Edit XML file on a users computer

I sell digital downloads on my site. These digital downloads are files made up of XML. Once the user goes to install the product they are prompted with a validation of their email which then gets a key from my database and inserts the key in these XML files for tracking purposes. But I have come to learn that users are just going inside of my package contents and just grabbing the XML files completely skipping over the validation process.

In order to prevent file sharing and implement some sort of anti-piracy I have purposely broken these XML files. I went about breaking the XML files in the hopes of forcing them to validate and then after they validate it fixes the XML allowing the files to work. This method has always worked for me but some users macs do not insert in the new XML or the key. I don’t know why and I have even tied to help some of my customers and screen shared with them to see if they had special permissions settings or something different about their mac from my mac. I have found nothing different. The users have the same version of Mac OSX, the most updated software, and no special security settings but still some peoples mac simply will not allow me to write to these XML files.

Has anyone come across this problem or is there something I am missing about Applescript that is not accurate. Is there a reason my code would not work across the board for all macs? Here is my code that I use for file altering.


set p to POSIX path of filePath
set myFile to open for access p with write permission
get eof myFile
if result > 0 then
set theText to read myFile
set eof myFile to 0
write theText & “<!—KEY:” & resultofCURL & "-->" & return to myFile
end if
close access myFile

Hi.

I don’t know why the script isn’t working for your users, but here are some observations:

  1. In the form posted, “<!—KEY:” is in smart quotes, which would obviously prevent the script from compiling.
  2. open for access should ideally be used with a file or alias specifier rather than just a path.
  3. Everything between the open for access and close access lines should be in a try statement, so that in the event of an error, the script will keep going long enough to close the access. It might even be able display an message explaining what was going wrong.
  4. If something’s happening to prevent resultofCurl from being set, that could cause an error in the write line (immediately after the file’s contents have been zapped).

set myFile to (open for access file filePath with write permission) -- Assuming that filePath's an HFS path.
try
	if ((get eof myFile) > 0) then
		(* set theText to read myFile
		set eof myFile to 0
		write theText & "<!--KEY:" & resultofCurl & "-->" & return to myFile *)
		-- Or:
		write "<!--KEY:" & resultofCurl & "-->" & return to myFile starting at eof
	end if
on error errMsg
	display dialog errMsg buttons {"OK"} default button 1
end try
close access myFile

Thanks you very much for the insight. I believe that what I have discovered is just a permissions issue with some users directories. It wouldn’t allow me to write because the directories i was working with had no write permissions. At least that is my theory. I am hoping to get feedback soon and see if my hunch was right.

Could you be more specific?

From a security point of view: object specifiers in general should be avoided when using commands from osaxen in every situation, in any context. But there are more reasons for using a POSIX path over alias or file specifier.

I was vaguely recalling discussions in the AppleScript fora a few years ago. Searching this morning, I’ve found this in the AppleScript Release Notes for Mac OS 10.8:

It specifically refers to sandboxed applications rather than to OSAXen, so maybe it doesn’t apply to the latter. But my own feeling is that it’s better to use specifiers anyway, if only to get into the habit! :wink: And the dictionary entries for the File Read/Write commands do specify “the file or alias to open for access”, “the file reference number, alias, or file reference of the file to close”, etc. Not that that’s anything to go by, of course. :wink:

So what this is saying is that i need to specify that it is a file? Even if i have my path in a variable like:

set myFilePath to "Macintosh HD:Users:me:sample.txt"

Then i use it like this

file myFilePath

When I try to access that file for whatever reason I need to change my code to this:

set p to POSIX path of file filePath
set myFile to open for access file p with write permission
get eof myFile
if result > 0 then
set theText to read myFile
set eof myFile to 0
write theText & “<!—KEY:” & resultofCURL & "-->" & return to myFile
end if
close access myFile

Am I understanding this correctly?

Yes. That’s correct.

No. You can’t use file with a POSIX path (ie. a path with slashes like “/Users/me/sample.txt”). If a POSIX path is what you have, you can turn it into a file specifier by putting POSIX file in front of it:

set filePath to "/Users/me/sample.txt"
set myFile to (open for access (POSIX file filePath) with write permission)
try
-- etc.