I have an existing eBook that I use as a gateway to a website. So website content is displayed directly in the eBook.
Request
I want to give access to a restricted section (folder) of the website using the eBook. By this I mean the following: I have a userid and password protected folder on the website. I want only those customers who I send a compiled ebook to to have access to this folder. In order to do so I want to be able to pass a userid and password to that folder (essentially log into the folder) from within the eBook. I don't want any user interaction at all other than to click on a link.
Any suggestions? Thanks in advance.
Posted on: 2:51 pm on November 3, 2007
rlemire
Marcusg;
Although advanced solutions using "AJAX", Javascript and WSH (Windows Scripting Host) can be used to design a security system whereby each customer has his own userID and password stored in his registry file. I'd like to suggest a much simpler solution.
If your customer has paid for your eBook, then he should be entitled to all information contained with the eBook (including web content). Therefore your eBooks only need one userID and password (set up as Activ Variables at compile time). For example: If your eBook is called "My Best Secrets" then a build in userID could be "mySecretID" and a password of "LETMEIN".
After a customer buys the eBook it would log onto your web site "secure folder" and use the userID of "mySecretID" and a password "LETMEIN" to access the secure information. All customers who bought the same eBook would use the same userID and password to access the same secure information.
The beauty of this system is that it can be used with a "Try before you Buy" demo eBook so that some information is free. Then, when a customers pays, your eBook can use the built in userID and password to access the restricted information.
Different versions or different eBooks could have different passwords and access different secure folders. And -- because the passwords are "built" into each eBook, they are hidden from the customer so they can't pass them to someone else or be used outside of the eBook itself.
Your gateway "AJAX" website connection code just needs to hand off these built in userID and passwords when it makes the initial connection.
Using such a system allows you to set up folder access with "global" userID and passwords. Then you don't need to bother with keeping track of users or maintaining a user information database with it's associated headaches.
Unfortunately, such a system would not work for a subscription service because you would need to keep track of "currently paid-up" members. If you want to use a subscription service then I'd suggest getting a commercial programmer to setup your security code unless your familiar with "Ajax", Javascript, WSH, PHP and database programing.
Posted on: 9:48 pm on November 4, 2007
Marcusg
Thanks rlemire for your input.
Placing the userid and password details into the eBook will work fine, but the 'protected' pages on the website will show up in Internet Explorer's history listing. This way a person can get access to these website pages without purchasing the eBook.
So I guess I'm looking for a way to pass off these passwords to my website using: '"AJAX" website connection code'.
How is this done?
Thanks again
Posted on: 12:00 am on November 6, 2007
rlemire
Marcusg;
I wasn't aware that site "visited" information was transferred from an Activ E-Book to Internet Explorer's history listing. That might be the case, but without first purchasing the eBook the customer wouldn't have access to the "folder" or the restricted information anyway. Then, after making his purchase, you could say he was eligible to view the information.
In any case, after the initial connection is closed by the eBook, wouldn't your folder security request a password before allowing anyone to access it's information?
The usual way that variables are passed using "AJAX" is with the "GET" method. The variables are sent with the connection URLhttp://mywebsite.com?userID=mySecretID&password=LETMEIN.However, this brings up the possibility of users snagging the variables from the address bar.
A more secure method probably could be devised whereby the "AJAX" handshake sends a "formula" driven variable along with the userID and password. The eBook could send the userID, password and an MD5 code number created by combining the eBook {user} number with the present time (minute or hour).
When the website receives the "Ajax" request it could use a predefined {user} number and the present time (minute or hour) to create a complementary MD5 code and compare the two. If the two MD5 numbers matched then the website code could apply the userID and password to display the restricted content. This procedure would unsure that only the eBook could access the restricted data.
Having dabbled with "AJAX" myself, I know such coding should be possible. As I said in my earlier post however - coding at this level, is very specialized and complicated and it's doubtful that anyone will have a complete solution. It will probably take many hours of effort, time and testing to design an automatic system such as this.
In the end, (depending on your own skill level) you might need to resort to an "online" log-in procedure.
With any business, it is up to the individual owner of said business to ensure the success of the business. You may make more or less than any sample figures or results that might be quoted on our web sites or other publications. All business involves risk, and many businesses do not succeed. Further, Answers 2000 Limited does NOT represent that any particular individual or business is typical, or that any results or experiences achieved by any particular individual/business is necessarily typical.
Disclosure:
Our company's websites' content (including this website's content) includes advertisements for
our own company's websites, products, and services,
and for other organization's websites, products, and services.
In the case of links to other organization's websites,
our company may receive a payment, (1) if you purchase products or services,
or (2) if you sign-up for third party offers, after following links from this website.
Unless specifically otherwise stated, information about other organization's products and services,
is based on information provided by that organization,
the product/service vendor, and/or publicly available information - and should
not be taken to mean that we have used the product/service in question.
Additionally, our company's websites contain some adverts which we are paid
to display, but whose content is not selected by us, such as Google AdSense ads. For more
detailed information, please see Advertising/Endorsements Disclosures
Our sites use cookies, some of which may already be set on your computer. Use of our site
constitutes consent for this. For details, please see Privacy.
Click privacy for information about our company's privacy, data collection and data retention policies, and your rights.
