By William LaMartin, Editor, Tampa PC Users Group
lamartin@tampabay.rr.com

Needing something to fill space in the newsletter I thought back on the previous month and came up with the following items. The first two are the results of helping members with computer problems; the others have to do with a combination of web work and programming.

Lost CD ROM Drive A member called with the news that he had done a Windows Update from the Microsoft site, and when he rebooted he had no CD drive. A strange way to lose your CD drive. At first I didn’t attach too much importance to the update and had him check in Windows Explorer-no CD drive there. Then a check of Windows’ Device Manager in Control Panel said that the CD Drive was there-and everything was OK. Obviously not too accurate.

However, a further check of devices indicated that the Primary and Secondary IDE controllers were not functioning properly. Well, that could certainly cause a problem with the CD drive. At that point, the member said that he had printed out detailed instructions for the update and one of the items updated was the Intel drivers for the IDE controllers. Furthermore, it said that if something went wrong with the update you could uninstall it via the Update Wizard Uninstall. To get to it you go to Start | Programs | Accessories | System Tools | System Information and then click on the menu item Tools | Update Wizard Uninstall.

Uninstalling the Intel update and the rebooting brought the CD drive back. If there hasn’t been an update to uninstall and you have problems with the IDE controllers, I think the way out is to remove them in Windows Device Manager and reboot, letting Windows reinstall the default drivers.

Wrong end of the cable Another member called to talk about hard drive problems. He now had two drives, but could only see one of them. He had the one with the operating system set to Master and the other set to Slave but could only see the Master.

I then questioned him about what sort of drive cable he was using, and he said it was one of the new style ones that supports Cable Select. He had tried to set the drives to use Cable Select, but the result was the same. Although not knowing much about Cable Select, I suggested that perhaps both ends of the cable were not equal with such a cable-one was possibly meant for the motherboard and the other for the drives.

Well, in fact, he had positioned it in the way that seemed easiest to connect the two drives without thinking that one particular end may be meant for the mother board. After switching the direction of the cable-and having a hard time connecting the drives (since it was easier to do it the other way)-on boot up both drives were recognized. Another new piece of information to store away.

Accepting credit cards Last year I got involved with building a web site for someone who wanted to accept credit cards. If you recall, we had a presenter last year who specialized in optimizing your site to get more attention from the search engines but had formerly been in the web site creating business. And one of her gems of wisdom was that she wouldn’t go anywhere near creating such a site. It was too difficult and it was best to purchase a shopping cart program with all of this built in.

Well, I can’t resist a programming challenge-and you do need certain programming skills if you want to do this. First, you need to know that to accept credit cards you need both an Internet Merchant Bank Account (different from a regular Merchant Account) and an Internet Payment Gateway Account. My client already had a Merchant Account, which would allow them to set up an Internet Merchant Account (for a fee) and an Internet Payment Gateway Account (for another fee).

The Internet Payment Gateway is the web site that I would have to write code to interface with. Each such gateway has its own specifications and methods which you can download from their web site. I looked at AuthorizeNet and SurePay. AuthorizeNet was the easiest, allowing you to pass them certain variables via ASP code. SurePay allowed you to use JAVA, CGI, or ASP to pass their collection of required variables as an XML string. I chose ASP and got my introduction to XML.

To make a long story short, I figured out both the AuthorizeNet method and the SurePay method and was able to test each using their respective site’s test modes in submitting test orders. And the lady was correct that it is not for the faint of heart. But it is something that can be done with a knowledge of ASP. Unfortunately, my client decided to continue with an 800 number for orders instead when they realized that before anything was sold, it would cost at least $600 in base fees without even selling anything. Then, of course, there is the additional transaction fee for each transaction paid to both the Internet Merchant Bank and the Internet Payment Gateway-not to mention the extra programming fee.

That work, however, was not in vain. Not only did I learn how to do something that I didn’t know before, I now have a potential application of that knowledge. Someone wants to sell software for download over the Internet and, of course, take credit cards for payment.

Downloading Files But this introduces another wrinkle that you probably haven’t considered. How do you allow only those who have paid to download a file? The typical method to download a file on the Internet is to provide a link like http://www.tpcug.org/filetodownload.exe. But we can’t use this method since the first person who paid and thus was directed to the link could then provide that link to additional individuals. You can introduce session variables, cookies, hidden input fields, and databases, but, omitting the details, believe me, every scheme that I came up with involving just these items could be cracked by a knowledgeable person.

I finally settled on using a custom DLL as the center of my method. Luckily I had just been working with writing DLL’s both in Visual Basic and Delphi. In fact, I found on the Internet a DLL created in VB that would do just what I wanted-stream a file (from an undisclosed location on a server) to a browser for download to one’s computer. So I didn’t even have to write one myself. But this DLL had one drawback (as do all DLLs written in VB). It needed to be registered on the server-something that most web hosting companies will not do for you because there is too much chance of such a DLL bringing down the server.

What I needed is what they call an ISAPI DLL. VB can't create these, but Delphi can (in addition to the other type of DLL). With a little work (I am not real proficient in Delphi), I created an ISAPI DLL that would stream the file from the undisclosed location. With the ISAPPI DLL, I can just drop it into any folder with execute permissions, like the cgi-bin folder, at the web site. And to download the file, now all I have to do is put something like response.redirect(“http://www.tpcug.org/cgi-bin/MyDLL?File=filename&customerid=S25301”).

But, you say, what have you gained? All I need to do is give the above link to anyone who would like to download the file-the actual location of the file has been hidden, but the link will still download the file. If that were all there is to it, you would be correct. But there is more. Once you pay, either in a cookie, database or text file, it can be recorded whether or not you are allowed to download a file, and, as soon as you download the file, that permission can be withdrawn-and the DLL checks all of this. So even with the above link to the DLL, only the person authorized to do the download will be allowed to do it once.

And we are out of space once again. u