide the purchase code )
But is it safe to provide such a link ? Of course using PHP and not JS.
The item isn’t a wordpress plugin or theme but I guess this doesn’t matter
Yeah, already tried that Same result on my end Sad because I was thinking of implementing something like that on my new website, a backend for my buyers where they can download their purchases ( what they brought from me ) and get support and etc.
But as someone here mentioned, some users are not comfortable providing their username and API keys. So we’ll have to wait for a better API
It seems that there’s some confusion about the download-purchase vs verify-purchase API methods.
download-purchase is for buyers to generate their download link for a purchase. This method requires the use of the buyer’s username and API key.
verify-purchase is for sellers to retrieve details about a purchase. This method requires the use of the seller’s username and API key.
Hope that clears things up!
David
That’s what I thought, I mean it makes sense to be that way, but it would have been nice if there was a way to provide a download link without the client’s API, a download link for my items only per say, only what he / she purchased from me, not all his downloads.
Also, another good thing would be if there were some info on the updates in the API, a way to inform the clients that we updated our items.
I’m surprised why buyers should enter all that information when the purchase code verifies the purchase already. Furthermore it’s more complicated to explain them where to find their API key and what is it for.
The only reason why all that info is required is because someone could guess a correct code but that’s really implausible.
Much better would be a download with only the purchase code for the next API update or I have to use my own implementation
(“You have been locked out of the API for 1 hour because of too many requests. Please complain to the author of your widget/application.” ) 
Sad because I was thinking of implementing something like that on my new website, a backend for my buyers where they can download their purchases ( what they brought from me ) and get support and etc.
yep needs buyers api key and their licence code. how strange!