Secure binary questions - Xojo Web newbie

First, I never ventured using Xojo Web but I may have a need for this now.
I am going to release a huge update of one of my apps and current users will be able to upgrade at 50% discount.
In the past I asked those customer to send me a mail with there current email used to buy a license. After manually checking this, I send the customer a mail with a payment link. This is incredible time consuming. :slight_smile:

Maybe Xojo Web can help me here.
I was think of making a web page that asks for the email and license key, checks the license key and then show a payment button when valid.
I would add all current licenses keys (+28000) in the app itself or a .txt file that I would read from.

Now, is this secure enough? Or are all those licenses in the wild when I use Xojo own cloud service? Is Xojo Web created binaries save enough?
Any thoughts?

How much checking do you need to do?

In the past I simply sent the existing users a link with the coupon code already included. The coupon code was set for “one time per email”. I don’t think that this was abused.

If you aren’t familiar with webapps you should get at least an overview over the security. The database or text file shouldn’t be available directly - as far as I have learned in the webinars I have watched.

I use Paddle and not sure I can create a coupon code set to ‘on time per email’. Will check that asap.

Any other thoughts about using Xojo Web for this kind of checking?

Load them in an encrypted SQLite database. Do your check by querying it.

I could do this but sadly I have never used SQL. Not sure learning SQL for this little tool I need is a good idea. :slight_smile:

So I prefer a more simple method like a plain text file or putting all data in the web app itself.

I don’t want to be harsh Christophe. But if you don’t see a use case for SQL here, you will never see it.

The task you describe here could as well come from a SQL learning book. Storing and accessing data fast IS SQL.