We are a small niched automotive parts suppler and we have over the years collected many valuable documents, PDFs, software files, part manuals service manuals etc... We decided this year to develop an online "portal" where customers could pay a setup fee then a reoccurring membership fee to access the system. Because of copyright issues and to prevent people from copying our information we are deploying two measures of protection. One is a OTP (one time password) hardware token. This is a device that generate a new password to authenticate on our server every 30 seconds. The system is already in place and working. The second measure is a USB hardware dongle that will require the user to have a valid license to download, view and print a PDF document. We are working from [url removed, login to view] with some customization to their software to create a dynamic watermark as well as document [url removed, login to view] have the deliverables now. You can read more about it on their website [url removed, login to view] basically you have a PDF that you convert to their encrypted PPD so that it must be viewed using their browser which has to have a license and the hardware dongle to work. They are programming a custom active X DLL to allow us to dynamically protect a document. Their system includes a License generator as well. We need the website finished as the basic framework is done.
So what happens is once the user has paid the initial setup they are sent the Password token and the USB key. They can then log on to the server. There are two types of memberships.. "Full" and "Pay as you go" They are essentially the same in that they have full access to the system however one (FULL MEMBERSHIP) has a Monthly, every 6 month and yearly subscription and the other (PAY AS YOU GO) the user can buy one or more blocks of 24 hour "Days" or credits. So for example they can buy one day or a block of 5 or 10 days. (maybe more days but this is what we have now) PAY AS YOU GO So you know the procedure (Work flow) after they get the token they will have already paid for the 1st block of days plus we will give them 24 hours free to learn the system, but they log in and then they have to activate a "credit" this starts a 24 hour clock from the time they activate. They can then browse the site use the tools we are developing, etc (more on this later) FULL MEMBERSHIP This is similar to pay as you go, but they either pay for 6 months or one year and have the option on the one year to pay every month. We do not want to have a license longer than 30 days even though they have paid, we need to control it, so they can get a new license every 30 days. The reason being if they pay monthly and decide to stop paying we can prevent them from getting a new license. And if they paid already for a full year, and we find they are abusing the system or need to terminate the account they do not have access for longer than 30 days. We you YourPay credit card processing and already use it in our site, so most of the code can be "copy paste" for purchases. We have several AREAS in the portal - parts workshop wiring flat rates bulletins diagnostics These areas comprise mostly of existing PDF's however some are generated with an MS SQL server database and images. We have over 14,000 PDFs all categorized in the SQL database to pull the right ones. When the user selects a PDF we use a program called AbcPDF to convert the PDF to a JPG to display on the user's computer but it will add a watermark with the customers information. Name and company name. This is so if they print it, they won't distribute or try to resell. They can also download. The download part is where the Marx document protection comes in. For the existing PDFs they will have already been protected and converted to PPDs The user can download the PDF's (PPD's) and using the MARX software go to a license page that (based on their membership type) download a dynamically generated license. So if they are a "Pay as you go" and they have activated one of their credits the license will be valid for one day we will probably give them two days but you get the idea. If they are a monthly, 6 month or year membership the license Now you have an idea about the system... This is what I have left to do and could use your help. 1. Existing PDF's to Images with dynamic watermarks. I already have in place the method to locate the correct PDF, The user needs to have two options View and Download. 1. View. This takes the PDF converts to Image(s) with the customers information. so they can view and print from the webpage. After the Images are created on the fly we need a way to delete the files after they are done loading them in the browser. This could be a clean up routine that could be invoked on any page or some function or service that would delete all images that are older than lets say 48 hours. This is to prevent our hard drives from getting full. Some PDF's have over 100 pages and I think this will be too much CPU intensive work so it needs to detect the number of pages and if under 10 pages have the "View" option and if over only have the download option. 2. Download the PPD but not showing them the direct link. It would show a ASp page that would stream the download to them 2. Dyanamic PDF's Mostly for part manuals I have a system in place now on our main server that I plan to adopt for this portal, but it has a database of parts and page numbers that will display and image of a part diagram and data from the SQL server to display the item numbers, descriptions etc,,, I need the Page view with the Image (JPG) to have a water mark of the customer's data and then the ability to dynamically create a PDF with the same data in the same format. I then need to convert the PDF to a PPD (Marx protection) save the file and allow the user to download with the same protection as the other static PDFs. It needs to have the same clean up routine so that we do not get a collection of old files filling up the hard drive. *We are using ABCpdf Professional for this. 3. Automatic License file generation. I need the utility to look at the SQL database to determine the eligibility of the membership and based on the type generate a license to view and print the PDF's in the Marx PDF viewer. 4. Admin Side I need to be able to edit the user data, account type, credits etc... 5. Logging (part of Admin) I need to log EVERY action the user does, including page views, what was downloaded, the date and time. I wrote a small function that can call and enter this data in the server. I have done it for several activities already. But I need to add it to the 1 - 3 above and anything else done in the future requests. I need an admin utility to be able to query and display these activities to determine if a user is abusing the system. IT will need to show a simple graph and have as many options as possible to monitor activity. So I could do the following at a minimum 1. All users logs number of activities.. Just a general over view of the accounts showing all the users on one page and a simple bar graph for the total number of activities. I can select the last 24 hours, the last X days (x I would enter a number) last 30 days and then I can also enter a date range from a calendar select tool. 2. Similar to above but link from this for each user to do a break down for each activity type.. Page views, downloads, log in , log out (ALL the different activities) also in bar graph view in order of the number of activities. So I can see what they are doing most of. 3. Further drill down to see the exact log files for the time period showing the date time etc... ** the activities will be grouped in the SQL and not hard coded so that we can add more later without having to edit code. 6. Checkout and payment processing and user account details. will be valid for 30 days and as long as they are current with their payment they can get a new license every 30 days. The license generation has many options, but we are only using an expiration date and allowing print but with a dynamic watermark (this is created when the license file is created as it is encrypted in the file). There are some PDFs that will be dynamically generated based on the user's selection data pulled from the SQL server generated that will have to be also dynamically protected (converted to PPD) so the user can download. 2) Deliverables must be in ready-to-run condition, All deliverables will be considered "work made for hire" under U.S. Copyright law. Buyer will receive exclusive and complete copyrights to all work purchased. (No GPL, GNU, 3rd party components, etc. unless all copyright ramifications are explained AND AGREED TO by the buyer on the site per the coder's Seller Legal Agreement).
CLASSIC ASP (VB SCRIPT) MS SQL 2003