educational

ASP.net and CCBill

Tony Trapp
I think there is a huge misconception about Windows and what it provides to the adult industry. I am not putting down any code engine such as ASP, PHP, ColdFusion, JSP or even Perl: I say if it works for you then use it; but I also believe it must work very well.

For example, I am the co-owner of a solo-site, www.misswantsum.com. I was originally contacted by the owner because her site was in desperate need of a complete makeover: She was losing members; videos loaded slowly; the photo names and many other file names even had spaces in them. In short, there was a lot of work to do, and in making a deal as a partner, I decided to give her all of my resources.

As her site is selling memberships, we have two credit card processors; one of them being CCBill, which will help to protect a directory or use a database. Since her site is built on ASP.net 3.5, we are now switching over to a full database login system.

The problem was that CCBill only has an ASP script for this type of system, no ASP.net scripts or any documentation. Geez, what shall I do now: am I to switch the site over to ASP, Perl or PHP? That would be a task and-a-half, so instead I wrote a script that works with CCBill using ASP.net and the SQL Membership Provider.

Now why would I use this? Isn't Windows costly? What about ASP.net — isn't that complicated to work with? Don't forget if you want to create an ASP.net website, you will need a database system and it's probably best to get Visual Studio 2008, as well. Wow that's going to be costly and complicated; I guess I better go a different route…

Nothing could be farther from the truth. First ASP.net 3.5 is a free, visual web developer which comes with SQL Server 2005 Express, which is also free and can be used for your development server and production server as well.

Visual Web Developer
VISUAL WEB DEVELOPER


SQL Server and SQL Server Management Studio
SQL SERVER AND SQL SERVER MANAGEMENT STUDIO


So all this stuff is free, but it's still going to be complicated; after all its Microsoft right?

Granted the ASP file that CCBill gave me was complicated in some parts such as the algorithm for MD5 encryption strings to compare against the same encrypted string that CCBill will send to the ASP script they provide.

For one thing, ASP does not have any encryption capabilities built into the engine like PHP's crypt function, so I guess I better stop now and scrap the whole idea I had...

Wrong again: what took about 400 lines of encryption is ASP and about 10 lines in PHP only took one line in ASP.net using MD5.

Ok, but that database stuff is going to get real tricky and that's where a lot of code is going to take place when doing your login system.

Wrong once again: setting up your database using SQL Server 2005 would take about 20 minutes max, and the tables needed for using what's called login controls takes about 30 seconds.


VISUAL WEB DEVELOPER TOOL BOX AND LOGIN CONTROL


The login control uses input validation to verify several things, including blank entries into fields as well as wrong information and "user does exist" messages.



Ok, so doesn't that take a lot of code? Not at all! Here is sample code for the login control:

<form id="form1" runat="server">
<div>

</div>
<asp:Login ID="Login1" runat="server" DestinationPageUrl="~/Default3.aspx">
</asp:Login>
</form>

That's it to do all of the functions that I just discussed.

The other few things needed for your login system to work are located in your web.config file, which is the core file for your web application. For Apache users this could be considered a file that you would use like httpd.conf, .htaccess or .htpasswd.

In this sample code for web.config, we first have our database connection string:

<connectionStrings>
<add name="myConnectionString" connectionString="Data Source=TONYWINXP\SQLEXPRESS;Initial Catalog=hooker;Integrated Security=True" providerName="System.Data.SqlClient"/>
</connectionStrings>

Then we want to let .NET know what type of protection we will be using by specifing this with the following entry in our web.config file:

<authentication mode="Forms">

Next we have our namespaces or classes that are built into the .NET framework:

<namespaces>
<clear/>
<add namespace="System"/>
<add namespace="System.Collections"/>
<add namespace="System.Collections.Generic"/>
<add namespace="System.Collections.Specialized"/>
<add namespace="System.Configuration"/>
<add namespace="System.Text"/>
<add namespace="System.Text.RegularExpressions"/>
<add namespace="System.Linq"/>
<add namespace="System.Xml.Linq"/>
<add namespace="System.Web"/>
<add namespace="System.Web.Caching"/>
<add namespace="System.Web.SessionState"/>
<add namespace="System.Web.Security"/>
<add namespace="System.Web.Profile"/>
<add namespace="System.Web.UI"/>
<add namespace="System.Web.UI.WebControls"/>
<add namespace="System.Web.UI.WebControls.WebParts"/>

<add namespace="System.Web.UI.HtmlControls"/> </namespaces>

Ok so this looks easy; but what about protecting pages outside of the member's directory?

It's as easy as pie. Now that we have our login control we also have other controls called a login view, with two templates: One that will show content to users that are logged in, and another one that will show alternative content to the ones that are not logged in.

Ok that's sounds pretty simple, but what if I go to your site and hit a page that is not the login page; how will your system know what page to send me back to after logging in?

This is already built into the system: As long as that page has the login view control on it the .NET framework takes care of the rest of the work for you.



Here's some sample code for the loginview control along with loginstatus control and loginname control:

<form id="form1" runat="server">
<div>

</div>
Login Status:<br /><asp:LoginStatus ID="LoginStatus1" runat="server" />
<br />
<br />
Login Name:<br /><asp:LoginName ID="LoginName1" runat="server" />
<br />
<br />
<br />
Login view:<br />
<asp:LoginView ID="LoginView1" runat="server">
<LoggedInTemplate>
Hi there thanks for logging in congrats !!!
</LoggedInTemplate>
<AnonymousTemplate>
You have not logged in please do so.
</AnonymousTemplate>
</asp:LoginView>
<br />
<br />
</form>

What are these other controls you ask?

The loginstatus control does two things; if the user is logged in it will show a logout link; if the user is not logged in, it will show a login link.

The loginname control will show the member's username when logged in, so you could greet them by saying "Hi username, welcome to my site."

So where is the code to do this from the database? What you see is it!

Some of you might worry about security, but even though the web.config file is an XML file, it won't load remotely no matter what you do.

I think you're finally getting why I used ASP.net by now and if not well that's ok not everyone likes changing things, but the power of ASP.net mixed in with IIS 6.0 and SQL Server 2005 is unmatched.

ASP.net has over 35,000 classes built into it, that allow users to do everything from creating RSS feeds to manipulating images, making your site bi-lingual, security as shown in this article, Ajax implementation, even controls for tree menus, pop-up menus and something that really makes data retrieval powerful called the data cache.

IIS 6.0 also has something I really like called HTTP compression. SQL Server is very easy to manage and has powerful items built right into it and yes it will work with PHP, JSP, ColdFusion and ASP — the latest and oldest versions of the code engines alike.

But for now you know why I use ASP.net.

Related:  

More Articles

profile

Q&A: Paxum CEO Octav Moise Shares the Wealth

Alejandro Freixes ·
educational

S2S Postbacks: Getting Ad Stats in 1 Place

Juicy Jay ·
opinion

Tips to Master Customer Subscription Retention

Cathy Beardsley ·
opinion

A Primer on How to Integrate Paysite Processing

Jonathan Corona ·
educational

Trademark Ruling a Victory for Adult Products, Services

Marc Randazza ·
profile

Q&A: Rich Girls CEO Cristina Enriches Cam Models

Alejandro Freixes ·
profile

Q&A: LiviaChoice Embraces Grand Camming Destiny

Alejandro Freixes ·
opinion

Refined Protocols Reduce STI Risks for Performers

Eric Paul Leue ·
educational

Camming 101: Establish Boundaries to Keep the Fantasy Alive

Steve Hamilton ·
profile

Nikki Night Forges Cam Model Excellence

Alejandro Freixes ·
Show More