So you have an online 'distant learning’ website, where you teach the lost art of tree pruning.
Being an entrepreneur, you charge your students' credit cards a modest $10 a month. This wasn’t hard at first. You setup an email account, where each month your students would email their credit card number. You would process each credit card by hand, and manually add their usernames and passwords to your database.
But with the global warming scare, your online school is booming. More people than ever are growing trees, and the demand for pruners is shooting through the roof. You can no longer keep up with the monthly task of adding and deleting students to your AuthentiX/WebQuota database, not to mention inputing all of those credit card numbers by hand each month. There must be an easier way to integrate online credit card transactions with your AuthentiX/WebQuota database.
Well, there is!
Today I will show you how to create an automatic integration between AuthentiX/WebQuota and your online credit card clearer, allowing your customers to purchase access to your online content and automatically adding new members to your 'members’ database.
I am assuming that you are using either AuthentiX or WebQuota to password protect your member only content.
Now before you start, you are going to need to choose an online credit card clearer. Make your choice from our recommended online credit card clearers , who have the necessary integration scripts to automate this process.
You might want to consider getting a merchant account from a bank. A merchant account is a guarantee that you accept responsibility for the transactions that are being made on your website. By having your own merchant account, you are bringing the liability and responsibility in house. But you are also saving between 13 and 17% in transaction fees. Simply contact your bank for their merchant account requirements, and what your responsibilities will be with them.
Most online credit card clearer also provide options where they accept the responsibility of a merchant account.
After choosing an online credit card clearer, you must put the appropriate SubscriptiX script in your website directory.
You will need to configure about half a dozen variables into the script. Read the comments (denoted by an apostrophe (') at the beginning of the line) carefully, and adjust the variables to meet your criteria. One common variable is "usingAuthentiXStandard = true". If you are using AuthentiX, then leave this as True. If you are using AuthentiX ISP (most likely if you are on a shared server, you are using AuthentiXISP) then you would change this value to "False".
NOTE: Make sure that the directory is script enabled (meaning that the directory is read and write enabled).
Here is a quick overview of how the integration process works:
1. The user goes to your website. In this case, they are not already a member, so they must purchase access to the online content. They click a link (usually 'Buy Now’) which provides them with an online purchase form. Your online credit card clearer will be able to give you a template of the 'purchase form’.
2. The user fills out the form with their information (including billing address and credit card information), and then clicks 'submit’. This process posts (aka 'gives’) the form to the online credit card clearer.
3. The online credit card clearer ensures that the information is valid, subsequently charging the credit card. Then the online credit card clearer posts the username,password, and expiration date to the SubscriptiX integration script, which you have, by now, put on your website server.
4. Upon receiving the information (username,password, and expiration date) from the credit card clearer, the SubscriptiX integration script adds the new user to the AuthentiX internal database.
5. The next time the user goes to the website, they will gain access by simply typing in their usernames and password (Cookie Based authentication does not require the user to enter in their username/password. They will be allowed access only if they have the correct cookie). When the expiration day comes, their access status is changed within the AuthentiX database.
What are cookies?
A cookie is a small piece of information that's sent to your browser - along with a web page - when you access a particular website. In essence, Cookies are just strings of text, which can be used to identify a webuser when they visit your website. When a cookie "arrives", your browser generally saves this information to your hard drive; when you return to that site, the Web server will request the stored information (aka 'The Cookie'), along with your new request. Cookies that are saved to your hard drive for future reference are know as 'persistent cookies’.
What is cookie based authentication?
Cookie Based Authentication is the process of allowing a web user access to your password protected web content, based upon the cookie that they have on their computer.
Cookies can allow you to offer customized and instant authentication to web users; allowing access to only those web users who have the 'proper’ cookie.
NOTE: If your users are going to take advantage of this authentication method, then their browser must be enabled to accept cookies! Look at the help file of your favorite web browser for more information on enabling cookies.
You can automatically check to see if a user has cookies enabled by writing a cookie, and then checking to see if it is accepted by the user’s web browser. If it is not, then your program should issue a message which lets the user know that cookies are not enabled. Cookie-based authentication also allows you to incorporate various extra features, such as tracking a users web movements, automatically timing out a user's session, and personalizing web pages.
Cookie Based Authentication with AuthentiX
Using AuthentiX, it is very easy to protect your website using Cookie Based Authentication. Let’s go through the steps one by one. The first step is to create a 'login page’. This is a custom page where your visitors will enter in their username and password. You will use standard HTML to create this 'login page’.
The easiest way to create a login page is to copy the example that came with the AuthentiX and/or WebQuota! You can alter this example as much as you like, to match the look and feel of your website - which is a great benefit of cookie based authentication. Look in the ASPocxSamples\CookieLogin-SiteWide subdirectory of the Flicks installation directory for the samples. If you cannot find it, just do a search of the entire server for 'ASPocxSamples'. If for some reason you cannot find it, you can always get these files for free by downloading the free trial version of your software. Free trial downloads can always be found at www.flicks.com.
Map a virtual directory to this directory (ASPocxSamples\CookieLogin-SiteWide).
The login page will look something like this (before you change it to meet your tastes).
Use the following example to create the input boxes for the username and password:
You have created a form with the input variables 'username' and 'password'.
When you hit the submit button, the data which has been inputed into these variables is Posted to the 'loginNow.asp’ page.
The 'loginNow.asp’ is a script that comes with AuthentiX (and WebQuota), which writes the cookie to the user’s browser. If you mapped a virtual directory from your website to the ASPocxSamples\CookieLogin-SiteWide directory, then 'loginNow.asp’ script is ready to go. Otherwise, at this time you will need to copy the entire ASPocxSamples\CookieLogin-SiteWide directory to your website. Make sure that it is a script enabled directory!
So now we've set up the login form. That was fairly easy, wasn't it?
Now it is time to apply this login form to the web directories that we want to password protect.
OPEN AuthentiX or this link for more information.
And that is it! "But wait", you say. "How does this all work?"
When a new visitor comes to your website, they encounter the login page which you just created! Their username and password is compared against the AuthentiX database. If they are valid users, then the 'loginnow.asp’ places a cookie on their hard drive. They can visit any place on your website which recognizes that cookie as valid permission to view the content. You can even set it up so that they can visit another website, as long as that website recognizes the cookie. If they do not have a valid username and password, then the visitor is sent to the 'login’ page again. AuthentiX automatically writes the cookie for you, with the criteria which you stipulate in the Basic/Cookie Dialog Box.