Wrox Programmer Forums

Need to download code?

View our list of code downloads.

| FAQ | Members List | Search | Today's Posts | Mark Forums Read
BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0
This is the forum to discuss the Wrox book ASP.NET 2.0 Website Programming: Problem - Design - Solution by Marco Bellinaso; ISBN: 9780764584640
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0 section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
 
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old September 2nd, 2007, 08:39 AM
Friend of Wrox
 
Join Date: Sep 2003
Location: Copenhagen, , Denmark.
Posts: 143
Thanks: 0
Thanked 1 Time in 1 Post
Default Captcha + E-mail with link verification

Hi guys,

I've been working my way through the book, but already decided I will drastically make a bunch of changes.

The majority of those are because my site will not just be an interactive portal, but also a database for a MMORPG. So I want to have forums, as well as a database with items, bestiary, various services for people with ingame business and what not.

I want the whole site to be accessible with a single login, but I also want the signup to be a little more secure than it currently is.

I'd like to at the very least expand the signup process by inserting a Captcha, and to add a process where the user receives a link through e-mail that they have to confirm within, say, 24 hours.

Maybe any of you have any experience with this? Would you recommend using the aspnet_ tables that are used for the signup process, and expanding those, or just to create my own code and tables to handle stuff like that?

I'm proficient at SQL, so that bit shouldn't be a problem. It's more the ASP.NET stuff I'm still learning lots about :)

Thanks in advance for your help.

Peter

P.s. If you ever need a script to automatically write CRUD procedures for you, feel free to check my developer blog at http://entropia-online.blogspot.com/. I recently added a script that does this for you. It's free (though licensed). Feel free to leave comments if you have any :)

__________________
http://entropia-online.blogspot.com/
  #2 (permalink)  
Old September 2nd, 2007, 01:22 PM
Registered User
 
Join Date: Aug 2007
Location: , , .
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
Default

So it seems your main questions are regarding CAPTCHA if I'm reading you correctly.

If you're looking for a good and relatively easy to use commercial CAPTCHA, Lanapsoft is one I'm familiar with and would recommend, if only for my familiarity with it, having used it in a prior project. If you want to go the alternate route and go "open source" Brainjar on CodeProject has what seems to be a good one. You can make up your own mind as far as which way to go, some searches in Google and CP and SourceForge and the like will show you numerous possibilities as far as CAPTCHA. It's not a panacea in any way and care needs to be taken that the prospective member doesn't think that it's too much of a "pain in the gluteus maximus" to deal with.

Reading thru your e-mail again you say:
Quote:
quote:I'd like to at the very least expand the signup process by inserting a Captcha, and to add a process where the user receives a link through e-mail that they have to confirm within, say, 24 hours.
In my mind, you want to have certain levels of verification. Something like this process (as an example):
1. User decides to sign up
2. Site takes User to sign up page/dialog
3. User fills in required data (including CAPTCHA "answer")
4. User receives e-mail asking for verification that they are the ones that requested to be signed up. They have 24 hours to respond to the link.
5. User replies to e-mail
6. Admin part of system (either automated, manual, or semi-automated) makes them a "Member"

That's a very brief overview I'll admit it has no "error handling" (mistakes in CAPTCHA etc.) also it does not speak of database interaction, but you said you get the SQL side of it so I won't go into it here.

If you really think about it, all CAPTCHA is is an image, a text box, and a submit button.

I hope that at least helps answer some of your questions, and doesn't muddy things to much. Sending the CAPTCHA, as you seemed to indicate, thru e-mail, seems way to much of a burden on both the system and the user.

Again hope that helps,
Christopher
  #3 (permalink)  
Old September 2nd, 2007, 02:21 PM
Friend of Wrox
 
Join Date: Sep 2003
Location: Copenhagen, , Denmark.
Posts: 143
Thanks: 0
Thanked 1 Time in 1 Post
Default

Christopher,

Thanks for the reply. I did mean I want to take the route you described, yes. Mailing the user a captcha would indeed be silly.

What I mainly see as the problem is the generation of the captchas, but I'll be sure to check out your suggestions :)

The main question I have is whether to use the "provided" aspnet-authentication tables, or whether to handle more myself (so I can add the link verification to the E-mail etc).

Thanks.

Peter

http://entropia-online.blogspot.com/
  #4 (permalink)  
Old September 3rd, 2007, 04:35 AM
Friend of Wrox
 
Join Date: Mar 2007
Location: Creetown, UK
Posts: 488
Thanks: 2
Thanked 11 Times in 10 Posts
Default

Peter,

I popped over to your blog and posted the following message:

Hi, just thought that i'd mention a link to the flixon template library. this is something that i've been involved in the final stages of and may be of interest to you. basically, it's a templated application that outputs the whole class stucture (BLL and DAL) of your tables in the same format as the beerhouse, as well as creating basic CRUD aspx pages which can be used either to test the data or as a starting point for that 'data's use within your website.

I now use it exclusively and have found it to be invaluable in getting the main class coding done in an efficiant and foolproof fashion. if you want to take a look (and use the app - it's freeware), you can download it from:

http://www.flixon.com/site-generator

give it a whirl, i think it'll be a nice augmentation to your CRUD app.

jimibt


jimi

http://www.originaltalent.com
  #5 (permalink)  
Old September 3rd, 2007, 06:32 AM
Friend of Wrox
 
Join Date: Mar 2006
Location: , , Portugal.
Posts: 310
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
quote:Originally posted by ViagraFalls
The main question I have is whether to use the "provided" aspnet-authentication tables, or whether to handle more myself (so I can add the link verification to the E-mail etc).
Hello!

I think that you can use standard asp.net tables for authentication and make few changes in order to send an verification email.

check this:

http://www.aspcode.net/Requiring-ema...-accounts.aspx

Good luck

BTW, for which MMORPG is the site for?

  #6 (permalink)  
Old September 3rd, 2007, 08:38 AM
Friend of Wrox
 
Join Date: Sep 2003
Location: Copenhagen, , Denmark.
Posts: 143
Thanks: 0
Thanked 1 Time in 1 Post
Default

Hi Jim, and thanks :) I will be sure to check that out when I get home tonight.

The strange thing is that I don't see your comment on my blog. Will have to see if I misconfigured something somewhere. Will also do that tonight.

Maxxim - Thanks. I did find that link afterwards. Will look into it, but that does indeed seem the easiest way to do things. I figure I'll just automatically put Verified to 0, store a GUID + e-mail address in a temporary table and have the extra page set Verified to 1, and flush the row from the temporary table (with either a scheduled job fluhsing all 'expired' entries from the temporary table, or using a SQL job to do that for me every hour (if my hosting provider allows me to)).

Regarding the CAPTCHAs, I found an excellent article on 4guysfromrolla http://aspnet.4guysfromrolla.com/art...5-1.aspx<br /> referring to a free user control I think I will use .

I'll get to work on it tonight, and if I succeed in implementing both, I'll make another post to my blog, in case anyone else wants to use the techniques :)

Oops. The game is Entropia Universe (formerly Project Entropia).

Cheers,

Peter

http://entropia-online.blogspot.com/
  #7 (permalink)  
Old September 3rd, 2007, 11:13 AM
Authorized User
 
Join Date: Jul 2003
Location: Ogden, Utah, USA.
Posts: 31
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via AIM to Tremmorkeep Send a message via MSN to Tremmorkeep Send a message via Yahoo to Tremmorkeep
Default

I found a great article in CodeProject.com for a Captcha..you can download the project, and this way you can create your own jpg images for captcha, and distort them how you want. its a good read. I found it just googling for C# captcha
  #8 (permalink)  
Old September 3rd, 2007, 11:38 AM
Registered User
 
Join Date: Aug 2007
Location: , , .
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
Default

:-) Which article is it?
  #9 (permalink)  
Old September 3rd, 2007, 03:13 PM
Friend of Wrox
 
Join Date: Sep 2003
Location: Copenhagen, , Denmark.
Posts: 143
Thanks: 0
Thanked 1 Time in 1 Post
Default

I've tried at least enabling the e-mail verification, but ran into some SMTP trouble. Solved that, but the mail verification will have to wait till tomorrow.

Oh, and I also figured out why I didn't see any comment. I'm a noob when it comes to Blogger, and I somehow enabled Administration for comments. The comment fron Jim now shows properly. The link you posted looks interesting, indeed. I don't suppose I could have a peek at (some of) your source code? I intend to consistently use an extended GridView class on the site, which will enrich the user experience in many ways. Not sure if your code would support that?

Again, thanks for your help, everybody :) I'll keep you guys updated, and will definitely put the changed source code online once I manage to figure out all the kinks etc.

http://entropia-online.blogspot.com/
  #10 (permalink)  
Old September 3rd, 2007, 04:15 PM
Friend of Wrox
 
Join Date: Mar 2007
Location: Creetown, UK
Posts: 488
Thanks: 2
Thanked 11 Times in 10 Posts
Default

Quote:
quote:Originally posted by ViagraFalls
 The comment fron Jim now shows properly. The link you posted looks interesting, indeed. I don't suppose I could have a peek at (some of) your source code? I intend to consistently use an extended GridView class on the site, which will enrich the user experience in many ways. Not sure if your code would support that?
Peter,

unfortunately, the flixon code isn't totally mine to share, as i only was involved in the final stages of the development. however, i could ask the main developer if he'd mind sharing out 'limited' sneak peeks of discrete parts of the code.

as for the extended gridview class - that would be a doddle to incorporate as it'd just be a matter of editing the appropriate template to include any references and/or code blocks appropriate to that control. in fact, i'd be very interested to see what kind of extended behaviour you're working on as it would seem a little 'cross sharing' would go a long way here.

catch you later

jimi

http://www.originaltalent.com
 


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
CAPTCHA Code MunishBhatia ASP.NET 2.0 Basics 2 December 24th, 2007 03:49 AM
Failed to get link in e-mail on signup Ajoy BOOK: ASP.NET 2.0 Instant Results ISBN: 978-0-471-74951-6 15 August 26th, 2007 02:22 PM
logo link in the header & strange chars - mail luisjeronimo BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0 2 June 26th, 2007 11:07 AM
how to send activation link with e mail spbharti PHP How-To 2 December 28th, 2005 09:17 AM
e-mail a link p2ptolu Classic ASP Databases 1 June 17th, 2005 06:58 PM



All times are GMT -4. The time now is 08:05 PM.


Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.