|
I want to create a web application, in which it searches the API available in various sites like playme.com,freemusicarchive.org and plays mp3 at my end.
By using web services of these websites I am just getting the URLs which doesn't point to any specific mp3. So how will I write the code for player which I have prepared in my website.
I have searched several websites like beemp3.com they have the functionality, same I want to achieve for my website. Please help!!
|
|
|
|
|
Hi,
I have an asp.net web application in which we have to do some credit card # and expiration date and cvv # validations. Is it safe to use javascript or jaquery or is it better to use server side validations.
Because if I retreive the Credit Card #, expiration date and cvv # in client side script, is it safe or vulnerable from hackers?
If its not safe can anybody please advise me how can I restrict the user from not entering characters, two digits for month and two digits for year etc client script validations.
Please give me your advise how can I resolve this? Any link or code snippet or even advise also greatly helpfull, I am googling in this mean time.
Thanks in advance.
Thanks & Regards,
Abdul Aleem Mohammad
St Louis MO - USA
|
|
|
|
|
You can choose to run this on client side, but you will always want to do it again on client side as well, just in case the user disables JavaScript or messes with the HTML of the page.
There is a regular expression that you can use to validate that the credit card number is in a "valid format" and as far as the month and year, your best bet would probably use drop down boxes to restrict their input choices.
|
|
|
|
|
You can do the initial credit card validation client side with javascript if you want, but you also need to do the validation server side.
Credit Card Validation:
1. Credit Card Number - The credit card number can be validated using the Luhn algorithm[^].
2. Credit Card Number - You can also validate based on length and prefix if you only accept certain cards[^].
3. CVV - For most cards it is 3 digits, except American Express which is 4 digits
4. Expiration Date - Date must be greater than or equal to current month and year. Year can be either 2 or 4 digits depending on the Processor API. Month can be either 1 or 2 digits depending on the Processor API.
If you are sending the Credit Card information back to the server to process it with the CC Processor, then you need to make sure you are using SSL. Never send Credit Card information over the internet without using a secure connection.
Never store credit card information, there are a lot of rules that you need to follow to be PCI Compliant. You agree to be PCI Complaint just by signing up with a Credit Card Processor. The potential fees associated with violations are not worth it, and time required to be fully PCI Complaint. The safest thing to do is only store the TransactionId (or whatever you API calls it), usually that is all you need if later you need to do anything else like void, credit, etc with the Credit Card API. If you want to be able to store the card information so that the user does not have to re-enter the information again, then some Credit Card Processor offer a Customer Manager where they card information is stored on the credit card processors server which would be PCI Complaint. You would then store some sort of Id(s) returned by the Processor and pass those back to the Processor in the future when you want to make another transaction.
|
|
|
|
|
An SSL Certificate, also called a Digital Certificate, creates a secure link between a website and a visitor's browser. By ensuring that all data passed between the two remains private and secure, SSL encryption prevents hackers from stealing private information such as credit card numbers, names and addresses.
If you sell products or services on your website and accept credit cards online, you need an SSL Certificate for website security. If you don't sell online but want to add credibility to your website, a Site Confirm Seal may be sufficient.
ClickSSL.com offer EV SSL, Code Signing Certificate, UCC Certificate, Wildcard SSL & more certificates.
modified 12-Mar-13 4:36am.
|
|
|
|
|
Well let's think about this. Hackers can only monitor activity during the transmission of data, so Javascript is safe. It's the users responsibility to keep their computer clean. Security is only as safe as your ssl certificate, and the level of encryption your using.
In the long run, validating credit card information is not worth it. Just make sure they enter their name, card number and whatever else you need to process a AUTH_ONLY or AUTH_CAPTURE. Validating card information will be the least of your problems during checkout.
For you hard card card processors out there
Years of experience at this has lead me to think that too much validation confuses people when entering card data, and you will get a phone call for help, or the validation may result in a false flag. Worse case, your error message will be misunderstood.
|
|
|
|
|
Excellent answer, if you dont mind which country you are from? - Is it Democratic, socialistic, secularistic, independent state of India - this is what the description of india from indian constitution.
Thanks & Regards,
Abdul Aleem Mohammad
St Louis MO - USA
|
|
|
|
|
I'm going to private message that answer to you.
I wasted too much time on card validation in the past, and should of focused on the User Interface in whole. Card Validation is no good if you can't get them to fill in the data in the first place. If you blast too many messages, then they get frustrated, and give up, resulting in lost sales.
You have to make the customer feel like a rock star, so when they check out, they think they are computer king. Of course, we simply made it super easy for them, but they don't need to know that.
All the information has to be there, 100% accurate. If they see a mistake, they will leave real quick.
You have to gain the trust of the customer with your user interface, and it should be very clear and organized.
Now you can write some Jquery to help the process out, a little reminder here, a arrow there, but real gentle like.
So work on your user interface first, test it on people, then add validation one at a time. Of course get your main code working as well, then keep polishing the product until it's silky smooth and easy to use.
For validating, just paint the border of the textbox a light red, so it can be noticed, but is not shouting at them. Look at Twitter, or the Guardian Newspaper, where you can leave a comment. They are great examples of validation.
|
|
|
|
|
Superb, thank you very much.
Thanks & Regards,
Abdul Aleem Mohammad
St Louis MO - USA
|
|
|
|
|
I'm having an issue with post backs that I can't seem to figure out.
I have a user control and a web form. The user control contains a <asp:table> and it is populated with data.
So on the web form code behind it calls the user control method "PopulateUsers" which adds TableRows to the <asp:table>. Also on the web form it has a save button.
Now when the save button is clicked, it posts back and then my asp:Table is blank (because I have it not populating on a post back).
How can I maintain the current data during a postback that is in a user control? I have tried enabling view state on the controls, and all the pages with no luck.
|
|
|
|
|
If you are creating a table dynamically then you will need to handle the viewstate yourself.
Here is a link that will show you a number of articles on the subject: http://lmgtfy.com/?q=dynamic+controls+viewstate+asp.net[^]
"If you think it's expensive to hire a professional to do the job, wait until you hire an amateur." Red Adair.
nils illegitimus carborundum
me, me, me
|
|
|
|
|
I'm have a new application with a LoginView control, where the AnonymousTemplate holds a Login control. When the Web application is ran the login screen displays, once the Login button is clicked following error is displayed: "'WebForm_PostBackOptions' is undefined"
I'm using SQL Server 2008, .NET Framework 3.5 and IIS v5.1. Could anyone point me in the right direction please? This is a new Web application, not first created using .NET Framework 1.1.
Thanks
|
|
|
|
|
|
Hi Sandeep,
Thank you for your reply. I have read through each of the links you provided over the last few days and had no luck in resolving the issue. My problem is that I am running the application from my local machine and so the required data wasn't being passed through Fiddler, even when using the machineName or 127.0.0.1.
Today I gave it another shot using FireFox and was able to see the data in Fiddler. The URL reads:
/WebResource.axd?d=xxx
and when I select Inspector --> WebView the following is displayed:
Server Error in '/WebSite2' Application.
--------------------------------------------------------------------------------
The resource cannot be found.
Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly.
Requested URL: /WebSite2/WebResource.axd
--------------------------------------------------------------------------------
Version Information: Microsoft .NET Framework Version:2.0.50727.3625; ASP.NET Version:2.0.50727.3634
From this I assume there should be a WebResource.axd file created when the WebApplication was first implemented. Is this correct?
If so how come Visual Studio didn't create this file and how do I go about creating it so the application with function correctly?
Thank you
|
|
|
|
|
Just an update.
I created an empty WebResource.axd file in the WebSite2 folder but this had no effect and the same error messages were received in Fiddler.
Thank you for your time.
|
|
|
|
|
Hi,
I'm so happy to let you know that I resolved the problem by cleaning up my .NET framework installs. First I removed .NET framework 1.1 (not sure if this is recomended or not but I would have tried anything at that point), I then went through .NET framework 2.0, 3.5, 4.0 and ran the change/repair. My IIS still points to .NET framework 2.0 so the change/repair on this framework may have been the solution for me, however, I only tested once I repaired all three installs.
Thank you
|
|
|
|
|
Good to know that it's resolved now.
|
|
|
|
|
hi guys answer my questions
|
|
|
|
|
Nice attitude!! You must have a lot of close friends...
Got some info in a few seconds using google.
Look here
|
|
|
|
|
42. You're welcome.
There are only 10 types of people in the world, those who understand binary and those who don't.
|
|
|
|
|
|
Search on the internet. You will find some articles on forums.
|
|
|
|
|
hi , i dont know the idea of creating forum in web site can any one help me
Alagushankar
|
|
|
|
|
There are so many free forums out there. Start by seeing if one will work for you. If not, pick up a book and start reading.
There are only 10 types of people in the world, those who understand binary and those who don't.
|
|
|
|
|