Delivering full versions of game..

Discussion in 'Indie Basics' started by Bouncer, Jan 20, 2006.

  1. Bouncer

    Original Member

    Joined:
    Mar 3, 2005
    Messages:
    64
    Likes Received:
    0
    I may start to sell my game in some point, so I'm investigating several options to distribute the full version...

    Scenario:

    1. User buys my game thru BMT / plimus etc...
    2. He recieves NOT a full version download link, but a link (with username and password) to members area of the site, where he can download the newest full version of the game and levelpacks etc...

    Now to the question:
    I don't currently understand a lot about selling online, so is it technically possible to make a new user account "on the fly" for every customer?
    I would like every user to have his own randomly generated username and password to access members area on my server. Could this be automated? Does anyone of you do it this way currently?

    Providing the link to full version for one time download is not the answer in this case, because I want the users to be able to download future updates / extras easily...

    Sorry for such a newbie questions, but I would really like to know some technical details if you do something like this with your game.

    Thanks.
     
  2. AVataRR

    Original Member

    Joined:
    Aug 19, 2004
    Messages:
    75
    Likes Received:
    0
    All that is technically possible. But your plan sounds like an awful lot of IT work. And since you had to ask those questions, you probably don't know much about the web technologies that would enable you to do those things. My advice is, put your plan in the back burner and think of something simpler in the mean time.

    But if you're intent on going ahead. You should look at PHP, Python and mySQL.

    For the sake of sharing, I did a similar thing for my game. The full version is available for download to everyone from the download page. The user doesn't need to back up their copies and they're able to download any new versions that might come up in the future. All they need is a valid license key and they're good to go.
     
  3. Tertsi

    Indie Author

    Joined:
    Nov 4, 2004
    Messages:
    513
    Likes Received:
    0
    I've done that with Battles of Norghan except BMT also sends them a normal download link with the download area access link.

    It shouldn't take too long to figure out how you can do it even if you don't know PHP.
     
  4. Bouncer

    Original Member

    Joined:
    Mar 3, 2005
    Messages:
    64
    Likes Received:
    0
    Thanks. I'll look into php and start practicing that stuff soon when I lease my own serverspace...
     
  5. Indiepath.T

    Original Member Indie Author

    Joined:
    Sep 4, 2004
    Messages:
    329
    Likes Received:
    0
    You could invest in a DRM solution from ActiveMark or Digital River OR....

    If you want to go the route where they download the full version after paying then you could look at eSellerate, who we use, they will host the files for you and provide your customer with links to download the game.
     
  6. Sybixsus

    Original Member

    Joined:
    Aug 2, 2004
    Messages:
    959
    Likes Received:
    0
    Might it not be better to have the username as the email address they used when purchasing? It makes it harder for them to forget, and you can always have an option in your control panel to let them change it if they change email addresses.
     
  7. ErikH2000

    Original Member

    Joined:
    Aug 3, 2004
    Messages:
    681
    Likes Received:
    1
    Yeah, I agree. It's best to put away the hackerosterone and admit that this is a larger project. We've done it. It works. But there are some surprises that will make the workload blossom before your eyes, i.e.:

    * You have to write the code that recieves order information from the payment processor notification and verifies it. The payment notification is all documented and easily available. It's easily available to hackers too, so you need to come up with some code to protect against someone sending a forged HTTP notification to your server to get access to the download link.

    * You have to store the account in a database or something persistent. What if a customer orders a second product from you? Then you probably want to not create a second account for them, but instead reuse the first one. What is it that tells you that it is the same customer? There is no reliable information in the order that can be used, so you'd need a web interface to fork for new or existing customers. And for existing customers, they need to be able to choose which account is their's and enter their password to prove it is them.

    * People's e-mail addresses change over time. If the account settings will be used for any kind of continuing communication with the customer, you need an interface for them to change their e-mail address.

    * Do you have any kind of protection on the download links? If you don't, then some l33tster will drop your link on a wares forum someplace and your server will conveniently supply full version copies to all takers.

    * So then you check IP addresses on the download link and limit the count of available downloads to prevent sharing of download links. Then somebody uses a download manager, and that PHP gets hit with a hundred requests at once and brings your server to a crawl.

    Those are just examples that come to mind of issues that can come up. If you end up making one of these things, spec it out really well before starting or you'll waste time and miss important functionality.

    -Erik
     
  8. Bouncer

    Original Member

    Joined:
    Mar 3, 2005
    Messages:
    64
    Likes Received:
    0
    Thanks for bringing up really good points ErikH2000! I have to think very carefully what kind of system to make...

    It seems that all distribution systems have some flaws... It's hard to choose which way to go...

    If you have any suggestions what kind of system I should build, considering I'm pretty noobie in web/server tech... Feel free to suggest! It should ofcourse be hacker safe and easy to setup ;)

    Thanks.
     
  9. lexaloffle

    Indie Author

    Joined:
    Jul 27, 2004
    Messages:
    207
    Likes Received:
    0
    Here's my system:

    1. User buys the game from BMT Micro and gets a download link for the most recent version as usual.

    2. I keep a simple database on my server which contains just the email and purchased games for each user. Every now and then I merge all of the user lists (they come from different places) and reupload the database.

    3. When a new version of the software is released, the user can type their email address into a webpage which then mails them customised download links for all of the games they own.

    --

    Step 2 should be automated, but it hasn't been much of a problem so far.

    Step 3 was to avoid having log-in style user accounts for simplicity. I figure a lot of users use the 'I've forgotten my password' type button, so why not cut out the password step and mail them what they're after directly.
     
  10. MrGoldfish

    Original Member

    Joined:
    Jul 28, 2005
    Messages:
    50
    Likes Received:
    2
    I like the idea of a customer having an 'account' with all the products they've purchased being assigned to that account. Just log in, go into your account and download the product you want. If they havn't bought a product then it doesn't show up in their account and therefor is unavailable to download.

    PHP and mysql would be perfect for creating a system like this. The only hard part would be knowing which products to activate for which user.
     
  11. AVataRR

    Original Member

    Joined:
    Aug 19, 2004
    Messages:
    75
    Likes Received:
    0
    just have a secondary table linking products and users, and that's it. simple. the hard parts will come with account and identity verification.
     
  12. Tom Cain

    Indie Author

    Joined:
    Jul 27, 2004
    Messages:
    284
    Likes Received:
    0
    I just finished setting up a system similar to Joseph's above:
    • User submits email address
    • Server validates it against the order database
    • Server creates and stores a unique, random ID
    • Server sends email with the ID embedded
    • User clicks link in email
    • Server validates embedded ID and marks as used
    • Server delivers file
    I thought about an account system for a long while, then opted for this method instead. It is easier for me, easy for the user, and helps prevent malicious people from abusing the system.

    The emailed link with ID only works one time, so posting it online doesn't do any good. Account login info can't be posted online because there isn't any. And posting the email address online won't work because the owner of the address is the only one who sees the validated link.

    If someone figures out a way to automate it, the system tracks download frequency and can shut off an email address until it is manually reviewed.

    I'm sure it will need tweaking over time but I like how it has turned out so far.
     

Share This Page

  • About Indie Gamer

    When the original Dexterity Forums closed in 2004, Indie Gamer was born and a diverse community has grown out of a passion for creating great games. Here you will find over 10 years of in-depth discussion on game design, the business of game development, and marketing/sales. Indie Gamer also provides a friendly place to meet up with other Developers, Artists, Composers and Writers.
  • Buy us a beer!

    Indie Gamer is delicately held together by a single poor bastard who thankfully gets help from various community volunteers. If you frequent this site or have found value in something you've learned here, help keep the site running by donating a few dollars (for beer of course)!

    Sure, I'll Buy You a Beer