Home > Features > ASP.net and CCBill • Bookmark   • Newsletters   • Register Search Options

FEATURE

ASP.net and CCBill

ASP.net and CCBill

June 7, 2008
Text size: 
Get XBIZ News
XBIZ Research
Will virtual reality boost the paysite market?
Yes, it will soon
  40.00%
Yes, but in a few years
  37.14%
No
  22.86%
Out of 140 votes. Results based on votes submitted by members of XBIZ.net social network.

" IIS 6.0 [offers] HTTP compression "

I think there is a huge misconception about Windows and what it provides to the adult industry. I am not putting down any code engine such as ASP, PHP, ColdFusion, JSP or even Perl: I say if it works for you then use it; but I also believe it must work very well.

For example, I am the co-owner of a solo-site, www.misswantsum.com. I was originally contacted by the owner because her site was in desperate need of a complete makeover: She was losing members; videos loaded slowly; the photo names and many other file names even had spaces in them. In short, there was a lot of work to do, and in making a deal as a partner, I decided to give her all of my resources.

As her site is selling memberships, we have two credit card processors; one of them being CCBill, which will help to protect a directory or use a database. Since her site is built on ASP.net 3.5, we are now switching over to a full database login system.

The problem was that CCBill only has an ASP script for this type of system, no ASP.net scripts or any documentation. Geez, what shall I do now: am I to switch the site over to ASP, Perl or PHP? That would be a task and-a-half, so instead I wrote a script that works with CCBill using ASP.net and the SQL Membership Provider.

Now why would I use this? Isn't Windows costly? What about ASP.net — isn't that complicated to work with? Don't forget if you want to create an ASP.net website, you will need a database system and it's probably best to get Visual Studio 2008, as well. Wow that's going to be costly and complicated; I guess I better go a different route…

Nothing could be farther from the truth. First ASP.net 3.5 is a free, visual web developer which comes with SQL Server 2005 Express, which is also free and can be used for your development server and production server as well.

Visual Web Developer
VISUAL WEB DEVELOPER


SQL Server and SQL Server Management Studio
SQL SERVER AND SQL SERVER MANAGEMENT STUDIO


So all this stuff is free, but it's still going to be complicated; after all its Microsoft right?

Granted the ASP file that CCBill gave me was complicated in some parts such as the algorithm for MD5 encryption strings to compare against the same encrypted string that CCBill will send to the ASP script they provide.

For one thing, ASP does not have any encryption capabilities built into the engine like PHP's crypt function, so I guess I better stop now and scrap the whole idea I had...

Wrong again: what took about 400 lines of encryption is ASP and about 10 lines in PHP only took one line in ASP.net using MD5.

Ok, but that database stuff is going to get real tricky and that's where a lot of code is going to take place when doing your login system.

Wrong once again: setting up your database using SQL Server 2005 would take about 20 minutes max, and the tables needed for using what's called login controls takes about 30 seconds.


VISUAL WEB DEVELOPER TOOL BOX AND LOGIN CONTROL


The login control uses input validation to verify several things, including blank entries into fields as well as wrong information and "user does exist" messages.



Ok, so doesn't that take a lot of code? Not at all! Here is sample code for the login control:

<form id="form1" runat="server">
<div>

</div>
<asp:Login ID="Login1" runat="server" DestinationPageUrl="~/Default3.aspx">
</asp:Login>
</form>

That's it to do all of the functions that I just discussed.

The other few things needed for your login system to work are located in your web.config file, which is the core file for your web application. For Apache users this could be considered a file that you would use like httpd.conf, .htaccess or .htpasswd.

In this sample code for web.config, we first have our database connection string:

<connectionStrings>
<add name="myConnectionString" connectionString="Data Source=TONYWINXP\SQLEXPRESS;Initial Catalog=hooker;Integrated Security=True" providerName="System.Data.SqlClient"/>
</connectionStrings>

Then we want to let .NET know what type of protection we will be using by specifing this with the following entry in our web.config file:

<authentication mode="Forms">

Next we have our namespaces or classes that are built into the .NET framework:

<namespaces>
<clear/>
<add namespace="System"/>
<add namespace="System.Collections"/>
<add namespace="System.Collections.Generic"/>
<add namespace="System.Collections.Specialized"/>
<add namespace="System.Configuration"/>
<add namespace="System.Text"/>
<add namespace="System.Text.RegularExpressions"/>
<add namespace="System.Linq"/>
<add namespace="System.Xml.Linq"/>
<add namespace="System.Web"/>
<add namespace="System.Web.Caching"/>
<add namespace="System.Web.SessionState"/>
<add namespace="System.Web.Security"/>
<add namespace="System.Web.Profile"/>
<add namespace="System.Web.UI"/>
<add namespace="System.Web.UI.WebControls"/>
<add namespace="System.Web.UI.WebControls.WebParts"/>

<add namespace="System.Web.UI.HtmlControls"/> </namespaces>

Ok so this looks easy; but what about protecting pages outside of the member's directory?

It's as easy as pie. Now that we have our login control we also have other controls called a login view, with two templates: One that will show content to users that are logged in, and another one that will show alternative content to the ones that are not logged in.

Ok that's sounds pretty simple, but what if I go to your site and hit a page that is not the login page; how will your system know what page to send me back to after logging in?

This is already built into the system: As long as that page has the login view control on it the .NET framework takes care of the rest of the work for you.



Here's some sample code for the loginview control along with loginstatus control and loginname control:

<form id="form1" runat="server">
<div>

</div>
Login Status:<br /><asp:LoginStatus ID="LoginStatus1" runat="server" />
<br />
<br />
Login Name:<br /><asp:LoginName ID="LoginName1" runat="server" />
<br />
<br />
<br />
Login view:<br />
<asp:LoginView ID="LoginView1" runat="server">
<LoggedInTemplate>
Hi there thanks for logging in congrats !!!
</LoggedInTemplate>
<AnonymousTemplate>
You have not logged in please do so.
</AnonymousTemplate>
</asp:LoginView>
<br />
<br />
</form>

What are these other controls you ask?

The loginstatus control does two things; if the user is logged in it will show a logout link; if the user is not logged in, it will show a login link.

The loginname control will show the member's username when logged in, so you could greet them by saying "Hi username, welcome to my site."

So where is the code to do this from the database? What you see is it!

Some of you might worry about security, but even though the web.config file is an XML file, it won't load remotely no matter what you do.

I think you're finally getting why I used ASP.net by now and if not well that's ok not everyone likes changing things, but the power of ASP.net mixed in with IIS 6.0 and SQL Server 2005 is unmatched.

ASP.net has over 35,000 classes built into it, that allow users to do everything from creating RSS feeds to manipulating images, making your site bi-lingual, security as shown in this article, Ajax implementation, even controls for tree menus, pop-up menus and something that really makes data retrieval powerful called the data cache.

IIS 6.0 also has something I really like called HTTP compression. SQL Server is very easy to manage and has powerful items built right into it and yes it will work with PHP, JSP, ColdFusion and ASP — the latest and oldest versions of the code engines alike.

But for now you know why I use ASP.net.


PROFILES & BIOS

Xgen Products Celebrates 7-Year Anniversary

In August, Xgen Products celebrated its seventh anniversary with a special promotion. The winner of Xgen’s Lucky 7 raffle, Xgen announced in late July, would win a three-day, two-night trip for two... More »

WIA Profile: Kristi Greer

Each month, industry news media organization XBIZ spotlights the career accomplishments and outstanding contributions of Women in Adult. WIA profiles offer an intimate look at the professional lives of... More »

Q&A: Dorr’s Ivan Ho Discusses Launch of Luxury Toy Line

Dorr made its debut with a sophisticated selection of vibrators and an “advanced intimate toy care system” with a UV light for disinfection. Dorr is a manufacturer, design house, engineering... More »
XBIZ NEWSLETTERS
Stay informed of the latest industry developments. Get XBIZ newsletters delivered to your inbox. Subscribe today!
Enter email address:

* To manage existing subscriptions click here.






POPULAR PRODUCTS & SERVICES
Submit your press release to
multiple news outlets with 1 click.
Subscribe to RSS news feeds or
add free content to your website.
Access XBIZ news and articles
with your mobile device.
Access the latest issues of the industry's leading trade publications in digital form. View online or download for offline viewing.

UPCOMING EVENTS

eroFame

Oct 05 - Oct 07
Hannover, Germany

EXXXOTICA Edison

Nov 04 - Nov 06
Edison, New Jersey

2016 Inked Awards

Nov 05 - Nov 05
Edison, New Jersey

XBIZ 2017

Jan 09 - Jan 13
Hollywood, CA
Everyday thousands of business professionals browse XBIZ's industry directory for quality products and services. Not listed yet? Your company could be losing potential new business. Submit your company today!
Use XBIZ RSS feeds to stay informed of the latest industry developments or as a content syndication tool for your website!