Before you attempt to implement this you should read Clickbanks documentation.
For Instant Notification 2.1
Clickbank sends many different parameters in the HTTP POST message for the notification. The items which are of interest for generating licenses are:
ccustfullname Customer full name - if you want to issue named licenses.
ccustemail Custom email - if you want to include an email address in the license.
cproditem Product number - if you are selling multiple products/editions.
ctransaction Transaction type - you should only issue licenses when a SALE is completed.
Clickbank also sends a SHA1 hash value based on the contents of the notification combined with your secret value with Clickbank.
Creating A License
Licenses are created the same way for clickbank as in the generic example. The following code shows a brief summary of the minimum amount of changes that are required to configure the code for Clickbank. Your script will probably require more adaptations to handle different scenarios such as error handling which has intentionally been left out to minimize the amount of code. The code is an adaptation of the generic code.
if (Request.Form("ctransaction") == "SALE" && ipnValid(Request))
string email = Request.Form["ccustemail"];
string fullname = Request.Form["ccustfullname"];
Guid userSerial = Guid.NewGuid();
LicensedUser licensee = null;
//depending on what info you expect to receive you may need to call a different create method
//you may need to check Request.Form["cproditem"] for different editions and products
//send license by email
Verifying The Cipher
C# code for verifying the cipher (code provided by Clickbank). This method should be called before you generate the license to verify that the notification was sent by Clickbank and not a third party attempting to crack your license generation.
/// This method takes the same named post parameters that are sent in the ClickBank Instant Notification Service.
/// True if the ClickBank passed paramter cverify matches the calculated sha1 of the provided data, False otherwise
public static bool ipnValid(HttpRequest request)
string secretKey = "YOUR SECRET KEY";
List ipnFields = new List();
foreach (string param in request.Form.Keys)
string pop = "";
foreach (String field in ipnFields)
pop += request.Form.Get(field) + "|";
pop += secretKey;
string cverify = request.Form.Get("cverify");
byte hashedData = new SHA1Managed().ComputeHash(Encoding.UTF8.GetBytes(pop));