educational

ASP.net and CCBill

I think there is a huge misconception about Windows and what it provides to the adult industry. I am not putting down any code engine such as ASP, PHP, ColdFusion, JSP or even Perl: I say if it works for you then use it; but I also believe it must work very well.

For example, I am the co-owner of a solo-site, www.misswantsum.com. I was originally contacted by the owner because her site was in desperate need of a complete makeover: She was losing members; videos loaded slowly; the photo names and many other file names even had spaces in them. In short, there was a lot of work to do, and in making a deal as a partner, I decided to give her all of my resources.

As her site is selling memberships, we have two credit card processors; one of them being CCBill, which will help to protect a directory or use a database. Since her site is built on ASP.net 3.5, we are now switching over to a full database login system.

The problem was that CCBill only has an ASP script for this type of system, no ASP.net scripts or any documentation. Geez, what shall I do now: am I to switch the site over to ASP, Perl or PHP? That would be a task and-a-half, so instead I wrote a script that works with CCBill using ASP.net and the SQL Membership Provider.

Now why would I use this? Isn't Windows costly? What about ASP.net — isn't that complicated to work with? Don't forget if you want to create an ASP.net website, you will need a database system and it's probably best to get Visual Studio 2008, as well. Wow that's going to be costly and complicated; I guess I better go a different route…

Nothing could be farther from the truth. First ASP.net 3.5 is a free, visual web developer which comes with SQL Server 2005 Express, which is also free and can be used for your development server and production server as well.


VISUAL WEB DEVELOPER



SQL SERVER AND SQL SERVER MANAGEMENT STUDIO


So all this stuff is free, but it's still going to be complicated; after all its Microsoft right?

Granted the ASP file that CCBill gave me was complicated in some parts such as the algorithm for MD5 encryption strings to compare against the same encrypted string that CCBill will send to the ASP script they provide.

For one thing, ASP does not have any encryption capabilities built into the engine like PHP's crypt function, so I guess I better stop now and scrap the whole idea I had...

Wrong again: what took about 400 lines of encryption is ASP and about 10 lines in PHP only took one line in ASP.net using MD5.

Ok, but that database stuff is going to get real tricky and that's where a lot of code is going to take place when doing your login system.

Wrong once again: setting up your database using SQL Server 2005 would take about 20 minutes max, and the tables needed for using what's called login controls takes about 30 seconds.


VISUAL WEB DEVELOPER TOOL BOX AND LOGIN CONTROL


The login control uses input validation to verify several things, including blank entries into fields as well as wrong information and "user does exist" messages.



Ok, so doesn't that take a lot of code? Not at all! Here is sample code for the login control:

<form id="form1" runat="server">
<div>

</div>
<asp:Login ID="Login1" runat="server" DestinationPageUrl="~/Default3.aspx">
</asp:Login>
</form>

That's it to do all of the functions that I just discussed.

The other few things needed for your login system to work are located in your web.config file, which is the core file for your web application. For Apache users this could be considered a file that you would use like httpd.conf, .htaccess or .htpasswd.

In this sample code for web.config, we first have our database connection string:

<connectionStrings>
<add name="myConnectionString" connectionString="Data Source=TONYWINXP\SQLEXPRESS;Initial Catalog=hooker;Integrated Security=True" providerName="System.Data.SqlClient"/>
</connectionStrings>

Then we want to let .NET know what type of protection we will be using by specifing this with the following entry in our web.config file:

<authentication mode="Forms">

Next we have our namespaces or classes that are built into the .NET framework:

<namespaces>
<clear/>
<add namespace="System"/>
<add namespace="System.Collections"/>
<add namespace="System.Collections.Generic"/>
<add namespace="System.Collections.Specialized"/>
<add namespace="System.Configuration"/>
<add namespace="System.Text"/>
<add namespace="System.Text.RegularExpressions"/>
<add namespace="System.Linq"/>
<add namespace="System.Xml.Linq"/>
<add namespace="System.Web"/>
<add namespace="System.Web.Caching"/>
<add namespace="System.Web.SessionState"/>
<add namespace="System.Web.Security"/>
<add namespace="System.Web.Profile"/>
<add namespace="System.Web.UI"/>
<add namespace="System.Web.UI.WebControls"/>
<add namespace="System.Web.UI.WebControls.WebParts"/>

<add namespace="System.Web.UI.HtmlControls"/> </namespaces>

Ok so this looks easy; but what about protecting pages outside of the member's directory?

It's as easy as pie. Now that we have our login control we also have other controls called a login view, with two templates: One that will show content to users that are logged in, and another one that will show alternative content to the ones that are not logged in.

Ok that's sounds pretty simple, but what if I go to your site and hit a page that is not the login page; how will your system know what page to send me back to after logging in?

This is already built into the system: As long as that page has the login view control on it the .NET framework takes care of the rest of the work for you.



Here's some sample code for the loginview control along with loginstatus control and loginname control:

<form id="form1" runat="server">
<div>

</div>
Login Status:<br /><asp:LoginStatus ID="LoginStatus1" runat="server" />
<br />
<br />
Login Name:<br /><asp:LoginName ID="LoginName1" runat="server" />
<br />
<br />
<br />
Login view:<br />
<asp:LoginView ID="LoginView1" runat="server">
<LoggedInTemplate>
Hi there thanks for logging in congrats !!!
</LoggedInTemplate>
<AnonymousTemplate>
You have not logged in please do so.
</AnonymousTemplate>
</asp:LoginView>
<br />
<br />
</form>

What are these other controls you ask?

The loginstatus control does two things; if the user is logged in it will show a logout link; if the user is not logged in, it will show a login link.

The loginname control will show the member's username when logged in, so you could greet them by saying "Hi username, welcome to my site."

So where is the code to do this from the database? What you see is it!

Some of you might worry about security, but even though the web.config file is an XML file, it won't load remotely no matter what you do.

I think you're finally getting why I used ASP.net by now and if not well that's ok not everyone likes changing things, but the power of ASP.net mixed in with IIS 6.0 and SQL Server 2005 is unmatched.

ASP.net has over 35,000 classes built into it, that allow users to do everything from creating RSS feeds to manipulating images, making your site bi-lingual, security as shown in this article, Ajax implementation, even controls for tree menus, pop-up menus and something that really makes data retrieval powerful called the data cache.

IIS 6.0 also has something I really like called HTTP compression. SQL Server is very easy to manage and has powerful items built right into it and yes it will work with PHP, JSP, ColdFusion and ASP — the latest and oldest versions of the code engines alike.

But for now you know why I use ASP.net.

Related:  

Copyright © 2024 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More Articles

opinion

Why Cyber Insurance Is Crucial for Adult Businesses

From streaming services and interactive platforms to ecommerce and virtual reality experiences, the adult industry has long stood at the forefront of online innovation. However, the same technology-forward approach that has enabled adult businesses to deliver unique and personalized content to consumers worldwide also exposes them to myriad risks.

Corey D. Silverstein ·
opinion

Best Practices for Payment Gateway Security

Securing digital payment transactions is critical for all businesses, but especially those in high-risk industries. Payment gateways are a core component of the digital payment ecosystem, and therefore must follow best practices to keep customer data safe.

Jonathan Corona ·
opinion

Ready for New Visa Acquirer Changes?

Next spring, Visa will roll out the U.S. version of its new Visa Acquirer Monitoring Program (VAMP), which goes into effect April 1, 2025. This follows Visa Europe, which rolled out VAMP back in June. VAMP charts a new path for acquirers to manage fraud and chargeback ratios.

Cathy Beardsley ·
opinion

How to Halt Hackers as Fraud Attacks Rise

For hackers, it’s often a game of trial and error. Bad actors will perform enumeration and account testing, repeating the same test on a system to look for vulnerabilities — and if you are not equipped with the proper tools, your merchant account could be the next target.

Cathy Beardsley ·
profile

VerifyMy Seeks to Provide Frictionless Online Safety, Compliance Solutions

Before founding VerifyMy, Ryan Shaw was simply looking for an age verification solution for his previous business. The ones he found, however, were too expensive, too difficult to integrate with, or failed to take into account the needs of either the businesses implementing them or the end users who would be required to interact with them.

Alejandro Freixes ·
opinion

How Adult Website Operators Can Cash in on the 'Interchange' Class Action

The Payment Card Interchange Fee Settlement resulted from a landmark antitrust lawsuit involving Visa, Mastercard and several major banks. The case centered around the interchange fees charged to merchants for processing credit and debit card transactions. These fees are set by card networks and are paid by merchants to the banks that issue the cards.

Jonathan Corona ·
opinion

It's Time to Rock the Vote and Make Your Voice Heard

When I worked to defeat California’s Proposition 60 in 2016, our opposition campaign was outspent nearly 10 to 1. Nevertheless, our community came together and garnered enough support and awareness to defeat that harmful, misguided piece of proposed legislation — by more than a million votes.

Siouxsie Q ·
opinion

Staying Compliant to Avoid the Takedown Shakedown

Dealing with complaints is an everyday part of doing business — and a crucial one, since not dealing with them properly can haunt your business in multiple ways. Card brand regulations require every merchant doing business online to have in place a complaint process for reporting content that may be illegal or that violates the card brand rules.

Cathy Beardsley ·
profile

WIA Profile: Patricia Ucros

Born in Bogota, Colombia, Ucros graduated from college with a degree in education. She spent three years teaching third grade, which she enjoyed a lot, before heeding her father’s advice and moving to South Florida.

Women In Adult ·
opinion

Creating Payment Redundancies to Maximize Payout Uptime

During the global CrowdStrike outage that took place toward the end of July, a flawed software update brought air travel and electronic commerce to a grinding halt worldwide. This dramatically underscores the importance of having a backup plan in place for critical infrastructure.

Jonathan Corona ·
Show More