Making some pages only viewable by selected users.


InfoCourier has the ability to compile a distributable with some pages freely viewable and some pages only viewable by those people you want to have access. (Note that you cannot protect the "Home Page", you will just get a blank page in your distributable if you try).

You can define, on a page by page basis, what the requirements are for access, and what should happen if an unauthorized user tries to access a restricted page. Three special comments, which you should embed somewhere in the first 32K of your page, are used to control access to the page:-

You give people access to your protected pages by supplying them with a DLL that you can create very simply yourself from within the InfoCourier compiler. The sequence is as follows:-

  1. Select the Utilities/Create Security DLL menu command.
  2. In the resultant dialog box specify the security level you wish the DLL to contain.
  3. In the subsequent standard "file save" dialog box, specify the name you want for the DLL (should match the SecurityDLL= comment above).

You can then distribute this DLL to people you wish to access the appropriate pages. This DLL will of course work for all future distributables you create with the same page security specifications, so you could for example permit a subscriber to access a monthly "electronic magazine" by download from an FTP site until say the December issue. In the January issue you would change the DLL name, and the user would no longer have access unless he resubscribed.

One obvious question is what would happen if someone else chooses to distribute a DLL with the same name as yours? InfoCourier uses the standard Windows DLL search sequence to try to locate the security DLL, basically :-

  1. The current directory.
  2. The Windows directory (the directory containing WIN.COM).
  3. The Windows system directory (the directory containing such system files as GDI.EXE).
  4. The directory containing the InfoCourier executable file.
  5. The directories listed in the PATH environment variable.
  6. The list of directories mapped in a network.

If your executable locates a DLL with the correct name, but it was produced by a copy of InfoCourier other than your licensed copy then no access will be given. Of course you would be well advised to choose a naming strategy that is unlikely to cause clashes with others. Also note that a DLL you create with the evaluation version of InfoCourier will not be compatible with distributables you create from a licensed copy. You can experiment with DLLs created by the evaluation version with distributables also created by the evaluation version.

If you want to experiment to see what happens, try this jump to a secured page. While in design mode in InfoCourier you will be able to access it, but when you compile this into a distributable you will not. You can then create a DLL that matches it and see what happens.

Note that we do not claim that this security mechanism is uncrackable, very little is. However it would take some determined effort to defeat it. Also bear in mind that every distributable created is different, and so is every security DLL, so a generalized crack is unlikely.

Also please note that we aren't going to tell you how the security algorithms work, however much you need to know. And if you need an implementation of a public key cryptography mechanism or similar then we are happy to talk about the possibilities, but you will have to fund the development costs.